Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9136DD6/DF38955E3B3711E9A038AB2AC4F9AE02/7B306A34218D11EC87C96D6DC4F9AE02.roa
File: 7B306A34218D11EC87C96D6DC4F9AE02.roa (raw, json)
Hash identifier: yOodJ3nH5QwD9eT88M4j+d+u4VfxJX6b3Bq0+MSkMHg=
Subject key identifier: BC:29:F1:20:03:BC:30:ED:C0:FD:CE:B9:59:8A:0F:F4:D6:D0:EB:42
Certificate issuer: /CN=A9136DD6/serialNumber=CA83D43E5A5E59C7759B1B9B2FBD98A947DFD3BC
Certificate serial: 1036
Authority key identifier: CA:83:D4:3E:5A:5E:59:C7:75:9B:1B:9B:2F:BD:98:A9:47:DF:D3:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yoPUPlpeWcd1mxubL72YqUff07w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9136DD6/DF38955E3B3711E9A038AB2AC4F9AE02/7B306A34218D11EC87C96D6DC4F9AE02.roa
Signing time: Mon 02 Dec 2024 17:35:48 +0000
ROA not before: Mon 02 Dec 2024 17:35:48 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 4773
IP address blocks: 118.189.34.0/24 maxlen: 24
118.189.44.0/22 maxlen: 22
118.189.78.0/24 maxlen: 24
118.189.82.0/24 maxlen: 24
118.189.176.0/20 maxlen: 20
118.189.176.0/22 maxlen: 22
118.189.176.0/24 maxlen: 24
118.189.177.0/24 maxlen: 24
118.189.178.0/24 maxlen: 24
118.189.179.0/24 maxlen: 24
118.189.180.0/23 maxlen: 24
118.189.182.0/23 maxlen: 24
118.189.184.0/21 maxlen: 21
118.189.184.0/24 maxlen: 24
118.189.185.0/24 maxlen: 24
118.189.186.0/24 maxlen: 24
118.189.187.0/24 maxlen: 24
118.189.188.0/24 maxlen: 24
118.189.189.0/24 maxlen: 24
118.189.190.0/24 maxlen: 24
118.189.191.0/24 maxlen: 24
118.189.192.0/20 maxlen: 22
118.189.192.0/24 maxlen: 24
118.189.193.0/24 maxlen: 24
118.189.194.0/24 maxlen: 24
118.189.195.0/24 maxlen: 24
118.189.196.0/24 maxlen: 24
118.189.197.0/24 maxlen: 24
118.189.198.0/24 maxlen: 24
118.189.199.0/24 maxlen: 24
118.189.200.0/24 maxlen: 24
118.189.201.0/24 maxlen: 24
118.189.202.0/24 maxlen: 24
118.189.203.0/24 maxlen: 24
118.189.204.0/24 maxlen: 24
118.189.205.0/24 maxlen: 24
118.189.206.0/24 maxlen: 24
118.189.207.0/24 maxlen: 24
118.189.208.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9136DD6/DF38955E3B3711E9A038AB2AC4F9AE02/yoPUPlpeWcd1mxubL72YqUff07w.crl
rsync://rpki.apnic.net/member_repository/A9136DD6/DF38955E3B3711E9A038AB2AC4F9AE02/yoPUPlpeWcd1mxubL72YqUff07w.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yoPUPlpeWcd1mxubL72YqUff07w.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 17:20:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4150 (0x1036)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9136DD6, serialNumber=CA83D43E5A5E59C7759B1B9B2FBD98A947DFD3BC
Validity
Not Before: Dec 2 17:35:48 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=674deff3-2bf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:91:24:4d:20:bd:1a:56:f1:09:cf:bf:7d:9d:
40:31:cf:d1:5b:4e:8c:a1:66:8b:dc:41:be:48:71:
e2:a2:fa:46:d7:71:3b:57:c3:ca:2f:87:6e:43:34:
b4:77:3a:93:ab:09:08:9b:8d:a1:83:b1:b3:6a:3d:
4c:1f:8e:94:6c:99:10:d8:56:5c:79:a1:76:6d:9a:
cc:a1:fc:82:f2:23:f6:8a:38:22:83:cd:e5:a9:15:
9c:5c:0c:7b:3d:bb:52:5b:81:ee:1c:9f:0a:42:14:
22:18:04:4b:5a:cb:66:8c:79:51:a0:2f:3e:02:82:
2e:33:85:4f:a7:d5:7f:fb:e6:79:27:40:77:b9:65:
02:30:47:9e:af:ea:f6:e5:ea:09:72:88:f4:7c:4a:
2d:ef:f8:93:32:cf:a4:01:f6:a7:14:0f:9e:b6:c2:
16:6d:40:84:e0:2f:5b:31:2c:84:c3:69:ae:5d:d0:
8d:6c:bd:5e:14:22:23:a1:6f:63:25:b5:a9:91:aa:
db:54:5b:d0:d8:16:d6:ff:29:39:60:c4:1e:99:ff:
20:e5:c4:f9:3b:63:38:57:b1:7d:26:83:e5:a2:a9:
cb:d7:5d:e8:79:f3:c4:08:ae:b5:5c:a5:ab:54:a5:
11:05:a4:eb:d8:00:75:67:47:ff:1e:f2:e6:62:8f:
d3:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:29:F1:20:03:BC:30:ED:C0:FD:CE:B9:59:8A:0F:F4:D6:D0:EB:42
X509v3 Authority Key Identifier:
keyid:CA:83:D4:3E:5A:5E:59:C7:75:9B:1B:9B:2F:BD:98:A9:47:DF:D3:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9136DD6/DF38955E3B3711E9A038AB2AC4F9AE02/yoPUPlpeWcd1mxubL72YqUff07w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yoPUPlpeWcd1mxubL72YqUff07w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136DD6/DF38955E3B3711E9A038AB2AC4F9AE02/7B306A34218D11EC87C96D6DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
118.189.34.0/24
118.189.44.0/22
118.189.78.0/24
118.189.82.0/24
118.189.176.0-118.189.215.255
Signature Algorithm: sha256WithRSAEncryption
16:db:d8:14:f3:26:7d:1b:08:bf:80:73:4d:3c:ae:e6:21:3b:
9f:d2:cf:b7:08:55:80:53:a3:2e:1d:79:9a:f4:66:36:a0:0b:
bf:40:ca:c4:7d:13:2a:dc:5c:d2:2f:bd:79:77:84:7c:23:1c:
7f:65:d2:85:50:f1:76:4f:78:80:47:af:70:f0:f0:4c:35:ad:
e3:da:23:2d:1e:69:b6:fb:0d:84:dd:59:43:54:ba:87:df:3f:
2e:31:97:b4:05:d2:14:b2:79:c6:13:0e:11:91:60:0f:8d:2e:
3b:ef:45:65:16:b2:38:aa:e6:9c:f8:56:74:f0:c5:a8:77:93:
33:30:99:c6:19:63:9b:a2:39:10:94:ce:63:95:5e:bf:72:23:
9f:7d:7a:12:74:09:e5:95:ad:0c:4e:13:62:8a:23:90:8d:fc:
7b:88:f7:0e:78:4e:fd:87:aa:8c:b8:9f:56:5d:d0:81:45:96:
e7:2a:ff:6d:27:a6:52:7e:28:00:27:a9:ca:d6:32:d6:b6:19:
f1:86:31:0e:28:05:a7:96:47:b5:1c:fc:8f:16:14:87:af:b0:
5d:43:f6:12:8a:42:f5:af:45:15:a9:04:42:0b:f2:d2:ba:10:
63:84:3c:39:84:4c:45:7d:9b:39:2b:db:c0:1c:1c:49:4d:5f:
08:5d:f2:7a
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICEDYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzZERDYxMTAvBgNVBAUTKENBODNENDNFNUE1RTU5Qzc3NTlCMUI5QjJGQkQ5OEE5
NDdERkQzQkMwHhcNMjQxMjAyMTczNTQ4WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRkZWZmMy0yYmY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxpEkTSC9GlbxCc+/fZ1AMc/RW06MoWaL3EG+SHHiovpG13E7V8PKL4duQzS0
dzqTqwkIm42hg7Gzaj1MH46UbJkQ2FZceaF2bZrMofyC8iP2ijgig83lqRWcXAx7
PbtSW4HuHJ8KQhQiGARLWstmjHlRoC8+AoIuM4VPp9V/++Z5J0B3uWUCMEeer+r2
5eoJcoj0fEot7/iTMs+kAfanFA+etsIWbUCE4C9bMSyEw2muXdCNbL1eFCIjoW9j
JbWpkarbVFvQ2BbW/yk5YMQemf8g5cT5O2M4V7F9JoPloqnL113oefPECK61XKWr
VKURBaTr2AB1Z0f/HvLmYo/TUwIDAQABo4ICtTCCArEwHQYDVR0OBBYEFLwp8SAD
vDDtwP3OuVmKD/TW0OtCMB8GA1UdIwQYMBaAFMqD1D5aXlnHdZsbmy+9mKlH39O8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNkRENi9ERjM4OTU1RTNC
MzcxMUU5QTAzOEFCMkFDNEY5QUUwMi95b1BVUGxwZVdjZDFteHViTDcyWXFVZmYw
N3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lvUFVQbHBlV2NkMW14dWJMNzJZcVVmZjA3dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzZERDYvREYzODk1NUUzQjM3MTFFOUEwMzhBQjJBQzRGOUFFMDIvN0IzMDZBMzQy
MThEMTFFQzg3Qzk2RDZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMCwEAgABMCYDBAB2vSIDBAJ2vSwDBAB2vU4DBAB2vVIwDAMEBHa9sAMEA3a9
0DANBgkqhkiG9w0BAQsFAAOCAQEAFtvYFPMmfRsIv4BzTTyu5iE7n9LPtwhVgFOj
Lh15mvRmNqALv0DKxH0TKtxc0i+9eXeEfCMcf2XShVDxdk94gEevcPDwTDWt49oj
LR5ptvsNhN1ZQ1S6h98/LjGXtAXSFLJ5xhMOEZFgD40uO+9FZRayOKrmnPhWdPDF
qHeTMzCZxhljm6I5EJTOY5Vev3Ijn316EnQJ5ZWtDE4TYoojkI38e4j3DnhO/Yeq
jLifVl3QgUWW5yr/bSemUn4oACepytYy1rYZ8YYxDigFp5ZHtRz8jxYUh6+wXUP2
EopC9a9FFakEQgvy0roQY4Q8OYRMRX2bOSvbwBwcSU1fCF3yeg==
-----END CERTIFICATE-----
Generated at Sun Apr 13 04:26:19 2025 by rpki-client