Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9145456/7719C710306611EB85251355C4F9AE02/5EB91EB40F9611F0A2F2830DC4F9AE02.roa
File: 5EB91EB40F9611F0A2F2830DC4F9AE02.roa (raw, json)
Hash identifier: 7eEqAyFyHM1uUpCUfu9CpAy3eOIan/Ziyx1v4QotXoU=
Subject key identifier: 1A:83:34:DA:16:CD:EE:83:AC:34:37:9A:59:C6:23:7A:06:B7:7B:8C
Certificate issuer: /CN=A9145456/serialNumber=3FB0A56E20F194C7749879D4D225B3F97E9EBECF
Certificate serial: 077A
Authority key identifier: 3F:B0:A5:6E:20:F1:94:C7:74:98:79:D4:D2:25:B3:F9:7E:9E:BE:CF
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/P7ClbiDxlMd0mHnU0iWz-X6evs8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9145456/7719C710306611EB85251355C4F9AE02/5EB91EB40F9611F0A2F2830DC4F9AE02.roa
Signing time: Wed 02 Apr 2025 07:44:56 +0000
ROA not before: Wed 02 Apr 2025 07:44:56 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 139831
IP address blocks: 131.226.64.0/18 maxlen: 18
131.226.64.0/22 maxlen: 24
131.226.68.0/22 maxlen: 24
131.226.74.0/23 maxlen: 24
131.226.76.0/23 maxlen: 24
131.226.80.0/22 maxlen: 24
131.226.84.0/22 maxlen: 24
131.226.88.0/22 maxlen: 24
131.226.92.0/22 maxlen: 24
131.226.96.0/22 maxlen: 23
131.226.100.0/22 maxlen: 23
131.226.100.0/24 maxlen: 24
131.226.104.0/22 maxlen: 23
131.226.108.0/22 maxlen: 23
131.226.112.0/22 maxlen: 23
131.226.116.0/23 maxlen: 23
131.226.118.0/23 maxlen: 23
131.226.120.0/23 maxlen: 23
131.226.122.0/23 maxlen: 23
131.226.124.0/23 maxlen: 24
131.226.126.0/24 maxlen: 24
131.226.127.0/24 maxlen: 24
139.135.64.0/18 maxlen: 18
139.135.64.0/22 maxlen: 22
139.135.68.0/22 maxlen: 22
139.135.72.0/22 maxlen: 22
139.135.76.0/22 maxlen: 22
139.135.80.0/22 maxlen: 22
139.135.88.0/22 maxlen: 22
139.135.104.0/22 maxlen: 23
139.135.108.0/22 maxlen: 23
139.135.124.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9145456/7719C710306611EB85251355C4F9AE02/P7ClbiDxlMd0mHnU0iWz-X6evs8.crl
rsync://rpki.apnic.net/member_repository/A9145456/7719C710306611EB85251355C4F9AE02/P7ClbiDxlMd0mHnU0iWz-X6evs8.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/P7ClbiDxlMd0mHnU0iWz-X6evs8.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 21 Apr 2025 21:36:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1914 (0x77a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9145456, serialNumber=3FB0A56E20F194C7749879D4D225B3F97E9EBECF
Validity
Not Before: Apr 2 07:44:56 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67eceaf7-e5a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e0:b2:1e:bf:53:0d:86:bc:fe:80:ca:d9:e7:
a7:4c:65:a9:51:5e:fd:97:7a:b1:3d:0a:01:64:76:
be:4d:fc:5d:6a:63:35:2b:1a:89:57:06:f5:5b:35:
7d:86:88:95:0c:71:e2:4c:d4:a2:dc:5f:ae:3c:52:
4a:fa:6b:3f:a4:60:69:48:a2:23:15:10:98:01:79:
d0:c8:15:42:f4:69:c9:b2:93:83:cc:80:f3:a0:63:
cd:20:ea:92:0e:7b:c4:5c:ee:72:03:da:4b:ba:3d:
04:ee:3b:ee:0b:21:48:1d:c7:2d:c7:2f:94:ea:6c:
45:2c:73:a8:32:db:df:07:36:07:7f:19:4f:61:cc:
49:cc:b6:6e:1d:c5:ed:a9:4c:17:fc:5c:e4:94:a3:
73:d5:73:73:6b:4c:c0:d7:fa:05:a2:53:d8:78:db:
33:c2:08:b0:62:3a:53:e0:f4:8d:06:00:98:24:9c:
d4:96:61:90:89:ba:cc:a2:b7:e4:21:32:d2:07:0d:
a8:dc:1a:a2:c3:94:03:fb:3d:b9:2a:6e:ac:1f:1b:
19:04:5f:65:46:92:6a:fa:16:0c:aa:be:74:f8:16:
11:f1:aa:8d:3e:4b:8c:45:91:5e:10:71:80:2d:e0:
de:9a:aa:40:cc:34:6e:c0:b2:1b:e3:d2:89:f3:11:
08:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:83:34:DA:16:CD:EE:83:AC:34:37:9A:59:C6:23:7A:06:B7:7B:8C
X509v3 Authority Key Identifier:
keyid:3F:B0:A5:6E:20:F1:94:C7:74:98:79:D4:D2:25:B3:F9:7E:9E:BE:CF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9145456/7719C710306611EB85251355C4F9AE02/P7ClbiDxlMd0mHnU0iWz-X6evs8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/P7ClbiDxlMd0mHnU0iWz-X6evs8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9145456/7719C710306611EB85251355C4F9AE02/5EB91EB40F9611F0A2F2830DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
131.226.64.0/18
139.135.64.0/18
Signature Algorithm: sha256WithRSAEncryption
90:22:0b:d1:2e:ba:f0:30:7c:f4:fb:22:7c:97:af:42:ed:c6:
5d:6c:6f:02:a7:bd:ac:6f:eb:fc:13:52:59:b9:8a:01:f0:b6:
0e:cb:99:6c:42:dc:11:f3:48:8b:64:ec:7b:c6:4f:e0:88:b4:
fa:b4:62:72:63:9a:ae:c9:d9:f2:ed:18:fc:c9:c5:a3:0c:73:
13:c6:2c:13:84:3a:1d:f3:49:a7:f5:a5:8d:b5:6a:4d:12:4a:
8d:77:87:fd:1a:94:2e:25:19:ff:26:4a:74:7a:16:18:28:3b:
0e:15:01:6b:31:44:fc:3f:3e:69:ba:45:f4:a3:c4:69:7b:ee:
f7:e6:fb:6e:a1:77:ed:fd:67:98:99:50:eb:7d:35:3d:a4:b3:
94:99:a7:71:86:82:4f:d8:7c:96:f2:e7:ea:8b:57:49:77:e9:
5a:64:12:e5:4f:ef:b3:ec:c8:4d:de:62:25:f7:aa:3c:40:ae:
c5:ef:3b:ef:7b:44:6b:ac:67:7b:b8:17:b6:b6:f3:1e:29:8b:
fd:4e:09:39:ec:c7:c4:79:c6:b7:a8:ed:77:de:3e:56:8e:3f:
c3:1e:1b:94:55:51:78:48:c7:6c:43:c5:13:e6:f2:28:f6:78:
1d:bd:d5:c4:49:49:b8:e1:66:72:f9:f8:25:f5:6d:2f:f0:06:
d6:fb:5a:91
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICB3owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDU0NTYxMTAvBgNVBAUTKDNGQjBBNTZFMjBGMTk0Qzc3NDk4NzlENEQyMjVCM0Y5
N0U5RUJFQ0YwHhcNMjUwNDAyMDc0NDU2WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2VjZWFmNy1lNWE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAveCyHr9TDYa8/oDK2eenTGWpUV79l3qxPQoBZHa+TfxdamM1KxqJVwb1WzV9
hoiVDHHiTNSi3F+uPFJK+ms/pGBpSKIjFRCYAXnQyBVC9GnJspODzIDzoGPNIOqS
DnvEXO5yA9pLuj0E7jvuCyFIHcctxy+U6mxFLHOoMtvfBzYHfxlPYcxJzLZuHcXt
qUwX/FzklKNz1XNza0zA1/oFolPYeNszwgiwYjpT4PSNBgCYJJzUlmGQibrMorfk
ITLSBw2o3Bqiw5QD+z25Km6sHxsZBF9lRpJq+hYMqr50+BYR8aqNPkuMRZFeEHGA
LeDemqpAzDRuwLIb49KJ8xEI7QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBqDNNoW
ze6DrDQ3mlnGI3oGt3uMMB8GA1UdIwQYMBaAFD+wpW4g8ZTHdJh51NIls/l+nr7P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTQ1Ni83NzE5QzcxMDMw
NjYxMUVCODUyNTEzNTVDNEY5QUUwMi9QN0NsYmlEeGxNZDBtSG5VMGlXei1YNmV2
czguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1A3Q2xiaUR4bE1kMG1IblUwaVd6LVg2ZXZzOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDU0NTYvNzcxOUM3MTAzMDY2MTFFQjg1MjUxMzU1QzRGOUFFMDIvNUVCOTFFQjQw
Rjk2MTFGMEEyRjI4MzBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAaD4kADBAaLh0AwDQYJKoZIhvcNAQELBQADggEBAJAiC9Eu
uvAwfPT7InyXr0Ltxl1sbwKnvaxv6/wTUlm5igHwtg7LmWxC3BHzSItk7HvGT+CI
tPq0YnJjmq7J2fLtGPzJxaMMcxPGLBOEOh3zSaf1pY21ak0SSo13h/0alC4lGf8m
SnR6FhgoOw4VAWsxRPw/Pmm6RfSjxGl77vfm+26hd+39Z5iZUOt9NT2ks5SZp3GG
gk/YfJby5+qLV0l36VpkEuVP77PsyE3eYiX3qjxArsXvO+97RGusZ3u4F7a28x4p
i/1OCTnsx8R5xreo7XfePlaOP8MeG5RVUXhIx2xDxRPm8ij2eB291cRJSbjhZnL5
+CX1bS/wBtb7WpE=
-----END CERTIFICATE-----
Generated at Wed Apr 16 00:07:01 2025 by rpki-client