Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9146B24/B473C4BE933011EE82308059C4F9AE02/0D16F5F4933211EEA5AC155DC4F9AE02.roa
File: 0D16F5F4933211EEA5AC155DC4F9AE02.roa (raw, json)
Hash identifier: 1LEVeAmiTE8mfugUrgZ7PXJTh3jzct433M4/pCSC1j8=
Subject key identifier: EF:BF:0F:A6:35:7B:38:40:A4:24:F6:7A:26:88:4E:3B:06:97:9F:5E
Certificate issuer: /CN=A9146B24/serialNumber=3918D80BCB702ECACF84CB7ACA880F878A14FE48
Certificate serial: 0121
Authority key identifier: 39:18:D8:0B:CB:70:2E:CA:CF:84:CB:7A:CA:88:0F:87:8A:14:FE:48
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ORjYC8twLsrPhMt6yogPh4oU_kg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9146B24/B473C4BE933011EE82308059C4F9AE02/0D16F5F4933211EEA5AC155DC4F9AE02.roa
Signing time: Sat 25 Jan 2025 07:52:17 +0000
ROA not before: Sat 25 Jan 2025 07:52:17 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 55832
IP address blocks: 27.123.216.0/22 maxlen: 22
27.123.216.0/24 maxlen: 24
27.123.217.0/24 maxlen: 24
27.123.218.0/24 maxlen: 24
27.123.219.0/24 maxlen: 24
45.64.12.0/24 maxlen: 24
45.64.13.0/24 maxlen: 24
45.64.14.0/24 maxlen: 24
45.64.15.0/24 maxlen: 24
103.4.208.0/22 maxlen: 22
103.4.208.0/24 maxlen: 24
103.4.209.0/24 maxlen: 24
103.4.210.0/24 maxlen: 24
103.4.211.0/24 maxlen: 24
120.88.176.0/20 maxlen: 20
120.88.176.0/24 maxlen: 24
120.88.177.0/24 maxlen: 24
120.88.178.0/24 maxlen: 24
120.88.179.0/24 maxlen: 24
120.88.180.0/24 maxlen: 24
120.88.181.0/24 maxlen: 24
120.88.182.0/23 maxlen: 24
120.88.184.0/24 maxlen: 24
120.88.185.0/24 maxlen: 24
120.88.186.0/24 maxlen: 24
120.88.187.0/24 maxlen: 24
120.88.188.0/24 maxlen: 24
120.88.189.0/24 maxlen: 24
120.88.190.0/24 maxlen: 24
120.88.191.0/24 maxlen: 24
2407:2a00::/32 maxlen: 32
2407:2a00::/44 maxlen: 44
2407:2a00::/48 maxlen: 48
2407:2a00:1::/48 maxlen: 48
2407:2a00:2::/48 maxlen: 48
2407:2a00:3::/48 maxlen: 48
2407:2a00:4::/48 maxlen: 48
2407:2a00:5::/48 maxlen: 48
2407:2a00:6::/48 maxlen: 48
2407:2a00:7::/48 maxlen: 48
2407:2a00:8::/48 maxlen: 48
2407:2a00:10::/44 maxlen: 44
2407:2a00:20::/44 maxlen: 44
2407:2a00:30::/44 maxlen: 44
2407:2a00:40::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9146B24/B473C4BE933011EE82308059C4F9AE02/ORjYC8twLsrPhMt6yogPh4oU_kg.crl
rsync://rpki.apnic.net/member_repository/A9146B24/B473C4BE933011EE82308059C4F9AE02/ORjYC8twLsrPhMt6yogPh4oU_kg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ORjYC8twLsrPhMt6yogPh4oU_kg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 12 Apr 2025 04:30:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 289 (0x121)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9146B24
Validity
Not Before: Jan 25 07:52:17 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67949830-43e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ad:e8:4f:29:8b:f2:74:83:77:86:e2:d0:a6:
3c:fa:57:9e:81:ed:1c:36:27:fa:50:b0:41:b2:a8:
f2:16:e8:19:53:24:59:4e:a6:2c:5f:a3:1d:15:71:
49:19:43:1f:21:91:73:86:2c:d7:9a:5f:ba:bd:aa:
06:b5:65:b5:c5:8d:bf:27:2c:25:8c:7f:2d:83:cf:
6d:7e:c2:69:1e:25:f6:da:10:c6:6b:e8:a3:38:d0:
4d:ca:81:44:af:b1:e2:77:76:ab:ae:13:0f:dd:76:
97:2d:d1:19:9f:e9:28:47:25:63:dd:06:22:31:a8:
4c:c5:0e:fe:83:3d:79:1b:2c:b3:e8:28:6a:75:65:
0d:92:e9:ec:62:9a:b8:6d:e1:46:84:5e:3e:78:89:
5b:4c:fe:83:16:a0:e3:64:50:27:95:18:c1:65:cc:
c8:da:46:13:5b:27:a3:63:6a:95:02:01:37:6a:7b:
91:97:0d:0e:6c:20:16:f2:60:05:24:fa:ab:8c:4f:
6a:59:95:a6:dd:70:9d:0c:f6:ab:84:03:6c:91:9f:
5a:34:30:d6:72:1e:1b:af:5b:ef:6a:74:ee:62:d8:
46:a1:1a:c7:b0:8c:16:c7:e4:f4:c8:9f:54:89:83:
48:7e:cd:62:62:99:2e:27:a9:2a:2f:c8:62:69:d8:
ac:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:BF:0F:A6:35:7B:38:40:A4:24:F6:7A:26:88:4E:3B:06:97:9F:5E
X509v3 Authority Key Identifier:
keyid:39:18:D8:0B:CB:70:2E:CA:CF:84:CB:7A:CA:88:0F:87:8A:14:FE:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9146B24/B473C4BE933011EE82308059C4F9AE02/ORjYC8twLsrPhMt6yogPh4oU_kg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ORjYC8twLsrPhMt6yogPh4oU_kg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146B24/B473C4BE933011EE82308059C4F9AE02/0D16F5F4933211EEA5AC155DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.123.216.0/22
45.64.12.0/22
103.4.208.0/22
120.88.176.0/20
IPv6:
2407:2a00::/32
Signature Algorithm: sha256WithRSAEncryption
87:2c:68:d2:35:20:88:e8:88:f7:2d:9f:12:df:38:e5:fa:4a:
6c:72:38:f3:cd:b9:37:11:d6:fa:5c:c1:43:1b:7b:48:d7:ab:
84:87:1d:9c:82:a6:29:90:e9:10:e4:38:60:89:47:81:11:0f:
f4:8f:68:bb:41:c0:ab:c0:2e:31:81:2f:6d:3f:2d:c7:f9:2c:
ed:8c:3b:ea:64:d8:9f:a3:e6:f4:56:cb:89:d6:bb:a4:84:bf:
f7:35:83:fd:33:56:4c:24:63:ca:00:64:00:72:a7:74:a4:cf:
71:62:70:5d:a9:25:5f:20:e6:78:28:43:99:14:8c:1d:80:d4:
ee:0f:ac:da:74:72:6a:f2:98:7f:58:b6:1f:41:0a:81:14:e4:
98:cd:a3:c3:c1:42:cb:7f:59:b3:d6:85:c5:f4:8c:be:12:a3:
0b:b7:c6:c3:7d:01:7b:f8:73:f9:fc:fa:60:38:9a:3c:78:35:
6a:8e:ae:5d:9b:8e:30:a6:8e:59:95:02:58:94:b2:06:0d:8e:
88:b3:56:87:c9:3f:1a:a0:ff:3a:c1:28:3f:3a:3c:e3:1f:bb:
a1:95:85:f8:f2:f4:d3:11:f4:b8:52:21:5e:4f:5f:12:c6:fe:
d0:d8:c0:15:2c:73:86:fb:96:c0:9e:14:ac:fa:c8:fa:ff:9f:
90:90:46:43
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICASEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDZCMjQxMTAvBgNVBAUTKDM5MThEODBCQ0I3MDJFQ0FDRjg0Q0I3QUNBODgwRjg3
OEExNEZFNDgwHhcNMjUwMTI1MDc1MjE3WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk0OTgzMC00M2U0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsK3oTymL8nSDd4bi0KY8+leege0cNif6ULBBsqjyFugZUyRZTqYsX6MdFXFJ
GUMfIZFzhizXml+6vaoGtWW1xY2/JywljH8tg89tfsJpHiX22hDGa+ijONBNyoFE
r7Hid3arrhMP3XaXLdEZn+koRyVj3QYiMahMxQ7+gz15Gyyz6ChqdWUNkunsYpq4
beFGhF4+eIlbTP6DFqDjZFAnlRjBZczI2kYTWyejY2qVAgE3anuRlw0ObCAW8mAF
JPqrjE9qWZWm3XCdDParhANskZ9aNDDWch4br1vvanTuYthGoRrHsIwWx+T0yJ9U
iYNIfs1iYpkuJ6kqL8hiadisHQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFO+/D6Y1
ezhApCT2eiaITjsGl59eMB8GA1UdIwQYMBaAFDkY2AvLcC7Kz4TLesqID4eKFP5I
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NkIyNC9CNDczQzRCRTkz
MzAxMUVFODIzMDgwNTlDNEY5QUUwMi9PUmpZQzh0d0xzclBoTXQ2eW9nUGg0b1Vf
a2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09SallDOHR3THNyUGhNdDZ5b2dQaDRvVV9rZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDZCMjQvQjQ3M0M0QkU5MzMwMTFFRTgyMzA4MDU5QzRGOUFFMDIvMEQxNkY1RjQ5
MzMyMTFFRUE1QUMxNTVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAIbe9gDBAItQAwDBAJnBNADBAR4WLAwDQQCAAIwBwMFACQH
KgAwDQYJKoZIhvcNAQELBQADggEBAIcsaNI1IIjoiPctnxLfOOX6SmxyOPPNuTcR
1vpcwUMbe0jXq4SHHZyCpimQ6RDkOGCJR4ERD/SPaLtBwKvALjGBL20/Lcf5LO2M
O+pk2J+j5vRWy4nWu6SEv/c1g/0zVkwkY8oAZAByp3Skz3FicF2pJV8g5ngoQ5kU
jB2A1O4PrNp0cmrymH9Yth9BCoEU5JjNo8PBQst/WbPWhcX0jL4Sowu3xsN9AXv4
c/n8+mA4mjx4NWqOrl2bjjCmjlmVAliUsgYNjoizVofJPxqg/zrBKD86POMfu6GV
hfjy9NMR9LhSIV5PXxLG/tDYwBUsc4b7lsCeFKz6yPr/n5CQRkM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:14:08 2025 by rpki-client