Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/8470E428A2E711EFA6A5B91AC4F9AE02.roa
File: 8470E428A2E711EFA6A5B91AC4F9AE02.roa (raw, json)
Hash identifier: bilCUgSIj9s8wLUUu7RqA7j0fFrI4Jp6Y1RNZuTJV4U=
Subject key identifier: 8C:C3:06:68:95:03:07:72:26:35:BA:4E:85:BB:B9:DD:2F:26:0F:B3
Certificate issuer: /CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
Certificate serial: 36B9
Authority key identifier: EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/8470E428A2E711EFA6A5B91AC4F9AE02.roa
Signing time: Tue 10 Dec 2024 00:29:12 +0000
ROA not before: Tue 10 Dec 2024 00:29:12 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 216425
IP address blocks: 61.251.186.0/24 maxlen: 24
61.251.188.0/24 maxlen: 24
101.53.67.0/24 maxlen: 24
101.53.73.0/24 maxlen: 24
101.53.75.0/24 maxlen: 24
101.53.76.0/24 maxlen: 24
101.53.77.0/24 maxlen: 24
101.53.79.0/24 maxlen: 24
101.53.80.0/24 maxlen: 24
101.53.81.0/24 maxlen: 24
101.53.82.0/24 maxlen: 24
101.53.83.0/24 maxlen: 24
101.53.84.0/24 maxlen: 24
101.53.85.0/24 maxlen: 24
101.53.86.0/24 maxlen: 24
101.53.87.0/24 maxlen: 24
101.53.88.0/24 maxlen: 24
101.53.89.0/24 maxlen: 24
101.53.90.0/24 maxlen: 24
101.53.93.0/24 maxlen: 24
101.53.94.0/24 maxlen: 24
101.53.95.0/24 maxlen: 24
103.9.130.0/24 maxlen: 24
175.176.133.0/24 maxlen: 24
175.176.136.0/24 maxlen: 24
175.176.138.0/24 maxlen: 24
175.176.139.0/24 maxlen: 24
175.176.141.0/24 maxlen: 24
175.176.143.0/24 maxlen: 24
182.237.41.0/24 maxlen: 24
182.237.42.0/24 maxlen: 24
182.237.50.0/24 maxlen: 24
182.237.51.0/24 maxlen: 24
182.237.53.0/24 maxlen: 24
182.237.54.0/24 maxlen: 24
182.237.56.0/24 maxlen: 24
182.237.57.0/24 maxlen: 24
182.237.58.0/24 maxlen: 24
182.237.59.0/24 maxlen: 24
182.237.62.0/24 maxlen: 24
182.237.63.0/24 maxlen: 24
203.173.106.0/24 maxlen: 24
203.173.110.0/24 maxlen: 24
203.173.111.0/24 maxlen: 24
203.173.122.0/24 maxlen: 24
210.4.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl
rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 14:21:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14009 (0x36b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9149F3E
Validity
Not Before: Dec 10 00:29:12 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=67578b58-5fcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d1:8d:20:26:d3:16:73:f9:8f:6a:ff:38:a2:
4e:a6:00:6c:36:c9:98:f3:6f:04:c8:a8:ae:87:94:
72:b0:42:2d:a8:2b:41:3c:46:34:de:22:5c:a6:a8:
20:48:65:54:1a:20:59:da:cb:47:1b:5d:51:77:18:
ce:0b:84:98:4c:09:7e:00:2f:d8:37:1d:38:85:28:
cc:07:f0:dc:bc:9e:8a:ed:12:16:29:e4:68:98:d3:
4b:5e:29:73:df:04:6c:b2:e2:ee:77:21:e2:4a:49:
0a:35:8b:2a:81:d8:df:e8:3a:84:3c:54:c1:52:9d:
50:69:fc:4e:f3:b2:59:fa:b2:37:8f:c2:b2:0d:2c:
af:ad:e1:9a:e7:50:97:1d:dd:c3:b8:d0:4a:d3:85:
4d:2d:0c:ee:39:c3:92:a3:07:f5:3a:d1:f3:3e:fa:
ff:14:3c:49:07:0a:64:7b:2d:32:e9:29:50:95:3c:
5f:5a:2c:4e:88:f4:6a:bb:ec:e6:e7:b2:d9:43:aa:
eb:d8:b8:b6:81:48:4a:5b:7a:71:56:02:d3:20:53:
ef:06:08:93:5a:43:3f:e5:3e:6f:5b:f6:d7:57:9e:
b4:f9:ec:bc:e4:a8:69:56:68:f0:b7:a3:02:96:4f:
33:ea:c3:ed:b4:0f:4a:b6:a2:82:05:30:8f:e9:b5:
ca:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:C3:06:68:95:03:07:72:26:35:BA:4E:85:BB:B9:DD:2F:26:0F:B3
X509v3 Authority Key Identifier:
keyid:EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/8470E428A2E711EFA6A5B91AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.251.186.0/24
61.251.188.0/24
101.53.67.0/24
101.53.73.0/24
101.53.75.0-101.53.77.255
101.53.79.0-101.53.90.255
101.53.93.0-101.53.95.255
103.9.130.0/24
175.176.133.0/24
175.176.136.0/24
175.176.138.0/23
175.176.141.0/24
175.176.143.0/24
182.237.41.0-182.237.42.255
182.237.50.0/23
182.237.53.0-182.237.54.255
182.237.56.0/22
182.237.62.0/23
203.173.106.0/24
203.173.110.0/23
203.173.122.0/24
210.4.92.0/24
Signature Algorithm: sha256WithRSAEncryption
37:c3:f7:89:01:f0:77:94:fd:8d:6e:e9:ed:a6:51:f4:22:21:
42:b2:2d:da:be:65:03:1e:d3:e2:69:ac:ee:b6:ab:5d:5f:57:
61:5a:35:30:98:76:6e:74:1c:4d:8a:4e:0a:85:8f:99:3d:75:
9e:fc:51:b4:62:91:69:fa:cb:8c:6f:e5:bc:a4:93:af:83:3a:
4a:81:9e:07:f5:f5:59:ca:a6:6b:7f:94:b2:82:2d:6d:8c:db:
88:97:a8:86:d0:3d:c5:8b:f5:56:df:46:ce:8f:e0:e1:cc:82:
cc:9a:f4:c2:56:96:41:56:9f:86:fb:6c:13:22:73:84:9c:93:
15:6d:6a:80:99:14:62:bc:1c:7d:8f:c5:cf:d4:f8:67:28:d7:
2a:da:10:99:e9:28:5d:5d:f8:ff:85:49:a2:42:72:2f:0f:c8:
27:eb:79:4d:5c:4d:64:25:18:17:65:79:fd:bf:40:bf:41:cc:
60:05:db:62:aa:9e:39:aa:fd:db:08:e2:a0:c3:c9:6e:61:6f:
a6:0a:cf:be:09:48:02:2e:8f:20:49:ce:98:68:af:51:27:23:
f7:f2:57:4a:6e:80:34:a1:60:88:bf:54:8e:74:63:b3:8a:78:
74:b8:69:49:7e:ee:8c:ef:67:6e:23:bc:0e:f4:2f:c6:0f:43:
ee:17:de:2f
-----BEGIN CERTIFICATE-----
MIIGHDCCBQSgAwIBAgICNrkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDlGM0UxMTAvBgNVBAUTKEVCMzg5RkIzMzlCMzkwOEQ1NDlBNjUzOTBDOTJFMTVG
OURGN0M1NEIwHhcNMjQxMjEwMDAyOTEyWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU3OGI1OC01ZmNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAudGNICbTFnP5j2r/OKJOpgBsNsmY828EyKiuh5RysEItqCtBPEY03iJcpqgg
SGVUGiBZ2stHG11RdxjOC4SYTAl+AC/YNx04hSjMB/DcvJ6K7RIWKeRomNNLXilz
3wRssuLudyHiSkkKNYsqgdjf6DqEPFTBUp1QafxO87JZ+rI3j8KyDSyvreGa51CX
Hd3DuNBK04VNLQzuOcOSowf1OtHzPvr/FDxJBwpkey0y6SlQlTxfWixOiPRqu+zm
57LZQ6rr2Li2gUhKW3pxVgLTIFPvBgiTWkM/5T5vW/bXV560+ey85KhpVmjwt6MC
lk8z6sPttA9KtqKCBTCP6bXKWwIDAQABo4IDQDCCAzwwHQYDVR0OBBYEFIzDBmiV
AwdyJjW6ToW7ud0vJg+zMB8GA1UdIwQYMBaAFOs4n7M5s5CNVJplOQyS4V+d98VL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUYzRS9BQzUyQjc0ODFE
ODIxMUUyQkM2NDE3RDcwOEIwMkNEMi82emlmc3ptemtJMVVtbVU1REpMaFg1MzN4
VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZ6aWZzem16a0kxVW1tVTVESkxoWDUzM3hVcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDlGM0UvQUM1MkI3NDgxRDgyMTFFMkJDNjQxN0Q3MDhCMDJDRDIvODQ3MEU0MjhB
MkU3MTFFRkE2QTVCOTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgckGCCsGAQUFBwEHAQH/
BIG5MIG2MIGzBAIAATCBrAMEAD37ugMEAD37vAMEAGU1QwMEAGU1STAMAwQAZTVL
AwQBZTVMMAwDBABlNU8DBABlNVowDAMEAGU1XQMEBWU1QAMEAGcJggMEAK+whQME
AK+wiAMEAa+wigMEAK+wjQMEAK+wjzAMAwQAtu0pAwQAtu0qAwQBtu0yMAwDBAC2
7TUDBAC27TYDBAK27TgDBAG27T4DBADLrWoDBAHLrW4DBADLrXoDBADSBFwwDQYJ
KoZIhvcNAQELBQADggEBADfD94kB8HeU/Y1u6e2mUfQiIUKyLdq+ZQMe0+JprO62
q11fV2FaNTCYdm50HE2KTgqFj5k9dZ78UbRikWn6y4xv5bykk6+DOkqBngf19VnK
pmt/lLKCLW2M24iXqIbQPcWL9VbfRs6P4OHMgsya9MJWlkFWn4b7bBMic4SckxVt
aoCZFGK8HH2Pxc/U+Gco1yraEJnpKF1d+P+FSaJCci8PyCfreU1cTWQlGBdlef2/
QL9BzGAF22Kqnjmq/dsI4qDDyW5hb6YKz74JSAIujyBJzphor1EnI/fyV0pugDSh
YIi/VI50Y7OKeHS4aUl+7ozvZ24jvA70L8YPQ+4X3i8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:10:04 2025 by rpki-client