Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/EEF771D4FED311EF8B263515C4F9AE02.roa
File: EEF771D4FED311EF8B263515C4F9AE02.roa (raw, json)
Hash identifier: rr3u+Bx1b760tre72Vw4KB1M7DRa2l8Cfnx2i0/N2Nw=
Subject key identifier: AC:34:28:08:6D:32:46:32:E4:41:5C:09:E9:FD:7A:0B:DE:CB:CF:13
Certificate issuer: /CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
Certificate serial: 3761
Authority key identifier: EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/EEF771D4FED311EF8B263515C4F9AE02.roa
Signing time: Tue 01 Apr 2025 00:18:47 +0000
ROA not before: Tue 01 Apr 2025 00:18:47 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 18305
IP address blocks: 203.244.39.0/24 maxlen: 24
203.244.45.0/24 maxlen: 24
203.244.50.0/24 maxlen: 24
203.244.60.0/24 maxlen: 24
203.244.67.0/24 maxlen: 24
203.244.70.0/24 maxlen: 24
203.244.80.0/24 maxlen: 24
203.244.95.0/24 maxlen: 24
203.245.134.0/24 maxlen: 24
203.245.136.0/24 maxlen: 24
203.245.147.0/24 maxlen: 24
203.245.152.0/24 maxlen: 24
203.245.155.0/24 maxlen: 24
203.245.156.0/24 maxlen: 24
203.245.157.0/24 maxlen: 24
203.245.158.0/24 maxlen: 24
203.245.160.0/24 maxlen: 24
203.245.161.0/24 maxlen: 24
203.245.162.0/24 maxlen: 24
203.245.163.0/24 maxlen: 24
203.245.200.0/24 maxlen: 24
203.245.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl
rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 14:21:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14177 (0x3761)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9149F3E
Validity
Not Before: Apr 1 00:18:47 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=67eb30e6-5003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a3:d1:53:8e:38:7e:5d:e2:2d:92:7f:4f:82:
b9:56:d9:a0:36:46:86:0f:26:95:ab:2b:a1:6e:07:
ea:27:48:09:a3:11:13:a0:4f:c3:24:5a:20:e6:6d:
8c:e8:71:83:1b:82:2d:c9:ae:97:05:76:aa:5e:31:
d3:74:ec:59:d1:92:8f:8a:26:20:a7:89:c5:d4:9d:
d3:94:01:1c:db:22:14:0c:15:40:cc:7b:63:5a:cc:
1d:36:7d:bc:5f:29:43:f0:ca:34:43:82:4b:3a:b2:
7f:6f:f1:33:82:58:54:c8:fc:b5:84:10:78:34:36:
c3:71:0a:45:2f:ce:f3:c5:7f:30:ea:f2:96:d0:d5:
f2:29:40:f8:11:0c:ed:c9:4d:f7:23:f0:39:6e:e6:
6c:f0:7d:98:fd:50:df:5d:cf:ec:56:3d:68:ca:09:
54:88:cd:a6:ec:82:c7:35:a1:40:5c:3a:8c:e9:d4:
92:cd:0d:48:21:eb:c8:09:0d:0c:0d:1c:5d:8e:f8:
5c:91:39:b5:34:8f:eb:20:68:9d:62:14:0c:ff:c2:
b9:30:bc:2d:55:25:18:6f:04:cc:3e:7f:50:5d:36:
5b:ab:a0:ed:b9:a1:8b:b1:b6:1d:b2:f9:71:00:50:
6e:fa:2d:56:75:6e:39:ee:52:7d:7d:29:51:b6:59:
6f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:34:28:08:6D:32:46:32:E4:41:5C:09:E9:FD:7A:0B:DE:CB:CF:13
X509v3 Authority Key Identifier:
keyid:EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/EEF771D4FED311EF8B263515C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.244.39.0/24
203.244.45.0/24
203.244.50.0/24
203.244.60.0/24
203.244.67.0/24
203.244.70.0/24
203.244.80.0/24
203.244.95.0/24
203.245.134.0/24
203.245.136.0/24
203.245.147.0/24
203.245.152.0/24
203.245.155.0-203.245.158.255
203.245.160.0/22
203.245.200.0/23
Signature Algorithm: sha256WithRSAEncryption
96:d4:ea:18:84:0d:8e:c4:12:6f:82:bc:35:4a:01:42:55:4e:
8c:43:42:90:93:28:e1:ed:a4:96:0c:fd:5e:67:7d:21:42:ec:
41:3e:29:4b:b6:54:d2:71:48:a2:ea:58:8b:37:b3:9e:18:71:
45:93:cd:ee:bb:a2:26:7a:f7:5c:6d:8b:ee:c8:ba:9f:14:6f:
6d:39:da:74:dc:e8:8b:38:19:22:5a:7a:96:bf:ac:3f:db:ff:
69:c1:ca:ae:e4:93:09:d6:c4:59:86:fe:a8:4a:a1:e8:ef:3c:
e5:b3:b3:3e:b8:8e:60:3e:01:57:31:da:c2:e7:73:19:45:3c:
16:41:1b:a9:2d:4c:45:5b:cf:02:21:ac:dd:6c:e0:23:24:71:
e5:1d:3a:c0:29:14:0b:98:7a:9c:51:98:7f:30:c3:4a:19:91:
ae:f8:59:2d:ab:89:e3:b0:51:90:37:e0:c6:0a:84:fc:35:59:
a5:a3:d2:04:54:f3:e0:39:85:83:05:37:3d:2d:1b:db:32:d2:
3d:2b:7e:0e:e4:f0:e8:4e:a0:7c:49:70:24:31:b4:4a:db:f9:
16:a1:95:40:63:a5:66:f4:15:8f:20:78:4c:57:c0:3e:61:6b:
be:9d:bb:4d:cc:42:3f:66:e1:c2:52:f3:3e:39:04:67:b5:cf:
34:2b:16:b7
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgICN2EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDlGM0UxMTAvBgNVBAUTKEVCMzg5RkIzMzlCMzkwOEQ1NDlBNjUzOTBDOTJFMTVG
OURGN0M1NEIwHhcNMjUwNDAxMDAxODQ3WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2ViMzBlNi01MDAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwKPRU444fl3iLZJ/T4K5VtmgNkaGDyaVqyuhbgfqJ0gJoxEToE/DJFog5m2M
6HGDG4Itya6XBXaqXjHTdOxZ0ZKPiiYgp4nF1J3TlAEc2yIUDBVAzHtjWswdNn28
XylD8Mo0Q4JLOrJ/b/EzglhUyPy1hBB4NDbDcQpFL87zxX8w6vKW0NXyKUD4EQzt
yU33I/A5buZs8H2Y/VDfXc/sVj1oyglUiM2m7ILHNaFAXDqM6dSSzQ1IIevICQ0M
DRxdjvhckTm1NI/rIGidYhQM/8K5MLwtVSUYbwTMPn9QXTZbq6DtuaGLsbYdsvlx
AFBu+i1WdW457lJ9fSlRtllvVQIDAQABo4IC8TCCAu0wHQYDVR0OBBYEFKw0KAht
MkYy5EFcCen9egvey88TMB8GA1UdIwQYMBaAFOs4n7M5s5CNVJplOQyS4V+d98VL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUYzRS9BQzUyQjc0ODFE
ODIxMUUyQkM2NDE3RDcwOEIwMkNEMi82emlmc3ptemtJMVVtbVU1REpMaFg1MzN4
VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZ6aWZzem16a0kxVW1tVTVESkxoWDUzM3hVcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDlGM0UvQUM1MkI3NDgxRDgyMTFFMkJDNjQxN0Q3MDhCMDJDRDIvRUVGNzcxRDRG
RUQzMTFFRjhCMjYzNTE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwewYIKwYBBQUHAQcBAf8E
bDBqMGgEAgABMGIDBADL9CcDBADL9C0DBADL9DIDBADL9DwDBADL9EMDBADL9EYD
BADL9FADBADL9F8DBADL9YYDBADL9YgDBADL9ZMDBADL9ZgwDAMEAMv1mwMEAMv1
ngMEAsv1oAMEAcv1yDANBgkqhkiG9w0BAQsFAAOCAQEAltTqGIQNjsQSb4K8NUoB
QlVOjENCkJMo4e2klgz9Xmd9IULsQT4pS7ZU0nFIoupYizeznhhxRZPN7ruiJnr3
XG2L7si6nxRvbTnadNzoizgZIlp6lr+sP9v/acHKruSTCdbEWYb+qEqh6O885bOz
PriOYD4BVzHawudzGUU8FkEbqS1MRVvPAiGs3WzgIyRx5R06wCkUC5h6nFGYfzDD
ShmRrvhZLauJ47BRkDfgxgqE/DVZpaPSBFTz4DmFgwU3PS0b2zLSPSt+DuTw6E6g
fElwJDG0Stv5FqGVQGOlZvQVjyB4TFfAPmFrvp27TcxCP2bhwlLzPjkEZ7XPNCsW
tw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:54:05 2025 by rpki-client