Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9155AE4/E5D6D0AC065311ED827BEF54C4F9AE02/76494F6E146111ED83A8FB50C4F9AE02.roa
File: 76494F6E146111ED83A8FB50C4F9AE02.roa (raw, json)
Hash identifier: qyVadK6PowhxT5dTxZ86nSTovFJ2RAqG5nfVtu7+2Bg=
Subject key identifier: F7:62:B0:D8:BF:54:33:59:F7:22:BE:CD:A7:68:88:BD:31:FF:3B:66
Certificate issuer: /CN=A9155AE4/serialNumber=3CF91608226819C3E9DA84D1195B5326F9249FBD
Certificate serial: 028D
Authority key identifier: 3C:F9:16:08:22:68:19:C3:E9:DA:84:D1:19:5B:53:26:F9:24:9F:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PPkWCCJoGcPp2oTRGVtTJvkkn70.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9155AE4/E5D6D0AC065311ED827BEF54C4F9AE02/76494F6E146111ED83A8FB50C4F9AE02.roa
Signing time: Sat 01 Mar 2025 03:55:09 +0000
ROA not before: Sat 01 Mar 2025 03:55:08 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 133414
IP address blocks: 202.10.255.0/24 maxlen: 24
202.80.64.0/19 maxlen: 19
202.80.64.0/24 maxlen: 24
202.80.65.0/24 maxlen: 24
202.80.66.0/24 maxlen: 24
202.80.68.0/24 maxlen: 24
202.80.73.0/24 maxlen: 24
202.80.74.0/24 maxlen: 24
2405:7f00:3200::/48 maxlen: 48
2405:7f00:3201::/48 maxlen: 48
2405:7f00:3204::/48 maxlen: 48
2405:7f00:3250::/48 maxlen: 48
2405:7f00:3260::/48 maxlen: 48
2405:7f00:8000::/43 maxlen: 43
2405:7f00:8100::/43 maxlen: 43
2405:7f00:8120::/43 maxlen: 43
2405:7f00:8140::/43 maxlen: 43
2405:7f00:8160::/43 maxlen: 43
2405:7f00:8180::/43 maxlen: 43
2405:7f00:8200::/43 maxlen: 43
2405:7f00:8220::/43 maxlen: 43
2405:7f00:8240::/43 maxlen: 43
2405:7f00:8260::/43 maxlen: 43
2405:7f00:8280::/43 maxlen: 43
2405:7f00:8300::/43 maxlen: 43
2405:7f00:8320::/43 maxlen: 43
2405:7f00:8340::/43 maxlen: 43
2405:7f00:8500::/43 maxlen: 43
2405:7f00:8800::/40 maxlen: 40
2405:7f00:8a00::/40 maxlen: 40
2405:7f00:c100::/43 maxlen: 43
2405:7f00:c120::/43 maxlen: 43
2405:7f00:c140::/43 maxlen: 43
2405:7f00:c160::/43 maxlen: 43
2405:7f00:c180::/43 maxlen: 43
2405:7f00:c200::/43 maxlen: 43
2405:7f00:c800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9155AE4/E5D6D0AC065311ED827BEF54C4F9AE02/PPkWCCJoGcPp2oTRGVtTJvkkn70.crl
rsync://rpki.apnic.net/member_repository/A9155AE4/E5D6D0AC065311ED827BEF54C4F9AE02/PPkWCCJoGcPp2oTRGVtTJvkkn70.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PPkWCCJoGcPp2oTRGVtTJvkkn70.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 10 Apr 2025 01:41:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 653 (0x28d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9155AE4
Validity
Not Before: Mar 1 03:55:08 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67c2851c-d063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e9:20:3d:43:5b:dc:b5:86:93:fa:9a:5f:ad:
a2:6f:14:c4:00:22:5d:08:86:1a:82:3c:76:16:81:
dd:2b:91:72:c7:ee:b0:b7:6a:a6:64:7a:77:6e:b6:
70:86:83:b2:78:8c:dc:7e:3a:1f:38:89:da:ea:c5:
57:36:8d:6b:8d:c7:c7:f1:01:a2:77:bc:00:36:80:
5f:c4:7d:a8:1c:68:6e:98:20:dd:59:b0:44:88:f9:
6e:e7:8d:6c:8c:68:31:ca:9c:7b:bf:06:ec:00:39:
40:47:08:61:72:04:26:ce:cb:49:5f:71:8a:b1:a4:
83:a5:4e:64:6b:1d:cd:e0:e8:bd:90:7e:4c:b5:1e:
06:e8:ea:05:15:a3:35:c0:30:0d:6b:a7:19:91:5a:
82:8c:5d:d5:36:60:01:8d:ba:0d:90:af:e7:32:0f:
71:a2:1c:d4:68:7d:bf:a9:a4:45:26:b7:e3:fb:e7:
71:6a:bb:4e:8a:42:67:40:9f:bc:54:e6:8f:92:ae:
31:65:18:cc:46:e4:fb:f0:f0:32:6f:71:3f:ef:4e:
5f:a3:78:ec:c0:8a:83:cf:58:3f:99:5a:85:3d:0a:
01:5d:43:b3:59:9b:89:77:4f:e8:9d:12:87:98:0e:
50:e7:2d:ec:f3:f8:17:ee:3b:c3:5e:f8:c8:a9:22:
6d:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:62:B0:D8:BF:54:33:59:F7:22:BE:CD:A7:68:88:BD:31:FF:3B:66
X509v3 Authority Key Identifier:
keyid:3C:F9:16:08:22:68:19:C3:E9:DA:84:D1:19:5B:53:26:F9:24:9F:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9155AE4/E5D6D0AC065311ED827BEF54C4F9AE02/PPkWCCJoGcPp2oTRGVtTJvkkn70.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PPkWCCJoGcPp2oTRGVtTJvkkn70.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9155AE4/E5D6D0AC065311ED827BEF54C4F9AE02/76494F6E146111ED83A8FB50C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.10.255.0/24
202.80.64.0/19
IPv6:
2405:7f00:3200::/47
2405:7f00:3204::/48
2405:7f00:3250::/48
2405:7f00:3260::/48
2405:7f00:8000::/43
2405:7f00:8100::-2405:7f00:819f:ffff:ffff:ffff:ffff:ffff
2405:7f00:8200::-2405:7f00:829f:ffff:ffff:ffff:ffff:ffff
2405:7f00:8300::-2405:7f00:835f:ffff:ffff:ffff:ffff:ffff
2405:7f00:8500::/43
2405:7f00:8800::/40
2405:7f00:8a00::/40
2405:7f00:c100::-2405:7f00:c19f:ffff:ffff:ffff:ffff:ffff
2405:7f00:c200::/43
2405:7f00:c800::/40
Signature Algorithm: sha256WithRSAEncryption
04:55:dd:4e:66:54:9c:0f:60:7b:40:af:2a:77:b6:ed:74:ca:
81:d0:e6:59:72:bf:2d:4b:c4:bd:ff:1f:30:f9:1d:a3:6b:c0:
a4:ec:e3:90:16:ca:2a:0d:a1:6b:ed:d5:c8:56:fd:49:ca:32:
35:b5:80:67:1b:23:6f:f3:d6:9b:05:58:10:2d:5b:27:f3:e3:
25:09:86:0f:e8:42:e6:aa:06:b4:9f:7c:37:f9:32:68:fc:ca:
0d:2e:9b:a3:a5:b0:23:98:f4:12:9b:5c:65:45:43:8f:75:41:
c5:07:72:3b:c1:9a:ac:de:43:c3:43:fd:5e:4b:99:f6:ca:5e:
95:22:34:58:85:6d:d2:dd:ea:7a:80:79:c6:b9:f2:f5:53:a2:
72:b0:9b:f3:14:49:50:c4:e1:66:a1:ff:de:64:5a:ce:e6:bf:
0d:ba:91:61:fd:a6:d3:61:d9:0d:75:13:3a:6b:72:a3:d6:81:
ac:f0:fa:da:8f:5e:83:c5:1a:d8:4b:54:1c:56:21:66:7f:d3:
68:cf:30:63:e5:1f:16:c6:3f:16:23:1c:d8:d9:00:db:8b:1d:
53:c2:40:5e:f0:f0:78:c2:e7:2b:e1:c8:4d:63:05:2e:db:36:
ea:79:30:88:b1:06:bc:7a:12:1b:79:ca:c2:ac:90:16:8a:ef:
44:75:6b:65
-----BEGIN CERTIFICATE-----
MIIGJzCCBQ+gAwIBAgICAo0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTVBRTQxMTAvBgNVBAUTKDNDRjkxNjA4MjI2ODE5QzNFOURBODREMTE5NUI1MzI2
RjkyNDlGQkQwHhcNMjUwMzAxMDM1NTA4WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2MyODUxYy1kMDYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsukgPUNb3LWGk/qaX62ibxTEACJdCIYagjx2FoHdK5Fyx+6wt2qmZHp3brZw
hoOyeIzcfjofOIna6sVXNo1rjcfH8QGid7wANoBfxH2oHGhumCDdWbBEiPlu541s
jGgxypx7vwbsADlARwhhcgQmzstJX3GKsaSDpU5kax3N4Oi9kH5MtR4G6OoFFaM1
wDANa6cZkVqCjF3VNmABjboNkK/nMg9xohzUaH2/qaRFJrfj++dxartOikJnQJ+8
VOaPkq4xZRjMRuT78PAyb3E/705fo3jswIqDz1g/mVqFPQoBXUOzWZuJd0/onRKH
mA5Q5y3s8/gX7jvDXvjIqSJtkwIDAQABo4IDSzCCA0cwHQYDVR0OBBYEFPdisNi/
VDNZ9yK+zadoiL0x/ztmMB8GA1UdIwQYMBaAFDz5FggiaBnD6dqE0RlbUyb5JJ+9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NUFFNC9FNUQ2RDBBQzA2
NTMxMUVEODI3QkVGNTRDNEY5QUUwMi9QUGtXQ0NKb0djUHAyb1RSR1Z0VEp2a2tu
NzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BQa1dDQ0pvR2NQcDJvVFJHVnRUSnZra243MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTVBRTQvRTVENkQwQUMwNjUzMTFFRDgyN0JFRjU0QzRGOUFFMDIvNzY0OTRGNkUx
NDYxMTFFRDgzQThGQjUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgdQGCCsGAQUFBwEHAQH/
BIHEMIHBMBIEAgABMAwDBADKCv8DBAXKUEAwgaoEAgACMIGjAwcBJAV/ADIAAwcA
JAV/ADIEAwcAJAV/ADJQAwcAJAV/ADJgAwcFJAV/AIAAMBEDBgAkBX8AgQMHBSQF
fwCBgDARAwYBJAV/AIIDBwUkBX8AgoAwEQMGACQFfwCDAwcFJAV/AINAAwcFJAV/
AIUAAwYAJAV/AIgDBgAkBX8AijARAwYAJAV/AMEDBwUkBX8AwYADBwUkBX8AwgAD
BgAkBX8AyDANBgkqhkiG9w0BAQsFAAOCAQEABFXdTmZUnA9ge0CvKne27XTKgdDm
WXK/LUvEvf8fMPkdo2vApOzjkBbKKg2ha+3VyFb9ScoyNbWAZxsjb/PWmwVYEC1b
J/PjJQmGD+hC5qoGtJ98N/kyaPzKDS6bo6WwI5j0EptcZUVDj3VBxQdyO8GarN5D
w0P9XkuZ9spelSI0WIVt0t3qeoB5xrny9VOicrCb8xRJUMThZqH/3mRazua/DbqR
Yf2m02HZDXUTOmtyo9aBrPD62o9eg8Ua2EtUHFYhZn/TaM8wY+UfFsY/FiMc2NkA
24sdU8JAXvDweMLnK+HITWMFLts26nkwiLEGvHoSG3nKwqyQForvRHVrZQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:52:42 2025 by rpki-client