Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916B18B/628DE502DF2311E797225D2EC4F9AE02/C5B70210E46D11EF82B5C81EC4F9AE02.roa
File: C5B70210E46D11EF82B5C81EC4F9AE02.roa (raw, json)
Hash identifier: 4qSxdyYS2IkHKYInpH3D1Sn5i+sr82hSiF8AMx0Ez4E=
Subject key identifier: 9E:7E:31:D7:EB:29:C5:C5:69:E2:FE:5C:2F:72:D2:70:46:8E:1F:2D
Certificate issuer: /CN=A916B18B/serialNumber=FDE36B6E949398E52D95E89D40BDF60B25DB69B9
Certificate serial: 17DD
Authority key identifier: FD:E3:6B:6E:94:93:98:E5:2D:95:E8:9D:40:BD:F6:0B:25:DB:69:B9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_eNrbpSTmOUtleidQL32CyXbabk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916B18B/628DE502DF2311E797225D2EC4F9AE02/C5B70210E46D11EF82B5C81EC4F9AE02.roa
Signing time: Thu 06 Feb 2025 09:35:59 +0000
ROA not before: Thu 06 Feb 2025 09:35:59 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 152335
IP address blocks: 27.49.148.0/22 maxlen: 22
27.49.152.0/22 maxlen: 22
27.49.156.0/22 maxlen: 22
27.49.196.0/22 maxlen: 22
27.49.200.0/22 maxlen: 22
27.49.204.0/22 maxlen: 22
27.49.208.0/22 maxlen: 22
27.49.212.0/22 maxlen: 22
27.49.216.0/22 maxlen: 22
27.49.220.0/22 maxlen: 22
27.49.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916B18B/628DE502DF2311E797225D2EC4F9AE02/_eNrbpSTmOUtleidQL32CyXbabk.crl
rsync://rpki.apnic.net/member_repository/A916B18B/628DE502DF2311E797225D2EC4F9AE02/_eNrbpSTmOUtleidQL32CyXbabk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_eNrbpSTmOUtleidQL32CyXbabk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 16:33:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6109 (0x17dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916B18B, serialNumber=FDE36B6E949398E52D95E89D40BDF60B25DB69B9
Validity
Not Before: Feb 6 09:35:59 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67a4827f-f268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8e:e1:28:fe:8b:c2:c9:d5:5a:70:b0:77:33:
00:00:9f:65:28:88:85:85:42:e1:45:49:50:57:e2:
05:bc:1b:e8:53:eb:7d:89:7d:26:df:1f:d4:97:fb:
40:bd:b1:61:05:ed:92:e1:e2:da:4c:fd:bb:11:04:
15:cd:b8:63:8a:28:6f:1c:64:d5:32:4f:c8:d8:78:
c9:77:ed:3f:a2:cc:53:b1:18:08:54:64:f2:51:27:
1d:c6:64:21:d7:fe:4f:77:53:a4:d2:7b:54:a3:42:
88:5d:41:42:7a:8f:ab:5f:6f:38:e2:bc:a4:6b:be:
87:ae:cd:b1:7f:3d:47:c2:2b:64:3d:42:5b:df:95:
46:05:53:5e:4b:8d:64:40:95:4b:ff:3d:06:70:e5:
11:ce:4c:ec:10:94:7b:65:77:72:c3:4e:2b:a7:e6:
a1:14:7b:89:18:e1:3f:ee:80:3e:83:c9:f2:27:c5:
b7:11:a6:60:5c:8e:62:06:e4:8f:84:ee:76:4c:68:
93:62:1c:75:2a:2f:9b:d3:32:1a:9c:ad:00:4f:15:
49:62:58:0f:2d:42:70:58:d5:8e:4b:d7:2b:98:9b:
48:cd:cf:16:87:85:b7:c2:7f:6d:cb:ab:3f:7d:be:
81:5b:34:d6:70:3d:c6:4b:45:76:b0:2e:a4:a2:79:
60:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:7E:31:D7:EB:29:C5:C5:69:E2:FE:5C:2F:72:D2:70:46:8E:1F:2D
X509v3 Authority Key Identifier:
keyid:FD:E3:6B:6E:94:93:98:E5:2D:95:E8:9D:40:BD:F6:0B:25:DB:69:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916B18B/628DE502DF2311E797225D2EC4F9AE02/_eNrbpSTmOUtleidQL32CyXbabk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_eNrbpSTmOUtleidQL32CyXbabk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B18B/628DE502DF2311E797225D2EC4F9AE02/C5B70210E46D11EF82B5C81EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.49.148.0-27.49.159.255
27.49.196.0-27.49.223.255
27.49.252.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:17:4d:46:a0:38:46:c2:8a:5d:fa:84:c2:f3:6b:95:fb:12:
6b:8f:5a:f3:f9:66:b5:ea:ca:e0:95:9c:de:18:72:20:48:39:
0f:fc:a0:54:54:a4:96:22:a2:58:dc:66:10:4c:41:5d:bc:03:
64:40:40:f1:11:cb:14:99:c9:c8:9f:67:42:41:ad:bb:cc:8d:
21:39:6d:a4:3c:22:de:6d:0d:04:ee:67:01:e6:87:e6:54:59:
5f:65:85:ef:14:40:e3:a5:b1:51:63:c2:d8:1f:07:be:c7:c8:
76:e1:f7:cd:ae:80:75:da:92:88:97:65:b0:b8:d9:bb:08:11:
9b:f3:57:96:8f:4f:c4:a3:3a:51:de:68:ec:63:ee:71:5a:cd:
33:3d:ee:37:82:b1:57:28:e2:f7:e1:fc:9f:c9:b5:8d:9a:86:
fd:11:0c:5c:e3:b8:5c:a7:07:28:ed:44:dd:4a:b5:89:47:a7:
7a:a5:bc:37:72:c6:ea:af:f7:5f:e7:19:87:cb:01:11:2d:7c:
12:7c:69:22:cf:69:b0:ea:05:52:f0:f9:e6:15:69:71:e6:ff:
39:e8:62:be:37:0a:15:ba:0d:ef:1a:36:a2:d4:cf:7f:b2:b3:
c0:b8:ec:41:7d:dc:60:00:7e:45:7c:89:34:f7:df:57:d6:df:
ad:5f:6b:e3
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgICF90wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkIxOEIxMTAvBgNVBAUTKEZERTM2QjZFOTQ5Mzk4RTUyRDk1RTg5RDQwQkRGNjBC
MjVEQjY5QjkwHhcNMjUwMjA2MDkzNTU5WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E0ODI3Zi1mMjY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnI7hKP6LwsnVWnCwdzMAAJ9lKIiFhULhRUlQV+IFvBvoU+t9iX0m3x/Ul/tA
vbFhBe2S4eLaTP27EQQVzbhjiihvHGTVMk/I2HjJd+0/osxTsRgIVGTyUScdxmQh
1/5Pd1Ok0ntUo0KIXUFCeo+rX2844ryka76Hrs2xfz1HwitkPUJb35VGBVNeS41k
QJVL/z0GcOURzkzsEJR7ZXdyw04rp+ahFHuJGOE/7oA+g8nyJ8W3EaZgXI5iBuSP
hO52TGiTYhx1Ki+b0zIanK0ATxVJYlgPLUJwWNWOS9crmJtIzc8Wh4W3wn9ty6s/
fb6BWzTWcD3GS0V2sC6konlg/QIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFJ5+Mdfr
KcXFaeL+XC9y0nBGjh8tMB8GA1UdIwQYMBaAFP3ja26Uk5jlLZXonUC99gsl22m5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QjE4Qi82MjhERTUwMkRG
MjMxMUU3OTcyMjVEMkVDNEY5QUUwMi9fZU5yYnBTVG1PVXRsZWlkUUwzMkN5WGJh
YmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19lTnJicFNUbU9VdGxlaWRRTDMyQ3lYYmFiay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkIxOEIvNjI4REU1MDJERjIzMTFFNzk3MjI1RDJFQzRGOUFFMDIvQzVCNzAyMTBF
NDZEMTFFRjgyQjVDODFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E
LDAqMCgEAgABMCIwDAMEAhsxlAMEBRsxgDAMAwQCGzHEAwQFGzHAAwQCGzH8MA0G
CSqGSIb3DQEBCwUAA4IBAQAaF01GoDhGwopd+oTC82uV+xJrj1rz+Wa16srglZze
GHIgSDkP/KBUVKSWIqJY3GYQTEFdvANkQEDxEcsUmcnIn2dCQa27zI0hOW2kPCLe
bQ0E7mcB5ofmVFlfZYXvFEDjpbFRY8LYHwe+x8h24ffNroB12pKIl2WwuNm7CBGb
81eWj0/EozpR3mjsY+5xWs0zPe43grFXKOL34fyfybWNmob9EQxc47hcpwco7UTd
SrWJR6d6pbw3csbqr/df5xmHywERLXwSfGkiz2mw6gVS8PnmFWlx5v856GK+NwoV
ug3vGjai1M9/srPAuOxBfdxgAH5FfIk0999X1t+tX2vj
-----END CERTIFICATE-----
Generated at Sun Apr 13 17:08:28 2025 by rpki-client