Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/F4FCC41E648311EC88370386C4F9AE02.roa
File: F4FCC41E648311EC88370386C4F9AE02.roa (raw, json)
Hash identifier: b4ZFTEPGE9Eys204eUqpF+7p489cvPKvRjplNeXr+vk=
Subject key identifier: F3:08:8D:A1:75:B9:D9:64:2A:FD:34:14:29:91:5A:1C:67:F1:EB:1B
Certificate issuer: /CN=A9182502/serialNumber=8C3CCB4FFB89189C6EF5B34DFDAABE1806A5218A
Certificate serial: 0A5E
Authority key identifier: 8C:3C:CB:4F:FB:89:18:9C:6E:F5:B3:4D:FD:AA:BE:18:06:A5:21:8A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jDzLT_uJGJxu9bNN_aq-GAalIYo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/F4FCC41E648311EC88370386C4F9AE02.roa
Signing time: Wed 12 Feb 2025 03:21:34 +0000
ROA not before: Wed 12 Feb 2025 03:21:34 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 149175
IP address blocks: 39.109.67.0/24 maxlen: 24
39.109.68.0/24 maxlen: 24
39.109.69.0/24 maxlen: 24
39.109.70.0/24 maxlen: 24
39.109.71.0/24 maxlen: 24
39.109.72.0/24 maxlen: 24
39.109.73.0/24 maxlen: 24
39.109.74.0/24 maxlen: 24
39.109.75.0/24 maxlen: 24
39.109.76.0/24 maxlen: 24
39.109.78.0/24 maxlen: 24
39.109.79.0/24 maxlen: 24
39.109.80.0/24 maxlen: 24
39.109.82.0/24 maxlen: 24
39.109.84.0/24 maxlen: 24
39.109.85.0/24 maxlen: 24
39.109.88.0/24 maxlen: 24
39.109.89.0/24 maxlen: 24
103.82.216.0/24 maxlen: 24
103.82.217.0/24 maxlen: 24
103.82.218.0/24 maxlen: 24
103.82.219.0/24 maxlen: 24
103.98.14.0/24 maxlen: 24
103.98.15.0/24 maxlen: 24
103.119.132.0/24 maxlen: 24
103.119.133.0/24 maxlen: 24
2403:e840::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/jDzLT_uJGJxu9bNN_aq-GAalIYo.crl
rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/jDzLT_uJGJxu9bNN_aq-GAalIYo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jDzLT_uJGJxu9bNN_aq-GAalIYo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 20:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2654 (0xa5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9182502
Validity
Not Before: Feb 12 03:21:34 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67ac13be-0773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:71:02:90:97:02:e7:5f:f8:1b:70:be:f3:49:
92:8e:0e:e1:00:fd:a4:0c:ac:0a:3e:17:71:b3:70:
8a:5d:c9:ad:76:cc:61:84:45:c0:5d:e9:bf:35:2c:
25:07:46:96:b3:9b:6b:e5:0c:18:dc:c8:80:bb:47:
c8:fd:3d:d0:ff:04:c5:3c:15:d7:7b:33:e1:09:7e:
11:cf:02:0d:94:e1:e2:cf:41:8f:81:59:34:ed:a0:
a3:20:a4:ec:19:24:59:d5:f7:c4:30:90:3a:53:0e:
d0:75:54:f6:61:0b:94:c3:c5:5e:b6:a0:a1:0e:c0:
eb:4c:bb:36:65:63:71:c9:7d:b2:6b:e3:bf:f0:d7:
98:d9:16:79:3d:2e:86:01:2e:bb:df:69:0d:bb:7f:
d1:55:a8:ca:f9:f3:31:67:1e:1c:a5:05:bb:a5:4e:
7e:30:0a:2b:6f:8d:54:bb:fd:cb:18:46:24:03:b7:
62:38:47:e7:8f:07:8c:4d:de:bf:0f:9e:61:8e:e7:
d8:69:fa:d9:91:e5:52:f0:f5:37:36:5f:bd:b0:ea:
d5:e6:da:46:01:99:de:68:74:3e:05:76:52:d4:7f:
53:a4:0f:34:5a:fd:57:05:90:80:5c:10:c0:ad:9a:
34:a6:97:3d:00:a6:1c:16:76:ef:96:6f:19:e7:88:
63:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:08:8D:A1:75:B9:D9:64:2A:FD:34:14:29:91:5A:1C:67:F1:EB:1B
X509v3 Authority Key Identifier:
keyid:8C:3C:CB:4F:FB:89:18:9C:6E:F5:B3:4D:FD:AA:BE:18:06:A5:21:8A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/jDzLT_uJGJxu9bNN_aq-GAalIYo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jDzLT_uJGJxu9bNN_aq-GAalIYo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/F4FCC41E648311EC88370386C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
39.109.67.0-39.109.76.255
39.109.78.0-39.109.80.255
39.109.82.0/24
39.109.84.0/23
39.109.88.0/23
103.82.216.0/22
103.98.14.0/23
103.119.132.0/23
IPv6:
2403:e840::/33
Signature Algorithm: sha256WithRSAEncryption
27:37:2f:03:7c:2f:d8:fb:74:4f:44:b8:42:3b:62:e0:9e:24:
68:84:4b:e9:f0:99:71:3e:59:1b:dc:e9:dd:fb:d9:0d:0e:6f:
f1:12:3a:e2:91:ab:7c:8a:c1:00:2d:9b:f8:f6:db:22:70:05:
9d:9d:a7:24:ed:73:08:c1:1d:ba:61:49:eb:d6:24:5b:a7:2b:
b6:f0:97:26:7c:ad:e3:1e:50:56:70:0e:6d:94:a4:13:b7:98:
a0:d9:bd:99:4f:76:29:cf:58:9f:f7:f7:fb:6d:8f:6c:2e:08:
5c:31:72:f4:fa:08:55:6d:3d:21:46:2d:9f:fd:0a:f1:0e:18:
db:76:0b:28:19:a1:d0:a3:4f:25:e9:bc:79:67:8d:a7:48:40:
db:5f:8c:74:80:32:61:8e:c5:eb:8f:7a:69:9d:49:1c:74:58:
ce:3f:8c:1a:0c:84:89:72:dc:b0:f9:07:57:96:5b:90:b0:d8:
41:80:20:5d:13:66:56:82:2f:6c:df:85:c7:a7:75:d6:fd:58:
29:74:b3:78:bd:ec:ed:2c:95:78:bc:e3:bd:35:70:17:53:64:
1f:38:3f:24:46:6f:b6:c0:b2:12:89:7c:16:76:47:6f:f5:d7:
fc:b9:bf:8f:49:bf:ed:ce:70:28:b0:e5:57:c0:c8:62:b6:41:
89:10:6f:b4
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgICCl4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODI1MDIxMTAvBgNVBAUTKDhDM0NDQjRGRkI4OTE4OUM2RUY1QjM0REZEQUFCRTE4
MDZBNTIxOEEwHhcNMjUwMjEyMDMyMTM0WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FjMTNiZS0wNzczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnXECkJcC51/4G3C+80mSjg7hAP2kDKwKPhdxs3CKXcmtdsxhhEXAXem/NSwl
B0aWs5tr5QwY3MiAu0fI/T3Q/wTFPBXXezPhCX4RzwINlOHiz0GPgVk07aCjIKTs
GSRZ1ffEMJA6Uw7QdVT2YQuUw8VetqChDsDrTLs2ZWNxyX2ya+O/8NeY2RZ5PS6G
AS6732kNu3/RVajK+fMxZx4cpQW7pU5+MAorb41Uu/3LGEYkA7diOEfnjweMTd6/
D55hjufYafrZkeVS8PU3Nl+9sOrV5tpGAZneaHQ+BXZS1H9TpA80Wv1XBZCAXBDA
rZo0ppc9AKYcFnbvlm8Z54hjXQIDAQABo4IC3zCCAtswHQYDVR0OBBYEFPMIjaF1
udlkKv00FCmRWhxn8esbMB8GA1UdIwQYMBaAFIw8y0/7iRicbvWzTf2qvhgGpSGK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MjUwMi9EQTE2QzYzQTcz
Q0MxMUVBQTM5OTUzMjZDNEY5QUUwMi9qRHpMVF91SkdKeHU5Yk5OX2FxLUdBYWxJ
WW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2pEekxUX3VKR0p4dTliTk5fYXEtR0FhbElZby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODI1MDIvREExNkM2M0E3M0NDMTFFQUEzOTk1MzI2QzRGOUFFMDIvRjRGQ0M0MUU2
NDgzMTFFQzg4MzcwMzg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwaQYIKwYBBQUHAQcBAf8E
WjBYMEYEAgABMEAwDAMEACdtQwMEACdtTDAMAwQBJ21OAwQAJ21QAwQAJ21SAwQB
J21UAwQBJ21YAwQCZ1LYAwQBZ2IOAwQBZ3eEMA4EAgACMAgDBgckA+hAADANBgkq
hkiG9w0BAQsFAAOCAQEAJzcvA3wv2Pt0T0S4Qjti4J4kaIRL6fCZcT5ZG9zp3fvZ
DQ5v8RI64pGrfIrBAC2b+PbbInAFnZ2nJO1zCMEdumFJ69YkW6crtvCXJnyt4x5Q
VnAObZSkE7eYoNm9mU92Kc9Yn/f3+22PbC4IXDFy9PoIVW09IUYtn/0K8Q4Y23YL
KBmh0KNPJem8eWeNp0hA21+MdIAyYY7F6496aZ1JHHRYzj+MGgyEiXLcsPkHV5Zb
kLDYQYAgXRNmVoIvbN+Fx6d11v1YKXSzeL3s7SyVeLzjvTVwF1NkHzg/JEZvtsCy
Eol8FnZHb/XX/Lm/j0m/7c5wKLDlV8DIYrZBiRBvtA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:50:35 2025 by rpki-client