Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918DB4E/77E7F9A00CE511EAA20DDD82C4F9AE02/CF3CF4A2DECD11EFA34A7C66C4F9AE02.roa
File: CF3CF4A2DECD11EFA34A7C66C4F9AE02.roa (raw, json)
Hash identifier: WhFdwVA+Rqc9T4Pe4wg3jXjmM2B3Qv4g2BycMdAzMjs=
Subject key identifier: 8F:14:4A:B5:DA:1F:16:36:28:E5:B2:91:F7:22:38:19:2B:EF:49:10
Certificate issuer: /CN=A918DB4E/serialNumber=42758DE0CC0CF62C2AEEE93E0EEE67903A502CCC
Certificate serial: 0C2D
Authority key identifier: 42:75:8D:E0:CC:0C:F6:2C:2A:EE:E9:3E:0E:EE:67:90:3A:50:2C:CC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QnWN4MwM9iwq7uk-Du5nkDpQLMw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918DB4E/77E7F9A00CE511EAA20DDD82C4F9AE02/CF3CF4A2DECD11EFA34A7C66C4F9AE02.roa
Signing time: Thu 30 Jan 2025 05:56:23 +0000
ROA not before: Thu 30 Jan 2025 05:56:23 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 137883
IP address blocks: 2402:f840::/32 maxlen: 32
2402:f840::/48 maxlen: 48
2402:f840:1::/48 maxlen: 48
2402:f840:2::/48 maxlen: 48
2402:f840:3::/48 maxlen: 48
2402:f840:4::/48 maxlen: 48
2402:f840:5::/48 maxlen: 48
2402:f840:6::/48 maxlen: 48
2402:f840:7::/48 maxlen: 48
2402:f840:8::/48 maxlen: 48
2402:f840:9::/48 maxlen: 48
2402:f840:a::/48 maxlen: 48
2402:f840:b::/48 maxlen: 48
2402:f840:c::/48 maxlen: 48
2402:f840:d::/48 maxlen: 48
2402:f840:e::/48 maxlen: 48
2402:f840:f::/48 maxlen: 48
2402:f840:10::/48 maxlen: 48
2402:f840:11::/48 maxlen: 48
2402:f840:12::/48 maxlen: 48
2402:f840:13::/48 maxlen: 48
2402:f840:14::/48 maxlen: 48
2402:f840:15::/48 maxlen: 48
2402:f840:16::/48 maxlen: 48
2402:f840:17::/48 maxlen: 48
2402:f840:18::/48 maxlen: 48
2402:f840:19::/48 maxlen: 48
2402:f840:1a::/48 maxlen: 48
2402:f840:1b::/48 maxlen: 48
2402:f840:1c::/48 maxlen: 48
2402:f840:1d::/48 maxlen: 48
2402:f840:1e::/48 maxlen: 48
2402:f840:1f::/48 maxlen: 48
2402:f840:20::/48 maxlen: 48
2402:f840:21::/48 maxlen: 48
2402:f840:22::/48 maxlen: 48
2402:f840:23::/48 maxlen: 48
2402:f840:24::/48 maxlen: 48
2402:f840:25::/48 maxlen: 48
2402:f840:26::/48 maxlen: 48
2402:f840:27::/48 maxlen: 48
2402:f840:28::/48 maxlen: 48
2402:f840:29::/48 maxlen: 48
2402:f840:2a::/48 maxlen: 48
2402:f840:2b::/48 maxlen: 48
2402:f840:2c::/48 maxlen: 48
2402:f840:2d::/48 maxlen: 48
2402:f840:2e::/48 maxlen: 48
2402:f840:2f::/48 maxlen: 48
2402:f840:30::/48 maxlen: 48
2402:f840:31::/48 maxlen: 48
2402:f840:32::/48 maxlen: 48
2402:f840:33::/48 maxlen: 48
2402:f840:34::/48 maxlen: 48
2402:f840:35::/48 maxlen: 48
2402:f840:36::/48 maxlen: 48
2402:f840:37::/48 maxlen: 48
2402:f840:38::/48 maxlen: 48
2402:f840:39::/48 maxlen: 48
2402:f840:3a::/48 maxlen: 48
2402:f840:3b::/48 maxlen: 48
2402:f840:3c::/48 maxlen: 48
2402:f840:3d::/48 maxlen: 48
2402:f840:3e::/48 maxlen: 48
2402:f840:3f::/48 maxlen: 48
2402:f840:40::/48 maxlen: 48
2402:f840:41::/48 maxlen: 48
2402:f840:42::/48 maxlen: 48
2402:f840:43::/48 maxlen: 48
2402:f840:44::/48 maxlen: 48
2402:f840:45::/48 maxlen: 48
2402:f840:46::/48 maxlen: 48
2402:f840:47::/48 maxlen: 48
2402:f840:48::/48 maxlen: 48
2402:f840:49::/48 maxlen: 48
2402:f840:4a::/48 maxlen: 48
2402:f840:4b::/48 maxlen: 48
2402:f840:4c::/48 maxlen: 48
2402:f840:4d::/48 maxlen: 48
2402:f840:4e::/48 maxlen: 48
2402:f840:4f::/48 maxlen: 48
2402:f840:50::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918DB4E/77E7F9A00CE511EAA20DDD82C4F9AE02/QnWN4MwM9iwq7uk-Du5nkDpQLMw.crl
rsync://rpki.apnic.net/member_repository/A918DB4E/77E7F9A00CE511EAA20DDD82C4F9AE02/QnWN4MwM9iwq7uk-Du5nkDpQLMw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QnWN4MwM9iwq7uk-Du5nkDpQLMw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 21 Apr 2025 18:36:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3117 (0xc2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918DB4E, serialNumber=42758DE0CC0CF62C2AEEE93E0EEE67903A502CCC
Validity
Not Before: Jan 30 05:56:23 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=679b1487-4d44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ce:81:39:02:a0:7d:65:10:e2:1b:59:f7:ba:
36:81:19:7f:14:8a:76:93:2a:97:9c:6f:33:81:7b:
93:fa:2e:ca:85:5b:e0:af:30:15:a2:9d:29:a3:5b:
8b:5b:62:17:3b:cf:3d:86:21:1d:5b:92:b9:ce:fc:
a0:4b:cb:ef:43:89:13:15:af:bd:74:86:d5:72:73:
7a:88:bd:29:dd:26:d6:ed:53:b5:1f:c4:43:d6:50:
8f:99:6e:12:a1:da:cd:f3:37:57:68:bc:dc:df:25:
d0:4d:87:00:26:d8:d7:cc:5c:c9:9a:1f:72:25:9e:
0a:1d:4b:d5:cf:a2:f9:bd:e9:a6:37:2a:80:25:74:
60:fa:63:4c:52:fd:0a:b8:95:ed:81:a2:59:51:c5:
fc:63:3a:66:e3:a7:fc:ee:e2:80:c8:2c:b8:bf:3b:
ea:d1:89:26:50:61:e1:8b:52:c4:c0:99:52:f4:80:
12:d8:02:38:64:45:14:0d:8b:5d:17:69:da:e7:f6:
23:4c:38:df:d1:39:60:52:90:08:4b:66:54:1e:76:
0a:86:45:e3:49:0e:55:59:80:94:06:de:c1:68:f6:
c0:c2:4c:e8:be:24:2c:b1:a3:52:0d:7d:8d:04:c5:
96:03:ad:14:ea:53:74:51:ab:99:37:13:ec:d9:87:
25:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:14:4A:B5:DA:1F:16:36:28:E5:B2:91:F7:22:38:19:2B:EF:49:10
X509v3 Authority Key Identifier:
keyid:42:75:8D:E0:CC:0C:F6:2C:2A:EE:E9:3E:0E:EE:67:90:3A:50:2C:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918DB4E/77E7F9A00CE511EAA20DDD82C4F9AE02/QnWN4MwM9iwq7uk-Du5nkDpQLMw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QnWN4MwM9iwq7uk-Du5nkDpQLMw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918DB4E/77E7F9A00CE511EAA20DDD82C4F9AE02/CF3CF4A2DECD11EFA34A7C66C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:f840::/32
Signature Algorithm: sha256WithRSAEncryption
48:3e:8b:96:f4:7e:40:bb:17:b7:fb:fe:80:00:6c:9d:29:51:
00:2a:00:89:f4:0d:62:e6:75:31:15:6a:4f:e2:ea:5a:3f:ce:
46:19:b6:64:cc:52:c2:6e:f0:48:99:a4:af:63:89:90:93:e0:
8a:e7:1c:1d:da:e7:e3:38:01:9f:9e:44:76:bd:03:28:1a:cf:
e9:cd:68:a2:42:63:72:2e:4d:f9:76:02:97:1c:0b:78:bc:d6:
0c:c8:15:74:17:6a:77:b7:2c:91:9a:9f:67:14:99:6b:44:c9:
d1:d2:92:a3:5f:52:cf:59:24:f1:ec:28:86:05:a7:1a:0c:7a:
c4:d8:06:3f:b4:3c:51:b3:cd:88:4c:19:42:fa:4c:8a:15:a6:
3a:57:c2:aa:42:51:d6:73:cd:14:2e:00:9a:b1:69:a4:0c:9c:
79:13:75:f2:cb:d2:8b:81:60:86:94:fe:93:8a:b4:87:31:81:
60:70:a7:b7:7d:77:2b:f5:c4:26:5f:de:a4:31:e2:bc:b6:75:
5e:9b:96:73:ad:10:13:06:b3:be:23:d9:d5:40:7d:1d:6b:c9:
6c:7e:89:08:14:69:b3:6a:6d:e0:ea:93:e2:a2:33:bb:e8:cb:
36:21:cf:64:66:ed:63:06:3b:07:1b:df:75:92:0f:d5:96:78:
87:60:fe:f8
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICDC0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OERCNEUxMTAvBgNVBAUTKDQyNzU4REUwQ0MwQ0Y2MkMyQUVFRTkzRTBFRUU2Nzkw
M0E1MDJDQ0MwHhcNMjUwMTMwMDU1NjIzWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzliMTQ4Ny00ZDQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw86BOQKgfWUQ4htZ97o2gRl/FIp2kyqXnG8zgXuT+i7KhVvgrzAVop0po1uL
W2IXO889hiEdW5K5zvygS8vvQ4kTFa+9dIbVcnN6iL0p3SbW7VO1H8RD1lCPmW4S
odrN8zdXaLzc3yXQTYcAJtjXzFzJmh9yJZ4KHUvVz6L5vemmNyqAJXRg+mNMUv0K
uJXtgaJZUcX8Yzpm46f87uKAyCy4vzvq0YkmUGHhi1LEwJlS9IAS2AI4ZEUUDYtd
F2na5/YjTDjf0TlgUpAIS2ZUHnYKhkXjSQ5VWYCUBt7BaPbAwkzoviQssaNSDX2N
BMWWA60U6lN0UauZNxPs2YclgQIDAQABo4ICljCCApIwHQYDVR0OBBYEFI8USrXa
HxY2KOWykfciOBkr70kQMB8GA1UdIwQYMBaAFEJ1jeDMDPYsKu7pPg7uZ5A6UCzM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4REI0RS83N0U3RjlBMDBD
RTUxMUVBQTIwREREODJDNEY5QUUwMi9RbldONE13TTlpd3E3dWstRHU1bmtEcFFM
TXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FuV040TXdNOWl3cTd1ay1EdTVua0RwUUxNdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OERCNEUvNzdFN0Y5QTAwQ0U1MTFFQUEyMERERDgyQzRGOUFFMDIvQ0YzQ0Y0QTJE
RUNEMTFFRkEzNEE3QzY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAvhAMA0GCSqGSIb3DQEBCwUAA4IBAQBIPouW9H5Auxe3
+/6AAGydKVEAKgCJ9A1i5nUxFWpP4upaP85GGbZkzFLCbvBImaSvY4mQk+CK5xwd
2ufjOAGfnkR2vQMoGs/pzWiiQmNyLk35dgKXHAt4vNYMyBV0F2p3tyyRmp9nFJlr
RMnR0pKjX1LPWSTx7CiGBacaDHrE2AY/tDxRs82ITBlC+kyKFaY6V8KqQlHWc80U
LgCasWmkDJx5E3Xyy9KLgWCGlP6TirSHMYFgcKe3fXcr9cQmX96kMeK8tnVem5Zz
rRATBrO+I9nVQH0da8lsfokIFGmzam3g6pPiojO76Ms2Ic9kZu1jBjsHG991kg/V
lniHYP74
-----END CERTIFICATE-----
Generated at Tue Apr 15 16:04:05 2025 by rpki-client