Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91911EB/EDA972B269A211EFAE3AB35AC4F9AE02/9CF17DD669A911EFBF66800FC4F9AE02.roa
File: 9CF17DD669A911EFBF66800FC4F9AE02.roa (raw, json)
Hash identifier: bBT8gdGhlwg5r06wlUXlbf1qWwPVmNNVH6Tp4yfxfVE=
Subject key identifier: FB:F4:7B:A0:52:43:6C:5D:07:12:3D:3E:C9:22:26:4F:05:72:6E:89
Certificate issuer: /CN=A91911EB/serialNumber=BE3F813B202FFB0A382F737968EE166598E0E8AB
Certificate serial: 83
Authority key identifier: BE:3F:81:3B:20:2F:FB:0A:38:2F:73:79:68:EE:16:65:98:E0:E8:AB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vj-BOyAv-wo4L3N5aO4WZZjg6Ks.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91911EB/EDA972B269A211EFAE3AB35AC4F9AE02/9CF17DD669A911EFBF66800FC4F9AE02.roa
Signing time: Tue 25 Mar 2025 06:13:11 +0000
ROA not before: Tue 25 Mar 2025 06:13:11 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 9903
IP address blocks: 202.44.130.0/23 maxlen: 23
202.44.131.0/24 maxlen: 24
203.158.96.0/19 maxlen: 19
203.158.96.0/21 maxlen: 21
203.158.96.0/24 maxlen: 24
203.158.97.0/24 maxlen: 24
203.158.98.0/24 maxlen: 24
203.158.99.0/24 maxlen: 24
203.158.100.0/24 maxlen: 24
203.158.101.0/24 maxlen: 24
203.158.102.0/24 maxlen: 24
203.158.103.0/24 maxlen: 24
203.158.104.0/22 maxlen: 22
203.158.104.0/24 maxlen: 24
203.158.105.0/24 maxlen: 24
203.158.106.0/24 maxlen: 24
203.158.107.0/24 maxlen: 24
203.158.108.0/23 maxlen: 24
203.158.110.0/23 maxlen: 23
203.158.110.0/24 maxlen: 24
203.158.111.0/24 maxlen: 24
203.158.112.0/20 maxlen: 20
203.158.112.0/24 maxlen: 24
203.158.113.0/24 maxlen: 24
203.158.114.0/24 maxlen: 24
203.158.115.0/24 maxlen: 24
203.158.116.0/24 maxlen: 24
203.158.117.0/24 maxlen: 24
203.158.119.0/24 maxlen: 24
203.158.120.0/24 maxlen: 24
203.158.121.0/24 maxlen: 24
203.158.122.0/24 maxlen: 24
203.158.123.0/24 maxlen: 24
203.158.124.0/24 maxlen: 24
203.158.125.0/24 maxlen: 24
203.158.126.0/24 maxlen: 24
203.158.127.0/24 maxlen: 24
203.158.240.0/20 maxlen: 20
203.158.240.0/21 maxlen: 21
203.158.240.0/24 maxlen: 24
203.158.241.0/24 maxlen: 24
203.158.242.0/24 maxlen: 24
203.158.243.0/24 maxlen: 24
203.158.248.0/22 maxlen: 22
203.158.249.0/24 maxlen: 24
203.158.250.0/24 maxlen: 24
203.158.251.0/24 maxlen: 24
203.158.252.0/24 maxlen: 24
203.158.253.0/24 maxlen: 24
203.158.254.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91911EB/EDA972B269A211EFAE3AB35AC4F9AE02/vj-BOyAv-wo4L3N5aO4WZZjg6Ks.crl
rsync://rpki.apnic.net/member_repository/A91911EB/EDA972B269A211EFAE3AB35AC4F9AE02/vj-BOyAv-wo4L3N5aO4WZZjg6Ks.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vj-BOyAv-wo4L3N5aO4WZZjg6Ks.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 05:41:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 131 (0x83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91911EB
Validity
Not Before: Mar 25 06:13:11 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67e24977-265b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:28:f2:a5:ca:60:9b:93:a3:74:cf:a3:ab:ae:
d9:00:3e:0f:33:59:f1:1f:57:d3:f1:97:00:dd:09:
1d:0d:d5:2b:e0:15:72:66:60:63:b9:1d:16:ba:18:
3a:7b:01:d6:61:19:df:0a:75:ed:53:c9:82:20:4d:
e4:13:6b:cc:91:ef:84:55:d5:21:0f:6e:b9:88:c8:
c3:18:ae:d2:ba:d3:e2:8b:74:7e:ee:85:fb:f7:fd:
5b:61:a3:84:b9:59:02:cc:1d:a2:b7:e8:53:65:74:
df:b5:44:d8:45:a5:20:3c:76:a2:d7:54:63:7b:71:
f3:4d:4f:93:ec:42:30:93:f7:19:35:cc:da:9b:85:
2c:52:dc:27:5d:1c:60:cc:65:15:5c:8e:98:29:48:
c5:5f:a0:46:a4:d7:c8:80:cb:8a:82:ae:10:54:8b:
19:1b:5b:97:f4:7d:d4:02:d2:60:ad:65:52:62:72:
7c:b2:fc:ca:8d:e1:d8:83:a0:10:d8:fb:0c:fb:56:
36:40:3c:82:ea:13:4e:75:ff:d1:12:8d:b1:42:5f:
f7:5e:d3:a9:3d:85:a6:96:94:ee:49:39:d0:a2:8a:
30:21:a7:9b:d1:c3:13:53:6b:0e:51:e4:34:6d:43:
09:84:c7:d0:30:c3:2d:b5:01:74:3b:0b:80:d3:f6:
71:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:F4:7B:A0:52:43:6C:5D:07:12:3D:3E:C9:22:26:4F:05:72:6E:89
X509v3 Authority Key Identifier:
keyid:BE:3F:81:3B:20:2F:FB:0A:38:2F:73:79:68:EE:16:65:98:E0:E8:AB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91911EB/EDA972B269A211EFAE3AB35AC4F9AE02/vj-BOyAv-wo4L3N5aO4WZZjg6Ks.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vj-BOyAv-wo4L3N5aO4WZZjg6Ks.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91911EB/EDA972B269A211EFAE3AB35AC4F9AE02/9CF17DD669A911EFBF66800FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.44.130.0/23
203.158.96.0/19
203.158.240.0/20
Signature Algorithm: sha256WithRSAEncryption
9b:e3:a2:e7:74:7d:3d:ea:fd:dc:57:f5:52:d5:59:27:c3:3d:
ca:73:bf:f4:86:c0:48:84:4a:38:99:df:f5:7c:5b:0e:8a:a2:
50:db:44:f0:8e:86:29:c3:9c:42:3d:dd:75:4a:71:7a:f7:dd:
71:98:4b:aa:a7:0b:b5:46:35:c7:03:81:cc:92:4e:ea:bb:f0:
50:e1:dd:e9:24:39:eb:3d:b0:93:74:6f:aa:3f:a1:bd:31:92:
7e:07:2d:b8:38:8d:09:a9:63:09:89:03:50:86:5f:e6:2d:5f:
89:30:a5:2a:77:1a:d7:81:93:84:21:05:72:ca:1c:3b:5f:24:
83:44:ba:91:f4:7b:f1:d2:16:0d:57:91:b0:6a:c9:76:50:a5:
70:cc:52:b7:ec:d0:bd:10:02:15:ce:dd:22:79:27:c2:a2:49:
55:73:61:d0:8f:36:f4:38:88:7f:fd:a6:74:0a:2b:ae:ae:30:
47:38:2c:d7:75:f8:f4:dd:0e:37:b5:3a:3c:45:3e:f9:b4:3b:
ab:88:80:dc:fd:7e:15:d6:a2:b3:50:ec:74:4e:1c:06:37:45:
ec:3c:3e:47:da:8e:8e:88:07:a6:d4:26:54:ff:da:32:a1:02:
b5:fa:2a:8f:9d:a0:25:6c:fe:1a:da:92:29:7f:54:1f:be:50:
8b:96:d8:78
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAIMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTExRUIxMTAvBgNVBAUTKEJFM0Y4MTNCMjAyRkZCMEEzODJGNzM3OTY4RUUxNjY1
OThFMEU4QUIwHhcNMjUwMzI1MDYxMzExWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2UyNDk3Ny0yNjViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArSjypcpgm5OjdM+jq67ZAD4PM1nxH1fT8ZcA3QkdDdUr4BVyZmBjuR0Wuhg6
ewHWYRnfCnXtU8mCIE3kE2vMke+EVdUhD265iMjDGK7SutPii3R+7oX79/1bYaOE
uVkCzB2it+hTZXTftUTYRaUgPHai11Rje3HzTU+T7EIwk/cZNczam4UsUtwnXRxg
zGUVXI6YKUjFX6BGpNfIgMuKgq4QVIsZG1uX9H3UAtJgrWVSYnJ8svzKjeHYg6AQ
2PsM+1Y2QDyC6hNOdf/REo2xQl/3XtOpPYWmlpTuSTnQooowIaeb0cMTU2sOUeQ0
bUMJhMfQMMMttQF0OwuA0/ZxSwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFPv0e6BS
Q2xdBxI9PskiJk8Fcm6JMB8GA1UdIwQYMBaAFL4/gTsgL/sKOC9zeWjuFmWY4Oir
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTFFQi9FREE5NzJCMjY5
QTIxMUVGQUUzQUIzNUFDNEY5QUUwMi92ai1CT3lBdi13bzRMM041YU80V1paamc2
S3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZqLUJPeUF2LXdvNEwzTjVhTzRXWlpqZzZLcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTExRUIvRURBOTcyQjI2OUEyMTFFRkFFM0FCMzVBQzRGOUFFMDIvOUNGMTdERDY2
OUE5MTFFRkJGNjY4MDBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAHKLIIDBAXLnmADBATLnvAwDQYJKoZIhvcNAQELBQADggEB
AJvjoud0fT3q/dxX9VLVWSfDPcpzv/SGwEiESjiZ3/V8Ww6KolDbRPCOhinDnEI9
3XVKcXr33XGYS6qnC7VGNccDgcySTuq78FDh3ekkOes9sJN0b6o/ob0xkn4HLbg4
jQmpYwmJA1CGX+YtX4kwpSp3GteBk4QhBXLKHDtfJINEupH0e/HSFg1XkbBqyXZQ
pXDMUrfs0L0QAhXO3SJ5J8KiSVVzYdCPNvQ4iH/9pnQKK66uMEc4LNd1+PTdDje1
OjxFPvm0O6uIgNz9fhXWorNQ7HROHAY3Rew8Pkfajo6IB6bUJlT/2jKhArX6Ko+d
oCVs/hrakil/VB++UIuW2Hg=
-----END CERTIFICATE-----
Generated at Tue Apr 8 19:18:34 2025 by rpki-client