Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/9B4B6C82904911EABE5F0C63C4F9AE02.roa
File: 9B4B6C82904911EABE5F0C63C4F9AE02.roa (raw, json)
Hash identifier: EUm4AnmfuJxU75sTZEUXibkajEE5FVqoIFPKGh69ArU=
Subject key identifier: D5:8F:43:3F:23:12:A9:FE:E4:29:9E:1C:9F:4F:64:A4:60:0D:6F:64
Certificate issuer: /CN=A91A0832/serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Certificate serial: 36CC
Authority key identifier: 9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/9B4B6C82904911EABE5F0C63C4F9AE02.roa
Signing time: Sat 22 Mar 2025 15:01:21 +0000
ROA not before: Sat 22 Mar 2025 15:01:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58895
IP address blocks: 58.181.98.0/24 maxlen: 24
59.103.30.0/23 maxlen: 24
59.103.74.0/24 maxlen: 24
59.103.152.0/23 maxlen: 24
59.103.176.0/24 maxlen: 24
59.103.178.0/23 maxlen: 23
116.71.2.0/23 maxlen: 24
119.152.48.0/22 maxlen: 22
119.152.48.0/24 maxlen: 24
119.152.49.0/24 maxlen: 24
119.152.50.0/24 maxlen: 24
119.152.51.0/24 maxlen: 24
119.152.52.0/23 maxlen: 24
119.152.54.0/24 maxlen: 24
119.152.55.0/24 maxlen: 24
119.152.56.0/24 maxlen: 24
119.152.57.0/24 maxlen: 24
119.152.58.0/24 maxlen: 24
119.152.59.0/24 maxlen: 24
119.152.60.0/24 maxlen: 24
119.152.61.0/24 maxlen: 24
119.152.62.0/24 maxlen: 24
119.152.63.0/24 maxlen: 24
119.152.96.0/20 maxlen: 20
119.152.96.0/24 maxlen: 24
119.152.97.0/24 maxlen: 24
119.152.98.0/24 maxlen: 24
119.152.99.0/24 maxlen: 24
119.152.100.0/24 maxlen: 24
119.152.101.0/24 maxlen: 24
119.152.102.0/24 maxlen: 24
119.152.103.0/24 maxlen: 24
119.152.104.0/24 maxlen: 24
119.152.105.0/24 maxlen: 24
119.152.106.0/24 maxlen: 24
119.152.107.0/24 maxlen: 24
119.152.108.0/24 maxlen: 24
119.152.109.0/24 maxlen: 24
119.152.110.0/24 maxlen: 24
119.152.111.0/24 maxlen: 24
119.152.124.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.crl
rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 14:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14028 (0x36cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A0832
Validity
Not Before: Mar 22 15:01:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67ded0c1-b355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:79:82:cc:37:26:b8:9d:88:b8:e4:ad:7f:6d:
f6:ca:21:75:8c:4d:b4:7b:0d:d0:63:bd:e4:92:0e:
76:a2:55:cd:36:88:db:d8:5c:6f:1e:79:69:1c:5f:
90:83:ee:9d:86:b7:9b:39:8b:51:05:21:34:fa:78:
2a:af:1d:e9:a6:1c:71:78:5b:be:2c:ce:67:51:1f:
e3:3c:17:69:6d:a8:df:a5:5a:4e:56:46:f2:90:8e:
bc:88:1a:81:27:d9:c5:81:00:14:b0:ba:0b:1a:d6:
47:39:11:1e:37:1e:cd:77:e5:b4:0b:64:c2:f7:53:
4c:ba:e0:67:90:68:66:a9:61:d2:d4:25:ec:6a:3d:
63:8c:cc:f1:55:8c:b7:c4:05:74:76:0d:8c:e3:bf:
f4:1b:27:30:6b:f3:50:29:1a:36:ae:a7:04:98:0b:
89:51:90:5f:9d:5e:54:6b:c5:12:af:72:53:59:9d:
72:6e:7f:6a:f6:80:78:17:e6:13:4d:3e:4b:58:8a:
2d:4a:95:b3:21:dc:18:df:58:4c:6b:01:a1:0f:e5:
78:2b:25:b7:5c:b4:42:ff:f8:d8:51:6d:6b:92:be:
78:3b:55:c4:ed:0e:c2:b2:a7:de:9e:4d:31:0e:ae:
6f:0b:57:2a:96:d6:9e:e3:f0:e3:da:bd:9e:f2:e6:
d1:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:8F:43:3F:23:12:A9:FE:E4:29:9E:1C:9F:4F:64:A4:60:0D:6F:64
X509v3 Authority Key Identifier:
keyid:9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/9B4B6C82904911EABE5F0C63C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.181.98.0/24
59.103.30.0/23
59.103.74.0/24
59.103.152.0/23
59.103.176.0/24
59.103.178.0/23
116.71.2.0/23
119.152.48.0/20
119.152.96.0/20
119.152.124.0/23
Signature Algorithm: sha256WithRSAEncryption
06:7e:d1:66:1d:a2:30:3f:c3:4c:e7:24:f3:af:ba:2b:9d:c2:
64:79:98:ce:b5:b6:2b:9e:74:1a:1e:3a:c1:54:45:f1:bc:14:
fb:fc:9a:87:66:1a:0a:d2:4f:a7:36:3e:15:31:89:f9:bf:a4:
4a:b3:73:8e:1f:ed:8a:61:c2:6b:3d:9c:1c:67:f9:2f:ca:25:
8c:ac:67:8c:91:81:d8:37:8f:14:18:08:af:25:37:b9:17:96:
6b:1b:ea:3f:b7:8b:a6:32:94:c8:1f:02:7b:39:0f:2c:9e:31:
3f:6c:d7:60:58:70:b1:5d:2d:61:19:62:92:e2:73:68:b2:4a:
af:d5:63:e4:99:86:dc:17:1a:91:13:5a:57:78:33:7a:b3:9a:
8d:9b:bf:fd:bc:22:19:13:e5:a1:c1:7a:05:9a:24:69:39:d8:
09:8c:ff:e8:3b:82:70:18:30:d3:39:87:bf:9a:1d:d4:0c:a4:
70:01:84:39:5b:15:7b:4e:5e:86:b4:f0:e8:f9:8f:a9:36:c4:
9b:37:87:1d:42:64:6e:98:04:57:ed:1c:ea:74:53:8b:12:9d:
f5:f6:cb:94:4a:15:6e:ce:27:da:4b:4c:b0:70:28:21:a8:01:
e1:02:f8:6c:91:44:50:d4:5c:19:a7:c3:a1:39:d9:93:fe:c9:
a4:c2:32:ed
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgICNswwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTA4MzIxMTAvBgNVBAUTKDlFRDkwNTUxMDdDNzBGODVCQjkxQThEQTAyNzBCNUNB
NzYwQUVCNTQwHhcNMjUwMzIyMTUwMTIxWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RlZDBjMS1iMzU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5HmCzDcmuJ2IuOStf232yiF1jE20ew3QY73kkg52olXNNojb2FxvHnlpHF+Q
g+6dhrebOYtRBSE0+ngqrx3pphxxeFu+LM5nUR/jPBdpbajfpVpOVkbykI68iBqB
J9nFgQAUsLoLGtZHOREeNx7Nd+W0C2TC91NMuuBnkGhmqWHS1CXsaj1jjMzxVYy3
xAV0dg2M47/0Gycwa/NQKRo2rqcEmAuJUZBfnV5Ua8USr3JTWZ1ybn9q9oB4F+YT
TT5LWIotSpWzIdwY31hMawGhD+V4KyW3XLRC//jYUW1rkr54O1XE7Q7Csqfenk0x
Dq5vC1cqltae4/Dj2r2e8ubRiQIDAQABo4ICyzCCAscwHQYDVR0OBBYEFNWPQz8j
Eqn+5CmeHJ9PZKRgDW9kMB8GA1UdIwQYMBaAFJ7ZBVEHxw+Fu5Go2gJwtcp2CutU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDgzMi85REFGNzgwRTFE
OTQxMUUyOTkwMUYzRjgwOEIwMkNEMi9udGtGVVFmSEQ0VzdrYWphQW5DMXluWUs2
MVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL250a0ZVUWZIRDRXN2thamFBbkMxeW5ZSzYxUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTA4MzIvOURBRjc4MEUxRDk0MTFFMjk5MDFGM0Y4MDhCMDJDRDIvOUI0QjZDODI5
MDQ5MTFFQUJFNUYwQzYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVQYIKwYBBQUHAQcBAf8E
RjBEMEIEAgABMDwDBAA6tWIDBAE7Zx4DBAA7Z0oDBAE7Z5gDBAA7Z7ADBAE7Z7ID
BAF0RwIDBAR3mDADBAR3mGADBAF3mHwwDQYJKoZIhvcNAQELBQADggEBAAZ+0WYd
ojA/w0znJPOvuiudwmR5mM61tiuedBoeOsFURfG8FPv8modmGgrST6c2PhUxifm/
pEqzc44f7Yphwms9nBxn+S/KJYysZ4yRgdg3jxQYCK8lN7kXlmsb6j+3i6YylMgf
Ans5DyyeMT9s12BYcLFdLWEZYpLic2iySq/VY+SZhtwXGpETWld4M3qzmo2bv/28
IhkT5aHBegWaJGk52AmM/+g7gnAYMNM5h7+aHdQMpHABhDlbFXtOXoa08Oj5j6k2
xJs3hx1CZG6YBFftHOp0U4sSnfX2y5RKFW7OJ9pLTLBwKCGoAeEC+GyRRFDUXBmn
w6E52ZP+yaTCMu0=
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:40:53 2025 by rpki-client