Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AEE28/F1B1FBB090C111E8A493397FC4F9AE02/7BD0C11E8C3311EAB2E95132C4F9AE02.roa
File: 7BD0C11E8C3311EAB2E95132C4F9AE02.roa (raw, json)
Hash identifier: SD43F6ndbx8cQg58d8qyQwvKSbxddffft/0WNF7cCQU=
Subject key identifier: EA:65:8F:0E:14:B6:88:9C:3B:D0:03:23:48:5E:6E:AA:9C:9D:5F:7F
Certificate issuer: /CN=A91AEE28/serialNumber=A6CB9EFB4FE8C1C4E0C2F1B00E84C7F1A2F49C6F
Certificate serial: 137D
Authority key identifier: A6:CB:9E:FB:4F:E8:C1:C4:E0:C2:F1:B0:0E:84:C7:F1:A2:F4:9C:6F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/psue-0_owcTgwvGwDoTH8aL0nG8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AEE28/F1B1FBB090C111E8A493397FC4F9AE02/7BD0C11E8C3311EAB2E95132C4F9AE02.roa
Signing time: Tue 04 Feb 2025 16:54:59 +0000
ROA not before: Tue 04 Feb 2025 16:54:59 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 9246
IP address blocks: 43.240.88.0/22 maxlen: 22
103.7.100.0/22 maxlen: 22
114.142.192.0/18 maxlen: 18
114.142.212.0/24 maxlen: 24
117.20.120.0/21 maxlen: 21
202.151.64.0/19 maxlen: 19
202.151.76.0/24 maxlen: 24
202.151.85.0/24 maxlen: 24
2405:7400::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91AEE28/F1B1FBB090C111E8A493397FC4F9AE02/psue-0_owcTgwvGwDoTH8aL0nG8.crl
rsync://rpki.apnic.net/member_repository/A91AEE28/F1B1FBB090C111E8A493397FC4F9AE02/psue-0_owcTgwvGwDoTH8aL0nG8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/psue-0_owcTgwvGwDoTH8aL0nG8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 23 Apr 2025 16:57:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4989 (0x137d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AEE28, serialNumber=A6CB9EFB4FE8C1C4E0C2F1B00E84C7F1A2F49C6F
Validity
Not Before: Feb 4 16:54:59 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67a24663-5e58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:29:83:de:9d:35:e3:e5:7e:e5:18:35:8e:24:
75:3a:72:33:fc:6a:73:b6:40:82:39:c9:c7:ec:be:
e1:0a:ca:81:5f:34:70:2e:aa:e5:b9:16:93:63:ed:
78:6f:cf:04:46:04:73:ba:3b:02:d5:62:52:b8:bd:
59:a7:d3:2b:8a:00:c8:36:db:5f:45:bd:16:e1:9a:
08:53:94:c8:c4:55:dc:a2:1a:cc:ce:ac:6b:f2:82:
18:42:7d:73:78:1a:7a:a2:1b:2c:8e:58:d5:e0:82:
ed:cc:54:38:0c:87:c7:24:9a:34:63:68:e3:8f:f6:
5d:b2:fa:f5:e3:96:8a:bd:e4:f2:d3:b9:24:2b:e8:
ea:35:27:50:1e:62:42:22:fd:e4:17:cc:a8:b8:60:
a0:91:07:2d:a9:b2:13:8f:9a:5e:49:5e:95:bd:83:
3d:2e:24:2f:19:71:53:55:73:d2:5c:27:09:60:fd:
af:97:76:b2:48:85:ad:d3:ad:ec:51:41:bb:83:29:
30:fb:b9:01:54:6f:8e:20:33:fe:76:6e:f1:53:34:
9c:42:24:ab:0f:33:40:4d:93:55:c6:4b:94:d8:df:
02:ec:51:26:80:97:8d:58:82:61:43:53:27:03:bc:
7f:c0:d0:9c:6f:d4:1a:1f:d0:10:0b:30:87:9b:d7:
c0:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:65:8F:0E:14:B6:88:9C:3B:D0:03:23:48:5E:6E:AA:9C:9D:5F:7F
X509v3 Authority Key Identifier:
keyid:A6:CB:9E:FB:4F:E8:C1:C4:E0:C2:F1:B0:0E:84:C7:F1:A2:F4:9C:6F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AEE28/F1B1FBB090C111E8A493397FC4F9AE02/psue-0_owcTgwvGwDoTH8aL0nG8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/psue-0_owcTgwvGwDoTH8aL0nG8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AEE28/F1B1FBB090C111E8A493397FC4F9AE02/7BD0C11E8C3311EAB2E95132C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.240.88.0/22
103.7.100.0/22
114.142.192.0/18
117.20.120.0/21
202.151.64.0/19
IPv6:
2405:7400::/32
Signature Algorithm: sha256WithRSAEncryption
f1:34:4d:e2:83:ea:24:c7:fb:4e:cb:b4:b7:07:57:54:59:f8:
9f:c6:43:6a:7d:55:5a:de:a8:39:8e:e3:0c:d4:61:f8:3e:76:
19:28:14:25:79:94:53:d0:08:d2:58:00:13:1e:a6:cd:61:ef:
f8:29:b0:14:26:b7:0d:a8:42:90:ca:82:61:f9:c7:e7:bd:e4:
d1:46:ff:80:86:68:f2:d3:22:9d:df:dc:9c:57:1f:53:b2:cd:
68:dc:91:9e:fe:66:b0:08:22:20:d5:06:77:11:0f:6c:43:07:
74:11:bc:9d:60:db:c7:c7:2d:6a:8a:1a:5b:58:40:bc:2e:db:
49:c7:08:10:28:6b:97:7e:47:4d:91:0f:97:99:37:de:f4:7f:
9a:0d:2d:c3:e5:a9:ea:d1:3d:7c:4c:bf:df:be:06:93:5a:1b:
59:c6:a8:b0:65:5e:1f:5d:b2:a1:88:3e:fd:73:53:63:a2:5f:
01:08:73:84:44:e6:33:03:46:33:62:dc:6d:50:0b:67:a4:62:
38:1e:13:16:8a:a6:89:60:46:76:70:e0:08:4d:b5:16:8b:37:
f5:66:45:16:c6:bc:90:7d:7f:90:8b:f7:51:c5:6d:71:52:8d:
40:81:9d:dd:36:8c:be:d3:0d:68:1e:3c:6c:1f:8b:66:6a:7d:
7d:b4:94:db
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICE30wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUVFMjgxMTAvBgNVBAUTKEE2Q0I5RUZCNEZFOEMxQzRFMEMyRjFCMDBFODRDN0Yx
QTJGNDlDNkYwHhcNMjUwMjA0MTY1NDU5WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EyNDY2My01ZTU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxymD3p014+V+5Rg1jiR1OnIz/GpztkCCOcnH7L7hCsqBXzRwLqrluRaTY+14
b88ERgRzujsC1WJSuL1Zp9MrigDINttfRb0W4ZoIU5TIxFXcohrMzqxr8oIYQn1z
eBp6ohssjljV4ILtzFQ4DIfHJJo0Y2jjj/Zdsvr145aKveTy07kkK+jqNSdQHmJC
Iv3kF8youGCgkQctqbITj5peSV6VvYM9LiQvGXFTVXPSXCcJYP2vl3aySIWt063s
UUG7gykw+7kBVG+OIDP+dm7xUzScQiSrDzNATZNVxkuU2N8C7FEmgJeNWIJhQ1Mn
A7x/wNCcb9QaH9AQCzCHm9fAgwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFOpljw4U
toicO9ADI0hebqqcnV9/MB8GA1UdIwQYMBaAFKbLnvtP6MHE4MLxsA6Ex/Gi9Jxv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRUUyOC9GMUIxRkJCMDkw
QzExMUU4QTQ5MzM5N0ZDNEY5QUUwMi9wc3VlLTBfb3djVGd3dkd3RG9USDhhTDBu
RzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BzdWUtMF9vd2NUZ3d2R3dEb1RIOGFMMG5HOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUVFMjgvRjFCMUZCQjA5MEMxMTFFOEE0OTMzOTdGQzRGOUFFMDIvN0JEMEMxMUU4
QzMzMTFFQUIyRTk1MTMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAIr8FgDBAJnB2QDBAZyjsADBAN1FHgDBAXKl0AwDQQCAAIw
BwMFACQFdAAwDQYJKoZIhvcNAQELBQADggEBAPE0TeKD6iTH+07LtLcHV1RZ+J/G
Q2p9VVreqDmO4wzUYfg+dhkoFCV5lFPQCNJYABMeps1h7/gpsBQmtw2oQpDKgmH5
x+e95NFG/4CGaPLTIp3f3JxXH1OyzWjckZ7+ZrAIIiDVBncRD2xDB3QRvJ1g28fH
LWqKGltYQLwu20nHCBAoa5d+R02RD5eZN970f5oNLcPlqerRPXxMv9++BpNaG1nG
qLBlXh9dsqGIPv1zU2OiXwEIc4RE5jMDRjNi3G1QC2ekYjgeExaKpolgRnZw4AhN
tRaLN/VmRRbGvJB9f5CL91HFbXFSjUCBnd02jL7TDWgePGwfi2ZqfX20lNs=
-----END CERTIFICATE-----
Generated at Thu Apr 17 15:17:04 2025 by rpki-client