Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B933A/53FE1EFA2B6411E58A2F0754C4F9AE02/C61B734AB0AA11E580DBF725C4F9AE02.roa
File: C61B734AB0AA11E580DBF725C4F9AE02.roa (raw, json)
Hash identifier: Z754LG6nGQ06ZpUuHnHm6+5+zZq4bCVd8VqoVX/cCxs=
Subject key identifier: F1:AD:D5:F1:9B:21:CA:3A:13:6D:F1:DD:04:A1:85:5D:85:5E:CD:1A
Certificate issuer: /CN=A91B933A/serialNumber=6E8EA1E3240C0BB3D13B4D275C6C0326A568EC87
Certificate serial: 24C4
Authority key identifier: 6E:8E:A1:E3:24:0C:0B:B3:D1:3B:4D:27:5C:6C:03:26:A5:68:EC:87
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bo6h4yQMC7PRO00nXGwDJqVo7Ic.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B933A/53FE1EFA2B6411E58A2F0754C4F9AE02/C61B734AB0AA11E580DBF725C4F9AE02.roa
Signing time: Tue 26 Nov 2024 16:12:50 +0000
ROA not before: Tue 26 Nov 2024 16:12:50 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 17993
IP address blocks: 110.5.112.0/22 maxlen: 22
110.5.112.0/24 maxlen: 24
110.5.113.0/24 maxlen: 24
110.5.114.0/24 maxlen: 24
110.5.115.0/24 maxlen: 24
202.4.32.0/19 maxlen: 19
202.4.32.0/21 maxlen: 21
202.4.32.0/24 maxlen: 24
202.4.33.0/24 maxlen: 24
202.4.34.0/24 maxlen: 24
202.4.35.0/24 maxlen: 24
202.4.36.0/24 maxlen: 24
202.4.37.0/24 maxlen: 24
202.4.38.0/24 maxlen: 24
202.4.39.0/24 maxlen: 24
202.4.40.0/21 maxlen: 21
202.4.40.0/24 maxlen: 24
202.4.41.0/24 maxlen: 24
202.4.42.0/24 maxlen: 24
202.4.43.0/24 maxlen: 24
202.4.44.0/24 maxlen: 24
202.4.45.0/24 maxlen: 24
202.4.46.0/24 maxlen: 24
202.4.47.0/24 maxlen: 24
202.4.48.0/20 maxlen: 20
202.4.48.0/24 maxlen: 24
202.4.49.0/24 maxlen: 24
202.4.50.0/24 maxlen: 24
202.4.51.0/24 maxlen: 24
202.4.52.0/24 maxlen: 24
202.4.53.0/24 maxlen: 24
202.4.54.0/24 maxlen: 24
202.4.55.0/24 maxlen: 24
202.4.56.0/24 maxlen: 24
202.4.57.0/24 maxlen: 24
202.4.58.0/24 maxlen: 24
202.4.59.0/24 maxlen: 24
202.4.60.0/24 maxlen: 24
202.4.61.0/24 maxlen: 24
202.4.62.0/24 maxlen: 24
202.4.63.0/24 maxlen: 24
203.99.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B933A/53FE1EFA2B6411E58A2F0754C4F9AE02/bo6h4yQMC7PRO00nXGwDJqVo7Ic.crl
rsync://rpki.apnic.net/member_repository/A91B933A/53FE1EFA2B6411E58A2F0754C4F9AE02/bo6h4yQMC7PRO00nXGwDJqVo7Ic.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bo6h4yQMC7PRO00nXGwDJqVo7Ic.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 23 Apr 2025 15:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9412 (0x24c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B933A, serialNumber=6E8EA1E3240C0BB3D13B4D275C6C0326A568EC87
Validity
Not Before: Nov 26 16:12:50 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6745f381-c78d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:2e:07:66:99:3c:4a:d3:46:de:f1:a0:e1:08:
a7:74:a0:9f:52:a8:40:84:f4:81:fd:98:13:52:6f:
c6:5b:b3:d0:4c:0e:eb:e0:b6:ef:87:77:e3:4b:f0:
36:d0:62:7f:19:f0:cf:83:ee:60:a7:51:fd:00:af:
36:69:7b:11:26:fa:33:02:c4:b4:54:59:72:42:14:
f1:25:68:ea:bd:3c:c7:96:49:20:8e:1b:89:27:6b:
f9:cd:8c:55:95:1b:0d:af:36:89:50:01:86:0b:62:
be:81:dc:ff:d5:d1:02:32:77:29:aa:06:63:99:f9:
80:74:cd:a7:99:f0:64:b6:56:ee:11:4a:7f:e5:e6:
52:a6:1f:45:c1:7f:70:46:fa:4e:1d:e0:c6:b0:14:
6e:da:7b:51:74:e4:d6:6e:c6:7d:39:e0:d3:0b:c8:
31:36:8d:f2:09:43:c4:4d:96:e3:5b:df:e3:c4:8f:
eb:a0:c0:67:65:ec:26:5c:a7:2d:60:79:e4:fe:7b:
08:68:46:ab:28:12:15:09:68:33:bd:4a:c4:02:b5:
da:11:bf:22:12:b0:4e:fa:a4:5f:6a:e5:2b:61:a7:
cd:52:5d:43:2b:a7:be:ab:07:32:4f:7b:ed:35:e7:
22:7b:ed:02:43:1a:7c:20:b5:2d:d2:b0:36:bd:98:
e0:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:AD:D5:F1:9B:21:CA:3A:13:6D:F1:DD:04:A1:85:5D:85:5E:CD:1A
X509v3 Authority Key Identifier:
keyid:6E:8E:A1:E3:24:0C:0B:B3:D1:3B:4D:27:5C:6C:03:26:A5:68:EC:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B933A/53FE1EFA2B6411E58A2F0754C4F9AE02/bo6h4yQMC7PRO00nXGwDJqVo7Ic.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bo6h4yQMC7PRO00nXGwDJqVo7Ic.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B933A/53FE1EFA2B6411E58A2F0754C4F9AE02/C61B734AB0AA11E580DBF725C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
110.5.112.0/22
202.4.32.0/19
203.99.255.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:d1:15:0d:bb:2b:c1:23:14:7f:b2:2e:92:54:a6:e6:2c:1f:
d0:27:72:38:97:36:b1:54:d9:e6:df:85:ef:15:50:db:3a:2b:
e7:d2:a2:05:d4:ae:e1:04:25:63:dc:22:52:43:57:43:12:49:
0d:7f:4b:94:01:5f:d2:5f:77:1c:11:3e:41:b0:41:16:c1:dc:
eb:96:09:b6:77:22:a9:c6:48:e8:35:64:06:dc:df:fb:bd:5d:
6c:f9:f7:2c:bf:c6:98:17:cb:2c:5d:dc:02:fa:4c:32:a5:39:
d1:aa:4e:92:15:b5:25:5f:91:f3:58:f4:43:b6:2a:e2:c9:09:
68:7c:24:c6:b7:e5:f0:86:64:99:04:2d:f1:04:95:6f:f7:29:
66:0e:8d:2e:61:5c:44:c1:6b:be:42:e2:75:de:d7:25:89:42:
7d:50:78:c1:91:de:ad:70:23:59:ab:cf:63:d4:84:fe:36:97:
29:24:68:97:5c:2d:c0:b2:93:67:de:4d:b5:3c:a3:ef:fa:9e:
38:3b:59:12:e5:05:1e:38:67:80:14:70:d3:d2:52:59:9d:db:
ee:be:82:4a:2e:20:d0:95:26:09:00:6e:fe:2d:32:6d:78:99:
2f:d2:d3:13:bf:eb:4a:a8:f7:a3:8a:63:04:d4:05:d1:de:ee:
ab:1a:34:21
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICJMQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjkzM0ExMTAvBgNVBAUTKDZFOEVBMUUzMjQwQzBCQjNEMTNCNEQyNzVDNkMwMzI2
QTU2OEVDODcwHhcNMjQxMTI2MTYxMjUwWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ1ZjM4MS1jNzhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6C4HZpk8StNG3vGg4QindKCfUqhAhPSB/ZgTUm/GW7PQTA7r4Lbvh3fjS/A2
0GJ/GfDPg+5gp1H9AK82aXsRJvozAsS0VFlyQhTxJWjqvTzHlkkgjhuJJ2v5zYxV
lRsNrzaJUAGGC2K+gdz/1dECMncpqgZjmfmAdM2nmfBktlbuEUp/5eZSph9FwX9w
RvpOHeDGsBRu2ntRdOTWbsZ9OeDTC8gxNo3yCUPETZbjW9/jxI/roMBnZewmXKct
YHnk/nsIaEarKBIVCWgzvUrEArXaEb8iErBO+qRfauUrYafNUl1DK6e+qwcyT3vt
Necie+0CQxp8ILUt0rA2vZjgyQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFPGt1fGb
Ico6E23x3QShhV2FXs0aMB8GA1UdIwQYMBaAFG6OoeMkDAuz0TtNJ1xsAyalaOyH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOTMzQS81M0ZFMUVGQTJC
NjQxMUU1OEEyRjA3NTRDNEY5QUUwMi9ibzZoNHlRTUM3UFJPMDBuWEd3REpxVm83
SWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JvNmg0eVFNQzdQUk8wMG5YR3dESnFWbzdJYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjkzM0EvNTNGRTFFRkEyQjY0MTFFNThBMkYwNzU0QzRGOUFFMDIvQzYxQjczNEFC
MEFBMTFFNTgwREJGNzI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAJuBXADBAXKBCADBADLY/8wDQYJKoZIhvcNAQELBQADggEB
AF/RFQ27K8EjFH+yLpJUpuYsH9AncjiXNrFU2ebfhe8VUNs6K+fSogXUruEEJWPc
IlJDV0MSSQ1/S5QBX9JfdxwRPkGwQRbB3OuWCbZ3IqnGSOg1ZAbc3/u9XWz59yy/
xpgXyyxd3AL6TDKlOdGqTpIVtSVfkfNY9EO2KuLJCWh8JMa35fCGZJkELfEElW/3
KWYOjS5hXETBa75C4nXe1yWJQn1QeMGR3q1wI1mrz2PUhP42lykkaJdcLcCyk2fe
TbU8o+/6njg7WRLlBR44Z4AUcNPSUlmd2+6+gkouINCVJgkAbv4tMm14mS/S0xO/
60qo96OKYwTUBdHe7qsaNCE=
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:54:37 2025 by rpki-client