Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/844CFD1C5BAA11EFBAF22B7FC4F9AE02.roa
File: 844CFD1C5BAA11EFBAF22B7FC4F9AE02.roa (raw, json)
Hash identifier: F0EI0pjKdFSXXJaNRIeZAVVcc/1UvTOq8MA6ZbeocbA=
Subject key identifier: 08:29:A3:A4:AB:2E:8E:8B:C1:72:E0:35:DC:CA:9B:A3:B5:19:F0:C6
Certificate issuer: /CN=A91DF863/serialNumber=39CE15DB36739A22CAEE64E0CF8BA31F5A6B9348
Certificate serial: 32C7
Authority key identifier: 39:CE:15:DB:36:73:9A:22:CA:EE:64:E0:CF:8B:A3:1F:5A:6B:93:48
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oc4V2zZzmiLK7mTgz4ujH1prk0g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/844CFD1C5BAA11EFBAF22B7FC4F9AE02.roa
Signing time: Fri 20 Dec 2024 15:51:56 +0000
ROA not before: Fri 20 Dec 2024 15:51:56 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 24482
IP address blocks: 49.213.16.0/20 maxlen: 21
49.213.20.0/24 maxlen: 24
49.213.28.0/22 maxlen: 22
103.14.244.0/22 maxlen: 24
116.251.208.0/20 maxlen: 22
116.251.208.0/24 maxlen: 24
116.251.209.0/24 maxlen: 24
116.251.210.0/24 maxlen: 24
116.251.211.0/24 maxlen: 24
116.251.212.0/24 maxlen: 24
116.251.213.0/24 maxlen: 24
116.251.214.0/24 maxlen: 24
116.251.215.0/24 maxlen: 24
116.251.216.0/24 maxlen: 24
116.251.217.0/24 maxlen: 24
116.251.218.0/24 maxlen: 24
116.251.219.0/24 maxlen: 24
116.251.220.0/24 maxlen: 24
116.251.221.0/24 maxlen: 24
116.251.222.0/24 maxlen: 24
116.251.223.0/24 maxlen: 24
124.6.32.0/20 maxlen: 20
124.6.32.0/20 maxlen: 24
124.6.32.0/22 maxlen: 22
124.6.32.0/24 maxlen: 24
124.6.33.0/24 maxlen: 24
124.6.34.0/24 maxlen: 24
124.6.35.0/24 maxlen: 24
124.6.36.0/22 maxlen: 22
124.6.36.0/24 maxlen: 24
124.6.37.0/24 maxlen: 24
124.6.38.0/24 maxlen: 24
124.6.39.0/24 maxlen: 24
124.6.40.0/22 maxlen: 22
124.6.40.0/24 maxlen: 24
124.6.41.0/24 maxlen: 24
124.6.42.0/24 maxlen: 24
124.6.43.0/24 maxlen: 24
124.6.44.0/22 maxlen: 22
124.6.44.0/24 maxlen: 24
124.6.45.0/24 maxlen: 24
124.6.46.0/24 maxlen: 24
124.6.47.0/24 maxlen: 24
124.6.48.0/21 maxlen: 24
163.47.176.0/22 maxlen: 24
203.175.160.0/20 maxlen: 24
2405:4200::/32 maxlen: 32
2405:4200::/32 maxlen: 48
2405:4200:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/Oc4V2zZzmiLK7mTgz4ujH1prk0g.crl
rsync://rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/Oc4V2zZzmiLK7mTgz4ujH1prk0g.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oc4V2zZzmiLK7mTgz4ujH1prk0g.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 15:28:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12999 (0x32c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DF863
Validity
Not Before: Dec 20 15:51:56 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6765929c-4034
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:cc:22:3a:7f:01:0b:b2:7c:37:52:ce:bd:51:
5a:eb:42:15:c6:a0:91:81:f3:d1:df:19:3c:fc:cc:
cf:a6:2b:fb:6d:c4:ad:f8:05:38:81:58:40:60:b8:
46:57:b0:1c:63:be:cb:bc:17:58:a7:5e:04:4d:38:
bb:2a:ea:cd:be:cf:d8:4e:87:b9:83:ef:d9:63:27:
16:31:4e:da:9d:00:6b:b8:61:d0:cb:b6:94:67:c3:
bb:da:55:6a:a4:3f:7d:df:3d:7b:45:04:fb:ff:eb:
a3:0e:e7:27:69:1b:d9:6c:7a:5e:e7:06:2f:91:39:
0e:14:c5:82:8f:94:87:bc:43:29:f6:14:5d:fa:02:
24:fb:51:03:b9:f3:8f:99:fa:98:db:69:45:62:f2:
9c:81:5b:37:24:2a:3d:9f:c5:b2:95:18:9e:44:c5:
d8:3e:fc:84:45:f5:a9:be:ed:1a:95:dc:7f:0b:60:
3e:3f:1c:31:c0:a0:a8:1d:de:ee:f7:2c:3e:ae:55:
d2:e9:31:27:cf:6f:0a:93:9f:93:d3:cd:b5:f1:12:
e4:79:fe:76:90:16:43:65:56:35:26:71:88:2d:63:
00:06:c7:52:7a:bd:5c:8a:65:4b:45:7a:b6:7f:87:
07:b2:d7:05:d1:fa:32:a9:e3:c5:b4:79:d6:d9:d9:
05:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:29:A3:A4:AB:2E:8E:8B:C1:72:E0:35:DC:CA:9B:A3:B5:19:F0:C6
X509v3 Authority Key Identifier:
keyid:39:CE:15:DB:36:73:9A:22:CA:EE:64:E0:CF:8B:A3:1F:5A:6B:93:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/Oc4V2zZzmiLK7mTgz4ujH1prk0g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oc4V2zZzmiLK7mTgz4ujH1prk0g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF863/BFE54A68815B11E29B58A73B3292B5E8/844CFD1C5BAA11EFBAF22B7FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.213.16.0/20
103.14.244.0/22
116.251.208.0/20
124.6.32.0-124.6.55.255
163.47.176.0/22
203.175.160.0/20
IPv6:
2405:4200::/32
Signature Algorithm: sha256WithRSAEncryption
59:a2:35:1c:c0:82:c4:42:d8:82:d5:19:e7:31:51:34:d8:ea:
1c:2b:19:7d:39:3f:b0:cf:3b:03:63:d8:2d:45:a2:3f:c8:59:
e2:60:78:f4:70:c0:18:fd:53:80:07:27:cc:73:26:94:6e:8f:
1b:3a:f1:a8:24:61:88:65:e6:cd:af:08:9a:71:f2:12:b7:57:
90:5a:bd:9e:0e:ed:0e:90:d9:f3:5e:f4:37:03:41:0a:bb:c2:
e7:68:61:ba:95:db:ea:07:91:97:9c:90:a1:b6:b6:b1:6c:f0:
ac:92:c3:ee:27:d3:8c:a2:53:34:8d:db:a1:78:9c:ac:d3:d5:
5c:7f:6b:10:60:34:ae:84:76:3e:7f:2f:0d:a8:fe:d3:3d:b9:
52:8c:9b:32:59:63:a9:c1:b0:49:4e:9a:b0:2d:3b:6b:7b:11:
b1:ab:f0:0e:d1:21:f3:2d:ef:86:4d:9c:ba:14:28:62:b3:fc:
ed:d2:df:4a:c3:3b:8e:e5:06:43:53:42:48:17:2e:c3:36:bd:
4d:41:cc:85:7d:ce:b7:86:92:f7:9b:23:89:39:a2:b0:89:ea:
75:a1:a8:a1:61:91:b1:ec:1b:59:69:fd:b0:2c:97:52:f1:f3:
31:fd:1f:b3:65:91:49:17:a2:9d:4c:2e:90:56:70:a3:11:47:
d9:e9:a6:18
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgICMscwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REY4NjMxMTAvBgNVBAUTKDM5Q0UxNURCMzY3MzlBMjJDQUVFNjRFMENGOEJBMzFG
NUE2QjkzNDgwHhcNMjQxMjIwMTU1MTU2WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY1OTI5Yy00MDM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtMwiOn8BC7J8N1LOvVFa60IVxqCRgfPR3xk8/MzPpiv7bcSt+AU4gVhAYLhG
V7AcY77LvBdYp14ETTi7KurNvs/YToe5g+/ZYycWMU7anQBruGHQy7aUZ8O72lVq
pD993z17RQT7/+ujDucnaRvZbHpe5wYvkTkOFMWCj5SHvEMp9hRd+gIk+1EDufOP
mfqY22lFYvKcgVs3JCo9n8WylRieRMXYPvyERfWpvu0aldx/C2A+PxwxwKCoHd7u
9yw+rlXS6TEnz28Kk5+T08218RLkef52kBZDZVY1JnGILWMABsdSer1cimVLRXq2
f4cHstcF0foyqePFtHnW2dkF1wIDAQABo4ICyjCCAsYwHQYDVR0OBBYEFAgpo6Sr
Lo6LwXLgNdzKm6O1GfDGMB8GA1UdIwQYMBaAFDnOFds2c5oiyu5k4M+Lox9aa5NI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjg2My9CRkU1NEE2ODgx
NUIxMUUyOUI1OEE3M0IzMjkyQjVFOC9PYzRWMnpaem1pTEs3bVRnejR1akgxcHJr
MGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09jNFYyelp6bWlMSzdtVGd6NHVqSDFwcmswZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REY4NjMvQkZFNTRBNjg4MTVCMTFFMjlCNThBNzNCMzI5MkI1RTgvODQ0Q0ZEMUM1
QkFBMTFFRkJBRjIyQjdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVAYIKwYBBQUHAQcBAf8E
RTBDMDIEAgABMCwDBAQx1RADBAJnDvQDBAR0+9AwDAMEBXwGIAMEA3wGMAMEAqMv
sAMEBMuvoDANBAIAAjAHAwUAJAVCADANBgkqhkiG9w0BAQsFAAOCAQEAWaI1HMCC
xELYgtUZ5zFRNNjqHCsZfTk/sM87A2PYLUWiP8hZ4mB49HDAGP1TgAcnzHMmlG6P
GzrxqCRhiGXmza8ImnHyErdXkFq9ng7tDpDZ8170NwNBCrvC52hhupXb6geRl5yQ
oba2sWzwrJLD7ifTjKJTNI3boXicrNPVXH9rEGA0roR2Pn8vDaj+0z25UoybMllj
qcGwSU6asC07a3sRsavwDtEh8y3vhk2cuhQoYrP87dLfSsM7juUGQ1NCSBcuwza9
TUHMhX3Ot4aS95sjiTmisInqdaGooWGRsewbWWn9sCyXUvHzMf0fs2WRSReinUwu
kFZwoxFH2emmGA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:52:16 2025 by rpki-client