Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2364/8FE71786FF9B11E9B7F4A772C4F9AE02/FED80F56E19811EC860C6F38C4F9AE02.roa
File: FED80F56E19811EC860C6F38C4F9AE02.roa (raw, json)
Hash identifier: p6SITTbljN0hlBU7f4+8nDHZna6GzHkYBhTzSZbqV7g=
Subject key identifier: 82:15:9A:0F:9F:58:0C:71:95:FE:40:0A:47:C5:07:B9:6F:F3:51:7F
Certificate issuer: /CN=A91E2364/serialNumber=647B149EF016CC5356A7ED730F133E002C0E7FAA
Certificate serial: 0C43
Authority key identifier: 64:7B:14:9E:F0:16:CC:53:56:A7:ED:73:0F:13:3E:00:2C:0E:7F:AA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZHsUnvAWzFNWp-1zDxM-ACwOf6o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E2364/8FE71786FF9B11E9B7F4A772C4F9AE02/FED80F56E19811EC860C6F38C4F9AE02.roa
Signing time: Thu 12 Dec 2024 18:37:10 +0000
ROA not before: Thu 12 Dec 2024 18:37:10 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 45498
IP address blocks: 27.109.112.0/22 maxlen: 22
27.109.112.0/23 maxlen: 23
27.109.112.0/24 maxlen: 24
27.109.113.0/24 maxlen: 24
27.109.114.0/23 maxlen: 23
27.109.114.0/24 maxlen: 24
27.109.115.0/24 maxlen: 24
103.145.136.0/23 maxlen: 23
103.145.136.0/24 maxlen: 24
103.145.137.0/24 maxlen: 24
117.20.112.0/21 maxlen: 21
117.20.112.0/22 maxlen: 24
117.20.116.0/22 maxlen: 24
202.93.153.0/24 maxlen: 24
202.129.236.0/24 maxlen: 24
203.118.242.0/24 maxlen: 24
2401:9700:1000::/40 maxlen: 42
2401:9700:1010::/48 maxlen: 48
2401:9700:2000::/40 maxlen: 42
2401:9700:2100::/40 maxlen: 42
2401:9700:2200::/40 maxlen: 42
2401:9700:2300::/40 maxlen: 42
2401:9700:2400::/40 maxlen: 42
2401:9700:2500::/40 maxlen: 42
2401:9700:3000::/40 maxlen: 42
2401:9700:4000::/40 maxlen: 42
2401:9700:5000::/40 maxlen: 42
2401:9700:6000::/40 maxlen: 42
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E2364/8FE71786FF9B11E9B7F4A772C4F9AE02/ZHsUnvAWzFNWp-1zDxM-ACwOf6o.crl
rsync://rpki.apnic.net/member_repository/A91E2364/8FE71786FF9B11E9B7F4A772C4F9AE02/ZHsUnvAWzFNWp-1zDxM-ACwOf6o.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZHsUnvAWzFNWp-1zDxM-ACwOf6o.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 18:25:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3139 (0xc43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E2364
Validity
Not Before: Dec 12 18:37:10 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=675b2d56-bb85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f1:88:75:7e:57:86:c5:5d:c9:44:5d:43:08:
62:c4:06:2f:46:e3:e8:55:91:ce:2a:23:6e:35:10:
98:11:92:fb:40:40:5e:71:1e:f9:a9:9b:cf:bb:1c:
55:a8:3c:40:90:9e:90:11:20:fc:69:a8:a9:a4:6b:
fc:f3:32:05:8e:81:93:0d:65:29:fd:f3:bf:82:82:
9e:1d:a8:1f:1f:e6:bc:03:48:7a:f4:0b:43:d8:17:
f9:59:f8:80:08:97:29:de:7c:e4:b1:62:66:89:18:
88:34:b0:e2:a3:69:d3:f7:fd:95:6a:cd:ee:91:79:
18:c9:f9:e7:fc:07:47:b1:44:a3:35:ac:ef:02:ee:
a2:f2:bd:75:7b:84:4b:8a:f3:44:6b:1a:24:62:59:
d0:6c:f8:2b:52:a9:be:ed:a9:d7:ef:dd:87:1f:b4:
d9:08:5a:6c:59:36:01:b8:f9:bc:02:ab:7c:3a:d3:
e6:9c:48:15:1c:b1:fb:84:07:f7:a8:e6:da:40:65:
57:80:07:b7:4f:1f:49:cc:01:cb:90:c2:fa:e3:d8:
21:e2:b6:29:cc:c8:ab:86:99:ec:35:33:c1:93:08:
dc:73:9b:1b:84:a9:02:44:eb:75:cb:e9:18:fc:39:
a2:66:d3:67:14:68:a6:7d:db:aa:34:6f:4a:b2:b4:
cf:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:15:9A:0F:9F:58:0C:71:95:FE:40:0A:47:C5:07:B9:6F:F3:51:7F
X509v3 Authority Key Identifier:
keyid:64:7B:14:9E:F0:16:CC:53:56:A7:ED:73:0F:13:3E:00:2C:0E:7F:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E2364/8FE71786FF9B11E9B7F4A772C4F9AE02/ZHsUnvAWzFNWp-1zDxM-ACwOf6o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZHsUnvAWzFNWp-1zDxM-ACwOf6o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2364/8FE71786FF9B11E9B7F4A772C4F9AE02/FED80F56E19811EC860C6F38C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.109.112.0/22
103.145.136.0/23
117.20.112.0/21
202.93.153.0/24
202.129.236.0/24
203.118.242.0/24
IPv6:
2401:9700:1000::/40
2401:9700:2000::-2401:9700:25ff:ffff:ffff:ffff:ffff:ffff
2401:9700:3000::/40
2401:9700:4000::/40
2401:9700:5000::/40
2401:9700:6000::/40
Signature Algorithm: sha256WithRSAEncryption
d0:8c:e1:7d:9b:c7:9c:a0:fb:da:28:d6:18:3b:ba:a6:b0:00:
fa:b1:96:35:85:d5:51:c0:83:98:d9:31:05:1d:9a:59:14:f5:
61:2a:ee:f5:0f:e5:a6:aa:fa:39:d8:4b:7d:7b:85:38:f5:ca:
17:62:6b:12:cd:fe:16:5a:ce:c7:70:f5:c8:00:7c:0a:94:1f:
72:c9:34:bb:5d:16:bc:bf:05:35:49:1f:33:cc:43:b5:25:2d:
d7:3d:0c:35:83:77:d8:bf:9b:08:fb:5d:8a:41:8a:91:ec:a4:
ef:bd:c3:8b:9e:f8:22:ae:57:8e:3f:a0:ad:53:b4:78:68:c4:
03:8f:8c:ad:18:70:aa:33:c4:fb:2d:0f:cc:59:06:52:4b:ef:
af:e5:b7:a6:9d:e2:d7:69:0c:0c:08:e9:9f:d8:f6:51:62:b7:
e3:a6:16:21:2e:1d:20:d2:ab:a4:65:1d:c3:96:c3:a6:6c:9f:
a9:40:5d:06:c6:de:0a:83:8e:ee:61:92:be:45:61:b5:e2:72:
96:a0:31:bc:7c:02:8b:3b:ad:6c:d0:71:bb:71:35:de:d5:07:
cc:bd:05:29:1c:18:86:06:c2:ae:46:e1:83:83:8a:2a:c8:b1:
19:c9:f0:eb:5b:46:1d:c8:57:e4:33:13:00:72:d7:70:c6:de:
05:f1:d8:0d
-----BEGIN CERTIFICATE-----
MIIF0TCCBLmgAwIBAgICDEMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTIzNjQxMTAvBgNVBAUTKDY0N0IxNDlFRjAxNkNDNTM1NkE3RUQ3MzBGMTMzRTAw
MkMwRTdGQUEwHhcNMjQxMjEyMTgzNzEwWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzViMmQ1Ni1iYjg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyvGIdX5XhsVdyURdQwhixAYvRuPoVZHOKiNuNRCYEZL7QEBecR75qZvPuxxV
qDxAkJ6QESD8aaippGv88zIFjoGTDWUp/fO/goKeHagfH+a8A0h69AtD2Bf5WfiA
CJcp3nzksWJmiRiINLDio2nT9/2Vas3ukXkYyfnn/AdHsUSjNazvAu6i8r11e4RL
ivNEaxokYlnQbPgrUqm+7anX792HH7TZCFpsWTYBuPm8Aqt8OtPmnEgVHLH7hAf3
qObaQGVXgAe3Tx9JzAHLkML649gh4rYpzMirhpnsNTPBkwjcc5sbhKkCROt1y+kY
/DmiZtNnFGimfduqNG9KsrTPPwIDAQABo4IC9TCCAvEwHQYDVR0OBBYEFIIVmg+f
WAxxlf5ACkfFB7lv81F/MB8GA1UdIwQYMBaAFGR7FJ7wFsxTVqftcw8TPgAsDn+q
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjM2NC84RkU3MTc4NkZG
OUIxMUU5QjdGNEE3NzJDNEY5QUUwMi9aSHNVbnZBV3pGTldwLTF6RHhNLUFDd09m
Nm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pIc1VudkFXekZOV3AtMXpEeE0tQUN3T2Y2by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTIzNjQvOEZFNzE3ODZGRjlCMTFFOUI3RjRBNzcyQzRGOUFFMDIvRkVEODBGNTZF
MTk4MTFFQzg2MEM2RjM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfwYIKwYBBQUHAQcBAf8E
cDBuMCoEAgABMCQDBAIbbXADBAFnkYgDBAN1FHADBADKXZkDBADKgewDBADLdvIw
QAQCAAIwOgMGACQBlwAQMBADBgUkAZcAIAMGASQBlwAkAwYAJAGXADADBgAkAZcA
QAMGACQBlwBQAwYAJAGXAGAwDQYJKoZIhvcNAQELBQADggEBANCM4X2bx5yg+9oo
1hg7uqawAPqxljWF1VHAg5jZMQUdmlkU9WEq7vUP5aaq+jnYS317hTj1yhdiaxLN
/hZazsdw9cgAfAqUH3LJNLtdFry/BTVJHzPMQ7UlLdc9DDWDd9i/mwj7XYpBipHs
pO+9w4ue+CKuV44/oK1TtHhoxAOPjK0YcKozxPstD8xZBlJL76/lt6ad4tdpDAwI
6Z/Y9lFit+OmFiEuHSDSq6RlHcOWw6Zsn6lAXQbG3gqDju5hkr5FYbXicpagMbx8
Aos7rWzQcbtxNd7VB8y9BSkcGIYGwq5G4YODiirIsRnJ8OtbRh3IV+QzEwBy13DG
3gXx2A0=
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:42:47 2025 by rpki-client