Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/EE375CF036BD11E7B9B7251EC4F9AE02.roa
File: EE375CF036BD11E7B9B7251EC4F9AE02.roa (raw, json)
Hash identifier: WQm0NEP8l4u4Yk4c6maTYK0oUZXH3BQgntJOjnk6iyg=
Subject key identifier: 8A:BA:09:3F:BF:0B:F4:1F:CD:77:C6:DF:D2:54:0F:A5:E7:68:AE:CF
Certificate issuer: /CN=A91EA198/serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD
Certificate serial: 1E88
Authority key identifier: 9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/EE375CF036BD11E7B9B7251EC4F9AE02.roa
Signing time: Wed 22 Jan 2025 08:10:08 +0000
ROA not before: Wed 22 Jan 2025 08:10:08 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 134963
IP address blocks: 14.1.112.0/22 maxlen: 24
43.96.0.0/16 maxlen: 24
43.97.0.0/16 maxlen: 24
43.98.0.0/16 maxlen: 24
43.99.0.0/16 maxlen: 24
43.100.0.0/16 maxlen: 24
43.101.0.0/16 maxlen: 24
43.102.0.0/16 maxlen: 24
43.103.0.0/16 maxlen: 24
43.104.0.0/16 maxlen: 24
43.105.0.0/16 maxlen: 24
43.106.0.0/16 maxlen: 24
43.107.0.0/16 maxlen: 24
43.108.0.0/16 maxlen: 24
43.109.0.0/16 maxlen: 24
43.110.0.0/16 maxlen: 24
43.111.0.0/16 maxlen: 24
43.112.0.0/16 maxlen: 24
43.113.0.0/16 maxlen: 24
43.114.0.0/16 maxlen: 24
43.115.0.0/16 maxlen: 24
43.116.0.0/16 maxlen: 24
43.117.0.0/16 maxlen: 24
43.118.0.0/16 maxlen: 24
43.119.0.0/16 maxlen: 24
43.120.0.0/16 maxlen: 24
43.121.0.0/16 maxlen: 24
43.122.0.0/16 maxlen: 24
43.123.0.0/16 maxlen: 24
43.124.0.0/16 maxlen: 24
43.125.0.0/16 maxlen: 24
43.126.0.0/16 maxlen: 24
43.127.0.0/16 maxlen: 16
43.127.0.0/16 maxlen: 24
103.206.40.0/22 maxlen: 24
240b:4000::/32 maxlen: 48
240b:4001::/32 maxlen: 48
240b:4002::/32 maxlen: 48
240b:4003::/32 maxlen: 48
240b:4004::/32 maxlen: 48
240b:4005::/32 maxlen: 48
240b:4006::/32 maxlen: 48
240b:4007::/32 maxlen: 48
240b:4008::/32 maxlen: 48
240b:4009::/32 maxlen: 48
240b:400a::/32 maxlen: 48
240b:400b::/32 maxlen: 48
240b:400c::/32 maxlen: 48
240b:400d::/32 maxlen: 48
240b:400e::/32 maxlen: 48
240b:400f::/32 maxlen: 48
240b:4010::/32 maxlen: 48
240b:4011::/32 maxlen: 48
240b:4012::/32 maxlen: 48
240b:4013::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl
rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 16:11:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7816 (0x1e88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA198
Validity
Not Before: Jan 22 08:10:08 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6790a7e0-34ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:99:9a:ce:82:45:41:5d:23:44:9d:3f:d2:4e:
97:56:3f:f2:1a:25:78:0c:c1:5a:6e:7f:fe:79:6b:
13:2f:80:84:a9:c9:62:f4:55:55:90:c4:48:97:d5:
26:b0:be:64:86:37:14:b8:bd:63:54:99:6c:61:35:
a8:74:33:64:25:a0:71:dd:a0:32:b1:99:5b:b5:b6:
9b:b6:09:d0:a7:0f:7e:73:16:a2:be:69:a1:f1:31:
48:43:d3:e6:df:97:ab:4e:6a:e5:12:6b:ab:47:6b:
17:a4:57:60:18:97:59:df:8a:98:b6:79:02:74:87:
1b:d1:b0:02:02:55:7e:4f:bf:4b:2f:00:e5:6f:db:
62:bf:49:58:56:9b:d1:f0:45:ca:c1:c5:8d:4c:3a:
cd:97:ca:2e:2e:49:da:81:b0:79:a1:94:df:0e:1e:
02:dc:bb:92:c5:db:8b:4f:90:cd:ce:54:fd:ff:3a:
fc:76:97:a7:10:7a:57:a7:98:dd:2c:2b:27:bf:43:
a9:24:34:34:68:10:a8:9e:b9:de:60:98:73:03:17:
fb:4f:f7:1b:ac:d6:3c:49:b6:79:b3:f1:b0:00:d4:
5b:c9:29:2d:14:78:f2:2f:f1:e9:50:17:ee:84:b4:
7a:11:29:d3:af:5b:33:d6:08:ef:2d:ee:b6:b6:f1:
80:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:BA:09:3F:BF:0B:F4:1F:CD:77:C6:DF:D2:54:0F:A5:E7:68:AE:CF
X509v3 Authority Key Identifier:
keyid:9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/EE375CF036BD11E7B9B7251EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.1.112.0/22
43.96.0.0/11
103.206.40.0/22
IPv6:
240b:4000::-240b:4013:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
23:84:ae:9b:bc:c0:6e:0a:f6:2d:5e:a1:a4:db:60:b4:54:74:
84:fa:01:b5:f0:88:b1:87:74:c7:ac:4f:e1:e0:82:91:de:77:
df:3d:82:da:ce:f7:1f:fa:f2:4b:0e:8c:26:e1:f5:1f:67:c5:
2c:ad:a3:57:2a:79:9e:7e:0d:be:42:55:2b:9e:7d:91:59:1c:
00:a8:2a:1e:50:39:99:a2:33:9d:26:88:c2:54:61:11:43:28:
e1:5a:43:c8:7a:d8:ff:4a:7a:73:41:c8:49:ee:49:49:2e:de:
49:f0:08:7b:a7:b4:e4:31:35:cb:88:a8:d2:a0:8c:ca:47:01:
92:2a:43:ec:08:ec:cb:02:de:16:4f:d2:ac:10:bc:2f:9c:d4:
e5:40:87:5e:e4:35:73:c4:e4:a6:4e:08:fd:95:2f:43:c3:a2:
37:e7:5a:8a:08:34:f5:e8:04:48:67:91:56:4c:bc:d4:1c:60:
d0:3a:af:7c:d9:bc:5c:11:9f:a0:07:60:97:d1:8f:f5:32:27:
d7:b0:41:86:9c:e1:56:8f:21:09:98:4f:00:7f:8c:1d:92:2e:
01:ab:0a:17:bc:0f:5b:a3:78:69:c8:c9:da:75:26:30:c8:22:
53:67:f7:1b:7f:ac:a0:87:64:dd:57:2a:35:9d:db:3f:4a:bb:
0b:09:b8:cb
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICHogwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUExOTgxMTAvBgNVBAUTKDlFMUMzNTMxRDAwNDVFQTM4OUI2OENGRjkyODZBMDhG
QkNCQkQ4QkQwHhcNMjUwMTIyMDgxMDA4WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkwYTdlMC0zNGNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzZmazoJFQV0jRJ0/0k6XVj/yGiV4DMFabn/+eWsTL4CEqcli9FVVkMRIl9Um
sL5khjcUuL1jVJlsYTWodDNkJaBx3aAysZlbtbabtgnQpw9+cxaivmmh8TFIQ9Pm
35erTmrlEmurR2sXpFdgGJdZ34qYtnkCdIcb0bACAlV+T79LLwDlb9tiv0lYVpvR
8EXKwcWNTDrNl8ouLknagbB5oZTfDh4C3LuSxduLT5DNzlT9/zr8dpenEHpXp5jd
LCsnv0OpJDQ0aBConrneYJhzAxf7T/cbrNY8SbZ5s/GwANRbySktFHjyL/HpUBfu
hLR6ESnTr1sz1gjvLe62tvGArwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFIq6CT+/
C/QfzXfG39JUD6XnaK7PMB8GA1UdIwQYMBaAFJ4cNTHQBF6jibaM/5KGoI+8u9i9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTE5OC85OTNGMjA5MEFC
QzQxMUU2QkQ2QkVEMTRDNEY5QUUwMi9uaHcxTWRBRVhxT0p0b3pfa29hZ2o3eTcy
TDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25odzFNZEFFWHFPSnRvel9rb2Fnajd5NzJMMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUExOTgvOTkzRjIwOTBBQkM0MTFFNkJENkJFRDE0QzRGOUFFMDIvRUUzNzVDRjAz
NkJEMTFFN0I5QjcyNTFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMBcEAgABMBEDBAIOAXADAwUrYAMEAmfOKDAVBAIAAjAPMA0DBAYkC0ADBQIk
C0AQMA0GCSqGSIb3DQEBCwUAA4IBAQAjhK6bvMBuCvYtXqGk22C0VHSE+gG18Iix
h3THrE/h4IKR3nffPYLazvcf+vJLDowm4fUfZ8UsraNXKnmefg2+QlUrnn2RWRwA
qCoeUDmZojOdJojCVGERQyjhWkPIetj/SnpzQchJ7klJLt5J8Ah7p7TkMTXLiKjS
oIzKRwGSKkPsCOzLAt4WT9KsELwvnNTlQIde5DVzxOSmTgj9lS9Dw6I351qKCDT1
6ARIZ5FWTLzUHGDQOq982bxcEZ+gB2CX0Y/1MifXsEGGnOFWjyEJmE8Af4wdki4B
qwoXvA9bo3hpyMnadSYwyCJTZ/cbf6ygh2TdVyo1nds/SrsLCbjL
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:54:15 2025 by rpki-client