Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/3AED95046D0111ECA5893B2BC4F9AE02.roa
File: 3AED95046D0111ECA5893B2BC4F9AE02.roa (raw, json)
Hash identifier: aLX0spZdD1HmaR+qKo3b5UUfl5pW1J8tkF+sIveKmK8=
Subject key identifier: 0E:1B:55:EC:55:BE:6E:E8:4E:A4:90:A7:4E:35:04:40:2A:E4:73:D2
Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Certificate serial: 188F
Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/3AED95046D0111ECA5893B2BC4F9AE02.roa
Signing time: Tue 18 Feb 2025 17:35:22 +0000
ROA not before: Tue 18 Feb 2025 17:35:22 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 18037
IP address blocks: 27.106.200.0/22 maxlen: 22
175.45.110.0/24 maxlen: 24
203.89.64.0/19 maxlen: 19
203.89.67.0/24 maxlen: 24
203.89.73.0/24 maxlen: 24
203.89.90.0/24 maxlen: 24
203.89.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 16:52:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6287 (0x188f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE3D, serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Validity
Not Before: Feb 18 17:35:22 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67b4c4da-5ecd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:02:33:bf:4c:bb:e5:77:00:da:47:32:13:44:
f0:f8:5d:1c:20:c1:9a:9c:7e:c3:48:68:19:27:5f:
73:7e:6e:f5:7a:91:59:29:22:4d:62:35:17:9b:90:
d7:b7:75:3e:3e:d6:49:60:13:98:87:32:43:16:e6:
0b:61:2a:22:d2:5f:3f:aa:8f:ba:9f:f8:f8:5f:94:
60:40:be:f0:20:29:85:e6:11:e9:47:46:40:a7:43:
b9:be:89:01:c0:a6:4f:bb:4b:a9:c6:46:3e:ee:50:
a1:88:85:9a:d6:d4:2e:a4:91:a8:cb:74:87:aa:d5:
b1:c5:ee:20:5f:ba:00:b0:c9:89:26:4f:0d:5f:f7:
d3:57:1e:96:85:94:db:6b:9c:71:15:8a:2d:1b:c7:
e1:ec:27:25:0c:9a:71:fe:2a:2b:d1:13:84:6d:e4:
57:fc:4b:56:b1:64:19:a3:bf:44:f1:78:92:c7:67:
bd:14:ad:d6:2a:ae:86:ce:0f:3b:d0:e4:75:d6:cf:
74:66:d8:4f:3c:17:bc:d9:16:b1:b8:29:57:33:5f:
5c:cf:0f:eb:78:58:b9:1a:09:62:8f:3e:9c:00:7a:
ab:4e:3b:b8:8c:05:a0:51:ed:08:5f:17:71:a5:c5:
aa:73:1a:b8:8c:71:af:53:06:6a:33:5f:60:8e:72:
6d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:1B:55:EC:55:BE:6E:E8:4E:A4:90:A7:4E:35:04:40:2A:E4:73:D2
X509v3 Authority Key Identifier:
keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/3AED95046D0111ECA5893B2BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.106.200.0/22
175.45.110.0/24
203.89.64.0/19
Signature Algorithm: sha256WithRSAEncryption
2b:4f:7e:93:13:17:6a:7c:b6:61:d0:30:fd:64:5c:46:6c:f3:
ff:b4:b9:5d:ca:3f:bc:e3:78:f3:fc:2f:3f:89:0d:c0:b8:68:
ba:c1:89:0f:bb:c0:74:64:90:5f:83:7b:c3:d3:e0:0e:fa:38:
85:db:c4:63:af:fb:b1:99:30:a6:34:d7:42:75:f9:19:c4:0d:
3d:c2:c6:15:b0:3a:41:d4:7b:bc:b8:fb:d9:8f:4d:d7:8b:9d:
9b:0b:6c:60:90:0d:78:7d:cb:fd:37:81:1b:bc:04:c8:75:83:
ca:33:2c:b9:f0:b0:e6:32:f1:25:6c:94:b5:75:aa:45:61:4b:
33:9f:1a:0c:eb:53:9b:67:5b:bd:13:c2:66:17:79:2b:a1:47:
5e:3a:41:45:a4:3b:e3:4c:0e:b6:85:4a:78:ba:0d:48:b4:3f:
bd:24:14:b5:3c:54:6d:cc:9e:00:39:68:79:18:02:6c:9b:b5:
ae:4f:4b:f2:2c:1f:7c:7a:60:50:ed:53:92:61:2c:68:6e:80:
70:bc:e8:66:94:fb:ab:3d:21:97:f0:40:e3:ee:2f:ff:c4:cd:
77:94:20:74:cf:18:dc:b8:96:52:a2:18:e1:83:97:85:a4:8b:
4a:65:a4:b3:2d:f6:a9:2e:93:ee:a2:af:d0:e8:fe:e5:23:82:
a2:85:41:47
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICGI8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE
NDc2Q0JEMDAwHhcNMjUwMjE4MTczNTIyWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I0YzRkYS01ZWNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvwIzv0y75XcA2kcyE0Tw+F0cIMGanH7DSGgZJ19zfm71epFZKSJNYjUXm5DX
t3U+PtZJYBOYhzJDFuYLYSoi0l8/qo+6n/j4X5RgQL7wICmF5hHpR0ZAp0O5vokB
wKZPu0upxkY+7lChiIWa1tQupJGoy3SHqtWxxe4gX7oAsMmJJk8NX/fTVx6WhZTb
a5xxFYotG8fh7CclDJpx/ior0ROEbeRX/EtWsWQZo79E8XiSx2e9FK3WKq6Gzg87
0OR11s90ZthPPBe82RaxuClXM19czw/reFi5Gglijz6cAHqrTju4jAWgUe0IXxdx
pcWqcxq4jHGvUwZqM19gjnJtUwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFA4bVexV
vm7oTqSQp041BEAq5HPSMB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1
REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvM0FFRDk1MDQ2
RDAxMTFFQ0E1ODkzQjJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAIbasgDBACvLW4DBAXLWUAwDQYJKoZIhvcNAQELBQADggEB
ACtPfpMTF2p8tmHQMP1kXEZs8/+0uV3KP7zjePP8Lz+JDcC4aLrBiQ+7wHRkkF+D
e8PT4A76OIXbxGOv+7GZMKY010J1+RnEDT3CxhWwOkHUe7y4+9mPTdeLnZsLbGCQ
DXh9y/03gRu8BMh1g8ozLLnwsOYy8SVslLV1qkVhSzOfGgzrU5tnW70TwmYXeSuh
R146QUWkO+NMDraFSni6DUi0P70kFLU8VG3MngA5aHkYAmybta5PS/IsH3x6YFDt
U5JhLGhugHC86GaU+6s9IZfwQOPuL//EzXeUIHTPGNy4llKiGOGDl4Wki0plpLMt
9qkuk+6ir9Do/uUjgqKFQUc=
-----END CERTIFICATE-----
Generated at Mon Apr 14 01:57:07 2025 by rpki-client