Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/FDDC1EAECA0711EE9429754DC4F9AE02.roa
File: FDDC1EAECA0711EE9429754DC4F9AE02.roa (raw, json)
Hash identifier: rx0eRPu2xzrisWwtDOzb2vQcxB4j/OQ/aSmmEmceSy8=
Subject key identifier: 54:8F:7A:66:F7:1E:24:D7:16:FF:DD:70:C7:50:DB:B0:32:BA:37:DB
Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Certificate serial: 189E
Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/FDDC1EAECA0711EE9429754DC4F9AE02.roa
Signing time: Tue 18 Feb 2025 17:35:39 +0000
ROA not before: Tue 18 Feb 2025 17:35:39 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 9443
IP address blocks: 14.137.64.0/18 maxlen: 18
14.137.192.0/19 maxlen: 19
58.178.0.0/16 maxlen: 16
58.179.0.0/16 maxlen: 16
111.220.0.0/16 maxlen: 16
112.141.0.0/16 maxlen: 16
112.213.128.0/18 maxlen: 18
116.240.0.0/16 maxlen: 16
121.79.126.0/23 maxlen: 23
122.148.0.0/16 maxlen: 16
122.150.0.0/16 maxlen: 16
122.151.0.0/16 maxlen: 16
125.168.0.0/16 maxlen: 16
202.4.64.0/19 maxlen: 19
202.14.191.0/24 maxlen: 24
202.61.12.0/24 maxlen: 24
202.61.13.0/24 maxlen: 24
202.62.128.0/19 maxlen: 19
202.67.64.0/18 maxlen: 18
202.86.113.0/24 maxlen: 24
202.86.114.0/23 maxlen: 23
202.86.116.0/23 maxlen: 23
202.86.118.0/24 maxlen: 24
202.130.195.0/24 maxlen: 24
202.130.205.0/24 maxlen: 24
202.136.32.0/20 maxlen: 20
202.138.0.0/18 maxlen: 18
202.147.128.0/20 maxlen: 20
202.154.64.0/18 maxlen: 18
203.16.9.0/24 maxlen: 24
203.16.170.0/24 maxlen: 24
203.23.116.0/24 maxlen: 24
203.24.100.0/23 maxlen: 23
203.55.252.0/24 maxlen: 24
203.56.5.0/24 maxlen: 24
203.62.135.0/24 maxlen: 24
203.91.224.0/19 maxlen: 19
203.91.224.0/20 maxlen: 20
203.91.240.0/21 maxlen: 21
203.132.224.0/19 maxlen: 19
203.134.0.0/17 maxlen: 17
203.134.128.0/18 maxlen: 18
203.142.128.0/19 maxlen: 19
203.161.160.0/20 maxlen: 20
203.190.192.0/20 maxlen: 20
203.191.160.0/19 maxlen: 19
203.212.128.0/19 maxlen: 19
210.50.0.0/16 maxlen: 16
210.86.240.0/20 maxlen: 20
211.26.0.0/16 maxlen: 16
211.27.0.0/16 maxlen: 16
218.214.0.0/16 maxlen: 16
218.215.0.0/16 maxlen: 16
2403:4800::/32 maxlen: 32
2403:9e00::/32 maxlen: 32
2403:fc00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 17:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6302 (0x189e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE3D
Validity
Not Before: Feb 18 17:35:39 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67b4c4ea-efdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:7f:ae:f7:fd:14:35:15:f1:18:d7:59:07:23:
8c:e3:59:15:0e:1d:e8:a9:cd:36:d5:93:47:e9:30:
49:62:5b:7e:48:f3:3c:31:36:9d:3c:7a:76:8c:34:
28:70:f2:58:98:e2:70:7d:85:b1:02:04:30:d8:33:
97:f3:78:3d:37:d2:7f:46:da:0c:54:f7:92:8c:64:
4f:0d:3a:16:f3:b6:2a:aa:d3:f4:7e:c5:a5:4d:ae:
aa:43:cf:b1:70:90:5d:2c:08:45:1a:e3:d3:70:85:
b0:43:75:7f:45:76:2d:13:3e:51:a1:41:98:05:e0:
b0:17:42:e5:c1:f8:02:05:f3:c3:8a:13:7c:4c:d4:
8d:76:e0:98:10:28:1d:a9:e2:5f:f8:bd:32:5c:e2:
28:65:c3:c9:a4:47:77:30:54:cc:e9:a2:1a:4c:72:
4e:af:af:cc:1b:2f:1e:46:7c:1a:5d:71:6d:ab:0a:
62:e0:95:5d:68:7b:46:10:47:f5:4a:e9:09:f0:a2:
2a:73:be:4e:95:0f:c4:44:58:77:07:a4:b5:85:89:
fe:6e:33:25:85:c5:e9:77:12:c4:92:c9:6a:96:59:
2a:90:8e:a4:fe:0a:10:4e:66:24:99:97:22:1f:03:
92:a6:c3:33:d3:ca:74:ee:3d:6d:9d:c1:b6:97:ea:
22:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:8F:7A:66:F7:1E:24:D7:16:FF:DD:70:C7:50:DB:B0:32:BA:37:DB
X509v3 Authority Key Identifier:
keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/FDDC1EAECA0711EE9429754DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.137.64.0/18
14.137.192.0/19
58.178.0.0/15
111.220.0.0/16
112.141.0.0/16
112.213.128.0/18
116.240.0.0/16
121.79.126.0/23
122.148.0.0/16
122.150.0.0/15
125.168.0.0/16
202.4.64.0/19
202.14.191.0/24
202.61.12.0/23
202.62.128.0/19
202.67.64.0/18
202.86.113.0-202.86.118.255
202.130.195.0/24
202.130.205.0/24
202.136.32.0/20
202.138.0.0/18
202.147.128.0/20
202.154.64.0/18
203.16.9.0/24
203.16.170.0/24
203.23.116.0/24
203.24.100.0/23
203.55.252.0/24
203.56.5.0/24
203.62.135.0/24
203.91.224.0/19
203.132.224.0/19
203.134.0.0-203.134.191.255
203.142.128.0/19
203.161.160.0/20
203.190.192.0/20
203.191.160.0/19
203.212.128.0/19
210.50.0.0/16
210.86.240.0/20
211.26.0.0/15
218.214.0.0/15
IPv6:
2403:4800::/32
2403:9e00::/32
2403:fc00::/32
Signature Algorithm: sha256WithRSAEncryption
11:1b:43:89:4f:5a:1f:b6:71:27:35:94:0d:ea:8c:3a:28:7e:
4b:1d:12:bb:71:6e:3f:3e:b9:83:70:dd:c0:93:91:c6:13:e2:
53:06:d5:2d:3d:84:40:9f:bd:be:4f:8c:77:41:c4:27:91:fa:
49:a8:bb:81:27:b6:5e:56:ef:be:78:dc:46:c9:9a:55:48:b7:
7b:36:b3:30:28:b8:86:24:85:4d:89:74:f2:95:38:f8:e4:47:
ed:ef:15:75:21:97:b7:0e:ca:82:6a:7c:47:7b:6d:9f:0d:6f:
65:16:6b:36:36:bc:61:4e:6f:06:77:58:be:9f:6a:72:4c:4c:
a0:6f:32:1e:07:b8:44:0f:c4:2d:98:a4:86:d6:ff:30:d0:9c:
dc:83:b9:a3:63:14:6b:36:eb:8a:36:db:3f:21:f7:08:c5:35:
44:8c:f9:be:f1:ec:dc:d7:d4:ce:3c:7c:25:40:50:c9:6d:b1:
63:08:60:77:d9:41:c3:67:85:c7:a9:28:e5:c3:d8:23:8f:ee:
8b:4d:0b:1d:d7:d8:cd:ed:ee:83:32:4f:95:2a:07:f8:3c:f6:
2d:44:a7:17:d8:ad:53:f8:31:c3:76:1b:61:01:36:6b:21:dd:
8d:af:ab:5b:bb:f6:ec:97:60:1f:81:2b:16:fb:dc:cf:e8:8b:
20:fb:e8:e6
-----BEGIN CERTIFICATE-----
MIIGkzCCBXugAwIBAgICGJ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE
NDc2Q0JEMDAwHhcNMjUwMjE4MTczNTM5WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I0YzRlYS1lZmRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxn+u9/0UNRXxGNdZByOM41kVDh3oqc021ZNH6TBJYlt+SPM8MTadPHp2jDQo
cPJYmOJwfYWxAgQw2DOX83g9N9J/RtoMVPeSjGRPDToW87YqqtP0fsWlTa6qQ8+x
cJBdLAhFGuPTcIWwQ3V/RXYtEz5RoUGYBeCwF0LlwfgCBfPDihN8TNSNduCYECgd
qeJf+L0yXOIoZcPJpEd3MFTM6aIaTHJOr6/MGy8eRnwaXXFtqwpi4JVdaHtGEEf1
SukJ8KIqc75OlQ/ERFh3B6S1hYn+bjMlhcXpdxLEkslqllkqkI6k/goQTmYkmZci
HwOSpsMz08p07j1tncG2l+oiGQIDAQABo4IDtzCCA7MwHQYDVR0OBBYEFFSPemb3
HiTXFv/dcMdQ27AyujfbMB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1
REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvRkREQzFFQUVD
QTA3MTFFRTk0Mjk3NTREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggE/BggrBgEFBQcBBwEB
/wSCAS4wggEqMIIBCQQCAAEwggEBAwQGDolAAwQFDonAAwMBOrIDAwBv3AMDAHCN
AwQGcNWAAwMAdPADBAF5T34DAwB6lAMDAXqWAwMAfagDBAXKBEADBADKDr8DBAHK
PQwDBAXKPoADBAbKQ0AwDAMEAMpWcQMEAMpWdgMEAMqCwwMEAMqCzQMEBMqIIAME
BsqKAAMEBMqTgAMEBsqaQAMEAMsQCQMEAMsQqgMEAMsXdAMEAcsYZAMEAMs3/AME
AMs4BQMEAMs+hwMEBctb4AMEBcuE4DALAwMBy4YDBAbLhoADBAXLjoADBATLoaAD
BATLvsADBAXLv6ADBAXL1IADAwDSMgMEBNJW8AMDAdMaAwMB2tYwGwQCAAIwFQMF
ACQDSAADBQAkA54AAwUAJAP8ADANBgkqhkiG9w0BAQsFAAOCAQEAERtDiU9aH7Zx
JzWUDeqMOih+Sx0Su3FuPz65g3DdwJORxhPiUwbVLT2EQJ+9vk+Md0HEJ5H6Sai7
gSe2XlbvvnjcRsmaVUi3ezazMCi4hiSFTYl08pU4+ORH7e8VdSGXtw7Kgmp8R3tt
nw1vZRZrNja8YU5vBndYvp9qckxMoG8yHge4RA/ELZikhtb/MNCc3IO5o2MUazbr
ijbbPyH3CMU1RIz5vvHs3NfUzjx8JUBQyW2xYwhgd9lBw2eFx6ko5cPYI4/ui00L
HdfYze3ugzJPlSoH+Dz2LUSnF9itU/gxw3YbYQE2ayHdja+rW7v27JdgH4ErFvvc
z+iLIPvo5g==
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:40:37 2025 by rpki-client