Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9123072/069A06E60B5C11EB99A17562C4F9AE02/0886DE60D4D311ECBE99375AC4F9AE02.roa
File: 0886DE60D4D311ECBE99375AC4F9AE02.roa (raw, json)
Hash identifier: uazG73UaMnx6WsXKrRFqrUld6ba1Rwlrt5W45/vO4zY=
Subject key identifier: 72:F6:A3:57:B8:56:1E:A6:01:38:70:AC:E5:4B:B2:68:F5:0D:5A:86
Certificate issuer: /CN=A9123072/serialNumber=B658EF6B27929C7B7F5FB26CB9EE6A412CE85DD4
Certificate serial: 0752
Authority key identifier: B6:58:EF:6B:27:92:9C:7B:7F:5F:B2:6C:B9:EE:6A:41:2C:E8:5D:D4
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/tljvayeSnHt_X7Jsue5qQSzoXdQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9123072/069A06E60B5C11EB99A17562C4F9AE02/0886DE60D4D311ECBE99375AC4F9AE02.roa
Signing time: Mon 02 Dec 2024 21:40:27 +0000
ROA not before: Mon 02 Dec 2024 21:40:27 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 132825
IP address blocks: 185.135.72.0/24 maxlen: 24
185.135.73.0/24 maxlen: 24
185.135.74.0/24 maxlen: 24
185.135.75.0/24 maxlen: 24
185.135.76.0/24 maxlen: 24
185.135.77.0/24 maxlen: 24
185.135.78.0/24 maxlen: 24
185.135.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9123072/069A06E60B5C11EB99A17562C4F9AE02/tljvayeSnHt_X7Jsue5qQSzoXdQ.crl
rsync://rpki.apnic.net/member_repository/A9123072/069A06E60B5C11EB99A17562C4F9AE02/tljvayeSnHt_X7Jsue5qQSzoXdQ.mft
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/tljvayeSnHt_X7Jsue5qQSzoXdQ.cer
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 21:12:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1874 (0x752)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9123072
Validity
Not Before: Dec 2 21:40:27 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=674e294b-baa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:8e:85:19:75:76:93:5d:dc:24:4c:2b:a4:ed:
0e:36:df:be:5d:fa:68:83:fc:a3:17:ad:16:ff:5d:
00:2d:d3:03:6a:35:9b:b2:2f:f7:2b:19:a2:0e:eb:
78:0d:72:38:9e:da:4f:ca:52:cf:c9:6c:b7:0b:32:
a2:55:6c:8e:5f:9e:08:61:04:1b:4c:06:b0:0b:7c:
94:36:56:21:af:ce:d5:98:46:a2:a5:c1:e5:2a:c7:
2e:e4:0e:22:d3:ef:f0:22:13:a7:ba:a6:5e:f1:f3:
25:71:7c:cb:7a:9b:fc:6d:7c:3a:be:b7:69:eb:ec:
ba:34:8c:0f:f0:5b:c1:21:0b:a6:47:19:5d:1a:ee:
35:f9:c8:52:db:11:f1:13:a3:d7:8c:fb:bb:4e:01:
a3:c8:a4:f7:c9:db:79:58:a1:15:36:08:30:c4:5c:
03:ef:92:9d:9d:ad:12:a2:9c:6a:c1:a1:4a:9a:c8:
64:87:7c:69:01:05:4b:4a:1c:1d:80:91:f2:59:f6:
01:9d:6d:09:b3:fc:30:38:60:12:28:7b:ce:f2:0b:
25:e4:79:64:be:fe:2d:d8:07:4d:8f:e7:dd:54:72:
da:77:03:9a:a1:14:ce:ba:cb:a4:e9:25:58:c4:7f:
08:0d:e1:34:6b:d4:01:94:36:8a:32:87:5c:a3:f7:
19:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F6:A3:57:B8:56:1E:A6:01:38:70:AC:E5:4B:B2:68:F5:0D:5A:86
X509v3 Authority Key Identifier:
keyid:B6:58:EF:6B:27:92:9C:7B:7F:5F:B2:6C:B9:EE:6A:41:2C:E8:5D:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9123072/069A06E60B5C11EB99A17562C4F9AE02/tljvayeSnHt_X7Jsue5qQSzoXdQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/tljvayeSnHt_X7Jsue5qQSzoXdQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123072/069A06E60B5C11EB99A17562C4F9AE02/0886DE60D4D311ECBE99375AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
185.135.72.0/21
Signature Algorithm: sha256WithRSAEncryption
b1:fc:7a:56:85:45:12:df:71:09:1c:57:ff:d2:16:f1:29:46:
b2:22:5c:16:82:c5:68:c9:f6:d1:1a:fc:31:ab:d4:2a:7b:63:
36:32:ce:87:23:8f:4c:81:cf:02:1e:72:7d:5e:b3:34:05:15:
10:72:51:8b:31:9a:b7:27:9c:15:0e:c1:c3:1b:e8:21:c0:f2:
be:66:6c:75:e9:17:23:a7:1e:35:39:12:d1:d9:18:46:f9:ab:
a4:ba:da:7f:04:a7:a0:d9:bc:00:f5:d5:e9:b4:6e:bf:c8:80:
9d:41:27:d3:15:e8:13:37:d0:b3:70:f9:48:11:ac:c8:6e:5b:
4b:0d:cd:39:b1:cd:f2:8a:c4:12:bc:be:47:a3:75:4d:eb:57:
87:3a:39:a6:3c:9a:75:5b:16:af:63:4e:7d:46:cd:73:be:6f:
af:a8:53:21:42:ed:93:31:aa:2b:a6:72:e1:e5:c8:d0:1a:ec:
cc:d3:1b:f0:7e:4f:16:f4:38:37:d0:c6:9d:0c:e3:04:cf:4d:
64:17:ab:ad:67:67:d0:37:5c:88:e9:a7:5c:ca:f7:71:ec:c3:
a4:f7:24:2f:5e:db:5b:12:0a:17:37:2b:34:15:ab:65:20:b5:
02:e3:57:55:f2:b6:c5:d4:0f:b5:74:eb:cb:24:9c:47:33:dd:
ca:20:31:8d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB1IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjMwNzIxMTAvBgNVBAUTKEI2NThFRjZCMjc5MjlDN0I3RjVGQjI2Q0I5RUU2QTQx
MkNFODVERDQwHhcNMjQxMjAyMjE0MDI3WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRlMjk0Yi1iYWE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7I6FGXV2k13cJEwrpO0ONt++Xfpog/yjF60W/10ALdMDajWbsi/3KxmiDut4
DXI4ntpPylLPyWy3CzKiVWyOX54IYQQbTAawC3yUNlYhr87VmEaipcHlKscu5A4i
0+/wIhOnuqZe8fMlcXzLepv8bXw6vrdp6+y6NIwP8FvBIQumRxldGu41+chS2xHx
E6PXjPu7TgGjyKT3ydt5WKEVNggwxFwD75Kdna0SopxqwaFKmshkh3xpAQVLShwd
gJHyWfYBnW0Js/wwOGASKHvO8gsl5Hlkvv4t2AdNj+fdVHLadwOaoRTOusuk6SVY
xH8IDeE0a9QBlDaKModco/cZgwIDAQABo4IClTCCApEwHQYDVR0OBBYEFHL2o1e4
Vh6mAThwrOVLsmj1DVqGMB8GA1UdIwQYMBaAFLZY72snkpx7f1+ybLnuakEs6F3U
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMzA3Mi8wNjlBMDZFNjBC
NUMxMUVCOTlBMTc1NjJDNEY5QUUwMi90bGp2YXllU25IdF9YN0pzdWU1cVFTem9Y
ZFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL3RsanZheWVTbkh0X1g3SnN1ZTVxUVN6b1hkUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjMwNzIvMDY5QTA2RTYwQjVDMTFFQjk5QTE3NTYyQzRGOUFFMDIvMDg4NkRFNjBE
NEQzMTFFQ0JFOTkzNzVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAO5h0gwDQYJKoZIhvcNAQELBQADggEBALH8elaFRRLfcQkc
V//SFvEpRrIiXBaCxWjJ9tEa/DGr1Cp7YzYyzocjj0yBzwIecn1eszQFFRByUYsx
mrcnnBUOwcMb6CHA8r5mbHXpFyOnHjU5EtHZGEb5q6S62n8Ep6DZvAD11em0br/I
gJ1BJ9MV6BM30LNw+UgRrMhuW0sNzTmxzfKKxBK8vkejdU3rV4c6OaY8mnVbFq9j
Tn1GzXO+b6+oUyFC7ZMxqiumcuHlyNAa7MzTG/B+Txb0ODfQxp0M4wTPTWQXq61n
Z9A3XIjpp1zK93Hsw6T3JC9e21sSChc3KzQVq2UgtQLjV1XytsXUD7V068sknEcz
3cogMY0=
-----END CERTIFICATE-----
Generated at Fri Apr 11 01:16:22 2025 by rpki-client