Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/20B5026203BC11EB9D8B117AC4F9AE02.roa
File: 20B5026203BC11EB9D8B117AC4F9AE02.roa (raw, json)
Hash identifier: hipDqtuA6tKa/DovXP31v3QUE5kTEzKq8fl//VHu/GY=
Subject key identifier: 82:58:B0:54:F1:BB:53:05:53:DA:86:82:FA:75:47:1B:CA:70:8E:AC
Certificate issuer: /CN=A9125475/serialNumber=4440F6C422E9500C7D46A62D7DEB70D33A88750E
Certificate serial: 3637
Authority key identifier: 44:40:F6:C4:22:E9:50:0C:7D:46:A6:2D:7D:EB:70:D3:3A:88:75:0E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RED2xCLpUAx9RqYtfetw0zqIdQ4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/20B5026203BC11EB9D8B117AC4F9AE02.roa
Signing time: Mon 02 Dec 2024 14:30:27 +0000
ROA not before: Mon 02 Dec 2024 14:30:27 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 135566
IP address blocks: 122.155.26.0/24 maxlen: 24
122.155.27.0/24 maxlen: 24
202.139.197.0/24 maxlen: 24
202.139.198.0/24 maxlen: 24
202.139.199.0/24 maxlen: 24
202.139.200.0/24 maxlen: 24
202.139.201.0/24 maxlen: 24
202.139.202.0/24 maxlen: 24
202.139.203.0/24 maxlen: 24
202.139.204.0/24 maxlen: 24
202.139.205.0/24 maxlen: 24
202.139.206.0/24 maxlen: 24
202.139.207.0/24 maxlen: 24
202.139.208.0/24 maxlen: 24
202.139.209.0/24 maxlen: 24
202.139.210.0/24 maxlen: 24
202.139.211.0/24 maxlen: 24
202.139.212.0/24 maxlen: 24
202.139.213.0/24 maxlen: 24
202.139.215.0/24 maxlen: 24
202.139.216.0/24 maxlen: 24
202.139.217.0/24 maxlen: 24
2001:c38:90a0::/44 maxlen: 44
2001:c38:90a9::/48 maxlen: 48
2001:c38:90ae::/48 maxlen: 48
2001:c38:90af::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/RED2xCLpUAx9RqYtfetw0zqIdQ4.crl
rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/RED2xCLpUAx9RqYtfetw0zqIdQ4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RED2xCLpUAx9RqYtfetw0zqIdQ4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13879 (0x3637)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9125475
Validity
Not Before: Dec 2 14:30:27 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=674dc482-ad45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9a:09:f7:cf:fe:b9:6b:f2:4a:6d:4d:2f:58:
bb:52:18:66:50:0e:25:2b:ae:c1:30:6a:14:f1:2e:
2d:4e:25:50:cb:c6:35:1e:49:7e:8c:9e:15:48:1b:
06:11:6b:88:f0:b7:76:52:b7:77:dd:67:f4:35:19:
52:f6:8d:0a:71:9f:74:ce:5d:05:5f:85:61:c1:9b:
1c:26:f7:98:e9:76:83:94:e6:1c:25:88:d5:b6:26:
15:27:0c:a1:3a:60:d7:97:03:b3:e9:7a:07:95:90:
2b:e8:32:a5:7b:54:48:ec:09:69:d1:b5:91:65:5a:
45:f0:e9:e4:15:37:ca:e1:a1:18:99:3e:82:34:46:
e0:d4:58:9d:61:0a:8a:f8:68:de:92:3b:cf:67:f2:
f2:d5:29:5c:60:c0:1f:ce:f3:d0:2e:9f:59:7f:b3:
c2:9b:8f:02:95:ea:8d:16:b1:ba:ec:29:27:b4:fd:
26:00:9c:f1:d4:53:d3:52:5a:77:d0:66:96:97:27:
c1:2a:f9:c4:a8:6f:dc:67:89:ce:c9:ce:fc:59:21:
af:d8:24:5f:2a:46:1e:70:dd:c2:7d:80:b1:3a:38:
7d:bb:d8:e2:fa:09:9b:09:95:d0:be:90:02:33:6c:
79:22:0f:cb:76:72:78:74:a0:a2:f8:0d:0a:02:c2:
d8:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:58:B0:54:F1:BB:53:05:53:DA:86:82:FA:75:47:1B:CA:70:8E:AC
X509v3 Authority Key Identifier:
keyid:44:40:F6:C4:22:E9:50:0C:7D:46:A6:2D:7D:EB:70:D3:3A:88:75:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/RED2xCLpUAx9RqYtfetw0zqIdQ4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RED2xCLpUAx9RqYtfetw0zqIdQ4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/20B5026203BC11EB9D8B117AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.155.26.0/23
202.139.197.0-202.139.213.255
202.139.215.0-202.139.217.255
IPv6:
2001:c38:90a0::/44
Signature Algorithm: sha256WithRSAEncryption
38:46:2f:00:5c:18:aa:64:e2:ec:78:64:32:90:5b:23:f4:47:
c5:2d:3d:d4:e8:8f:d1:b2:89:3d:3e:36:6b:47:da:7b:99:35:
01:1d:fd:73:64:76:66:0f:b8:20:a3:77:ee:d7:86:69:2d:17:
e3:ea:10:de:88:f6:dc:6d:cc:b1:6f:7a:1e:d4:84:ac:b8:8f:
b7:05:37:7e:0c:f5:5f:1a:e3:13:d4:07:0b:a7:c9:0d:2b:09:
87:7c:4a:0c:f5:c4:3e:6d:88:e1:94:47:d8:39:84:66:75:aa:
19:33:60:5c:3a:a5:a0:59:04:d5:3c:14:33:dc:a7:fb:ba:04:
17:de:47:38:4d:e5:b6:49:9b:c7:bd:de:b6:3a:e8:ca:f8:5b:
29:f1:1a:fa:03:d1:cc:39:e7:e0:30:fa:e1:99:c1:20:3a:f2:
bb:d0:99:05:b6:ec:4d:13:ba:57:37:8d:2b:41:d7:37:d5:a0:
f4:16:1b:8d:48:d3:34:ea:c4:59:81:67:f7:e8:a1:78:98:d3:
44:29:3a:45:a7:8f:6e:d9:1d:65:1d:9f:36:85:4e:d4:59:2e:
2e:5b:bd:cb:a3:fb:0c:2d:c6:f8:be:f2:b4:4f:48:09:f2:7a:
3c:c5:fb:fe:65:7d:1d:25:92:33:0e:5e:91:12:20:f2:43:95:
d0:99:e2:29
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICNjcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjU0NzUxMTAvBgNVBAUTKDQ0NDBGNkM0MjJFOTUwMEM3RDQ2QTYyRDdERUI3MEQz
M0E4ODc1MEUwHhcNMjQxMjAyMTQzMDI3WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRkYzQ4Mi1hZDQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw5oJ98/+uWvySm1NL1i7UhhmUA4lK67BMGoU8S4tTiVQy8Y1Hkl+jJ4VSBsG
EWuI8Ld2Urd33Wf0NRlS9o0KcZ90zl0FX4VhwZscJveY6XaDlOYcJYjVtiYVJwyh
OmDXlwOz6XoHlZAr6DKle1RI7Alp0bWRZVpF8OnkFTfK4aEYmT6CNEbg1FidYQqK
+GjekjvPZ/Ly1SlcYMAfzvPQLp9Zf7PCm48CleqNFrG67CkntP0mAJzx1FPTUlp3
0GaWlyfBKvnEqG/cZ4nOyc78WSGv2CRfKkYecN3CfYCxOjh9u9ji+gmbCZXQvpAC
M2x5Ig/LdnJ4dKCi+A0KAsLYawIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFIJYsFTx
u1MFU9qGgvp1RxvKcI6sMB8GA1UdIwQYMBaAFERA9sQi6VAMfUamLX3rcNM6iHUO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNTQ3NS9BQjQ0Nzk3MjFE
NzgxMUUyQURCNkYyQzQwOEIwMkNEMi9SRUQyeENMcFVBeDlScVl0ZmV0dzB6cUlk
UTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JFRDJ4Q0xwVUF4OVJxWXRmZXR3MHpxSWRRNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjU0NzUvQUI0NDc5NzIxRDc4MTFFMkFEQjZGMkM0MDhCMDJDRDIvMjBCNTAyNjIw
M0JDMTFFQjlEOEIxMTdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E
PTA7MCgEAgABMCIDBAF6mxowDAMEAMqLxQMEAcqL1DAMAwQAyovXAwQByovYMA8E
AgACMAkDBwQgAQw4kKAwDQYJKoZIhvcNAQELBQADggEBADhGLwBcGKpk4ux4ZDKQ
WyP0R8UtPdToj9GyiT0+NmtH2nuZNQEd/XNkdmYPuCCjd+7XhmktF+PqEN6I9txt
zLFveh7UhKy4j7cFN34M9V8a4xPUBwunyQ0rCYd8Sgz1xD5tiOGUR9g5hGZ1qhkz
YFw6paBZBNU8FDPcp/u6BBfeRzhN5bZJm8e93rY66Mr4WynxGvoD0cw55+Aw+uGZ
wSA68rvQmQW27E0Tulc3jStB1zfVoPQWG41I0zTqxFmBZ/fooXiY00QpOkWnj27Z
HWUdnzaFTtRZLi5bvcuj+wwtxvi+8rRPSAnyejzF+/5lfR0lkjMOXpESIPJDldCZ
4ik=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:41:55 2025 by rpki-client