Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/7179245C619311EE9B52D046C4F9AE02.roa
File: 7179245C619311EE9B52D046C4F9AE02.roa (raw, json)
Hash identifier: UNWWiixe7D0hC7+k0ni4RN//93pBfhiLfmqDqnPNyLE=
Subject key identifier: 0E:DF:E4:ED:98:56:46:1E:C1:72:EE:34:13:C2:AC:40:CD:3F:17:85
Certificate issuer: /CN=A9125475/serialNumber=4440F6C422E9500C7D46A62D7DEB70D33A88750E
Certificate serial: 3649
Authority key identifier: 44:40:F6:C4:22:E9:50:0C:7D:46:A6:2D:7D:EB:70:D3:3A:88:75:0E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RED2xCLpUAx9RqYtfetw0zqIdQ4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/7179245C619311EE9B52D046C4F9AE02.roa
Signing time: Mon 02 Dec 2024 14:30:43 +0000
ROA not before: Mon 02 Dec 2024 14:30:43 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 4651
IP address blocks: 61.19.0.0/24 maxlen: 24
61.19.1.0/24 maxlen: 24
61.19.2.0/24 maxlen: 24
61.19.4.0/24 maxlen: 24
61.19.7.0/24 maxlen: 24
61.19.9.0/24 maxlen: 24
61.19.14.0/24 maxlen: 24
122.155.224.0/24 maxlen: 24
122.155.225.0/24 maxlen: 24
122.155.226.0/24 maxlen: 24
122.155.228.0/24 maxlen: 24
122.155.230.0/24 maxlen: 24
122.155.232.0/24 maxlen: 24
122.155.236.0/24 maxlen: 24
122.155.237.0/24 maxlen: 24
122.155.238.0/24 maxlen: 24
122.155.243.0/24 maxlen: 24
122.155.243.0/25 maxlen: 25
122.155.244.0/22 maxlen: 24
202.47.253.0/24 maxlen: 24
2001:c38:5000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/RED2xCLpUAx9RqYtfetw0zqIdQ4.crl
rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/RED2xCLpUAx9RqYtfetw0zqIdQ4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RED2xCLpUAx9RqYtfetw0zqIdQ4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13897 (0x3649)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9125475
Validity
Not Before: Dec 2 14:30:43 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=674dc493-35ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0a:02:61:fb:5c:09:cb:4c:49:cf:6f:d1:2b:
4c:a7:fa:e5:90:dc:b3:15:d7:9e:36:e8:da:7b:a8:
fa:09:4b:45:88:35:b2:07:dc:90:46:e7:43:37:82:
05:ba:b3:88:f0:58:22:73:ff:8f:1f:b5:d7:8f:36:
9a:ca:49:db:67:29:f0:e5:81:5f:e7:35:c8:74:73:
b6:58:cc:5b:70:72:7c:33:47:e9:1f:34:74:d6:41:
b5:b2:b5:a4:84:fa:76:62:66:c6:7c:42:7a:d4:ca:
bc:09:27:e2:18:e7:f2:89:20:ae:4a:46:f8:48:de:
95:55:a7:82:0c:f5:6d:6c:21:1a:60:d8:ef:73:c0:
18:c0:ca:f9:23:07:0a:44:65:e5:4e:25:67:a4:66:
a1:0a:27:5a:13:9e:b8:3d:d3:9a:b7:a3:96:c9:9c:
15:cd:73:e3:72:d8:5d:b6:97:21:30:b5:b9:b1:9d:
f2:f0:19:fa:87:2d:a1:20:9c:cb:76:70:1e:6a:02:
6f:27:f6:79:e1:6f:eb:2e:a7:6b:ac:80:ad:af:3f:
43:d4:3b:ec:0f:1a:76:3b:87:5d:78:fb:f3:60:ba:
65:17:0d:02:b5:92:91:ac:b2:40:b8:60:01:f5:b0:
62:17:b8:66:d1:ca:fc:43:f9:3d:16:93:82:2d:0f:
a8:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:DF:E4:ED:98:56:46:1E:C1:72:EE:34:13:C2:AC:40:CD:3F:17:85
X509v3 Authority Key Identifier:
keyid:44:40:F6:C4:22:E9:50:0C:7D:46:A6:2D:7D:EB:70:D3:3A:88:75:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/RED2xCLpUAx9RqYtfetw0zqIdQ4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RED2xCLpUAx9RqYtfetw0zqIdQ4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/7179245C619311EE9B52D046C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.19.0.0-61.19.2.255
61.19.4.0/24
61.19.7.0/24
61.19.9.0/24
61.19.14.0/24
122.155.224.0-122.155.226.255
122.155.228.0/24
122.155.230.0/24
122.155.232.0/24
122.155.236.0-122.155.238.255
122.155.243.0-122.155.247.255
202.47.253.0/24
IPv6:
2001:c38:5000::/48
Signature Algorithm: sha256WithRSAEncryption
1a:4a:19:43:dd:53:25:d4:4f:e5:cd:20:f8:11:a0:36:ed:84:
87:a3:cf:80:fc:ae:f6:f8:71:45:c6:fc:2e:f8:5e:9d:b0:ad:
5c:82:ef:e9:8a:0e:c0:e5:18:2f:76:d3:94:e9:2c:3f:49:fc:
fa:6d:95:b6:8b:3b:e4:ab:5a:b0:50:a0:42:1d:38:b0:34:a8:
e2:a7:47:3a:4c:63:4d:8f:76:b6:fe:75:42:b2:d2:be:f5:60:
5d:3c:2d:9f:3c:c0:ad:63:b8:3a:df:04:c8:6e:04:3e:2e:3c:
bc:4a:b3:20:23:84:e0:c9:f2:1e:1a:dd:47:b2:e9:4b:81:9a:
04:1d:74:70:ba:1a:34:0e:30:7c:f2:51:02:8f:8d:17:f9:59:
2a:29:44:f7:25:2e:ca:07:03:56:cc:26:0a:6e:22:33:1b:fa:
2e:bd:73:11:bd:55:9a:a1:7e:a2:dc:5c:d6:3d:72:58:08:5f:
0c:d2:62:f2:f3:c1:0a:ea:d3:4c:19:09:49:44:e4:d1:32:b8:
ac:91:65:a0:c1:3f:71:70:79:c3:94:54:f3:fa:6d:93:36:2e:
69:9a:5c:2e:33:7e:ec:b6:f0:fa:43:b9:31:1d:9d:d7:c8:d3:
be:81:6d:b7:29:bc:73:66:29:8a:d2:0c:53:ae:cc:16:08:1d:
08:eb:df:11
-----BEGIN CERTIFICATE-----
MIIF5jCCBM6gAwIBAgICNkkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjU0NzUxMTAvBgNVBAUTKDQ0NDBGNkM0MjJFOTUwMEM3RDQ2QTYyRDdERUI3MEQz
M0E4ODc1MEUwHhcNMjQxMjAyMTQzMDQzWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRkYzQ5My0zNWVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAogoCYftcCctMSc9v0StMp/rlkNyzFdeeNujae6j6CUtFiDWyB9yQRudDN4IF
urOI8Fgic/+PH7XXjzaayknbZynw5YFf5zXIdHO2WMxbcHJ8M0fpHzR01kG1srWk
hPp2YmbGfEJ61Mq8CSfiGOfyiSCuSkb4SN6VVaeCDPVtbCEaYNjvc8AYwMr5IwcK
RGXlTiVnpGahCidaE564PdOat6OWyZwVzXPjcthdtpchMLW5sZ3y8Bn6hy2hIJzL
dnAeagJvJ/Z54W/rLqdrrICtrz9D1DvsDxp2O4ddePvzYLplFw0CtZKRrLJAuGAB
9bBiF7hm0cr8Q/k9FpOCLQ+oKwIDAQABo4IDCjCCAwYwHQYDVR0OBBYEFA7f5O2Y
VkYewXLuNBPCrEDNPxeFMB8GA1UdIwQYMBaAFERA9sQi6VAMfUamLX3rcNM6iHUO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNTQ3NS9BQjQ0Nzk3MjFE
NzgxMUUyQURCNkYyQzQwOEIwMkNEMi9SRUQyeENMcFVBeDlScVl0ZmV0dzB6cUlk
UTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JFRDJ4Q0xwVUF4OVJxWXRmZXR3MHpxSWRRNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjU0NzUvQUI0NDc5NzIxRDc4MTFFMkFEQjZGMkM0MDhCMDJDRDIvNzE3OTI0NUM2
MTkzMTFFRTlCNTJEMDQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZMGCCsGAQUFBwEHAQH/
BIGDMIGAMG0EAgABMGcwCwMDAD0TAwQAPRMCAwQAPRMEAwQAPRMHAwQAPRMJAwQA
PRMOMAwDBAV6m+ADBAB6m+IDBAB6m+QDBAB6m+YDBAB6m+gwDAMEAnqb7AMEAHqb
7jAMAwQAepvzAwQDepvwAwQAyi/9MA8EAgACMAkDBwAgAQw4UAAwDQYJKoZIhvcN
AQELBQADggEBABpKGUPdUyXUT+XNIPgRoDbthIejz4D8rvb4cUXG/C74Xp2wrVyC
7+mKDsDlGC9205TpLD9J/PptlbaLO+SrWrBQoEIdOLA0qOKnRzpMY02Pdrb+dUKy
0r71YF08LZ88wK1juDrfBMhuBD4uPLxKsyAjhODJ8h4a3Uey6UuBmgQddHC6GjQO
MHzyUQKPjRf5WSopRPclLsoHA1bMJgpuIjMb+i69cxG9VZqhfqLcXNY9clgIXwzS
YvLzwQrq00wZCUlE5NEyuKyRZaDBP3FwecOUVPP6bZM2LmmaXC4zfuy28PpDuTEd
ndfI076BbbcpvHNmKYrSDFOuzBYIHQjr3xE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:12:28 2025 by rpki-client