Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9136DD6/D162E03A3D3A11ECBEF77C76C4F9AE02/53647CC8284511EE8A9EF045C4F9AE02.roa
File: 53647CC8284511EE8A9EF045C4F9AE02.roa (raw, json)
Hash identifier: 7V54SxSgQ+SNaGeYZDWb9OGgqMLMcejVc584VWscbyA=
Subject key identifier: 98:41:91:62:6B:98:9C:F2:70:AE:67:2D:25:4E:ED:7C:93:79:0E:D5
Certificate issuer: /CN=A9136DD6/serialNumber=F7F9D8A4355D673B9D4E7F155D3A78E5E660FEA5
Certificate serial: 0444
Authority key identifier: F7:F9:D8:A4:35:5D:67:3B:9D:4E:7F:15:5D:3A:78:E5:E6:60:FE:A5
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/9_nYpDVdZzudTn8VXTp45eZg_qU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9136DD6/D162E03A3D3A11ECBEF77C76C4F9AE02/53647CC8284511EE8A9EF045C4F9AE02.roa
Signing time: Mon 02 Dec 2024 17:35:49 +0000
ROA not before: Mon 02 Dec 2024 17:35:49 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 17547
IP address blocks: 178.160.128.0/18 maxlen: 19
178.160.128.0/24 maxlen: 24
178.160.129.0/24 maxlen: 24
178.160.130.0/24 maxlen: 24
178.160.131.0/24 maxlen: 24
178.160.132.0/24 maxlen: 24
178.160.133.0/24 maxlen: 24
178.160.135.0/24 maxlen: 24
178.160.137.0/24 maxlen: 24
178.160.138.0/24 maxlen: 24
178.160.139.0/24 maxlen: 24
178.160.140.0/24 maxlen: 24
178.160.141.0/24 maxlen: 24
178.160.142.0/24 maxlen: 24
178.160.143.0/24 maxlen: 24
178.160.144.0/24 maxlen: 24
178.160.145.0/24 maxlen: 24
178.160.146.0/24 maxlen: 24
178.160.147.0/24 maxlen: 24
178.160.148.0/24 maxlen: 24
178.160.149.0/24 maxlen: 24
178.160.150.0/24 maxlen: 24
178.160.151.0/24 maxlen: 24
178.160.152.0/24 maxlen: 24
178.160.153.0/24 maxlen: 24
178.160.154.0/24 maxlen: 24
178.160.155.0/24 maxlen: 24
178.160.156.0/24 maxlen: 24
178.160.157.0/24 maxlen: 24
178.160.158.0/24 maxlen: 24
178.160.159.0/24 maxlen: 24
178.160.160.0/24 maxlen: 24
178.160.161.0/24 maxlen: 24
178.160.162.0/24 maxlen: 24
178.160.163.0/24 maxlen: 24
178.160.164.0/24 maxlen: 24
178.160.165.0/24 maxlen: 24
178.160.166.0/24 maxlen: 24
178.160.167.0/24 maxlen: 24
178.160.168.0/24 maxlen: 24
178.160.169.0/24 maxlen: 24
178.160.170.0/24 maxlen: 24
178.160.171.0/24 maxlen: 24
178.160.172.0/24 maxlen: 24
178.160.173.0/24 maxlen: 24
178.160.174.0/24 maxlen: 24
178.160.175.0/24 maxlen: 24
178.160.176.0/24 maxlen: 24
178.160.177.0/24 maxlen: 24
178.160.178.0/24 maxlen: 24
178.160.179.0/24 maxlen: 24
178.160.180.0/24 maxlen: 24
178.160.181.0/24 maxlen: 24
178.160.182.0/24 maxlen: 24
178.160.183.0/24 maxlen: 24
178.160.184.0/24 maxlen: 24
178.160.185.0/24 maxlen: 24
178.160.186.0/24 maxlen: 24
178.160.187.0/24 maxlen: 24
178.160.188.0/24 maxlen: 24
178.160.189.0/24 maxlen: 24
178.160.190.0/24 maxlen: 24
178.160.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9136DD6/D162E03A3D3A11ECBEF77C76C4F9AE02/9_nYpDVdZzudTn8VXTp45eZg_qU.crl
rsync://rpki.apnic.net/member_repository/A9136DD6/D162E03A3D3A11ECBEF77C76C4F9AE02/9_nYpDVdZzudTn8VXTp45eZg_qU.mft
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/9_nYpDVdZzudTn8VXTp45eZg_qU.cer
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 17:26:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1092 (0x444)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9136DD6
Validity
Not Before: Dec 2 17:35:49 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=674deff4-b3ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:bd:14:90:14:8c:06:30:a9:ff:05:c5:13:c2:
bd:69:ef:5b:41:6b:b2:ec:33:f5:ba:d5:6e:95:2b:
ec:42:e9:9a:c4:70:40:2b:23:42:4e:53:99:5f:b2:
6d:07:36:10:7b:0a:00:26:c8:8c:ba:7a:3e:12:f5:
c3:28:34:26:3b:c8:10:dd:8e:eb:09:fa:3c:ba:85:
14:c0:86:8e:32:96:31:98:cc:07:3f:f3:80:de:1d:
3d:ce:71:15:53:e1:02:b2:32:cf:8e:58:66:7d:84:
c9:57:a1:c3:a5:26:b7:fd:d3:0a:99:69:b8:4b:5d:
61:db:7e:c8:87:0b:9c:2d:ea:16:62:44:a2:86:30:
cb:02:f5:ee:28:c9:5b:ee:b1:e2:f9:6d:81:04:ac:
b4:65:ca:33:30:64:51:19:ae:a4:69:5b:8b:ad:db:
de:7f:06:67:93:50:97:a6:24:0e:3f:28:cf:b6:dc:
dd:cf:56:5c:97:b1:69:1c:96:08:2d:dd:0e:48:a5:
ef:02:a0:6d:ae:ce:69:8d:67:63:be:7a:cf:34:89:
a9:93:9a:3b:88:3a:71:d1:67:17:3a:99:54:dc:cf:
a0:c0:34:a3:c5:6e:ca:b5:19:ac:80:32:d3:1b:f8:
8b:4d:c6:63:2a:1d:be:76:a4:7d:3e:e3:ec:7b:6f:
bc:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:41:91:62:6B:98:9C:F2:70:AE:67:2D:25:4E:ED:7C:93:79:0E:D5
X509v3 Authority Key Identifier:
keyid:F7:F9:D8:A4:35:5D:67:3B:9D:4E:7F:15:5D:3A:78:E5:E6:60:FE:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9136DD6/D162E03A3D3A11ECBEF77C76C4F9AE02/9_nYpDVdZzudTn8VXTp45eZg_qU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/9_nYpDVdZzudTn8VXTp45eZg_qU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136DD6/D162E03A3D3A11ECBEF77C76C4F9AE02/53647CC8284511EE8A9EF045C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
178.160.128.0/18
Signature Algorithm: sha256WithRSAEncryption
37:7b:fd:9c:6a:c9:f7:16:06:9d:95:53:b8:9c:2c:58:42:ec:
8e:d7:fe:44:70:0d:14:ad:e8:68:88:3c:c7:22:a7:7a:46:ff:
de:d6:17:3c:21:b4:70:56:2a:f7:9a:b2:cc:c3:02:1c:c8:48:
67:eb:30:be:20:27:d2:83:7f:db:96:72:56:c6:c9:7a:9e:ee:
11:c8:8e:b6:b0:5e:af:6f:d0:08:e5:32:34:bc:e8:cb:31:51:
1e:fa:18:f0:5e:84:d2:74:ff:56:d1:92:74:9c:d2:08:95:fb:
f7:9d:5a:2e:d1:dd:08:04:0a:76:6b:1d:bf:c6:ee:25:d6:d5:
0c:38:80:80:98:ad:d5:1a:b8:4c:48:d0:d5:3d:17:03:f6:14:
47:28:cb:bb:f6:ce:ba:00:4a:1a:f9:63:16:8b:05:84:dc:b8:
e2:ec:20:b9:a6:e1:0b:ac:ba:ae:c6:43:86:f3:f4:88:22:4f:
c2:f6:83:ad:ca:ec:b6:e3:2a:48:f4:db:38:5f:fb:11:57:fb:
ab:d2:5e:97:84:ce:82:ee:9b:91:65:b6:1c:f6:5b:1b:f7:b6:
ce:ee:c3:7a:eb:aa:a8:7c:3d:89:3c:0f:6d:53:af:b0:7e:04:
3d:e3:41:6a:8e:ea:d7:dc:23:57:c0:4d:fa:5b:74:90:92:59:
17:9d:01:c0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBEQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzZERDYxMTAvBgNVBAUTKEY3RjlEOEE0MzU1RDY3M0I5RDRFN0YxNTVEM0E3OEU1
RTY2MEZFQTUwHhcNMjQxMjAyMTczNTQ5WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRkZWZmNC1iM2NlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyL0UkBSMBjCp/wXFE8K9ae9bQWuy7DP1utVulSvsQumaxHBAKyNCTlOZX7Jt
BzYQewoAJsiMuno+EvXDKDQmO8gQ3Y7rCfo8uoUUwIaOMpYxmMwHP/OA3h09znEV
U+ECsjLPjlhmfYTJV6HDpSa3/dMKmWm4S11h237IhwucLeoWYkSihjDLAvXuKMlb
7rHi+W2BBKy0ZcozMGRRGa6kaVuLrdvefwZnk1CXpiQOPyjPttzdz1Zcl7FpHJYI
Ld0OSKXvAqBtrs5pjWdjvnrPNImpk5o7iDpx0WcXOplU3M+gwDSjxW7KtRmsgDLT
G/iLTcZjKh2+dqR9PuPse2+8PQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJhBkWJr
mJzycK5nLSVO7XyTeQ7VMB8GA1UdIwQYMBaAFPf52KQ1XWc7nU5/FV06eOXmYP6l
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNkRENi9EMTYyRTAzQTNE
M0ExMUVDQkVGNzdDNzZDNEY5QUUwMi85X25ZcERWZFp6dWRUbjhWWFRwNDVlWmdf
cVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyLzlfbllwRFZkWnp1ZFRuOFZYVHA0NWVaZ19xVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzZERDYvRDE2MkUwM0EzRDNBMTFFQ0JFRjc3Qzc2QzRGOUFFMDIvNTM2NDdDQzgy
ODQ1MTFFRThBOUVGMDQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAayoIAwDQYJKoZIhvcNAQELBQADggEBADd7/ZxqyfcWBp2V
U7icLFhC7I7X/kRwDRSt6GiIPMcip3pG/97WFzwhtHBWKveasszDAhzISGfrML4g
J9KDf9uWclbGyXqe7hHIjrawXq9v0AjlMjS86MsxUR76GPBehNJ0/1bRknSc0giV
+/edWi7R3QgECnZrHb/G7iXW1Qw4gICYrdUauExI0NU9FwP2FEcoy7v2zroAShr5
YxaLBYTcuOLsILmm4Qusuq7GQ4bz9IgiT8L2g63K7LbjKkj02zhf+xFX+6vSXpeE
zoLum5Flthz2Wxv3ts7uw3rrqqh8PYk8D21Tr7B+BD3jQWqO6tfcI1fATfpbdJCS
WRedAcA=
-----END CERTIFICATE-----
Generated at Fri Apr 11 18:52:25 2025 by rpki-client