Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/69CEA0B8382811EE8415371AC4F9AE02.roa
File: 69CEA0B8382811EE8415371AC4F9AE02.roa (raw, json)
Hash identifier: tyyAidZJbqlX/Tjf2ZoQfjWeX8cv9hcLIvgO2mJWCSg=
Subject key identifier: 63:63:13:59:00:F6:5D:59:14:76:2B:95:F9:A3:8C:D6:A6:9F:FF:89
Certificate issuer: /CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Certificate serial: 392D
Authority key identifier: 61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/69CEA0B8382811EE8415371AC4F9AE02.roa
Signing time: Thu 12 Dec 2024 02:23:00 +0000
ROA not before: Thu 12 Dec 2024 02:23:00 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 38082
IP address blocks: 27.123.16.0/22 maxlen: 22
27.123.16.0/24 maxlen: 24
27.123.17.0/24 maxlen: 24
27.123.18.0/24 maxlen: 24
27.123.19.0/24 maxlen: 24
58.97.24.0/24 maxlen: 24
61.91.221.0/24 maxlen: 24
113.21.240.0/22 maxlen: 22
113.21.240.0/24 maxlen: 24
113.21.241.0/24 maxlen: 24
113.21.242.0/24 maxlen: 24
113.21.243.0/24 maxlen: 24
113.21.244.0/22 maxlen: 22
113.21.244.0/24 maxlen: 24
113.21.245.0/24 maxlen: 24
113.21.247.0/24 maxlen: 24
122.144.24.0/22 maxlen: 24
122.144.28.0/23 maxlen: 23
171.102.10.0/24 maxlen: 24
171.102.221.0/24 maxlen: 24
171.102.236.0/24 maxlen: 24
171.102.237.0/24 maxlen: 24
171.102.238.0/24 maxlen: 24
171.102.239.0/24 maxlen: 24
2405:4000::/32 maxlen: 32
2405:4000:800::/48 maxlen: 48
2405:4000:800:1::/64 maxlen: 64
2405:4000:800:6::/64 maxlen: 64
2405:4000:800:7::/64 maxlen: 64
2405:4000:800:8::/64 maxlen: 64
2405:4000:800:8::200/120 maxlen: 120
2405:4000:800:9::/64 maxlen: 64
2405:4000:800:a::/64 maxlen: 64
2405:4000:800:b::/64 maxlen: 64
2405:4000:800:d::/64 maxlen: 64
2405:4000:800:e::/64 maxlen: 64
2405:4000:800:f::/64 maxlen: 64
2405:4000:801::/48 maxlen: 48
2405:4000:801::/64 maxlen: 64
2405:4000:801:1::/64 maxlen: 64
2405:4000:801:2::/64 maxlen: 64
2405:4000:801:3::/64 maxlen: 64
2405:4000:801:4::/64 maxlen: 64
2405:4000:801:5::/64 maxlen: 64
2405:4000:900::/40 maxlen: 40
2405:4000:a00::/40 maxlen: 40
2405:4000:aaa::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14637 (0x392d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9137ABC
Validity
Not Before: Dec 12 02:23:00 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=675a4904-40ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:16:94:ef:f9:5a:68:8a:d8:f6:34:7a:57:c5:
1c:6d:27:19:f1:78:24:34:13:e8:08:1e:a5:5c:e9:
5a:11:ea:eb:92:b9:85:60:fc:18:9f:1e:8c:ab:85:
8a:07:a5:21:05:ef:58:0f:1a:52:39:5d:00:15:3e:
99:54:04:cd:a6:f9:45:40:a0:f2:28:80:0d:21:76:
fe:9a:70:ce:2b:93:c9:d5:5a:be:7e:92:de:4f:a8:
27:09:bb:4d:ca:34:c2:b4:f1:d6:95:df:36:8f:96:
9b:28:35:b6:8a:d8:5d:c3:e5:36:e5:15:94:82:9a:
f4:d0:e6:c8:b5:da:d5:2e:53:10:f3:34:fc:46:09:
c4:a2:08:c0:a9:1d:15:11:b1:72:7d:ee:01:14:3b:
13:d9:f1:44:f6:8d:c0:4b:57:8d:8a:b7:f9:a9:24:
8e:95:0a:1b:b9:7f:36:6d:3e:11:70:43:cc:bc:ec:
ee:80:48:30:81:f9:d0:a5:73:57:91:12:34:cc:ea:
98:4f:66:22:62:fe:7a:0b:17:c1:05:b2:0a:0e:dd:
c4:e2:98:02:f2:cc:31:07:27:e7:3f:80:cd:cb:99:
f5:f8:4b:6d:7c:d9:1d:62:b6:97:df:e1:0e:7b:b6:
5d:be:fa:f9:9c:6c:bb:bd:8b:1e:a4:6f:bc:c9:64:
f3:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:63:13:59:00:F6:5D:59:14:76:2B:95:F9:A3:8C:D6:A6:9F:FF:89
X509v3 Authority Key Identifier:
keyid:61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/69CEA0B8382811EE8415371AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.123.16.0/22
58.97.24.0/24
61.91.221.0/24
113.21.240.0/21
122.144.24.0-122.144.29.255
171.102.10.0/24
171.102.221.0/24
171.102.236.0/22
IPv6:
2405:4000::/32
Signature Algorithm: sha256WithRSAEncryption
80:9b:11:48:ed:eb:1b:32:98:a6:84:90:1f:bf:dc:6d:08:89:
00:bb:cb:a7:ab:44:9d:bb:59:71:91:14:6c:8a:38:cc:89:3d:
29:7b:8f:77:3f:1d:99:e7:f3:0a:5f:a5:72:91:08:5f:05:6d:
16:93:32:95:e3:1b:1e:12:05:ad:ac:f6:c0:5c:fb:14:5f:ab:
51:f9:07:9c:c3:31:3d:5f:3a:76:97:2e:63:e1:d5:86:9b:1b:
49:2e:0f:f4:ab:0c:4f:24:39:81:a5:8f:f8:b7:fd:34:da:a7:
f8:9f:f0:3e:7c:d5:bb:b8:49:06:f0:08:fe:d1:f1:87:ee:77:
98:56:bd:49:47:bc:dc:6d:8d:65:c2:64:5a:72:4a:29:d6:a9:
7d:23:b5:69:11:d4:6b:aa:a1:7e:24:07:e6:e7:93:ae:56:81:
58:c2:32:b2:6b:da:71:ea:5b:6e:a0:72:45:40:8e:0e:db:01:
91:38:94:50:9c:fb:14:67:eb:9a:44:c1:c0:cf:07:4a:4a:1e:
15:c7:35:4a:6e:06:b8:87:df:68:c2:1d:83:98:d3:d0:d8:a9:
06:fc:a6:16:5b:1d:09:13:35:3e:53:56:06:5b:c1:39:17:df:
48:45:c4:aa:43:fb:77:1a:2c:1f:52:17:c2:d7:44:bb:27:72:
fe:72:ee:2d
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgICOS0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzdBQkMxMTAvBgNVBAUTKDYxQkYzRUQ0QzNCRkJDMDkxNkVGOTQ4MEFBRkYyMjJB
NDM3QUYwMkMwHhcNMjQxMjEyMDIyMzAwWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzVhNDkwNC00MGVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyBaU7/laaIrY9jR6V8UcbScZ8XgkNBPoCB6lXOlaEerrkrmFYPwYnx6Mq4WK
B6UhBe9YDxpSOV0AFT6ZVATNpvlFQKDyKIANIXb+mnDOK5PJ1Vq+fpLeT6gnCbtN
yjTCtPHWld82j5abKDW2ithdw+U25RWUgpr00ObItdrVLlMQ8zT8RgnEogjAqR0V
EbFyfe4BFDsT2fFE9o3AS1eNirf5qSSOlQobuX82bT4RcEPMvOzugEgwgfnQpXNX
kRI0zOqYT2YiYv56CxfBBbIKDt3E4pgC8swxByfnP4DNy5n1+EttfNkdYraX3+EO
e7Zdvvr5nGy7vYsepG+8yWTzZwIDAQABo4IC1jCCAtIwHQYDVR0OBBYEFGNjE1kA
9l1ZFHYrlfmjjNamn/+JMB8GA1UdIwQYMBaAFGG/PtTDv7wJFu+UgKr/IipDevAs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FCQy83MTNEOUZCMDFE
NzgxMUUyODI4NjhEQzQwOEIwMkNEMi9ZYjgtMU1PX3ZBa1c3NVNBcXY4aUtrTjY4
Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1liOC0xTU9fdkFrVzc1U0FxdjhpS2tONjhDdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzdBQkMvNzEzRDlGQjAxRDc4MTFFMjgyODY4REM0MDhCMDJDRDIvNjlDRUEwQjgz
ODI4MTFFRTg0MTUzNzFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYAYIKwYBBQUHAQcBAf8E
UTBPMD4EAgABMDgDBAIbexADBAA6YRgDBAA9W90DBANxFfAwDAMEA3qQGAMEAXqQ
HAMEAKtmCgMEAKtm3QMEAqtm7DANBAIAAjAHAwUAJAVAADANBgkqhkiG9w0BAQsF
AAOCAQEAgJsRSO3rGzKYpoSQH7/cbQiJALvLp6tEnbtZcZEUbIo4zIk9KXuPdz8d
mefzCl+lcpEIXwVtFpMyleMbHhIFraz2wFz7FF+rUfkHnMMxPV86dpcuY+HVhpsb
SS4P9KsMTyQ5gaWP+Lf9NNqn+J/wPnzVu7hJBvAI/tHxh+53mFa9SUe83G2NZcJk
WnJKKdapfSO1aRHUa6qhfiQH5ueTrlaBWMIysmvacepbbqByRUCODtsBkTiUUJz7
FGfrmkTBwM8HSkoeFcc1Sm4GuIffaMIdg5jT0NipBvymFlsdCRM1PlNWBlvBORff
SEXEqkP7dxosH1IXwtdEuydy/nLuLQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:55:01 2025 by rpki-client