Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/2FDA4F26E20711EF9B64614EC4F9AE02.roa
File: 2FDA4F26E20711EF9B64614EC4F9AE02.roa (raw, json)
Hash identifier: 7UVWm9Qr3Gv2ae5STGc5B8NNM4GCnnFd4M5ZD/G8r78=
Subject key identifier: 00:FD:8F:1A:47:5F:A1:82:87:F7:F8:78:C7:50:D8:B2:56:A2:7B:6B
Certificate issuer: /CN=A917576D/serialNumber=B1E84FACFACBC0B7838561EF21E28F2FACF5DFEC
Certificate serial: 0A36
Authority key identifier: B1:E8:4F:AC:FA:CB:C0:B7:83:85:61:EF:21:E2:8F:2F:AC:F5:DF:EC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sehPrPrLwLeDhWHvIeKPL6z13-w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/2FDA4F26E20711EF9B64614EC4F9AE02.roa
Signing time: Mon 03 Feb 2025 08:16:37 +0000
ROA not before: Mon 03 Feb 2025 08:16:37 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 4809
IP address blocks: 183.91.48.0/21 maxlen: 21
183.91.48.0/24 maxlen: 24
183.91.49.0/24 maxlen: 24
183.91.50.0/24 maxlen: 24
183.91.51.0/24 maxlen: 24
183.91.52.0/24 maxlen: 24
183.91.54.0/24 maxlen: 24
183.91.55.0/24 maxlen: 24
183.91.60.0/24 maxlen: 24
183.91.61.0/24 maxlen: 24
183.91.62.0/24 maxlen: 24
183.91.63.0/24 maxlen: 24
202.55.0.0/19 maxlen: 19
202.55.0.0/24 maxlen: 24
202.55.1.0/24 maxlen: 24
202.55.3.0/24 maxlen: 24
202.55.4.0/24 maxlen: 24
202.55.5.0/24 maxlen: 24
202.55.6.0/24 maxlen: 24
202.55.7.0/24 maxlen: 24
202.55.8.0/21 maxlen: 21
202.55.8.0/24 maxlen: 24
202.55.9.0/24 maxlen: 24
202.55.10.0/24 maxlen: 24
202.55.11.0/24 maxlen: 24
202.55.12.0/24 maxlen: 24
202.55.13.0/24 maxlen: 24
202.55.14.0/24 maxlen: 24
202.55.15.0/24 maxlen: 24
202.55.16.0/24 maxlen: 24
202.55.17.0/24 maxlen: 24
202.55.18.0/24 maxlen: 24
202.55.19.0/24 maxlen: 24
202.55.20.0/24 maxlen: 24
202.55.21.0/24 maxlen: 24
202.55.22.0/24 maxlen: 24
202.55.23.0/24 maxlen: 24
202.55.24.0/24 maxlen: 24
202.55.25.0/24 maxlen: 24
202.55.26.0/24 maxlen: 24
202.55.27.0/24 maxlen: 24
202.55.28.0/24 maxlen: 24
202.55.29.0/24 maxlen: 24
202.55.30.0/24 maxlen: 24
202.55.31.0/24 maxlen: 24
2400:9380:9000::/40 maxlen: 48
2400:9380:9100::/40 maxlen: 48
2400:9380:9200::/40 maxlen: 48
2400:9380:9300::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/sehPrPrLwLeDhWHvIeKPL6z13-w.crl
rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/sehPrPrLwLeDhWHvIeKPL6z13-w.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sehPrPrLwLeDhWHvIeKPL6z13-w.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2614 (0xa36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917576D
Validity
Not Before: Feb 3 08:16:37 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67a07b64-d935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7a:50:3c:53:57:c9:58:ac:8c:45:eb:7a:26:
56:39:55:cf:b7:13:9d:0e:1a:5f:e0:47:e0:d3:a5:
02:85:db:a5:03:a7:b6:38:8c:37:33:89:61:58:89:
ed:ef:0b:4f:8c:d0:f5:8d:b8:bd:40:6c:a7:dc:27:
91:16:df:ba:d2:af:cb:62:bf:b9:f8:f5:00:9f:c3:
9e:2c:af:a7:47:81:32:c9:43:30:55:96:bc:ba:e1:
11:9f:86:c9:00:2d:f9:41:37:0e:23:d1:51:ab:51:
a5:7f:98:88:2a:40:6a:eb:73:65:93:11:4b:00:00:
85:a9:ce:71:68:4f:cb:11:b6:5c:27:57:d6:51:45:
63:0d:bd:07:d3:78:10:ca:8d:3d:84:41:d7:b1:3c:
b3:be:fb:e9:23:ff:28:78:fb:6d:5a:88:80:8d:6f:
1c:ea:fc:47:c7:cf:5f:6f:b3:05:8e:e1:fb:0c:c5:
42:84:99:4e:52:22:5c:59:60:8d:26:55:3c:50:0b:
ba:6e:83:f7:6a:10:87:10:1b:81:db:0b:ff:89:7d:
ab:00:a0:38:2c:c8:71:e7:52:a1:3e:1b:81:da:c3:
cd:5e:54:09:c1:c3:a4:03:c3:d2:cc:2d:98:69:97:
06:1d:16:18:b8:1b:b7:35:f9:1f:32:86:9e:5a:6e:
b0:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:FD:8F:1A:47:5F:A1:82:87:F7:F8:78:C7:50:D8:B2:56:A2:7B:6B
X509v3 Authority Key Identifier:
keyid:B1:E8:4F:AC:FA:CB:C0:B7:83:85:61:EF:21:E2:8F:2F:AC:F5:DF:EC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/sehPrPrLwLeDhWHvIeKPL6z13-w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sehPrPrLwLeDhWHvIeKPL6z13-w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/2FDA4F26E20711EF9B64614EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
183.91.48.0/21
183.91.60.0/22
202.55.0.0/19
IPv6:
2400:9380:9000::/38
Signature Algorithm: sha256WithRSAEncryption
53:15:56:2b:1d:6a:28:30:14:86:8b:99:06:95:57:56:c5:81:
fd:d5:b1:19:6d:c0:e3:4e:56:bd:7b:5d:d0:0b:9d:b0:8e:5b:
36:4a:09:bb:73:76:56:a8:4e:76:2d:62:42:1f:41:eb:7c:7a:
6b:8e:b7:69:57:1b:d9:9b:2f:fb:b2:c4:8d:b4:e2:60:e6:54:
dd:2b:c9:e9:c5:41:71:13:d4:8f:8f:e2:2d:98:9d:c9:e8:5d:
c2:a6:1a:b9:51:a6:ee:39:d0:a0:9e:e6:2a:d3:69:42:3a:8c:
fd:81:6c:f9:e0:f8:48:7a:73:2c:13:b1:1b:72:8d:e3:f2:37:
a8:ba:a6:9f:90:29:33:ce:68:05:5f:d4:0c:e7:a3:07:55:11:
0e:10:6d:fa:f6:69:22:30:16:b5:df:ec:ab:5e:3b:d3:75:8b:
f4:0f:2b:96:f0:db:cc:ea:b9:35:28:76:a1:da:89:a5:ef:9e:
c2:b7:f7:35:55:36:6c:25:d4:c5:5f:bc:dc:c2:f5:3f:df:b8:
92:50:9f:bb:e8:db:2a:19:5f:90:02:d5:9b:a5:76:81:7a:72:
e0:ba:9a:bd:e8:7c:e3:88:bf:dd:41:93:81:e9:01:1f:e0:45:
98:a5:9b:3f:2b:4e:28:f3:48:f6:03:72:06:79:46:16:55:56:
91:3c:b4:fc
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgICCjYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzU3NkQxMTAvBgNVBAUTKEIxRTg0RkFDRkFDQkMwQjc4Mzg1NjFFRjIxRTI4RjJG
QUNGNURGRUMwHhcNMjUwMjAzMDgxNjM3WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EwN2I2NC1kOTM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtXpQPFNXyVisjEXreiZWOVXPtxOdDhpf4Efg06UChdulA6e2OIw3M4lhWInt
7wtPjND1jbi9QGyn3CeRFt+60q/LYr+5+PUAn8OeLK+nR4EyyUMwVZa8uuERn4bJ
AC35QTcOI9FRq1Glf5iIKkBq63NlkxFLAACFqc5xaE/LEbZcJ1fWUUVjDb0H03gQ
yo09hEHXsTyzvvvpI/8oePttWoiAjW8c6vxHx89fb7MFjuH7DMVChJlOUiJcWWCN
JlU8UAu6boP3ahCHEBuB2wv/iX2rAKA4LMhx51KhPhuB2sPNXlQJwcOkA8PSzC2Y
aZcGHRYYuBu3NfkfMoaeWm6wLQIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFAD9jxpH
X6GCh/f4eMdQ2LJWontrMB8GA1UdIwQYMBaAFLHoT6z6y8C3g4Vh7yHijy+s9d/s
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTc2RC8zNjg3MkE1RTgy
Q0QxMUVBODk1QzdCNUNDNEY5QUUwMi9zZWhQclByTHdMZURoV0h2SWVLUEw2ejEz
LXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NlaFByUHJMd0xlRGhXSHZJZUtQTDZ6MTMtdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzU3NkQvMzY4NzJBNUU4MkNEMTFFQTg5NUM3QjVDQzRGOUFFMDIvMkZEQTRGMjZF
MjA3MTFFRjlCNjQ2MTRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E
LDAqMBgEAgABMBIDBAO3WzADBAK3WzwDBAXKNwAwDgQCAAIwCAMGAiQAk4CQMA0G
CSqGSIb3DQEBCwUAA4IBAQBTFVYrHWooMBSGi5kGlVdWxYH91bEZbcDjTla9e13Q
C52wjls2Sgm7c3ZWqE52LWJCH0HrfHprjrdpVxvZmy/7ssSNtOJg5lTdK8npxUFx
E9SPj+ItmJ3J6F3Cphq5UabuOdCgnuYq02lCOoz9gWz54PhIenMsE7Ebco3j8jeo
uqafkCkzzmgFX9QM56MHVREOEG369mkiMBa13+yrXjvTdYv0DyuW8NvM6rk1KHah
2oml757Ct/c1VTZsJdTFX7zcwvU/37iSUJ+76NsqGV+QAtWbpXaBenLgupq96Hzj
iL/dQZOB6QEf4EWYpZs/K04o80j2A3IGeUYWVVaRPLT8
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:41:47 2025 by rpki-client