Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/6CF60CB6785811E99A6E965AC4F9AE02.roa
File: 6CF60CB6785811E99A6E965AC4F9AE02.roa (raw, json)
Hash identifier: Pdp5ex3WILw7iG17rFPSyS12eBInNFBGiUmFxLOiLr8=
Subject key identifier: 88:CA:EE:6D:0E:8A:69:BA:07:A0:DC:A8:4E:F1:48:9C:58:0F:39:76
Certificate issuer: /CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Certificate serial: 34BB
Authority key identifier: F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/6CF60CB6785811E99A6E965AC4F9AE02.roa
Signing time: Fri 24 Jan 2025 16:02:20 +0000
ROA not before: Fri 24 Jan 2025 16:02:20 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 135478
IP address blocks: 45.126.80.0/23 maxlen: 23
45.126.82.0/23 maxlen: 23
45.126.82.0/24 maxlen: 24
101.128.64.0/22 maxlen: 22
101.128.64.0/24 maxlen: 24
101.128.65.0/24 maxlen: 24
101.128.67.0/24 maxlen: 24
101.128.68.0/22 maxlen: 22
101.128.68.0/24 maxlen: 24
101.128.72.0/22 maxlen: 22
101.128.72.0/24 maxlen: 24
101.128.76.0/22 maxlen: 22
101.128.76.0/24 maxlen: 24
101.128.80.0/22 maxlen: 22
101.128.80.0/24 maxlen: 24
101.128.84.0/22 maxlen: 22
101.128.84.0/24 maxlen: 24
101.128.88.0/22 maxlen: 22
101.128.88.0/24 maxlen: 24
101.128.92.0/22 maxlen: 22
101.128.92.0/24 maxlen: 24
101.128.96.0/22 maxlen: 22
101.128.96.0/24 maxlen: 24
101.128.100.0/22 maxlen: 22
101.128.100.0/24 maxlen: 24
101.128.104.0/22 maxlen: 22
101.128.104.0/24 maxlen: 24
101.128.112.0/22 maxlen: 22
101.128.112.0/24 maxlen: 24
101.128.116.0/22 maxlen: 22
101.128.116.0/24 maxlen: 24
101.128.120.0/22 maxlen: 22
101.128.120.0/24 maxlen: 24
101.128.124.0/22 maxlen: 22
101.128.124.0/24 maxlen: 24
175.158.36.0/22 maxlen: 22
175.158.36.0/24 maxlen: 24
175.158.40.0/22 maxlen: 22
175.158.40.0/24 maxlen: 24
175.158.44.0/22 maxlen: 22
175.158.44.0/24 maxlen: 24
175.158.48.0/22 maxlen: 22
175.158.48.0/24 maxlen: 24
175.158.52.0/22 maxlen: 22
175.158.52.0/24 maxlen: 24
175.158.56.0/22 maxlen: 22
175.158.56.0/24 maxlen: 24
175.158.60.0/22 maxlen: 22
2405:8180::/32 maxlen: 32
2405:8180::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13499 (0x34bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186214
Validity
Not Before: Jan 24 16:02:20 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6793b98c-c999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:07:57:df:70:27:71:84:f7:0c:2d:1a:98:0d:
43:5b:a4:7f:20:5f:cc:9a:59:38:1c:43:ed:91:55:
79:6d:68:ad:7a:16:2f:26:7a:73:47:58:46:73:69:
b7:49:69:78:26:0f:e2:66:ac:94:53:e2:22:2d:d1:
c4:7e:5c:ac:ff:ce:a9:1e:93:4f:89:69:04:02:24:
a3:cd:41:33:ab:c1:e3:55:a5:69:d4:b1:e7:e2:0b:
07:5a:84:44:5b:8a:77:c2:53:49:8f:31:6a:e4:b3:
46:7c:61:d7:fb:90:bf:7f:4e:f9:4d:63:97:0c:f2:
4d:f3:59:a4:49:8a:28:61:aa:b9:0b:48:d1:9e:da:
e4:e8:5a:de:0d:10:8c:96:67:c1:8b:6a:74:45:43:
0d:76:22:21:58:c6:14:9c:4b:bc:74:f8:08:9e:3a:
36:7f:62:8a:2a:1a:44:47:0b:39:92:21:73:83:5e:
4e:4a:68:d3:7b:9b:ef:25:64:9e:83:ea:8f:03:1c:
9d:4b:28:ec:36:92:a3:4d:e1:8d:27:66:2d:c7:a8:
1d:f0:28:a6:d0:c6:c7:86:00:d0:ee:c6:3b:d8:eb:
55:ca:0a:5b:f2:27:fb:c1:53:05:59:a2:de:66:f1:
3c:34:da:7e:24:77:60:28:89:48:ea:ad:6c:f2:12:
a6:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:CA:EE:6D:0E:8A:69:BA:07:A0:DC:A8:4E:F1:48:9C:58:0F:39:76
X509v3 Authority Key Identifier:
keyid:F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/6CF60CB6785811E99A6E965AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.126.80.0/22
101.128.64.0-101.128.107.255
101.128.112.0/20
175.158.36.0-175.158.63.255
IPv6:
2405:8180::/32
Signature Algorithm: sha256WithRSAEncryption
af:3a:8d:80:d2:9c:04:96:c3:c2:50:28:f1:5e:fc:3f:ff:41:
fa:32:76:57:39:0e:41:0f:8e:06:d0:41:f5:85:a6:cc:fb:aa:
bb:4b:14:97:a4:2b:2b:f6:3a:54:f5:41:74:b9:d9:fe:6e:7e:
82:eb:21:5e:59:67:80:f0:63:fc:a5:1b:14:d1:a7:de:9e:e2:
bd:27:9a:10:bf:d8:c5:78:ce:e0:32:69:d6:55:5b:b4:c1:9b:
57:b9:ee:f9:06:94:6c:73:d9:2b:68:36:9e:68:9f:18:be:db:
4d:c2:7d:c0:2d:ab:4f:e4:79:fa:ea:f7:eb:89:b3:81:87:1a:
5b:c4:89:68:ed:bf:14:86:4e:29:b3:b7:bd:93:39:97:e9:b5:
86:cf:b8:74:e4:2f:a8:a9:7a:d7:7b:c6:c0:ff:0e:f6:ba:cd:
59:05:97:10:96:f9:0c:2b:a7:be:47:aa:20:a0:99:51:05:cd:
cc:c2:cb:03:f0:01:7b:bb:bc:cb:c4:a4:7e:f3:b5:c3:7f:c9:
fe:33:b0:bc:d4:3f:9e:9e:b8:e8:2a:5d:58:84:43:a7:01:a7:
db:e8:ed:29:b9:d4:ff:b8:39:a3:a2:4a:e0:e5:1d:97:44:1a:
83:60:5a:96:80:b1:ea:62:a1:2f:55:16:cc:0e:cd:68:40:7e:
c0:5c:30:f3
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgICNLswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODYyMTQxMTAvBgNVBAUTKEYzREI5RjE2MjAwOEJENjY2Q0JGOEM5OTYwNzgxNENG
QUIyNEQ3RTcwHhcNMjUwMTI0MTYwMjIwWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkzYjk4Yy1jOTk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnwdX33AncYT3DC0amA1DW6R/IF/Mmlk4HEPtkVV5bWitehYvJnpzR1hGc2m3
SWl4Jg/iZqyUU+IiLdHEflys/86pHpNPiWkEAiSjzUEzq8HjVaVp1LHn4gsHWoRE
W4p3wlNJjzFq5LNGfGHX+5C/f075TWOXDPJN81mkSYooYaq5C0jRntrk6FreDRCM
lmfBi2p0RUMNdiIhWMYUnEu8dPgInjo2f2KKKhpERws5kiFzg15OSmjTe5vvJWSe
g+qPAxydSyjsNpKjTeGNJ2Ytx6gd8Cim0MbHhgDQ7sY72OtVygpb8if7wVMFWaLe
ZvE8NNp+JHdgKIlI6q1s8hKmfQIDAQABo4ICxjCCAsIwHQYDVR0OBBYEFIjK7m0O
imm6B6DcqE7xSJxYDzl2MB8GA1UdIwQYMBaAFPPbnxYgCL1mbL+MmWB4FM+rJNfn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjIxNC9DNjVENTM2NDMz
MUExMUU0QUYyQUIzN0NDNEY5QUUwMi84OXVmRmlBSXZXWnN2NHlaWUhnVXo2c2sx
LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg5dWZGaUFJdldac3Y0eVpZSGdVejZzazEtYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODYyMTQvQzY1RDUzNjQzMzFBMTFFNEFGMkFCMzdDQzRGOUFFMDIvNkNGNjBDQjY3
ODU4MTFFOTlBNkU5NjVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUAYIKwYBBQUHAQcBAf8E
QTA/MC4EAgABMCgDBAItflAwDAMEBmWAQAMEAmWAaAMEBGWAcDAMAwQCr54kAwQG
r54AMA0EAgACMAcDBQAkBYGAMA0GCSqGSIb3DQEBCwUAA4IBAQCvOo2A0pwElsPC
UCjxXvw//0H6MnZXOQ5BD44G0EH1habM+6q7SxSXpCsr9jpU9UF0udn+bn6C6yFe
WWeA8GP8pRsU0afenuK9J5oQv9jFeM7gMmnWVVu0wZtXue75BpRsc9kraDaeaJ8Y
vttNwn3ALatP5Hn66vfribOBhxpbxIlo7b8Uhk4ps7e9kzmX6bWGz7h05C+oqXrX
e8bA/w72us1ZBZcQlvkMK6e+R6ogoJlRBc3MwssD8AF7u7zLxKR+87XDf8n+M7C8
1D+enrjoKl1YhEOnAafb6O0pudT/uDmjokrg5R2XRBqDYFqWgLHqYqEvVRbMDs1o
QH7AXDDz
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:46:57 2025 by rpki-client