Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE954/B1F6BCC2C14A11ED882BE329C4F9AE02/79A169387CA811EFA20CC941C4F9AE02.roa
File: 79A169387CA811EFA20CC941C4F9AE02.roa (raw, json)
Hash identifier: xt4Zl9680VV2cIggQXv9eGjCDn2aZU0oP15iI6DEahQ=
Subject key identifier: D5:D4:E1:00:69:D3:87:08:C1:EA:6A:8D:2E:B4:2E:1A:46:4B:FF:6F
Certificate issuer: /CN=A91AE954/serialNumber=83AC168E49FB25EB76945A0BD146EA8B57BF09CC
Certificate serial: 01B1
Authority key identifier: 83:AC:16:8E:49:FB:25:EB:76:94:5A:0B:D1:46:EA:8B:57:BF:09:CC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g6wWjkn7Jet2lFoL0Ubqi1e_Ccw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AE954/B1F6BCC2C14A11ED882BE329C4F9AE02/79A169387CA811EFA20CC941C4F9AE02.roa
Signing time: Sat 31 May 2025 03:11:21 +0000
ROA not before: Sat 31 May 2025 03:11:21 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 4817
IP address blocks: 210.10.0.0/20 maxlen: 20
210.10.0.0/22 maxlen: 22
210.10.0.0/24 maxlen: 24
210.10.1.0/24 maxlen: 24
210.10.2.0/24 maxlen: 24
210.10.3.0/24 maxlen: 24
210.10.4.0/22 maxlen: 22
210.10.4.0/24 maxlen: 24
210.10.5.0/24 maxlen: 24
210.10.6.0/24 maxlen: 24
210.10.7.0/24 maxlen: 24
210.10.10.0/24 maxlen: 24
210.10.11.0/24 maxlen: 24
210.10.12.0/23 maxlen: 24
210.10.64.0/23 maxlen: 24
210.10.66.0/23 maxlen: 23
210.10.76.0/23 maxlen: 23
210.10.76.0/24 maxlen: 24
210.10.77.0/24 maxlen: 24
210.10.78.0/24 maxlen: 24
210.10.79.0/24 maxlen: 24
2400:79e0::/32 maxlen: 32
2400:79e0:8000::/40 maxlen: 40
2400:79e0:8030::/44 maxlen: 44
2400:79e0:8040::/44 maxlen: 44
2400:79e0:8050::/44 maxlen: 44
2400:79e0:8070::/44 maxlen: 44
2400:79e0:9000::/40 maxlen: 40
2400:79e0:9030::/44 maxlen: 44
2400:79e0:9040::/44 maxlen: 44
2400:79e0:9050::/44 maxlen: 44
2400:79e0:9070::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91AE954/B1F6BCC2C14A11ED882BE329C4F9AE02/g6wWjkn7Jet2lFoL0Ubqi1e_Ccw.crl
rsync://rpki.apnic.net/member_repository/A91AE954/B1F6BCC2C14A11ED882BE329C4F9AE02/g6wWjkn7Jet2lFoL0Ubqi1e_Ccw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g6wWjkn7Jet2lFoL0Ubqi1e_Ccw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Jun 2025 03:03:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 433 (0x1b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AE954, serialNumber=83AC168E49FB25EB76945A0BD146EA8B57BF09CC
Validity
Not Before: May 31 03:11:21 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=683a7359-707e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e6:a1:b8:89:a0:2d:bf:86:97:b7:40:56:f5:
a8:c4:0b:25:f6:73:99:23:15:d5:ac:32:5b:52:e3:
21:88:9e:68:4f:2e:28:1b:a0:1b:aa:70:40:c8:f3:
f1:18:32:0c:da:a1:c8:6d:3d:75:27:f8:81:80:49:
a6:d8:cd:8e:7e:dd:f0:7b:85:17:4c:4b:27:33:44:
3b:52:5a:a5:1f:e9:16:87:f0:eb:58:3c:4e:54:45:
3e:a4:9f:85:fe:b0:2b:de:54:51:71:6e:48:71:75:
60:45:c5:77:1b:f0:3a:9e:5e:b4:08:75:af:56:b3:
85:1d:b5:e8:80:40:39:ee:2c:55:dc:8a:1d:22:60:
c9:52:be:22:6d:58:bb:44:e9:ab:ff:f9:0b:55:b7:
15:bd:9e:94:dc:1e:6f:50:d6:16:06:72:19:d8:f7:
9d:fb:24:a0:01:f8:56:4b:77:54:31:08:e7:f7:85:
e0:32:2d:a8:eb:d0:50:61:2a:b3:40:b4:aa:0d:79:
4e:b0:62:71:11:61:35:ac:2e:a7:ed:a6:c9:50:5f:
bf:39:11:42:92:44:af:9a:01:ea:ef:8a:ac:00:86:
23:e4:a9:d1:37:0b:eb:a8:91:fe:05:cb:84:f1:bf:
26:40:0c:58:99:4a:1d:88:79:c0:c5:fe:15:9e:d9:
bf:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:D4:E1:00:69:D3:87:08:C1:EA:6A:8D:2E:B4:2E:1A:46:4B:FF:6F
X509v3 Authority Key Identifier:
keyid:83:AC:16:8E:49:FB:25:EB:76:94:5A:0B:D1:46:EA:8B:57:BF:09:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AE954/B1F6BCC2C14A11ED882BE329C4F9AE02/g6wWjkn7Jet2lFoL0Ubqi1e_Ccw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g6wWjkn7Jet2lFoL0Ubqi1e_Ccw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE954/B1F6BCC2C14A11ED882BE329C4F9AE02/79A169387CA811EFA20CC941C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
210.10.0.0/20
210.10.64.0/22
210.10.76.0/22
IPv6:
2400:79e0::/32
Signature Algorithm: sha256WithRSAEncryption
36:ad:07:13:fa:0c:a0:35:ba:52:9f:14:d5:38:5c:87:9d:54:
eb:9c:6e:3d:90:ea:00:6a:04:4f:5d:5b:78:00:ec:27:b0:d7:
ef:53:d0:f7:1f:41:e5:81:76:2c:87:d5:8e:45:96:d1:0a:b1:
ea:3e:4a:fc:15:b2:ab:88:85:b5:98:6f:47:26:10:e9:1c:6c:
6d:cb:83:a1:0a:4d:2d:18:65:48:e8:25:34:cd:22:7f:28:a0:
80:62:4e:55:b8:57:0e:6a:f8:aa:66:ab:2e:f3:5c:f0:77:a2:
cb:f4:48:e7:32:6c:7b:71:a6:4a:cf:de:e7:79:93:8d:1f:5a:
97:ae:24:9e:51:c2:79:87:9b:a8:13:ac:5c:a0:34:88:27:15:
c3:e6:c1:97:0b:d1:3d:e4:51:b6:e0:d3:ad:a1:07:20:e4:e8:
d3:76:e0:36:b3:be:b5:ef:fb:ee:5d:fe:db:f1:9e:9a:1d:e8:
be:42:25:95:e3:95:5f:69:f2:df:25:20:f3:b1:33:38:b3:1c:
e4:c3:a8:bd:50:4c:fd:e6:f3:6b:7e:46:ac:44:84:5f:35:e4:
45:b6:98:e9:2d:11:1d:07:a5:2a:69:e0:30:dc:42:da:a4:11:
82:f2:e3:50:f4:d9:51:21:c3:78:4a:25:36:66:de:85:4e:17:
ab:78:1f:81
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICAbEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUU5NTQxMTAvBgNVBAUTKDgzQUMxNjhFNDlGQjI1RUI3Njk0NUEwQkQxNDZFQThC
NTdCRjA5Q0MwHhcNMjUwNTMxMDMxMTIxWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODNhNzM1OS03MDdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3eahuImgLb+Gl7dAVvWoxAsl9nOZIxXVrDJbUuMhiJ5oTy4oG6AbqnBAyPPx
GDIM2qHIbT11J/iBgEmm2M2Oft3we4UXTEsnM0Q7UlqlH+kWh/DrWDxOVEU+pJ+F
/rAr3lRRcW5IcXVgRcV3G/A6nl60CHWvVrOFHbXogEA57ixV3IodImDJUr4ibVi7
ROmr//kLVbcVvZ6U3B5vUNYWBnIZ2Ped+ySgAfhWS3dUMQjn94XgMi2o69BQYSqz
QLSqDXlOsGJxEWE1rC6n7abJUF+/ORFCkkSvmgHq74qsAIYj5KnRNwvrqJH+BcuE
8b8mQAxYmUodiHnAxf4Vntm/xwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFNXU4QBp
04cIwepqjS60LhpGS/9vMB8GA1UdIwQYMBaAFIOsFo5J+yXrdpRaC9FG6otXvwnM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTk1NC9CMUY2QkNDMkMx
NEExMUVEODgyQkUzMjlDNEY5QUUwMi9nNndXamtuN0pldDJsRm9MMFVicWkxZV9D
Y3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2c2d1dqa243SmV0MmxGb0wwVWJxaTFlX0Njdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUU5NTQvQjFGNkJDQzJDMTRBMTFFRDg4MkJFMzI5QzRGOUFFMDIvNzlBMTY5Mzg3
Q0E4MTFFRkEyMENDOTQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBATSCgADBALSCkADBALSCkwwDQQCAAIwBwMFACQAeeAwDQYJ
KoZIhvcNAQELBQADggEBADatBxP6DKA1ulKfFNU4XIedVOucbj2Q6gBqBE9dW3gA
7Cew1+9T0PcfQeWBdiyH1Y5FltEKseo+SvwVsquIhbWYb0cmEOkcbG3Lg6EKTS0Y
ZUjoJTTNIn8ooIBiTlW4Vw5q+Kpmqy7zXPB3osv0SOcybHtxpkrP3ud5k40fWpeu
JJ5RwnmHm6gTrFygNIgnFcPmwZcL0T3kUbbg062hByDk6NN24DazvrXv++5d/tvx
npod6L5CJZXjlV9p8t8lIPOxMzizHOTDqL1QTP3m82t+RqxEhF815EW2mOktER0H
pSpp4DDcQtqkEYLy41D02VEhw3hKJTZm3oVOF6t4H4E=
-----END CERTIFICATE-----
Generated at Mon Jun 2 07:20:48 2025 by rpki-client