Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/0134DE8CC77211EC9B377B2DC4F9AE02.roa
File: 0134DE8CC77211EC9B377B2DC4F9AE02.roa (raw, json)
Hash identifier: ZJYPWa1zVWtxLs6YCjscQz9YmQ7dtlau1Mnxy99zbcE=
Subject key identifier: 75:B1:65:BD:15:80:55:F2:C1:1E:1C:83:8C:CD:59:6C:91:12:98:13
Certificate issuer: /CN=A91CFFA0/serialNumber=ADD9418F0F9B55F3B7376A093DB11DBAD3AEFEC8
Certificate serial: 0EB0
Authority key identifier: AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/0134DE8CC77211EC9B377B2DC4F9AE02.roa
Signing time: Tue 14 Jan 2025 18:16:13 +0000
ROA not before: Tue 14 Jan 2025 18:16:13 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 13335
IP address blocks: 61.47.0.0/24 maxlen: 24
61.47.3.0/24 maxlen: 24
61.47.4.0/23 maxlen: 24
61.47.15.0/24 maxlen: 24
61.47.17.0/24 maxlen: 24
61.47.21.0/24 maxlen: 24
61.47.22.0/24 maxlen: 24
61.47.24.0/24 maxlen: 24
61.47.27.0/24 maxlen: 24
61.47.29.0/24 maxlen: 24
61.47.44.0/23 maxlen: 24
61.47.46.0/24 maxlen: 24
61.47.49.0/24 maxlen: 24
61.47.50.0/23 maxlen: 24
61.47.53.0/24 maxlen: 24
61.47.54.0/23 maxlen: 24
61.47.56.0/24 maxlen: 24
61.47.64.0/23 maxlen: 24
61.47.66.0/24 maxlen: 24
61.47.72.0/21 maxlen: 24
61.47.102.0/23 maxlen: 24
61.47.108.0/22 maxlen: 24
221.128.0.0/18 maxlen: 24
221.128.71.0/24 maxlen: 24
221.128.73.0/24 maxlen: 24
221.128.77.0/24 maxlen: 24
221.128.79.0/24 maxlen: 24
221.128.81.0/24 maxlen: 24
221.128.87.0/24 maxlen: 24
221.128.88.0/22 maxlen: 24
221.128.97.0/24 maxlen: 24
221.128.98.0/23 maxlen: 24
221.128.104.0/22 maxlen: 24
221.128.108.0/23 maxlen: 24
221.128.110.0/24 maxlen: 24
221.128.115.0/24 maxlen: 24
221.128.116.0/24 maxlen: 24
221.128.118.0/23 maxlen: 24
221.128.121.0/24 maxlen: 24
221.128.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.crl
rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 18:10:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3760 (0xeb0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CFFA0
Validity
Not Before: Jan 14 18:16:13 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6786a9ed-13ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ce:cf:db:a3:19:83:59:48:01:66:96:a1:aa:
6a:e5:eb:0e:62:1b:c2:8c:6c:8e:3a:8f:bf:f5:97:
99:28:8c:eb:c8:d4:ad:92:99:c5:74:d8:38:28:b4:
cd:24:d3:cb:66:6e:54:d5:4e:7c:00:66:c3:f5:ec:
b5:94:26:7b:39:e4:7c:ba:e6:92:e8:2e:37:88:c8:
46:1b:ea:58:04:58:9d:c9:49:c1:b9:63:bf:98:1b:
a4:3c:f1:b0:86:50:c5:cc:d7:d8:33:86:ba:da:dd:
2d:18:5a:f1:ae:a5:93:78:3c:c6:ab:6d:ce:b5:6a:
82:fd:52:08:fc:e5:26:c3:07:4f:fd:95:00:75:2d:
f7:77:e6:3a:db:a7:ac:ae:ca:f1:b2:71:1d:8a:33:
35:8d:80:3f:bc:f1:84:a7:76:21:65:90:97:75:20:
45:ad:3b:f7:f6:22:52:e4:56:fa:e3:ef:2c:8f:85:
da:f0:d3:5c:48:51:b6:fb:54:fd:05:11:97:9c:45:
db:c0:4e:0a:6a:48:36:e3:39:ba:3b:48:9b:46:6c:
4d:ed:3a:8d:2b:9d:18:85:16:2d:ea:64:ee:8e:c2:
1e:9a:7a:35:40:d3:74:12:75:ce:6c:a9:91:7f:fa:
94:95:1e:dd:88:de:cf:07:f8:bd:ff:c1:51:17:d4:
96:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:B1:65:BD:15:80:55:F2:C1:1E:1C:83:8C:CD:59:6C:91:12:98:13
X509v3 Authority Key Identifier:
keyid:AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/0134DE8CC77211EC9B377B2DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.47.0.0/24
61.47.3.0-61.47.5.255
61.47.15.0/24
61.47.17.0/24
61.47.21.0-61.47.22.255
61.47.24.0/24
61.47.27.0/24
61.47.29.0/24
61.47.44.0-61.47.46.255
61.47.49.0-61.47.51.255
61.47.53.0-61.47.56.255
61.47.64.0-61.47.66.255
61.47.72.0/21
61.47.102.0/23
61.47.108.0/22
221.128.0.0/18
221.128.71.0/24
221.128.73.0/24
221.128.77.0/24
221.128.79.0/24
221.128.81.0/24
221.128.87.0-221.128.91.255
221.128.97.0-221.128.99.255
221.128.104.0-221.128.110.255
221.128.115.0-221.128.116.255
221.128.118.0/23
221.128.121.0/24
221.128.123.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:56:16:f7:68:cb:df:9f:d4:b2:10:31:85:a1:c6:b1:1f:e3:
17:7a:76:75:42:94:21:e5:cb:b9:ec:92:d2:7e:3e:3a:2d:47:
cf:bc:b5:31:a7:9d:be:dc:5c:af:dd:f6:84:a6:b2:04:b9:19:
64:fa:a9:dd:f5:f5:34:78:2b:9f:d0:87:71:2d:8a:d0:b4:5a:
48:4e:dd:da:30:b1:fa:58:ab:3b:61:10:b5:9e:fe:b1:1a:c3:
b7:a7:c7:ac:6c:80:c6:c2:c0:04:03:00:00:e4:70:97:f8:63:
8c:2d:7e:ad:d6:ac:5c:e5:92:7d:bc:25:aa:5e:27:c4:9d:27:
7c:ee:92:14:89:a0:8f:3c:b0:c9:e3:be:1e:fb:84:ac:1a:29:
da:26:1c:9e:19:83:a9:2f:3a:dd:dd:77:23:b2:ba:dc:b1:ec:
97:43:99:6f:76:a3:87:91:fb:1a:4f:94:d5:a9:4c:4a:73:ed:
63:d4:6b:1f:55:76:5c:03:2f:f0:ae:4f:c0:ae:a7:53:c6:ec:
79:8b:9b:ba:61:c2:18:5b:9b:7d:ed:f2:a2:ef:46:ea:27:21:
7c:4d:98:7d:2e:a2:ff:68:60:7a:bb:72:03:d2:58:7d:b6:a6:
93:ec:38:72:70:c6:7f:a4:43:43:65:9c:df:69:94:9f:21:ce:
fa:93:03:38
-----BEGIN CERTIFICATE-----
MIIGazCCBVOgAwIBAgICDrAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0ZGQTAxMTAvBgNVBAUTKEFERDk0MThGMEY5QjU1RjNCNzM3NkEwOTNEQjExREJB
RDNBRUZFQzgwHhcNMjUwMTE0MTgxNjEzWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg2YTllZC0xM2VkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAkc7P26MZg1lIAWaWoapq5esOYhvCjGyOOo+/9ZeZKIzryNStkpnFdNg4KLTN
JNPLZm5U1U58AGbD9ey1lCZ7OeR8uuaS6C43iMhGG+pYBFidyUnBuWO/mBukPPGw
hlDFzNfYM4a62t0tGFrxrqWTeDzGq23OtWqC/VII/OUmwwdP/ZUAdS33d+Y626es
rsrxsnEdijM1jYA/vPGEp3YhZZCXdSBFrTv39iJS5Fb64+8sj4Xa8NNcSFG2+1T9
BRGXnEXbwE4Kakg24zm6O0ibRmxN7TqNK50YhRYt6mTujsIemno1QNN0EnXObKmR
f/qUlR7diN7PB/i9/8FRF9SW6QIDAQABo4IDjzCCA4swHQYDVR0OBBYEFHWxZb0V
gFXywR4cg4zNWWyREpgTMB8GA1UdIwQYMBaAFK3ZQY8Pm1XztzdqCT2xHbrTrv7I
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkZBMC8xRDY2RDQ4NkQ4
Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9yZGxCanctYlZmTzNOMm9KUGJFZHV0T3Vf
c2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JkbEJqdy1iVmZPM04yb0pQYkVkdXRPdV9zZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0ZGQTAvMUQ2NkQ0ODZEOENCMTFFOUJBRTI0RDIxQzRGOUFFMDIvMDEzNERFOEND
NzcyMTFFQzlCMzc3QjJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEXBggrBgEFBQcBBwEB
/wSCAQYwggECMIH/BAIAATCB+AMEAD0vADAMAwQAPS8DAwQBPS8EAwQAPS8PAwQA
PS8RMAwDBAA9LxUDBAA9LxYDBAA9LxgDBAA9LxsDBAA9Lx0wDAMEAj0vLAMEAD0v
LjAMAwQAPS8xAwQCPS8wMAwDBAA9LzUDBAA9LzgwDAMEBj0vQAMEAD0vQgMEAz0v
SAMEAT0vZgMEAj0vbAMEBt2AAAMEAN2ARwMEAN2ASQMEAN2ATQMEAN2ATwMEAN2A
UTAMAwQA3YBXAwQC3YBYMAwDBADdgGEDBALdgGAwDAMEA92AaAMEAN2AbjAMAwQA
3YBzAwQA3YB0AwQB3YB2AwQA3YB5AwQA3YB7MA0GCSqGSIb3DQEBCwUAA4IBAQCk
Vhb3aMvfn9SyEDGFocaxH+MXenZ1QpQh5cu57JLSfj46LUfPvLUxp52+3Fyv3faE
prIEuRlk+qnd9fU0eCuf0IdxLYrQtFpITt3aMLH6WKs7YRC1nv6xGsO3p8esbIDG
wsAEAwAA5HCX+GOMLX6t1qxc5ZJ9vCWqXifEnSd87pIUiaCPPLDJ474e+4SsGina
JhyeGYOpLzrd3XcjsrrcseyXQ5lvdqOHkfsaT5TVqUxKc+1j1GsfVXZcAy/wrk/A
rqdTxux5i5u6YcIYW5t97fKi70bqJyF8TZh9LqL/aGB6u3ID0lh9tqaT7DhycMZ/
pENDZZzfaZSfIc76kwM4
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:22:56 2025 by rpki-client