Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/1DF0A186321E11F08839AD4FC4F9AE02.roa
File: 1DF0A186321E11F08839AD4FC4F9AE02.roa (raw, json)
Hash identifier: scqtxwpbVl5pi/9CaB8OC2vDdt2kGGP5wDNyaIXBbaQ=
Subject key identifier: 15:29:7A:5A:C3:9C:1E:3F:42:A1:2B:CB:57:F0:11:38:99:4B:0E:40
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 10FB
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/1DF0A186321E11F08839AD4FC4F9AE02.roa
Signing time: Mon 02 Jun 2025 21:06:57 +0000
ROA not before: Mon 02 Jun 2025 21:06:57 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 138241
IP address blocks: 139.190.0.0/22 maxlen: 24
139.190.4.0/22 maxlen: 24
139.190.8.0/24 maxlen: 24
139.190.9.0/24 maxlen: 24
139.190.10.0/24 maxlen: 24
139.190.11.0/24 maxlen: 24
139.190.12.0/24 maxlen: 24
139.190.13.0/24 maxlen: 24
139.190.14.0/24 maxlen: 24
139.190.15.0/24 maxlen: 24
139.190.16.0/24 maxlen: 24
139.190.17.0/24 maxlen: 24
139.190.18.0/24 maxlen: 24
139.190.19.0/24 maxlen: 24
139.190.20.0/24 maxlen: 24
139.190.21.0/24 maxlen: 24
139.190.22.0/24 maxlen: 24
139.190.23.0/24 maxlen: 24
139.190.24.0/22 maxlen: 22
139.190.24.0/24 maxlen: 24
139.190.28.0/24 maxlen: 24
139.190.29.0/24 maxlen: 24
139.190.30.0/24 maxlen: 24
139.190.31.0/24 maxlen: 24
139.190.32.0/24 maxlen: 24
139.190.33.0/24 maxlen: 24
139.190.34.0/24 maxlen: 24
139.190.35.0/24 maxlen: 24
139.190.36.0/22 maxlen: 24
139.190.40.0/22 maxlen: 22
139.190.44.0/22 maxlen: 22
139.190.48.0/24 maxlen: 24
139.190.49.0/24 maxlen: 24
139.190.50.0/24 maxlen: 24
139.190.51.0/24 maxlen: 24
139.190.52.0/24 maxlen: 24
139.190.53.0/24 maxlen: 24
139.190.54.0/24 maxlen: 24
139.190.55.0/24 maxlen: 24
139.190.56.0/22 maxlen: 22
139.190.60.0/22 maxlen: 22
139.190.68.0/24 maxlen: 24
139.190.69.0/24 maxlen: 24
139.190.70.0/24 maxlen: 24
139.190.71.0/24 maxlen: 24
139.190.80.0/21 maxlen: 24
139.190.88.0/21 maxlen: 21
139.190.124.0/22 maxlen: 24
139.190.235.0/24 maxlen: 24
139.190.238.0/24 maxlen: 24
139.190.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 11 Jun 2025 20:34:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4347 (0x10fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Validity
Not Before: Jun 2 21:06:57 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=683e1271-e4b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:7d:47:15:9c:fd:fd:38:9d:c5:49:bc:4f:6e:
96:e9:b7:84:6e:71:a6:84:35:bc:2b:f7:3f:43:e2:
f2:d8:78:02:4f:8c:aa:b0:ed:0b:3d:63:1e:15:e8:
b6:30:ac:47:8d:f2:13:5d:94:86:2b:bd:db:07:b8:
44:19:95:0d:da:7d:16:93:0d:44:9b:83:9e:d5:6d:
43:5f:4f:a7:0d:83:ca:2c:af:b5:0c:7d:56:03:5b:
8c:df:68:80:60:48:79:8e:46:ef:df:f2:1e:ee:45:
cc:fd:11:68:67:d6:e1:db:30:b2:86:ce:b0:06:72:
47:74:9d:3a:b7:5c:23:b2:28:d6:e2:85:20:36:f7:
34:74:e8:1b:f5:99:b6:04:ac:54:67:c9:08:db:9e:
8a:73:8d:c8:e4:97:db:77:b1:c5:80:19:b9:f2:7c:
85:d4:99:f6:f3:a7:b2:17:e0:2a:e9:6e:be:d3:c9:
83:24:41:88:cd:9a:17:37:1b:fa:66:2d:d2:44:66:
86:bb:b7:2d:da:71:c5:3b:00:18:54:51:f7:14:b2:
fe:e3:dd:87:f5:1c:09:85:6f:27:e1:f5:02:a2:36:
5f:c6:c0:b7:e7:0f:90:56:51:22:e5:1e:97:84:e2:
46:0b:e7:d1:50:fc:cc:a2:e0:44:2e:8a:73:6e:10:
57:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:29:7A:5A:C3:9C:1E:3F:42:A1:2B:CB:57:F0:11:38:99:4B:0E:40
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/1DF0A186321E11F08839AD4FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.0.0/18
139.190.68.0/22
139.190.80.0/20
139.190.124.0/22
139.190.235.0/24
139.190.238.0/23
Signature Algorithm: sha256WithRSAEncryption
a5:69:27:61:3c:70:51:1e:98:8f:fd:be:10:9a:5f:90:43:b4:
16:e1:7f:34:cf:98:3f:aa:70:6b:2c:89:84:b2:1e:2b:99:8c:
4c:34:83:ed:71:e7:18:e5:26:ce:29:20:01:72:26:b8:4c:15:
32:45:95:bc:f6:4a:42:31:82:61:a2:8a:46:c3:38:47:a1:cc:
ec:a8:f7:6a:fb:97:87:56:d4:63:23:b2:f2:ec:60:d4:7b:4d:
cd:e9:c6:0d:87:8c:1f:08:a1:dc:97:6f:e2:f6:52:96:5e:00:
36:f5:99:14:0c:29:af:d2:b8:90:84:43:c0:e2:a0:83:e0:68:
a2:7b:32:2a:6d:c4:96:61:d8:79:9d:2d:89:1f:7a:b7:80:19:
70:3c:08:0c:80:94:bb:03:ed:1c:2c:4a:ed:f6:bb:a3:00:3b:
5b:dc:bf:db:2d:e4:35:1b:cd:1d:ff:2e:f7:f5:03:b7:d5:0b:
d0:d2:01:7b:82:e4:a9:ab:ca:e2:62:c9:d6:d2:40:8b:2c:22:
90:c7:fb:1c:0f:ab:6a:8c:64:00:eb:52:0b:d3:f6:ad:eb:aa:
ed:2e:78:0c:34:5b:59:c2:f3:02:1f:98:07:85:2b:bb:5a:da:
b4:c3:3d:c3:ab:c6:15:17:a5:1f:ac:a8:e5:94:7e:cc:a9:2c:
29:9d:c2:17
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICEPswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwNjAyMjEwNjU3WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODNlMTI3MS1lNGI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6H1HFZz9/TidxUm8T26W6beEbnGmhDW8K/c/Q+Ly2HgCT4yqsO0LPWMeFei2
MKxHjfITXZSGK73bB7hEGZUN2n0Wkw1Em4Oe1W1DX0+nDYPKLK+1DH1WA1uM32iA
YEh5jkbv3/Ie7kXM/RFoZ9bh2zCyhs6wBnJHdJ06t1wjsijW4oUgNvc0dOgb9Zm2
BKxUZ8kI256Kc43I5Jfbd7HFgBm58nyF1Jn286eyF+Aq6W6+08mDJEGIzZoXNxv6
Zi3SRGaGu7ct2nHFOwAYVFH3FLL+492H9RwJhW8n4fUCojZfxsC35w+QVlEi5R6X
hOJGC+fRUPzMouBELopzbhBX7wIDAQABo4ICszCCAq8wHQYDVR0OBBYEFBUpelrD
nB4/QqEry1fwETiZSw5AMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMURGMEExODYz
MjFFMTFGMDg4MzlBRDRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAaLvgADBAKLvkQDBASLvlADBAKLvnwDBACLvusDBAGLvu4w
DQYJKoZIhvcNAQELBQADggEBAKVpJ2E8cFEemI/9vhCaX5BDtBbhfzTPmD+qcGss
iYSyHiuZjEw0g+1x5xjlJs4pIAFyJrhMFTJFlbz2SkIxgmGiikbDOEehzOyo92r7
l4dW1GMjsvLsYNR7Tc3pxg2HjB8IodyXb+L2UpZeADb1mRQMKa/SuJCEQ8DioIPg
aKJ7MiptxJZh2HmdLYkfereAGXA8CAyAlLsD7RwsSu32u6MAO1vcv9st5DUbzR3/
Lvf1A7fVC9DSAXuC5KmryuJiydbSQIssIpDH+xwPq2qMZADrUgvT9q3rqu0ueAw0
W1nC8wIfmAeFK7ta2rTDPcOrxhUXpR+sqOWUfsypLCmdwhc=
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:13:32 2025 by rpki-client