Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/B85E994CFE5411EFB0605334C4F9AE02.roa
File: B85E994CFE5411EFB0605334C4F9AE02.roa (raw, json)
Hash identifier: izLf6ogzM9OIUzUuWynTjLpb2gWdyJYX7n7zESR/lRQ=
Subject key identifier: 06:9D:59:79:88:A6:7F:AC:D5:09:E5:AE:04:CA:0B:D8:20:92:E6:F5
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0FB9
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/B85E994CFE5411EFB0605334C4F9AE02.roa
Signing time: Tue 11 Mar 2025 08:42:09 +0000
ROA not before: Tue 11 Mar 2025 08:42:09 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 138241
IP address blocks: 139.190.10.0/24 maxlen: 24
139.190.11.0/24 maxlen: 24
139.190.12.0/24 maxlen: 24
139.190.13.0/24 maxlen: 24
139.190.14.0/24 maxlen: 24
139.190.15.0/24 maxlen: 24
139.190.17.0/24 maxlen: 24
139.190.19.0/24 maxlen: 24
139.190.20.0/24 maxlen: 24
139.190.22.0/24 maxlen: 24
139.190.23.0/24 maxlen: 24
139.190.24.0/22 maxlen: 24
139.190.29.0/24 maxlen: 24
139.190.30.0/24 maxlen: 24
139.190.31.0/24 maxlen: 24
139.190.32.0/24 maxlen: 24
139.190.33.0/24 maxlen: 24
139.190.34.0/24 maxlen: 24
139.190.36.0/22 maxlen: 24
139.190.48.0/24 maxlen: 24
139.190.49.0/24 maxlen: 24
139.190.50.0/24 maxlen: 24
139.190.51.0/24 maxlen: 24
139.190.52.0/24 maxlen: 24
139.190.53.0/24 maxlen: 24
139.190.54.0/24 maxlen: 24
139.190.68.0/24 maxlen: 24
139.190.69.0/24 maxlen: 24
139.190.70.0/24 maxlen: 24
139.190.71.0/24 maxlen: 24
139.190.88.0/21 maxlen: 21
139.190.124.0/22 maxlen: 22
139.190.235.0/24 maxlen: 24
139.190.238.0/24 maxlen: 24
139.190.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 19 Mar 2025 20:25:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4025 (0xfb9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Mar 11 08:42:09 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67cff761-3e58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:60:9a:c2:ea:c3:47:28:d2:32:e0:c6:91:c4:
5a:68:47:1f:85:44:75:f5:c2:38:92:7c:07:cb:99:
35:a0:bc:86:7e:79:23:48:bb:f9:ad:ac:85:fb:cd:
97:71:98:08:14:69:b3:2b:ad:f0:b7:6a:12:c4:b0:
a8:63:d4:72:55:52:46:5e:9d:f7:39:08:ee:93:dd:
5d:a2:93:1c:93:49:e7:9f:4d:16:fb:28:4d:20:3a:
dc:e8:c8:af:72:e4:7e:c0:0d:34:46:ed:fd:f2:8e:
3b:13:5a:a1:0f:32:8f:97:4b:75:4d:b3:4a:7d:66:
b4:b5:af:c5:db:84:3d:85:bf:5c:d1:e6:87:94:1c:
c5:15:f5:1c:09:84:a6:b8:12:6d:3e:c4:12:fb:4e:
62:1a:90:f6:ce:0a:25:b5:8a:7b:4f:67:73:9d:76:
69:56:f2:e6:c3:9e:98:04:cb:96:97:52:0c:53:cb:
92:be:b8:c5:9e:ac:78:07:b5:99:54:3b:dc:76:59:
f4:2f:47:a8:cb:51:a7:3c:d4:ad:db:1d:69:5c:89:
f9:72:1a:d0:bc:27:f9:14:16:f2:98:5a:e0:ca:3f:
db:6a:d5:2a:e6:7e:78:b6:97:31:d2:ed:a0:66:af:
2d:4a:05:ad:47:8e:ad:4d:46:dd:a3:9b:09:07:97:
6a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:9D:59:79:88:A6:7F:AC:D5:09:E5:AE:04:CA:0B:D8:20:92:E6:F5
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/B85E994CFE5411EFB0605334C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.10.0-139.190.15.255
139.190.17.0/24
139.190.19.0-139.190.20.255
139.190.22.0-139.190.27.255
139.190.29.0-139.190.34.255
139.190.36.0/22
139.190.48.0-139.190.54.255
139.190.68.0/22
139.190.88.0/21
139.190.124.0/22
139.190.235.0/24
139.190.238.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:3b:c6:e9:ab:47:eb:4c:d4:b5:30:13:61:9d:76:6b:16:48:
92:c3:84:b5:d3:f0:84:c7:75:44:ec:25:b3:18:73:29:8d:ca:
53:6b:92:f8:4d:ba:e1:da:dd:4d:80:df:69:38:06:93:b3:6a:
b1:a0:ed:d9:e2:b1:73:19:13:6e:92:db:85:ad:59:2d:63:e2:
3a:9e:75:d7:68:55:8e:5c:c2:80:b5:c9:40:d1:27:1f:6f:d0:
62:5f:01:7d:5d:02:0d:fc:24:8d:00:60:2d:c6:fb:52:06:62:
75:b5:a8:ca:cf:37:91:32:7f:f0:d7:20:c2:2f:ab:97:b2:19:
15:68:92:5a:7a:40:79:00:00:1c:95:97:bd:4e:fc:04:c4:29:
b7:2b:d3:8b:97:d2:70:81:19:02:bf:ca:85:18:d1:d7:f5:22:
f2:cf:0b:cb:b6:a1:66:ae:ae:72:5d:9f:af:3e:b9:2f:88:71:
a6:64:ec:7d:d2:c9:ae:18:0e:86:cd:57:da:7a:34:6a:43:17:
b1:30:b6:74:72:ae:b4:bf:3e:67:34:21:a4:6b:d2:eb:23:58:
47:79:fb:2e:62:5b:5d:c7:ba:43:11:8a:92:ee:a4:24:16:cc:
61:6d:07:c0:00:12:d4:c6:7a:7d:71:b2:3e:18:54:36:25:ed:
84:e1:67:f7
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgICD7kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwMzExMDg0MjA5WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NmZjc2MS0zZTU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoGCawurDRyjSMuDGkcRaaEcfhUR19cI4knwHy5k1oLyGfnkjSLv5rayF+82X
cZgIFGmzK63wt2oSxLCoY9RyVVJGXp33OQjuk91dopMck0nnn00W+yhNIDrc6Miv
cuR+wA00Ru398o47E1qhDzKPl0t1TbNKfWa0ta/F24Q9hb9c0eaHlBzFFfUcCYSm
uBJtPsQS+05iGpD2zgoltYp7T2dznXZpVvLmw56YBMuWl1IMU8uSvrjFnqx4B7WZ
VDvcdln0L0eoy1GnPNSt2x1pXIn5chrQvCf5FBbymFrgyj/batUq5n54tpcx0u2g
Zq8tSgWtR46tTUbdo5sJB5dqcQIDAQABo4IDADCCAvwwHQYDVR0OBBYEFAadWXmI
pn+s1QnlrgTKC9ggkub1MB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQjg1RTk5NENG
RTU0MTFFRkIwNjA1MzM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYkGCCsGAQUFBwEHAQH/
BHoweDB2BAIAATBwMAwDBAGLvgoDBASLvgADBACLvhEwDAMEAIu+EwMEAIu+FDAM
AwQBi74WAwQCi74YMAwDBACLvh0DBACLviIDBAKLviQwDAMEBIu+MAMEAIu+NgME
Aou+RAMEA4u+WAMEAou+fAMEAIu+6wMEAYu+7jANBgkqhkiG9w0BAQsFAAOCAQEA
oTvG6atH60zUtTATYZ12axZIksOEtdPwhMd1ROwlsxhzKY3KU2uS+E264drdTYDf
aTgGk7NqsaDt2eKxcxkTbpLbha1ZLWPiOp5112hVjlzCgLXJQNEnH2/QYl8BfV0C
DfwkjQBgLcb7UgZidbWoys83kTJ/8Ncgwi+rl7IZFWiSWnpAeQAAHJWXvU78BMQp
tyvTi5fScIEZAr/KhRjR1/Ui8s8Ly7ahZq6ucl2frz65L4hxpmTsfdLJrhgOhs1X
2no0akMXsTC2dHKutL8+ZzQhpGvS6yNYR3n7LmJbXce6QxGKku6kJBbMYW0HwAAS
1MZ6fXGyPhhUNiXthOFn9w==
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:27:33 2025 by rpki-client