Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/C81AC00EB14111EB959D4D3CC4F9AE02.roa
File: C81AC00EB14111EB959D4D3CC4F9AE02.roa (raw, json)
Hash identifier: PPz+jo2ZglJLUOgv0BMC7+AH2ZHmEK5hCIx98WW3CQI=
Subject key identifier: 04:55:34:6F:2B:C5:1D:CE:54:76:B4:66:3B:E3:A3:2B:22:C8:2A:DE
Certificate issuer: /CN=A91EA198/serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD
Certificate serial: 1E72
Authority key identifier: 9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/C81AC00EB14111EB959D4D3CC4F9AE02.roa
Signing time: Wed 18 Dec 2024 16:43:40 +0000
ROA not before: Wed 18 Dec 2024 16:43:40 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 37963
IP address blocks: 43.0.0.0/9 maxlen: 15
43.0.0.0/16 maxlen: 24
43.1.0.0/16 maxlen: 24
43.2.0.0/16 maxlen: 24
43.3.0.0/16 maxlen: 24
43.4.0.0/16 maxlen: 24
43.5.0.0/16 maxlen: 24
43.6.0.0/16 maxlen: 24
43.7.0.0/16 maxlen: 16
43.7.0.0/16 maxlen: 24
43.8.0.0/16 maxlen: 24
43.9.0.0/16 maxlen: 24
43.10.0.0/16 maxlen: 24
43.11.0.0/16 maxlen: 24
43.12.0.0/16 maxlen: 24
43.13.0.0/16 maxlen: 24
43.14.0.0/16 maxlen: 24
43.15.0.0/16 maxlen: 24
43.16.0.0/16 maxlen: 24
43.17.0.0/16 maxlen: 24
43.18.0.0/16 maxlen: 24
43.19.0.0/16 maxlen: 24
43.20.0.0/16 maxlen: 24
43.21.0.0/16 maxlen: 24
43.22.0.0/16 maxlen: 24
43.23.0.0/16 maxlen: 24
43.24.0.0/16 maxlen: 24
43.25.0.0/16 maxlen: 24
43.26.0.0/16 maxlen: 24
43.27.0.0/16 maxlen: 24
43.28.0.0/16 maxlen: 24
43.29.0.0/16 maxlen: 24
43.30.0.0/16 maxlen: 24
43.31.0.0/16 maxlen: 24
43.32.0.0/16 maxlen: 16
43.32.0.0/16 maxlen: 24
43.33.0.0/16 maxlen: 24
43.35.0.0/16 maxlen: 24
43.36.0.0/16 maxlen: 24
43.37.0.0/16 maxlen: 24
43.38.0.0/16 maxlen: 24
43.39.0.0/16 maxlen: 24
43.40.0.0/16 maxlen: 24
43.41.0.0/16 maxlen: 24
43.42.0.0/16 maxlen: 24
43.43.0.0/16 maxlen: 24
43.44.0.0/16 maxlen: 24
43.45.0.0/16 maxlen: 24
43.46.0.0/16 maxlen: 24
43.47.0.0/16 maxlen: 24
43.48.0.0/16 maxlen: 24
43.49.0.0/16 maxlen: 24
43.50.0.0/16 maxlen: 24
43.51.0.0/16 maxlen: 24
43.52.0.0/16 maxlen: 24
43.53.0.0/16 maxlen: 24
43.54.0.0/16 maxlen: 24
43.55.0.0/16 maxlen: 24
43.56.0.0/16 maxlen: 24
43.57.0.0/16 maxlen: 24
43.58.0.0/16 maxlen: 24
43.59.0.0/16 maxlen: 24
43.60.0.0/16 maxlen: 24
43.61.0.0/16 maxlen: 24
43.62.0.0/16 maxlen: 24
43.63.0.0/16 maxlen: 24
43.64.0.0/16 maxlen: 24
43.65.0.0/16 maxlen: 24
43.66.0.0/16 maxlen: 24
43.67.0.0/16 maxlen: 24
43.68.0.0/16 maxlen: 24
43.69.0.0/16 maxlen: 24
43.70.0.0/16 maxlen: 24
43.71.0.0/16 maxlen: 24
43.72.0.0/16 maxlen: 24
43.73.0.0/16 maxlen: 24
43.74.0.0/16 maxlen: 24
43.75.0.0/16 maxlen: 24
43.76.0.0/16 maxlen: 16
43.76.0.0/16 maxlen: 24
43.78.0.0/16 maxlen: 24
43.79.0.0/16 maxlen: 24
43.80.0.0/16 maxlen: 24
43.81.0.0/16 maxlen: 24
43.82.0.0/16 maxlen: 24
43.83.0.0/16 maxlen: 24
43.84.0.0/16 maxlen: 24
43.85.0.0/16 maxlen: 24
43.86.0.0/16 maxlen: 24
43.87.0.0/16 maxlen: 24
43.88.0.0/16 maxlen: 24
43.89.0.0/16 maxlen: 24
43.90.0.0/16 maxlen: 24
43.91.0.0/16 maxlen: 24
43.95.0.0/16 maxlen: 24
43.96.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl
rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 16:11:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7794 (0x1e72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA198
Validity
Not Before: Dec 18 16:43:40 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6762fbbc-ff4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fa:75:93:03:32:ca:f6:66:c5:94:50:e0:73:
d8:fb:e1:6b:62:b3:56:5f:3b:eb:90:07:8e:7c:4c:
b3:fc:ae:93:42:d2:63:4c:ed:84:a4:d3:e4:85:1a:
c4:91:7c:6f:a8:74:93:4c:ff:85:eb:43:11:0f:a1:
d3:47:90:09:a0:2b:4b:1e:92:cb:fa:3f:dd:d1:b2:
83:60:b0:1c:d5:9d:4a:15:26:9f:b7:e0:88:7a:67:
e4:17:58:b8:ee:69:8b:07:0a:aa:4a:5f:f7:52:9b:
25:c0:4f:70:5b:ee:1d:fb:8c:97:72:59:f9:92:d1:
48:84:e9:51:f4:d3:23:9a:2e:0c:57:a6:13:d3:c2:
21:02:03:83:3d:21:f0:98:96:40:c3:60:cc:70:a7:
3e:57:82:d9:a8:0a:4d:61:6d:db:90:42:ed:d0:09:
7c:df:91:a1:d5:86:09:58:bb:3c:de:ed:2e:f6:75:
91:99:6b:26:9d:48:54:8c:62:e1:3b:fb:72:41:c6:
17:60:0f:93:5a:7d:4b:83:b6:9b:6d:73:1a:0c:26:
f6:74:1f:cb:1b:55:bf:e1:04:78:c7:15:c8:7d:8a:
98:da:7e:c2:27:e2:c0:a2:e2:56:97:ad:38:e4:a4:
6a:61:37:42:5e:f8:b4:f1:f5:a2:d3:a9:81:01:73:
28:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:55:34:6F:2B:C5:1D:CE:54:76:B4:66:3B:E3:A3:2B:22:C8:2A:DE
X509v3 Authority Key Identifier:
keyid:9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/C81AC00EB14111EB959D4D3CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.0.0.0/9
Signature Algorithm: sha256WithRSAEncryption
48:14:df:bf:9e:db:bf:32:9c:42:a0:4d:64:ab:e3:98:17:0e:
8d:54:be:92:e2:00:e2:d0:c2:29:a1:88:62:0b:c9:2a:90:86:
d1:02:31:c0:d7:82:ce:5e:cd:f2:29:d0:8a:9d:c4:e5:ca:6b:
0c:42:8c:bc:00:00:b0:03:21:51:aa:f7:ef:5a:1e:5b:ec:4a:
c7:a6:29:eb:b7:26:bb:2b:d0:4b:da:70:57:41:db:e9:9d:6c:
bc:f0:ab:c9:57:9b:47:d7:03:13:fd:d2:3b:b0:12:96:99:c3:
62:1d:ea:13:bc:1a:ee:cc:c0:21:fe:f4:db:d6:64:da:dc:73:
12:3a:55:f9:fe:60:ca:be:27:d3:1d:eb:54:e7:ba:ba:2e:56:
ea:cb:39:3a:7a:0b:82:54:98:71:8c:05:34:74:c5:9d:10:70:
d9:23:5a:12:ca:0f:fa:34:00:2b:4f:51:72:d2:f7:0b:b7:6f:
ff:b0:1d:2c:25:27:e9:d2:50:27:0f:a5:c1:f3:db:95:6e:46:
91:c0:88:2f:25:a4:21:f3:fd:1f:52:6b:5e:b4:7f:08:60:82:
62:ef:c8:8c:88:17:64:8b:7a:1b:d9:c2:6e:6d:8e:b2:c7:44:
95:56:64:0b:e2:ed:79:f0:04:de:0c:a1:49:8a:ab:a6:8e:cc:
b2:d4:57:f3
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgICHnIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUExOTgxMTAvBgNVBAUTKDlFMUMzNTMxRDAwNDVFQTM4OUI2OENGRjkyODZBMDhG
QkNCQkQ4QkQwHhcNMjQxMjE4MTY0MzQwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYyZmJiYy1mZjRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq/p1kwMyyvZmxZRQ4HPY++FrYrNWXzvrkAeOfEyz/K6TQtJjTO2EpNPkhRrE
kXxvqHSTTP+F60MRD6HTR5AJoCtLHpLL+j/d0bKDYLAc1Z1KFSaft+CIemfkF1i4
7mmLBwqqSl/3UpslwE9wW+4d+4yXcln5ktFIhOlR9NMjmi4MV6YT08IhAgODPSHw
mJZAw2DMcKc+V4LZqApNYW3bkELt0Al835Gh1YYJWLs83u0u9nWRmWsmnUhUjGLh
O/tyQcYXYA+TWn1Lg7abbXMaDCb2dB/LG1W/4QR4xxXIfYqY2n7CJ+LAouJWl604
5KRqYTdCXvi08fWi06mBAXMo5wIDAQABo4IClDCCApAwHQYDVR0OBBYEFARVNG8r
xR3OVHa0ZjvjoysiyCreMB8GA1UdIwQYMBaAFJ4cNTHQBF6jibaM/5KGoI+8u9i9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTE5OC85OTNGMjA5MEFC
QzQxMUU2QkQ2QkVEMTRDNEY5QUUwMi9uaHcxTWRBRVhxT0p0b3pfa29hZ2o3eTcy
TDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25odzFNZEFFWHFPSnRvel9rb2Fnajd5NzJMMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUExOTgvOTkzRjIwOTBBQkM0MTFFNkJENkJFRDE0QzRGOUFFMDIvQzgxQUMwMEVC
MTQxMTFFQjk1OUQ0RDNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E
DzANMAsEAgABMAUDAwcrADANBgkqhkiG9w0BAQsFAAOCAQEASBTfv57bvzKcQqBN
ZKvjmBcOjVS+kuIA4tDCKaGIYgvJKpCG0QIxwNeCzl7N8inQip3E5cprDEKMvAAA
sAMhUar371oeW+xKx6Yp67cmuyvQS9pwV0Hb6Z1svPCryVebR9cDE/3SO7ASlpnD
Yh3qE7wa7szAIf7029Zk2txzEjpV+f5gyr4n0x3rVOe6ui5W6ss5OnoLglSYcYwF
NHTFnRBw2SNaEsoP+jQAK09RctL3C7dv/7AdLCUn6dJQJw+lwfPblW5GkcCILyWk
IfP9H1JrXrR/CGCCYu/IjIgXZIt6G9nCbm2OssdElVZkC+LtefAE3gyhSYqrpo7M
stRX8w==
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:03:26 2025 by rpki-client