Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/1A0D44FA3B5411EABAC6EE18C4F9AE02.roa
File: 1A0D44FA3B5411EABAC6EE18C4F9AE02.roa (raw, json)
Hash identifier: ErQUIZBQOuclNYifsKsmx5/Jnr/1hpU5xKibhIO600k=
Subject key identifier: 61:6B:B2:92:91:33:20:5B:12:7C:51:06:FA:E2:71:8E:A8:03:63:2E
Certificate issuer: /CN=A91EA198/serialNumber=5FEEDE9D382543F051527FA533D47A917077E632
Certificate serial: 1DC8
Authority key identifier: 5F:EE:DE:9D:38:25:43:F0:51:52:7F:A5:33:D4:7A:91:70:77:E6:32
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/X-7enTglQ_BRUn-lM9R6kXB35jI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/1A0D44FA3B5411EABAC6EE18C4F9AE02.roa
Signing time: Wed 18 Dec 2024 16:13:55 +0000
ROA not before: Wed 18 Dec 2024 16:13:55 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 37963
IP address blocks: 8.128.0.0/10 maxlen: 15
8.128.0.0/16 maxlen: 24
8.129.0.0/16 maxlen: 24
8.130.0.0/16 maxlen: 24
8.131.0.0/16 maxlen: 24
8.132.0.0/16 maxlen: 24
8.133.0.0/16 maxlen: 24
8.134.0.0/16 maxlen: 24
8.135.0.0/16 maxlen: 24
8.136.0.0/16 maxlen: 24
8.137.0.0/16 maxlen: 24
8.138.0.0/16 maxlen: 24
8.139.0.0/16 maxlen: 24
8.140.0.0/16 maxlen: 24
8.141.0.0/16 maxlen: 24
8.142.0.0/16 maxlen: 24
8.143.0.0/16 maxlen: 24
8.144.0.0/16 maxlen: 24
8.145.0.0/16 maxlen: 24
8.146.0.0/16 maxlen: 24
8.147.0.0/16 maxlen: 24
8.148.0.0/16 maxlen: 24
8.149.0.0/16 maxlen: 24
8.150.0.0/16 maxlen: 24
8.151.0.0/16 maxlen: 24
8.152.0.0/16 maxlen: 24
8.153.0.0/16 maxlen: 24
8.154.0.0/16 maxlen: 24
8.155.0.0/16 maxlen: 24
8.156.0.0/16 maxlen: 24
8.157.0.0/16 maxlen: 24
8.158.0.0/16 maxlen: 24
8.159.0.0/16 maxlen: 24
8.160.0.0/16 maxlen: 24
8.161.0.0/16 maxlen: 24
8.162.0.0/16 maxlen: 24
8.163.0.0/16 maxlen: 24
8.164.0.0/16 maxlen: 24
8.165.0.0/16 maxlen: 24
8.166.0.0/16 maxlen: 24
8.167.0.0/16 maxlen: 24
8.168.0.0/16 maxlen: 24
8.169.0.0/16 maxlen: 24
8.170.0.0/16 maxlen: 24
8.171.0.0/16 maxlen: 24
8.172.0.0/16 maxlen: 24
8.173.0.0/16 maxlen: 24
8.174.0.0/16 maxlen: 24
8.175.0.0/16 maxlen: 24
8.176.0.0/16 maxlen: 24
8.178.0.0/16 maxlen: 24
8.179.0.0/16 maxlen: 24
8.180.0.0/16 maxlen: 24
8.181.0.0/16 maxlen: 24
8.182.0.0/16 maxlen: 24
8.183.0.0/16 maxlen: 24
8.184.0.0/16 maxlen: 24
8.185.0.0/16 maxlen: 24
8.186.0.0/16 maxlen: 24
8.187.0.0/16 maxlen: 24
8.188.0.0/16 maxlen: 24
8.189.0.0/16 maxlen: 24
8.190.0.0/16 maxlen: 24
8.191.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/X-7enTglQ_BRUn-lM9R6kXB35jI.crl
rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/X-7enTglQ_BRUn-lM9R6kXB35jI.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/X-7enTglQ_BRUn-lM9R6kXB35jI.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 16:11:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7624 (0x1dc8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA198
Validity
Not Before: Dec 18 16:13:55 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6762f4c2-72f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:47:b3:9e:1c:f0:f1:0f:91:c0:a4:81:d5:2f:
8f:44:83:c3:66:80:30:96:36:8c:d6:60:0c:0a:82:
36:9e:96:61:01:0d:43:fd:07:62:d2:45:ca:a4:3a:
8c:fc:1a:2c:9e:55:d3:5d:ff:50:2b:25:d5:60:30:
b1:ea:bb:a8:f4:72:46:27:1a:93:5c:91:2b:d8:43:
86:ba:52:d8:8a:1a:71:51:67:4a:04:bf:57:ef:4f:
62:6d:ee:fb:f9:20:65:6b:57:76:c6:15:21:1a:9d:
59:ae:3b:16:30:dc:71:7b:97:69:45:80:b1:06:50:
86:0f:82:d7:78:bf:ed:44:f7:b9:13:d8:7d:2f:8a:
0f:2e:61:7b:68:52:92:d4:48:26:27:d7:65:4e:8e:
0a:79:ed:15:ed:25:2a:ce:da:c8:b7:43:ad:cc:e1:
b1:29:6f:06:dc:2f:b6:ed:dc:09:9e:e9:ef:c3:b1:
ba:1c:50:42:9b:b9:ac:1b:36:dd:1a:7c:11:40:f6:
7e:e2:f3:d5:9a:29:ef:9d:3d:45:fc:ec:38:be:09:
d3:6a:17:a0:aa:53:74:7a:f0:52:22:df:4f:d5:0f:
f9:2e:a2:74:90:8d:b2:84:d3:bf:d6:9c:6a:32:70:
44:bc:5a:08:29:55:b7:8b:02:97:1e:30:f8:34:ed:
a7:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:6B:B2:92:91:33:20:5B:12:7C:51:06:FA:E2:71:8E:A8:03:63:2E
X509v3 Authority Key Identifier:
keyid:5F:EE:DE:9D:38:25:43:F0:51:52:7F:A5:33:D4:7A:91:70:77:E6:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/X-7enTglQ_BRUn-lM9R6kXB35jI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/X-7enTglQ_BRUn-lM9R6kXB35jI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/1A0D44FA3B5411EABAC6EE18C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
8.128.0.0/10
Signature Algorithm: sha256WithRSAEncryption
6f:ea:e9:70:15:0b:84:fb:ae:dc:ff:5c:d9:17:f5:9d:7d:6d:
c8:1c:3f:fd:1e:d9:7f:fd:ad:3a:91:37:bb:6d:9c:ac:a8:31:
04:15:8d:f0:fa:a5:89:9f:8b:9e:dd:d2:d2:85:84:47:33:a2:
b4:c3:fa:75:32:5c:87:cc:d3:e3:87:c1:55:66:cc:39:c6:7d:
51:16:b3:dd:c7:a8:82:73:09:1a:9a:b2:35:34:f8:38:26:86:
d4:dd:55:ab:e3:63:95:0c:2f:98:da:71:19:37:b5:99:85:eb:
d5:41:f3:a9:8c:72:45:3f:8b:a7:9a:86:fe:83:e1:44:46:46:
6b:d5:b6:d2:b2:25:c9:22:95:ca:1b:63:6b:41:a6:77:84:9c:
6f:80:1b:32:e9:de:b7:ba:f8:6a:7e:4d:c6:24:6a:31:5e:99:
8d:80:d5:47:82:b6:cf:ae:9e:3b:7e:29:8c:36:80:cf:6b:67:
04:6d:38:75:a4:c3:4e:64:43:a5:d2:9d:a8:9e:60:c7:c9:f2:
c8:dc:0b:7c:80:37:d7:94:aa:f5:c1:30:e2:fa:79:99:12:96:
04:a8:dc:03:1d:62:7e:c8:f1:a1:18:b2:22:10:2f:e9:f1:14:
ec:18:cc:71:b4:87:00:24:ab:4f:0d:8d:8e:92:4a:27:02:f4:
c9:64:cb:3e
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgICHcgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUExOTgxMTAvBgNVBAUTKDVGRUVERTlEMzgyNTQzRjA1MTUyN0ZBNTMzRDQ3QTkx
NzA3N0U2MzIwHhcNMjQxMjE4MTYxMzU1WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYyZjRjMi03MmY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzkeznhzw8Q+RwKSB1S+PRIPDZoAwljaM1mAMCoI2npZhAQ1D/Qdi0kXKpDqM
/BosnlXTXf9QKyXVYDCx6ruo9HJGJxqTXJEr2EOGulLYihpxUWdKBL9X709ibe77
+SBla1d2xhUhGp1ZrjsWMNxxe5dpRYCxBlCGD4LXeL/tRPe5E9h9L4oPLmF7aFKS
1EgmJ9dlTo4Kee0V7SUqztrIt0OtzOGxKW8G3C+27dwJnunvw7G6HFBCm7msGzbd
GnwRQPZ+4vPVminvnT1F/Ow4vgnTahegqlN0evBSIt9P1Q/5LqJ0kI2yhNO/1pxq
MnBEvFoIKVW3iwKXHjD4NO2nBwIDAQABo4IClDCCApAwHQYDVR0OBBYEFGFrspKR
MyBbEnxRBvricY6oA2MuMB8GA1UdIwQYMBaAFF/u3p04JUPwUVJ/pTPUepFwd+Yy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTE5OC9BRDYyOTIyMkI1
MjUxMUU2QUY2Qzg5NUVDNEY5QUUwMi9YLTdlblRnbFFfQlJVbi1sTTlSNmtYQjM1
akkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1gtN2VuVGdsUV9CUlVuLWxNOVI2a1hCMzVqSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUExOTgvQUQ2MjkyMjJCNTI1MTFFNkFGNkM4OTVFQzRGOUFFMDIvMUEwRDQ0RkEz
QjU0MTFFQUJBQzZFRTE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E
DzANMAsEAgABMAUDAwYIgDANBgkqhkiG9w0BAQsFAAOCAQEAb+rpcBULhPuu3P9c
2Rf1nX1tyBw//R7Zf/2tOpE3u22crKgxBBWN8PqliZ+Lnt3S0oWERzOitMP6dTJc
h8zT44fBVWbMOcZ9URaz3ceognMJGpqyNTT4OCaG1N1Vq+NjlQwvmNpxGTe1mYXr
1UHzqYxyRT+Lp5qG/oPhREZGa9W20rIlySKVyhtja0Gmd4Scb4AbMunet7r4an5N
xiRqMV6ZjYDVR4K2z66eO34pjDaAz2tnBG04daTDTmRDpdKdqJ5gx8nyyNwLfIA3
15Sq9cEw4vp5mRKWBKjcAx1ifsjxoRiyIhAv6fEU7BjMcbSHACSrTw2NjpJKJwL0
yWTLPg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:07:48 2025 by rpki-client