Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9135B49/5318A108120111EFADC85345C4F9AE02/59E4E2A415BA11F084EFBB7CC4F9AE02.roa
File: 59E4E2A415BA11F084EFBB7CC4F9AE02.roa (raw, json)
Hash identifier: HZDyu1joYX+dxKnFptiA5xky7OHNJkIOKQTmsVfZf5A=
Subject key identifier: 2B:18:83:0E:18:D4:37:2B:EF:C1:C7:26:49:6A:84:FA:21:E6:BE:96
Certificate issuer: /CN=A9135B49/serialNumber=4C365E36A6479D8EB0B50D90F36D1D7B19EF84D3
Certificate serial: EA
Authority key identifier: 4C:36:5E:36:A6:47:9D:8E:B0:B5:0D:90:F3:6D:1D:7B:19:EF:84:D3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TDZeNqZHnY6wtQ2Q820dexnvhNM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9135B49/5318A108120111EFADC85345C4F9AE02/59E4E2A415BA11F084EFBB7CC4F9AE02.roa
Signing time: Thu 10 Apr 2025 03:17:36 +0000
ROA not before: Thu 10 Apr 2025 03:17:36 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 17466
IP address blocks: 58.2.0.0/20 maxlen: 20
58.2.16.0/20 maxlen: 20
58.2.16.0/21 maxlen: 21
58.2.16.0/22 maxlen: 22
58.2.20.0/22 maxlen: 22
58.2.32.0/19 maxlen: 19
58.2.128.0/19 maxlen: 19
58.2.192.0/19 maxlen: 19
58.2.224.0/21 maxlen: 21
58.2.232.0/22 maxlen: 22
58.2.240.0/20 maxlen: 20
119.43.0.0/17 maxlen: 17
119.43.128.0/18 maxlen: 18
119.43.192.0/21 maxlen: 21
119.43.205.0/24 maxlen: 24
119.43.206.0/23 maxlen: 23
119.43.208.0/20 maxlen: 20
119.43.224.0/19 maxlen: 19
124.4.0.0/19 maxlen: 19
124.4.32.0/21 maxlen: 21
124.4.40.0/22 maxlen: 22
124.4.44.0/24 maxlen: 24
124.4.45.0/24 maxlen: 24
124.4.46.0/23 maxlen: 23
124.4.48.0/20 maxlen: 20
124.4.64.0/18 maxlen: 18
124.4.120.0/23 maxlen: 23
124.4.122.0/23 maxlen: 23
124.4.122.0/24 maxlen: 24
124.4.123.0/24 maxlen: 24
124.4.128.0/18 maxlen: 18
124.4.192.0/21 maxlen: 21
124.4.204.0/22 maxlen: 22
124.4.208.0/20 maxlen: 20
124.4.252.0/22 maxlen: 22
182.94.0.0/17 maxlen: 17
182.94.128.0/18 maxlen: 18
182.94.192.0/19 maxlen: 19
182.94.224.0/21 maxlen: 21
182.94.232.0/22 maxlen: 22
182.94.240.0/24 maxlen: 24
182.94.241.0/24 maxlen: 24
182.94.242.0/23 maxlen: 23
182.94.244.0/22 maxlen: 22
182.94.248.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9135B49/5318A108120111EFADC85345C4F9AE02/TDZeNqZHnY6wtQ2Q820dexnvhNM.crl
rsync://rpki.apnic.net/member_repository/A9135B49/5318A108120111EFADC85345C4F9AE02/TDZeNqZHnY6wtQ2Q820dexnvhNM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TDZeNqZHnY6wtQ2Q820dexnvhNM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 22 May 2025 05:11:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 234 (0xea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9135B49, serialNumber=4C365E36A6479D8EB0B50D90F36D1D7B19EF84D3
Validity
Not Before: Apr 10 03:17:36 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67f73850-cc8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:d7:e4:70:7c:21:ef:a5:17:58:a9:f5:2d:bc:
51:f6:3e:63:b8:0a:a5:70:76:a3:72:35:23:b2:d8:
72:54:26:32:01:57:e4:cd:cd:e7:ae:5a:81:b5:85:
0e:3a:55:a9:15:e0:41:97:2c:f6:4d:07:f7:9f:98:
e0:e9:8d:5a:f6:30:87:96:2c:fb:2c:70:03:fc:5a:
e5:7b:76:61:82:a7:dd:6d:d7:d1:c2:99:81:fa:ec:
c7:b3:e8:2f:93:10:a9:69:86:7b:57:82:d3:ab:da:
52:0c:b9:b1:34:fd:3b:e1:32:7f:dc:e9:dd:75:ea:
6b:20:77:76:a4:4b:e1:ab:c2:f6:dc:f2:c9:fa:59:
ea:c2:39:1a:4f:8d:ae:9f:c9:e6:f2:d0:f2:f5:14:
af:fd:f1:d6:68:e0:b3:24:7f:78:1b:3f:22:ac:8f:
9b:b8:13:68:76:1f:13:bf:80:6e:44:be:ac:fc:93:
f3:6b:71:e6:8f:a0:15:38:aa:09:5b:e1:93:b0:ed:
2d:d2:fa:a0:bb:44:01:15:81:2c:b6:0b:d3:d6:df:
ef:dc:ef:ec:b6:43:a0:28:88:39:95:14:58:15:2a:
a1:01:55:a0:e2:df:67:e1:5c:e9:8c:4d:af:80:d3:
fa:ad:26:db:c4:ca:cd:b6:75:c3:ef:21:09:22:9b:
34:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:18:83:0E:18:D4:37:2B:EF:C1:C7:26:49:6A:84:FA:21:E6:BE:96
X509v3 Authority Key Identifier:
keyid:4C:36:5E:36:A6:47:9D:8E:B0:B5:0D:90:F3:6D:1D:7B:19:EF:84:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9135B49/5318A108120111EFADC85345C4F9AE02/TDZeNqZHnY6wtQ2Q820dexnvhNM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TDZeNqZHnY6wtQ2Q820dexnvhNM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9135B49/5318A108120111EFADC85345C4F9AE02/59E4E2A415BA11F084EFBB7CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.2.0.0/18
58.2.128.0/19
58.2.192.0-58.2.235.255
58.2.240.0/20
119.43.0.0-119.43.199.255
119.43.205.0-119.43.255.255
124.4.0.0-124.4.199.255
124.4.204.0-124.4.223.255
124.4.252.0/22
182.94.0.0-182.94.235.255
182.94.240.0/20
Signature Algorithm: sha256WithRSAEncryption
c9:0c:5b:3e:3d:9e:0c:ce:98:dc:3b:74:78:9c:34:bb:bd:d9:
e7:51:5e:9a:da:e1:37:b2:5d:ab:36:88:d1:ab:0e:6d:28:c9:
8c:34:2b:30:11:e1:c9:09:7c:8b:01:4d:ff:77:cd:ce:3a:e6:
b8:67:1a:47:22:4c:a5:3b:f0:9f:9d:b0:55:03:e8:24:12:b4:
ae:92:50:d3:9d:3e:63:64:09:bb:fa:2f:83:d4:f8:31:6c:dc:
4c:71:2f:12:d4:ae:11:e9:aa:e8:de:8a:e1:00:9d:f6:75:cf:
e1:76:56:d0:9c:1b:de:87:90:63:0a:c2:19:08:42:9d:83:81:
6b:3a:18:f4:7f:f0:0c:9b:3a:fc:c8:0d:48:48:11:54:14:b5:
fa:ad:e3:4a:b5:9f:f2:67:ef:bf:7c:9d:04:cf:4a:65:e5:ca:
e2:c1:14:95:57:f6:e5:9a:f6:6b:96:be:b0:38:b1:93:20:bf:
c6:3c:6a:c3:cc:78:99:02:f6:f3:a7:ae:5f:04:5c:d1:81:09:
2b:5f:bf:2a:bc:ac:bc:a2:4c:c4:41:c0:2c:15:58:10:c0:bd:
0f:9d:83:21:ac:d4:0f:26:1f:46:3d:df:c2:f8:ce:de:06:b6:
31:5f:96:a6:c6:35:25:c7:79:84:e8:21:15:63:62:5c:c1:46:
30:b7:ab:c8
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgICAOowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzVCNDkxMTAvBgNVBAUTKDRDMzY1RTM2QTY0NzlEOEVCMEI1MEQ5MEYzNkQxRDdC
MTlFRjg0RDMwHhcNMjUwNDEwMDMxNzM2WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Y3Mzg1MC1jYzhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7tfkcHwh76UXWKn1LbxR9j5juAqlcHajcjUjsthyVCYyAVfkzc3nrlqBtYUO
OlWpFeBBlyz2TQf3n5jg6Y1a9jCHliz7LHAD/Frle3ZhgqfdbdfRwpmB+uzHs+gv
kxCpaYZ7V4LTq9pSDLmxNP074TJ/3OnddeprIHd2pEvhq8L23PLJ+lnqwjkaT42u
n8nm8tDy9RSv/fHWaOCzJH94Gz8irI+buBNodh8Tv4BuRL6s/JPza3Hmj6AVOKoJ
W+GTsO0t0vqgu0QBFYEstgvT1t/v3O/stkOgKIg5lRRYFSqhAVWg4t9n4VzpjE2v
gNP6rSbbxMrNtnXD7yEJIps0rwIDAQABo4IC/jCCAvowHQYDVR0OBBYEFCsYgw4Y
1Dcr78HHJklqhPoh5r6WMB8GA1UdIwQYMBaAFEw2XjamR52OsLUNkPNtHXsZ74TT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNUI0OS81MzE4QTEwODEy
MDExMUVGQURDODUzNDVDNEY5QUUwMi9URFplTnFaSG5ZNnd0UTJRODIwZGV4bnZo
Tk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1REWmVOcVpIblk2d3RRMlE4MjBkZXhudmhOTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzVCNDkvNTMxOEExMDgxMjAxMTFFRkFEQzg1MzQ1QzRGOUFFMDIvNTlFNEUyQTQx
NUJBMTFGMDg0RUZCQjdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYcGCCsGAQUFBwEHAQH/
BHgwdjB0BAIAATBuAwQGOgIAAwQFOgKAMAwDBAY6AsADBAI6AugDBAQ6AvAwCwMD
AHcrAwQDdyvAMAsDBAB3K80DAwJ3KDALAwMCfAQDBAN8BMAwDAMEAnwEzAMEBXwE
wAMEAnwE/DALAwMBtl4DBAK2XugDBAS2XvAwDQYJKoZIhvcNAQELBQADggEBAMkM
Wz49ngzOmNw7dHicNLu92edRXpra4TeyXas2iNGrDm0oyYw0KzAR4ckJfIsBTf93
zc465rhnGkciTKU78J+dsFUD6CQStK6SUNOdPmNkCbv6L4PU+DFs3ExxLxLUrhHp
qujeiuEAnfZ1z+F2VtCcG96HkGMKwhkIQp2DgWs6GPR/8AybOvzIDUhIEVQUtfqt
40q1n/Jn7798nQTPSmXlyuLBFJVX9uWa9muWvrA4sZMgv8Y8asPMeJkC9vOnrl8E
XNGBCStfvyq8rLyiTMRBwCwVWBDAvQ+dgyGs1A8mH0Y938L4zt4GtjFflqbGNSXH
eYToIRVjYlzBRjC3q8g=
-----END CERTIFICATE-----
Generated at Fri May 16 10:41:33 2025 by rpki-client