Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/087D2D80C4A711EB917EC55EC4F9AE02.roa
File: 087D2D80C4A711EB917EC55EC4F9AE02.roa (raw, json)
Hash identifier: B4WbBYea2h8cnDtNnotWOZoOLWpwJHLhhv8YaRsLrqQ=
Subject key identifier: 95:FA:31:B1:F7:A0:16:4C:4F:6A:6E:D8:24:DE:D1:CC:61:5E:7C:45
Certificate issuer: /CN=A91402DC/serialNumber=C2B9F5F3C68C576727239B92A93B36297D1B1653
Certificate serial: 1308
Authority key identifier: C2:B9:F5:F3:C6:8C:57:67:27:23:9B:92:A9:3B:36:29:7D:1B:16:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/087D2D80C4A711EB917EC55EC4F9AE02.roa
Signing time: Wed 07 May 2025 04:31:13 +0000
ROA not before: Wed 07 May 2025 04:31:13 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 4657
IP address blocks: 27.54.0.0/18 maxlen: 24
27.125.128.0/18 maxlen: 24
39.109.128.0/17 maxlen: 24
45.65.0.0/22 maxlen: 24
58.96.192.0/18 maxlen: 24
61.8.192.0/19 maxlen: 24
61.8.224.0/19 maxlen: 24
101.127.0.0/16 maxlen: 24
103.17.144.0/22 maxlen: 24
111.223.64.0/18 maxlen: 18
111.223.64.0/19 maxlen: 24
111.223.96.0/19 maxlen: 24
113.10.64.0/18 maxlen: 24
117.20.128.0/18 maxlen: 24
122.11.128.0/17 maxlen: 24
124.155.192.0/19 maxlen: 24
171.0.0.0/15 maxlen: 15
171.0.0.0/16 maxlen: 24
171.1.0.0/16 maxlen: 24
171.207.0.0/16 maxlen: 24
182.19.128.0/17 maxlen: 24
182.55.0.0/16 maxlen: 24
183.90.0.0/17 maxlen: 24
203.116.0.0/16 maxlen: 24
203.117.0.0/16 maxlen: 24
203.118.0.0/18 maxlen: 24
2406:3000::/30 maxlen: 32
2406:3000::/40 maxlen: 48
2406:3000:2::/56 maxlen: 64
2406:3000:2:100::/56 maxlen: 64
2406:3000:3::/56 maxlen: 64
2406:3000:a::/56 maxlen: 64
2406:3000:c::/56 maxlen: 56
2406:3000:c:100::/56 maxlen: 56
2406:3000:11::/56 maxlen: 64
2406:3000:11:1000::/56 maxlen: 64
2406:3000:11:2000::/56 maxlen: 64
2406:3000:12::/48 maxlen: 56
2406:3000:12::/56 maxlen: 64
2406:3000:12:100::/56 maxlen: 64
2406:3000:20::/56 maxlen: 64
2406:3000:22::/56 maxlen: 64
2406:3000:35::/56 maxlen: 64
2406:3000:36::/56 maxlen: 64
2406:3000:36:100::/56 maxlen: 64
2406:3000:38::/56 maxlen: 64
2406:3000:4f::/56 maxlen: 64
2406:3000:4f:100::/56 maxlen: 64
2406:3000:1000::/56 maxlen: 64
2406:3000:1000:100::/56 maxlen: 56
2406:3000:ad53::/49 maxlen: 49
2406:3001:20::/56 maxlen: 64
2406:3001:22::/56 maxlen: 64
2406:3001:23::/56 maxlen: 64
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.crl
rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 15 May 2025 17:17:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4872 (0x1308)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91402DC, serialNumber=C2B9F5F3C68C576727239B92A93B36297D1B1653
Validity
Not Before: May 7 04:31:13 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=681ae211-45c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:41:2d:56:6e:44:ec:83:33:e4:82:22:e5:34:
6c:b5:00:cb:c0:95:ae:66:53:7b:84:7f:21:4e:5d:
10:cc:af:dd:57:b3:fb:2d:11:19:6e:95:83:de:fd:
0f:dd:7f:f0:3c:fc:a0:f0:7d:05:9c:40:5a:aa:0a:
91:fe:aa:a1:26:02:96:db:9d:15:81:35:34:79:b3:
86:89:73:25:eb:b7:05:7b:07:29:8c:fb:9a:2f:f7:
10:d7:f4:d4:16:57:cd:a1:f8:b5:12:01:99:4d:af:
5b:33:0a:d6:ec:f1:38:8f:4e:1e:f5:26:cb:15:0b:
4c:e5:18:6d:c6:e2:3d:38:77:11:6d:67:34:51:94:
81:4c:91:11:b7:41:07:85:80:a2:f6:c7:a0:6d:3c:
6f:2a:1a:78:ec:45:11:7d:f7:d2:a1:d0:d5:31:af:
97:0f:17:eb:c9:3f:d4:3e:1d:fd:f8:a9:fd:f0:9f:
f4:eb:0d:6b:9c:86:71:41:79:f4:5c:4c:57:62:27:
cb:83:cf:19:7f:0a:0e:cb:1c:3f:82:a6:22:ea:28:
ed:47:d3:f3:b4:75:9b:11:11:c5:3f:d8:59:9b:5e:
b8:6e:bb:74:fc:21:58:ba:81:32:2f:31:f3:3f:f7:
d7:17:12:5d:0a:fc:64:55:1b:53:f8:c0:e3:ad:35:
d5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:FA:31:B1:F7:A0:16:4C:4F:6A:6E:D8:24:DE:D1:CC:61:5E:7C:45
X509v3 Authority Key Identifier:
keyid:C2:B9:F5:F3:C6:8C:57:67:27:23:9B:92:A9:3B:36:29:7D:1B:16:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/087D2D80C4A711EB917EC55EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.54.0.0/18
27.125.128.0/18
39.109.128.0/17
45.65.0.0/22
58.96.192.0/18
61.8.192.0/18
101.127.0.0/16
103.17.144.0/22
111.223.64.0/18
113.10.64.0/18
117.20.128.0/18
122.11.128.0/17
124.155.192.0/19
171.0.0.0/15
171.207.0.0/16
182.19.128.0/17
182.55.0.0/16
183.90.0.0/17
203.116.0.0-203.118.63.255
IPv6:
2406:3000::/30
Signature Algorithm: sha256WithRSAEncryption
27:79:98:b6:3b:63:00:4f:4a:33:dd:de:f6:66:a6:cf:7c:88:
0a:91:e4:f2:c6:2f:5e:9b:3d:46:02:c9:7a:f2:e4:53:2a:99:
da:4f:e9:47:fd:cc:f6:50:e8:13:cb:48:fd:78:67:a7:a9:49:
b0:af:3a:85:99:0d:b3:c5:e0:25:e0:ce:80:cb:d0:e7:8e:ef:
9a:c4:52:07:88:b7:1c:ed:c1:7b:79:24:12:0b:2d:4a:23:35:
d8:be:16:67:ac:3d:d6:f4:41:75:cc:a3:fe:c3:30:42:65:80:
b5:e9:98:bb:16:b9:ec:1a:fe:e7:d1:13:d9:b7:bd:de:93:f4:
29:c6:af:61:05:e1:f1:5f:6b:60:d6:28:66:d8:f2:ac:03:be:
74:30:af:ae:3c:0f:83:b5:05:93:3e:73:f6:3b:e6:bc:d1:78:
ae:fb:14:a4:fc:84:a9:50:5d:2f:b1:12:ba:81:44:3b:28:c1:
fd:ff:d7:09:8c:29:8e:b0:04:25:ef:cd:5a:2f:76:03:cf:83:
9f:b7:54:cb:0f:9b:c3:06:6c:8e:6f:b1:0e:fa:bd:9d:a6:06:
6a:f4:15:83:1c:a0:8c:cc:27:ca:ed:f0:52:89:81:23:d6:f4:
74:4a:e8:73:a7:b7:24:99:73:81:96:35:c3:14:4b:60:e7:f5:
73:05:57:61
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgICEwgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDAyREMxMTAvBgNVBAUTKEMyQjlGNUYzQzY4QzU3NjcyNzIzOUI5MkE5M0IzNjI5
N0QxQjE2NTMwHhcNMjUwNTA3MDQzMTEzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODFhZTIxMS00NWM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoUEtVm5E7IMz5IIi5TRstQDLwJWuZlN7hH8hTl0QzK/dV7P7LREZbpWD3v0P
3X/wPPyg8H0FnEBaqgqR/qqhJgKW250VgTU0ebOGiXMl67cFewcpjPuaL/cQ1/TU
FlfNofi1EgGZTa9bMwrW7PE4j04e9SbLFQtM5RhtxuI9OHcRbWc0UZSBTJERt0EH
hYCi9segbTxvKhp47EURfffSodDVMa+XDxfryT/UPh39+Kn98J/06w1rnIZxQXn0
XExXYifLg88ZfwoOyxw/gqYi6ijtR9PztHWbERHFP9hZm164brt0/CFYuoEyLzHz
P/fXFxJdCvxkVRtT+MDjrTXV6QIDAQABo4IDFjCCAxIwHQYDVR0OBBYEFJX6MbH3
oBZMT2pu2CTe0cxhXnxFMB8GA1UdIwQYMBaAFMK59fPGjFdnJyObkqk7Nil9GxZT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDJEQy8yRDUxQUY0MkZE
M0UxMUU4ODhDNTM5NDRDNEY5QUUwMi93cm4xODhhTVYyY25JNXVTcVRzMktYMGJG
bE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dybjE4OGFNVjJjbkk1dVNxVHMyS1gwYkZsTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDAyREMvMkQ1MUFGNDJGRDNFMTFFODg4QzUzOTQ0QzRGOUFFMDIvMDg3RDJEODBD
NEE3MTFFQjkxN0VDNTVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZ8GCCsGAQUFBwEHAQH/
BIGPMIGMMHsEAgABMHUDBAYbNgADBAYbfYADBAcnbYADBAItQQADBAY6YMADBAY9
CMADAwBlfwMEAmcRkAMEBm/fQAMEBnEKQAMEBnUUgAMEB3oLgAMEBXybwAMDAasA
AwMAq88DBAe2E4ADAwC2NwMEB7daADALAwMCy3QDBAbLdgAwDQQCAAIwBwMFAiQG
MAAwDQYJKoZIhvcNAQELBQADggEBACd5mLY7YwBPSjPd3vZmps98iAqR5PLGL16b
PUYCyXry5FMqmdpP6Uf9zPZQ6BPLSP14Z6epSbCvOoWZDbPF4CXgzoDL0OeO75rE
UgeItxztwXt5JBILLUojNdi+FmesPdb0QXXMo/7DMEJlgLXpmLsWuewa/ufRE9m3
vd6T9CnGr2EF4fFfa2DWKGbY8qwDvnQwr648D4O1BZM+c/Y75rzReK77FKT8hKlQ
XS+xErqBRDsowf3/1wmMKY6wBCXvzVovdgPPg5+3VMsPm8MGbI5vsQ76vZ2mBmr0
FYMcoIzMJ8rt8FKJgSPW9HRK6HOntySZc4GWNcMUS2Dn9XMFV2E=
-----END CERTIFICATE-----
Generated at Fri May 9 02:54:28 2025 by rpki-client