Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/3E9A46662A6D11F09AA53336C4F9AE02.roa
File: 3E9A46662A6D11F09AA53336C4F9AE02.roa (raw, json)
Hash identifier: w593552jXRb+lyK5YUdl96ZmL7Bz1fE+Jmjr0VuPPEU=
Subject key identifier: 23:75:8F:87:B9:10:0F:B8:E9:82:01:4C:FA:75:E8:97:AC:F1:2A:1B
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 10CD
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/3E9A46662A6D11F09AA53336C4F9AE02.roa
Signing time: Mon 12 May 2025 13:17:36 +0000
ROA not before: Mon 12 May 2025 13:17:36 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 138241
IP address blocks: 139.190.0.0/24 maxlen: 24
139.190.2.0/24 maxlen: 24
139.190.4.0/22 maxlen: 24
139.190.9.0/24 maxlen: 24
139.190.10.0/24 maxlen: 24
139.190.11.0/24 maxlen: 24
139.190.18.0/24 maxlen: 24
139.190.19.0/24 maxlen: 24
139.190.21.0/24 maxlen: 24
139.190.22.0/24 maxlen: 24
139.190.23.0/24 maxlen: 24
139.190.24.0/22 maxlen: 22
139.190.28.0/24 maxlen: 24
139.190.29.0/24 maxlen: 24
139.190.31.0/24 maxlen: 24
139.190.32.0/24 maxlen: 24
139.190.33.0/24 maxlen: 24
139.190.34.0/24 maxlen: 24
139.190.36.0/22 maxlen: 24
139.190.50.0/24 maxlen: 24
139.190.51.0/24 maxlen: 24
139.190.52.0/24 maxlen: 24
139.190.53.0/24 maxlen: 24
139.190.54.0/24 maxlen: 24
139.190.55.0/24 maxlen: 24
139.190.68.0/24 maxlen: 24
139.190.69.0/24 maxlen: 24
139.190.70.0/24 maxlen: 24
139.190.71.0/24 maxlen: 24
139.190.88.0/21 maxlen: 21
139.190.235.0/24 maxlen: 24
139.190.238.0/24 maxlen: 24
139.190.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 19 May 2025 02:50:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4301 (0x10cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Validity
Not Before: May 12 13:17:36 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6821f4f0-3a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:18:8e:20:e3:21:32:60:2a:f4:f6:07:32:2a:
e7:87:3e:9d:62:ef:ac:12:86:ce:b6:2d:50:6c:e9:
e8:96:ed:75:af:05:c4:f8:52:db:13:09:3e:b4:0d:
f6:b9:13:d9:5b:6b:15:ea:3c:15:05:13:f8:e3:3b:
ab:71:40:7a:c7:5c:52:62:31:01:85:ac:6f:6d:d6:
28:ac:88:6d:65:96:62:0a:97:53:ab:03:ed:7a:8b:
52:cb:29:cd:00:b8:3b:e4:77:43:1d:14:fd:b1:e9:
fd:b4:22:b1:4d:2c:9f:83:07:97:bc:73:b8:9b:5b:
aa:bc:1c:b0:ec:af:f4:6f:2f:aa:85:f7:1b:8f:18:
fc:b9:b2:db:6e:40:6d:73:62:1a:da:c2:7d:b0:9a:
78:60:00:a6:c5:f3:3a:9b:eb:01:3e:d4:73:5e:81:
12:18:72:be:ae:b7:08:8d:d8:38:c5:c6:5d:47:8a:
55:90:28:b1:16:7a:f7:72:ce:46:56:c7:14:98:6e:
b4:b8:39:0b:77:63:a0:b4:5b:88:1d:f8:d5:04:20:
56:6d:ac:e2:07:85:dc:fb:06:77:05:27:b8:43:ae:
32:00:51:d4:e7:cb:36:1c:1f:15:64:bf:10:da:9c:
6b:23:a8:91:ac:b8:f2:8b:f1:43:07:3e:1a:36:b7:
ce:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:75:8F:87:B9:10:0F:B8:E9:82:01:4C:FA:75:E8:97:AC:F1:2A:1B
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/3E9A46662A6D11F09AA53336C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.0.0/24
139.190.2.0/24
139.190.4.0/22
139.190.9.0-139.190.11.255
139.190.18.0/23
139.190.21.0-139.190.29.255
139.190.31.0-139.190.34.255
139.190.36.0/22
139.190.50.0-139.190.55.255
139.190.68.0/22
139.190.88.0/21
139.190.235.0/24
139.190.238.0/23
Signature Algorithm: sha256WithRSAEncryption
72:7f:5f:3f:ea:1e:44:dd:2e:c3:0d:02:46:4a:3d:17:8a:e1:
15:49:90:cb:c0:21:c6:47:4b:59:66:39:ed:d1:b5:83:ef:c5:
d4:fb:2a:95:46:5e:54:ed:f8:a0:fc:2d:67:db:3d:fb:c3:c8:
19:c8:8e:e3:76:a3:61:29:be:cc:e5:d1:3e:91:38:e7:82:03:
04:d5:26:75:cc:8f:fe:3f:8c:d3:42:11:4a:38:cf:6b:a6:f7:
05:65:3c:18:14:cc:c9:16:81:b0:4b:70:c1:69:57:54:f1:e4:
7f:0e:c1:12:8f:05:b5:27:e2:93:43:6d:a6:fe:1a:b0:48:af:
2d:13:61:ac:ad:31:63:c1:cd:a7:5e:77:1b:39:9f:c3:30:ed:
60:bf:c4:ee:df:31:27:08:04:99:ba:0d:52:af:18:4e:d8:1c:
dc:91:74:6d:82:9b:a3:a2:0d:84:87:55:2a:5e:32:19:a9:29:
81:bb:ca:01:ee:f8:78:f6:08:18:8f:94:d3:4e:86:5d:a0:1d:
71:91:41:26:61:71:53:13:c2:f8:03:1d:4e:d7:e7:11:f3:2b:
32:1b:b5:65:eb:86:65:52:ff:91:96:7b:22:d0:0e:57:a7:d5:
80:26:df:8f:03:20:ec:67:b6:e2:ad:01:20:9f:76:d7:5e:10:
17:9e:c5:1a
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgICEM0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjUwNTEyMTMxNzM2WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODIxZjRmMC0zYTgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsxiOIOMhMmAq9PYHMirnhz6dYu+sEobOti1QbOnolu11rwXE+FLbEwk+tA32
uRPZW2sV6jwVBRP44zurcUB6x1xSYjEBhaxvbdYorIhtZZZiCpdTqwPteotSyynN
ALg75HdDHRT9sen9tCKxTSyfgweXvHO4m1uqvByw7K/0by+qhfcbjxj8ubLbbkBt
c2Ia2sJ9sJp4YACmxfM6m+sBPtRzXoESGHK+rrcIjdg4xcZdR4pVkCixFnr3cs5G
VscUmG60uDkLd2OgtFuIHfjVBCBWbaziB4Xc+wZ3BSe4Q64yAFHU58s2HB8VZL8Q
2pxrI6iRrLjyi/FDBz4aNrfO1wIDAQABo4IC/jCCAvowHQYDVR0OBBYEFCN1j4e5
EA+46YIBTPp16Jes8SobMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvM0U5QTQ2NjYy
QTZEMTFGMDlBQTUzMzM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYcGCCsGAQUFBwEHAQH/
BHgwdjB0BAIAATBuAwQAi74AAwQAi74CAwQCi74EMAwDBACLvgkDBAKLvggDBAGL
vhIwDAMEAIu+FQMEAYu+HDAMAwQAi74fAwQAi74iAwQCi74kMAwDBAGLvjIDBAOL
vjADBAKLvkQDBAOLvlgDBACLvusDBAGLvu4wDQYJKoZIhvcNAQELBQADggEBAHJ/
Xz/qHkTdLsMNAkZKPReK4RVJkMvAIcZHS1lmOe3RtYPvxdT7KpVGXlTt+KD8LWfb
PfvDyBnIjuN2o2Epvszl0T6ROOeCAwTVJnXMj/4/jNNCEUo4z2um9wVlPBgUzMkW
gbBLcMFpV1Tx5H8OwRKPBbUn4pNDbab+GrBIry0TYaytMWPBzadedxs5n8Mw7WC/
xO7fMScIBJm6DVKvGE7YHNyRdG2Cm6OiDYSHVSpeMhmpKYG7ygHu+Hj2CBiPlNNO
hl2gHXGRQSZhcVMTwvgDHU7X5xHzKzIbtWXrhmVS/5GWeyLQDlen1YAm348DIOxn
tuKtASCfdtdeEBeexRo=
-----END CERTIFICATE-----
Generated at Mon May 12 16:12:11 2025 by rpki-client