Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/0FB29E462A0811EE9A08C30FC4F9AE02.roa
File: 0FB29E462A0811EE9A08C30FC4F9AE02.roa (raw, json)
Hash identifier: d4UXXCMBLzbA5F5CBh6+/uxfNEdacqbjKjEwNBL2vSE=
Subject key identifier: 47:02:71:48:2F:AB:00:53:73:CC:28:78:63:DF:E3:EB:DF:2A:4C:7E
Certificate issuer: /CN=A912C8AF/serialNumber=763F7FBD964A1C3668308C9A29E15025C0DDF9D4
Certificate serial: 0B32
Authority key identifier: 76:3F:7F:BD:96:4A:1C:36:68:30:8C:9A:29:E1:50:25:C0:DD:F9:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/0FB29E462A0811EE9A08C30FC4F9AE02.roa
Signing time: Wed 02 Apr 2025 19:50:33 +0000
ROA not before: Wed 02 Apr 2025 19:50:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 138915
IP address blocks: 59.153.156.0/24 maxlen: 24
59.153.157.0/24 maxlen: 24
59.153.158.0/24 maxlen: 24
59.153.159.0/24 maxlen: 24
103.84.108.0/24 maxlen: 24
103.84.109.0/24 maxlen: 24
103.84.111.0/24 maxlen: 24
103.136.248.0/22 maxlen: 22
103.136.248.0/24 maxlen: 24
103.136.249.0/24 maxlen: 24
103.136.250.0/24 maxlen: 24
103.136.251.0/24 maxlen: 24
103.198.200.0/24 maxlen: 24
103.198.201.0/24 maxlen: 24
103.198.202.0/24 maxlen: 24
175.176.192.0/24 maxlen: 24
175.176.193.0/24 maxlen: 24
175.176.194.0/24 maxlen: 24
175.176.195.0/24 maxlen: 24
2404:a140::/32 maxlen: 32
2404:a140:2::/48 maxlen: 48
2404:a140:3::/48 maxlen: 48
2404:a140:4::/48 maxlen: 48
2404:a140:5::/48 maxlen: 48
2404:a140:6::/48 maxlen: 48
2404:a140:7::/48 maxlen: 48
2404:a140:8::/48 maxlen: 48
2404:a140:9::/48 maxlen: 48
2404:a140:a::/48 maxlen: 48
2404:a140:b::/48 maxlen: 48
2404:a140:c::/48 maxlen: 48
2404:a140:d::/48 maxlen: 48
2404:a140:e::/48 maxlen: 48
2404:a140:f::/48 maxlen: 48
2404:a140:10::/48 maxlen: 48
2404:a140:11::/48 maxlen: 48
2404:a140:12::/48 maxlen: 48
2404:a140:13::/48 maxlen: 48
2404:a140:14::/48 maxlen: 48
2404:a140:15::/48 maxlen: 48
2404:a140:16::/48 maxlen: 48
2404:a140:17::/48 maxlen: 48
2404:a140:18::/48 maxlen: 48
2404:a140:19::/48 maxlen: 48
2404:a140:1a::/48 maxlen: 48
2404:a140:1b::/48 maxlen: 48
2404:a140:1c::/48 maxlen: 48
2404:a140:1d::/48 maxlen: 48
2404:a140:1e::/48 maxlen: 48
2404:a140:1f::/48 maxlen: 48
2404:a140:20::/48 maxlen: 48
2404:a140:21::/48 maxlen: 48
2404:a140:22::/48 maxlen: 48
2404:a140:23::/48 maxlen: 48
2404:a140:24::/48 maxlen: 48
2404:a140:25::/48 maxlen: 48
2404:a140:26::/48 maxlen: 48
2404:a140:27::/48 maxlen: 48
2404:a140:28::/48 maxlen: 48
2404:a140:29::/48 maxlen: 48
2404:a140:2a::/48 maxlen: 48
2404:a140:2b::/48 maxlen: 48
2404:a140:2c::/48 maxlen: 48
2404:a140:2d::/48 maxlen: 48
2404:a140:2e::/48 maxlen: 48
2404:a140:2f::/48 maxlen: 48
2404:a140:30::/48 maxlen: 48
2404:a140:32::/48 maxlen: 48
2404:a140:33::/48 maxlen: 48
2404:a140:38::/48 maxlen: 48
2404:a140:39::/48 maxlen: 48
2404:a140:3a::/48 maxlen: 48
2404:a140:3b::/48 maxlen: 48
2404:a140:3c::/48 maxlen: 48
2404:a140:3d::/48 maxlen: 48
2404:a140:3e::/48 maxlen: 48
2404:a140:3f::/48 maxlen: 48
2404:a140:42::/48 maxlen: 48
2404:a140:44::/48 maxlen: 48
2404:a140:4a::/48 maxlen: 48
2404:a140:4b::/48 maxlen: 48
2404:a140:4c::/48 maxlen: 48
2404:a140:4d::/48 maxlen: 48
2404:a140:4f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.crl
rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 01 May 2025 19:32:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2866 (0xb32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912C8AF, serialNumber=763F7FBD964A1C3668308C9A29E15025C0DDF9D4
Validity
Not Before: Apr 2 19:50:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67ed9509-30ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:24:c8:44:78:85:40:16:b6:46:1f:6a:c9:69:
22:2e:98:2a:1e:c6:0a:34:55:1c:50:15:2c:dd:f6:
0c:52:05:70:41:85:6b:ed:0a:7a:9d:07:97:83:f5:
65:6a:72:37:e1:b1:22:b5:38:2d:e0:d7:fb:8d:83:
00:1f:3f:3f:7f:93:a2:ac:43:98:5a:c0:45:35:16:
22:b7:13:f8:e7:7a:7c:02:27:7d:d1:9b:80:d3:64:
46:32:6e:ba:76:25:fd:da:99:cf:d6:ad:10:22:5d:
2a:09:21:00:30:a2:24:15:ac:1c:12:ea:12:31:f0:
93:74:47:fa:7e:32:f3:f4:0e:12:c0:4f:42:46:bb:
49:17:21:49:42:ee:53:eb:92:52:89:19:27:31:72:
61:7a:46:64:fe:67:ca:2b:93:fd:a2:41:22:1c:f2:
c3:8f:d0:64:f8:f0:2e:af:99:b4:b7:20:f5:d1:1a:
44:fd:83:ed:23:41:ce:54:c2:24:a9:a6:63:6b:82:
9d:37:e7:d1:ad:73:6e:f7:46:95:21:c3:27:df:48:
df:b0:5f:61:5a:8e:af:c0:48:1d:f4:8c:a0:d6:4d:
ed:eb:fa:99:46:fd:92:06:64:7d:60:5e:9f:9e:61:
4e:37:25:05:1f:44:9b:91:f4:57:ce:27:40:51:8e:
07:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:02:71:48:2F:AB:00:53:73:CC:28:78:63:DF:E3:EB:DF:2A:4C:7E
X509v3 Authority Key Identifier:
keyid:76:3F:7F:BD:96:4A:1C:36:68:30:8C:9A:29:E1:50:25:C0:DD:F9:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/0FB29E462A0811EE9A08C30FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.153.156.0/22
103.84.108.0/23
103.84.111.0/24
103.136.248.0/22
103.198.200.0-103.198.202.255
175.176.192.0/22
IPv6:
2404:a140::/32
Signature Algorithm: sha256WithRSAEncryption
30:77:83:b0:69:5a:ae:ab:90:60:ae:32:95:1d:fd:85:77:70:
e9:38:88:cc:5d:75:ea:c5:8b:0f:c2:fd:3e:94:4a:6d:b4:61:
5c:5f:cb:38:de:2a:3c:cf:6e:0a:db:18:27:f9:07:c8:d3:e6:
da:f9:68:96:90:ae:8d:19:00:a2:59:ca:61:6b:23:5b:c7:7c:
10:85:5a:f9:7c:a3:61:74:47:22:b6:0d:4d:f5:11:62:9c:62:
1a:21:43:f9:95:6c:1c:9a:0c:6d:22:67:a8:5a:f2:5f:9c:ec:
c5:37:00:6c:ba:dc:26:65:50:93:22:48:13:67:00:0d:14:1c:
3e:0c:cb:df:d3:69:8f:76:95:cd:e5:23:43:65:52:c9:1b:9d:
a4:f7:1e:31:c9:67:e9:6c:07:92:6c:d3:b9:8c:b1:6c:f3:03:
73:08:42:b4:46:f8:1e:c4:19:c6:0a:fb:80:8f:c9:e2:3b:86:
da:54:a8:4f:31:40:fb:9e:cc:8c:32:18:fe:95:cc:68:f6:55:
25:98:cc:c6:2e:77:b5:3d:bf:fb:43:63:e6:a9:96:ca:46:80:
ff:4f:9e:82:5e:57:5b:83:f6:84:e4:32:48:6d:7c:75:f9:51:
aa:bc:b4:7b:a4:f4:b6:a3:91:86:94:b6:0a:ba:dd:cf:29:73:
68:09:65:96
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgICCzIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkM4QUYxMTAvBgNVBAUTKDc2M0Y3RkJEOTY0QTFDMzY2ODMwOEM5QTI5RTE1MDI1
QzBEREY5RDQwHhcNMjUwNDAyMTk1MDMzWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2VkOTUwOS0zMGZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0STIRHiFQBa2Rh9qyWkiLpgqHsYKNFUcUBUs3fYMUgVwQYVr7Qp6nQeXg/Vl
anI34bEitTgt4Nf7jYMAHz8/f5OirEOYWsBFNRYitxP453p8Aid90ZuA02RGMm66
diX92pnP1q0QIl0qCSEAMKIkFawcEuoSMfCTdEf6fjLz9A4SwE9CRrtJFyFJQu5T
65JSiRknMXJhekZk/mfKK5P9okEiHPLDj9Bk+PAur5m0tyD10RpE/YPtI0HOVMIk
qaZja4KdN+fRrXNu90aVIcMn30jfsF9hWo6vwEgd9Iyg1k3t6/qZRv2SBmR9YF6f
nmFONyUFH0SbkfRXzidAUY4HKQIDAQABo4ICyjCCAsYwHQYDVR0OBBYEFEcCcUgv
qwBTc8woeGPf4+vfKkx+MB8GA1UdIwQYMBaAFHY/f72WShw2aDCMminhUCXA3fnU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQzhBRi9EMUY2NEU3MjVF
RUYxMUVBQTU0RTZDNkNDNEY5QUUwMi9kajlfdlpaS0hEWm9NSXlhS2VGUUpjRGQt
ZFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RqOV92WlpLSERab01JeWFLZUZRSmNEZC1kUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkM4QUYvRDFGNjRFNzI1RUVGMTFFQUE1NEU2QzZDQzRGOUFFMDIvMEZCMjlFNDYy
QTA4MTFFRTlBMDhDMzBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVAYIKwYBBQUHAQcBAf8E
RTBDMDIEAgABMCwDBAI7mZwDBAFnVGwDBABnVG8DBAJniPgwDAMEA2fGyAMEAGfG
ygMEAq+wwDANBAIAAjAHAwUAJAShQDANBgkqhkiG9w0BAQsFAAOCAQEAMHeDsGla
rquQYK4ylR39hXdw6TiIzF116sWLD8L9PpRKbbRhXF/LON4qPM9uCtsYJ/kHyNPm
2vlolpCujRkAolnKYWsjW8d8EIVa+XyjYXRHIrYNTfURYpxiGiFD+ZVsHJoMbSJn
qFryX5zsxTcAbLrcJmVQkyJIE2cADRQcPgzL39Npj3aVzeUjQ2VSyRudpPceMcln
6WwHkmzTuYyxbPMDcwhCtEb4HsQZxgr7gI/J4juG2lSoTzFA+57MjDIY/pXMaPZV
JZjMxi53tT2/+0Nj5qmWykaA/0+egl5XW4P2hOQySG18dflRqry0e6T0tqORhpS2
CrrdzylzaAlllg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 00:08:19 2025 by rpki-client on console.sobornost.net