Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9149F3E/9A85BB501D8211E2BC6417D708B02CD2/30941278EF2011EF9264077FC4F9AE02.roa
File: 30941278EF2011EF9264077FC4F9AE02.roa (raw, json)
Hash identifier: 7cnuMrD52u33lf3m5CrnVGkp55WZekOCTta1eN0iR8I=
Subject key identifier: AD:62:97:07:D6:F2:3D:50:13:71:33:CA:C5:AB:87:B2:32:71:2E:E2
Certificate issuer: /CN=A9149F3E/serialNumber=BF0E6F4EE0E17DDE8C4A24BF897D19B87AA5759F
Certificate serial: 34B1
Authority key identifier: BF:0E:6F:4E:E0:E1:7D:DE:8C:4A:24:BF:89:7D:19:B8:7A:A5:75:9F
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vw5vTuDhfd6MSiS_iX0ZuHqldZ8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9149F3E/9A85BB501D8211E2BC6417D708B02CD2/30941278EF2011EF9264077FC4F9AE02.roa
Signing time: Fri 28 Feb 2025 00:11:12 +0000
ROA not before: Fri 28 Feb 2025 00:11:12 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 17579
IP address blocks: 134.75.15.0/24 maxlen: 24
134.75.16.0/24 maxlen: 24
134.75.101.0/24 maxlen: 24
134.75.102.0/24 maxlen: 24
134.75.103.0/24 maxlen: 24
134.75.105.0/24 maxlen: 24
134.75.107.0/24 maxlen: 24
134.75.108.0/24 maxlen: 24
134.75.123.0/24 maxlen: 24
134.75.124.0/24 maxlen: 24
134.75.125.0/24 maxlen: 24
134.75.126.0/24 maxlen: 24
134.75.127.0/24 maxlen: 24
134.75.128.0/24 maxlen: 24
134.75.129.0/24 maxlen: 24
134.75.130.0/24 maxlen: 24
134.75.131.0/24 maxlen: 24
134.75.132.0/24 maxlen: 24
134.75.200.0/24 maxlen: 24
134.75.207.0/24 maxlen: 24
134.75.253.0/24 maxlen: 24
134.75.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9149F3E/9A85BB501D8211E2BC6417D708B02CD2/vw5vTuDhfd6MSiS_iX0ZuHqldZ8.crl
rsync://rpki.apnic.net/member_repository/A9149F3E/9A85BB501D8211E2BC6417D708B02CD2/vw5vTuDhfd6MSiS_iX0ZuHqldZ8.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vw5vTuDhfd6MSiS_iX0ZuHqldZ8.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 03 May 2025 02:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13489 (0x34b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9149F3E, serialNumber=BF0E6F4EE0E17DDE8C4A24BF897D19B87AA5759F
Validity
Not Before: Feb 28 00:11:12 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=67c0ff1f-1223
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b8:e1:18:8e:bd:32:25:ef:0e:5d:8d:20:11:
6a:59:c4:6f:1f:b6:8e:80:a4:85:f3:06:c0:a3:95:
a3:ca:e5:80:35:1e:09:35:7e:c9:8c:95:b9:da:e3:
fd:1e:53:f0:6a:85:48:ae:2e:f8:b2:e0:01:48:85:
a7:e1:fe:a2:c6:cb:19:9b:b9:62:f6:b1:20:f2:96:
47:67:74:4b:52:94:86:80:88:08:5c:02:0c:0f:84:
5a:75:ce:93:5c:0c:9a:f5:af:83:67:22:6a:99:29:
e9:26:bb:59:04:bb:dd:56:74:ff:bd:85:1b:1a:5d:
98:00:46:bb:7f:1f:b7:23:da:6e:ae:57:2b:78:40:
a6:de:27:29:26:39:ea:e2:85:23:8e:05:6b:e2:cf:
cf:4e:0f:46:28:56:0a:ad:d4:59:ab:06:15:9b:62:
cc:10:ab:e9:39:bf:12:3a:f6:27:83:ad:d9:c4:6b:
6d:66:c8:78:d7:bb:f7:2c:97:85:23:14:3c:1c:05:
53:ee:01:5a:0d:5b:d0:c8:22:d9:37:43:b2:58:96:
f5:97:30:a2:a4:26:f7:5b:fb:76:19:18:7c:a5:22:
f6:0d:08:3f:c1:b8:5a:f6:f3:13:b4:55:00:2e:a2:
bc:3a:07:09:b9:fc:ac:55:52:c3:2d:70:cf:0a:72:
b6:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:62:97:07:D6:F2:3D:50:13:71:33:CA:C5:AB:87:B2:32:71:2E:E2
X509v3 Authority Key Identifier:
keyid:BF:0E:6F:4E:E0:E1:7D:DE:8C:4A:24:BF:89:7D:19:B8:7A:A5:75:9F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9149F3E/9A85BB501D8211E2BC6417D708B02CD2/vw5vTuDhfd6MSiS_iX0ZuHqldZ8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vw5vTuDhfd6MSiS_iX0ZuHqldZ8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149F3E/9A85BB501D8211E2BC6417D708B02CD2/30941278EF2011EF9264077FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
134.75.15.0-134.75.16.255
134.75.101.0-134.75.103.255
134.75.105.0/24
134.75.107.0-134.75.108.255
134.75.123.0-134.75.132.255
134.75.200.0/24
134.75.207.0/24
134.75.253.0-134.75.254.255
Signature Algorithm: sha256WithRSAEncryption
16:9d:2c:37:e1:2d:09:f7:89:77:d1:f9:6a:bf:d5:c3:5b:22:
0b:11:36:46:14:a6:66:b9:40:a8:77:68:6c:c3:39:f7:3e:17:
04:64:b6:ec:ec:bf:46:8a:86:20:0b:ea:72:16:69:96:0a:aa:
71:74:59:1a:5d:e5:db:1a:2e:77:e8:83:37:31:8f:11:f3:75:
9d:83:63:8e:cd:40:f7:27:99:7a:5b:3d:d0:be:48:dd:6c:12:
48:87:90:04:7c:e3:b0:9f:93:3c:c6:12:67:09:7d:24:17:3a:
dc:fe:cf:cf:44:df:1e:d8:d7:0e:08:8c:4f:f0:a9:f8:a4:ec:
74:a7:fb:9e:df:c1:d0:53:d0:7b:38:aa:4d:43:90:69:75:99:
d9:74:de:22:a4:d0:42:4b:63:1b:34:a2:f6:f8:48:d7:20:5e:
f2:cf:db:99:4c:90:91:7e:ac:e1:d7:ae:ab:b9:63:1f:32:83:
59:f9:e6:25:5f:d8:4f:4c:45:04:94:f5:4f:57:4e:b4:4f:06:
4a:03:43:44:ee:32:1f:32:d0:67:72:64:a4:74:d5:3f:d7:6d:
78:8b:d9:b5:d2:db:a2:79:a1:00:bb:d7:01:64:e8:2b:a0:b1:
bf:ca:6a:27:33:a4:27:54:1a:c6:d5:ee:0e:ca:c3:19:75:3b:
ad:13:67:bc
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgICNLEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDlGM0UxMTAvBgNVBAUTKEJGMEU2RjRFRTBFMTdEREU4QzRBMjRCRjg5N0QxOUI4
N0FBNTc1OUYwHhcNMjUwMjI4MDAxMTEyWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2MwZmYxZi0xMjIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1LjhGI69MiXvDl2NIBFqWcRvH7aOgKSF8wbAo5WjyuWANR4JNX7JjJW52uP9
HlPwaoVIri74suABSIWn4f6ixssZm7li9rEg8pZHZ3RLUpSGgIgIXAIMD4Radc6T
XAya9a+DZyJqmSnpJrtZBLvdVnT/vYUbGl2YAEa7fx+3I9purlcreECm3icpJjnq
4oUjjgVr4s/PTg9GKFYKrdRZqwYVm2LMEKvpOb8SOvYng63ZxGttZsh417v3LJeF
IxQ8HAVT7gFaDVvQyCLZN0OyWJb1lzCipCb3W/t2GRh8pSL2DQg/wbha9vMTtFUA
LqK8OgcJufysVVLDLXDPCnK20wIDAQABo4IC5zCCAuMwHQYDVR0OBBYEFK1ilwfW
8j1QE3EzysWrh7IycS7iMB8GA1UdIwQYMBaAFL8Ob07g4X3ejEokv4l9Gbh6pXWf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUYzRS85QTg1QkI1MDFE
ODIxMUUyQkM2NDE3RDcwOEIwMkNEMi92dzV2VHVEaGZkNk1TaVNfaVgwWnVIcWxk
WjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3Z3NXZUdURoZmQ2TVNpU19pWDBadUhxbGRaOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDlGM0UvOUE4NUJCNTAxRDgyMTFFMkJDNjQxN0Q3MDhCMDJDRDIvMzA5NDEyNzhF
RjIwMTFFRjkyNjQwNzdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcQYIKwYBBQUHAQcBAf8E
YjBgMF4EAgABMFgwDAMEAIZLDwMEAIZLEDAMAwQAhktlAwQDhktgAwQAhktpMAwD
BACGS2sDBACGS2wwDAMEAIZLewMEAIZLhAMEAIZLyAMEAIZLzzAMAwQAhkv9AwQA
hkv+MA0GCSqGSIb3DQEBCwUAA4IBAQAWnSw34S0J94l30flqv9XDWyILETZGFKZm
uUCod2hswzn3PhcEZLbs7L9GioYgC+pyFmmWCqpxdFkaXeXbGi536IM3MY8R83Wd
g2OOzUD3J5l6Wz3QvkjdbBJIh5AEfOOwn5M8xhJnCX0kFzrc/s/PRN8e2NcOCIxP
8Kn4pOx0p/ue38HQU9B7OKpNQ5BpdZnZdN4ipNBCS2MbNKL2+EjXIF7yz9uZTJCR
fqzh166ruWMfMoNZ+eYlX9hPTEUElPVPV060TwZKA0NE7jIfMtBncmSkdNU/1214
i9m10tuieaEAu9cBZOgroLG/ymonM6QnVBrG1e4OysMZdTutE2e8
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:55:40 2025 by rpki-client on console.sobornost.net