Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/9BB3FAB6CCB511EE8612FB18C4F9AE02.roa
File: 9BB3FAB6CCB511EE8612FB18C4F9AE02.roa (raw, json)
Hash identifier: AeF6+orX99LwnbHGZiB851tFWKGqrAIMqoROhOgxFpw=
Subject key identifier: 35:3C:B2:0F:F8:08:BB:26:75:BF:13:BF:44:C8:EC:0D:33:A9:22:01
Certificate issuer: /CN=A915EBC8/serialNumber=C621848151F797BF723107F14D62C67A213A53E3
Certificate serial: 01AE
Authority key identifier: C6:21:84:81:51:F7:97:BF:72:31:07:F1:4D:62:C6:7A:21:3A:53:E3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xiGEgVH3l79yMQfxTWLGeiE6U-M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/9BB3FAB6CCB511EE8612FB18C4F9AE02.roa
Signing time: Fri 11 Apr 2025 03:39:00 +0000
ROA not before: Fri 11 Apr 2025 03:39:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 155.60.224.0/24 maxlen: 24
155.60.225.0/24 maxlen: 24
155.60.226.0/24 maxlen: 24
155.60.227.0/24 maxlen: 24
155.60.228.0/24 maxlen: 24
155.60.229.0/24 maxlen: 24
155.60.230.0/24 maxlen: 24
155.60.231.0/24 maxlen: 24
155.60.232.0/24 maxlen: 24
155.60.233.0/24 maxlen: 24
155.60.234.0/24 maxlen: 24
155.60.235.0/24 maxlen: 24
155.60.236.0/24 maxlen: 24
155.60.237.0/24 maxlen: 24
155.60.238.0/24 maxlen: 24
155.60.239.0/24 maxlen: 24
155.60.240.0/24 maxlen: 24
155.60.241.0/24 maxlen: 24
155.60.242.0/24 maxlen: 24
155.60.243.0/24 maxlen: 24
155.60.244.0/24 maxlen: 24
155.60.245.0/24 maxlen: 24
155.60.246.0/24 maxlen: 24
155.60.247.0/24 maxlen: 24
155.60.248.0/24 maxlen: 24
155.60.249.0/24 maxlen: 24
155.60.250.0/24 maxlen: 24
155.60.251.0/24 maxlen: 24
155.60.252.0/24 maxlen: 24
155.60.253.0/24 maxlen: 24
155.60.254.0/24 maxlen: 24
155.60.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/xiGEgVH3l79yMQfxTWLGeiE6U-M.crl
rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/xiGEgVH3l79yMQfxTWLGeiE6U-M.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xiGEgVH3l79yMQfxTWLGeiE6U-M.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 04 May 2025 02:46:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 430 (0x1ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915EBC8, serialNumber=C621848151F797BF723107F14D62C67A213A53E3
Validity
Not Before: Apr 11 03:39:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67f88ed4-c65b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7b:63:5c:3e:20:90:37:6d:60:6a:19:73:0a:
57:4e:f7:f8:71:4e:2b:f6:2c:3e:8a:b5:ee:c7:e8:
e8:09:b8:f9:92:ba:ad:22:28:c0:01:f6:25:65:b5:
b6:0b:96:41:72:29:41:4b:4a:0b:fe:05:ab:7d:0b:
bc:cc:d5:0d:19:bb:47:c1:b7:fb:b0:4e:64:f3:cf:
0c:b5:b0:94:1d:de:a6:1d:f4:26:22:18:03:e9:46:
d6:c6:f6:a5:1c:f8:61:76:e0:2f:33:e1:1f:bc:41:
66:e3:f3:5b:9b:c6:a7:50:ac:22:72:fa:bd:13:60:
c7:2d:65:ee:4b:61:c9:84:05:71:9f:a0:f6:70:ba:
e4:88:45:92:1a:c8:bd:47:50:47:ae:d6:84:08:f5:
4a:14:f5:a4:61:58:fb:6f:73:90:6e:d9:d4:0c:c9:
03:66:1c:4c:96:c2:2b:3c:a4:fb:c8:f5:c3:43:9b:
a3:61:e7:a8:2c:1e:58:7a:39:b1:1b:f4:3a:b3:a9:
66:87:4e:3b:56:2c:b4:f0:e9:e6:6c:94:80:0a:be:
08:a8:e5:b1:b7:32:f5:8e:cf:83:9b:af:58:83:ad:
ba:28:47:71:4f:75:70:2b:8b:ce:98:25:9f:d9:07:
90:40:93:62:88:d8:56:e8:b2:1b:e0:83:21:ca:fc:
87:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:3C:B2:0F:F8:08:BB:26:75:BF:13:BF:44:C8:EC:0D:33:A9:22:01
X509v3 Authority Key Identifier:
keyid:C6:21:84:81:51:F7:97:BF:72:31:07:F1:4D:62:C6:7A:21:3A:53:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/xiGEgVH3l79yMQfxTWLGeiE6U-M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xiGEgVH3l79yMQfxTWLGeiE6U-M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/9BB3FAB6CCB511EE8612FB18C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
155.60.224.0/19
Signature Algorithm: sha256WithRSAEncryption
23:13:e6:45:e8:87:7b:3f:15:6b:e3:39:cd:0e:0f:01:65:26:
5a:96:dd:1c:5d:be:18:a1:8d:9d:c7:e2:90:cd:dc:1b:6d:e5:
42:a8:d0:15:02:c6:8e:df:88:b6:7a:2e:04:dd:42:19:ff:4c:
c7:d7:9b:70:50:48:82:6d:4c:ca:02:de:ce:f7:ea:ea:f5:60:
cc:4c:9b:7e:9f:69:c9:16:27:77:86:b3:ab:d9:26:99:68:8f:
ba:3b:57:66:50:2a:b3:94:b9:47:ad:60:a8:2d:e1:26:23:84:
d8:a3:06:22:dc:59:8c:e1:c1:54:9e:c7:e7:db:b7:56:da:ea:
2f:00:3f:6c:e2:47:99:8f:86:80:ee:a5:75:77:bc:e8:02:5a:
39:00:b1:25:72:77:44:51:80:36:13:b6:cf:f7:ad:26:7d:1c:
de:ce:2e:70:47:1a:c3:58:ea:d1:f0:ae:c9:a6:f8:4b:45:63:
77:54:ef:4d:55:73:c1:21:5a:20:86:9c:dc:ca:ea:ab:b5:81:
dc:85:25:bd:07:24:ef:8f:1e:ad:a8:4d:f1:b9:dd:99:7d:4d:
8d:6a:e8:84:39:b2:da:d3:f1:4a:df:37:35:e4:ec:6e:4a:64:
15:82:99:7e:17:83:71:99:36:17:ea:be:f4:05:78:68:09:23:
c6:3e:d7:a1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAa4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUVCQzgxMTAvBgNVBAUTKEM2MjE4NDgxNTFGNzk3QkY3MjMxMDdGMTRENjJDNjdB
MjEzQTUzRTMwHhcNMjUwNDExMDMzOTAwWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Y4OGVkNC1jNjViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw3tjXD4gkDdtYGoZcwpXTvf4cU4r9iw+irXux+joCbj5krqtIijAAfYlZbW2
C5ZBcilBS0oL/gWrfQu8zNUNGbtHwbf7sE5k888MtbCUHd6mHfQmIhgD6UbWxval
HPhhduAvM+EfvEFm4/Nbm8anUKwicvq9E2DHLWXuS2HJhAVxn6D2cLrkiEWSGsi9
R1BHrtaECPVKFPWkYVj7b3OQbtnUDMkDZhxMlsIrPKT7yPXDQ5ujYeeoLB5Yejmx
G/Q6s6lmh047Viy08OnmbJSACr4IqOWxtzL1js+Dm69Yg626KEdxT3VwK4vOmCWf
2QeQQJNiiNhW6LIb4IMhyvyH0wIDAQABo4IClTCCApEwHQYDVR0OBBYEFDU8sg/4
CLsmdb8Tv0TI7A0zqSIBMB8GA1UdIwQYMBaAFMYhhIFR95e/cjEH8U1ixnohOlPj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RUJDOC81ODk4MjBDMkVG
MDIxMUVEOEMyREQ5MUZDNEY5QUUwMi94aUdFZ1ZIM2w3OXlNUWZ4VFdMR2VpRTZV
LU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3hpR0VnVkgzbDc5eU1RZnhUV0xHZWlFNlUtTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUVCQzgvNTg5ODIwQzJFRjAyMTFFRDhDMkREOTFGQzRGOUFFMDIvOUJCM0ZBQjZD
Q0I1MTFFRTg2MTJGQjE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAWbPOAwDQYJKoZIhvcNAQELBQADggEBACMT5kXoh3s/FWvj
Oc0ODwFlJlqW3RxdvhihjZ3H4pDN3Btt5UKo0BUCxo7fiLZ6LgTdQhn/TMfXm3BQ
SIJtTMoC3s736ur1YMxMm36fackWJ3eGs6vZJploj7o7V2ZQKrOUuUetYKgt4SYj
hNijBiLcWYzhwVSex+fbt1ba6i8AP2ziR5mPhoDupXV3vOgCWjkAsSVyd0RRgDYT
ts/3rSZ9HN7OLnBHGsNY6tHwrsmm+EtFY3dU701Vc8EhWiCGnNzK6qu1gdyFJb0H
JO+PHq2oTfG53Zl9TY1q6IQ5strT8UrfNzXk7G5KZBWCmX4Xg3GZNhfqvvQFeGgJ
I8Y+16E=
-----END CERTIFICATE-----
Generated at Sun Apr 27 05:41:52 2025 by rpki-client on console.sobornost.net