Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
File: B32F80267BD111EBBB223C84C4F9AE02.roa (raw, json)
Hash identifier: mPpYGvQN+wpRgi56Nz1t/GvnvyaevPD3ibKv5vGoibA=
Subject key identifier: 37:92:A0:6A:E4:60:D9:93:4F:79:8D:5D:39:AC:91:06:A0:7D:6D:4E
Certificate issuer: /CN=A91EDB37/serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Certificate serial: 06D7
Authority key identifier: 95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
Signing time: Thu 24 Apr 2025 03:06:52 +0000
ROA not before: Thu 24 Apr 2025 03:06:52 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 21859
IP address blocks: 129.227.17.0/24 maxlen: 24
129.227.18.0/24 maxlen: 24
129.227.19.0/24 maxlen: 24
129.227.29.0/24 maxlen: 24
129.227.30.0/24 maxlen: 24
129.227.31.0/24 maxlen: 24
129.227.63.0/24 maxlen: 24
129.227.176.0/23 maxlen: 24
129.227.192.0/24 maxlen: 24
129.227.193.0/24 maxlen: 24
129.227.194.0/23 maxlen: 24
156.59.16.0/22 maxlen: 24
156.59.48.0/23 maxlen: 24
156.59.50.0/23 maxlen: 24
156.59.52.0/22 maxlen: 24
156.59.73.0/24 maxlen: 24
156.59.80.0/21 maxlen: 24
156.59.94.0/23 maxlen: 24
156.59.108.0/24 maxlen: 24
156.59.123.0/24 maxlen: 24
156.59.128.0/21 maxlen: 24
156.59.136.0/21 maxlen: 24
156.59.146.0/24 maxlen: 24
156.59.216.0/24 maxlen: 24
156.59.224.0/24 maxlen: 24
156.59.225.0/24 maxlen: 24
156.59.241.0/24 maxlen: 24
162.128.149.0/24 maxlen: 24
162.128.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 03 May 2025 22:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1751 (0x6d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EDB37, serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Validity
Not Before: Apr 24 03:06:52 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6809aacb-8a9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4e:c1:a4:e4:d6:27:9f:70:9b:55:f7:61:3d:
0e:2c:8c:74:9d:70:7d:7e:d3:f7:d0:14:cd:ac:e3:
5b:3d:a4:58:80:db:06:d3:2c:c3:fc:db:7a:5a:cb:
92:6d:ea:3b:b8:9f:60:1f:89:e2:64:aa:02:6d:a7:
6b:9a:ca:1c:51:be:b4:30:fd:20:ed:df:44:f6:e4:
4f:40:48:b1:71:f7:dc:a1:e2:95:d5:04:42:32:b7:
6e:eb:3a:5a:5d:a0:e7:fb:30:37:e1:f9:01:8a:68:
c0:0d:ca:0b:59:dd:54:e5:44:47:91:db:61:52:73:
cd:eb:26:e2:f2:f9:21:82:86:3b:34:b4:00:57:9d:
63:ed:8d:13:18:85:55:23:8c:79:61:8c:01:92:2d:
14:70:c2:95:95:6c:dc:6d:57:68:b2:b1:34:38:9b:
c6:40:b1:e1:72:36:bc:d6:e4:e2:d2:39:a5:ac:8f:
44:92:b4:f3:f4:be:d1:6c:53:fc:96:cf:72:52:b9:
91:96:9e:de:b1:ee:f4:61:9d:a3:d4:38:cb:16:0e:
4a:4f:7a:63:ed:ed:27:d7:ca:9f:d8:dd:dd:a3:e8:
31:99:99:d0:31:e7:e2:1d:7a:f3:99:21:d7:76:51:
2a:e5:5b:5a:30:83:67:92:b0:8e:be:77:75:f2:4e:
3a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:92:A0:6A:E4:60:D9:93:4F:79:8D:5D:39:AC:91:06:A0:7D:6D:4E
X509v3 Authority Key Identifier:
keyid:95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.227.17.0-129.227.19.255
129.227.29.0-129.227.31.255
129.227.63.0/24
129.227.176.0/23
129.227.192.0/22
156.59.16.0/22
156.59.48.0/21
156.59.73.0/24
156.59.80.0/21
156.59.94.0/23
156.59.108.0/24
156.59.123.0/24
156.59.128.0/20
156.59.146.0/24
156.59.216.0/24
156.59.224.0/23
156.59.241.0/24
162.128.149.0/24
162.128.196.0/24
Signature Algorithm: sha256WithRSAEncryption
70:61:e8:da:b2:de:45:bf:92:bb:9d:a1:4f:58:bc:f1:4c:37:
2f:e0:8d:8f:b6:72:d8:51:68:3f:9e:0b:0a:74:30:74:3b:19:
47:01:4a:36:9d:d2:04:ba:47:01:7f:6b:35:8a:79:a7:16:d4:
ce:4b:2f:35:00:5e:4f:e8:1d:73:ff:37:17:7c:b1:fa:ce:dd:
a3:d1:03:01:88:61:49:3c:e6:c9:f9:b9:fa:49:43:d4:91:dc:
f4:3b:17:13:e3:12:76:1d:18:d0:f4:6c:0d:89:ad:46:2e:a9:
a1:a5:64:c0:4f:7d:37:9a:a3:95:35:4e:1a:0b:25:b9:72:e2:
8a:ee:4c:3e:a1:4f:86:8f:ca:51:d8:e6:45:da:f0:45:cb:cd:
fc:a3:fd:70:c8:a0:48:cf:28:8b:30:eb:59:25:6d:e2:d4:6f:
e7:f7:f3:33:7e:be:30:36:b2:40:1b:8f:2d:9a:0b:af:5b:97:
d6:f2:74:91:8d:20:fc:90:d2:5f:b6:53:67:95:1d:ff:c0:04:
ba:c9:5e:e4:a3:d8:81:06:e5:38:63:ba:c8:bc:0c:aa:14:d4:
81:12:94:a3:bc:36:f3:c1:d1:98:e7:97:b5:d5:2a:da:1a:e7:
35:df:6f:ae:5c:08:ff:f5:3e:c8:fe:60:ee:4c:28:a1:7a:ac:
a3:c7:99:40
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgICBtcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RURCMzcxMTAvBgNVBAUTKDk1RkVCRTkzQTMzQTMzOTRCRDFGNjBEQ0JCRERCOUZE
RTA3MkI3RjMwHhcNMjUwNDI0MDMwNjUyWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODA5YWFjYi04YTllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuU7BpOTWJ59wm1X3YT0OLIx0nXB9ftP30BTNrONbPaRYgNsG0yzD/Nt6WsuS
beo7uJ9gH4niZKoCbadrmsocUb60MP0g7d9E9uRPQEixcffcoeKV1QRCMrdu6zpa
XaDn+zA34fkBimjADcoLWd1U5URHkdthUnPN6ybi8vkhgoY7NLQAV51j7Y0TGIVV
I4x5YYwBki0UcMKVlWzcbVdosrE0OJvGQLHhcja81uTi0jmlrI9EkrTz9L7RbFP8
ls9yUrmRlp7ese70YZ2j1DjLFg5KT3pj7e0n18qf2N3do+gxmZnQMefiHXrzmSHX
dlEq5VtaMINnkrCOvnd18k46BwIDAQABo4IDFjCCAxIwHQYDVR0OBBYEFDeSoGrk
YNmTT3mNXTmskQagfW1OMB8GA1UdIwQYMBaAFJX+vpOjOjOUvR9g3Lvduf3gcrfz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFREIzNy80REU2MzVFMDc4
QTAxMUVCOTUwRDMxNzVDNEY5QUUwMi9sZjYtazZNNk01UzlIMkRjdTkyNV9lQnl0
X00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2xmNi1rNk02TTVTOUgyRGN1OTI1X2VCeXRfTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RURCMzcvNERFNjM1RTA3OEEwMTFFQjk1MEQzMTc1QzRGOUFFMDIvQjMyRjgwMjY3
QkQxMTFFQkJCMjIzQzg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZ8GCCsGAQUFBwEHAQH/
BIGPMIGMMIGJBAIAATCBgjAMAwQAgeMRAwQCgeMQMAwDBACB4x0DBAWB4wADBACB
4z8DBAGB47ADBAKB48ADBAKcOxADBAOcOzADBACcO0kDBAOcO1ADBAGcO14DBACc
O2wDBACcO3sDBAScO4ADBACcO5IDBACcO9gDBAGcO+ADBACcO/EDBACigJUDBACi
gMQwDQYJKoZIhvcNAQELBQADggEBAHBh6Nqy3kW/krudoU9YvPFMNy/gjY+2cthR
aD+eCwp0MHQ7GUcBSjad0gS6RwF/azWKeacW1M5LLzUAXk/oHXP/Nxd8sfrO3aPR
AwGIYUk85sn5ufpJQ9SR3PQ7FxPjEnYdGND0bA2JrUYuqaGlZMBPfTeao5U1ThoL
Jbly4oruTD6hT4aPylHY5kXa8EXLzfyj/XDIoEjPKIsw61klbeLUb+f38zN+vjA2
skAbjy2aC69bl9bydJGNIPyQ0l+2U2eVHf/ABLrJXuSj2IEG5Thjusi8DKoU1IES
lKO8NvPB0Zjnl7XVKtoa5zXfb65cCP/1Psj+YO5MKKF6rKPHmUA=
-----END CERTIFICATE-----
Generated at Sun Apr 27 05:43:16 2025 by rpki-client on console.sobornost.net