Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B902532EFEA211EDB9013076C4F9AE02.roa
File: B902532EFEA211EDB9013076C4F9AE02.roa (raw, json)
Hash identifier: Af/lVwFWjH5M9elOHFdYzVyKcD+mK/OnGpqe0WP8jLU=
Subject key identifier: 97:1A:D0:35:88:B8:DD:8D:DD:6F:B2:DD:B0:39:77:45:33:3A:01:35
Certificate issuer: /CN=A911D3F3/serialNumber=317C307FFC6ECB6CF656F26B8282FFB9E62F9365
Certificate serial: 0609
Authority key identifier: 31:7C:30:7F:FC:6E:CB:6C:F6:56:F2:6B:82:82:FF:B9:E6:2F:93:65
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B902532EFEA211EDB9013076C4F9AE02.roa
Signing time: Tue 15 Jul 2025 01:12:35 +0000
ROA not before: Tue 15 Jul 2025 01:12:35 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 63956
IP address blocks: 45.112.244.0/22 maxlen: 24
103.20.17.0/24 maxlen: 24
103.21.108.0/24 maxlen: 24
103.52.116.0/22 maxlen: 24
103.97.52.0/22 maxlen: 22
103.97.52.0/24 maxlen: 24
103.97.53.0/24 maxlen: 24
103.97.54.0/24 maxlen: 24
103.97.55.0/24 maxlen: 24
103.225.96.0/24 maxlen: 24
202.46.160.0/20 maxlen: 24
203.12.129.0/24 maxlen: 24
203.18.194.0/24 maxlen: 24
203.210.102.0/24 maxlen: 24
2402:1b80::/32 maxlen: 36
2402:1b80::/40 maxlen: 40
2402:1b80:10::/48 maxlen: 48
2402:1b80:11::/48 maxlen: 48
2402:1b80:14::/48 maxlen: 48
2402:1b80:103::/48 maxlen: 48
2402:1b80:104::/48 maxlen: 48
2402:1b80:106::/48 maxlen: 48
2402:1b80:203::/48 maxlen: 48
2402:1b80:204::/48 maxlen: 48
2402:1b80:206::/48 maxlen: 48
2402:1b80:300::/40 maxlen: 40
2402:1b80:304::/48 maxlen: 48
2402:1b80:306::/48 maxlen: 48
2402:1b80:403::/48 maxlen: 48
2402:1b80:600::/40 maxlen: 40
2402:1b80:3000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.crl
rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 27 Jul 2025 23:15:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1545 (0x609)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D3F3, serialNumber=317C307FFC6ECB6CF656F26B8282FFB9E62F9365
Validity
Not Before: Jul 15 01:12:35 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6875ab03-2c4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f2:a3:60:4a:66:d8:64:59:13:6d:9f:b1:d5:
88:a2:4c:42:2b:dc:bc:37:0c:97:70:58:59:c0:c6:
ff:6d:28:d1:7c:97:2d:ad:68:11:ee:6f:f4:33:ba:
9e:71:d3:c6:15:9a:f3:3c:65:6b:83:9a:00:6e:33:
7b:b2:56:57:a1:16:bb:25:6a:c0:cf:cf:fb:7c:46:
21:50:d9:f7:ce:25:94:3c:5f:25:f6:cb:20:c9:cc:
f9:d5:89:b9:b8:66:09:ae:e7:28:82:68:eb:6d:83:
e2:c2:80:a5:09:33:b3:24:3b:28:cf:77:c3:12:11:
b0:fc:6a:ff:b6:75:44:20:88:4c:42:69:2f:58:7a:
b8:d3:53:2e:78:b9:09:fd:71:96:0e:73:d1:a0:37:
12:62:ee:71:1a:cc:25:c1:a9:36:b7:41:3f:7d:b5:
bd:60:fa:73:cc:c2:2d:4b:d7:f7:9f:eb:b3:e7:a1:
8d:39:19:c8:52:e1:32:6e:9f:e4:0c:2c:9f:a5:d4:
18:41:0c:29:f1:3e:fd:5e:ab:6d:ad:a3:fd:6f:75:
ce:59:c8:b2:58:9d:ca:f8:14:64:fc:cd:18:a2:a0:
f2:3e:4d:fa:10:94:58:60:27:28:fc:82:56:06:a3:
4d:85:4e:ac:d2:0e:fa:1d:cc:86:07:c8:52:91:ae:
73:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:1A:D0:35:88:B8:DD:8D:DD:6F:B2:DD:B0:39:77:45:33:3A:01:35
X509v3 Authority Key Identifier:
keyid:31:7C:30:7F:FC:6E:CB:6C:F6:56:F2:6B:82:82:FF:B9:E6:2F:93:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B902532EFEA211EDB9013076C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.112.244.0/22
103.20.17.0/24
103.21.108.0/24
103.52.116.0/22
103.97.52.0/22
103.225.96.0/24
202.46.160.0/20
203.12.129.0/24
203.18.194.0/24
203.210.102.0/24
IPv6:
2402:1b80::/32
Signature Algorithm: sha256WithRSAEncryption
a8:ea:d1:44:11:88:b1:cb:b0:50:e9:a9:00:e2:f0:ce:aa:5a:
d9:9a:be:46:d7:9f:22:5a:10:39:a5:d0:55:03:29:35:da:1d:
59:bc:2c:46:98:cc:f6:25:3b:91:ba:49:df:6e:2b:af:c4:61:
e4:c3:f3:e9:fe:96:5e:18:34:37:b1:86:68:0e:19:9f:1a:c9:
96:55:27:1c:5f:0a:4f:11:f3:cc:f7:02:b4:66:36:75:79:2b:
34:0d:8e:36:ae:32:dd:91:b7:bb:ce:da:fc:12:e9:cc:f4:41:
a7:0c:b7:0d:81:7e:e9:13:d0:a6:51:1e:3e:76:9a:c2:51:36:
75:7e:67:a7:70:3f:b8:5c:d6:74:41:1b:51:89:83:79:2f:1b:
97:59:60:39:1f:8c:1c:fe:a8:8c:90:83:a3:59:d7:3d:da:df:
25:96:53:8a:5c:7c:f7:80:3b:41:d5:02:71:0e:bc:b1:10:64:
41:3d:c2:5d:3c:62:be:05:23:e5:02:77:2d:f9:2f:ed:29:07:
9c:09:85:f6:ad:a3:2c:7c:e1:4e:c3:50:74:1d:8d:69:04:d7:
aa:33:06:d5:55:53:76:a1:d3:93:b8:16:50:48:61:9d:d1:8f:
50:56:3d:63:cb:60:63:e4:d5:3c:44:64:b2:24:8a:4a:cc:0d:
40:1c:16:97
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgICBgkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQzRjMxMTAvBgNVBAUTKDMxN0MzMDdGRkM2RUNCNkNGNjU2RjI2QjgyODJGRkI5
RTYyRjkzNjUwHhcNMjUwNzE1MDExMjM1WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODc1YWIwMy0yYzRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsfKjYEpm2GRZE22fsdWIokxCK9y8NwyXcFhZwMb/bSjRfJctrWgR7m/0M7qe
cdPGFZrzPGVrg5oAbjN7slZXoRa7JWrAz8/7fEYhUNn3ziWUPF8l9ssgycz51Ym5
uGYJrucogmjrbYPiwoClCTOzJDsoz3fDEhGw/Gr/tnVEIIhMQmkvWHq401MueLkJ
/XGWDnPRoDcSYu5xGswlwak2t0E/fbW9YPpzzMItS9f3n+uz56GNORnIUuEybp/k
DCyfpdQYQQwp8T79XqttraP9b3XOWciyWJ3K+BRk/M0YoqDyPk36EJRYYCco/IJW
BqNNhU6s0g76HcyGB8hSka5zXQIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFJca0DWI
uN2N3W+y3bA5d0UzOgE1MB8GA1UdIwQYMBaAFDF8MH/8bsts9lbya4KC/7nmL5Nl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDNGMy9CMjU0NDgxQUNB
MzQxMUVCOEM5MEQ5NDFDNEY5QUUwMi9NWHd3Zl94dXkyejJWdkpyZ29MX3VlWXZr
MlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01Yd3dmX3h1eTJ6MlZ2SnJnb0xfdWVZdmsyVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQzRjMvQjI1NDQ4MUFDQTM0MTFFQjhDOTBEOTQxQzRGOUFFMDIvQjkwMjUzMkVG
RUEyMTFFREI5MDEzMDc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZAYIKwYBBQUHAQcBAf8E
VTBTMEIEAgABMDwDBAItcPQDBABnFBEDBABnFWwDBAJnNHQDBAJnYTQDBABn4WAD
BATKLqADBADLDIEDBADLEsIDBADL0mYwDQQCAAIwBwMFACQCG4AwDQYJKoZIhvcN
AQELBQADggEBAKjq0UQRiLHLsFDpqQDi8M6qWtmavkbXnyJaEDml0FUDKTXaHVm8
LEaYzPYlO5G6Sd9uK6/EYeTD8+n+ll4YNDexhmgOGZ8ayZZVJxxfCk8R88z3ArRm
NnV5KzQNjjauMt2Rt7vO2vwS6cz0QacMtw2BfukT0KZRHj52msJRNnV+Z6dwP7hc
1nRBG1GJg3kvG5dZYDkfjBz+qIyQg6NZ1z3a3yWWU4pcfPeAO0HVAnEOvLEQZEE9
wl08Yr4FI+UCdy35L+0pB5wJhfatoyx84U7DUHQdjWkE16ozBtVVU3ah05O4FlBI
YZ3Rj1BWPWPLYGPk1TxEZLIkikrMDUAcFpc=
-----END CERTIFICATE-----
Generated at Mon Jul 21 22:48:41 2025 by rpki-client