Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/679156E4661411F0BA434131C4F9AE02.roa
File: 679156E4661411F0BA434131C4F9AE02.roa (raw, json)
Hash identifier: uh+b9q8Z5InYkMQd4BErQcQFRlkMx6jgiQb9AsG76v8=
Subject key identifier: 19:E3:19:2C:3D:63:EF:22:E1:51:09:E2:66:29:5F:B1:AC:5F:C9:20
Certificate issuer: /CN=A911D75C/serialNumber=1A1A40AD93A4A4307ED7264D47D252CAF62DEFFD
Certificate serial: 0CED
Authority key identifier: 1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/679156E4661411F0BA434131C4F9AE02.roa
Signing time: Mon 21 Jul 2025 09:23:47 +0000
ROA not before: Mon 21 Jul 2025 09:23:47 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 134371
IP address blocks: 103.62.140.0/22 maxlen: 24
202.136.88.0/22 maxlen: 24
2400:3dc0::/32 maxlen: 32
2400:3dc0::/36 maxlen: 36
2400:3dc0::/44 maxlen: 48
2400:3dc0:10::/44 maxlen: 48
2400:3dc0:2e::/48 maxlen: 48
2400:3dc0:2f::/48 maxlen: 48
2400:3dc0:3e::/48 maxlen: 48
2400:3dc0:3f::/48 maxlen: 48
2400:3dc0:40::/44 maxlen: 47
2400:3dc0:40::/48 maxlen: 48
2400:3dc0:43::/48 maxlen: 48
2400:3dc0:45::/48 maxlen: 48
2400:3dc0:46::/48 maxlen: 48
2400:3dc0:49::/48 maxlen: 48
2400:3dc0:4a::/47 maxlen: 48
2400:3dc0:4c::/48 maxlen: 48
2400:3dc0:50::/44 maxlen: 47
2400:3dc0:52::/48 maxlen: 48
2400:3dc0:56::/47 maxlen: 48
2400:3dc0:58::/48 maxlen: 48
2400:3dc0:5a::/47 maxlen: 48
2400:3dc0:5c::/48 maxlen: 48
2400:3dc0:5e::/48 maxlen: 48
2400:3dc0:60::/44 maxlen: 47
2400:3dc0:60::/47 maxlen: 48
2400:3dc0:62::/48 maxlen: 48
2400:3dc0:64::/48 maxlen: 48
2400:3dc0:68::/47 maxlen: 48
2400:3dc0:6a::/48 maxlen: 48
2400:3dc0:6c::/48 maxlen: 48
2400:3dc0:6e::/47 maxlen: 48
2400:3dc0:89::/48 maxlen: 48
2400:3dc0:100::/48 maxlen: 48
2400:3dc0:101::/48 maxlen: 48
2400:3dc0:140::/48 maxlen: 48
2400:3dc0:200::/48 maxlen: 48
2400:3dc0:201::/48 maxlen: 48
2400:3dc0:300::/48 maxlen: 48
2400:3dc0:400::/48 maxlen: 48
2400:3dc0:500::/48 maxlen: 48
2400:3dc0:600::/48 maxlen: 48
2400:3dc0:700::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.crl
rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 29 Jul 2025 18:38:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3309 (0xced)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D75C, serialNumber=1A1A40AD93A4A4307ED7264D47D252CAF62DEFFD
Validity
Not Before: Jul 21 09:23:47 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=687e0723-6831
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d3:0e:a9:15:63:f0:3c:78:e7:8e:43:f2:5e:
5d:6b:a5:1b:39:f7:49:83:03:0e:db:d9:bf:aa:dc:
42:cd:0a:5c:86:11:f8:73:d2:cc:ec:e8:7a:a4:94:
86:57:b0:8d:d8:27:ca:b5:9e:c3:12:8b:7b:9a:ee:
95:2f:8b:2d:25:a2:c0:ec:37:53:ba:67:72:4f:46:
e5:0e:f5:3f:06:b0:64:ac:c3:65:56:38:be:54:b8:
c7:87:2c:b0:d2:df:00:2b:04:11:d2:b2:1f:45:f6:
37:31:11:05:1e:4f:b1:18:cb:87:b2:68:11:11:7a:
16:fe:18:17:3f:e0:4e:e5:35:29:74:cf:34:c6:17:
b9:9f:4f:4a:c3:0f:60:9d:4b:a3:8e:50:7d:29:da:
da:13:4f:94:95:9d:a2:94:c2:43:62:a4:e3:61:31:
b3:c2:4e:c5:71:3a:ec:31:e6:5c:61:19:da:b9:ef:
73:d8:b6:90:e3:46:b9:d0:29:ed:27:b1:37:36:93:
21:44:3b:e2:2e:49:9a:76:fd:51:ea:b3:23:2c:9b:
99:c8:fc:7e:9c:b9:a6:cc:5a:34:b3:80:89:c8:1b:
5e:11:e5:73:49:35:6b:66:af:69:09:f6:fa:1c:1e:
3f:4f:f2:1b:9d:2f:36:a9:b2:fb:54:a5:22:e5:90:
12:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:E3:19:2C:3D:63:EF:22:E1:51:09:E2:66:29:5F:B1:AC:5F:C9:20
X509v3 Authority Key Identifier:
keyid:1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/679156E4661411F0BA434131C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.62.140.0/22
202.136.88.0/22
IPv6:
2400:3dc0::/32
Signature Algorithm: sha256WithRSAEncryption
bc:c9:4a:54:07:af:75:c2:ac:68:d3:e5:ae:e6:e4:bc:41:b8:
d7:e1:50:3d:9d:9b:fd:4e:16:92:53:1c:c6:50:e9:d6:c0:af:
d4:d1:72:04:b7:24:c1:0a:82:49:74:9a:ff:71:94:7e:99:18:
38:71:f0:aa:a9:28:51:ad:7b:ae:91:1e:ab:8c:6c:95:43:09:
84:1d:b5:e4:c8:f1:27:15:13:d0:c3:ea:b7:a6:c8:61:ad:94:
ba:71:a5:ea:f4:5d:cc:b0:09:18:ba:98:a9:81:c2:42:19:1a:
15:18:e4:85:e6:2c:41:1f:e2:6d:ba:d5:01:fa:ed:2d:db:8e:
bd:4c:41:c5:e2:d0:d9:be:c4:93:78:da:65:37:84:2b:92:b0:
ff:ec:58:db:42:99:2f:d4:75:69:89:5a:28:2f:9d:8f:e5:70:
79:9f:03:c6:99:b4:59:7f:e6:f9:67:ff:2f:73:4b:c2:ef:fc:
e0:36:5b:ff:cf:6a:e9:24:be:74:a0:90:8c:d2:6f:99:0c:d2:
e4:14:d7:1d:06:48:44:f8:f7:06:56:bf:e2:5f:0a:14:12:c8:
02:d3:4e:ae:90:f0:d9:cb:3b:f3:f9:ab:70:97:a8:cc:a7:1f:
ff:af:a2:4a:7f:8a:4f:22:3d:f6:e3:95:27:42:25:90:f1:f7:
61:1f:13:74
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDO0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQ3NUMxMTAvBgNVBAUTKDFBMUE0MEFEOTNBNEE0MzA3RUQ3MjY0RDQ3RDI1MkNB
RjYyREVGRkQwHhcNMjUwNzIxMDkyMzQ3WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODdlMDcyMy02ODMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqNMOqRVj8Dx4545D8l5da6UbOfdJgwMO29m/qtxCzQpchhH4c9LM7Oh6pJSG
V7CN2CfKtZ7DEot7mu6VL4stJaLA7DdTumdyT0blDvU/BrBkrMNlVji+VLjHhyyw
0t8AKwQR0rIfRfY3MREFHk+xGMuHsmgREXoW/hgXP+BO5TUpdM80xhe5n09Kww9g
nUujjlB9KdraE0+UlZ2ilMJDYqTjYTGzwk7FcTrsMeZcYRnaue9z2LaQ40a50Cnt
J7E3NpMhRDviLkmadv1R6rMjLJuZyPx+nLmmzFo0s4CJyBteEeVzSTVrZq9pCfb6
HB4/T/IbnS82qbL7VKUi5ZASmwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFBnjGSw9
Y+8i4VEJ4mYpX7GsX8kgMB8GA1UdIwQYMBaAFBoaQK2TpKQwftcmTUfSUsr2Le/9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDc1Qy8yQkM1RkQ0MDA2
QzAxMUVBQkM0M0I3MDlDNEY5QUUwMi9HaHBBclpPa3BEQi0xeVpOUjlKU3l2WXQ3
XzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0docEFyWk9rcERCLTF5Wk5SOUpTeXZZdDdfMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQ3NUMvMkJDNUZENDAwNkMwMTFFQUJDNDNCNzA5QzRGOUFFMDIvNjc5MTU2RTQ2
NjE0MTFGMEJBNDM0MTMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnPowDBALKiFgwDQQCAAIwBwMFACQAPcAwDQYJKoZIhvcN
AQELBQADggEBALzJSlQHr3XCrGjT5a7m5LxBuNfhUD2dm/1OFpJTHMZQ6dbAr9TR
cgS3JMEKgkl0mv9xlH6ZGDhx8KqpKFGte66RHquMbJVDCYQdteTI8ScVE9DD6rem
yGGtlLpxper0XcywCRi6mKmBwkIZGhUY5IXmLEEf4m261QH67S3bjr1MQcXi0Nm+
xJN42mU3hCuSsP/sWNtCmS/UdWmJWigvnY/lcHmfA8aZtFl/5vln/y9zS8Lv/OA2
W//PaukkvnSgkIzSb5kM0uQU1x0GSET49wZWv+JfChQSyALTTq6Q8NnLO/P5q3CX
qMynH/+vokp/ik8iPfbjlSdCJZDx92EfE3Q=
-----END CERTIFICATE-----
Generated at Thu Jul 24 12:27:55 2025 by rpki-client