Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/8470E428A2E711EFA6A5B91AC4F9AE02.roa
File: 8470E428A2E711EFA6A5B91AC4F9AE02.roa (raw, json)
Hash identifier: Fum9wynbW46bBWpLsLIRjpqgESZ0wYgIRM9aD5ujlCc=
Subject key identifier: BB:E7:A1:83:41:7C:7F:CE:08:D0:31:D2:EA:14:91:72:BF:51:E6:4D
Certificate issuer: /CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
Certificate serial: 391C
Authority key identifier: EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/8470E428A2E711EFA6A5B91AC4F9AE02.roa
Signing time: Fri 04 Jul 2025 14:50:38 +0000
ROA not before: Fri 04 Jul 2025 14:50:38 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 216425
IP address blocks: 61.251.186.0/24 maxlen: 24
61.251.188.0/24 maxlen: 24
101.53.67.0/24 maxlen: 24
101.53.73.0/24 maxlen: 24
101.53.75.0/24 maxlen: 24
101.53.76.0/24 maxlen: 24
101.53.77.0/24 maxlen: 24
101.53.79.0/24 maxlen: 24
101.53.80.0/24 maxlen: 24
101.53.81.0/24 maxlen: 24
101.53.82.0/24 maxlen: 24
101.53.83.0/24 maxlen: 24
101.53.84.0/24 maxlen: 24
101.53.85.0/24 maxlen: 24
101.53.86.0/24 maxlen: 24
101.53.87.0/24 maxlen: 24
101.53.88.0/24 maxlen: 24
101.53.89.0/24 maxlen: 24
101.53.90.0/24 maxlen: 24
101.53.93.0/24 maxlen: 24
101.53.94.0/24 maxlen: 24
101.53.95.0/24 maxlen: 24
103.9.130.0/24 maxlen: 24
175.176.133.0/24 maxlen: 24
175.176.136.0/24 maxlen: 24
175.176.138.0/24 maxlen: 24
175.176.139.0/24 maxlen: 24
175.176.141.0/24 maxlen: 24
175.176.143.0/24 maxlen: 24
182.237.41.0/24 maxlen: 24
182.237.42.0/24 maxlen: 24
182.237.50.0/24 maxlen: 24
182.237.51.0/24 maxlen: 24
182.237.53.0/24 maxlen: 24
182.237.54.0/24 maxlen: 24
182.237.56.0/24 maxlen: 24
182.237.57.0/24 maxlen: 24
182.237.58.0/24 maxlen: 24
182.237.59.0/24 maxlen: 24
182.237.62.0/24 maxlen: 24
182.237.63.0/24 maxlen: 24
203.173.106.0/24 maxlen: 24
203.173.110.0/24 maxlen: 24
203.173.111.0/24 maxlen: 24
203.173.122.0/24 maxlen: 24
210.4.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl
rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 29 Jul 2025 14:22:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14620 (0x391c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9149F3E, serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
Validity
Not Before: Jul 4 14:50:38 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=6867ea3e-588e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:20:20:67:39:3b:ef:0d:0e:2e:48:e0:e3:6d:
84:a7:73:b8:a0:e5:04:b5:f7:1b:4f:e7:c4:fc:c4:
37:79:3a:de:15:90:b4:2d:1b:10:ac:fa:ed:8b:af:
67:ab:0a:5f:0d:4b:3f:51:16:9e:51:ac:d1:99:14:
4e:39:05:8c:75:cd:e8:18:ff:9d:79:af:b3:6b:bd:
45:2e:66:75:73:91:96:4f:5c:ea:64:f1:cb:b1:db:
3d:08:d6:13:75:2e:dc:8b:b6:5d:c9:0a:5a:81:79:
69:c9:63:2e:77:1d:85:bf:d2:91:76:ce:a8:7a:a1:
d5:49:98:6f:ce:fd:42:d1:90:ca:c7:f2:28:4d:f3:
77:ea:b7:22:ed:fe:cd:c3:d6:31:9d:d9:8e:b2:a1:
04:0c:19:82:91:57:63:c8:d6:8e:de:67:50:7c:35:
0b:2a:84:1f:fb:21:df:0e:05:43:d0:bf:b4:b6:eb:
0d:a6:93:1e:93:66:8e:a0:07:22:30:1f:cc:86:46:
68:bf:4b:35:fa:87:c2:f1:1c:5f:f5:14:04:60:31:
4a:0e:88:58:b3:ae:04:19:44:19:71:02:71:0e:4e:
77:b7:3a:6b:5b:63:1c:43:2b:ab:9d:31:b2:0c:12:
a6:39:05:36:00:64:b4:e2:ea:17:61:36:88:f8:d8:
75:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:E7:A1:83:41:7C:7F:CE:08:D0:31:D2:EA:14:91:72:BF:51:E6:4D
X509v3 Authority Key Identifier:
keyid:EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/8470E428A2E711EFA6A5B91AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.251.186.0/24
61.251.188.0/24
101.53.67.0/24
101.53.73.0/24
101.53.75.0-101.53.77.255
101.53.79.0-101.53.90.255
101.53.93.0-101.53.95.255
103.9.130.0/24
175.176.133.0/24
175.176.136.0/24
175.176.138.0/23
175.176.141.0/24
175.176.143.0/24
182.237.41.0-182.237.42.255
182.237.50.0/23
182.237.53.0-182.237.54.255
182.237.56.0/22
182.237.62.0/23
203.173.106.0/24
203.173.110.0/23
203.173.122.0/24
210.4.92.0/24
Signature Algorithm: sha256WithRSAEncryption
df:2d:0f:60:20:db:cc:a0:72:3d:cf:2c:e6:fa:f7:7a:37:9e:
0d:36:f2:3f:2b:eb:40:f4:52:2f:26:82:7c:07:82:00:0d:f1:
22:ec:7c:fa:15:cd:aa:9f:ed:ea:30:15:c1:8b:b4:12:12:82:
e5:b1:6b:bf:e5:56:3d:90:a4:9d:26:b5:99:3f:b8:84:39:87:
cc:a2:9c:f5:f0:7f:2b:0a:18:7e:b9:0f:6b:fb:25:93:f0:e2:
c8:cd:73:6b:06:26:53:e2:bf:fe:17:b8:c4:54:25:fd:e7:70:
91:c0:88:7d:fb:f9:ca:87:26:20:9e:8e:0c:69:50:04:27:88:
08:d6:95:26:12:68:d3:f9:15:44:b9:67:2a:1a:aa:9c:0b:1d:
82:39:80:9d:69:7c:ea:89:a6:bd:dd:83:83:c8:6c:cf:6f:e1:
7a:ee:97:05:9a:93:fe:36:22:3d:81:05:72:eb:aa:41:78:84:
b2:05:36:b0:cb:63:20:78:10:58:66:9f:3a:03:b2:fe:73:f2:
de:b9:a2:ba:c4:cc:89:e4:4f:50:ad:81:d1:64:d3:f2:c0:59:
d0:97:5f:62:e7:c8:d0:61:4d:dd:e3:27:e5:db:a1:09:db:87:
df:8b:8d:91:0e:95:a3:11:cc:75:ae:fa:e7:e8:73:41:f9:6c:
88:72:cb:41
-----BEGIN CERTIFICATE-----
MIIGHDCCBQSgAwIBAgICORwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDlGM0UxMTAvBgNVBAUTKEVCMzg5RkIzMzlCMzkwOEQ1NDlBNjUzOTBDOTJFMTVG
OURGN0M1NEIwHhcNMjUwNzA0MTQ1MDM4WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODY3ZWEzZS01ODhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxCAgZzk77w0OLkjg422Ep3O4oOUEtfcbT+fE/MQ3eTreFZC0LRsQrPrti69n
qwpfDUs/URaeUazRmRROOQWMdc3oGP+dea+za71FLmZ1c5GWT1zqZPHLsds9CNYT
dS7ci7ZdyQpagXlpyWMudx2Fv9KRds6oeqHVSZhvzv1C0ZDKx/IoTfN36rci7f7N
w9YxndmOsqEEDBmCkVdjyNaO3mdQfDULKoQf+yHfDgVD0L+0tusNppMek2aOoAci
MB/MhkZov0s1+ofC8Rxf9RQEYDFKDohYs64EGUQZcQJxDk53tzprW2McQyurnTGy
DBKmOQU2AGS04uoXYTaI+Nh1jwIDAQABo4IDQDCCAzwwHQYDVR0OBBYEFLvnoYNB
fH/OCNAx0uoUkXK/UeZNMB8GA1UdIwQYMBaAFOs4n7M5s5CNVJplOQyS4V+d98VL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUYzRS9BQzUyQjc0ODFE
ODIxMUUyQkM2NDE3RDcwOEIwMkNEMi82emlmc3ptemtJMVVtbVU1REpMaFg1MzN4
VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZ6aWZzem16a0kxVW1tVTVESkxoWDUzM3hVcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDlGM0UvQUM1MkI3NDgxRDgyMTFFMkJDNjQxN0Q3MDhCMDJDRDIvODQ3MEU0MjhB
MkU3MTFFRkE2QTVCOTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgckGCCsGAQUFBwEHAQH/
BIG5MIG2MIGzBAIAATCBrAMEAD37ugMEAD37vAMEAGU1QwMEAGU1STAMAwQAZTVL
AwQBZTVMMAwDBABlNU8DBABlNVowDAMEAGU1XQMEBWU1QAMEAGcJggMEAK+whQME
AK+wiAMEAa+wigMEAK+wjQMEAK+wjzAMAwQAtu0pAwQAtu0qAwQBtu0yMAwDBAC2
7TUDBAC27TYDBAK27TgDBAG27T4DBADLrWoDBAHLrW4DBADLrXoDBADSBFwwDQYJ
KoZIhvcNAQELBQADggEBAN8tD2Ag28ygcj3PLOb693o3ng028j8r60D0Ui8mgnwH
ggAN8SLsfPoVzaqf7eowFcGLtBISguWxa7/lVj2QpJ0mtZk/uIQ5h8yinPXwfysK
GH65D2v7JZPw4sjNc2sGJlPiv/4XuMRUJf3ncJHAiH37+cqHJiCejgxpUAQniAjW
lSYSaNP5FUS5ZyoaqpwLHYI5gJ1pfOqJpr3dg4PIbM9v4XrulwWak/42Ij2BBXLr
qkF4hLIFNrDLYyB4EFhmnzoDsv5z8t65orrEzInkT1CtgdFk0/LAWdCXX2LnyNBh
Td3jJ+XboQnbh9+LjZEOlaMRzHWu+ufoc0H5bIhyy0E=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:18:26 2025 by rpki-client