Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914A0CB/E5C3AE9C5A1911E681B8C10FC4F9AE02/764D8698EA9111EAA035205FC4F9AE02.roa
File: 764D8698EA9111EAA035205FC4F9AE02.roa (raw, json)
Hash identifier: N8CiTad7+YCKPe2opBHwCiq7VtSImphL9JYd7EN47KQ=
Subject key identifier: C0:97:84:95:53:B9:DE:62:3F:43:66:94:4A:F5:23:4E:DA:1B:64:5A
Certificate issuer: /CN=A914A0CB/serialNumber=18056DEB580E3574F1483E669C5AA42E584ECEBB
Certificate serial: 1ED0
Authority key identifier: 18:05:6D:EB:58:0E:35:74:F1:48:3E:66:9C:5A:A4:2E:58:4E:CE:BB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GAVt61gONXTxSD5mnFqkLlhOzrs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914A0CB/E5C3AE9C5A1911E681B8C10FC4F9AE02/764D8698EA9111EAA035205FC4F9AE02.roa
Signing time: Thu 16 Jan 2025 16:23:26 +0000
ROA not before: Thu 16 Jan 2025 16:23:26 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 17625
IP address blocks: 27.109.0.0/24 maxlen: 24
27.109.1.0/24 maxlen: 24
27.109.2.0/24 maxlen: 24
27.109.3.0/24 maxlen: 24
27.109.4.0/24 maxlen: 24
27.109.5.0/24 maxlen: 24
27.109.6.0/24 maxlen: 24
27.109.7.0/24 maxlen: 24
27.109.8.0/24 maxlen: 24
27.109.9.0/24 maxlen: 24
27.109.10.0/24 maxlen: 24
27.109.11.0/24 maxlen: 24
27.109.12.0/24 maxlen: 24
27.109.13.0/24 maxlen: 24
27.109.14.0/24 maxlen: 24
27.109.15.0/24 maxlen: 24
27.109.16.0/24 maxlen: 24
27.109.17.0/24 maxlen: 24
27.109.18.0/24 maxlen: 24
27.109.19.0/24 maxlen: 24
27.109.20.0/24 maxlen: 24
27.109.21.0/24 maxlen: 24
27.109.22.0/24 maxlen: 24
27.109.23.0/24 maxlen: 24
27.109.24.0/24 maxlen: 24
27.109.25.0/24 maxlen: 24
27.109.26.0/24 maxlen: 24
27.109.27.0/24 maxlen: 24
27.109.28.0/24 maxlen: 24
27.109.29.0/24 maxlen: 24
27.109.30.0/24 maxlen: 24
27.109.31.0/24 maxlen: 24
45.64.192.0/24 maxlen: 24
45.64.193.0/24 maxlen: 24
45.64.194.0/24 maxlen: 24
45.64.195.0/24 maxlen: 24
103.19.132.0/24 maxlen: 24
103.19.133.0/24 maxlen: 24
103.19.134.0/24 maxlen: 24
103.19.135.0/24 maxlen: 24
120.72.88.0/24 maxlen: 24
120.72.89.0/24 maxlen: 24
120.72.90.0/24 maxlen: 24
120.72.91.0/24 maxlen: 24
120.72.92.0/24 maxlen: 24
120.72.93.0/24 maxlen: 24
120.72.94.0/24 maxlen: 24
120.72.95.0/24 maxlen: 24
180.211.96.0/24 maxlen: 24
180.211.97.0/24 maxlen: 24
180.211.98.0/24 maxlen: 24
180.211.99.0/24 maxlen: 24
180.211.100.0/24 maxlen: 24
180.211.101.0/24 maxlen: 24
180.211.102.0/24 maxlen: 24
180.211.103.0/24 maxlen: 24
180.211.104.0/24 maxlen: 24
180.211.105.0/24 maxlen: 24
180.211.106.0/24 maxlen: 24
180.211.107.0/24 maxlen: 24
180.211.108.0/24 maxlen: 24
180.211.109.0/24 maxlen: 24
180.211.110.0/24 maxlen: 24
180.211.111.0/24 maxlen: 24
180.211.112.0/24 maxlen: 24
180.211.113.0/24 maxlen: 24
180.211.114.0/24 maxlen: 24
180.211.115.0/24 maxlen: 24
180.211.116.0/24 maxlen: 24
180.211.117.0/24 maxlen: 24
180.211.118.0/24 maxlen: 24
180.211.119.0/24 maxlen: 24
180.211.120.0/24 maxlen: 24
180.211.121.0/24 maxlen: 24
180.211.122.0/24 maxlen: 24
180.211.123.0/24 maxlen: 24
180.211.124.0/24 maxlen: 24
180.211.125.0/24 maxlen: 24
180.211.126.0/24 maxlen: 24
180.211.127.0/24 maxlen: 24
202.131.96.0/24 maxlen: 24
202.131.97.0/24 maxlen: 24
202.131.98.0/24 maxlen: 24
202.131.99.0/24 maxlen: 24
202.131.100.0/24 maxlen: 24
202.131.101.0/24 maxlen: 24
202.131.102.0/24 maxlen: 24
202.131.103.0/24 maxlen: 24
202.131.104.0/24 maxlen: 24
202.131.105.0/24 maxlen: 24
202.131.106.0/24 maxlen: 24
202.131.107.0/24 maxlen: 24
202.131.108.0/24 maxlen: 24
202.131.109.0/24 maxlen: 24
202.131.110.0/24 maxlen: 24
202.131.111.0/24 maxlen: 24
202.131.112.0/24 maxlen: 24
202.131.113.0/24 maxlen: 24
202.131.114.0/24 maxlen: 24
202.131.115.0/24 maxlen: 24
202.131.116.0/24 maxlen: 24
202.131.117.0/24 maxlen: 24
202.131.118.0/24 maxlen: 24
202.131.119.0/24 maxlen: 24
202.131.120.0/24 maxlen: 24
202.131.121.0/24 maxlen: 24
202.131.122.0/24 maxlen: 24
202.131.123.0/24 maxlen: 24
202.131.124.0/24 maxlen: 24
202.131.125.0/24 maxlen: 24
202.131.126.0/24 maxlen: 24
2401:2d00::/32 maxlen: 32
2401:2d00::/48 maxlen: 48
2401:2d00:1::/48 maxlen: 48
2401:2d00:2::/48 maxlen: 48
2401:2d00:3::/48 maxlen: 48
2401:2d00:4::/48 maxlen: 48
2401:2d00:10::/48 maxlen: 48
2401:2d00:12::/48 maxlen: 48
2401:2d00:1a::/48 maxlen: 48
2401:2d00:22::/48 maxlen: 48
2401:2d00:40::/48 maxlen: 48
2401:2d00:4000::/48 maxlen: 48
2401:2d00:8000::/48 maxlen: 48
2401:2d00:8001::/48 maxlen: 48
2401:2d00:8002::/48 maxlen: 48
2401:2d00:83e6::/48 maxlen: 48
2401:2d00:83e7::/48 maxlen: 48
2401:2d00:83e8::/48 maxlen: 48
2401:2d00:c3e6::/48 maxlen: 48
2401:2d00:c3e7::/48 maxlen: 48
2401:2d00:c3e8::/48 maxlen: 48
2401:2d00:c3e9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914A0CB/E5C3AE9C5A1911E681B8C10FC4F9AE02/GAVt61gONXTxSD5mnFqkLlhOzrs.crl
rsync://rpki.apnic.net/member_repository/A914A0CB/E5C3AE9C5A1911E681B8C10FC4F9AE02/GAVt61gONXTxSD5mnFqkLlhOzrs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GAVt61gONXTxSD5mnFqkLlhOzrs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 16:05:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7888 (0x1ed0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914A0CB
Validity
Not Before: Jan 16 16:23:26 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6789327e-796c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:25:6b:b1:52:12:65:94:be:39:7f:e4:4c:56:
a5:e3:7d:75:7b:e6:42:7c:ef:4c:cf:41:31:e9:7b:
94:0c:07:5e:a5:9a:dd:72:5f:2b:5e:9f:40:d5:d0:
e8:24:8c:9b:c2:01:e9:b4:8b:c6:ab:c5:27:13:3c:
17:19:a2:07:f2:a5:28:bf:2a:da:ed:69:97:9f:65:
0a:94:02:e3:bc:04:ef:da:10:66:6b:f0:76:0c:fc:
ed:0e:07:3c:a5:8d:07:a7:59:77:14:b8:05:72:73:
62:3b:7b:bf:59:0e:4f:29:0c:7a:40:ac:1b:6b:1d:
95:da:01:6a:b6:5b:f2:a4:94:02:d5:0e:0f:2b:3b:
20:d3:30:09:8b:c2:c9:9d:bb:3e:03:8a:ae:62:dc:
fd:75:cc:6f:12:79:70:12:56:eb:1e:e9:29:93:91:
11:8e:ae:31:6c:74:6d:17:b0:33:bf:1d:8e:72:b6:
5d:92:8e:52:74:c1:6e:21:d4:f9:e8:76:7e:b6:01:
72:65:3a:bc:26:59:71:22:d5:9c:f7:8d:e0:fc:37:
6e:a8:75:10:54:e4:91:df:bd:ae:a8:50:1f:48:64:
43:60:5e:56:2c:3f:66:ab:64:dc:b7:4c:e1:4b:6d:
aa:a9:57:e2:de:b3:58:d5:61:28:fa:42:e4:01:51:
ac:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:97:84:95:53:B9:DE:62:3F:43:66:94:4A:F5:23:4E:DA:1B:64:5A
X509v3 Authority Key Identifier:
keyid:18:05:6D:EB:58:0E:35:74:F1:48:3E:66:9C:5A:A4:2E:58:4E:CE:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914A0CB/E5C3AE9C5A1911E681B8C10FC4F9AE02/GAVt61gONXTxSD5mnFqkLlhOzrs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GAVt61gONXTxSD5mnFqkLlhOzrs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914A0CB/E5C3AE9C5A1911E681B8C10FC4F9AE02/764D8698EA9111EAA035205FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.109.0.0/19
45.64.192.0/22
103.19.132.0/22
120.72.88.0/21
180.211.96.0/19
202.131.96.0-202.131.126.255
IPv6:
2401:2d00::/32
Signature Algorithm: sha256WithRSAEncryption
81:11:0b:f3:b2:08:8d:15:c1:d0:5b:24:9c:fc:e1:49:11:fd:
b6:37:29:93:78:c6:fb:d6:f3:58:98:5c:56:da:b5:6f:39:c8:
ef:80:32:36:22:74:9d:92:98:30:a5:58:7c:48:0a:3f:3c:5e:
4f:68:22:3d:d5:0d:12:c5:eb:e3:d9:fc:8f:7a:ee:15:20:24:
cd:d8:e6:92:11:57:a1:b6:4e:d4:49:82:10:b7:3e:af:cd:dd:
35:d2:ec:75:fe:66:8c:8a:cf:ad:9f:28:2f:12:2b:b5:9a:d0:
10:45:fc:d2:7d:a5:62:39:62:73:35:e6:98:e2:2a:4b:c3:b3:
a5:08:e4:66:a9:ce:a6:fd:5c:70:14:65:1e:0b:9f:28:dd:c3:
24:4a:1f:c4:6c:42:c6:54:3a:cb:ed:d8:da:76:7b:bd:fb:d2:
21:0e:2f:4a:41:4b:fe:b5:6f:82:79:fd:82:eb:0f:e0:7a:3b:
9d:1d:61:79:86:4c:ad:33:71:ab:00:41:6b:d6:25:e7:75:8f:
31:d0:3b:33:5e:ee:ca:c1:59:62:6b:5f:05:43:f0:89:31:f8:
9e:97:7f:c0:03:4a:9a:e4:07:87:e8:69:fa:4b:bf:09:50:bd:
c9:39:dd:44:7a:da:d8:96:84:64:1f:09:e9:71:ec:c6:ac:4c:
59:46:9a:fd
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgICHtAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEEwQ0IxMTAvBgNVBAUTKDE4MDU2REVCNTgwRTM1NzRGMTQ4M0U2NjlDNUFBNDJF
NTg0RUNFQkIwHhcNMjUwMTE2MTYyMzI2WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg5MzI3ZS03OTZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsCVrsVISZZS+OX/kTFal4311e+ZCfO9Mz0Ex6XuUDAdepZrdcl8rXp9A1dDo
JIybwgHptIvGq8UnEzwXGaIH8qUovyra7WmXn2UKlALjvATv2hBma/B2DPztDgc8
pY0Hp1l3FLgFcnNiO3u/WQ5PKQx6QKwbax2V2gFqtlvypJQC1Q4PKzsg0zAJi8LJ
nbs+A4quYtz9dcxvEnlwElbrHukpk5ERjq4xbHRtF7Azvx2OcrZdko5SdMFuIdT5
6HZ+tgFyZTq8JllxItWc943g/DduqHUQVOSR372uqFAfSGRDYF5WLD9mq2Tct0zh
S22qqVfi3rNY1WEo+kLkAVGsbQIDAQABo4ICyjCCAsYwHQYDVR0OBBYEFMCXhJVT
ud5iP0NmlEr1I07aG2RaMB8GA1UdIwQYMBaAFBgFbetYDjV08Ug+ZpxapC5YTs67
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QTBDQi9FNUMzQUU5QzVB
MTkxMUU2ODFCOEMxMEZDNEY5QUUwMi9HQVZ0NjFnT05YVHhTRDVtbkZxa0xsaE96
cnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0dBVnQ2MWdPTlhUeFNENW1uRnFrTGxoT3pycy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEEwQ0IvRTVDM0FFOUM1QTE5MTFFNjgxQjhDMTBGQzRGOUFFMDIvNzY0RDg2OThF
QTkxMTFFQUEwMzUyMDVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVAYIKwYBBQUHAQcBAf8E
RTBDMDIEAgABMCwDBAUbbQADBAItQMADBAJnE4QDBAN4SFgDBAW002AwDAMEBcqD
YAMEAMqDfjANBAIAAjAHAwUAJAEtADANBgkqhkiG9w0BAQsFAAOCAQEAgREL87II
jRXB0FsknPzhSRH9tjcpk3jG+9bzWJhcVtq1bznI74AyNiJ0nZKYMKVYfEgKPzxe
T2giPdUNEsXr49n8j3ruFSAkzdjmkhFXobZO1EmCELc+r83dNdLsdf5mjIrPrZ8o
LxIrtZrQEEX80n2lYjliczXmmOIqS8OzpQjkZqnOpv1ccBRlHgufKN3DJEofxGxC
xlQ6y+3Y2nZ7vfvSIQ4vSkFL/rVvgnn9gusP4Ho7nR1heYZMrTNxqwBBa9Yl53WP
MdA7M17uysFZYmtfBUPwiTH4npd/wANKmuQHh+hp+ku/CVC9yTndRHra2JaEZB8J
6XHsxqxMWUaa/Q==
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:47:57 2025 by rpki-client