Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/882D2F8E614D11F0BDEA561AC4F9AE02.roa
File: 882D2F8E614D11F0BDEA561AC4F9AE02.roa (raw, json)
Hash identifier: Wf8Yp/2Wf3nrrMgkmYB6r80LX3KGJalREelQ60kDho4=
Subject key identifier: A1:FB:4D:4F:0A:FB:FC:C8:BE:57:8C:51:28:32:71:2E:36:EF:54:62
Certificate issuer: /CN=A9186E8A/serialNumber=BDD5E9A76F1AC4C8E51797ECE99E3DCEECEE7493
Certificate serial: 07B3
Authority key identifier: BD:D5:E9:A7:6F:1A:C4:C8:E5:17:97:EC:E9:9E:3D:CE:EC:EE:74:93
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vdXpp28axMjlF5fs6Z49zuzudJM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/882D2F8E614D11F0BDEA561AC4F9AE02.roa
Signing time: Tue 15 Jul 2025 07:30:07 +0000
ROA not before: Tue 15 Jul 2025 07:30:07 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 135377
IP address blocks: 152.32.128.0/24 maxlen: 24
152.32.129.0/24 maxlen: 24
152.32.130.0/24 maxlen: 24
152.32.131.0/24 maxlen: 24
152.32.132.0/24 maxlen: 24
152.32.133.0/24 maxlen: 24
152.32.134.0/24 maxlen: 24
152.32.135.0/24 maxlen: 24
152.32.137.0/24 maxlen: 24
152.32.138.0/24 maxlen: 24
152.32.139.0/24 maxlen: 24
152.32.140.0/24 maxlen: 24
152.32.141.0/24 maxlen: 24
152.32.142.0/24 maxlen: 24
152.32.143.0/24 maxlen: 24
152.32.144.0/24 maxlen: 24
152.32.145.0/24 maxlen: 24
152.32.146.0/24 maxlen: 24
152.32.147.0/24 maxlen: 24
152.32.148.0/24 maxlen: 24
152.32.149.0/24 maxlen: 24
152.32.150.0/24 maxlen: 24
152.32.151.0/24 maxlen: 24
152.32.152.0/24 maxlen: 24
152.32.153.0/24 maxlen: 24
152.32.154.0/24 maxlen: 24
152.32.155.0/24 maxlen: 24
152.32.156.0/24 maxlen: 24
152.32.157.0/24 maxlen: 24
152.32.158.0/24 maxlen: 24
152.32.159.0/24 maxlen: 24
152.32.160.0/24 maxlen: 24
152.32.161.0/24 maxlen: 24
152.32.162.0/24 maxlen: 24
152.32.163.0/24 maxlen: 24
152.32.164.0/24 maxlen: 24
152.32.165.0/24 maxlen: 24
152.32.166.0/24 maxlen: 24
152.32.167.0/24 maxlen: 24
152.32.168.0/24 maxlen: 24
152.32.169.0/24 maxlen: 24
152.32.170.0/24 maxlen: 24
152.32.171.0/24 maxlen: 24
152.32.172.0/24 maxlen: 24
152.32.173.0/24 maxlen: 24
152.32.174.0/24 maxlen: 24
152.32.175.0/24 maxlen: 24
152.32.176.0/24 maxlen: 24
152.32.177.0/24 maxlen: 24
152.32.178.0/24 maxlen: 24
152.32.179.0/24 maxlen: 24
152.32.180.0/24 maxlen: 24
152.32.181.0/24 maxlen: 24
152.32.182.0/24 maxlen: 24
152.32.183.0/24 maxlen: 24
152.32.184.0/24 maxlen: 24
152.32.185.0/24 maxlen: 24
152.32.186.0/24 maxlen: 24
152.32.187.0/24 maxlen: 24
152.32.188.0/24 maxlen: 24
152.32.189.0/24 maxlen: 24
152.32.190.0/24 maxlen: 24
152.32.191.0/24 maxlen: 24
152.32.192.0/24 maxlen: 24
152.32.193.0/24 maxlen: 24
152.32.194.0/24 maxlen: 24
152.32.195.0/24 maxlen: 24
152.32.196.0/24 maxlen: 24
152.32.197.0/24 maxlen: 24
152.32.198.0/24 maxlen: 24
152.32.199.0/24 maxlen: 24
152.32.200.0/24 maxlen: 24
152.32.201.0/24 maxlen: 24
152.32.202.0/24 maxlen: 24
152.32.203.0/24 maxlen: 24
152.32.204.0/24 maxlen: 24
152.32.205.0/24 maxlen: 24
152.32.206.0/24 maxlen: 24
152.32.207.0/24 maxlen: 24
152.32.208.0/24 maxlen: 24
152.32.209.0/24 maxlen: 24
152.32.210.0/24 maxlen: 24
152.32.211.0/24 maxlen: 24
152.32.212.0/24 maxlen: 24
152.32.213.0/24 maxlen: 24
152.32.214.0/24 maxlen: 24
152.32.215.0/24 maxlen: 24
152.32.216.0/24 maxlen: 24
152.32.217.0/24 maxlen: 24
152.32.218.0/24 maxlen: 24
152.32.219.0/24 maxlen: 24
152.32.220.0/24 maxlen: 24
152.32.221.0/24 maxlen: 24
152.32.222.0/24 maxlen: 24
152.32.223.0/24 maxlen: 24
152.32.224.0/24 maxlen: 24
152.32.225.0/24 maxlen: 24
152.32.226.0/24 maxlen: 24
152.32.227.0/24 maxlen: 24
152.32.228.0/24 maxlen: 24
152.32.229.0/24 maxlen: 24
152.32.230.0/24 maxlen: 24
152.32.231.0/24 maxlen: 24
152.32.232.0/24 maxlen: 24
152.32.233.0/24 maxlen: 24
152.32.234.0/24 maxlen: 24
152.32.235.0/24 maxlen: 24
152.32.236.0/24 maxlen: 24
152.32.237.0/24 maxlen: 24
152.32.238.0/24 maxlen: 24
152.32.239.0/24 maxlen: 24
152.32.240.0/24 maxlen: 24
152.32.241.0/24 maxlen: 24
152.32.242.0/24 maxlen: 24
152.32.243.0/24 maxlen: 24
152.32.244.0/24 maxlen: 24
152.32.245.0/24 maxlen: 24
152.32.246.0/24 maxlen: 24
152.32.247.0/24 maxlen: 24
152.32.248.0/24 maxlen: 24
152.32.249.0/24 maxlen: 24
152.32.250.0/24 maxlen: 24
152.32.251.0/24 maxlen: 24
152.32.252.0/24 maxlen: 24
152.32.253.0/24 maxlen: 24
152.32.254.0/24 maxlen: 24
152.32.255.0/24 maxlen: 24
165.154.0.0/17 maxlen: 24
165.154.128.0/18 maxlen: 24
165.154.218.0/23 maxlen: 24
165.154.220.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/vdXpp28axMjlF5fs6Z49zuzudJM.crl
rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/vdXpp28axMjlF5fs6Z49zuzudJM.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vdXpp28axMjlF5fs6Z49zuzudJM.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 25 Jul 2025 21:55:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1971 (0x7b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186E8A, serialNumber=BDD5E9A76F1AC4C8E51797ECE99E3DCEECEE7493
Validity
Not Before: Jul 15 07:30:07 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=6876037f-3671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:7e:76:7f:ca:08:a5:b0:42:d5:3f:6f:14:1e:
42:4c:66:e9:6a:b8:11:40:eb:0e:21:69:56:1b:70:
ee:7d:91:99:6e:aa:65:a9:7c:cb:d2:07:e9:cc:b6:
e9:85:22:94:29:ce:a4:f4:b5:a1:00:6e:ad:c9:ca:
cd:3e:1a:87:ce:2c:c9:a7:99:ce:3f:c0:00:43:e8:
a2:cf:8d:5f:a0:2d:f0:d9:6e:98:bf:12:d5:da:80:
cc:7e:e5:16:8f:f1:b0:58:a7:3d:37:ab:4d:7f:b4:
de:56:f7:9e:2c:73:ab:7e:21:d3:a4:1d:5b:cd:72:
4c:31:da:65:41:32:bb:53:eb:0d:94:2d:1b:02:2e:
d1:49:a8:56:86:1e:ab:64:52:59:7d:f4:2e:f7:a0:
d0:7a:75:72:b7:ee:9e:d9:6e:66:59:85:a4:60:55:
18:f6:c4:79:e0:ac:bc:17:81:09:33:de:84:84:65:
40:3f:54:1a:0c:48:dd:9c:6c:8b:04:87:94:05:53:
4c:06:b7:94:ba:54:a3:44:5d:f3:0b:ac:c8:36:1d:
19:ab:6c:ce:a7:a9:7c:7c:e7:89:f3:64:5a:45:ee:
d0:d3:a2:79:eb:2d:98:b9:a7:01:da:14:b9:31:f5:
ad:e2:b9:c4:6c:08:e0:db:25:93:4d:0c:16:e4:bf:
53:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:FB:4D:4F:0A:FB:FC:C8:BE:57:8C:51:28:32:71:2E:36:EF:54:62
X509v3 Authority Key Identifier:
keyid:BD:D5:E9:A7:6F:1A:C4:C8:E5:17:97:EC:E9:9E:3D:CE:EC:EE:74:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/vdXpp28axMjlF5fs6Z49zuzudJM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vdXpp28axMjlF5fs6Z49zuzudJM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/882D2F8E614D11F0BDEA561AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
152.32.128.0/21
152.32.137.0-152.32.255.255
165.154.0.0-165.154.191.255
165.154.218.0-165.154.223.255
Signature Algorithm: sha256WithRSAEncryption
64:e1:8e:c7:a7:77:0b:49:18:d0:84:3c:3f:b2:89:03:ec:a0:
56:6a:f9:7b:fe:5c:91:6f:c9:74:49:db:a0:76:34:84:6e:6d:
64:4a:2f:f6:56:18:92:42:a1:ac:56:18:81:b3:32:c4:10:10:
7c:30:d5:e3:3f:2a:ab:35:b3:35:12:a0:b4:55:0d:55:ea:f5:
6b:04:b7:eb:ec:23:4d:b9:4a:2c:3e:9e:c8:3e:3c:68:4b:70:
b9:77:20:9b:c9:a6:a7:55:52:af:44:39:a8:87:e9:84:a3:de:
a8:16:03:35:8f:f1:f7:7c:4b:06:63:43:43:b6:be:e4:36:d4:
d8:28:3c:c2:b2:ec:6d:2c:8a:79:20:82:2b:23:1f:b2:76:83:
51:b1:8b:b9:f5:25:74:af:a3:8a:87:3b:08:33:2d:f4:4f:c4:
27:e5:af:3a:ef:52:3d:9f:69:d3:6f:a6:a2:6a:ad:3c:5f:8a:
e2:c3:94:75:11:23:31:c0:bd:df:bf:cc:4d:61:b2:e8:b3:80:
ec:cd:57:a2:59:0f:f7:0c:6b:21:3a:c8:db:87:cf:db:45:dc:
26:8d:76:6c:c2:12:48:63:c0:0e:96:5c:f2:47:e9:87:e9:ac:
56:ba:cc:39:8f:15:72:6b:8f:d9:a2:f1:22:24:df:e3:78:17:
5a:60:97:86
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgICB7MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODZFOEExMTAvBgNVBAUTKEJERDVFOUE3NkYxQUM0QzhFNTE3OTdFQ0U5OUUzRENF
RUNFRTc0OTMwHhcNMjUwNzE1MDczMDA3WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02ODc2MDM3Zi0zNjcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAl352f8oIpbBC1T9vFB5CTGbpargRQOsOIWlWG3DufZGZbqplqXzL0gfpzLbp
hSKUKc6k9LWhAG6tycrNPhqHzizJp5nOP8AAQ+iiz41foC3w2W6YvxLV2oDMfuUW
j/GwWKc9N6tNf7TeVveeLHOrfiHTpB1bzXJMMdplQTK7U+sNlC0bAi7RSahWhh6r
ZFJZffQu96DQenVyt+6e2W5mWYWkYFUY9sR54Ky8F4EJM96EhGVAP1QaDEjdnGyL
BIeUBVNMBreUulSjRF3zC6zINh0Zq2zOp6l8fOeJ82RaRe7Q06J56y2YuacB2hS5
MfWt4rnEbAjg2yWTTQwW5L9TrwIDAQABo4ICvTCCArkwHQYDVR0OBBYEFKH7TU8K
+/zIvleMUSgycS4271RiMB8GA1UdIwQYMBaAFL3V6advGsTI5ReX7OmePc7s7nST
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NkU4QS8zMTQ4REM5RTJE
RkYxMUVCODY4QTkxMzVDNEY5QUUwMi92ZFhwcDI4YXhNamxGNWZzNlo0OXp1enVk
Sk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3ZkWHBwMjhheE1qbEY1ZnM2WjQ5enV6dWRKTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODZFOEEvMzE0OERDOUUyREZGMTFFQjg2OEE5MTM1QzRGOUFFMDIvODgyRDJGOEU2
MTREMTFGMEJERUE1NjFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E
ODA2MDQEAgABMC4DBAOYIIAwCwMEAJggiQMDAJggMAsDAwGlmgMEBqWagDAMAwQB
pZraAwQFpZrAMA0GCSqGSIb3DQEBCwUAA4IBAQBk4Y7Hp3cLSRjQhDw/sokD7KBW
avl7/lyRb8l0SdugdjSEbm1kSi/2VhiSQqGsVhiBszLEEBB8MNXjPyqrNbM1EqC0
VQ1V6vVrBLfr7CNNuUosPp7IPjxoS3C5dyCbyaanVVKvRDmoh+mEo96oFgM1j/H3
fEsGY0NDtr7kNtTYKDzCsuxtLIp5IIIrIx+ydoNRsYu59SV0r6OKhzsIMy30T8Qn
5a8671I9n2nTb6aiaq08X4riw5R1ESMxwL3fv8xNYbLos4DszVeiWQ/3DGshOsjb
h8/bRdwmjXZswhJIY8AOllzyR+mH6axWusw5jxVya4/ZovEiJN/jeBdaYJeG
-----END CERTIFICATE-----
Generated at Sun Jul 20 08:04:16 2025 by rpki-client