Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A09BF/D13DA1D42DFC11EABC1B6B82C4F9AE02/7510C8E4A58111EFB180AE4CC4F9AE02.roa
File: 7510C8E4A58111EFB180AE4CC4F9AE02.roa (raw, json)
Hash identifier: EYUdErvrNyXXGWy2iexeF4zrxrreLq1Yski9zt4iFNY=
Subject key identifier: A0:8E:2C:1F:8F:D0:BE:E8:C2:52:31:F2:1B:82:2C:01:C7:32:B3:8A
Certificate issuer: /CN=A91A09BF/serialNumber=7870F240BC4516E39A9C25958CF97B194BE76567
Certificate serial: 0B66
Authority key identifier: 78:70:F2:40:BC:45:16:E3:9A:9C:25:95:8C:F9:7B:19:4B:E7:65:67
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eHDyQLxFFuOanCWVjPl7GUvnZWc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A09BF/D13DA1D42DFC11EABC1B6B82C4F9AE02/7510C8E4A58111EFB180AE4CC4F9AE02.roa
Signing time: Tue 04 Feb 2025 07:32:36 +0000
ROA not before: Tue 04 Feb 2025 07:32:36 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 9729
IP address blocks: 202.85.128.0/20 maxlen: 20
202.85.128.0/24 maxlen: 24
202.85.129.0/24 maxlen: 24
202.85.131.0/24 maxlen: 24
202.85.132.0/24 maxlen: 24
202.85.137.0/24 maxlen: 24
202.85.138.0/24 maxlen: 24
202.85.140.0/24 maxlen: 24
202.85.144.0/20 maxlen: 20
202.85.164.0/23 maxlen: 23
202.85.165.0/24 maxlen: 24
202.85.166.0/23 maxlen: 23
202.85.167.0/24 maxlen: 24
202.85.168.0/22 maxlen: 22
202.85.169.0/24 maxlen: 24
202.85.170.0/24 maxlen: 24
202.85.171.0/24 maxlen: 24
202.85.172.0/22 maxlen: 22
202.85.172.0/24 maxlen: 24
202.85.180.0/22 maxlen: 22
202.85.181.0/24 maxlen: 24
202.85.184.0/22 maxlen: 22
202.85.188.0/24 maxlen: 24
202.85.190.0/24 maxlen: 24
202.85.191.0/24 maxlen: 24
203.194.128.0/21 maxlen: 21
203.194.133.0/24 maxlen: 24
203.194.135.0/24 maxlen: 24
203.194.136.0/21 maxlen: 21
203.194.136.0/24 maxlen: 24
203.194.140.0/22 maxlen: 24
203.194.144.0/21 maxlen: 21
203.194.144.0/24 maxlen: 24
203.194.145.0/24 maxlen: 24
203.194.146.0/24 maxlen: 24
203.194.148.0/24 maxlen: 24
203.194.149.0/24 maxlen: 24
203.194.152.0/21 maxlen: 21
203.194.153.0/24 maxlen: 24
203.194.159.0/24 maxlen: 24
203.194.160.0/22 maxlen: 24
203.194.164.0/22 maxlen: 22
203.194.168.0/22 maxlen: 22
203.194.168.0/24 maxlen: 24
203.194.169.0/24 maxlen: 24
203.194.170.0/24 maxlen: 24
203.194.171.0/24 maxlen: 24
203.194.176.0/22 maxlen: 22
203.194.176.0/24 maxlen: 24
203.194.177.0/24 maxlen: 24
203.194.179.0/24 maxlen: 24
203.194.183.0/24 maxlen: 24
203.194.186.0/23 maxlen: 24
203.194.188.0/22 maxlen: 22
203.194.188.0/24 maxlen: 24
203.194.192.0/21 maxlen: 21
203.194.196.0/24 maxlen: 24
203.194.199.0/24 maxlen: 24
203.194.200.0/22 maxlen: 22
203.194.200.0/23 maxlen: 23
203.194.204.0/22 maxlen: 22
203.194.206.0/24 maxlen: 24
203.194.208.0/22 maxlen: 22
203.194.208.0/24 maxlen: 24
203.194.209.0/24 maxlen: 24
203.194.211.0/24 maxlen: 24
203.194.212.0/22 maxlen: 22
203.194.212.0/23 maxlen: 23
203.194.216.0/22 maxlen: 22
203.194.216.0/24 maxlen: 24
203.194.217.0/24 maxlen: 24
203.194.218.0/24 maxlen: 24
203.194.219.0/24 maxlen: 24
203.194.220.0/22 maxlen: 22
203.194.220.0/24 maxlen: 24
203.194.221.0/24 maxlen: 24
203.194.223.0/24 maxlen: 24
203.194.224.0/22 maxlen: 22
203.194.224.0/24 maxlen: 24
203.194.227.0/24 maxlen: 24
203.194.228.0/22 maxlen: 22
203.194.228.0/24 maxlen: 24
203.194.232.0/22 maxlen: 22
203.194.232.0/24 maxlen: 24
203.194.233.0/24 maxlen: 24
203.194.236.0/22 maxlen: 24
203.194.240.0/22 maxlen: 22
203.194.244.0/22 maxlen: 22
203.194.244.0/24 maxlen: 24
203.194.248.0/21 maxlen: 21
203.194.251.0/24 maxlen: 24
203.194.255.0/24 maxlen: 24
210.184.96.0/22 maxlen: 22
210.184.97.0/24 maxlen: 24
210.184.99.0/24 maxlen: 24
210.184.100.0/22 maxlen: 22
210.184.108.0/22 maxlen: 22
210.184.110.0/24 maxlen: 24
210.184.112.0/21 maxlen: 21
210.184.113.0/24 maxlen: 24
210.184.114.0/24 maxlen: 24
210.184.120.0/24 maxlen: 24
210.184.121.0/24 maxlen: 24
210.184.122.0/24 maxlen: 24
210.184.124.0/24 maxlen: 24
210.184.127.0/24 maxlen: 24
210.184.128.0/17 maxlen: 17
210.184.128.0/21 maxlen: 21
210.184.136.0/22 maxlen: 22
210.184.137.0/24 maxlen: 24
210.184.139.0/24 maxlen: 24
210.184.142.0/24 maxlen: 24
210.184.152.0/22 maxlen: 22
210.184.156.0/23 maxlen: 23
210.184.158.0/23 maxlen: 23
210.184.164.0/22 maxlen: 22
210.184.167.0/24 maxlen: 24
210.184.168.0/22 maxlen: 22
210.184.172.0/23 maxlen: 23
210.184.174.0/23 maxlen: 23
210.184.178.0/23 maxlen: 23
210.184.178.0/24 maxlen: 24
210.184.180.0/22 maxlen: 22
210.184.180.0/24 maxlen: 24
210.184.184.0/22 maxlen: 22
210.184.189.0/24 maxlen: 24
210.184.190.0/23 maxlen: 23
210.184.190.0/24 maxlen: 24
210.184.192.0/24 maxlen: 24
210.184.193.0/24 maxlen: 24
210.184.194.0/24 maxlen: 24
210.184.196.0/22 maxlen: 22
210.184.196.0/24 maxlen: 24
210.184.197.0/24 maxlen: 24
210.184.198.0/23 maxlen: 24
210.184.200.0/22 maxlen: 22
210.184.200.0/24 maxlen: 24
210.184.201.0/24 maxlen: 24
210.184.202.0/24 maxlen: 24
210.184.203.0/24 maxlen: 24
210.184.204.0/22 maxlen: 22
210.184.208.0/24 maxlen: 24
210.184.209.0/24 maxlen: 24
210.184.210.0/24 maxlen: 24
210.184.211.0/24 maxlen: 24
210.184.212.0/24 maxlen: 24
210.184.213.0/24 maxlen: 24
210.184.214.0/24 maxlen: 24
210.184.215.0/24 maxlen: 24
210.184.216.0/24 maxlen: 24
210.184.217.0/24 maxlen: 24
210.184.218.0/24 maxlen: 24
210.184.219.0/24 maxlen: 24
210.184.220.0/24 maxlen: 24
210.184.221.0/24 maxlen: 24
210.184.222.0/24 maxlen: 24
210.184.223.0/24 maxlen: 24
210.184.224.0/24 maxlen: 24
210.184.225.0/24 maxlen: 24
210.184.226.0/24 maxlen: 24
210.184.240.0/24 maxlen: 24
210.184.241.0/24 maxlen: 24
210.184.242.0/23 maxlen: 24
210.184.248.0/21 maxlen: 22
210.184.248.0/23 maxlen: 24
210.184.251.0/24 maxlen: 24
210.184.254.0/24 maxlen: 24
2403:2400::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A09BF/D13DA1D42DFC11EABC1B6B82C4F9AE02/eHDyQLxFFuOanCWVjPl7GUvnZWc.crl
rsync://rpki.apnic.net/member_repository/A91A09BF/D13DA1D42DFC11EABC1B6B82C4F9AE02/eHDyQLxFFuOanCWVjPl7GUvnZWc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eHDyQLxFFuOanCWVjPl7GUvnZWc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 27 Apr 2025 18:54:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2918 (0xb66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A09BF, serialNumber=7870F240BC4516E39A9C25958CF97B194BE76567
Validity
Not Before: Feb 4 07:32:36 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67a1c294-5a8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:f1:eb:16:89:04:73:77:e1:e7:8d:81:13:0b:
e7:ec:c8:7a:5e:78:92:47:95:f5:2f:7a:f8:f5:f0:
ee:53:cd:21:2d:29:3c:f7:a8:46:d4:7b:75:a5:3e:
2a:1c:ff:89:a3:75:21:19:de:18:69:19:8b:1c:83:
e2:11:43:1e:d5:d9:ba:2f:38:84:73:a1:83:bf:b8:
b7:c9:5a:94:08:db:88:7f:65:3a:e7:2b:fa:52:f2:
b1:0b:89:f5:2a:ae:d8:a3:e5:c6:aa:11:3a:46:1c:
76:d7:3c:ba:e3:cb:89:77:8f:e4:33:c4:a1:20:56:
cc:61:10:06:f7:d1:c2:34:fd:30:cd:23:50:d5:4b:
22:04:6d:69:b7:0d:6d:8b:2f:45:52:8e:b6:b5:a3:
6b:16:2f:1b:93:b2:e8:38:d8:fe:96:55:50:26:70:
86:82:25:ee:09:10:e4:58:f5:55:91:7e:f4:4a:78:
2b:30:ee:ca:34:6e:92:32:e2:eb:21:5c:a4:50:93:
db:a3:b5:c8:9e:1c:34:c9:49:51:89:0f:13:0d:c9:
6d:72:b9:26:40:e2:4f:4d:24:db:f6:eb:e6:5e:78:
38:0e:27:81:dc:9b:43:ec:82:b5:89:d1:56:28:83:
cb:71:c4:a1:fa:3b:a1:46:ea:a7:06:c4:b3:f7:a8:
85:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:8E:2C:1F:8F:D0:BE:E8:C2:52:31:F2:1B:82:2C:01:C7:32:B3:8A
X509v3 Authority Key Identifier:
keyid:78:70:F2:40:BC:45:16:E3:9A:9C:25:95:8C:F9:7B:19:4B:E7:65:67
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A09BF/D13DA1D42DFC11EABC1B6B82C4F9AE02/eHDyQLxFFuOanCWVjPl7GUvnZWc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eHDyQLxFFuOanCWVjPl7GUvnZWc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A09BF/D13DA1D42DFC11EABC1B6B82C4F9AE02/7510C8E4A58111EFB180AE4CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.85.128.0/19
202.85.164.0-202.85.175.255
202.85.180.0-202.85.188.255
202.85.190.0/23
203.194.128.0-203.194.171.255
203.194.176.0/22
203.194.183.0/24
203.194.186.0-203.194.255.255
210.184.96.0/21
210.184.108.0-210.184.122.255
210.184.124.0/24
210.184.127.0-210.184.255.255
IPv6:
2403:2400::/32
Signature Algorithm: sha256WithRSAEncryption
a6:c7:8e:9b:ce:f4:84:c1:e0:68:0f:e3:1f:39:ee:3e:49:20:
49:03:d8:d0:53:9e:df:b4:45:12:0d:cf:9f:eb:07:82:5d:08:
20:87:0c:2d:ba:6d:a9:91:b6:6f:f3:3b:57:59:17:d1:4d:0a:
23:b5:4e:03:8d:53:03:91:6e:c6:d4:23:b2:1a:85:bb:40:78:
84:56:d5:83:b2:61:09:53:9a:b9:63:6a:db:cb:6a:ff:85:dd:
28:a8:6d:05:b5:19:32:b0:18:ca:fa:15:26:e0:1a:af:6d:36:
f5:ea:ad:6e:4e:e2:50:6d:0c:60:b2:f7:48:ba:38:26:31:ff:
4a:05:b0:70:84:34:63:e5:2c:d9:20:8e:cb:d1:02:5c:b4:43:
3e:a7:50:89:a8:87:f6:d7:e8:10:fc:ad:53:54:8b:56:6a:b4:
91:3f:0a:02:e4:1f:3c:57:42:5f:bb:4c:01:53:a6:b8:f6:d9:
35:3c:c1:2c:12:57:0f:40:ca:ad:7c:67:43:de:02:fd:9a:33:
61:63:be:90:9d:d2:b0:b2:cd:e0:94:3c:d6:e0:0e:93:e3:1b:
f9:2f:8d:c9:25:77:bd:6e:de:13:e5:f3:2f:d2:71:08:20:a1:
e9:ff:10:b5:22:85:0f:8b:5e:d4:06:a0:aa:00:0b:ad:79:4d:
bb:f4:e7:08
-----BEGIN CERTIFICATE-----
MIIF8zCCBNugAwIBAgICC2YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTA5QkYxMTAvBgNVBAUTKDc4NzBGMjQwQkM0NTE2RTM5QTlDMjU5NThDRjk3QjE5
NEJFNzY1NjcwHhcNMjUwMjA0MDczMjM2WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2ExYzI5NC01YThmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3PHrFokEc3fh542BEwvn7Mh6XniSR5X1L3r49fDuU80hLSk896hG1Ht1pT4q
HP+Jo3UhGd4YaRmLHIPiEUMe1dm6LziEc6GDv7i3yVqUCNuIf2U65yv6UvKxC4n1
Kq7Yo+XGqhE6Rhx21zy648uJd4/kM8ShIFbMYRAG99HCNP0wzSNQ1UsiBG1ptw1t
iy9FUo62taNrFi8bk7LoONj+llVQJnCGgiXuCRDkWPVVkX70SngrMO7KNG6SMuLr
IVykUJPbo7XInhw0yUlRiQ8TDcltcrkmQOJPTSTb9uvmXng4DieB3JtD7IK1idFW
KIPLccSh+juhRuqnBsSz96iFGwIDAQABo4IDFzCCAxMwHQYDVR0OBBYEFKCOLB+P
0L7owlIx8huCLAHHMrOKMB8GA1UdIwQYMBaAFHhw8kC8RRbjmpwllYz5exlL52Vn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDlCRi9EMTNEQTFENDJE
RkMxMUVBQkMxQjZCODJDNEY5QUUwMi9lSER5UUx4RkZ1T2FuQ1dWalBsN0dVdm5a
V2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VIRHlRTHhGRnVPYW5DV1ZqUGw3R1V2blpXYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTA5QkYvRDEzREExRDQyREZDMTFFQUJDMUI2QjgyQzRGOUFFMDIvNzUxMEM4RTRB
NTgxMTFFRkIxODBBRTRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaAGCCsGAQUFBwEHAQH/
BIGQMIGNMHwEAgABMHYDBAXKVYAwDAMEAspVpAMEBMpVoDAMAwQCylW0AwQAylW8
AwQBylW+MAwDBAfLwoADBALLwqgDBALLwrADBADLwrcwCwMEAcvCugMDAMvCAwQD
0rhgMAwDBALSuGwDBADSuHoDBADSuHwwCwMEANK4fwMDANK4MA0EAgACMAcDBQAk
AyQAMA0GCSqGSIb3DQEBCwUAA4IBAQCmx46bzvSEweBoD+MfOe4+SSBJA9jQU57f
tEUSDc+f6weCXQgghwwtum2pkbZv8ztXWRfRTQojtU4DjVMDkW7G1COyGoW7QHiE
VtWDsmEJU5q5Y2rby2r/hd0oqG0FtRkysBjK+hUm4BqvbTb16q1uTuJQbQxgsvdI
ujgmMf9KBbBwhDRj5SzZII7L0QJctEM+p1CJqIf21+gQ/K1TVItWarSRPwoC5B88
V0Jfu0wBU6a49tk1PMEsElcPQMqtfGdD3gL9mjNhY76QndKwss3glDzW4A6T4xv5
L43JJXe9bt4T5fMv0nEIIKHp/xC1IoUPi17UBqCqAAuteU279OcI
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:09:37 2025 by rpki-client