Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/22F72E28725311EBA9C51756C4F9AE02.roa
File: 22F72E28725311EBA9C51756C4F9AE02.roa (raw, json)
Hash identifier: Td9ZRXmDLCaOWu5C2VPY0G2nu6GZr9orup/Cn82OpN4=
Subject key identifier: 51:76:39:8B:88:1E:15:67:25:6A:BC:E0:BB:82:97:FE:C5:F9:B6:24
Certificate issuer: /CN=A91B477B/serialNumber=1FC4DFD00DAC34A8EB8463D3951C22A345837AC9
Certificate serial: 06B7
Authority key identifier: 1F:C4:DF:D0:0D:AC:34:A8:EB:84:63:D3:95:1C:22:A3:45:83:7A:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H8Tf0A2sNKjrhGPTlRwio0WDesk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/22F72E28725311EBA9C51756C4F9AE02.roa
Signing time: Tue 08 Jul 2025 23:03:44 +0000
ROA not before: Tue 08 Jul 2025 23:03:44 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 18018
IP address blocks: 110.50.224.0/23 maxlen: 23
110.50.224.0/24 maxlen: 24
110.50.225.0/24 maxlen: 24
110.50.226.0/23 maxlen: 23
110.50.226.0/24 maxlen: 24
110.50.227.0/24 maxlen: 24
110.50.228.0/23 maxlen: 23
110.50.228.0/24 maxlen: 24
110.50.229.0/24 maxlen: 24
110.50.230.0/23 maxlen: 23
110.50.230.0/24 maxlen: 24
110.50.231.0/24 maxlen: 24
110.50.232.0/24 maxlen: 24
110.50.233.0/24 maxlen: 24
110.50.234.0/24 maxlen: 24
110.50.235.0/24 maxlen: 24
110.50.236.0/24 maxlen: 24
110.50.237.0/24 maxlen: 24
110.50.238.0/24 maxlen: 24
110.50.239.0/24 maxlen: 24
114.141.216.0/21 maxlen: 21
114.141.216.0/24 maxlen: 24
114.141.217.0/24 maxlen: 24
114.141.218.0/24 maxlen: 24
114.141.219.0/24 maxlen: 24
114.141.220.0/24 maxlen: 24
114.141.221.0/24 maxlen: 24
114.141.222.0/24 maxlen: 24
114.141.223.0/24 maxlen: 24
202.129.220.0/24 maxlen: 24
202.129.221.0/24 maxlen: 24
202.129.222.0/23 maxlen: 23
202.129.222.0/24 maxlen: 24
202.129.223.0/24 maxlen: 24
202.151.34.0/23 maxlen: 24
202.165.60.0/24 maxlen: 24
202.165.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.crl
rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H8Tf0A2sNKjrhGPTlRwio0WDesk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 29 Jul 2025 22:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1719 (0x6b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B477B, serialNumber=1FC4DFD00DAC34A8EB8463D3951C22A345837AC9
Validity
Not Before: Jul 8 23:03:44 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=686da3d0-9d06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:42:80:90:a8:72:23:6e:22:9d:62:89:ef:d0:
b6:42:99:4a:45:68:3d:fb:0a:fd:9d:15:c9:85:63:
03:72:7a:8f:fd:29:d7:e0:0c:8f:b8:f8:7a:7c:57:
f9:fd:11:85:1c:53:b6:73:9b:43:f1:77:a8:a3:c2:
8e:2c:d6:29:8d:25:86:a9:f4:7a:9f:7f:50:64:6e:
c7:12:4c:5e:7f:87:42:9e:a2:c2:c5:3a:e1:5d:87:
29:55:7e:8c:a1:4f:0c:58:c9:a3:fa:25:b9:3e:0f:
20:13:87:29:de:25:e0:29:32:f2:48:17:77:4b:d7:
99:79:e9:34:8b:52:e0:29:36:fb:e3:1d:6d:6b:38:
e2:7d:6b:c8:d8:69:40:41:04:15:f2:05:e8:a8:dc:
ab:e4:4a:e3:72:c6:f0:63:87:69:ef:f4:b4:e3:54:
e2:a6:fb:28:3e:91:59:02:da:24:89:7c:f7:7d:8c:
f6:8f:db:aa:a5:a5:d2:be:44:b2:a7:39:c3:48:c1:
c3:08:4d:96:10:ce:99:4b:ab:7c:b9:55:2d:79:ca:
05:24:a9:bb:0b:7b:f4:80:e5:27:c1:91:1d:ec:59:
ed:ec:16:7d:80:39:a9:56:85:2d:83:3e:0b:ae:89:
80:37:38:e3:df:71:d3:60:48:df:f8:52:a1:5e:1c:
42:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:76:39:8B:88:1E:15:67:25:6A:BC:E0:BB:82:97:FE:C5:F9:B6:24
X509v3 Authority Key Identifier:
keyid:1F:C4:DF:D0:0D:AC:34:A8:EB:84:63:D3:95:1C:22:A3:45:83:7A:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H8Tf0A2sNKjrhGPTlRwio0WDesk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/22F72E28725311EBA9C51756C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
110.50.224.0/20
114.141.216.0/21
202.129.220.0/22
202.151.34.0/23
202.165.60.0/23
Signature Algorithm: sha256WithRSAEncryption
19:7d:e9:d6:bf:2f:63:c4:15:a5:70:a5:32:e5:da:7c:1d:52:
60:65:1c:77:96:44:3c:3f:ed:bc:99:aa:1c:e2:6d:35:eb:98:
df:32:7a:86:39:9d:57:ad:7e:ef:b2:d1:b8:5f:77:06:ba:43:
84:0b:08:46:6f:f4:fa:00:51:74:69:5f:98:c9:5d:fb:02:90:
85:a4:66:b6:c5:0d:3e:95:35:9a:88:41:56:0d:26:ef:6b:59:
d1:7d:53:70:a9:88:18:83:2c:66:90:21:c4:d7:c1:e5:b0:ec:
72:9d:07:bc:ff:e5:f7:1b:9b:b0:8e:f3:07:2c:19:2e:cb:95:
ab:27:13:6f:bc:3c:3a:d1:f6:78:53:98:b3:cf:79:90:30:21:
26:3c:47:c3:a9:ec:b9:eb:67:6f:01:11:60:ae:bf:b6:60:0f:
80:ee:f8:bc:e8:bc:1a:04:db:ed:e4:f3:37:86:f1:72:38:15:
d9:22:4b:c1:69:60:68:87:8a:d0:5c:c7:e4:01:31:c3:a7:2d:
e7:c9:53:c5:af:1b:72:74:e1:48:0a:94:49:f1:a9:95:e3:b5:
05:9b:43:06:11:d7:96:17:d8:f3:01:3f:ce:82:03:82:13:ca:
f8:7d:f1:6f:a5:92:fc:d8:aa:0f:80:e9:42:78:2d:31:9a:7e:
ee:d4:cd:a7
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICBrcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjQ3N0IxMTAvBgNVBAUTKDFGQzRERkQwMERBQzM0QThFQjg0NjNEMzk1MUMyMkEz
NDU4MzdBQzkwHhcNMjUwNzA4MjMwMzQ0WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODZkYTNkMC05ZDA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxEKAkKhyI24inWKJ79C2QplKRWg9+wr9nRXJhWMDcnqP/SnX4AyPuPh6fFf5
/RGFHFO2c5tD8Xeoo8KOLNYpjSWGqfR6n39QZG7HEkxef4dCnqLCxTrhXYcpVX6M
oU8MWMmj+iW5Pg8gE4cp3iXgKTLySBd3S9eZeek0i1LgKTb74x1tazjifWvI2GlA
QQQV8gXoqNyr5ErjcsbwY4dp7/S041TipvsoPpFZAtokiXz3fYz2j9uqpaXSvkSy
pznDSMHDCE2WEM6ZS6t8uVUtecoFJKm7C3v0gOUnwZEd7Fnt7BZ9gDmpVoUtgz4L
romANzjj33HTYEjf+FKhXhxC9wIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFFF2OYuI
HhVnJWq84LuCl/7F+bYkMB8GA1UdIwQYMBaAFB/E39ANrDSo64Rj05UcIqNFg3rJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDc3Qi8xQzI1NjI3MDcy
NTAxMUVCQjY0OEY4NEVDNEY5QUUwMi9IOFRmMEEyc05LanJoR1BUbFJ3aW8wV0Rl
c2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0g4VGYwQTJzTktqcmhHUFRsUndpbzBXRGVzay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjQ3N0IvMUMyNTYyNzA3MjUwMTFFQkI2NDhGODRFQzRGOUFFMDIvMjJGNzJFMjg3
MjUzMTFFQkE5QzUxNzU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBARuMuADBANyjdgDBALKgdwDBAHKlyIDBAHKpTwwDQYJKoZI
hvcNAQELBQADggEBABl96da/L2PEFaVwpTLl2nwdUmBlHHeWRDw/7byZqhzibTXr
mN8yeoY5nVetfu+y0bhfdwa6Q4QLCEZv9PoAUXRpX5jJXfsCkIWkZrbFDT6VNZqI
QVYNJu9rWdF9U3CpiBiDLGaQIcTXweWw7HKdB7z/5fcbm7CO8wcsGS7LlasnE2+8
PDrR9nhTmLPPeZAwISY8R8Op7LnrZ28BEWCuv7ZgD4Du+LzovBoE2+3k8zeG8XI4
FdkiS8FpYGiHitBcx+QBMcOnLefJU8WvG3J04UgKlEnxqZXjtQWbQwYR15YX2PMB
P86CA4ITyvh98W+lkvzYqg+A6UJ4LTGafu7Uzac=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:46:46 2025 by rpki-client