Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/7D22B44E249D11EFAC24EF6CC4F9AE02.roa
File: 7D22B44E249D11EFAC24EF6CC4F9AE02.roa (raw, json)
Hash identifier: A2YwzeZCV7lXuESZaxuoNr3XCXQA1+q4ChTmE99OOZ8=
Subject key identifier: 1E:B2:1B:22:F4:5C:C4:2E:22:55:F3:8B:DC:08:A4:8D:EF:51:D9:16
Certificate issuer: /CN=A91E28E2/serialNumber=B481987331E1ED408B51CB9FD8EF4A650AC8669A
Certificate serial: 01CE
Authority key identifier: B4:81:98:73:31:E1:ED:40:8B:51:CB:9F:D8:EF:4A:65:0A:C8:66:9A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tIGYczHh7UCLUcuf2O9KZQrIZpo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/7D22B44E249D11EFAC24EF6CC4F9AE02.roa
Signing time: Tue 15 Jul 2025 02:46:21 +0000
ROA not before: Tue 15 Jul 2025 02:46:21 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 45352
IP address blocks: 45.117.120.0/24 maxlen: 24
45.117.121.0/24 maxlen: 24
45.117.122.0/24 maxlen: 24
103.57.188.0/24 maxlen: 24
103.57.189.0/24 maxlen: 24
103.57.190.0/23 maxlen: 24
2403:1cc0::/48 maxlen: 48
2403:1cc0:1000::/48 maxlen: 48
2403:1cc0:1001::/48 maxlen: 48
2403:1cc0:1002::/48 maxlen: 48
2403:1cc0:1003::/48 maxlen: 48
2403:1cc0:1004::/48 maxlen: 48
2403:1cc0:1007::/48 maxlen: 48
2403:1cc0:1008::/48 maxlen: 48
2403:1cc0:1101::/48 maxlen: 48
2403:1cc0:1102::/48 maxlen: 48
2403:1cc0:1128::/48 maxlen: 48
2403:1cc0:1201::/48 maxlen: 48
2403:1cc0:1301::/48 maxlen: 48
2403:1cc0:1303::/48 maxlen: 48
2403:1cc0:2000::/48 maxlen: 48
2403:1cc0:2001::/48 maxlen: 48
2403:1cc0:2201::/48 maxlen: 48
2403:1cc0:2300::/48 maxlen: 48
2403:1cc0:3201::/48 maxlen: 48
2403:1cc0:3202::/48 maxlen: 48
2403:1cc0:5201::/48 maxlen: 48
2403:1cc0:6000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/tIGYczHh7UCLUcuf2O9KZQrIZpo.crl
rsync://rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/tIGYczHh7UCLUcuf2O9KZQrIZpo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tIGYczHh7UCLUcuf2O9KZQrIZpo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 01 Aug 2025 03:20:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 462 (0x1ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E28E2, serialNumber=B481987331E1ED408B51CB9FD8EF4A650AC8669A
Validity
Not Before: Jul 15 02:46:21 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=6875c0fd-c126
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:56:80:0b:08:51:66:5a:1c:c1:7e:e0:95:5b:
3c:a7:bb:f0:90:02:25:c4:d3:e6:c7:32:57:df:2d:
1e:e5:7e:b7:ed:52:96:98:48:ae:36:03:51:07:31:
c9:db:32:60:9f:ce:f5:b7:0d:39:32:a1:be:3e:ca:
3b:16:c1:79:54:25:10:6a:ed:d6:c6:c2:50:3b:e8:
1d:4b:27:98:e7:55:23:5f:ad:0e:a3:0b:cf:60:ef:
27:3b:11:29:65:ce:3a:60:c5:39:51:97:82:a4:1d:
04:0c:35:46:ae:5e:ee:1f:a0:bf:52:f9:27:a8:b6:
37:ab:ba:94:3a:77:3b:f2:ec:e0:97:41:9c:a1:a3:
7e:62:18:b2:34:da:ca:1a:be:2e:4c:b1:b9:9d:ef:
c9:a8:5f:64:11:8a:40:22:ae:b7:7d:89:36:02:04:
d4:09:05:59:04:35:75:eb:4f:6f:0f:be:a4:0d:0b:
97:e5:99:41:dc:f0:f1:c9:0a:f0:af:d9:ea:4e:75:
ba:2c:93:5d:08:7d:05:19:ce:37:1c:53:30:ef:b4:
88:cf:78:a5:58:e7:6f:28:49:ea:05:72:61:9f:63:
9b:ba:76:cc:03:45:ae:5f:bb:60:07:77:0d:99:a5:
c4:42:87:76:41:4d:c9:7f:41:56:41:4b:3d:e9:ab:
a3:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:B2:1B:22:F4:5C:C4:2E:22:55:F3:8B:DC:08:A4:8D:EF:51:D9:16
X509v3 Authority Key Identifier:
keyid:B4:81:98:73:31:E1:ED:40:8B:51:CB:9F:D8:EF:4A:65:0A:C8:66:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/tIGYczHh7UCLUcuf2O9KZQrIZpo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tIGYczHh7UCLUcuf2O9KZQrIZpo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/7D22B44E249D11EFAC24EF6CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.117.120.0-45.117.122.255
103.57.188.0/22
IPv6:
2403:1cc0::/48
2403:1cc0:1000::-2403:1cc0:1004:ffff:ffff:ffff:ffff:ffff
2403:1cc0:1007::-2403:1cc0:1008:ffff:ffff:ffff:ffff:ffff
2403:1cc0:1101::-2403:1cc0:1102:ffff:ffff:ffff:ffff:ffff
2403:1cc0:1128::/48
2403:1cc0:1201::/48
2403:1cc0:1301::/48
2403:1cc0:1303::/48
2403:1cc0:2000::/47
2403:1cc0:2201::/48
2403:1cc0:2300::/48
2403:1cc0:3201::-2403:1cc0:3202:ffff:ffff:ffff:ffff:ffff
2403:1cc0:5201::/48
2403:1cc0:6000::/48
Signature Algorithm: sha256WithRSAEncryption
65:81:19:e6:39:72:60:fe:e0:13:69:5d:6b:42:bf:1b:ae:8f:
63:47:aa:e8:05:62:ba:d1:2b:cd:06:ab:68:ac:71:54:e9:d3:
65:29:cb:57:b0:9e:13:64:20:5e:a1:0b:c8:54:aa:e3:fc:9c:
f5:a9:78:db:c6:68:71:ef:b3:ee:21:bf:ca:0c:a3:b0:7b:3c:
8a:8f:18:03:0a:95:6f:e9:95:05:0d:c1:13:fe:02:67:b8:e5:
d9:66:51:d1:49:f2:32:3e:7b:ca:28:79:cd:70:17:71:1e:a7:
04:64:ec:a0:93:74:d8:37:1d:d0:db:6c:af:13:d2:df:57:81:
16:30:8e:f9:44:e2:dd:b9:60:b0:e0:71:0c:04:ab:a3:f2:bb:
bc:b3:56:81:ed:0e:9b:86:2b:77:27:fc:c0:5a:5a:60:0f:78:
12:bd:c4:47:32:43:7e:bf:a1:d0:4a:e2:38:79:bc:f9:d3:77:
10:6f:7e:1e:67:c9:74:5d:21:3f:a2:c9:12:53:a3:91:e6:39:
2f:e1:29:4e:c4:b1:a2:f4:16:84:a6:27:3a:48:23:41:27:e7:
64:33:85:43:13:69:5d:3e:74:f7:79:3f:7c:94:75:38:e2:30:
73:f3:f0:42:4b:ac:c5:ea:a9:7b:c4:e3:29:91:82:26:b3:2b:
01:b3:7a:f4
-----BEGIN CERTIFICATE-----
MIIGNTCCBR2gAwIBAgICAc4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTI4RTIxMTAvBgNVBAUTKEI0ODE5ODczMzFFMUVENDA4QjUxQ0I5RkQ4RUY0QTY1
MEFDODY2OUEwHhcNMjUwNzE1MDI0NjIxWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODc1YzBmZC1jMTI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5laACwhRZlocwX7glVs8p7vwkAIlxNPmxzJX3y0e5X637VKWmEiuNgNRBzHJ
2zJgn871tw05MqG+Pso7FsF5VCUQau3WxsJQO+gdSyeY51UjX60OowvPYO8nOxEp
Zc46YMU5UZeCpB0EDDVGrl7uH6C/UvknqLY3q7qUOnc78uzgl0GcoaN+YhiyNNrK
Gr4uTLG5ne/JqF9kEYpAIq63fYk2AgTUCQVZBDV1609vD76kDQuX5ZlB3PDxyQrw
r9nqTnW6LJNdCH0FGc43HFMw77SIz3ilWOdvKEnqBXJhn2ObunbMA0WuX7tgB3cN
maXEQod2QU3Jf0FWQUs96aujNQIDAQABo4IDWTCCA1UwHQYDVR0OBBYEFB6yGyL0
XMQuIlXzi9wIpI3vUdkWMB8GA1UdIwQYMBaAFLSBmHMx4e1Ai1HLn9jvSmUKyGaa
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjhFMi85NTJGQTYzMkQy
RTYxMUVEOUE1MkQ1NUFDNEY5QUUwMi90SUdZY3pIaDdVQ0xVY3VmMk85S1pRckla
cG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RJR1ljekhoN1VDTFVjdWYyTzlLWlFySVpwby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTI4RTIvOTUyRkE2MzJEMkU2MTFFRDlBNTJENTVBQzRGOUFFMDIvN0QyMkI0NEUy
NDlEMTFFRkFDMjRFRjZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgeIGCCsGAQUFBwEHAQH/
BIHSMIHPMBoEAgABMBQwDAMEAy11eAMEAC11egMEAmc5vDCBsAQCAAIwgakDBwAk
AxzAAAAwEQMGBCQDHMAQAwcAJAMcwBAEMBIDBwAkAxzAEAcDBwAkAxzAEAgwEgMH
ACQDHMARAQMHACQDHMARAgMHACQDHMARKAMHACQDHMASAQMHACQDHMATAQMHACQD
HMATAwMHASQDHMAgAAMHACQDHMAiAQMHACQDHMAjADASAwcAJAMcwDIBAwcAJAMc
wDICAwcAJAMcwFIBAwcAJAMcwGAAMA0GCSqGSIb3DQEBCwUAA4IBAQBlgRnmOXJg
/uATaV1rQr8bro9jR6roBWK60SvNBqtorHFU6dNlKctXsJ4TZCBeoQvIVKrj/Jz1
qXjbxmhx77PuIb/KDKOwezyKjxgDCpVv6ZUFDcET/gJnuOXZZlHRSfIyPnvKKHnN
cBdxHqcEZOygk3TYNx3Q22yvE9LfV4EWMI75ROLduWCw4HEMBKuj8ru8s1aB7Q6b
hit3J/zAWlpgD3gSvcRHMkN+v6HQSuI4ebz503cQb34eZ8l0XSE/oskSU6OR5jkv
4SlOxLGi9BaEpic6SCNBJ+dkM4VDE2ldPnT3eT98lHU44jBz8/BCS6zF6ql7xOMp
kYImsysBs3r0
-----END CERTIFICATE-----
Generated at Fri Jul 25 13:30:22 2025 by rpki-client