Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/E69AF38AB11C11EAACC28D2EC4F9AE02.roa
File: E69AF38AB11C11EAACC28D2EC4F9AE02.roa (raw, json)
Hash identifier: vmjmVmXjdkD0vxVvLQigcrFyWXDcETievw8r2QIVv8s=
Subject key identifier: CB:E1:54:47:26:72:4B:8E:3A:27:CD:DA:EE:0A:33:CC:D0:5A:3D:85
Certificate issuer: /CN=A91E7BC4/serialNumber=DDA7F8A74A0A74CFF6EB630428B6C9D70D57BD76
Certificate serial: 0D66
Authority key identifier: DD:A7:F8:A7:4A:0A:74:CF:F6:EB:63:04:28:B6:C9:D7:0D:57:BD:76
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/E69AF38AB11C11EAACC28D2EC4F9AE02.roa
Signing time: Wed 22 Jan 2025 18:26:25 +0000
ROA not before: Wed 22 Jan 2025 18:26:25 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 19905
IP address blocks: 203.121.14.0/24 maxlen: 24
203.121.19.0/24 maxlen: 24
203.121.24.0/24 maxlen: 24
203.121.27.0/24 maxlen: 24
203.121.30.0/24 maxlen: 24
203.121.44.0/24 maxlen: 24
203.121.69.0/24 maxlen: 24
203.121.70.0/24 maxlen: 24
203.121.73.0/24 maxlen: 24
203.121.81.0/24 maxlen: 24
203.121.91.0/24 maxlen: 24
203.121.98.0/24 maxlen: 24
203.121.113.0/24 maxlen: 24
203.121.117.0/24 maxlen: 24
210.19.5.0/24 maxlen: 24
210.19.13.0/24 maxlen: 24
210.19.16.0/24 maxlen: 24
210.19.19.0/24 maxlen: 24
210.19.32.0/24 maxlen: 24
210.19.41.0/24 maxlen: 24
210.19.49.0/24 maxlen: 24
210.19.52.0/24 maxlen: 24
210.19.53.0/24 maxlen: 24
210.19.55.0/24 maxlen: 24
210.19.77.0/24 maxlen: 24
210.19.90.0/24 maxlen: 24
210.19.102.0/24 maxlen: 24
210.19.103.0/24 maxlen: 24
210.19.105.0/24 maxlen: 24
210.19.119.0/24 maxlen: 24
210.19.131.0/24 maxlen: 24
210.19.137.0/24 maxlen: 24
210.19.162.0/24 maxlen: 24
210.19.163.0/24 maxlen: 24
210.19.164.0/24 maxlen: 24
210.19.165.0/24 maxlen: 24
210.19.171.0/24 maxlen: 24
210.19.172.0/24 maxlen: 24
210.19.173.0/24 maxlen: 24
210.19.174.0/24 maxlen: 24
210.19.179.0/24 maxlen: 24
210.19.183.0/24 maxlen: 24
210.19.184.0/24 maxlen: 24
210.19.189.0/24 maxlen: 24
210.19.190.0/24 maxlen: 24
210.19.214.0/24 maxlen: 24
210.19.216.0/24 maxlen: 24
210.19.218.0/24 maxlen: 24
210.19.222.0/24 maxlen: 24
210.19.235.0/24 maxlen: 24
210.19.243.0/24 maxlen: 24
210.19.244.0/24 maxlen: 24
210.19.249.0/24 maxlen: 24
211.24.0.0/24 maxlen: 24
211.24.1.0/24 maxlen: 24
211.24.16.0/24 maxlen: 24
211.24.18.0/24 maxlen: 24
211.24.19.0/24 maxlen: 24
211.24.22.0/24 maxlen: 24
211.24.25.0/24 maxlen: 24
211.24.26.0/24 maxlen: 24
211.24.31.0/24 maxlen: 24
211.24.203.0/24 maxlen: 24
211.24.216.0/24 maxlen: 24
211.24.219.0/24 maxlen: 24
211.24.223.0/24 maxlen: 24
211.24.228.0/24 maxlen: 24
211.24.235.0/24 maxlen: 24
211.24.241.0/24 maxlen: 24
211.24.246.0/24 maxlen: 24
211.24.251.0/24 maxlen: 24
211.24.252.0/24 maxlen: 24
211.24.255.0/24 maxlen: 24
211.25.29.0/24 maxlen: 24
211.25.44.0/24 maxlen: 24
211.25.53.0/24 maxlen: 24
211.25.61.0/24 maxlen: 24
211.25.77.0/24 maxlen: 24
211.25.80.0/24 maxlen: 24
211.25.82.0/24 maxlen: 24
211.25.84.0/24 maxlen: 24
211.25.90.0/24 maxlen: 24
211.25.91.0/24 maxlen: 24
211.25.93.0/24 maxlen: 24
211.25.113.0/24 maxlen: 24
211.25.115.0/24 maxlen: 24
211.25.116.0/24 maxlen: 24
211.25.117.0/24 maxlen: 24
211.25.133.0/24 maxlen: 24
211.25.139.0/24 maxlen: 24
211.25.141.0/24 maxlen: 24
211.25.150.0/24 maxlen: 24
211.25.153.0/24 maxlen: 24
211.25.178.0/24 maxlen: 24
211.25.183.0/24 maxlen: 24
211.25.187.0/24 maxlen: 24
211.25.188.0/24 maxlen: 24
211.25.190.0/24 maxlen: 24
211.25.203.0/24 maxlen: 24
211.25.209.0/24 maxlen: 24
211.25.222.0/24 maxlen: 24
211.25.223.0/24 maxlen: 24
211.25.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.crl
rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 18:09:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3430 (0xd66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E7BC4
Validity
Not Before: Jan 22 18:26:25 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67913851-46a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:bf:98:a4:91:11:4f:50:f8:57:bb:9c:2c:03:
a8:b8:9e:9d:42:a8:da:cf:62:51:83:6b:56:05:62:
db:a1:ef:8d:4b:32:eb:cf:c6:42:a7:83:2b:22:75:
81:99:02:72:88:0e:8c:97:5f:fc:f3:5a:7b:30:67:
4a:0a:8e:43:4d:4c:d2:cf:42:20:b2:5c:50:53:eb:
88:53:c6:3d:b7:16:e9:27:0d:7b:cd:47:38:e9:a1:
59:d3:27:b7:2b:20:0f:aa:0b:dd:1e:cd:8b:ae:28:
60:dc:54:55:d1:b9:9f:18:00:9e:06:68:5a:0c:e0:
9c:89:c7:cf:5a:16:f4:8b:1f:5d:39:b0:43:6a:32:
b6:e2:eb:7a:de:c8:e4:11:bd:06:f4:3f:44:5c:40:
9c:6f:a9:de:1d:29:18:f7:d9:a0:b3:bd:77:1b:fa:
ea:d7:97:c3:1b:39:17:9d:ea:84:49:e0:3b:33:bb:
55:93:a4:ca:30:60:8c:7b:56:a4:24:99:9a:71:b0:
9b:c2:65:f8:a8:2f:ae:7c:c8:3a:5c:3c:63:69:48:
25:b0:07:eb:f6:c1:95:30:b8:b8:6a:00:5f:64:a0:
37:09:b6:ff:91:e8:13:b3:a2:0f:b3:46:a3:cb:17:
7d:21:e2:8c:65:bd:bb:e5:22:ca:e8:8a:6e:34:3b:
88:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:E1:54:47:26:72:4B:8E:3A:27:CD:DA:EE:0A:33:CC:D0:5A:3D:85
X509v3 Authority Key Identifier:
keyid:DD:A7:F8:A7:4A:0A:74:CF:F6:EB:63:04:28:B6:C9:D7:0D:57:BD:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/E69AF38AB11C11EAACC28D2EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.121.14.0/24
203.121.19.0/24
203.121.24.0/24
203.121.27.0/24
203.121.30.0/24
203.121.44.0/24
203.121.69.0-203.121.70.255
203.121.73.0/24
203.121.81.0/24
203.121.91.0/24
203.121.98.0/24
203.121.113.0/24
203.121.117.0/24
210.19.5.0/24
210.19.13.0/24
210.19.16.0/24
210.19.19.0/24
210.19.32.0/24
210.19.41.0/24
210.19.49.0/24
210.19.52.0/23
210.19.55.0/24
210.19.77.0/24
210.19.90.0/24
210.19.102.0/23
210.19.105.0/24
210.19.119.0/24
210.19.131.0/24
210.19.137.0/24
210.19.162.0-210.19.165.255
210.19.171.0-210.19.174.255
210.19.179.0/24
210.19.183.0-210.19.184.255
210.19.189.0-210.19.190.255
210.19.214.0/24
210.19.216.0/24
210.19.218.0/24
210.19.222.0/24
210.19.235.0/24
210.19.243.0-210.19.244.255
210.19.249.0/24
211.24.0.0/23
211.24.16.0/24
211.24.18.0/23
211.24.22.0/24
211.24.25.0-211.24.26.255
211.24.31.0/24
211.24.203.0/24
211.24.216.0/24
211.24.219.0/24
211.24.223.0/24
211.24.228.0/24
211.24.235.0/24
211.24.241.0/24
211.24.246.0/24
211.24.251.0-211.24.252.255
211.24.255.0/24
211.25.29.0/24
211.25.44.0/24
211.25.53.0/24
211.25.61.0/24
211.25.77.0/24
211.25.80.0/24
211.25.82.0/24
211.25.84.0/24
211.25.90.0/23
211.25.93.0/24
211.25.113.0/24
211.25.115.0-211.25.117.255
211.25.133.0/24
211.25.139.0/24
211.25.141.0/24
211.25.150.0/24
211.25.153.0/24
211.25.178.0/24
211.25.183.0/24
211.25.187.0-211.25.188.255
211.25.190.0/24
211.25.203.0/24
211.25.209.0/24
211.25.222.0/23
211.25.232.0/24
Signature Algorithm: sha256WithRSAEncryption
46:b2:fa:4f:2d:93:10:39:fb:af:d3:5e:35:88:57:b6:10:6a:
08:8b:d9:a8:8e:0b:f4:cc:18:91:b0:3e:56:aa:e2:b5:3d:9f:
c4:41:1e:89:8f:da:48:e1:51:17:68:11:46:65:d0:aa:e2:63:
50:6d:a2:7d:49:33:cc:fa:f4:fd:ee:8f:57:d1:a3:83:2b:c8:
34:81:7c:e6:ad:8c:ca:0c:e8:3b:2c:15:a0:f1:89:f6:ff:41:
df:b6:78:bf:4b:b4:72:37:24:f9:bd:2a:25:a0:13:9b:83:41:
33:76:66:51:33:f7:39:e4:58:2a:cc:5a:f5:02:e7:3c:ab:c6:
b7:1f:3d:dc:48:6a:1d:bf:4e:a3:21:4f:0f:2a:de:2b:e6:56:
7b:74:28:89:2a:0f:21:6e:4b:b6:3d:e6:f8:9e:10:e0:7c:61:
47:26:c7:98:e3:1d:d9:c7:2d:94:bb:d5:16:c0:9a:fc:2c:ee:
f1:72:27:2e:29:59:9e:07:36:96:65:0b:2a:30:04:97:35:bd:
d0:7c:14:63:16:03:a2:fc:65:20:a4:48:ce:2d:7d:39:a1:92:
35:8b:33:74:c4:5a:bb:a9:00:43:a6:34:85:d3:e9:45:c6:27:
5f:c1:ee:e6:24:e3:2b:ab:56:01:c9:d8:3d:d3:b8:73:9e:66:
53:53:83:13
-----BEGIN CERTIFICATE-----
MIIHsTCCBpmgAwIBAgICDWYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTdCQzQxMTAvBgNVBAUTKEREQTdGOEE3NEEwQTc0Q0ZGNkVCNjMwNDI4QjZDOUQ3
MEQ1N0JENzYwHhcNMjUwMTIyMTgyNjI1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkxMzg1MS00NmE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqr+YpJERT1D4V7ucLAOouJ6dQqjaz2JRg2tWBWLboe+NSzLrz8ZCp4MrInWB
mQJyiA6Ml1/881p7MGdKCo5DTUzSz0IgslxQU+uIU8Y9txbpJw17zUc46aFZ0ye3
KyAPqgvdHs2Lrihg3FRV0bmfGACeBmhaDOCcicfPWhb0ix9dObBDajK24ut63sjk
Eb0G9D9EXECcb6neHSkY99mgs713G/rq15fDGzkXneqESeA7M7tVk6TKMGCMe1ak
JJmacbCbwmX4qC+ufMg6XDxjaUglsAfr9sGVMLi4agBfZKA3Cbb/kegTs6IPs0aj
yxd9IeKMZb275SLK6IpuNDuI4wIDAQABo4IE1TCCBNEwHQYDVR0OBBYEFMvhVEcm
ckuOOifN2u4KM8zQWj2FMB8GA1UdIwQYMBaAFN2n+KdKCnTP9utjBCi2ydcNV712
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0JDNC8yRDFBNTk1QUQ1
MEQxMUU5QkFENkMyMjZDNEY5QUUwMi8zYWY0cDBvS2RNXzI2Mk1FS0xiSjF3MVh2
WFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNhZjRwMG9LZE1fMjYyTUVLTGJKMXcxWHZYWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTdCQzQvMkQxQTU5NUFENTBEMTFFOUJBRDZDMjI2QzRGOUFFMDIvRTY5QUYzOEFC
MTFDMTFFQUFDQzI4RDJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggJdBggrBgEFBQcBBwEB
/wSCAkwwggJIMIICRAQCAAEwggI8AwQAy3kOAwQAy3kTAwQAy3kYAwQAy3kbAwQA
y3keAwQAy3ksMAwDBADLeUUDBADLeUYDBADLeUkDBADLeVEDBADLeVsDBADLeWID
BADLeXEDBADLeXUDBADSEwUDBADSEw0DBADSExADBADSExMDBADSEyADBADSEykD
BADSEzEDBAHSEzQDBADSEzcDBADSE00DBADSE1oDBAHSE2YDBADSE2kDBADSE3cD
BADSE4MDBADSE4kwDAMEAdITogMEAdITpDAMAwQA0hOrAwQA0hOuAwQA0hOzMAwD
BADSE7cDBADSE7gwDAMEANITvQMEANITvgMEANIT1gMEANIT2AMEANIT2gMEANIT
3gMEANIT6zAMAwQA0hPzAwQA0hP0AwQA0hP5AwQB0xgAAwQA0xgQAwQB0xgSAwQA
0xgWMAwDBADTGBkDBADTGBoDBADTGB8DBADTGMsDBADTGNgDBADTGNsDBADTGN8D
BADTGOQDBADTGOsDBADTGPEDBADTGPYwDAMEANMY+wMEANMY/AMEANMY/wMEANMZ
HQMEANMZLAMEANMZNQMEANMZPQMEANMZTQMEANMZUAMEANMZUgMEANMZVAMEAdMZ
WgMEANMZXQMEANMZcTAMAwQA0xlzAwQB0xl0AwQA0xmFAwQA0xmLAwQA0xmNAwQA
0xmWAwQA0xmZAwQA0xmyAwQA0xm3MAwDBADTGbsDBADTGbwDBADTGb4DBADTGcsD
BADTGdEDBAHTGd4DBADTGegwDQYJKoZIhvcNAQELBQADggEBAEay+k8tkxA5+6/T
XjWIV7YQagiL2aiOC/TMGJGwPlaq4rU9n8RBHomP2kjhURdoEUZl0KriY1Bton1J
M8z69P3uj1fRo4MryDSBfOatjMoM6DssFaDxifb/Qd+2eL9LtHI3JPm9KiWgE5uD
QTN2ZlEz9znkWCrMWvUC5zyrxrcfPdxIah2/TqMhTw8q3ivmVnt0KIkqDyFuS7Y9
5vieEOB8YUcmx5jjHdnHLZS71RbAmvws7vFyJy4pWZ4HNpZlCyowBJc1vdB8FGMW
A6L8ZSCkSM4tfTmhkjWLM3TEWrupAEOmNIXT6UXGJ1/B7uYk4yurVgHJ2D3TuHOe
ZlNTgxM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:50:41 2025 by rpki-client