Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9115F15/FFED27943A9311EBABDE232FC4F9AE02/56D3C71687AB11F095613811C4F9AE02.roa
File: 56D3C71687AB11F095613811C4F9AE02.roa (raw, json)
Hash identifier: aD2CLMizmkDNhBVFcvaNkcRkyod1i+1AjvAvs5tf+7Q=
Subject key identifier: 55:99:45:0E:2A:2A:D4:8A:F3:A4:96:ED:A1:FA:12:EF:62:27:BD:C6
Certificate issuer: /CN=A9115F15/serialNumber=AB535E132884BCA345F7AF6913AB0A397765E7A9
Certificate serial: 076A
Authority key identifier: AB:53:5E:13:28:84:BC:A3:45:F7:AF:69:13:AB:0A:39:77:65:E7:A9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q1NeEyiEvKNF969pE6sKOXdl56k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9115F15/FFED27943A9311EBABDE232FC4F9AE02/56D3C71687AB11F095613811C4F9AE02.roa
Signing time: Tue 02 Sep 2025 03:17:21 +0000
ROA not before: Tue 02 Sep 2025 03:17:21 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 18200
IP address blocks: 43.224.192.0/22 maxlen: 22
43.224.195.0/24 maxlen: 24
61.5.208.0/20 maxlen: 20
61.5.208.0/24 maxlen: 24
101.101.0.0/18 maxlen: 18
103.43.156.0/22 maxlen: 22
114.69.192.0/19 maxlen: 19
114.69.192.0/22 maxlen: 22
114.69.200.0/22 maxlen: 22
114.69.204.0/24 maxlen: 24
114.69.208.0/21 maxlen: 21
114.69.216.0/22 maxlen: 22
180.214.96.0/19 maxlen: 19
180.214.96.0/22 maxlen: 22
202.87.128.0/19 maxlen: 19
202.87.129.0/24 maxlen: 24
202.87.135.0/24 maxlen: 24
202.87.138.0/24 maxlen: 24
202.87.140.0/22 maxlen: 22
202.87.144.0/22 maxlen: 22
202.87.151.0/24 maxlen: 24
202.87.156.0/24 maxlen: 24
2404:2200::/32 maxlen: 32
2404:2200:10::/48 maxlen: 48
2404:2200:17::/48 maxlen: 48
2404:2200:22::/48 maxlen: 48
2404:2200:24::/46 maxlen: 46
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9115F15/FFED27943A9311EBABDE232FC4F9AE02/q1NeEyiEvKNF969pE6sKOXdl56k.crl
rsync://rpki.apnic.net/member_repository/A9115F15/FFED27943A9311EBABDE232FC4F9AE02/q1NeEyiEvKNF969pE6sKOXdl56k.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q1NeEyiEvKNF969pE6sKOXdl56k.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 17 Sep 2025 21:52:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1898 (0x76a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9115F15, serialNumber=AB535E132884BCA345F7AF6913AB0A397765E7A9
Validity
Not Before: Sep 2 03:17:21 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=68b661c1-00db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0a:89:1d:d4:4d:e4:09:6c:83:c5:1a:e3:9a:
f2:f9:fd:be:58:8c:5b:3c:24:d9:9d:ac:e0:57:c5:
8b:23:51:7c:08:36:98:a9:45:de:2c:43:f4:85:e3:
34:f6:36:f4:5b:1a:a1:a3:08:94:1f:2e:a1:07:58:
72:fc:1b:82:65:0b:b1:08:04:27:b6:f7:0e:bf:35:
a5:8c:c1:c6:45:fa:91:47:f0:00:18:cc:2b:1a:c9:
fe:22:b2:4d:02:21:59:e7:f3:71:9c:ee:22:ef:bb:
65:e6:15:74:3e:a3:66:6a:6b:f2:f3:21:b1:e7:36:
37:1d:b2:e6:0d:96:1b:e6:c3:5a:43:66:b7:d8:7a:
3e:60:8c:7d:ab:35:5b:d8:c6:0f:fc:0b:93:c2:37:
b0:ad:6e:28:bf:79:e6:f1:94:28:a8:c0:51:06:73:
2e:3f:21:de:27:dd:71:ee:d7:35:a8:8f:78:47:c4:
56:42:d0:f4:e1:5a:2d:16:1e:45:e4:9d:5d:f6:21:
62:f1:d2:01:a5:72:f2:47:ec:dd:57:22:df:68:c7:
12:a3:5e:4c:cf:9f:03:f3:6d:26:97:17:e3:9e:81:
ea:30:de:0e:86:dd:72:a7:28:43:51:d6:25:02:ef:
3f:95:f8:3a:e0:05:10:c9:8d:4c:23:ca:43:8f:aa:
c6:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:99:45:0E:2A:2A:D4:8A:F3:A4:96:ED:A1:FA:12:EF:62:27:BD:C6
X509v3 Authority Key Identifier:
keyid:AB:53:5E:13:28:84:BC:A3:45:F7:AF:69:13:AB:0A:39:77:65:E7:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9115F15/FFED27943A9311EBABDE232FC4F9AE02/q1NeEyiEvKNF969pE6sKOXdl56k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q1NeEyiEvKNF969pE6sKOXdl56k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9115F15/FFED27943A9311EBABDE232FC4F9AE02/56D3C71687AB11F095613811C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.224.192.0/22
61.5.208.0/20
101.101.0.0/18
103.43.156.0/22
114.69.192.0/19
180.214.96.0/19
202.87.128.0/19
IPv6:
2404:2200::/32
Signature Algorithm: sha256WithRSAEncryption
8a:9c:df:04:3f:45:a5:44:40:2d:16:07:4d:e9:d1:ad:32:c4:
92:9c:06:a9:47:e9:90:5a:ae:02:e8:a7:02:60:a8:11:b9:21:
5f:ee:c9:18:3b:cf:ef:b4:1d:62:60:27:cd:3d:9e:53:e5:98:
f4:9a:e5:02:d6:ba:3f:73:68:f6:a1:e0:07:c7:26:c8:2f:9f:
d6:0e:6d:b6:35:be:d6:ad:89:a6:34:d7:dd:7c:fa:44:3d:8c:
fe:c3:c4:c4:08:ef:28:0e:49:80:b8:df:2b:62:ab:b0:79:6c:
d4:d4:fd:da:61:2b:ed:1a:f0:52:a5:59:ba:55:b2:80:0c:25:
ec:87:f1:31:cd:07:da:98:78:d7:17:82:0f:34:9f:72:2f:b0:
8e:b6:61:d3:77:3b:6e:54:d6:c5:c7:c1:49:0b:93:00:a9:0d:
d9:0a:fc:5a:f5:d5:be:02:48:11:e3:da:b4:2b:7b:57:f3:95:
20:f9:cb:7a:49:38:ae:49:be:72:ae:ae:53:32:eb:b7:bf:52:
83:17:cd:78:44:5c:6e:df:76:9b:03:c9:b1:2b:ce:aa:d8:6b:
fb:4d:6e:e4:d1:cc:52:0f:6c:8e:5e:39:44:d7:19:0e:98:bd:
d9:1e:b3:42:cc:f5:05:f5:e9:df:23:cd:18:20:bc:cf:df:74:
61:62:f7:79
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgICB2owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTVGMTUxMTAvBgNVBAUTKEFCNTM1RTEzMjg4NEJDQTM0NUY3QUY2OTEzQUIwQTM5
Nzc2NUU3QTkwHhcNMjUwOTAyMDMxNzIxWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGI2NjFjMS0wMGRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqgqJHdRN5Alsg8Ua45ry+f2+WIxbPCTZnazgV8WLI1F8CDaYqUXeLEP0heM0
9jb0WxqhowiUHy6hB1hy/BuCZQuxCAQntvcOvzWljMHGRfqRR/AAGMwrGsn+IrJN
AiFZ5/NxnO4i77tl5hV0PqNmamvy8yGx5zY3HbLmDZYb5sNaQ2a32Ho+YIx9qzVb
2MYP/AuTwjewrW4ov3nm8ZQoqMBRBnMuPyHeJ91x7tc1qI94R8RWQtD04VotFh5F
5J1d9iFi8dIBpXLyR+zdVyLfaMcSo15Mz58D820mlxfjnoHqMN4Oht1ypyhDUdYl
Au8/lfg64AUQyY1MI8pDj6rGNQIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFFWZRQ4q
KtSK86SW7aH6Eu9iJ73GMB8GA1UdIwQYMBaAFKtTXhMohLyjRfevaROrCjl3Zeep
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNUYxNS9GRkVEMjc5NDNB
OTMxMUVCQUJERTIzMkZDNEY5QUUwMi9xMU5lRXlpRXZLTkY5NjlwRTZzS09YZGw1
NmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ExTmVFeWlFdktORjk2OXBFNnNLT1hkbDU2ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTVGMTUvRkZFRDI3OTQzQTkzMTFFQkFCREUyMzJGQzRGOUFFMDIvNTZEM0M3MTY4
N0FCMTFGMDk1NjEzODExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E
QzBBMDAEAgABMCoDBAIr4MADBAQ9BdADBAZlZQADBAJnK5wDBAVyRcADBAW01mAD
BAXKV4AwDQQCAAIwBwMFACQEIgAwDQYJKoZIhvcNAQELBQADggEBAIqc3wQ/RaVE
QC0WB03p0a0yxJKcBqlH6ZBargLopwJgqBG5IV/uyRg7z++0HWJgJ809nlPlmPSa
5QLWuj9zaPah4AfHJsgvn9YObbY1vtatiaY01918+kQ9jP7DxMQI7ygOSYC43yti
q7B5bNTU/dphK+0a8FKlWbpVsoAMJeyH8THNB9qYeNcXgg80n3IvsI62YdN3O25U
1sXHwUkLkwCpDdkK/Fr11b4CSBHj2rQre1fzlSD5y3pJOK5JvnKurlMy67e/UoMX
zXhEXG7fdpsDybErzqrYa/tNbuTRzFIPbI5eOUTXGQ6Yvdkes0LM9QX16d8jzRgg
vM/fdGFi93k=
-----END CERTIFICATE-----
Generated at Fri Sep 12 09:07:05 2025 by rpki-client