Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B7BBC928FEA211EDB9013076C4F9AE02.roa
File: B7BBC928FEA211EDB9013076C4F9AE02.roa (raw, json)
Hash identifier: CUHN5je5YaJmqE74g1efmbNy7D5sqkfCrF2BIImEEKI=
Subject key identifier: D7:8F:0A:D8:A3:16:BE:4E:8E:9C:87:C1:70:EF:7D:E8:A6:60:5A:0B
Certificate issuer: /CN=A911D3F3/serialNumber=317C307FFC6ECB6CF656F26B8282FFB9E62F9365
Certificate serial: 05E4
Authority key identifier: 31:7C:30:7F:FC:6E:CB:6C:F6:56:F2:6B:82:82:FF:B9:E6:2F:93:65
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B7BBC928FEA211EDB9013076C4F9AE02.roa
Signing time: Wed 07 May 2025 04:53:20 +0000
ROA not before: Wed 07 May 2025 04:53:20 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 133480
IP address blocks: 43.245.160.0/24 maxlen: 24
43.245.161.0/24 maxlen: 24
43.245.162.0/24 maxlen: 24
43.245.163.0/24 maxlen: 24
45.125.125.0/24 maxlen: 24
103.76.164.0/24 maxlen: 24
103.76.165.0/24 maxlen: 24
103.77.232.0/24 maxlen: 24
103.77.233.0/24 maxlen: 24
103.77.234.0/24 maxlen: 24
103.77.235.0/24 maxlen: 24
103.108.92.0/22 maxlen: 24
103.192.173.0/24 maxlen: 24
103.194.4.0/24 maxlen: 24
103.231.88.0/24 maxlen: 24
103.231.89.0/24 maxlen: 24
103.231.90.0/24 maxlen: 24
103.231.91.0/24 maxlen: 24
116.206.228.0/24 maxlen: 24
116.206.229.0/24 maxlen: 24
116.206.230.0/24 maxlen: 24
116.206.231.0/24 maxlen: 24
203.209.209.0/24 maxlen: 24
203.209.212.0/24 maxlen: 24
203.209.217.0/24 maxlen: 24
203.209.219.0/24 maxlen: 24
2400:fa80:1::/48 maxlen: 48
2400:fa80:4::/48 maxlen: 48
2400:fa80:5::/48 maxlen: 48
2400:fa80:6::/48 maxlen: 48
2402:1b80:3002::/48 maxlen: 48
2407:a080::/32 maxlen: 32
2407:a080::/48 maxlen: 48
2407:a080:5000::/36 maxlen: 36
2407:a080:7000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.crl
rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Jun 2025 23:24:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1508 (0x5e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D3F3, serialNumber=317C307FFC6ECB6CF656F26B8282FFB9E62F9365
Validity
Not Before: May 7 04:53:20 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=681ae740-816f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e9:38:8a:3f:75:57:9d:9c:91:6f:49:74:3d:
58:dd:90:cf:a1:28:d1:40:91:42:17:bd:ea:fa:af:
5f:82:92:98:96:0b:9d:79:1a:bb:db:c4:b7:d7:dc:
e3:d4:98:95:31:8c:e8:c3:f5:0a:45:cb:bf:e2:01:
2b:49:e2:04:04:fb:0b:ce:16:25:a0:37:a5:5c:4b:
50:80:08:c6:da:ba:0d:c1:29:94:8f:79:34:67:ac:
5d:e5:ec:cb:61:f5:28:57:7d:7c:9a:be:36:83:4f:
0a:32:81:74:42:88:a2:85:be:84:24:d6:0d:08:fb:
2b:23:c2:a7:81:e7:a1:27:67:29:9b:61:60:0b:1f:
b0:e3:f5:4c:7a:1b:9e:c7:44:8a:63:35:96:84:84:
dc:f4:91:7a:c6:50:e2:af:c7:a7:53:a2:04:6f:61:
47:32:42:8c:11:7b:2f:5b:82:70:9f:19:6f:ad:97:
a2:3f:14:17:45:fd:b6:aa:df:5e:db:83:6b:72:6c:
ba:6d:c8:08:24:94:30:87:ca:54:04:bb:3c:94:c3:
44:e8:ca:da:d0:df:c5:45:50:39:fc:5d:f5:31:8a:
ec:55:53:e7:37:dc:1b:1a:c5:65:f6:40:ea:88:41:
04:5e:50:02:7f:83:dc:f3:11:07:41:0a:37:02:2f:
90:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:8F:0A:D8:A3:16:BE:4E:8E:9C:87:C1:70:EF:7D:E8:A6:60:5A:0B
X509v3 Authority Key Identifier:
keyid:31:7C:30:7F:FC:6E:CB:6C:F6:56:F2:6B:82:82:FF:B9:E6:2F:93:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B7BBC928FEA211EDB9013076C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.245.160.0/22
45.125.125.0/24
103.76.164.0/23
103.77.232.0/22
103.108.92.0/22
103.192.173.0/24
103.194.4.0/24
103.231.88.0/22
116.206.228.0/22
203.209.209.0/24
203.209.212.0/24
203.209.217.0/24
203.209.219.0/24
IPv6:
2400:fa80:1::/48
2400:fa80:4::-2400:fa80:6:ffff:ffff:ffff:ffff:ffff
2402:1b80:3002::/48
2407:a080::/32
Signature Algorithm: sha256WithRSAEncryption
09:8b:ba:2d:72:c2:13:aa:1e:81:d7:fd:fb:ad:7a:bc:88:09:
ca:8c:88:46:83:e6:e8:a5:7c:0a:31:83:6f:e4:82:25:82:14:
f2:73:ac:7e:80:9c:4b:2c:d2:40:18:d7:67:81:d5:23:50:57:
64:f9:f3:9d:25:f9:d1:3f:bc:4a:fe:a3:d8:80:6b:28:65:f7:
25:fb:1e:0a:b1:04:68:51:20:5a:f1:28:b0:38:82:68:64:72:
df:8d:b3:c4:85:25:b1:ed:3c:df:ee:a2:62:1e:9e:6a:df:7b:
7d:8d:f5:f2:db:d9:f0:7a:be:49:82:ab:84:62:76:8e:e6:69:
e0:38:4e:a5:77:10:7c:c9:1b:69:46:c1:d3:b4:6a:b7:ad:e2:
83:15:c4:d1:ba:14:e5:ea:1a:0a:01:d1:0f:12:ab:2b:86:57:
1a:ab:47:79:0a:2b:62:32:08:4f:f2:63:4e:26:d9:8b:92:5a:
6d:41:5b:67:2b:d7:7c:a0:97:7c:7d:7e:66:ed:16:0d:25:51:
32:46:9e:52:af:b2:5d:62:01:55:d4:78:b3:02:38:a5:a2:ae:
78:6e:19:4d:9c:83:c3:ef:1d:25:bc:8e:80:fa:15:97:22:47:
5b:dd:13:f9:fa:39:d8:9b:8a:4e:7a:c4:49:a7:b9:02:f3:3d:
47:58:dc:2c
-----BEGIN CERTIFICATE-----
MIIF8TCCBNmgAwIBAgICBeQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQzRjMxMTAvBgNVBAUTKDMxN0MzMDdGRkM2RUNCNkNGNjU2RjI2QjgyODJGRkI5
RTYyRjkzNjUwHhcNMjUwNTA3MDQ1MzIwWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODFhZTc0MC04MTZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0Ok4ij91V52ckW9JdD1Y3ZDPoSjRQJFCF73q+q9fgpKYlgudeRq728S319zj
1JiVMYzow/UKRcu/4gErSeIEBPsLzhYloDelXEtQgAjG2roNwSmUj3k0Z6xd5ezL
YfUoV318mr42g08KMoF0Qoiihb6EJNYNCPsrI8KngeehJ2cpm2FgCx+w4/VMehue
x0SKYzWWhITc9JF6xlDir8enU6IEb2FHMkKMEXsvW4JwnxlvrZeiPxQXRf22qt9e
24Nrcmy6bcgIJJQwh8pUBLs8lMNE6Mra0N/FRVA5/F31MYrsVVPnN9wbGsVl9kDq
iEEEXlACf4Pc8xEHQQo3Ai+QiwIDAQABo4IDFTCCAxEwHQYDVR0OBBYEFNePCtij
Fr5OjpyHwXDvfeimYFoLMB8GA1UdIwQYMBaAFDF8MH/8bsts9lbya4KC/7nmL5Nl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDNGMy9CMjU0NDgxQUNB
MzQxMUVCOEM5MEQ5NDFDNEY5QUUwMi9NWHd3Zl94dXkyejJWdkpyZ29MX3VlWXZr
MlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01Yd3dmX3h1eTJ6MlZ2SnJnb0xfdWVZdmsyVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQzRjMvQjI1NDQ4MUFDQTM0MTFFQjhDOTBEOTQxQzRGOUFFMDIvQjdCQkM5MjhG
RUEyMTFFREI5MDEzMDc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZ4GCCsGAQUFBwEHAQH/
BIGOMIGLMFQEAgABME4DBAIr9aADBAAtfX0DBAFnTKQDBAJnTegDBAJnbFwDBABn
wK0DBABnwgQDBAJn51gDBAJ0zuQDBADL0dEDBADL0dQDBADL0dkDBADL0dswMwQC
AAIwLQMHACQA+oAAATASAwcCJAD6gAAEAwcAJAD6gAAGAwcAJAIbgDACAwUAJAeg
gDANBgkqhkiG9w0BAQsFAAOCAQEACYu6LXLCE6oegdf9+616vIgJyoyIRoPm6KV8
CjGDb+SCJYIU8nOsfoCcSyzSQBjXZ4HVI1BXZPnznSX50T+8Sv6j2IBrKGX3Jfse
CrEEaFEgWvEosDiCaGRy342zxIUlse083+6iYh6eat97fY318tvZ8Hq+SYKrhGJ2
juZp4DhOpXcQfMkbaUbB07Rqt63igxXE0boU5eoaCgHRDxKrK4ZXGqtHeQorYjII
T/JjTibZi5JabUFbZyvXfKCXfH1+Zu0WDSVRMkaeUq+yXWIBVdR4swI4paKueG4Z
TZyDw+8dJbyOgPoVlyJHW90T+fo52JuKTnrESae5AvM9R1jcLA==
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:34:49 2025 by rpki-client