Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9123072/0CEA495C0B5C11EB99A17562C4F9AE02/52B84266B3C411F0A952B10CC4F9AE02.roa
File: 52B84266B3C411F0A952B10CC4F9AE02.roa (raw, json)
Hash identifier: +h6xoSjaSieb5+QzRvElQx3KoFeScEm/KsqPu0uGEQY=
Subject key identifier: 4C:35:98:CE:6B:30:9A:F0:EB:ED:4E:73:12:34:7B:E2:3C:29:83:14
Certificate issuer: /CN=A9123072/serialNumber=E3BCBA88BEDC2A768A9865F416D68A7C3033F469
Certificate serial: 0802
Authority key identifier: E3:BC:BA:88:BE:DC:2A:76:8A:98:65:F4:16:D6:8A:7C:30:33:F4:69
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/47y6iL7cKnaKmGX0FtaKfDAz9Gk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9123072/0CEA495C0B5C11EB99A17562C4F9AE02/52B84266B3C411F0A952B10CC4F9AE02.roa
Signing time: Tue 28 Oct 2025 06:07:03 +0000
ROA not before: Tue 28 Oct 2025 06:07:03 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 55720
IP address blocks: 45.116.164.0/24 maxlen: 24
45.116.165.0/24 maxlen: 24
45.116.166.0/24 maxlen: 24
45.116.167.0/24 maxlen: 24
59.153.148.0/24 maxlen: 24
59.153.149.0/24 maxlen: 24
59.153.150.0/24 maxlen: 24
59.153.151.0/24 maxlen: 24
61.4.112.0/24 maxlen: 24
61.4.113.0/24 maxlen: 24
61.4.114.0/24 maxlen: 24
61.4.115.0/24 maxlen: 24
61.4.116.0/24 maxlen: 24
61.4.117.0/24 maxlen: 24
61.4.118.0/24 maxlen: 24
61.4.119.0/24 maxlen: 24
61.4.120.0/24 maxlen: 24
61.4.121.0/24 maxlen: 24
61.4.122.0/24 maxlen: 24
61.4.123.0/24 maxlen: 24
61.4.124.0/24 maxlen: 24
61.4.125.0/24 maxlen: 24
61.4.126.0/24 maxlen: 24
61.4.127.0/24 maxlen: 24
103.229.64.0/24 maxlen: 24
103.229.65.0/24 maxlen: 24
103.229.66.0/24 maxlen: 24
103.229.67.0/24 maxlen: 24
103.229.224.0/24 maxlen: 24
103.229.225.0/24 maxlen: 24
103.230.144.0/24 maxlen: 24
103.230.145.0/24 maxlen: 24
103.230.146.0/24 maxlen: 24
103.230.147.0/24 maxlen: 24
103.232.136.0/24 maxlen: 24
103.232.137.0/24 maxlen: 24
103.232.138.0/24 maxlen: 24
103.232.139.0/24 maxlen: 24
114.29.252.0/24 maxlen: 24
114.29.253.0/24 maxlen: 24
114.29.254.0/24 maxlen: 24
114.29.255.0/24 maxlen: 24
185.189.160.0/24 maxlen: 24
185.189.161.0/24 maxlen: 24
185.189.162.0/24 maxlen: 24
185.189.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9123072/0CEA495C0B5C11EB99A17562C4F9AE02/47y6iL7cKnaKmGX0FtaKfDAz9Gk.crl
rsync://rpki.apnic.net/member_repository/A9123072/0CEA495C0B5C11EB99A17562C4F9AE02/47y6iL7cKnaKmGX0FtaKfDAz9Gk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/47y6iL7cKnaKmGX0FtaKfDAz9Gk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 11 Nov 2025 21:13:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2050 (0x802)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9123072, serialNumber=E3BCBA88BEDC2A768A9865F416D68A7C3033F469
Validity
Not Before: Oct 28 06:07:03 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=69005d87-9cb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:28:4a:ed:f9:c1:c7:19:41:af:c8:a8:9f:ae:
6c:d5:f7:d6:3a:02:31:07:bd:20:47:b0:af:08:fe:
6a:05:55:0b:b1:f7:b5:f3:32:1a:cc:46:29:f4:27:
3d:ec:14:a7:bc:3b:b8:f7:09:00:d2:8c:f1:d6:86:
9a:2a:0b:ec:07:31:e5:7b:d4:5d:e6:bf:5b:30:0c:
da:74:b5:cb:b7:12:36:22:0d:e5:33:5c:06:c2:7f:
cb:2f:f0:98:b3:ab:a6:8a:e3:a4:7d:b6:c7:4f:00:
37:b5:e6:83:d4:c0:c1:9c:ef:67:d7:94:22:e0:d2:
e0:f4:a4:42:12:6d:79:4a:ef:10:9c:a9:2e:66:82:
bc:39:b8:04:98:ab:e1:00:70:ee:f1:8c:57:9c:57:
4e:bb:f0:fb:a9:ca:5e:80:a9:1d:f7:fe:99:e9:f5:
98:e6:1c:27:6c:38:6f:20:6c:0a:3c:b4:22:a6:20:
78:93:07:3e:fc:d5:96:81:d7:cc:8e:e1:21:92:94:
78:77:b2:32:a7:27:22:9a:19:59:4c:51:07:06:9c:
ea:76:d6:30:3d:12:cc:b6:40:f6:3f:64:20:df:3e:
f3:0c:f1:a0:7d:60:00:8b:6d:0a:0d:57:2a:a7:ba:
d3:3e:6e:b5:7c:a8:97:1c:1e:e5:e2:b1:6d:29:c9:
26:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:35:98:CE:6B:30:9A:F0:EB:ED:4E:73:12:34:7B:E2:3C:29:83:14
X509v3 Authority Key Identifier:
keyid:E3:BC:BA:88:BE:DC:2A:76:8A:98:65:F4:16:D6:8A:7C:30:33:F4:69
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9123072/0CEA495C0B5C11EB99A17562C4F9AE02/47y6iL7cKnaKmGX0FtaKfDAz9Gk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/47y6iL7cKnaKmGX0FtaKfDAz9Gk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123072/0CEA495C0B5C11EB99A17562C4F9AE02/52B84266B3C411F0A952B10CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.116.164.0/22
59.153.148.0/22
61.4.112.0/20
103.229.64.0/22
103.229.224.0/23
103.230.144.0/22
103.232.136.0/22
114.29.252.0/22
185.189.160.0/22
Signature Algorithm: sha256WithRSAEncryption
32:10:92:2a:0a:e2:e6:dc:47:1d:1f:9b:cf:1c:42:07:c9:6b:
0b:4b:a6:33:f4:6e:5b:f8:1b:e0:b8:71:55:ff:3f:4c:a4:25:
93:b3:73:f2:b4:ba:f2:52:80:1d:7f:9e:31:b9:43:84:4d:e8:
0d:7b:88:b8:46:f5:21:9b:0c:c8:2b:3c:2f:a2:ca:a7:a7:f8:
e4:2a:da:22:85:19:ab:17:9a:05:95:51:cd:b0:ef:82:14:f7:
b6:86:bc:99:eb:3d:df:84:15:37:6e:15:99:22:38:f2:cb:09:
9c:43:b9:65:fa:37:39:e9:51:3f:d9:4b:0a:5c:98:59:da:d1:
cf:d4:0c:7e:9e:0c:e4:e2:dc:59:42:f1:ea:dd:42:de:33:e8:
7f:ad:6c:46:e0:58:2d:ce:a1:7c:c0:5d:b4:a4:75:99:33:cc:
b4:3d:af:15:b9:51:1f:56:79:3e:ca:7f:fd:dc:62:14:f5:3c:
de:ef:f1:eb:02:27:9d:03:7b:26:9e:98:dc:6a:97:9f:7a:a3:
76:86:7d:6a:a4:7e:e7:70:93:fb:29:0d:6a:6d:4f:a3:6f:76:
19:da:46:16:46:5d:10:34:33:57:b7:ab:92:e0:e7:08:5f:85:
be:41:0e:a5:26:9f:db:85:b3:14:48:fb:b4:48:90:0f:d7:ea:
f2:42:e6:e1
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgICCAIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjMwNzIxMTAvBgNVBAUTKEUzQkNCQTg4QkVEQzJBNzY4QTk4NjVGNDE2RDY4QTdD
MzAzM0Y0NjkwHhcNMjUxMDI4MDYwNzAzWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OTAwNWQ4Ny05Y2I3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5ShK7fnBxxlBr8ion65s1ffWOgIxB70gR7CvCP5qBVULsfe18zIazEYp9Cc9
7BSnvDu49wkA0ozx1oaaKgvsBzHle9Rd5r9bMAzadLXLtxI2Ig3lM1wGwn/LL/CY
s6umiuOkfbbHTwA3teaD1MDBnO9n15Qi4NLg9KRCEm15Su8QnKkuZoK8ObgEmKvh
AHDu8YxXnFdOu/D7qcpegKkd9/6Z6fWY5hwnbDhvIGwKPLQipiB4kwc+/NWWgdfM
juEhkpR4d7IypycimhlZTFEHBpzqdtYwPRLMtkD2P2Qg3z7zDPGgfWAAi20KDVcq
p7rTPm61fKiXHB7l4rFtKckmRwIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFEw1mM5r
MJrw6+1OcxI0e+I8KYMUMB8GA1UdIwQYMBaAFOO8uoi+3Cp2iphl9BbWinwwM/Rp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMzA3Mi8wQ0VBNDk1QzBC
NUMxMUVCOTlBMTc1NjJDNEY5QUUwMi80N3k2aUw3Y0tuYUttR1gwRnRhS2ZEQXo5
R2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzQ3eTZpTDdjS25hS21HWDBGdGFLZkRBejlHay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjMwNzIvMENFQTQ5NUMwQjVDMTFFQjk5QTE3NTYyQzRGOUFFMDIvNTJCODQyNjZC
M0M0MTFGMEE5NTJCMTBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTwYIKwYBBQUHAQcBAf8E
QDA+MDwEAgABMDYDBAItdKQDBAI7mZQDBAQ9BHADBAJn5UADBAFn5eADBAJn5pAD
BAJn6IgDBAJyHfwDBAK5vaAwDQYJKoZIhvcNAQELBQADggEBADIQkioK4ubcRx0f
m88cQgfJawtLpjP0blv4G+C4cVX/P0ykJZOzc/K0uvJSgB1/njG5Q4RN6A17iLhG
9SGbDMgrPC+iyqen+OQq2iKFGasXmgWVUc2w74IU97aGvJnrPd+EFTduFZkiOPLL
CZxDuWX6NznpUT/ZSwpcmFna0c/UDH6eDOTi3FlC8erdQt4z6H+tbEbgWC3OoXzA
XbSkdZkzzLQ9rxW5UR9WeT7Kf/3cYhT1PN7v8esCJ50DeyaemNxql596o3aGfWqk
fudwk/spDWptT6NvdhnaRhZGXRA0M1e3q5Lg5whfhb5BDqUmn9uFsxRI+7RIkA/X
6vJC5uE=
-----END CERTIFICATE-----
Generated at Wed Nov 5 12:34:32 2025 by rpki-client