Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9141FD6/6EEC64301D9111E2B687A5F308B02CD2/6215E9C089CF11ECA1DA1810C4F9AE02.roa
File: 6215E9C089CF11ECA1DA1810C4F9AE02.roa (raw, json)
Hash identifier: o3Ceb2MSjRakfXXsxsrz1v3BRN+sMCeTig6Z0QGV2lg=
Subject key identifier: 30:51:1D:1A:1E:BD:5F:CA:57:3B:AB:36:E6:85:73:34:E3:FF:93:6B
Certificate issuer: /CN=A9141FD6/serialNumber=6B9D65EAE9C697DA21CB4BEEBF4DF4CE0A419321
Certificate serial: 34BB
Authority key identifier: 6B:9D:65:EA:E9:C6:97:DA:21:CB:4B:EE:BF:4D:F4:CE:0A:41:93:21
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a51l6unGl9ohy0vuv030zgpBkyE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9141FD6/6EEC64301D9111E2B687A5F308B02CD2/6215E9C089CF11ECA1DA1810C4F9AE02.roa
Signing time: Thu 22 May 2025 14:50:45 +0000
ROA not before: Thu 22 May 2025 14:50:45 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 38182
IP address blocks: 58.84.16.0/22 maxlen: 24
113.23.128.0/17 maxlen: 17
113.23.128.0/24 maxlen: 24
113.23.129.0/24 maxlen: 24
113.23.130.0/23 maxlen: 23
113.23.130.0/24 maxlen: 24
113.23.131.0/24 maxlen: 24
113.23.132.0/23 maxlen: 23
113.23.132.0/24 maxlen: 24
113.23.133.0/24 maxlen: 24
113.23.134.0/24 maxlen: 24
113.23.135.0/24 maxlen: 24
113.23.136.0/24 maxlen: 24
113.23.137.0/24 maxlen: 24
113.23.138.0/24 maxlen: 24
113.23.139.0/24 maxlen: 24
113.23.140.0/24 maxlen: 24
113.23.141.0/24 maxlen: 24
113.23.142.0/24 maxlen: 24
113.23.143.0/24 maxlen: 24
113.23.144.0/24 maxlen: 24
113.23.145.0/24 maxlen: 24
113.23.146.0/24 maxlen: 24
113.23.147.0/24 maxlen: 24
113.23.148.0/24 maxlen: 24
113.23.149.0/24 maxlen: 24
113.23.150.0/24 maxlen: 24
113.23.151.0/24 maxlen: 24
113.23.152.0/24 maxlen: 24
113.23.153.0/24 maxlen: 24
113.23.154.0/24 maxlen: 24
113.23.155.0/24 maxlen: 24
113.23.156.0/24 maxlen: 24
113.23.157.0/24 maxlen: 24
113.23.158.0/24 maxlen: 24
113.23.159.0/24 maxlen: 24
113.23.160.0/22 maxlen: 22
113.23.160.0/24 maxlen: 24
113.23.161.0/24 maxlen: 24
113.23.162.0/24 maxlen: 24
113.23.163.0/24 maxlen: 24
113.23.164.0/24 maxlen: 24
113.23.165.0/24 maxlen: 24
113.23.166.0/24 maxlen: 24
113.23.167.0/24 maxlen: 24
113.23.168.0/24 maxlen: 24
113.23.169.0/24 maxlen: 24
113.23.170.0/24 maxlen: 24
113.23.171.0/24 maxlen: 24
113.23.172.0/24 maxlen: 24
113.23.173.0/24 maxlen: 24
113.23.174.0/24 maxlen: 24
113.23.175.0/24 maxlen: 24
113.23.176.0/24 maxlen: 24
113.23.177.0/24 maxlen: 24
113.23.178.0/24 maxlen: 24
113.23.179.0/24 maxlen: 24
113.23.180.0/24 maxlen: 24
113.23.181.0/24 maxlen: 24
113.23.182.0/24 maxlen: 24
113.23.183.0/24 maxlen: 24
113.23.184.0/24 maxlen: 24
113.23.185.0/24 maxlen: 24
113.23.186.0/24 maxlen: 24
113.23.187.0/24 maxlen: 24
113.23.188.0/24 maxlen: 24
113.23.189.0/24 maxlen: 24
113.23.190.0/24 maxlen: 24
113.23.191.0/24 maxlen: 24
113.23.192.0/24 maxlen: 24
113.23.193.0/24 maxlen: 24
113.23.194.0/24 maxlen: 24
113.23.195.0/24 maxlen: 24
113.23.196.0/24 maxlen: 24
113.23.197.0/24 maxlen: 24
113.23.198.0/24 maxlen: 24
113.23.199.0/24 maxlen: 24
113.23.200.0/24 maxlen: 24
113.23.201.0/24 maxlen: 24
113.23.202.0/24 maxlen: 24
113.23.203.0/24 maxlen: 24
113.23.204.0/24 maxlen: 24
113.23.205.0/24 maxlen: 24
113.23.206.0/24 maxlen: 24
113.23.207.0/24 maxlen: 24
113.23.208.0/24 maxlen: 24
113.23.209.0/24 maxlen: 24
113.23.210.0/24 maxlen: 24
113.23.211.0/24 maxlen: 24
113.23.212.0/24 maxlen: 24
113.23.213.0/24 maxlen: 24
113.23.214.0/24 maxlen: 24
113.23.215.0/24 maxlen: 24
113.23.216.0/24 maxlen: 24
113.23.217.0/24 maxlen: 24
113.23.218.0/24 maxlen: 24
113.23.219.0/24 maxlen: 24
113.23.220.0/24 maxlen: 24
113.23.221.0/24 maxlen: 24
113.23.222.0/24 maxlen: 24
113.23.223.0/24 maxlen: 24
113.23.224.0/24 maxlen: 24
113.23.225.0/24 maxlen: 24
113.23.226.0/24 maxlen: 24
113.23.227.0/24 maxlen: 24
113.23.228.0/24 maxlen: 24
113.23.229.0/24 maxlen: 24
113.23.230.0/24 maxlen: 24
113.23.231.0/24 maxlen: 24
113.23.232.0/24 maxlen: 24
113.23.233.0/24 maxlen: 24
113.23.234.0/24 maxlen: 24
113.23.235.0/24 maxlen: 24
113.23.236.0/24 maxlen: 24
113.23.237.0/24 maxlen: 24
113.23.238.0/24 maxlen: 24
113.23.239.0/24 maxlen: 24
113.23.240.0/24 maxlen: 24
113.23.241.0/24 maxlen: 24
113.23.242.0/24 maxlen: 24
113.23.243.0/24 maxlen: 24
113.23.244.0/24 maxlen: 24
113.23.245.0/24 maxlen: 24
113.23.246.0/24 maxlen: 24
113.23.247.0/24 maxlen: 24
113.23.248.0/24 maxlen: 24
113.23.249.0/24 maxlen: 24
113.23.250.0/24 maxlen: 24
113.23.251.0/24 maxlen: 24
113.23.252.0/24 maxlen: 24
113.23.253.0/24 maxlen: 24
113.23.254.0/24 maxlen: 24
113.23.255.0/24 maxlen: 24
203.188.232.0/21 maxlen: 21
203.188.232.0/24 maxlen: 24
203.188.233.0/24 maxlen: 24
203.188.234.0/23 maxlen: 23
203.188.234.0/24 maxlen: 24
203.188.235.0/24 maxlen: 24
203.188.236.0/24 maxlen: 24
203.188.237.0/24 maxlen: 24
203.188.238.0/24 maxlen: 24
203.188.239.0/24 maxlen: 24
2407:f800::/40 maxlen: 40
2407:f800::/48 maxlen: 48
2407:f800::3:0:0/96 maxlen: 96
2407:f800:100::/40 maxlen: 40
2407:f800:200::/40 maxlen: 40
2407:f800:200::/48 maxlen: 48
2407:f800:300::/40 maxlen: 40
2407:f800:300::/48 maxlen: 48
2407:f800:400::/40 maxlen: 40
2407:f800:400::/48 maxlen: 48
2407:f800:500::/40 maxlen: 40
2407:f800:500::/48 maxlen: 48
2407:f800:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9141FD6/6EEC64301D9111E2B687A5F308B02CD2/a51l6unGl9ohy0vuv030zgpBkyE.crl
rsync://rpki.apnic.net/member_repository/A9141FD6/6EEC64301D9111E2B687A5F308B02CD2/a51l6unGl9ohy0vuv030zgpBkyE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a51l6unGl9ohy0vuv030zgpBkyE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Jun 2025 14:44:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13499 (0x34bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9141FD6, serialNumber=6B9D65EAE9C697DA21CB4BEEBF4DF4CE0A419321
Validity
Not Before: May 22 14:50:45 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=682f39c5-0899
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d3:1b:0a:8c:54:99:de:c8:38:08:f7:5e:ac:
f7:e0:e5:9e:fd:41:d4:24:e4:b9:d8:9c:9a:14:18:
dc:23:6f:5c:f2:18:25:4b:99:fc:11:24:45:35:69:
3c:24:2d:1c:b8:26:eb:4b:c0:34:c2:1f:61:a7:b3:
12:9a:fb:4d:39:4c:06:13:5f:5a:69:18:b7:19:c4:
e5:fa:3d:ee:33:2b:9c:3a:36:ea:74:c4:6a:4e:4a:
b4:28:7f:0c:96:29:a9:b1:2f:d0:3e:b3:a6:a2:31:
6a:86:22:10:6b:df:11:a2:75:9b:36:86:a6:b7:17:
a3:07:0d:96:ed:57:bf:02:4c:d6:91:31:37:6f:ba:
b3:1d:b7:0d:f5:43:51:47:1e:89:12:05:1b:cd:fc:
b9:87:79:36:ea:8d:23:10:0e:18:af:9d:19:2c:5c:
58:2c:c5:61:ce:95:3a:ae:a8:2b:1f:63:cf:62:fb:
8a:22:89:28:2d:0e:98:ce:79:dc:f0:dc:9d:71:ae:
aa:5a:ea:48:47:29:fa:49:de:f6:86:77:ec:5f:8d:
64:2f:74:95:99:f2:74:6d:49:4f:7d:b3:86:8b:1e:
c4:5c:12:3c:41:1c:c8:ff:d7:b8:f6:87:3e:21:f5:
0e:72:b9:fd:7d:e5:eb:d2:ea:e8:f3:93:71:55:f5:
8b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:51:1D:1A:1E:BD:5F:CA:57:3B:AB:36:E6:85:73:34:E3:FF:93:6B
X509v3 Authority Key Identifier:
keyid:6B:9D:65:EA:E9:C6:97:DA:21:CB:4B:EE:BF:4D:F4:CE:0A:41:93:21
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9141FD6/6EEC64301D9111E2B687A5F308B02CD2/a51l6unGl9ohy0vuv030zgpBkyE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a51l6unGl9ohy0vuv030zgpBkyE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9141FD6/6EEC64301D9111E2B687A5F308B02CD2/6215E9C089CF11ECA1DA1810C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.84.16.0/22
113.23.128.0/17
203.188.232.0/21
IPv6:
2407:f800::-2407:f800:5ff:ffff:ffff:ffff:ffff:ffff
2407:f800:800::/40
Signature Algorithm: sha256WithRSAEncryption
71:ca:58:59:b4:95:e9:5b:59:be:02:12:51:7d:3e:5f:e1:ee:
08:e2:c5:7b:f8:bd:12:f0:f7:38:c6:18:bb:0f:a6:4d:f7:54:
1d:ce:a5:2c:63:42:09:41:c7:fd:44:e0:e0:07:d9:84:33:b3:
5e:f0:3e:e0:fa:f2:a4:0d:1b:c1:f6:e5:69:c5:d8:f4:b5:4a:
f2:34:72:81:d2:de:67:25:84:a7:2d:17:22:6b:c0:2f:5c:44:
cb:79:ff:4c:17:40:24:cf:05:8a:cd:45:58:80:8b:ef:08:a3:
6d:cc:6d:76:84:42:33:96:88:a3:36:dc:92:f8:9c:bc:15:9b:
03:22:d3:13:ec:7f:c7:69:47:a2:0b:58:87:7e:36:8f:d0:49:
bf:36:2e:ae:0b:ee:7a:88:25:aa:bd:45:22:95:23:c2:0a:be:
cd:0d:d5:f5:af:90:96:27:f3:13:83:15:18:18:86:23:15:90:
8f:17:af:94:70:ef:37:44:90:77:72:4e:37:e9:7e:64:9e:c9:
05:09:58:24:ed:e6:34:85:ff:52:54:c7:da:cd:f5:ab:cb:2a:
91:e8:d1:1b:5f:2c:d7:bd:e4:56:58:e0:3f:e8:60:99:45:2b:
a6:bb:d5:46:64:55:9a:39:88:a5:e8:67:af:ff:b1:13:a4:14:
f4:1f:af:c5
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgICNLswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDFGRDYxMTAvBgNVBAUTKDZCOUQ2NUVBRTlDNjk3REEyMUNCNEJFRUJGNERGNENF
MEE0MTkzMjEwHhcNMjUwNTIyMTQ1MDQ1WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODJmMzljNS0wODk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0tMbCoxUmd7IOAj3Xqz34OWe/UHUJOS52JyaFBjcI29c8hglS5n8ESRFNWk8
JC0cuCbrS8A0wh9hp7MSmvtNOUwGE19aaRi3GcTl+j3uMyucOjbqdMRqTkq0KH8M
limpsS/QPrOmojFqhiIQa98RonWbNoamtxejBw2W7Ve/AkzWkTE3b7qzHbcN9UNR
Rx6JEgUbzfy5h3k26o0jEA4Yr50ZLFxYLMVhzpU6rqgrH2PPYvuKIokoLQ6Yznnc
8Nydca6qWupIRyn6Sd72hnfsX41kL3SVmfJ0bUlPfbOGix7EXBI8QRzI/9e49oc+
IfUOcrn9feXr0uro85NxVfWLKwIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFDBRHRoe
vV/KVzurNuaFczTj/5NrMB8GA1UdIwQYMBaAFGudZerpxpfaIctL7r9N9M4KQZMh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MUZENi82RUVDNjQzMDFE
OTExMUUyQjY4N0E1RjMwOEIwMkNEMi9hNTFsNnVuR2w5b2h5MHZ1djAzMHpncEJr
eUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2E1MWw2dW5HbDlvaHkwdnV2MDMwemdwQmt5RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDFGRDYvNkVFQzY0MzAxRDkxMTFFMkI2ODdBNUYzMDhCMDJDRDIvNjIxNUU5QzA4
OUNGMTFFQ0ExREExODEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSwYIKwYBBQUHAQcBAf8E
PDA6MBgEAgABMBIDBAI6VBADBAdxF4ADBAPLvOgwHgQCAAIwGDAOAwQDJAf4AwYB
JAf4AAQDBgAkB/gACDANBgkqhkiG9w0BAQsFAAOCAQEAccpYWbSV6VtZvgISUX0+
X+HuCOLFe/i9EvD3OMYYuw+mTfdUHc6lLGNCCUHH/UTg4AfZhDOzXvA+4PrypA0b
wfblacXY9LVK8jRygdLeZyWEpy0XImvAL1xEy3n/TBdAJM8Fis1FWICL7wijbcxt
doRCM5aIozbckvicvBWbAyLTE+x/x2lHogtYh342j9BJvzYurgvueoglqr1FIpUj
wgq+zQ3V9a+QlifzE4MVGBiGIxWQjxevlHDvN0SQd3JON+l+ZJ7JBQlYJO3mNIX/
UlTH2s31q8sqkejRG18s173kVljgP+hgmUUrprvVRmRVmjmIpehnr/+xE6QU9B+v
xQ==
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:09:10 2025 by rpki-client