Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/6136E33A07B511EBBBA2521CC4F9AE02.roa
File: 6136E33A07B511EBBBA2521CC4F9AE02.roa (raw, json)
Hash identifier: x2K4iGB4XiPQaLbpOQU46N5zgaAZ4UmMEd3zJ7RSB2Q=
Subject key identifier: 54:5D:01:01:DF:FB:5B:35:2D:D6:D6:6C:3E:A5:8D:67:46:30:0F:D8
Certificate issuer: /CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Certificate serial: 1F72
Authority key identifier: AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/6136E33A07B511EBBBA2521CC4F9AE02.roa
Signing time: Sat 30 Aug 2025 16:35:36 +0000
ROA not before: Sat 30 Aug 2025 16:35:36 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 36678
IP address blocks: 203.14.184.0/22 maxlen: 22
203.14.188.0/24 maxlen: 24
203.14.189.0/24 maxlen: 24
203.19.32.0/22 maxlen: 22
203.19.37.0/24 maxlen: 24
203.19.38.0/24 maxlen: 24
203.25.50.0/24 maxlen: 24
203.25.53.0/24 maxlen: 24
203.25.54.0/24 maxlen: 24
203.33.8.0/22 maxlen: 24
203.34.196.0/24 maxlen: 24
203.56.48.0/23 maxlen: 23
203.80.136.0/23 maxlen: 24
203.80.138.0/23 maxlen: 24
203.128.224.0/24 maxlen: 24
218.30.32.0/24 maxlen: 24
218.30.35.0/24 maxlen: 24
218.30.41.0/24 maxlen: 24
218.30.43.0/24 maxlen: 24
218.30.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 13 Sep 2025 16:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8050 (0x1f72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE4, serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Validity
Not Before: Aug 30 16:35:36 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=68b32858-0e31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:cd:a4:ac:bf:98:f8:e9:fd:71:88:86:d3:56:
04:ec:79:b4:dd:93:b4:2a:78:85:62:04:b7:03:27:
7b:bb:a4:a3:4c:3a:6b:05:ce:0f:22:3a:4b:15:0b:
e5:7d:27:cd:5a:8f:47:60:db:10:b1:42:33:09:e7:
08:24:1d:13:51:6c:5a:1b:6a:64:b0:93:09:c4:26:
a3:7c:09:eb:c5:7a:c4:58:98:d0:86:bb:87:7b:bd:
f6:23:d3:cf:71:d1:4d:a3:aa:3e:9e:c9:2d:e0:e5:
87:27:c3:54:89:c8:13:44:9c:3b:5a:8f:3a:c6:a5:
8f:48:5b:05:72:55:19:aa:92:3f:a6:b9:52:7d:6b:
5c:da:30:97:77:1d:02:ab:96:9a:be:c1:1a:dd:b1:
50:6d:a2:9d:f0:e7:c2:40:c9:9b:4d:f6:94:79:92:
b2:e1:a4:bb:68:fd:e3:c1:79:68:9d:3c:01:42:25:
02:4f:a5:40:af:60:61:23:3e:32:52:c4:a9:7d:7c:
c6:f8:da:13:b8:3c:2a:15:74:c0:7a:4b:77:9d:85:
f3:3e:d5:a1:37:2e:02:c2:e7:01:c5:7a:c6:a2:a6:
66:a8:4f:dd:ad:f5:e5:b4:e4:e2:77:c2:27:c3:93:
4a:76:35:3d:8c:40:15:ca:02:3a:d4:1f:6b:3a:ab:
20:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:5D:01:01:DF:FB:5B:35:2D:D6:D6:6C:3E:A5:8D:67:46:30:0F:D8
X509v3 Authority Key Identifier:
keyid:AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/6136E33A07B511EBBBA2521CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.14.184.0-203.14.189.255
203.19.32.0/22
203.19.37.0-203.19.38.255
203.25.50.0/24
203.25.53.0-203.25.54.255
203.33.8.0/22
203.34.196.0/24
203.56.48.0/23
203.80.136.0/22
203.128.224.0/24
218.30.32.0/24
218.30.35.0/24
218.30.41.0/24
218.30.43.0-218.30.44.255
Signature Algorithm: sha256WithRSAEncryption
1d:7c:2a:aa:c7:7d:fb:91:f9:da:81:bf:91:90:18:8c:97:cd:
db:f6:28:ab:77:c7:e1:2a:f6:3b:92:49:1d:b8:c9:a1:88:4a:
e3:e1:68:58:1f:1d:a4:ce:76:e0:a2:ea:80:04:fe:b7:4c:43:
71:f1:a2:5e:75:de:6f:1c:87:84:d0:fe:a4:85:82:b1:3c:00:
b8:43:8e:0f:3b:4e:0d:b9:f1:69:61:c6:a3:60:b3:1f:ca:28:
f9:a8:c1:4e:24:dc:19:80:0e:c5:08:94:90:25:16:a4:70:7f:
3b:9f:84:9d:70:27:fa:31:86:06:97:b6:7a:d7:b0:83:cb:81:
79:9d:12:be:40:2b:ca:2c:9d:d7:ad:c4:8c:cc:b4:d0:15:1e:
44:6c:35:e7:7c:44:bb:07:7e:a8:15:a4:98:02:bc:47:20:b3:
16:17:e1:a3:f0:e7:e4:b0:ee:59:fc:a6:68:6d:7c:01:a2:76:
dd:10:9e:3d:5b:0e:71:d4:d6:66:0a:33:08:8f:ca:e3:04:c8:
f8:60:ad:5b:e8:38:59:c3:22:b5:12:57:15:53:2a:5f:1b:5c:
e9:06:c8:d6:51:dc:0b:f1:1e:df:c5:12:4c:ab:cf:88:c0:07:
8e:0d:60:d4:79:9f:47:58:c5:15:26:76:e3:16:70:aa:40:a9:
ee:ba:59:95
-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgICH3IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVBRTQxMTAvBgNVBAUTKEFENTZCNjcxODdBOThCQTMxNDA4NDQwNTc5N0JEOTY1
NkU4QUM4QkEwHhcNMjUwODMwMTYzNTM2WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGIzMjg1OC0wZTMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2s2krL+Y+On9cYiG01YE7Hm03ZO0KniFYgS3Ayd7u6SjTDprBc4PIjpLFQvl
fSfNWo9HYNsQsUIzCecIJB0TUWxaG2pksJMJxCajfAnrxXrEWJjQhruHe732I9PP
cdFNo6o+nskt4OWHJ8NUicgTRJw7Wo86xqWPSFsFclUZqpI/prlSfWtc2jCXdx0C
q5aavsEa3bFQbaKd8OfCQMmbTfaUeZKy4aS7aP3jwXlonTwBQiUCT6VAr2BhIz4y
UsSpfXzG+NoTuDwqFXTAekt3nYXzPtWhNy4CwucBxXrGoqZmqE/drfXltOTid8In
w5NKdjU9jEAVygI61B9rOqsg6QIDAQABo4IDBDCCAwAwHQYDVR0OBBYEFFRdAQHf
+1s1LdbWbD6ljWdGMA/YMB8GA1UdIwQYMBaAFK1WtnGHqYujFAhEBXl72WVuisi6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUFFNC82NzUzQjhBRTI1
NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi9yVmEyY1llcGk2TVVDRVFGZVh2WlpXNkt5
TG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JWYTJjWWVwaTZNVUNFUUZlWHZaWlc2S3lMby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVBRTQvNjc1M0I4QUUyNTc1MTFFN0FDMEQxNzJBQzRGOUFFMDIvNjEzNkUzM0Ew
N0I1MTFFQkJCQTI1MjFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgY0GCCsGAQUFBwEHAQH/
BH4wfDB6BAIAATB0MAwDBAPLDrgDBAHLDrwDBALLEyAwDAMEAMsTJQMEAMsTJgME
AMsZMjAMAwQAyxk1AwQAyxk2AwQCyyEIAwQAyyLEAwQByzgwAwQCy1CIAwQAy4Dg
AwQA2h4gAwQA2h4jAwQA2h4pMAwDBADaHisDBADaHiwwDQYJKoZIhvcNAQELBQAD
ggEBAB18KqrHffuR+dqBv5GQGIyXzdv2KKt3x+Eq9juSSR24yaGISuPhaFgfHaTO
duCi6oAE/rdMQ3Hxol513m8ch4TQ/qSFgrE8ALhDjg87Tg258WlhxqNgsx/KKPmo
wU4k3BmADsUIlJAlFqRwfzufhJ1wJ/oxhgaXtnrXsIPLgXmdEr5AK8osndetxIzM
tNAVHkRsNed8RLsHfqgVpJgCvEcgsxYX4aPw5+Sw7ln8pmhtfAGidt0Qnj1bDnHU
1mYKMwiPyuMEyPhgrVvoOFnDIrUSVxVTKl8bXOkGyNZR3AvxHt/FEkyrz4jAB44N
YNR5n0dYxRUmduMWcKpAqe66WZU=
-----END CERTIFICATE-----
Generated at Sat Sep 6 20:16:29 2025 by rpki-client