Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/844EFBDA766C11EF8CE33A86C4F9AE02.roa
File: 844EFBDA766C11EF8CE33A86C4F9AE02.roa (raw, json)
Hash identifier: lMiBlwaFpcrZorN/PTmNEcsYWTw6s909rOUpGpYxp6s=
Subject key identifier: CE:20:E3:FE:05:78:2D:6C:3F:FB:CE:1F:87:CC:F0:0B:04:4A:A8:52
Certificate issuer: /CN=A9162EE1/serialNumber=6076BD0BA4DB797A72A68FEFF9BFB558C44398B2
Certificate serial: 0404
Authority key identifier: 60:76:BD:0B:A4:DB:79:7A:72:A6:8F:EF:F9:BF:B5:58:C4:43:98:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/844EFBDA766C11EF8CE33A86C4F9AE02.roa
Signing time: Thu 15 May 2025 09:21:21 +0000
ROA not before: Thu 15 May 2025 09:21:21 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 147049
IP address blocks: 103.173.150.0/23 maxlen: 23
103.173.150.0/24 maxlen: 24
103.173.151.0/24 maxlen: 24
116.204.193.0/24 maxlen: 24
116.204.194.0/24 maxlen: 24
116.204.195.0/24 maxlen: 24
2407:e8c0::/48 maxlen: 48
2407:e8c0:1::/48 maxlen: 48
2407:e8c0:2::/48 maxlen: 48
2407:e8c0:3::/48 maxlen: 48
2407:e8c0:4::/48 maxlen: 48
2407:e8c0:5::/48 maxlen: 48
2407:e8c0:6::/48 maxlen: 48
2407:e8c0:7::/48 maxlen: 48
2407:e8c0:8::/48 maxlen: 48
2407:e8c0:9::/48 maxlen: 48
2407:e8c0:a::/48 maxlen: 48
2407:e8c0:b::/48 maxlen: 48
2407:e8c0:c::/48 maxlen: 48
2407:e8c0:d::/48 maxlen: 48
2407:e8c0:e::/48 maxlen: 48
2407:e8c0:f::/48 maxlen: 48
2407:e8c0:11::/48 maxlen: 48
2407:e8c0:12::/48 maxlen: 48
2407:e8c0:13::/48 maxlen: 48
2407:e8c0:1f::/48 maxlen: 48
2407:e8c0:4a00::/40 maxlen: 40
2407:e8c0:4b00::/40 maxlen: 40
2407:e8c0:4c00::/40 maxlen: 40
2407:e8c0:4d00::/40 maxlen: 40
2407:e8c0:4e00::/40 maxlen: 40
2407:e8c0:4f00::/40 maxlen: 40
2407:e8c0:5000::/40 maxlen: 40
2407:e8c0:5100::/40 maxlen: 40
2407:e8c0:5200::/40 maxlen: 40
2407:e8c0:5300::/40 maxlen: 40
2407:e8c0:5400::/40 maxlen: 40
2407:e8c0:5500::/40 maxlen: 40
2407:e8c0:5600::/40 maxlen: 40
2407:e8c0:5700::/40 maxlen: 40
2407:e8c0:5800::/40 maxlen: 40
2407:e8c0:5a00::/40 maxlen: 40
2407:e8c0:5b00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.crl
rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Jun 2025 00:53:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1028 (0x404)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162EE1, serialNumber=6076BD0BA4DB797A72A68FEFF9BFB558C44398B2
Validity
Not Before: May 15 09:21:21 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6825b211-15f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:79:fb:51:89:15:7c:0d:ba:36:28:34:91:42:
b9:64:26:32:73:9a:fc:69:8b:b1:5b:9e:a6:c7:ff:
6a:03:6e:30:62:e9:30:e0:1b:50:cc:54:36:e4:e5:
5f:2d:cd:6b:13:f2:b5:ce:3d:17:ad:d0:75:db:e3:
47:b2:22:ce:df:60:1a:16:37:59:9c:97:40:95:70:
90:f1:bd:87:74:92:c8:bc:94:96:52:69:9b:8d:41:
41:3a:0f:8f:81:97:97:13:8b:e3:74:48:3a:5d:d1:
0f:e2:3b:c7:d2:67:8f:5e:2f:78:35:91:08:eb:8c:
1b:9d:22:11:03:25:52:6b:09:22:b8:89:27:c1:88:
0e:60:17:4a:1b:a6:eb:3c:f9:d1:c6:f2:83:7b:6b:
36:4e:be:38:f6:e4:a4:c2:8b:cf:91:ff:27:29:f5:
3c:a0:3b:ba:1b:c4:d8:5d:2b:18:4b:f0:e3:24:22:
13:41:37:55:2c:07:6c:23:9b:74:8f:60:f3:04:5f:
e5:c0:45:50:f4:3f:d5:1f:48:5f:36:ca:b1:6f:fb:
f8:c0:e9:0e:1b:e2:8b:40:80:9e:79:3c:f7:43:6c:
c8:49:0c:f7:33:e3:23:02:e8:a7:4c:f1:c2:6d:98:
6a:74:a4:51:63:a0:55:6b:56:30:49:a8:36:eb:05:
7a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:20:E3:FE:05:78:2D:6C:3F:FB:CE:1F:87:CC:F0:0B:04:4A:A8:52
X509v3 Authority Key Identifier:
keyid:60:76:BD:0B:A4:DB:79:7A:72:A6:8F:EF:F9:BF:B5:58:C4:43:98:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/844EFBDA766C11EF8CE33A86C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.173.150.0/23
116.204.193.0-116.204.195.255
IPv6:
2407:e8c0::/44
2407:e8c0:11::-2407:e8c0:13:ffff:ffff:ffff:ffff:ffff
2407:e8c0:1f::/48
2407:e8c0:4a00::-2407:e8c0:58ff:ffff:ffff:ffff:ffff:ffff
2407:e8c0:5a00::/39
Signature Algorithm: sha256WithRSAEncryption
14:b3:5e:10:98:8c:b6:14:8a:02:14:51:c7:39:a2:49:ab:bd:
c3:ac:4a:c8:70:1a:10:3c:35:13:85:58:f3:49:9c:04:6b:a6:
95:f5:86:2f:ab:3c:b3:77:63:fe:7b:69:62:53:0e:28:6a:7b:
89:ce:bb:99:c6:d0:25:9b:2f:c3:27:19:58:12:9c:1d:c7:ca:
1e:bc:f0:f7:44:ce:ac:62:ab:c1:d5:99:97:7e:97:af:08:2a:
a8:28:38:5f:19:8b:03:87:6b:a8:d4:0d:58:5f:b3:1f:3b:ed:
0d:c9:56:9e:28:a0:35:94:6e:0d:bd:f3:d1:62:e0:a9:c5:19:
db:46:63:3b:bd:0b:09:29:6f:15:67:de:34:d8:94:bb:ad:59:
df:c5:fa:c9:35:4a:3f:22:b0:1b:aa:cd:c3:1e:b8:d2:74:d5:
77:28:1e:7b:73:4a:e3:7b:8b:73:bf:3c:55:d1:24:31:12:ce:
99:dd:22:4e:e6:4b:12:a0:4f:ba:53:00:30:5c:9c:74:88:8b:
b0:16:90:5c:91:29:30:60:1f:50:ce:64:82:c3:c2:58:9f:04:
6b:ca:2d:6d:62:7a:3b:18:21:e9:1e:26:7f:28:bb:09:82:27:
23:16:86:c0:d9:18:92:28:a0:51:63:71:18:25:db:fc:ff:c5:
23:9d:09:8b
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgICBAQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjJFRTExMTAvBgNVBAUTKDYwNzZCRDBCQTREQjc5N0E3MkE2OEZFRkY5QkZCNTU4
QzQ0Mzk4QjIwHhcNMjUwNTE1MDkyMTIxWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODI1YjIxMS0xNWY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnnn7UYkVfA26Nig0kUK5ZCYyc5r8aYuxW56mx/9qA24wYukw4BtQzFQ25OVf
Lc1rE/K1zj0XrdB12+NHsiLO32AaFjdZnJdAlXCQ8b2HdJLIvJSWUmmbjUFBOg+P
gZeXE4vjdEg6XdEP4jvH0mePXi94NZEI64wbnSIRAyVSawkiuIknwYgOYBdKG6br
PPnRxvKDe2s2Tr449uSkwovPkf8nKfU8oDu6G8TYXSsYS/DjJCITQTdVLAdsI5t0
j2DzBF/lwEVQ9D/VH0hfNsqxb/v4wOkOG+KLQICeeTz3Q2zISQz3M+MjAuinTPHC
bZhqdKRRY6BVa1YwSag26wV6PQIDAQABo4IC6zCCAucwHQYDVR0OBBYEFM4g4/4F
eC1sP/vOH4fM8AsESqhSMB8GA1UdIwQYMBaAFGB2vQuk23l6cqaP7/m/tVjEQ5iy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MkVFMS83NTJENDJFODhG
RDIxMUVDOTQ4QTkzN0VDNEY5QUUwMi9ZSGE5QzZUYmVYcHlwb192LWItMVdNUkRt
TEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lIYTlDNlRiZVhweXBvX3YtYi0xV01SRG1MSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjJFRTEvNzUyRDQyRTg4RkQyMTFFQzk0OEE5MzdFQzRGOUFFMDIvODQ0RUZCREE3
NjZDMTFFRjhDRTMzQTg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdQYIKwYBBQUHAQcBAf8E
ZjBkMBoEAgABMBQDBAFnrZYwDAMEAHTMwQMEAnTMwDBGBAIAAjBAAwcEJAfowAAA
MBIDBwAkB+jAABEDBwIkB+jAABADBwAkB+jAAB8wEAMGASQH6MBKAwYAJAfowFgD
BgEkB+jAWjANBgkqhkiG9w0BAQsFAAOCAQEAFLNeEJiMthSKAhRRxzmiSau9w6xK
yHAaEDw1E4VY80mcBGumlfWGL6s8s3dj/ntpYlMOKGp7ic67mcbQJZsvwycZWBKc
HcfKHrzw90TOrGKrwdWZl36XrwgqqCg4XxmLA4drqNQNWF+zHzvtDclWniigNZRu
Db3z0WLgqcUZ20ZjO70LCSlvFWfeNNiUu61Z38X6yTVKPyKwG6rNwx640nTVdyge
e3NK43uLc788VdEkMRLOmd0iTuZLEqBPulMAMFycdIiLsBaQXJEpMGAfUM5kgsPC
WJ8Ea8otbWJ6Oxgh6R4mfyi7CYInIxaGwNkYkiigUWNxGCXb/P/FI50Jiw==
-----END CERTIFICATE-----
Generated at Mon Jun 2 05:36:50 2025 by rpki-client