Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917B9CB/6F6EDC601D8E11E2885CDFEC08B02CD2/054DC680CE7411EAA3A39A3EC4F9AE02.roa
File: 054DC680CE7411EAA3A39A3EC4F9AE02.roa (raw, json)
Hash identifier: 9+z7Zr10qHwp2Ri1PL9EErNNesIzycGYH/5jju84Tvg=
Subject key identifier: 22:FF:56:93:BD:F4:53:FA:2E:8F:6D:61:B7:DE:16:68:EA:63:2E:43
Certificate issuer: /CN=A917B9CB/serialNumber=33A7AEAFA5526DCDC56CF0876BBD41133E3D2479
Certificate serial: 3491
Authority key identifier: 33:A7:AE:AF:A5:52:6D:CD:C5:6C:F0:87:6B:BD:41:13:3E:3D:24:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M6eur6VSbc3FbPCHa71BEz49JHk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917B9CB/6F6EDC601D8E11E2885CDFEC08B02CD2/054DC680CE7411EAA3A39A3EC4F9AE02.roa
Signing time: Fri 30 May 2025 11:36:11 +0000
ROA not before: Fri 30 May 2025 11:36:11 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 132789
IP address blocks: 203.105.192.0/24 maxlen: 24
203.105.193.0/24 maxlen: 24
203.105.194.0/24 maxlen: 24
203.105.195.0/24 maxlen: 24
203.105.196.0/24 maxlen: 24
203.105.197.0/24 maxlen: 24
203.105.198.0/24 maxlen: 24
203.105.199.0/24 maxlen: 24
203.105.202.0/24 maxlen: 24
203.105.207.0/24 maxlen: 24
203.105.208.0/24 maxlen: 24
203.105.209.0/24 maxlen: 24
203.105.210.0/24 maxlen: 24
203.105.211.0/24 maxlen: 24
203.105.212.0/24 maxlen: 24
203.105.213.0/24 maxlen: 24
203.105.214.0/24 maxlen: 24
203.105.215.0/24 maxlen: 24
203.105.216.0/24 maxlen: 24
203.105.217.0/24 maxlen: 24
203.105.218.0/24 maxlen: 24
203.105.219.0/24 maxlen: 24
203.105.221.0/24 maxlen: 24
203.105.222.0/24 maxlen: 24
203.105.223.0/24 maxlen: 24
2402:3780::/48 maxlen: 48
2402:3780:2::/48 maxlen: 48
2402:3780:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917B9CB/6F6EDC601D8E11E2885CDFEC08B02CD2/M6eur6VSbc3FbPCHa71BEz49JHk.crl
rsync://rpki.apnic.net/member_repository/A917B9CB/6F6EDC601D8E11E2885CDFEC08B02CD2/M6eur6VSbc3FbPCHa71BEz49JHk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M6eur6VSbc3FbPCHa71BEz49JHk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 11 Jun 2025 14:40:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13457 (0x3491)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917B9CB, serialNumber=33A7AEAFA5526DCDC56CF0876BBD41133E3D2479
Validity
Not Before: May 30 11:36:11 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=6839982a-f7c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b4:cb:68:48:d4:67:64:42:cf:9c:15:04:55:
a0:a8:34:2d:59:cd:61:f5:c1:89:c5:84:b5:15:78:
c6:8f:13:da:51:c0:45:47:e5:25:d1:f3:27:48:41:
7c:2e:a8:7a:7c:c3:61:f2:6a:66:0f:51:1d:36:5d:
93:95:a8:51:26:96:09:33:ef:15:09:e6:0b:32:9e:
48:d7:bf:63:9f:48:7a:90:11:66:41:1a:d4:34:18:
a0:b7:56:9e:9a:32:95:b0:01:df:b6:bc:db:98:ab:
ff:59:a8:3e:f7:c2:f4:7d:fc:e4:e0:ed:8a:fc:aa:
38:76:8d:56:54:10:3d:6b:d4:be:11:d8:04:c4:c3:
a8:49:25:ac:95:f7:7d:d0:83:ad:36:7f:df:78:f4:
9c:d9:b7:0b:65:c6:69:2a:8c:83:6b:87:d2:d4:5d:
72:c3:24:31:8a:5d:16:3a:0f:a0:18:68:df:53:2e:
94:d9:37:d5:d8:9e:24:f7:19:f2:d3:33:0f:df:84:
41:72:78:4c:41:20:b2:ab:46:e2:87:bb:00:72:ba:
cd:f7:a9:0e:b7:50:34:8f:da:3f:34:86:a9:d0:d5:
54:be:15:bf:4c:ba:b6:47:d4:87:ff:50:bb:80:22:
30:bc:27:2f:6a:be:2c:44:4a:f7:46:fa:d1:1d:03:
7d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:FF:56:93:BD:F4:53:FA:2E:8F:6D:61:B7:DE:16:68:EA:63:2E:43
X509v3 Authority Key Identifier:
keyid:33:A7:AE:AF:A5:52:6D:CD:C5:6C:F0:87:6B:BD:41:13:3E:3D:24:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917B9CB/6F6EDC601D8E11E2885CDFEC08B02CD2/M6eur6VSbc3FbPCHa71BEz49JHk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M6eur6VSbc3FbPCHa71BEz49JHk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B9CB/6F6EDC601D8E11E2885CDFEC08B02CD2/054DC680CE7411EAA3A39A3EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.105.192.0/21
203.105.202.0/24
203.105.207.0-203.105.219.255
203.105.221.0-203.105.223.255
IPv6:
2402:3780::/48
2402:3780:2::/48
2402:3780:1000::/48
Signature Algorithm: sha256WithRSAEncryption
b2:87:93:82:3f:23:54:f1:74:57:9e:5c:2a:99:a0:e4:ea:7f:
9a:7c:65:07:b9:d6:d4:00:ce:a8:b4:e4:cc:97:fc:3c:4f:9c:
ec:3b:e1:49:9a:92:41:7a:97:ee:91:f3:26:1c:e5:e8:2c:18:
b6:69:d8:14:eb:42:7e:b1:c1:ea:85:ff:55:50:43:08:2c:f4:
5c:8c:0f:11:77:c0:b3:c1:35:bf:c8:30:cd:26:fa:b1:17:e7:
47:41:ef:76:d0:d7:aa:7e:9a:c2:54:d1:8c:f1:71:7a:d6:1b:
b4:db:e4:c1:67:6d:e6:b5:c5:9a:22:51:ff:12:9b:5b:40:a9:
d4:1b:49:af:38:58:b0:03:f4:f0:37:40:ec:4f:97:b9:72:3e:
41:1f:b5:1a:c4:c0:5b:69:5b:b1:9e:23:9e:e9:92:27:f2:74:
58:10:bc:c9:f2:f9:c9:38:ae:5f:b3:da:f9:ca:28:70:0c:6c:
a3:94:54:39:9f:a5:f5:5d:45:64:c5:ed:22:e6:95:13:d8:65:
f0:fa:80:99:9b:22:6d:6d:7a:81:ae:da:68:60:42:b5:2c:c6:
9f:7d:82:13:b0:fc:dd:f9:3e:ae:4e:0a:d2:63:94:34:0c:fd:
b7:78:00:bf:73:63:f3:bd:e8:28:c9:81:d5:7f:2a:31:08:4f:
2b:b4:f6:6c
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgICNJEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0I5Q0IxMTAvBgNVBAUTKDMzQTdBRUFGQTU1MjZEQ0RDNTZDRjA4NzZCQkQ0MTEz
M0UzRDI0NzkwHhcNMjUwNTMwMTEzNjExWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02ODM5OTgyYS1mN2M2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvLTLaEjUZ2RCz5wVBFWgqDQtWc1h9cGJxYS1FXjGjxPaUcBFR+Ul0fMnSEF8
Lqh6fMNh8mpmD1EdNl2TlahRJpYJM+8VCeYLMp5I179jn0h6kBFmQRrUNBigt1ae
mjKVsAHftrzbmKv/Wag+98L0ffzk4O2K/Ko4do1WVBA9a9S+EdgExMOoSSWslfd9
0IOtNn/fePSc2bcLZcZpKoyDa4fS1F1ywyQxil0WOg+gGGjfUy6U2TfV2J4k9xny
0zMP34RBcnhMQSCyq0bih7sAcrrN96kOt1A0j9o/NIap0NVUvhW/TLq2R9SH/1C7
gCIwvCcvar4sREr3RvrRHQN9zwIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFCL/VpO9
9FP6Lo9tYbfeFmjqYy5DMB8GA1UdIwQYMBaAFDOnrq+lUm3NxWzwh2u9QRM+PSR5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjlDQi82RjZFREM2MDFE
OEUxMUUyODg1Q0RGRUMwOEIwMkNEMi9NNmV1cjZWU2JjM0ZiUENIYTcxQkV6NDlK
SGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL002ZXVyNlZTYmMzRmJQQ0hhNzFCRXo0OUpIay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0I5Q0IvNkY2RURDNjAxRDhFMTFFMjg4NUNERkVDMDhCMDJDRDIvMDU0REM2ODBD
RTc0MTFFQUEzQTM5QTNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZAYIKwYBBQUHAQcBAf8E
VTBTMC4EAgABMCgDBAPLacADBADLacowDAMEAMtpzwMEAstp2DAMAwQAy2ndAwQF
y2nAMCEEAgACMBsDBwAkAjeAAAADBwAkAjeAAAIDBwAkAjeAEAAwDQYJKoZIhvcN
AQELBQADggEBALKHk4I/I1TxdFeeXCqZoOTqf5p8ZQe51tQAzqi05MyX/DxPnOw7
4UmakkF6l+6R8yYc5egsGLZp2BTrQn6xweqF/1VQQwgs9FyMDxF3wLPBNb/IMM0m
+rEX50dB73bQ16p+msJU0YzxcXrWG7Tb5MFnbea1xZoiUf8Sm1tAqdQbSa84WLAD
9PA3QOxPl7lyPkEftRrEwFtpW7GeI57pkifydFgQvMny+ck4rl+z2vnKKHAMbKOU
VDmfpfVdRWTF7SLmlRPYZfD6gJmbIm1teoGu2mhgQrUsxp99ghOw/N35Pq5OCtJj
lDQM/bd4AL9zY/O96CjJgdV/KjEITyu09mw=
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:18:16 2025 by rpki-client