Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/60020E9436F511F0B22B5E24C4F9AE02.roa
File: 60020E9436F511F0B22B5E24C4F9AE02.roa (raw, json)
Hash identifier: JetDV/3YonU90g4PmXfe9VaHyV+YwCaNx8AIiUOEL+4=
Subject key identifier: 2F:7D:85:8B:0E:4E:4D:FC:E6:FD:BD:4B:AA:48:67:CB:44:E4:7D:9D
Certificate issuer: /CN=A9182CFC/serialNumber=8027E0EF54D00B61F7136F09719BFCF4C4533405
Certificate serial: 34B7
Authority key identifier: 80:27:E0:EF:54:D0:0B:61:F7:13:6F:09:71:9B:FC:F4:C4:53:34:05
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gCfg71TQC2H3E28JcZv89MRTNAU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/60020E9436F511F0B22B5E24C4F9AE02.roa
Signing time: Thu 22 May 2025 10:13:15 +0000
ROA not before: Thu 22 May 2025 10:13:15 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 9892
IP address blocks: 114.129.33.0/24 maxlen: 24
114.129.36.0/22 maxlen: 22
114.129.36.0/24 maxlen: 24
114.129.38.0/24 maxlen: 24
114.129.40.0/23 maxlen: 23
114.129.41.0/24 maxlen: 24
114.129.45.0/24 maxlen: 24
114.129.46.0/24 maxlen: 24
114.129.47.0/24 maxlen: 24
123.100.235.0/24 maxlen: 24
123.100.236.0/22 maxlen: 22
123.100.236.0/24 maxlen: 24
123.100.237.0/24 maxlen: 24
123.100.238.0/23 maxlen: 23
123.100.240.0/22 maxlen: 22
123.100.241.0/24 maxlen: 24
123.100.244.0/23 maxlen: 23
123.100.244.0/24 maxlen: 24
123.100.245.0/24 maxlen: 24
123.100.248.0/21 maxlen: 21
123.100.251.0/24 maxlen: 24
123.100.252.0/24 maxlen: 24
202.157.128.0/19 maxlen: 19
202.157.128.0/21 maxlen: 21
202.157.136.0/22 maxlen: 22
202.157.142.0/23 maxlen: 23
202.157.148.0/24 maxlen: 24
202.157.152.0/24 maxlen: 24
202.157.160.0/20 maxlen: 20
202.157.160.0/21 maxlen: 21
202.157.168.0/21 maxlen: 21
202.160.120.0/24 maxlen: 24
202.160.121.0/24 maxlen: 24
202.160.122.0/24 maxlen: 24
202.160.123.0/24 maxlen: 24
203.83.250.0/24 maxlen: 24
203.142.16.0/21 maxlen: 21
203.142.24.0/23 maxlen: 23
203.142.27.0/24 maxlen: 24
203.169.6.0/24 maxlen: 24
203.169.7.0/24 maxlen: 24
2404:4800::/48 maxlen: 48
2404:4800:1::/48 maxlen: 48
2404:4800:2::/48 maxlen: 48
2404:4800:3::/48 maxlen: 48
2404:4800:20::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/gCfg71TQC2H3E28JcZv89MRTNAU.crl
rsync://rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/gCfg71TQC2H3E28JcZv89MRTNAU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gCfg71TQC2H3E28JcZv89MRTNAU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Jun 2025 14:28:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13495 (0x34b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9182CFC, serialNumber=8027E0EF54D00B61F7136F09719BFCF4C4533405
Validity
Not Before: May 22 10:13:15 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=682ef8bb-6e6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:1f:b8:94:6c:c1:e8:7d:9d:fb:97:ed:bc:1e:
05:51:ea:6d:45:03:57:2c:03:c5:1e:ee:26:1f:48:
d2:ce:f5:5a:63:a8:d2:f2:38:1e:78:88:b0:79:82:
41:58:8f:39:88:d5:26:e3:73:d5:de:60:e1:be:b2:
ea:fc:57:57:2f:42:ef:db:26:5f:9c:f1:f3:3e:b4:
ac:66:23:4b:42:3a:09:a4:d0:97:b2:ce:9b:56:23:
22:d9:a8:97:a4:58:44:f2:cd:89:89:30:38:f0:07:
36:84:11:6f:0e:00:bf:ae:d5:92:d2:27:4b:65:fd:
70:2d:a5:cc:65:d0:ac:40:9c:1b:99:63:95:4c:4d:
dd:74:b5:a0:d8:f3:cc:1f:97:68:ed:b2:cf:a7:3e:
7e:39:f2:3c:5b:c0:1f:29:06:8d:ff:2c:03:7c:c1:
64:26:ef:7f:25:9a:e8:82:ac:2c:42:c7:8b:30:7b:
25:d4:e7:86:fe:f1:33:e2:77:82:fe:0a:b3:2e:be:
4c:6d:c4:01:b5:8b:3e:75:ff:aa:1a:5b:0e:12:a7:
b2:bf:b0:7b:a0:58:56:53:ba:23:6a:b0:6a:bd:23:
18:c6:51:51:c8:90:40:16:bb:52:7d:55:0b:d1:9e:
de:e9:a4:9e:11:31:d4:a2:d5:04:bd:37:f4:3d:70:
27:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:7D:85:8B:0E:4E:4D:FC:E6:FD:BD:4B:AA:48:67:CB:44:E4:7D:9D
X509v3 Authority Key Identifier:
keyid:80:27:E0:EF:54:D0:0B:61:F7:13:6F:09:71:9B:FC:F4:C4:53:34:05
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/gCfg71TQC2H3E28JcZv89MRTNAU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gCfg71TQC2H3E28JcZv89MRTNAU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/60020E9436F511F0B22B5E24C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
114.129.33.0/24
114.129.36.0-114.129.41.255
114.129.45.0-114.129.47.255
123.100.235.0-123.100.245.255
123.100.248.0/21
202.157.128.0-202.157.175.255
202.160.120.0/22
203.83.250.0/24
203.142.16.0-203.142.25.255
203.142.27.0/24
203.169.6.0/23
IPv6:
2404:4800::/46
2404:4800:20::/48
Signature Algorithm: sha256WithRSAEncryption
12:9e:95:1c:b8:3b:d2:e8:e9:87:ac:b5:75:67:a0:f0:63:7b:
34:a9:de:40:f5:8f:1e:49:55:e5:de:b4:73:c4:07:0b:53:69:
7e:84:6c:08:63:f1:bf:a6:cc:20:dc:40:48:6b:f0:ec:f3:19:
de:c2:22:3f:1a:d4:75:53:d5:14:51:f5:4e:db:c4:00:dc:d5:
04:6e:fc:00:a9:54:20:08:b6:f7:15:b8:88:2d:9e:64:f6:f2:
bf:50:c9:4a:93:a7:04:fa:0e:3b:a2:92:62:9a:79:3b:23:ce:
00:de:14:a7:eb:7f:af:a8:e7:d9:09:4c:53:9d:71:54:f9:5e:
a0:39:bf:66:3d:13:c5:ae:6b:57:1f:23:cc:05:b1:37:09:c8:
68:a8:02:07:dd:40:25:a7:d7:10:6c:75:fb:d0:0e:4f:ca:1e:
72:18:eb:d4:b9:66:40:2c:d5:5e:0e:b9:cb:61:9b:e4:c4:e8:
3b:28:70:47:db:cb:04:0e:bb:01:67:8f:6e:69:6c:6b:4d:97:
d6:05:4f:95:44:e6:28:62:d3:d4:1b:e1:24:5d:73:16:cf:06:
d7:24:09:c8:ea:0f:aa:a3:63:af:a4:f7:c2:55:6e:41:97:b1:
76:8b:5a:ba:c4:98:3d:ef:cd:35:1a:50:24:e0:83:84:34:7f:
a9:0f:b6:52
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgICNLcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODJDRkMxMTAvBgNVBAUTKDgwMjdFMEVGNTREMDBCNjFGNzEzNkYwOTcxOUJGQ0Y0
QzQ1MzM0MDUwHhcNMjUwNTIyMTAxMzE1WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02ODJlZjhiYi02ZTZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3x+4lGzB6H2d+5ftvB4FUeptRQNXLAPFHu4mH0jSzvVaY6jS8jgeeIiweYJB
WI85iNUm43PV3mDhvrLq/FdXL0Lv2yZfnPHzPrSsZiNLQjoJpNCXss6bViMi2aiX
pFhE8s2JiTA48Ac2hBFvDgC/rtWS0idLZf1wLaXMZdCsQJwbmWOVTE3ddLWg2PPM
H5do7bLPpz5+OfI8W8AfKQaN/ywDfMFkJu9/JZrogqwsQseLMHsl1OeG/vEz4neC
/gqzLr5MbcQBtYs+df+qGlsOEqeyv7B7oFhWU7ojarBqvSMYxlFRyJBAFrtSfVUL
0Z7e6aSeETHUotUEvTf0PXAnXwIDAQABo4IDFjCCAxIwHQYDVR0OBBYEFC99hYsO
Tk385v29S6pIZ8tE5H2dMB8GA1UdIwQYMBaAFIAn4O9U0Ath9xNvCXGb/PTEUzQF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MkNGQy9CRjg0QjU3NDFE
ODYxMUUyQTc2MzQ0REUwOEIwMkNEMi9nQ2ZnNzFUUUMySDNFMjhKY1p2ODlNUlRO
QVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dDZmc3MVRRQzJIM0UyOEpjWnY4OU1SVE5BVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODJDRkMvQkY4NEI1NzQxRDg2MTFFMkE3NjM0NERFMDhCMDJDRDIvNjAwMjBFOTQz
NkY1MTFGMEIyMkI1RTI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZ8GCCsGAQUFBwEHAQH/
BIGPMIGMMHAEAgABMGoDBABygSEwDAMEAnKBJAMEAXKBKDAMAwQAcoEtAwQEcoEg
MAwDBAB7ZOsDBAF7ZPQDBAN7ZPgwDAMEB8qdgAMEBMqdoAMEAsqgeAMEAMtT+jAM
AwQEy44QAwQBy44YAwQAy44bAwQBy6kGMBgEAgACMBIDBwIkBEgAAAADBwAkBEgA
ACAwDQYJKoZIhvcNAQELBQADggEBABKelRy4O9Lo6YestXVnoPBjezSp3kD1jx5J
VeXetHPEBwtTaX6EbAhj8b+mzCDcQEhr8OzzGd7CIj8a1HVT1RRR9U7bxADc1QRu
/ACpVCAItvcVuIgtnmT28r9QyUqTpwT6DjuikmKaeTsjzgDeFKfrf6+o59kJTFOd
cVT5XqA5v2Y9E8Wua1cfI8wFsTcJyGioAgfdQCWn1xBsdfvQDk/KHnIY69S5ZkAs
1V4Oucthm+TE6DsocEfbywQOuwFnj25pbGtNl9YFT5VE5ihi09Qb4SRdcxbPBtck
CcjqD6qjY6+k98JVbkGXsXaLWrrEmD3vzTUaUCTgg4Q0f6kPtlI=
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:45:10 2025 by rpki-client