Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/C8DC6BD8EBF311EEAD0C015FC4F9AE02.roa
File: C8DC6BD8EBF311EEAD0C015FC4F9AE02.roa (raw, json)
Hash identifier: 3oeXEUMIEBjXRFoc1DLoAMciKLclx2Q5gkQ/3FvZFh4=
Subject key identifier: 62:01:6E:E5:39:BF:30:57:84:7E:A3:21:4D:12:98:30:2F:46:9B:D7
Certificate issuer: /CN=A919E1AE/serialNumber=53BDE26D825F677F9AC4286F9A67661F5C49B569
Certificate serial: 091C
Authority key identifier: 53:BD:E2:6D:82:5F:67:7F:9A:C4:28:6F:9A:67:66:1F:5C:49:B5:69
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U73ibYJfZ3-axChvmmdmH1xJtWk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/C8DC6BD8EBF311EEAD0C015FC4F9AE02.roa
Signing time: Wed 21 May 2025 03:07:40 +0000
ROA not before: Wed 21 May 2025 03:07:40 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 17924
IP address blocks: 45.64.240.0/22 maxlen: 24
49.130.0.0/15 maxlen: 15
49.130.0.0/17 maxlen: 18
49.130.128.0/24 maxlen: 24
49.130.129.0/24 maxlen: 24
49.130.130.0/24 maxlen: 24
49.130.131.0/24 maxlen: 24
49.130.132.0/23 maxlen: 24
49.130.134.0/23 maxlen: 24
49.130.136.0/21 maxlen: 21
49.130.144.0/20 maxlen: 20
49.130.160.0/19 maxlen: 19
49.130.192.0/18 maxlen: 18
49.131.0.0/17 maxlen: 18
49.131.128.0/17 maxlen: 17
103.1.16.0/22 maxlen: 22
121.202.0.0/15 maxlen: 15
121.202.0.0/18 maxlen: 18
121.202.64.0/19 maxlen: 19
121.202.96.0/20 maxlen: 20
121.202.124.0/24 maxlen: 24
121.202.126.0/24 maxlen: 24
121.202.127.0/24 maxlen: 24
121.202.128.0/17 maxlen: 17
121.202.131.0/24 maxlen: 24
121.202.132.0/24 maxlen: 24
121.202.137.0/24 maxlen: 24
121.202.142.0/24 maxlen: 24
121.202.150.0/24 maxlen: 24
121.202.160.0/19 maxlen: 19
121.202.206.0/24 maxlen: 24
121.202.232.0/22 maxlen: 22
121.202.236.0/22 maxlen: 22
121.202.251.0/24 maxlen: 24
121.202.252.0/24 maxlen: 24
121.202.253.0/24 maxlen: 24
121.202.254.0/24 maxlen: 24
121.203.0.0/20 maxlen: 20
121.203.16.0/20 maxlen: 20
121.203.32.0/20 maxlen: 20
121.203.48.0/20 maxlen: 20
121.203.64.0/18 maxlen: 18
121.203.64.0/21 maxlen: 21
121.203.72.0/21 maxlen: 21
121.203.80.0/21 maxlen: 21
121.203.88.0/21 maxlen: 21
121.203.96.0/21 maxlen: 21
121.203.104.0/21 maxlen: 21
121.203.112.0/21 maxlen: 21
121.203.120.0/21 maxlen: 21
121.203.128.0/18 maxlen: 18
121.203.192.0/19 maxlen: 19
121.203.224.0/20 maxlen: 20
121.203.240.0/21 maxlen: 21
121.203.244.0/24 maxlen: 24
121.203.245.0/24 maxlen: 24
121.203.246.0/24 maxlen: 24
121.203.247.0/24 maxlen: 24
121.203.248.0/21 maxlen: 21
180.219.0.0/16 maxlen: 16
180.219.0.0/20 maxlen: 24
180.219.16.0/20 maxlen: 24
180.219.32.0/20 maxlen: 24
180.219.48.0/20 maxlen: 24
180.219.64.0/20 maxlen: 24
180.219.80.0/20 maxlen: 24
180.219.96.0/20 maxlen: 24
180.219.112.0/20 maxlen: 24
180.219.128.0/20 maxlen: 24
180.219.144.0/20 maxlen: 24
180.219.160.0/20 maxlen: 24
180.219.176.0/20 maxlen: 24
180.219.192.0/19 maxlen: 19
180.219.192.0/20 maxlen: 24
180.219.208.0/21 maxlen: 24
180.219.216.0/21 maxlen: 24
180.219.224.0/19 maxlen: 19
180.219.224.0/21 maxlen: 24
180.219.232.0/21 maxlen: 24
180.219.240.0/21 maxlen: 24
180.219.248.0/21 maxlen: 24
182.152.0.0/15 maxlen: 15
182.152.0.0/17 maxlen: 17
182.152.128.0/17 maxlen: 17
182.152.128.0/21 maxlen: 21
182.152.136.0/21 maxlen: 21
182.152.144.0/21 maxlen: 21
182.152.152.0/21 maxlen: 21
182.152.160.0/21 maxlen: 21
182.152.168.0/21 maxlen: 21
182.152.176.0/21 maxlen: 21
182.152.184.0/21 maxlen: 21
182.152.192.0/21 maxlen: 21
182.152.200.0/21 maxlen: 21
182.152.208.0/21 maxlen: 21
182.152.216.0/21 maxlen: 21
182.152.224.0/21 maxlen: 21
182.152.232.0/21 maxlen: 21
182.152.240.0/21 maxlen: 21
182.152.248.0/21 maxlen: 21
182.153.0.0/18 maxlen: 19
182.153.64.0/19 maxlen: 19
182.153.128.0/19 maxlen: 19
182.153.160.0/19 maxlen: 19
182.153.192.0/19 maxlen: 19
182.153.224.0/19 maxlen: 19
182.153.248.0/21 maxlen: 21
203.78.32.0/21 maxlen: 21
203.78.32.0/24 maxlen: 24
203.78.36.0/24 maxlen: 24
203.78.37.0/24 maxlen: 24
203.78.40.0/22 maxlen: 22
203.78.40.0/24 maxlen: 24
203.78.41.0/24 maxlen: 24
203.78.42.0/24 maxlen: 24
2407:b400::/32 maxlen: 32
2407:b400:31:11::/64 maxlen: 64
2407:b400:51:3::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/U73ibYJfZ3-axChvmmdmH1xJtWk.crl
rsync://rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/U73ibYJfZ3-axChvmmdmH1xJtWk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U73ibYJfZ3-axChvmmdmH1xJtWk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 07 Jun 2025 20:32:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2332 (0x91c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919E1AE, serialNumber=53BDE26D825F677F9AC4286F9A67661F5C49B569
Validity
Not Before: May 21 03:07:40 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=682d437c-c400
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:3d:d1:6a:ed:13:b4:90:71:e1:e8:82:50:60:
d1:5f:e2:2f:67:e2:eb:6c:2e:bd:fb:cd:7d:27:be:
dd:d5:92:09:c1:ba:e1:3c:14:95:93:9c:56:f7:69:
69:ec:de:34:ed:f1:62:10:e1:39:43:cf:c2:f7:68:
91:89:a4:35:01:72:34:85:b4:15:40:01:bc:8f:92:
fc:fb:bd:66:6b:a6:74:2d:1c:84:04:8b:15:34:ce:
52:48:c9:9a:92:dd:4c:5c:62:bb:2b:45:bd:40:f4:
eb:81:31:89:98:09:30:d7:44:b2:55:65:ef:32:4f:
19:78:be:04:21:22:98:ba:16:40:87:32:da:1a:c5:
f5:e9:f4:1e:f5:10:41:04:96:ad:0e:a7:b3:1d:7b:
a1:73:98:1e:8f:fb:4a:4d:21:09:ca:50:8d:2e:cc:
1e:5e:17:be:1a:d4:fb:78:8d:60:98:90:ca:f0:fb:
83:79:b4:17:ae:00:78:03:b2:54:e3:39:97:6b:57:
cd:ab:fc:34:72:a4:9e:fb:d5:d8:c6:33:df:6d:d1:
78:73:5e:5a:24:ba:b3:66:de:ac:15:fa:c8:78:84:
ec:02:ef:f9:ea:11:29:a4:44:ff:4f:95:79:f3:16:
42:51:34:bd:e4:67:23:0b:ac:50:ea:28:51:fb:dd:
f9:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:01:6E:E5:39:BF:30:57:84:7E:A3:21:4D:12:98:30:2F:46:9B:D7
X509v3 Authority Key Identifier:
keyid:53:BD:E2:6D:82:5F:67:7F:9A:C4:28:6F:9A:67:66:1F:5C:49:B5:69
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/U73ibYJfZ3-axChvmmdmH1xJtWk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U73ibYJfZ3-axChvmmdmH1xJtWk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/C8DC6BD8EBF311EEAD0C015FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.64.240.0/22
49.130.0.0/15
103.1.16.0/22
121.202.0.0/15
180.219.0.0/16
182.152.0.0/15
203.78.32.0-203.78.43.255
IPv6:
2407:b400::/32
Signature Algorithm: sha256WithRSAEncryption
83:cd:1b:8f:7c:cc:0c:94:43:e3:b3:5e:df:cb:f7:01:f5:a1:
fc:1f:bc:3b:6f:50:66:39:fe:ef:38:b6:99:08:02:d6:3a:ea:
b9:44:b9:a1:7a:ad:35:4f:c0:d3:cd:14:34:35:02:95:81:6a:
c5:cd:fd:a0:fb:3e:c4:8f:0c:16:d2:48:80:79:2c:f8:3d:7b:
83:67:00:f2:a7:90:d8:b7:78:a7:6c:df:21:f4:51:4f:b5:52:
27:e6:8f:c5:5e:2b:73:6d:e8:1c:30:59:7d:06:bc:32:8c:2f:
bd:b3:24:3b:87:a9:b0:f5:d4:33:07:86:f7:9b:92:ba:5a:72:
1b:71:29:43:d7:56:ae:e8:56:7f:93:b6:7e:34:42:19:41:b2:
3b:f3:4c:79:1e:9c:21:d7:7f:29:25:33:5e:f3:48:b5:e7:64:
17:e4:2c:5e:53:0a:b0:45:27:8d:22:85:0f:57:40:ad:46:84:
bd:98:be:7a:0b:f3:b4:f5:9a:c9:81:17:2e:0c:cf:6a:0d:af:
60:e0:52:c3:ab:0d:93:f8:0c:1e:d3:bf:22:be:84:c6:7c:c9:
a0:60:cf:b0:85:11:dc:dd:ff:3e:7c:d2:6b:23:3d:09:a8:30:
04:3e:ef:13:ad:f0:01:05:0b:32:bd:1c:43:2e:7d:f4:ee:ea:
bc:9d:05:18
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgICCRwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUUxQUUxMTAvBgNVBAUTKDUzQkRFMjZEODI1RjY3N0Y5QUM0Mjg2RjlBNjc2NjFG
NUM0OUI1NjkwHhcNMjUwNTIxMDMwNzQwWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODJkNDM3Yy1jNDAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1j3Rau0TtJBx4eiCUGDRX+IvZ+LrbC69+819J77d1ZIJwbrhPBSVk5xW92lp
7N407fFiEOE5Q8/C92iRiaQ1AXI0hbQVQAG8j5L8+71ma6Z0LRyEBIsVNM5SSMma
kt1MXGK7K0W9QPTrgTGJmAkw10SyVWXvMk8ZeL4EISKYuhZAhzLaGsX16fQe9RBB
BJatDqezHXuhc5gej/tKTSEJylCNLsweXhe+GtT7eI1gmJDK8PuDebQXrgB4A7JU
4zmXa1fNq/w0cqSe+9XYxjPfbdF4c15aJLqzZt6sFfrIeITsAu/56hEppET/T5V5
8xZCUTS95GcjC6xQ6ihR+935KwIDAQABo4ICzDCCAsgwHQYDVR0OBBYEFGIBbuU5
vzBXhH6jIU0SmDAvRpvXMB8GA1UdIwQYMBaAFFO94m2CX2d/msQob5pnZh9cSbVp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RTFBRS9CNDBCQjFCOEIx
MkUxMUVBOUE5NUI1NkFDNEY5QUUwMi9VNzNpYllKZlozLWF4Q2h2bW1kbUgxeEp0
V2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1U3M2liWUpmWjMtYXhDaHZtbWRtSDF4SnRXay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUUxQUUvQjQwQkIxQjhCMTJFMTFFQTlBOTVCNTZBQzRGOUFFMDIvQzhEQzZCRDhF
QkYzMTFFRUFEMEMwMTVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVgYIKwYBBQUHAQcBAf8E
RzBFMDQEAgABMC4DBAItQPADAwExggMEAmcBEAMDAXnKAwMAtNsDAwG2mDAMAwQF
y04gAwQCy04oMA0EAgACMAcDBQAkB7QAMA0GCSqGSIb3DQEBCwUAA4IBAQCDzRuP
fMwMlEPjs17fy/cB9aH8H7w7b1BmOf7vOLaZCALWOuq5RLmheq01T8DTzRQ0NQKV
gWrFzf2g+z7EjwwW0kiAeSz4PXuDZwDyp5DYt3inbN8h9FFPtVIn5o/FXitzbegc
MFl9BrwyjC+9syQ7h6mw9dQzB4b3m5K6WnIbcSlD11au6FZ/k7Z+NEIZQbI780x5
Hpwh138pJTNe80i152QX5CxeUwqwRSeNIoUPV0CtRoS9mL56C/O09ZrJgRcuDM9q
Da9g4FLDqw2T+Awe078ivoTGfMmgYM+whRHc3f8+fNJrIz0JqDAEPu8TrfABBQsy
vRxDLn307uq8nQUY
-----END CERTIFICATE-----
Generated at Mon Jun 2 07:19:26 2025 by rpki-client