Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/C8DC6BD8EBF311EEAD0C015FC4F9AE02.roa
File: C8DC6BD8EBF311EEAD0C015FC4F9AE02.roa (raw, json)
Hash identifier: Vfwia7raXc8HM+W4sTD1l1zEst/3lc27hYLfy1Dcr+g=
Subject key identifier: D8:BB:D6:F1:3F:EC:17:30:06:FE:9B:41:C9:E9:2D:38:F7:45:FC:DD
Certificate issuer: /CN=A919E1AE/serialNumber=53BDE26D825F677F9AC4286F9A67661F5C49B569
Certificate serial: 095C
Authority key identifier: 53:BD:E2:6D:82:5F:67:7F:9A:C4:28:6F:9A:67:66:1F:5C:49:B5:69
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U73ibYJfZ3-axChvmmdmH1xJtWk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/C8DC6BD8EBF311EEAD0C015FC4F9AE02.roa
Signing time: Mon 08 Sep 2025 20:31:14 +0000
ROA not before: Mon 08 Sep 2025 20:31:14 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 17924
IP address blocks: 45.64.240.0/22 maxlen: 24
49.130.0.0/15 maxlen: 15
49.130.0.0/17 maxlen: 18
49.130.128.0/24 maxlen: 24
49.130.129.0/24 maxlen: 24
49.130.130.0/24 maxlen: 24
49.130.131.0/24 maxlen: 24
49.130.132.0/23 maxlen: 24
49.130.134.0/23 maxlen: 24
49.130.136.0/21 maxlen: 21
49.130.144.0/20 maxlen: 20
49.130.160.0/19 maxlen: 19
49.130.192.0/18 maxlen: 18
49.131.0.0/17 maxlen: 18
49.131.128.0/17 maxlen: 17
103.1.16.0/22 maxlen: 22
121.202.0.0/15 maxlen: 15
121.202.0.0/18 maxlen: 18
121.202.64.0/19 maxlen: 19
121.202.96.0/20 maxlen: 20
121.202.124.0/24 maxlen: 24
121.202.126.0/24 maxlen: 24
121.202.127.0/24 maxlen: 24
121.202.128.0/17 maxlen: 17
121.202.131.0/24 maxlen: 24
121.202.132.0/24 maxlen: 24
121.202.137.0/24 maxlen: 24
121.202.142.0/24 maxlen: 24
121.202.150.0/24 maxlen: 24
121.202.160.0/19 maxlen: 19
121.202.206.0/24 maxlen: 24
121.202.232.0/22 maxlen: 22
121.202.236.0/22 maxlen: 22
121.202.251.0/24 maxlen: 24
121.202.252.0/24 maxlen: 24
121.202.253.0/24 maxlen: 24
121.202.254.0/24 maxlen: 24
121.203.0.0/20 maxlen: 20
121.203.16.0/20 maxlen: 20
121.203.32.0/20 maxlen: 20
121.203.48.0/20 maxlen: 20
121.203.64.0/18 maxlen: 18
121.203.64.0/21 maxlen: 21
121.203.72.0/21 maxlen: 21
121.203.80.0/21 maxlen: 21
121.203.88.0/21 maxlen: 21
121.203.96.0/21 maxlen: 21
121.203.104.0/21 maxlen: 21
121.203.112.0/21 maxlen: 21
121.203.120.0/21 maxlen: 21
121.203.128.0/18 maxlen: 18
121.203.192.0/19 maxlen: 19
121.203.224.0/20 maxlen: 20
121.203.240.0/21 maxlen: 21
121.203.244.0/24 maxlen: 24
121.203.245.0/24 maxlen: 24
121.203.246.0/24 maxlen: 24
121.203.247.0/24 maxlen: 24
121.203.248.0/21 maxlen: 21
180.219.0.0/16 maxlen: 16
180.219.0.0/20 maxlen: 24
180.219.16.0/20 maxlen: 24
180.219.32.0/20 maxlen: 24
180.219.48.0/20 maxlen: 24
180.219.64.0/20 maxlen: 24
180.219.80.0/20 maxlen: 24
180.219.96.0/20 maxlen: 24
180.219.112.0/20 maxlen: 24
180.219.128.0/20 maxlen: 24
180.219.144.0/20 maxlen: 24
180.219.160.0/20 maxlen: 24
180.219.176.0/20 maxlen: 24
180.219.192.0/19 maxlen: 19
180.219.192.0/20 maxlen: 24
180.219.208.0/21 maxlen: 24
180.219.216.0/21 maxlen: 24
180.219.224.0/19 maxlen: 19
180.219.224.0/21 maxlen: 24
180.219.232.0/21 maxlen: 24
180.219.240.0/21 maxlen: 24
180.219.248.0/21 maxlen: 24
182.152.0.0/15 maxlen: 15
182.152.0.0/17 maxlen: 17
182.152.128.0/17 maxlen: 17
182.152.128.0/21 maxlen: 21
182.152.136.0/21 maxlen: 21
182.152.144.0/21 maxlen: 21
182.152.152.0/21 maxlen: 21
182.152.160.0/21 maxlen: 21
182.152.168.0/21 maxlen: 21
182.152.176.0/21 maxlen: 21
182.152.184.0/21 maxlen: 21
182.152.192.0/21 maxlen: 21
182.152.200.0/21 maxlen: 21
182.152.208.0/21 maxlen: 21
182.152.216.0/21 maxlen: 21
182.152.224.0/21 maxlen: 21
182.152.232.0/21 maxlen: 21
182.152.240.0/21 maxlen: 21
182.152.248.0/21 maxlen: 21
182.153.0.0/18 maxlen: 19
182.153.64.0/19 maxlen: 19
182.153.128.0/19 maxlen: 19
182.153.160.0/19 maxlen: 19
182.153.192.0/19 maxlen: 19
182.153.224.0/19 maxlen: 19
182.153.248.0/21 maxlen: 21
203.78.32.0/21 maxlen: 21
203.78.32.0/24 maxlen: 24
203.78.36.0/24 maxlen: 24
203.78.37.0/24 maxlen: 24
203.78.40.0/22 maxlen: 22
203.78.40.0/24 maxlen: 24
203.78.41.0/24 maxlen: 24
203.78.42.0/24 maxlen: 24
2407:b400::/32 maxlen: 32
2407:b400:31:11::/64 maxlen: 64
2407:b400:51:3::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/U73ibYJfZ3-axChvmmdmH1xJtWk.crl
rsync://rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/U73ibYJfZ3-axChvmmdmH1xJtWk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U73ibYJfZ3-axChvmmdmH1xJtWk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 25 Sep 2025 20:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2396 (0x95c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919E1AE, serialNumber=53BDE26D825F677F9AC4286F9A67661F5C49B569
Validity
Not Before: Sep 8 20:31:14 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=68bf3d11-b742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:2e:87:d8:da:7e:69:2c:8d:19:00:16:4d:d8:
d9:6e:78:1c:53:8c:32:72:da:bf:bb:03:84:87:a2:
d7:59:89:ed:cc:3d:c7:a3:4a:57:71:9d:49:22:08:
84:3c:1c:a0:40:b6:f4:3f:26:69:2f:76:54:5f:98:
98:72:32:34:2c:07:b2:73:03:35:e5:fe:94:42:00:
d0:31:ea:39:fc:d1:c0:75:6a:ae:4a:88:3a:d5:a9:
eb:8a:c0:ec:19:38:54:dc:38:8d:9f:0c:53:76:bf:
fd:08:c6:a4:8f:a1:06:46:8d:6e:49:88:d3:43:22:
01:a2:5a:18:a4:a9:14:bd:0c:e7:db:ce:4a:5d:ca:
13:f7:dc:6c:4e:cb:cd:21:5b:5b:89:b7:bd:7f:b3:
24:f0:b9:43:4c:25:25:ba:24:63:9e:0e:f9:91:21:
7c:30:d7:f0:bb:ac:0e:97:7c:b3:11:83:d1:38:b6:
6b:4a:c1:6a:d5:55:e6:ab:5f:4e:00:cc:41:ea:01:
1b:f7:1d:0a:31:17:25:19:71:f5:50:1f:6f:d2:e7:
d2:4e:cc:e3:79:0c:af:ad:2d:19:af:22:a5:4f:fa:
0e:6e:8e:f0:09:b8:91:fc:3e:e4:83:18:ba:52:00:
11:4b:f8:0f:9e:ae:0a:14:12:2b:a7:6b:eb:69:40:
a4:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:BB:D6:F1:3F:EC:17:30:06:FE:9B:41:C9:E9:2D:38:F7:45:FC:DD
X509v3 Authority Key Identifier:
keyid:53:BD:E2:6D:82:5F:67:7F:9A:C4:28:6F:9A:67:66:1F:5C:49:B5:69
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/U73ibYJfZ3-axChvmmdmH1xJtWk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U73ibYJfZ3-axChvmmdmH1xJtWk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/C8DC6BD8EBF311EEAD0C015FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.64.240.0/22
49.130.0.0/15
103.1.16.0/22
121.202.0.0/15
180.219.0.0/16
182.152.0.0/15
203.78.32.0-203.78.43.255
IPv6:
2407:b400::/32
Signature Algorithm: sha256WithRSAEncryption
64:a7:97:7d:bd:7f:91:37:9c:38:91:9b:18:3f:7e:b9:00:fb:
54:49:4e:ba:2c:ef:8f:a5:ac:56:fa:7c:79:d3:1d:6b:e5:3f:
5d:e2:58:7e:1a:2f:8c:f4:12:93:a1:8e:c4:44:41:73:57:3c:
18:8c:91:ac:d9:1e:72:f4:b4:c2:f3:52:56:03:64:78:76:b2:
52:2f:2a:ea:75:84:f9:f2:f4:3f:9d:78:b7:2a:15:12:8c:77:
c4:ce:b1:34:9b:6a:27:af:67:fb:31:a7:71:43:f8:ee:61:90:
be:8d:88:2d:ad:c8:4a:5a:9b:6e:47:9c:38:e8:1a:ec:bc:81:
03:e3:6f:80:56:0f:82:3a:fb:ea:d3:26:75:30:5a:13:55:3f:
22:d5:b5:1f:f9:19:be:f2:7f:09:c3:f4:28:b0:6c:08:cb:8e:
70:15:fe:9c:ad:88:7d:72:e2:df:29:0a:41:10:a6:e4:64:f2:
82:e8:30:ed:55:fb:1b:f8:95:58:b4:96:79:b0:73:aa:df:85:
bf:ab:f7:b4:f7:d7:ea:dd:61:9b:5f:01:1f:ff:1e:19:e9:11:
8d:94:33:b4:35:1b:7d:9b:1f:d1:6b:ca:5a:4f:bb:63:fe:d9:
a4:22:c1:23:0c:5d:54:68:91:96:9a:af:14:f9:42:b6:fc:43:
8d:bd:43:4f
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgICCVwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUUxQUUxMTAvBgNVBAUTKDUzQkRFMjZEODI1RjY3N0Y5QUM0Mjg2RjlBNjc2NjFG
NUM0OUI1NjkwHhcNMjUwOTA4MjAzMTE0WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGJmM2QxMS1iNzQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArS6H2Np+aSyNGQAWTdjZbngcU4wyctq/uwOEh6LXWYntzD3Ho0pXcZ1JIgiE
PBygQLb0PyZpL3ZUX5iYcjI0LAeycwM15f6UQgDQMeo5/NHAdWquSog61anrisDs
GThU3DiNnwxTdr/9CMakj6EGRo1uSYjTQyIBoloYpKkUvQzn285KXcoT99xsTsvN
IVtbibe9f7Mk8LlDTCUluiRjng75kSF8MNfwu6wOl3yzEYPROLZrSsFq1VXmq19O
AMxB6gEb9x0KMRclGXH1UB9v0ufSTszjeQyvrS0ZryKlT/oObo7wCbiR/D7kgxi6
UgARS/gPnq4KFBIrp2vraUCk0wIDAQABo4ICzDCCAsgwHQYDVR0OBBYEFNi71vE/
7BcwBv6bQcnpLTj3RfzdMB8GA1UdIwQYMBaAFFO94m2CX2d/msQob5pnZh9cSbVp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RTFBRS9CNDBCQjFCOEIx
MkUxMUVBOUE5NUI1NkFDNEY5QUUwMi9VNzNpYllKZlozLWF4Q2h2bW1kbUgxeEp0
V2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1U3M2liWUpmWjMtYXhDaHZtbWRtSDF4SnRXay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUUxQUUvQjQwQkIxQjhCMTJFMTFFQTlBOTVCNTZBQzRGOUFFMDIvQzhEQzZCRDhF
QkYzMTFFRUFEMEMwMTVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVgYIKwYBBQUHAQcBAf8E
RzBFMDQEAgABMC4DBAItQPADAwExggMEAmcBEAMDAXnKAwMAtNsDAwG2mDAMAwQF
y04gAwQCy04oMA0EAgACMAcDBQAkB7QAMA0GCSqGSIb3DQEBCwUAA4IBAQBkp5d9
vX+RN5w4kZsYP365APtUSU66LO+PpaxW+nx50x1r5T9d4lh+Gi+M9BKToY7EREFz
VzwYjJGs2R5y9LTC81JWA2R4drJSLyrqdYT58vQ/nXi3KhUSjHfEzrE0m2onr2f7
MadxQ/juYZC+jYgtrchKWptuR5w46BrsvIED42+AVg+COvvq0yZ1MFoTVT8i1bUf
+Rm+8n8Jw/QosGwIy45wFf6crYh9cuLfKQpBEKbkZPKC6DDtVfsb+JVYtJZ5sHOq
34W/q/e099fq3WGbXwEf/x4Z6RGNlDO0NRt9mx/Ra8paT7tj/tmkIsEjDF1UaJGW
mq8U+UK2/EONvUNP
-----END CERTIFICATE-----
Generated at Fri Sep 19 07:51:31 2025 by rpki-client