Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8F6D3D583AEA11EC84E6634EC4F9AE02.roa
File: 8F6D3D583AEA11EC84E6634EC4F9AE02.roa (raw, json)
Hash identifier: hKWe/eIi1S/b0sftmS4vbxX+CeHNz0WaxfQQONNUalk=
Subject key identifier: 13:B3:AD:40:5A:02:21:F3:6D:DA:09:BA:1F:D0:40:E5:A0:C5:70:CF
Certificate issuer: /CN=A91B885C/serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF
Certificate serial: 0D37
Authority key identifier: 53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8F6D3D583AEA11EC84E6634EC4F9AE02.roa
Signing time: Fri 16 May 2025 15:40:14 +0000
ROA not before: Fri 16 May 2025 15:40:14 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 63916
IP address blocks: 27.122.56.0/24 maxlen: 24
27.122.57.0/24 maxlen: 24
27.122.58.0/24 maxlen: 24
27.122.59.0/24 maxlen: 24
43.239.156.0/22 maxlen: 22
43.239.156.0/23 maxlen: 23
43.239.156.0/24 maxlen: 24
43.239.157.0/24 maxlen: 24
43.239.158.0/23 maxlen: 23
43.239.158.0/24 maxlen: 24
43.239.159.0/24 maxlen: 24
43.245.196.0/23 maxlen: 23
43.245.196.0/24 maxlen: 24
43.245.197.0/24 maxlen: 24
43.245.198.0/24 maxlen: 24
43.245.199.0/24 maxlen: 24
43.251.157.0/24 maxlen: 24
43.251.158.0/24 maxlen: 24
43.251.159.0/24 maxlen: 24
103.1.152.0/24 maxlen: 24
103.1.153.0/24 maxlen: 24
103.1.154.0/24 maxlen: 24
103.1.155.0/24 maxlen: 24
103.10.196.0/24 maxlen: 24
103.10.198.0/24 maxlen: 24
103.35.72.0/22 maxlen: 22
103.35.72.0/24 maxlen: 24
103.35.73.0/24 maxlen: 24
103.35.74.0/24 maxlen: 24
103.35.75.0/24 maxlen: 24
103.68.223.0/24 maxlen: 24
103.71.254.0/24 maxlen: 24
103.72.4.0/23 maxlen: 24
182.161.32.0/22 maxlen: 22
182.161.32.0/24 maxlen: 24
182.161.33.0/24 maxlen: 24
182.161.34.0/24 maxlen: 24
182.161.35.0/24 maxlen: 24
202.144.192.0/22 maxlen: 22
202.144.192.0/24 maxlen: 24
202.144.193.0/24 maxlen: 24
202.144.194.0/24 maxlen: 24
202.144.195.0/24 maxlen: 24
2402:c480::/32 maxlen: 32
2402:c480:3000::/48 maxlen: 48
2402:c480:3001::/48 maxlen: 48
2402:c480:3002::/48 maxlen: 48
2402:c480:3003::/48 maxlen: 48
2402:c480:3004::/48 maxlen: 48
2402:c480:5000::/48 maxlen: 48
2402:c480:6000::/48 maxlen: 48
2402:c480:6001::/48 maxlen: 48
2402:c480:6002::/48 maxlen: 48
2402:c480:7000::/48 maxlen: 48
2402:c480:7001::/48 maxlen: 48
2402:c480:8000::/48 maxlen: 48
2402:c480:8001::/48 maxlen: 48
2402:c480:8003::/48 maxlen: 48
2402:c480:9000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl
rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 17 Jun 2025 18:05:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3383 (0xd37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B885C, serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF
Validity
Not Before: May 16 15:40:14 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=68275c5e-5e0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6d:31:6a:56:93:1e:e2:07:bc:aa:e9:79:c3:
c2:f2:70:6f:e1:c8:da:7c:2a:fa:dc:89:1b:a4:38:
5b:37:db:72:a6:fd:6f:90:09:b5:0b:71:47:97:b6:
40:68:87:83:45:a7:34:0a:64:21:f6:0f:e9:69:16:
f8:00:4e:3b:2e:17:f5:e6:65:a6:10:94:18:83:0b:
a1:2b:67:cf:bd:fc:dd:44:26:e9:b5:8c:49:69:fd:
82:83:64:6a:f4:cf:6a:a0:21:22:ca:75:10:e7:6f:
9e:23:e6:33:9f:25:ee:da:96:08:27:d5:0c:c3:12:
00:56:cf:1d:cd:fc:91:f8:13:8b:d7:12:f7:ec:69:
a8:12:66:6e:33:d5:a7:3b:de:e3:55:6c:5b:62:c3:
cf:41:52:77:95:c9:34:f1:cc:53:b1:44:86:29:1b:
9b:f9:0b:a5:0d:e2:c5:47:77:84:c6:67:3c:84:00:
9e:53:cc:ae:a3:58:e0:a3:9d:d0:35:e7:84:0e:7c:
72:43:03:77:e3:f4:4a:8d:50:21:66:eb:5d:ab:97:
06:f1:fe:78:f4:ea:6d:88:17:e4:ac:77:98:e5:c8:
80:e7:08:1b:79:b5:79:7f:75:1f:bc:11:cb:37:2a:
a8:63:a6:07:a4:65:13:60:bc:24:e4:22:7e:b8:04:
23:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:B3:AD:40:5A:02:21:F3:6D:DA:09:BA:1F:D0:40:E5:A0:C5:70:CF
X509v3 Authority Key Identifier:
keyid:53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8F6D3D583AEA11EC84E6634EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.122.56.0/22
43.239.156.0/22
43.245.196.0/22
43.251.157.0-43.251.159.255
103.1.152.0/22
103.10.196.0/24
103.10.198.0/24
103.35.72.0/22
103.68.223.0/24
103.71.254.0/24
103.72.4.0/23
182.161.32.0/22
202.144.192.0/22
IPv6:
2402:c480::/32
Signature Algorithm: sha256WithRSAEncryption
a4:8f:85:62:75:e9:fc:f8:b2:1e:73:c0:40:6d:f3:40:aa:78:
e5:31:4e:36:6b:5f:58:97:89:21:87:38:b0:c6:82:9f:9c:90:
59:94:85:b9:09:62:76:e2:ac:27:16:18:f5:67:02:73:dd:38:
b3:cf:3a:a1:9d:b1:17:42:31:00:4d:ed:5c:05:cb:c3:1a:97:
81:47:4b:73:8c:13:e1:f6:a9:c9:66:79:09:ab:27:e0:44:85:
f8:b3:c9:7c:16:ce:87:fe:70:83:2e:fc:a1:18:ed:24:7d:ba:
eb:df:6a:e4:b2:01:d0:3e:fe:8a:2e:2e:d2:bc:dc:0e:cb:be:
cd:9a:80:bf:54:7c:e3:85:ef:cb:95:21:74:60:1a:cf:f2:ca:
f9:4e:cd:96:4a:d6:1f:0f:30:ab:3f:7e:23:c8:6b:b0:a6:cb:
2e:2f:be:58:e6:21:40:a1:98:c8:2e:37:ff:d0:d3:83:98:41:
e5:80:58:ad:56:90:28:a1:6d:ea:8e:3c:f6:2e:f6:8f:42:ea:
69:06:c5:43:1a:bf:28:5b:1f:48:dd:4e:61:65:ec:92:93:f5:
43:29:29:f0:15:8c:9f:15:ce:36:4f:74:85:e6:14:00:49:09:
ca:10:b1:d7:d5:bc:18:a7:f3:22:be:44:9b:2c:e2:c0:66:5b:
9c:8c:54:59
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgICDTcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjg4NUMxMTAvBgNVBAUTKDUzNzRDNkU3NUYxODYwNTI0NTVBMkQ4REE1MjkyRkVG
MDA5Q0M5QUYwHhcNMjUwNTE2MTU0MDE0WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODI3NWM1ZS01ZTBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvW0xalaTHuIHvKrpecPC8nBv4cjafCr63IkbpDhbN9typv1vkAm1C3FHl7ZA
aIeDRac0CmQh9g/paRb4AE47Lhf15mWmEJQYgwuhK2fPvfzdRCbptYxJaf2Cg2Rq
9M9qoCEiynUQ52+eI+YznyXu2pYIJ9UMwxIAVs8dzfyR+BOL1xL37GmoEmZuM9Wn
O97jVWxbYsPPQVJ3lck08cxTsUSGKRub+QulDeLFR3eExmc8hACeU8yuo1jgo53Q
NeeEDnxyQwN34/RKjVAhZutdq5cG8f549OptiBfkrHeY5ciA5wgbebV5f3UfvBHL
NyqoY6YHpGUTYLwk5CJ+uAQjSwIDAQABo4IC9DCCAvAwHQYDVR0OBBYEFBOzrUBa
AiHzbdoJuh/QQOWgxXDPMB8GA1UdIwQYMBaAFFN0xudfGGBSRVotjaUpL+8AnMmv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODg1Qy81QzE5Rjg0MkYy
NjcxMUU5ODdDNzEzMUZDNEY5QUUwMi9VM1RHNTE4WVlGSkZXaTJOcFNrdjd3Q2N5
YTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1UzVEc1MThZWUZKRldpMk5wU2t2N3dDY3lhOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjg4NUMvNUMxOUY4NDJGMjY3MTFFOTg3QzcxMzFGQzRGOUFFMDIvOEY2RDNENTgz
QUVBMTFFQzg0RTY2MzRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfgYIKwYBBQUHAQcBAf8E
bzBtMFwEAgABMFYDBAIbejgDBAIr75wDBAIr9cQwDAMEACv7nQMEBSv7gAMEAmcB
mAMEAGcKxAMEAGcKxgMEAmcjSAMEAGdE3wMEAGdH/gMEAWdIBAMEArahIAMEAsqQ
wDANBAIAAjAHAwUAJALEgDANBgkqhkiG9w0BAQsFAAOCAQEApI+FYnXp/PiyHnPA
QG3zQKp45TFONmtfWJeJIYc4sMaCn5yQWZSFuQliduKsJxYY9WcCc904s886oZ2x
F0IxAE3tXAXLwxqXgUdLc4wT4fapyWZ5Casn4ESF+LPJfBbOh/5wgy78oRjtJH26
699q5LIB0D7+ii4u0rzcDsu+zZqAv1R844Xvy5UhdGAaz/LK+U7NlkrWHw8wqz9+
I8hrsKbLLi++WOYhQKGYyC43/9DTg5hB5YBYrVaQKKFt6o489i72j0LqaQbFQxq/
KFsfSN1OYWXskpP1Qykp8BWMnxXONk90heYUAEkJyhCx19W8GKfzIr5EmyziwGZb
nIxUWQ==
-----END CERTIFICATE-----
Generated at Wed Jun 11 14:00:47 2025 by rpki-client