Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/65519ACC506C11EC99354984C4F9AE02.roa
File: 65519ACC506C11EC99354984C4F9AE02.roa (raw, json)
Hash identifier: FSKLxu00ctg24+HmZkC2VPQWpobiDfHHaUN+7Y4NQZA=
Subject key identifier: EB:3D:81:E3:98:05:46:ED:17:E0:2B:14:EA:BD:09:0C:25:06:FC:9D
Certificate issuer: /CN=A91D298D/serialNumber=FEF2C1C4EA0964477514C1AA946E6C41778D06BF
Certificate serial: 085C
Authority key identifier: FE:F2:C1:C4:EA:09:64:47:75:14:C1:AA:94:6E:6C:41:77:8D:06:BF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_vLBxOoJZEd1FMGqlG5sQXeNBr8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/65519ACC506C11EC99354984C4F9AE02.roa
Signing time: Fri 16 May 2025 17:22:44 +0000
ROA not before: Fri 16 May 2025 17:22:44 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 59257
IP address blocks: 43.243.132.0/22 maxlen: 24
45.116.232.0/22 maxlen: 24
103.255.4.0/22 maxlen: 22
103.255.4.0/23 maxlen: 24
103.255.6.0/23 maxlen: 24
111.119.168.0/21 maxlen: 24
111.119.176.0/20 maxlen: 20
111.119.176.0/21 maxlen: 21
111.119.176.0/22 maxlen: 24
111.119.180.0/22 maxlen: 24
111.119.184.0/21 maxlen: 21
111.119.184.0/22 maxlen: 24
111.119.188.0/22 maxlen: 24
121.91.32.0/19 maxlen: 24
144.48.0.0/22 maxlen: 24
203.189.224.0/22 maxlen: 24
223.123.0.0/17 maxlen: 24
2402:ad80::/36 maxlen: 36
2402:ad80::/44 maxlen: 48
2402:ad80:10::/44 maxlen: 48
2402:ad80:20::/44 maxlen: 48
2402:ad80:60::/44 maxlen: 48
2402:ad80:70::/44 maxlen: 48
2402:ad80:80::/44 maxlen: 48
2402:ad80:90::/44 maxlen: 48
2402:ad80:a0::/44 maxlen: 48
2402:ad80:b0::/44 maxlen: 48
2402:ad80:f0::/44 maxlen: 48
2402:ad80:100::/44 maxlen: 48
2402:ad80:110::/44 maxlen: 48
2402:ad80:120::/44 maxlen: 48
2402:ad80:130::/44 maxlen: 48
2402:ad80:140::/44 maxlen: 48
2402:ad80:1b0::/44 maxlen: 48
2402:ad80:1f0::/44 maxlen: 48
2402:ad80:1000::/36 maxlen: 36
2402:ad80:2000::/36 maxlen: 36
2402:ad80:3000::/36 maxlen: 36
2402:ad80:4000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/_vLBxOoJZEd1FMGqlG5sQXeNBr8.crl
rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/_vLBxOoJZEd1FMGqlG5sQXeNBr8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_vLBxOoJZEd1FMGqlG5sQXeNBr8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Jun 2025 21:14:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2140 (0x85c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D298D, serialNumber=FEF2C1C4EA0964477514C1AA946E6C41778D06BF
Validity
Not Before: May 16 17:22:44 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=68277464-b905
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:fd:f4:42:c5:e0:34:f3:24:c5:09:8d:01:5f:
27:33:61:2a:1b:56:f3:9f:0d:99:a9:9a:4f:10:87:
b5:7c:92:bd:8c:14:83:de:09:da:ad:73:18:15:b2:
4c:d9:75:b8:91:b9:89:1b:ca:85:25:7c:a2:ec:b7:
5c:f0:0b:15:71:f8:97:b9:a8:cc:03:7e:56:7a:41:
05:5c:96:d3:1e:9e:2e:b9:e6:b0:01:ed:0e:74:64:
a7:1c:80:5b:d7:7b:99:58:f7:f7:14:4a:ba:67:59:
78:ca:b9:d1:46:6d:03:14:65:6c:fa:7e:20:f3:06:
ea:06:ea:d5:d7:3d:fc:88:db:08:89:cc:cf:5b:31:
4e:29:ac:10:e4:ce:0d:e5:8a:32:6c:02:c2:1a:b0:
b0:3e:7c:91:32:ec:38:12:c8:9c:79:28:53:1c:b6:
82:5a:bb:68:4e:4a:31:2d:7f:d7:ce:21:56:23:98:
36:e4:66:8d:17:4f:b2:2d:fd:58:e8:5b:fc:7f:84:
44:87:e8:6e:43:25:65:82:06:79:00:1e:97:6d:79:
07:00:4e:6f:b4:2f:32:f2:54:f7:ae:80:6a:fe:9e:
6d:50:88:da:7d:73:d5:1d:56:04:df:f7:62:7b:f0:
68:0b:50:20:7a:be:02:a8:06:7b:07:ff:f0:c9:49:
87:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:3D:81:E3:98:05:46:ED:17:E0:2B:14:EA:BD:09:0C:25:06:FC:9D
X509v3 Authority Key Identifier:
keyid:FE:F2:C1:C4:EA:09:64:47:75:14:C1:AA:94:6E:6C:41:77:8D:06:BF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/_vLBxOoJZEd1FMGqlG5sQXeNBr8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_vLBxOoJZEd1FMGqlG5sQXeNBr8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/65519ACC506C11EC99354984C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.132.0/22
45.116.232.0/22
103.255.4.0/22
111.119.168.0-111.119.191.255
121.91.32.0/19
144.48.0.0/22
203.189.224.0/22
223.123.0.0/17
IPv6:
2402:ad80::-2402:ad80:4fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1d:2b:af:c2:7f:de:6f:4e:f6:17:c0:97:3e:a8:32:14:9a:52:
4c:ec:39:b0:4a:d6:71:28:ec:a2:96:f7:6d:5c:44:26:0a:53:
a6:44:76:4b:43:44:24:d0:0c:0b:66:de:9e:a6:1e:37:2e:0f:
93:c2:d2:7c:40:b8:21:c9:a3:95:db:ee:26:a8:9b:00:c9:22:
35:e9:dc:15:8b:a2:c4:ef:68:e6:9c:ec:19:ce:6a:a2:10:75:
c7:a7:8b:99:8c:bc:32:10:bf:74:d6:a6:a7:7f:b9:08:1b:ad:
c3:9a:4d:92:b7:9b:3b:ae:5b:db:b9:44:7b:ec:a1:c3:70:ca:
2b:93:db:29:f3:47:a7:fc:1b:cb:f3:52:06:fa:6e:cd:42:dd:
fe:4d:9f:2a:8a:47:7c:2b:46:74:51:63:4d:57:c4:83:8d:4a:
4c:7b:6d:b8:fd:36:8f:59:66:1c:03:44:75:2e:21:1a:b4:29:
bb:b8:fe:05:07:84:56:71:64:26:ee:39:67:b8:a7:34:9f:b6:
2a:6e:23:d1:45:51:68:7c:ec:53:5d:39:39:7b:cf:d4:4e:ae:
95:ae:f4:da:8e:70:47:97:3b:d0:7a:ef:6e:54:60:ed:d6:37:
e1:a6:ce:dd:fb:96:cd:f2:99:e0:cb:18:39:75:32:dc:fb:b0:
fa:10:ed:4e
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgICCFwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDI5OEQxMTAvBgNVBAUTKEZFRjJDMUM0RUEwOTY0NDc3NTE0QzFBQTk0NkU2QzQx
Nzc4RDA2QkYwHhcNMjUwNTE2MTcyMjQ0WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODI3NzQ2NC1iOTA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwP30QsXgNPMkxQmNAV8nM2EqG1bznw2ZqZpPEIe1fJK9jBSD3gnarXMYFbJM
2XW4kbmJG8qFJXyi7Ldc8AsVcfiXuajMA35WekEFXJbTHp4uueawAe0OdGSnHIBb
13uZWPf3FEq6Z1l4yrnRRm0DFGVs+n4g8wbqBurV1z38iNsIiczPWzFOKawQ5M4N
5YoybALCGrCwPnyRMuw4EsiceShTHLaCWrtoTkoxLX/XziFWI5g25GaNF0+yLf1Y
6Fv8f4REh+huQyVlggZ5AB6XbXkHAE5vtC8y8lT3roBq/p5tUIjafXPVHVYE3/di
e/BoC1Ager4CqAZ7B//wyUmHFwIDAQABo4IC4DCCAtwwHQYDVR0OBBYEFOs9geOY
BUbtF+ArFOq9CQwlBvydMB8GA1UdIwQYMBaAFP7ywcTqCWRHdRTBqpRubEF3jQa/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMjk4RC8zMzdBNjQzMkYx
QTYxMUVBQjk1QzBFMkZDNEY5QUUwMi9fdkxCeE9vSlpFZDFGTUdxbEc1c1FYZU5C
cjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL192TEJ4T29KWkVkMUZNR3FsRzVzUVhlTkJyOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDI5OEQvMzM3QTY0MzJGMUE2MTFFQUI5NUMwRTJGQzRGOUFFMDIvNjU1MTlBQ0M1
MDZDMTFFQzk5MzU0OTg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwagYIKwYBBQUHAQcBAf8E
WzBZMD4EAgABMDgDBAIr84QDBAItdOgDBAJn/wQwDAMEA293qAMEBm93gAMEBXlb
IAMEApAwAAMEAsu94AMEB997ADAXBAIAAjARMA8DBQckAq2AAwYEJAKtgEAwDQYJ
KoZIhvcNAQELBQADggEBAB0rr8J/3m9O9hfAlz6oMhSaUkzsObBK1nEo7KKW921c
RCYKU6ZEdktDRCTQDAtm3p6mHjcuD5PC0nxAuCHJo5Xb7iaomwDJIjXp3BWLosTv
aOac7BnOaqIQdceni5mMvDIQv3TWpqd/uQgbrcOaTZK3mzuuW9u5RHvsocNwyiuT
2ynzR6f8G8vzUgb6bs1C3f5NnyqKR3wrRnRRY01XxIONSkx7bbj9No9ZZhwDRHUu
IRq0Kbu4/gUHhFZxZCbuOWe4pzSftipuI9FFUWh87FNdOTl7z9ROrpWu9NqOcEeX
O9B6725UYO3WN+Gmzt37ls3ymeDLGDl1Mtz7sPoQ7U4=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:00:10 2025 by rpki-client