Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/7D22B44E249D11EFAC24EF6CC4F9AE02.roa
File: 7D22B44E249D11EFAC24EF6CC4F9AE02.roa (raw, json)
Hash identifier: DqfdssaPIpgzVJKB8q8pzNxgEYWvLoidIXznK6mNfXA=
Subject key identifier: 20:81:15:E3:DC:9D:81:B3:01:97:97:38:56:C1:3E:58:0A:22:3C:05
Certificate issuer: /CN=A91E28E2/serialNumber=B481987331E1ED408B51CB9FD8EF4A650AC8669A
Certificate serial: 01B4
Authority key identifier: B4:81:98:73:31:E1:ED:40:8B:51:CB:9F:D8:EF:4A:65:0A:C8:66:9A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tIGYczHh7UCLUcuf2O9KZQrIZpo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/7D22B44E249D11EFAC24EF6CC4F9AE02.roa
Signing time: Thu 05 Jun 2025 03:11:16 +0000
ROA not before: Thu 05 Jun 2025 03:11:16 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 45352
IP address blocks: 45.117.120.0/24 maxlen: 24
45.117.121.0/24 maxlen: 24
45.117.122.0/24 maxlen: 24
103.57.188.0/24 maxlen: 24
103.57.189.0/24 maxlen: 24
103.57.190.0/23 maxlen: 24
2403:1cc0::/48 maxlen: 48
2403:1cc0:1000::/48 maxlen: 48
2403:1cc0:1001::/48 maxlen: 48
2403:1cc0:1002::/48 maxlen: 48
2403:1cc0:1003::/48 maxlen: 48
2403:1cc0:1007::/48 maxlen: 48
2403:1cc0:1101::/48 maxlen: 48
2403:1cc0:1102::/48 maxlen: 48
2403:1cc0:1128::/48 maxlen: 48
2403:1cc0:1201::/48 maxlen: 48
2403:1cc0:1301::/48 maxlen: 48
2403:1cc0:1303::/48 maxlen: 48
2403:1cc0:2000::/48 maxlen: 48
2403:1cc0:2201::/48 maxlen: 48
2403:1cc0:2300::/48 maxlen: 48
2403:1cc0:3201::/48 maxlen: 48
2403:1cc0:3202::/48 maxlen: 48
2403:1cc0:5201::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/tIGYczHh7UCLUcuf2O9KZQrIZpo.crl
rsync://rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/tIGYczHh7UCLUcuf2O9KZQrIZpo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tIGYczHh7UCLUcuf2O9KZQrIZpo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 12 Jun 2025 03:11:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 436 (0x1b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E28E2, serialNumber=B481987331E1ED408B51CB9FD8EF4A650AC8669A
Validity
Not Before: Jun 5 03:11:16 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=68410ad4-0eaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b2:44:10:86:73:17:41:0f:42:fd:bb:9e:79:
b9:e1:72:39:b3:27:95:27:89:fe:fc:5a:07:97:0b:
75:2c:fc:f6:94:98:cd:37:96:f3:21:75:cb:ea:27:
68:21:17:0d:4f:95:f0:da:27:5b:61:6d:91:29:bc:
e8:69:6d:8b:60:13:87:b0:18:9b:1c:fe:de:62:b0:
d7:7b:57:2c:54:d3:31:a0:88:d5:dc:32:23:4a:48:
b8:9a:92:ae:34:c8:cd:bc:12:d9:e5:34:43:0b:d2:
87:6a:a3:60:93:66:88:5b:b0:4d:96:8d:ba:fe:0a:
dc:f7:3f:c4:66:08:70:92:3e:96:60:aa:ec:42:6c:
d2:91:71:e2:19:04:5f:42:35:2f:1e:25:05:4b:4b:
ef:22:4b:61:82:3a:82:16:42:a2:5c:0a:b3:68:53:
22:e4:b6:dc:93:49:f3:f1:48:72:6c:62:94:3f:46:
47:77:4c:25:44:1a:0a:39:c4:dd:b2:68:f4:a4:04:
c3:85:09:71:d5:5f:55:a4:98:87:2a:5b:22:30:23:
28:ab:35:69:80:b6:5f:94:ac:3e:52:5c:23:fb:b0:
b8:c9:85:4f:53:8a:58:70:4c:06:2b:eb:47:46:2d:
5e:6f:7e:2e:9c:7a:0b:cc:9a:24:31:79:70:63:06:
c0:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:81:15:E3:DC:9D:81:B3:01:97:97:38:56:C1:3E:58:0A:22:3C:05
X509v3 Authority Key Identifier:
keyid:B4:81:98:73:31:E1:ED:40:8B:51:CB:9F:D8:EF:4A:65:0A:C8:66:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/tIGYczHh7UCLUcuf2O9KZQrIZpo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tIGYczHh7UCLUcuf2O9KZQrIZpo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/7D22B44E249D11EFAC24EF6CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.117.120.0-45.117.122.255
103.57.188.0/22
IPv6:
2403:1cc0::/48
2403:1cc0:1000::/46
2403:1cc0:1007::/48
2403:1cc0:1101::-2403:1cc0:1102:ffff:ffff:ffff:ffff:ffff
2403:1cc0:1128::/48
2403:1cc0:1201::/48
2403:1cc0:1301::/48
2403:1cc0:1303::/48
2403:1cc0:2000::/48
2403:1cc0:2201::/48
2403:1cc0:2300::/48
2403:1cc0:3201::-2403:1cc0:3202:ffff:ffff:ffff:ffff:ffff
2403:1cc0:5201::/48
Signature Algorithm: sha256WithRSAEncryption
52:fe:aa:51:7c:99:24:9f:e5:a3:bc:b8:a7:07:09:9a:17:0e:
19:6c:0b:47:bd:14:f6:00:4c:f0:b2:9f:3e:d8:7a:b3:12:5e:
ea:3a:68:4d:18:dd:a9:cf:ed:40:fe:77:b8:b8:0e:2b:1d:da:
70:f1:c3:df:1c:df:73:16:54:ab:85:c1:b1:a9:b8:3d:95:59:
78:43:72:20:e9:6f:f2:b8:a5:3f:0f:26:d5:1d:6a:ca:7f:2b:
71:0a:cb:ac:14:19:18:2a:7e:6c:8a:39:04:de:8f:90:df:73:
d1:2f:e8:b5:b4:31:03:ac:8a:29:06:b1:71:96:08:5b:8e:e9:
41:57:f2:bf:8f:73:cd:21:7e:83:57:a7:cf:54:c2:1c:03:d9:
8c:66:aa:9a:6a:98:d1:f2:e5:a1:3c:ed:3a:13:69:a2:1c:f1:
36:b4:50:47:d5:01:2f:94:ae:36:25:53:cc:33:40:35:c5:92:
71:8d:6d:e3:e5:71:ca:11:ee:d7:f3:97:4b:40:42:fd:50:0a:
f2:75:28:77:ea:9a:41:ac:e1:48:8a:54:3a:d8:8f:28:f4:62:
64:ba:78:d6:43:45:f2:50:bb:ad:5a:ec:98:89:57:6d:77:27:
cc:1a:78:df:8b:55:44:5d:82:84:78:a2:d8:68:b0:98:e9:aa:
3c:36:47:5e
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgICAbQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTI4RTIxMTAvBgNVBAUTKEI0ODE5ODczMzFFMUVENDA4QjUxQ0I5RkQ4RUY0QTY1
MEFDODY2OUEwHhcNMjUwNjA1MDMxMTE2WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODQxMGFkNC0wZWFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp7JEEIZzF0EPQv27nnm54XI5syeVJ4n+/FoHlwt1LPz2lJjNN5bzIXXL6ido
IRcNT5Xw2idbYW2RKbzoaW2LYBOHsBibHP7eYrDXe1csVNMxoIjV3DIjSki4mpKu
NMjNvBLZ5TRDC9KHaqNgk2aIW7BNlo26/grc9z/EZghwkj6WYKrsQmzSkXHiGQRf
QjUvHiUFS0vvIkthgjqCFkKiXAqzaFMi5Lbck0nz8UhybGKUP0ZHd0wlRBoKOcTd
smj0pATDhQlx1V9VpJiHKlsiMCMoqzVpgLZflKw+Ulwj+7C4yYVPU4pYcEwGK+tH
Ri1eb34unHoLzJokMXlwYwbAGQIDAQABo4IDOzCCAzcwHQYDVR0OBBYEFCCBFePc
nYGzAZeXOFbBPlgKIjwFMB8GA1UdIwQYMBaAFLSBmHMx4e1Ai1HLn9jvSmUKyGaa
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjhFMi85NTJGQTYzMkQy
RTYxMUVEOUE1MkQ1NUFDNEY5QUUwMi90SUdZY3pIaDdVQ0xVY3VmMk85S1pRckla
cG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RJR1ljekhoN1VDTFVjdWYyTzlLWlFySVpwby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTI4RTIvOTUyRkE2MzJEMkU2MTFFRDlBNTJENTVBQzRGOUFFMDIvN0QyMkI0NEUy
NDlEMTFFRkFDMjRFRjZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgcQGCCsGAQUFBwEHAQH/
BIG0MIGxMBoEAgABMBQwDAMEAy11eAMEAC11egMEAmc5vDCBkgQCAAIwgYsDBwAk
AxzAAAADBwIkAxzAEAADBwAkAxzAEAcwEgMHACQDHMARAQMHACQDHMARAgMHACQD
HMARKAMHACQDHMASAQMHACQDHMATAQMHACQDHMATAwMHACQDHMAgAAMHACQDHMAi
AQMHACQDHMAjADASAwcAJAMcwDIBAwcAJAMcwDICAwcAJAMcwFIBMA0GCSqGSIb3
DQEBCwUAA4IBAQBS/qpRfJkkn+WjvLinBwmaFw4ZbAtHvRT2AEzwsp8+2HqzEl7q
OmhNGN2pz+1A/ne4uA4rHdpw8cPfHN9zFlSrhcGxqbg9lVl4Q3Ig6W/yuKU/DybV
HWrKfytxCsusFBkYKn5sijkE3o+Q33PRL+i1tDEDrIopBrFxlghbjulBV/K/j3PN
IX6DV6fPVMIcA9mMZqqaapjR8uWhPO06E2miHPE2tFBH1QEvlK42JVPMM0A1xZJx
jW3j5XHKEe7X85dLQEL9UArydSh36ppBrOFIilQ62I8o9GJkunjWQ0XyULutWuyY
iVdtdyfMGnjfi1VEXYKEeKLYaLCY6ao8Nkde
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:21:02 2025 by rpki-client