Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/AB549D62125711EF94D14874C4F9AE02.roa
File: AB549D62125711EF94D14874C4F9AE02.roa (raw, json)
Hash identifier: e42h1gU/GulKJNSgZnYVY16QcfeskjKqY5xdRuNkRtI=
Subject key identifier: EF:CF:12:67:ED:01:64:5F:45:80:5C:01:99:F8:A4:FC:2E:57:97:E7
Certificate issuer: /CN=A91EA198/serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD
Certificate serial: 1ECB
Authority key identifier: 9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/AB549D62125711EF94D14874C4F9AE02.roa
Signing time: Mon 19 May 2025 03:35:32 +0000
ROA not before: Mon 19 May 2025 03:35:32 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 45102
IP address blocks: 14.1.112.0/22 maxlen: 24
43.0.0.0/9 maxlen: 15
43.91.0.0/16 maxlen: 24
43.96.0.0/16 maxlen: 24
43.97.0.0/16 maxlen: 24
43.98.0.0/16 maxlen: 24
43.99.0.0/16 maxlen: 24
43.100.0.0/16 maxlen: 24
43.101.0.0/16 maxlen: 24
43.102.0.0/16 maxlen: 24
43.103.0.0/16 maxlen: 24
43.104.0.0/16 maxlen: 24
43.105.0.0/16 maxlen: 24
43.106.0.0/16 maxlen: 24
43.107.0.0/16 maxlen: 16
43.107.0.0/16 maxlen: 24
43.108.0.0/16 maxlen: 24
43.109.0.0/16 maxlen: 24
43.110.0.0/16 maxlen: 24
43.111.0.0/16 maxlen: 16
43.111.0.0/16 maxlen: 24
43.112.0.0/16 maxlen: 16
43.112.0.0/16 maxlen: 24
43.113.0.0/16 maxlen: 24
43.114.0.0/16 maxlen: 24
43.115.0.0/16 maxlen: 24
43.116.0.0/16 maxlen: 24
43.117.0.0/16 maxlen: 24
43.118.0.0/16 maxlen: 24
43.119.0.0/16 maxlen: 24
43.120.0.0/16 maxlen: 24
43.121.0.0/16 maxlen: 24
43.122.0.0/16 maxlen: 24
43.123.0.0/16 maxlen: 24
43.124.0.0/16 maxlen: 24
43.125.0.0/16 maxlen: 24
43.126.0.0/16 maxlen: 24
43.127.0.0/16 maxlen: 24
103.206.40.0/22 maxlen: 24
2404:2280::/32 maxlen: 48
240b:4000::/22 maxlen: 31
240b:4000::/32 maxlen: 40
240b:4001::/32 maxlen: 40
240b:4002::/32 maxlen: 48
240b:4003::/32 maxlen: 48
240b:4004::/32 maxlen: 48
240b:4005::/32 maxlen: 48
240b:4006::/32 maxlen: 48
240b:4007::/32 maxlen: 48
240b:4008::/32 maxlen: 48
240b:4009::/32 maxlen: 48
240b:400a::/32 maxlen: 48
240b:400b::/32 maxlen: 48
240b:400c::/32 maxlen: 48
240b:400d::/32 maxlen: 48
240b:400e::/32 maxlen: 48
240b:400f::/32 maxlen: 48
240b:4010::/32 maxlen: 48
240b:4011::/32 maxlen: 48
240b:4012::/32 maxlen: 48
240b:4013::/32 maxlen: 48
240b:4014::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl
rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 07 Jun 2025 16:06:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7883 (0x1ecb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA198, serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD
Validity
Not Before: May 19 03:35:32 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=682aa704-ea3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:3a:c6:cc:fe:7b:3c:1f:ec:0a:cc:6e:fc:da:
e3:ce:c5:78:5b:c7:69:a5:1c:90:33:95:1e:8a:d3:
f3:58:72:e0:6f:28:1b:97:b9:23:79:30:02:41:e2:
81:22:f4:61:e9:e7:9f:e2:27:44:c8:4e:c5:c7:f6:
56:91:cf:cb:8e:67:34:91:2c:95:ab:f4:8b:7b:c7:
44:f5:95:ec:df:70:b4:e1:66:10:49:29:d0:05:70:
9b:1b:d9:72:84:15:54:53:1f:11:bf:6b:01:8a:ee:
2e:87:b9:6a:50:31:12:4e:4c:b9:6e:f9:31:0d:77:
21:ea:36:b1:41:91:0b:b5:3b:5c:65:fc:27:50:11:
23:c3:fc:3c:8a:a3:d9:f9:03:4a:ce:b7:38:5b:b5:
bf:84:74:b0:2b:41:67:64:cc:f3:9b:6d:03:d0:b9:
c6:32:f4:d1:62:7b:8b:60:31:f1:f9:7d:80:61:29:
10:98:86:24:fa:ff:76:56:94:05:63:4f:7c:2e:ae:
01:51:f2:95:1b:ab:06:77:2f:f9:2d:6a:de:74:e5:
9e:6b:75:e6:b9:3c:c5:f0:b3:c9:36:9b:97:72:5f:
cb:5a:f9:42:a5:28:f8:c1:42:90:ae:66:8e:6b:09:
69:34:49:e9:44:f6:05:4a:89:82:a1:1f:d8:da:3f:
fb:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:CF:12:67:ED:01:64:5F:45:80:5C:01:99:F8:A4:FC:2E:57:97:E7
X509v3 Authority Key Identifier:
keyid:9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/AB549D62125711EF94D14874C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.1.112.0/22
43.0.0.0/9
103.206.40.0/22
IPv6:
2404:2280::/32
240b:4000::/22
Signature Algorithm: sha256WithRSAEncryption
1c:03:5c:df:00:0f:6f:03:51:a7:1b:e7:94:fa:ca:df:05:85:
0f:6b:02:06:3a:70:98:08:68:f4:60:62:04:f0:9b:37:af:05:
e3:5a:eb:43:09:8a:3f:2a:86:0f:8c:f4:4b:75:c8:12:5a:8d:
be:8a:20:29:80:c1:81:1c:c7:90:88:de:54:c7:0d:f6:2b:10:
60:93:a2:eb:c6:04:36:83:dc:a2:32:d9:80:04:11:8e:29:dc:
68:af:ad:29:8f:48:9b:be:45:fc:29:6b:4f:0e:84:0d:07:ec:
53:e9:7e:18:3c:18:21:78:c9:66:5d:ba:ae:a2:90:25:b6:aa:
ab:67:28:26:93:c6:3d:90:67:43:0c:cb:98:a7:66:27:70:f4:
d5:d5:8d:55:df:54:ba:7f:4a:50:7a:00:a5:72:0a:7a:b6:7e:
07:4b:51:29:b5:3d:6b:9d:b2:07:0b:c2:77:bc:a3:00:2c:88:
10:36:b7:a4:ff:e7:bb:53:a8:42:16:9b:bc:eb:7f:03:47:9d:
ba:46:4a:08:ab:c4:e7:89:ee:aa:5a:48:f0:03:04:41:29:64:
08:48:5b:48:08:0c:18:fb:13:17:6f:f2:0c:4e:63:14:77:4d:
ec:0e:4d:ee:91:a5:74:6c:0b:a3:29:1e:51:83:ac:c7:f4:56:
9e:2e:90:59
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICHsswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUExOTgxMTAvBgNVBAUTKDlFMUMzNTMxRDAwNDVFQTM4OUI2OENGRjkyODZBMDhG
QkNCQkQ4QkQwHhcNMjUwNTE5MDMzNTMyWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODJhYTcwNC1lYTNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxTrGzP57PB/sCsxu/NrjzsV4W8dppRyQM5UeitPzWHLgbygbl7kjeTACQeKB
IvRh6eef4idEyE7Fx/ZWkc/Ljmc0kSyVq/SLe8dE9ZXs33C04WYQSSnQBXCbG9ly
hBVUUx8Rv2sBiu4uh7lqUDESTky5bvkxDXch6jaxQZELtTtcZfwnUBEjw/w8iqPZ
+QNKzrc4W7W/hHSwK0FnZMzzm20D0LnGMvTRYnuLYDHx+X2AYSkQmIYk+v92VpQF
Y098Lq4BUfKVG6sGdy/5LWredOWea3XmuTzF8LPJNpuXcl/LWvlCpSj4wUKQrmaO
awlpNEnpRPYFSomCoR/Y2j/7hwIDAQABo4ICtTCCArEwHQYDVR0OBBYEFO/PEmft
AWRfRYBcAZn4pPwuV5fnMB8GA1UdIwQYMBaAFJ4cNTHQBF6jibaM/5KGoI+8u9i9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTE5OC85OTNGMjA5MEFC
QzQxMUU2QkQ2QkVEMTRDNEY5QUUwMi9uaHcxTWRBRVhxT0p0b3pfa29hZ2o3eTcy
TDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25odzFNZEFFWHFPSnRvel9rb2Fnajd5NzJMMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUExOTgvOTkzRjIwOTBBQkM0MTFFNkJENkJFRDE0QzRGOUFFMDIvQUI1NDlENjIx
MjU3MTFFRjk0RDE0ODc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMBcEAgABMBEDBAIOAXADAwcrAAMEAmfOKDATBAIAAjANAwUAJAQigAMEAiQL
QDANBgkqhkiG9w0BAQsFAAOCAQEAHANc3wAPbwNRpxvnlPrK3wWFD2sCBjpwmAho
9GBiBPCbN68F41rrQwmKPyqGD4z0S3XIElqNvoogKYDBgRzHkIjeVMcN9isQYJOi
68YENoPcojLZgAQRjincaK+tKY9Im75F/ClrTw6EDQfsU+l+GDwYIXjJZl26rqKQ
Jbaqq2coJpPGPZBnQwzLmKdmJ3D01dWNVd9Uun9KUHoApXIKerZ+B0tRKbU9a52y
BwvCd7yjACyIEDa3pP/nu1OoQhabvOt/A0edukZKCKvE54nuqlpI8AMEQSlkCEhb
SAgMGPsTF2/yDE5jFHdN7A5N7pGldGwLoykeUYOsx/RWni6QWQ==
-----END CERTIFICATE-----
Generated at Mon Jun 2 07:17:10 2025 by rpki-client