Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
File: B32F80267BD111EBBB223C84C4F9AE02.roa (raw, json)
Hash identifier: Vsc0nGaOBo7aZDtJuSXEprpgSyKJZw7SXkdMKOIOasw=
Subject key identifier: 92:7D:C4:76:0B:2C:4F:DE:AF:03:06:F6:71:8F:8B:92:96:82:A0:59
Certificate issuer: /CN=A91EDB37/serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Certificate serial: 0702
Authority key identifier: 95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
Signing time: Thu 05 Jun 2025 05:49:10 +0000
ROA not before: Thu 05 Jun 2025 05:49:10 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 21859
IP address blocks: 129.227.17.0/24 maxlen: 24
129.227.18.0/24 maxlen: 24
129.227.19.0/24 maxlen: 24
129.227.29.0/24 maxlen: 24
129.227.30.0/24 maxlen: 24
129.227.31.0/24 maxlen: 24
129.227.63.0/24 maxlen: 24
129.227.176.0/23 maxlen: 24
129.227.192.0/24 maxlen: 24
129.227.193.0/24 maxlen: 24
129.227.194.0/23 maxlen: 24
156.59.16.0/22 maxlen: 24
156.59.48.0/23 maxlen: 24
156.59.50.0/23 maxlen: 24
156.59.52.0/22 maxlen: 24
156.59.73.0/24 maxlen: 24
156.59.80.0/21 maxlen: 24
156.59.94.0/23 maxlen: 24
156.59.108.0/24 maxlen: 24
156.59.123.0/24 maxlen: 24
156.59.128.0/21 maxlen: 24
156.59.136.0/21 maxlen: 24
156.59.146.0/24 maxlen: 24
156.59.216.0/24 maxlen: 24
156.59.224.0/24 maxlen: 24
156.59.225.0/24 maxlen: 24
156.59.241.0/24 maxlen: 24
162.128.53.0/24 maxlen: 24
162.128.54.0/24 maxlen: 24
162.128.140.0/24 maxlen: 24
162.128.149.0/24 maxlen: 24
162.128.196.0/24 maxlen: 24
162.128.199.0/24 maxlen: 24
162.128.200.0/24 maxlen: 24
162.128.201.0/24 maxlen: 24
162.128.202.0/24 maxlen: 24
162.128.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 12 Jun 2025 06:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1794 (0x702)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EDB37, serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Validity
Not Before: Jun 5 05:49:10 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=68412fd5-85a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ca:18:e7:ef:6a:08:61:d8:56:b6:d4:79:88:
09:9b:10:d1:93:54:87:c7:eb:c9:2f:08:f8:09:80:
85:34:7d:ef:87:86:a8:3a:05:66:fc:de:d6:09:fb:
9e:68:d6:36:02:ad:05:43:1c:b3:d7:e3:3b:db:a1:
51:b8:b8:56:f3:4a:42:eb:e2:69:11:e0:ef:2f:ee:
7c:7b:ba:09:8f:aa:e1:6e:67:ee:fc:a5:cc:f3:06:
96:83:2f:5a:b3:c1:0f:4e:2f:5e:7e:9b:9f:98:cf:
e4:41:35:18:2a:01:45:ff:26:6b:bc:3c:a3:3b:f8:
b3:cd:82:0e:7d:32:e3:66:82:f1:c9:9f:b1:b9:33:
40:ca:d5:1d:be:ca:d0:97:95:c4:6a:b5:08:ab:da:
1a:83:45:51:9b:9f:2e:58:0a:c2:1a:24:8e:22:e6:
3f:a0:69:25:3c:da:14:34:6b:fb:7a:fd:1c:0f:b7:
c3:33:ac:b2:fe:ee:ad:47:1e:04:2e:4f:35:ca:4f:
25:4e:1a:63:0d:71:f9:db:d4:62:35:4c:45:79:dd:
b0:9d:5f:09:28:8d:1c:f3:4e:96:49:ce:9b:aa:62:
c7:49:6f:8d:75:df:e8:9d:e3:3c:43:bf:f5:3c:72:
9f:3f:e4:9d:0c:63:dd:ef:8c:54:be:82:bb:dc:01:
5a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:7D:C4:76:0B:2C:4F:DE:AF:03:06:F6:71:8F:8B:92:96:82:A0:59
X509v3 Authority Key Identifier:
keyid:95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.227.17.0-129.227.19.255
129.227.29.0-129.227.31.255
129.227.63.0/24
129.227.176.0/23
129.227.192.0/22
156.59.16.0/22
156.59.48.0/21
156.59.73.0/24
156.59.80.0/21
156.59.94.0/23
156.59.108.0/24
156.59.123.0/24
156.59.128.0/20
156.59.146.0/24
156.59.216.0/24
156.59.224.0/23
156.59.241.0/24
162.128.53.0-162.128.54.255
162.128.140.0/24
162.128.149.0/24
162.128.196.0/24
162.128.199.0-162.128.202.255
162.128.254.0/24
Signature Algorithm: sha256WithRSAEncryption
41:57:eb:68:97:f0:b2:96:b7:39:bc:f4:83:8e:91:6c:93:6d:
c1:6f:7c:8f:2d:a0:cf:e7:19:73:2b:4c:33:ba:79:67:35:f2:
21:73:7d:4f:13:11:e2:86:78:12:86:73:3f:e1:7e:83:7b:47:
71:cb:8d:ee:11:aa:1d:b1:f9:02:56:07:a1:77:c4:3f:0f:a6:
bd:c5:1f:2e:f3:02:5a:b9:32:5f:1e:a6:2a:9e:39:b2:0d:ec:
26:e6:73:a7:2b:2e:2f:23:09:77:b1:b9:7c:fb:76:2b:38:9c:
21:97:f7:13:e8:a8:c4:f0:a8:a9:97:52:68:9c:3c:f9:7f:b3:
4b:66:8f:8a:f0:e7:3e:8c:51:40:d9:a1:48:0f:5d:62:7f:68:
37:b2:72:c1:9a:40:18:bf:96:eb:55:e3:eb:51:5a:87:db:9c:
36:87:37:a4:b6:c4:67:d3:da:d4:10:44:0e:4f:03:93:94:92:
af:27:fe:93:5a:5c:4c:41:20:28:1e:0e:34:ff:30:4f:46:58:
82:7a:84:b4:b1:ef:f0:dc:2e:73:0f:45:46:a0:6d:d2:2c:03:
1e:2a:e0:63:1a:08:57:77:c1:66:64:f1:a6:1b:c9:17:dd:6e:
76:d5:8c:be:6e:7c:00:f3:35:57:60:f1:cb:d8:23:30:e9:4b:
26:ce:fb:ba
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgICBwIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RURCMzcxMTAvBgNVBAUTKDk1RkVCRTkzQTMzQTMzOTRCRDFGNjBEQ0JCRERCOUZE
RTA3MkI3RjMwHhcNMjUwNjA1MDU0OTEwWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODQxMmZkNS04NWE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArsoY5+9qCGHYVrbUeYgJmxDRk1SHx+vJLwj4CYCFNH3vh4aoOgVm/N7WCfue
aNY2Aq0FQxyz1+M726FRuLhW80pC6+JpEeDvL+58e7oJj6rhbmfu/KXM8waWgy9a
s8EPTi9efpufmM/kQTUYKgFF/yZrvDyjO/izzYIOfTLjZoLxyZ+xuTNAytUdvsrQ
l5XEarUIq9oag0VRm58uWArCGiSOIuY/oGklPNoUNGv7ev0cD7fDM6yy/u6tRx4E
Lk81yk8lThpjDXH529RiNUxFed2wnV8JKI0c806WSc6bqmLHSW+Ndd/oneM8Q7/1
PHKfP+SdDGPd74xUvoK73AFaFwIDAQABo4IDPjCCAzowHQYDVR0OBBYEFJJ9xHYL
LE/erwMG9nGPi5KWgqBZMB8GA1UdIwQYMBaAFJX+vpOjOjOUvR9g3Lvduf3gcrfz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFREIzNy80REU2MzVFMDc4
QTAxMUVCOTUwRDMxNzVDNEY5QUUwMi9sZjYtazZNNk01UzlIMkRjdTkyNV9lQnl0
X00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2xmNi1rNk02TTVTOUgyRGN1OTI1X2VCeXRfTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RURCMzcvNERFNjM1RTA3OEEwMTFFQjk1MEQzMTc1QzRGOUFFMDIvQjMyRjgwMjY3
QkQxMTFFQkJCMjIzQzg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgccGCCsGAQUFBwEHAQH/
BIG3MIG0MIGxBAIAATCBqjAMAwQAgeMRAwQCgeMQMAwDBACB4x0DBAWB4wADBACB
4z8DBAGB47ADBAKB48ADBAKcOxADBAOcOzADBACcO0kDBAOcO1ADBAGcO14DBACc
O2wDBACcO3sDBAScO4ADBACcO5IDBACcO9gDBAGcO+ADBACcO/EwDAMEAKKANQME
AKKANgMEAKKAjAMEAKKAlQMEAKKAxDAMAwQAooDHAwQAooDKAwQAooD+MA0GCSqG
SIb3DQEBCwUAA4IBAQBBV+tol/Cylrc5vPSDjpFsk23Bb3yPLaDP5xlzK0wzunln
NfIhc31PExHihngShnM/4X6De0dxy43uEaodsfkCVgehd8Q/D6a9xR8u8wJauTJf
HqYqnjmyDewm5nOnKy4vIwl3sbl8+3YrOJwhl/cT6KjE8Kipl1JonDz5f7NLZo+K
8Oc+jFFA2aFID11if2g3snLBmkAYv5brVePrUVqH25w2hzektsRn09rUEEQOTwOT
lJKvJ/6TWlxMQSAoHg40/zBPRliCeoS0se/w3C5zD0VGoG3SLAMeKuBjGghXd8Fm
ZPGmG8kX3W521Yy+bnwA8zVXYPHL2CMw6Usmzvu6
-----END CERTIFICATE-----
Generated at Fri Jun 6 17:32:24 2025 by rpki-client