Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8928/4DA7BB200B5B11EAA3EBC650C4F9AE02/93840DE204E611ED89D3B27BC4F9AE02.roa
File: 93840DE204E611ED89D3B27BC4F9AE02.roa (raw, json)
Hash identifier: cegor5RnBc3HGGToc+6Lymvpp6wumcl5jw4jwYNABG8=
Subject key identifier: B0:B3:B0:C9:73:96:A3:B9:4E:AC:EA:8D:A5:F0:EE:D1:CC:E0:64:6E
Certificate issuer: /CN=A91F8928/serialNumber=F5C9D30E9D0771CD07E51B2E4A52B52253ABD026
Certificate serial: 0C5C
Authority key identifier: F5:C9:D3:0E:9D:07:71:CD:07:E5:1B:2E:4A:52:B5:22:53:AB:D0:26
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9cnTDp0Hcc0H5RsuSlK1IlOr0CY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F8928/4DA7BB200B5B11EAA3EBC650C4F9AE02/93840DE204E611ED89D3B27BC4F9AE02.roa
Signing time: Thu 29 May 2025 11:25:17 +0000
ROA not before: Thu 29 May 2025 11:25:17 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 55492
IP address blocks: 27.131.12.0/22 maxlen: 22
27.131.12.0/24 maxlen: 24
27.131.13.0/24 maxlen: 24
27.131.14.0/24 maxlen: 24
27.131.15.0/24 maxlen: 24
45.127.244.0/22 maxlen: 22
45.127.244.0/24 maxlen: 24
45.127.245.0/24 maxlen: 24
45.127.246.0/24 maxlen: 24
45.127.247.0/24 maxlen: 24
103.196.232.0/22 maxlen: 22
103.196.232.0/24 maxlen: 24
103.196.233.0/24 maxlen: 24
103.196.234.0/23 maxlen: 23
103.196.234.0/24 maxlen: 24
103.196.235.0/24 maxlen: 24
2401:c5c0::/35 maxlen: 35
2401:c5c0::/48 maxlen: 48
2401:c5c0:1::/48 maxlen: 48
2401:c5c0:2::/48 maxlen: 48
2401:c5c0:3::/48 maxlen: 48
2401:c5c0:4::/48 maxlen: 48
2401:c5c0:5::/48 maxlen: 48
2401:c5c0:6::/48 maxlen: 48
2401:c5c0:7::/48 maxlen: 48
2401:c5c0:d::/48 maxlen: 48
2401:c5c0:11::/48 maxlen: 48
2401:c5c0:12::/48 maxlen: 48
2401:c5c0:13::/48 maxlen: 48
2401:c5c0:14::/48 maxlen: 48
2401:c5c0:15::/48 maxlen: 48
2401:c5c0:16::/48 maxlen: 48
2401:c5c0:50::/48 maxlen: 48
2401:c5c0:60::/48 maxlen: 48
2401:c5c0:d1::/48 maxlen: 48
2401:c5c0:d2::/48 maxlen: 48
2401:c5c0:100::/48 maxlen: 48
2401:c5c0:200::/48 maxlen: 48
2401:c5c0:400::/42 maxlen: 42
2401:c5c0:400::/48 maxlen: 48
2401:c5c0:440::/42 maxlen: 42
2401:c5c0:440::/48 maxlen: 48
2401:c5c0:dfa::/48 maxlen: 48
2401:c5c0:dfb::/48 maxlen: 48
2401:c5c0:dfc::/48 maxlen: 48
2401:c5c0:dfd::/48 maxlen: 48
2401:c5c0:dfe::/48 maxlen: 48
2401:c5c0:3000::/36 maxlen: 36
2401:c5c0:4000::/34 maxlen: 34
2401:c5c0:8000::/34 maxlen: 34
2401:c5c0:c000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91F8928/4DA7BB200B5B11EAA3EBC650C4F9AE02/9cnTDp0Hcc0H5RsuSlK1IlOr0CY.crl
rsync://rpki.apnic.net/member_repository/A91F8928/4DA7BB200B5B11EAA3EBC650C4F9AE02/9cnTDp0Hcc0H5RsuSlK1IlOr0CY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9cnTDp0Hcc0H5RsuSlK1IlOr0CY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Jun 2025 18:43:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3164 (0xc5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F8928, serialNumber=F5C9D30E9D0771CD07E51B2E4A52B52253ABD026
Validity
Not Before: May 29 11:25:17 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=6838441d-9968
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:5e:21:ba:f8:6c:39:03:cc:5d:82:f0:b0:ce:
0e:94:66:49:a9:ce:dc:97:c2:92:d2:3a:7c:64:90:
64:ea:f6:a5:06:5f:37:b9:d3:51:4a:5d:6a:45:20:
29:74:0a:07:6c:9b:d2:59:e7:f1:d4:0c:8a:aa:00:
d6:47:83:5a:62:4b:6e:21:9d:03:d1:83:4d:99:56:
d9:6f:6d:9e:f9:83:62:3a:1c:c5:e6:cf:a5:1c:f6:
f8:c8:c3:71:cf:60:5b:15:18:0e:4d:1b:21:49:07:
c8:1a:57:58:67:96:6d:7a:11:c9:ae:c5:5a:68:82:
f4:c8:f6:bf:23:90:8b:71:63:76:35:39:85:9c:aa:
2c:33:27:96:44:ac:7e:0b:ce:e2:00:46:c2:a1:a9:
ff:24:51:aa:8d:60:78:1c:dc:79:dd:e3:08:15:a1:
f8:1c:53:7f:dd:6a:f9:2a:3e:b7:00:83:a1:ec:1f:
ac:e7:7b:51:db:c7:82:08:b3:b3:3d:80:8b:cd:3e:
58:8b:c1:0f:99:92:60:a8:f1:65:29:de:42:da:ca:
78:e3:c4:ab:5a:64:b2:47:cc:da:60:a2:1e:b3:9f:
01:4b:8e:df:e4:27:5d:6a:c1:4b:81:e5:4e:8f:18:
fc:33:6b:13:5d:5c:06:3e:ef:2f:dd:5e:22:43:80:
d3:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:B3:B0:C9:73:96:A3:B9:4E:AC:EA:8D:A5:F0:EE:D1:CC:E0:64:6E
X509v3 Authority Key Identifier:
keyid:F5:C9:D3:0E:9D:07:71:CD:07:E5:1B:2E:4A:52:B5:22:53:AB:D0:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F8928/4DA7BB200B5B11EAA3EBC650C4F9AE02/9cnTDp0Hcc0H5RsuSlK1IlOr0CY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9cnTDp0Hcc0H5RsuSlK1IlOr0CY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8928/4DA7BB200B5B11EAA3EBC650C4F9AE02/93840DE204E611ED89D3B27BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.131.12.0/22
45.127.244.0/22
103.196.232.0/22
IPv6:
2401:c5c0::/35
2401:c5c0:3000::-2401:c5c0:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
19:f7:a6:14:68:3a:38:41:99:14:60:4f:f0:a7:ce:e2:75:ec:
b6:57:08:7e:f7:ec:75:66:44:24:0c:29:27:fa:bb:4d:1d:f2:
ca:44:6b:0a:92:51:bd:c3:81:4c:b9:ae:a9:c4:85:a8:6b:57:
1d:a6:7b:67:a6:59:3b:de:3a:80:22:9f:b8:b6:7f:2d:e1:f2:
f3:b3:0f:a7:c8:0a:88:2d:59:da:93:a8:77:ff:ca:b0:3b:cd:
8c:70:3e:7d:eb:bd:5b:70:36:2a:6d:e9:11:b2:b0:e5:34:f0:
ed:f5:04:69:5a:cc:6b:ce:32:e2:21:e2:44:8f:88:6e:7a:7f:
9b:c2:93:d2:d2:13:2a:b0:22:35:6f:6c:04:49:32:c8:df:a1:
6f:02:47:4e:56:6f:d2:49:d1:a0:c7:fd:65:1f:61:62:61:97:
c9:2e:2f:0e:93:8e:3f:f5:53:04:47:87:50:6c:0e:6e:1c:53:
8f:5d:90:3b:ff:3d:d2:28:58:39:4c:a4:a5:e4:12:8f:93:3c:
cd:8f:8b:46:d1:92:58:5a:dd:35:3e:93:07:34:f0:95:77:e7:
9d:51:5a:93:7a:4f:bb:ea:8e:0c:71:c5:b0:0c:6a:62:05:a8:
83:0d:4f:3e:48:fd:b1:ec:10:a5:6a:32:b3:b2:05:76:fb:5d:
53:43:67:08
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICDFwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Rjg5MjgxMTAvBgNVBAUTKEY1QzlEMzBFOUQwNzcxQ0QwN0U1MUIyRTRBNTJCNTIy
NTNBQkQwMjYwHhcNMjUwNTI5MTEyNTE3WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODM4NDQxZC05OTY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyV4huvhsOQPMXYLwsM4OlGZJqc7cl8KS0jp8ZJBk6valBl83udNRSl1qRSAp
dAoHbJvSWefx1AyKqgDWR4NaYktuIZ0D0YNNmVbZb22e+YNiOhzF5s+lHPb4yMNx
z2BbFRgOTRshSQfIGldYZ5ZtehHJrsVaaIL0yPa/I5CLcWN2NTmFnKosMyeWRKx+
C87iAEbCoan/JFGqjWB4HNx53eMIFaH4HFN/3Wr5Kj63AIOh7B+s53tR28eCCLOz
PYCLzT5Yi8EPmZJgqPFlKd5C2sp448SrWmSyR8zaYKIes58BS47f5CddasFLgeVO
jxj8M2sTXVwGPu8v3V4iQ4DTtQIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFLCzsMlz
lqO5TqzqjaXw7tHM4GRuMB8GA1UdIwQYMBaAFPXJ0w6dB3HNB+UbLkpStSJTq9Am
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODkyOC80REE3QkIyMDBC
NUIxMUVBQTNFQkM2NTBDNEY5QUUwMi85Y25URHAwSGNjMEg1UnN1U2xLMUlsT3Iw
Q1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzljblREcDBIY2MwSDVSc3VTbEsxSWxPcjBDWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Rjg5MjgvNERBN0JCMjAwQjVCMTFFQUEzRUJDNjUwQzRGOUFFMDIvOTM4NDBERTIw
NEU2MTFFRDg5RDNCMjdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E
PTA7MBgEAgABMBIDBAIbgwwDBAItf/QDBAJnxOgwHwQCAAIwGQMGBSQBxcAAMA8D
BgQkAcXAMAMFACQBxcAwDQYJKoZIhvcNAQELBQADggEBABn3phRoOjhBmRRgT/Cn
zuJ17LZXCH737HVmRCQMKSf6u00d8spEawqSUb3DgUy5rqnEhahrVx2me2emWTve
OoAin7i2fy3h8vOzD6fICogtWdqTqHf/yrA7zYxwPn3rvVtwNipt6RGysOU08O31
BGlazGvOMuIh4kSPiG56f5vCk9LSEyqwIjVvbARJMsjfoW8CR05Wb9JJ0aDH/WUf
YWJhl8kuLw6Tjj/1UwRHh1BsDm4cU49dkDv/PdIoWDlMpKXkEo+TPM2Pi0bRklha
3TU+kwc08JV3551RWpN6T7vqjgxxxbAMamIFqIMNTz5I/bHsEKVqMrOyBXb7XVND
Zwg=
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:56:28 2025 by rpki-client