Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911ABDD/3AE004B4D77811E4B3778B72C4F9AE02/4FA6792A8F6711E6A509C92DC4F9AE02.roa
File: 4FA6792A8F6711E6A509C92DC4F9AE02.roa (raw, json)
Hash identifier: 6QVoFOwpeph3ATod5Q7+936XeOZ3MM2p/wTqRhcPdKs=
Subject key identifier: D7:74:01:ED:59:9B:D3:7F:2F:97:50:41:9C:DC:CA:C4:6A:FE:65:2D
Certificate issuer: /CN=A911ABDD/serialNumber=4287B3332176DB486A2CBC425402FA9C86B6DC48
Certificate serial: 1E36
Authority key identifier: 42:87:B3:33:21:76:DB:48:6A:2C:BC:42:54:02:FA:9C:86:B6:DC:48
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QoezMyF220hqLLxCVAL6nIa23Eg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911ABDD/3AE004B4D77811E4B3778B72C4F9AE02/4FA6792A8F6711E6A509C92DC4F9AE02.roa
Signing time: Mon 09 Jun 2025 09:06:42 +0000
ROA not before: Mon 09 Jun 2025 09:06:42 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 45223
IP address blocks: 180.128.0.0/16 maxlen: 16
180.128.0.0/17 maxlen: 17
180.128.0.0/23 maxlen: 23
180.128.2.0/23 maxlen: 23
180.128.4.0/23 maxlen: 23
180.128.6.0/23 maxlen: 23
180.128.8.0/23 maxlen: 23
180.128.10.0/23 maxlen: 23
180.128.12.0/23 maxlen: 23
180.128.14.0/23 maxlen: 23
180.128.16.0/23 maxlen: 23
180.128.18.0/23 maxlen: 23
180.128.20.0/23 maxlen: 23
180.128.22.0/23 maxlen: 23
180.128.24.0/23 maxlen: 23
180.128.26.0/23 maxlen: 23
180.128.28.0/23 maxlen: 23
180.128.30.0/23 maxlen: 23
180.128.32.0/23 maxlen: 23
180.128.34.0/23 maxlen: 23
180.128.40.0/23 maxlen: 23
180.128.42.0/23 maxlen: 23
180.128.44.0/23 maxlen: 23
180.128.240.0/21 maxlen: 21
180.128.240.0/23 maxlen: 23
180.128.242.0/23 maxlen: 23
180.128.244.0/23 maxlen: 23
180.128.246.0/23 maxlen: 23
202.44.52.0/22 maxlen: 22
202.44.52.0/23 maxlen: 23
202.44.54.0/23 maxlen: 23
202.52.4.0/22 maxlen: 22
202.52.4.0/23 maxlen: 23
202.52.6.0/23 maxlen: 23
203.145.112.0/22 maxlen: 22
203.145.116.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911ABDD/3AE004B4D77811E4B3778B72C4F9AE02/QoezMyF220hqLLxCVAL6nIa23Eg.crl
rsync://rpki.apnic.net/member_repository/A911ABDD/3AE004B4D77811E4B3778B72C4F9AE02/QoezMyF220hqLLxCVAL6nIa23Eg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QoezMyF220hqLLxCVAL6nIa23Eg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 09 Jul 2025 15:47:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7734 (0x1e36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911ABDD, serialNumber=4287B3332176DB486A2CBC425402FA9C86B6DC48
Validity
Not Before: Jun 9 09:06:42 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=6846a422-1353
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:96:60:11:1e:8e:4d:7a:7a:ed:87:26:4b:5c:
32:67:bd:7c:79:f9:a0:51:e4:07:bf:cc:51:57:88:
c1:87:87:27:74:f3:62:cf:cb:10:97:0a:ad:ea:da:
5b:f2:3a:cb:25:68:af:f2:96:2d:20:1f:83:4d:07:
03:d7:c2:67:b7:d8:44:36:af:69:d2:4c:8c:55:80:
cf:ab:62:0e:10:e1:b0:61:f7:9a:6c:a5:d5:72:e0:
db:ef:59:5c:6c:7d:65:d1:68:fa:bc:73:0b:01:48:
bf:6a:86:36:6e:30:aa:43:fe:88:e8:26:ad:53:74:
e1:d2:26:12:46:d1:ed:dd:00:b7:f2:76:1c:ae:97:
8e:3e:36:89:9c:5f:1c:9f:25:76:11:06:ed:35:6f:
95:36:cc:43:34:2e:2d:2b:42:df:f1:30:74:8c:94:
9d:c1:46:2d:9b:60:99:57:8a:de:2c:e9:1d:f5:97:
ef:49:71:c8:f4:4d:08:57:5d:ba:49:dc:13:1c:88:
9a:b9:fe:1b:f7:6b:84:f7:db:28:94:06:13:38:b5:
ec:d5:a8:6d:64:72:49:44:37:ca:63:7f:f8:78:ed:
38:67:6e:e3:79:af:7f:94:01:b1:26:4a:90:00:e0:
1b:77:d0:b0:8a:1b:2a:e2:10:9e:a2:0c:ed:e5:b0:
82:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:74:01:ED:59:9B:D3:7F:2F:97:50:41:9C:DC:CA:C4:6A:FE:65:2D
X509v3 Authority Key Identifier:
keyid:42:87:B3:33:21:76:DB:48:6A:2C:BC:42:54:02:FA:9C:86:B6:DC:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911ABDD/3AE004B4D77811E4B3778B72C4F9AE02/QoezMyF220hqLLxCVAL6nIa23Eg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QoezMyF220hqLLxCVAL6nIa23Eg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911ABDD/3AE004B4D77811E4B3778B72C4F9AE02/4FA6792A8F6711E6A509C92DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
180.128.0.0/16
202.44.52.0/22
202.52.4.0/22
203.145.112.0/21
Signature Algorithm: sha256WithRSAEncryption
c1:eb:fc:2b:a4:7e:8b:71:74:19:87:fd:5f:bf:23:c5:d3:29:
e8:d8:1a:51:65:15:ff:4a:68:13:ad:9d:32:3b:6f:e5:d9:3c:
7d:2e:56:bd:4a:f4:b5:85:1c:40:fa:ad:67:6f:a3:a4:ac:8d:
e7:76:38:df:c3:67:88:42:3a:2c:2f:06:a0:d1:bf:0c:e3:3d:
e1:44:48:b5:e9:73:48:5b:82:6d:ce:6c:ef:bf:43:d1:f2:96:
50:e3:d7:e4:8b:e9:4e:1e:4f:61:55:57:ce:7c:ae:dc:e5:9e:
b3:cc:7a:e8:e9:e2:b0:1a:47:6f:e7:90:7d:28:4f:c1:46:99:
1a:d7:09:32:95:63:f7:7c:2d:7a:20:28:de:22:d1:67:b2:5f:
8c:6b:46:bd:37:b5:13:2f:5e:90:05:95:5d:52:f1:46:53:d1:
49:77:33:7c:82:0d:a7:f0:08:f3:2f:f6:d6:de:2b:30:55:aa:
55:18:17:0c:f2:b9:b5:11:55:a0:5b:74:80:51:23:68:a3:31:
98:71:23:dd:6d:b9:08:fb:bb:dc:61:76:33:26:cb:71:7b:97:
78:5c:85:b3:35:d4:cc:a9:4b:93:1d:1a:98:ef:6f:09:65:9c:
be:95:6f:dc:e0:3e:a7:87:46:99:98:91:7e:db:de:26:09:66:
ed:60:e4:dd
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICHjYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUFCREQxMTAvBgNVBAUTKDQyODdCMzMzMjE3NkRCNDg2QTJDQkM0MjU0MDJGQTlD
ODZCNkRDNDgwHhcNMjUwNjA5MDkwNjQyWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODQ2YTQyMi0xMzUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu5ZgER6OTXp67YcmS1wyZ718efmgUeQHv8xRV4jBh4cndPNiz8sQlwqt6tpb
8jrLJWiv8pYtIB+DTQcD18Jnt9hENq9p0kyMVYDPq2IOEOGwYfeabKXVcuDb71lc
bH1l0Wj6vHMLAUi/aoY2bjCqQ/6I6CatU3Th0iYSRtHt3QC38nYcrpeOPjaJnF8c
nyV2EQbtNW+VNsxDNC4tK0Lf8TB0jJSdwUYtm2CZV4reLOkd9ZfvSXHI9E0IV126
SdwTHIiauf4b92uE99solAYTOLXs1ahtZHJJRDfKY3/4eO04Z27jea9/lAGxJkqQ
AOAbd9Cwihsq4hCeogzt5bCCAQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFNd0Ae1Z
m9N/L5dQQZzcysRq/mUtMB8GA1UdIwQYMBaAFEKHszMhdttIaiy8QlQC+pyGttxI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQUJERC8zQUUwMDRCNEQ3
NzgxMUU0QjM3NzhCNzJDNEY5QUUwMi9Rb2V6TXlGMjIwaHFMTHhDVkFMNm5JYTIz
RWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FvZXpNeUYyMjBocUxMeENWQUw2bklhMjNFZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUFCREQvM0FFMDA0QjRENzc4MTFFNEIzNzc4QjcyQzRGOUFFMDIvNEZBNjc5MkE4
RjY3MTFFNkE1MDlDOTJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMB0EAgABMBcDAwC0gAMEAsosNAMEAso0BAMEA8uRcDANBgkqhkiG9w0BAQsF
AAOCAQEAwev8K6R+i3F0GYf9X78jxdMp6NgaUWUV/0poE62dMjtv5dk8fS5WvUr0
tYUcQPqtZ2+jpKyN53Y438NniEI6LC8GoNG/DOM94URItelzSFuCbc5s779D0fKW
UOPX5IvpTh5PYVVXznyu3OWes8x66OnisBpHb+eQfShPwUaZGtcJMpVj93wteiAo
3iLRZ7JfjGtGvTe1Ey9ekAWVXVLxRlPRSXczfIINp/AI8y/21t4rMFWqVRgXDPK5
tRFVoFt0gFEjaKMxmHEj3W25CPu73GF2MybLcXuXeFyFszXUzKlLkx0amO9vCWWc
vpVv3OA+p4dGmZiRftveJglm7WDk3Q==
-----END CERTIFICATE-----
Generated at Thu Jul 3 13:14:25 2025 by rpki-client