Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/BF80484C737D11E8950B2925C4F9AE02.roa
File: BF80484C737D11E8950B2925C4F9AE02.roa (raw, json)
Hash identifier: gbfDVG6qAa+ZhPqO7K076cwJ7hSX4y6O53BfTbpYvpA=
Subject key identifier: 5C:53:F9:1A:FC:27:56:78:87:CF:A7:BF:46:41:C5:43:A3:13:6B:AC
Certificate issuer: /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
Certificate serial: 2A52
Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/BF80484C737D11E8950B2925C4F9AE02.roa
Signing time: Thu 26 Jun 2025 06:30:21 +0000
ROA not before: Thu 26 Jun 2025 06:30:21 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 134240
IP address blocks: 27.254.4.0/24 maxlen: 24
27.254.11.0/24 maxlen: 24
27.254.15.0/24 maxlen: 24
27.254.22.0/24 maxlen: 24
27.254.31.0/24 maxlen: 24
27.254.177.0/24 maxlen: 24
27.254.185.0/24 maxlen: 24
27.254.186.0/24 maxlen: 24
27.254.205.0/24 maxlen: 24
27.254.231.0/24 maxlen: 24
27.254.233.0/24 maxlen: 24
49.229.88.0/23 maxlen: 23
49.229.90.0/23 maxlen: 23
58.64.24.0/24 maxlen: 24
58.64.27.0/24 maxlen: 24
58.137.6.0/24 maxlen: 24
58.137.26.0/24 maxlen: 24
103.20.204.0/22 maxlen: 24
110.49.141.0/24 maxlen: 24
110.49.142.0/23 maxlen: 24
2405:9800:d000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl
rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 09 Jul 2025 15:49:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10834 (0x2a52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911BD54, serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
Validity
Not Before: Jun 26 06:30:21 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=685ce8fd-ed0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f4:b1:63:8c:f8:4f:c7:0c:6c:09:97:e7:e5:
cd:6c:a8:14:e7:6e:fd:b3:60:2b:38:af:27:ce:40:
f9:d2:95:01:33:c8:ea:95:b4:10:93:57:15:a9:e5:
e2:a5:de:98:b5:29:94:30:ea:45:37:69:c9:fa:3e:
93:97:9a:94:be:ac:5a:c1:0b:85:c6:07:9d:eb:2e:
cb:e4:c8:72:7a:7a:87:cc:ea:20:47:9f:5e:e4:d2:
45:24:bc:7e:8d:89:6c:20:9a:83:c2:20:60:7d:a4:
09:22:bb:bd:05:e9:79:25:27:e2:4a:76:2d:7a:a3:
93:2b:37:e9:02:88:a0:e0:da:2e:c2:c1:ad:ca:af:
38:9c:62:4a:d2:46:5f:33:3d:13:58:86:8f:36:84:
ad:a8:80:07:0c:5e:17:59:68:be:03:61:fc:39:23:
a9:cd:73:c6:4f:15:92:9f:1e:48:d4:b1:f0:c7:a9:
1c:3b:15:cc:92:2f:47:24:6a:52:33:5b:ac:a0:ca:
7c:12:8f:28:af:e4:ec:8d:97:f5:6e:72:69:de:cb:
f1:5d:e4:5e:86:de:8b:78:bf:a7:cc:66:a0:6b:09:
4a:a4:f9:42:8f:24:be:74:19:fd:28:2e:6c:ec:e2:
fd:f5:4f:7e:e1:5c:b5:09:2a:f1:c6:12:b1:f6:21:
0b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:53:F9:1A:FC:27:56:78:87:CF:A7:BF:46:41:C5:43:A3:13:6B:AC
X509v3 Authority Key Identifier:
keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/BF80484C737D11E8950B2925C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.254.4.0/24
27.254.11.0/24
27.254.15.0/24
27.254.22.0/24
27.254.31.0/24
27.254.177.0/24
27.254.185.0-27.254.186.255
27.254.205.0/24
27.254.231.0/24
27.254.233.0/24
49.229.88.0/22
58.64.24.0/24
58.64.27.0/24
58.137.6.0/24
58.137.26.0/24
103.20.204.0/22
110.49.141.0-110.49.143.255
IPv6:
2405:9800:d000::/36
Signature Algorithm: sha256WithRSAEncryption
5f:2f:99:83:f6:b1:d8:3f:92:5b:32:b6:a2:56:cd:ce:5d:4f:
52:92:bb:b5:6d:58:68:56:1e:c4:df:77:d6:85:c6:94:30:ab:
39:53:95:1a:31:46:83:b5:9c:a0:98:a1:be:92:36:b3:48:e8:
a4:d2:47:be:13:0a:bb:bf:1e:00:29:d0:28:6f:1f:85:f2:3c:
dc:6e:52:79:d1:bc:0d:af:21:22:e5:2f:4a:08:ff:a2:18:bd:
31:b1:c4:4b:b6:27:12:98:2e:1c:79:f7:86:c5:77:1b:02:41:
be:3a:8b:06:1d:cf:f4:f1:bc:1b:5f:f9:22:74:4a:11:69:a5:
c5:2d:e7:7c:7c:ed:42:13:32:a9:7c:53:fe:66:9a:1d:fa:11:
18:31:51:69:cf:26:48:1e:d1:d3:98:42:b2:e6:15:bd:67:cf:
66:c1:18:9e:2d:f8:66:43:4d:4a:7f:a9:f0:46:67:68:5a:5a:
94:c6:0f:b5:a7:1c:0d:1f:ea:60:b2:88:97:1e:a6:c2:b7:be:
1f:5a:8e:db:9a:d9:06:1d:1b:64:c3:a9:e4:ab:45:c1:48:14:
c7:6d:e1:27:c1:18:49:d1:f5:0a:e9:ba:a4:f8:6f:92:ad:2c:
36:4e:91:7c:8a:b3:50:16:42:5c:3a:14:2c:aa:e9:96:52:b5:
09:4e:46:56
-----BEGIN CERTIFICATE-----
MIIF9DCCBNygAwIBAgICKlIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2
QUYyMDcxNUMwHhcNMjUwNjI2MDYzMDIxWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODVjZThmZC1lZDBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxfSxY4z4T8cMbAmX5+XNbKgU5279s2ArOK8nzkD50pUBM8jqlbQQk1cVqeXi
pd6YtSmUMOpFN2nJ+j6Tl5qUvqxawQuFxged6y7L5MhyenqHzOogR59e5NJFJLx+
jYlsIJqDwiBgfaQJIru9Bel5JSfiSnYteqOTKzfpAoig4NouwsGtyq84nGJK0kZf
Mz0TWIaPNoStqIAHDF4XWWi+A2H8OSOpzXPGTxWSnx5I1LHwx6kcOxXMki9HJGpS
M1usoMp8Eo8or+TsjZf1bnJp3svxXeReht6LeL+nzGagawlKpPlCjyS+dBn9KC5s
7OL99U9+4Vy1CSrxxhKx9iELtQIDAQABo4IDGDCCAxQwHQYDVR0OBBYEFFxT+Rr8
J1Z4h8+nv0ZBxUOjE2usMB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw
NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj
VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvQkY4MDQ4NEM3
MzdEMTFFODk1MEIyOTI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaEGCCsGAQUFBwEHAQH/
BIGRMIGOMHwEAgABMHYDBAAb/gQDBAAb/gsDBAAb/g8DBAAb/hYDBAAb/h8DBAAb
/rEwDAMEABv+uQMEABv+ugMEABv+zQMEABv+5wMEABv+6QMEAjHlWAMEADpAGAME
ADpAGwMEADqJBgMEADqJGgMEAmcUzDAMAwQAbjGNAwQEbjGAMA4EAgACMAgDBgQk
BZgA0DANBgkqhkiG9w0BAQsFAAOCAQEAXy+Zg/ax2D+SWzK2olbNzl1PUpK7tW1Y
aFYexN931oXGlDCrOVOVGjFGg7WcoJihvpI2s0jopNJHvhMKu78eACnQKG8fhfI8
3G5SedG8Da8hIuUvSgj/ohi9MbHES7YnEpguHHn3hsV3GwJBvjqLBh3P9PG8G1/5
InRKEWmlxS3nfHztQhMyqXxT/maaHfoRGDFRac8mSB7R05hCsuYVvWfPZsEYni34
ZkNNSn+p8EZnaFpalMYPtaccDR/qYLKIlx6mwre+H1qO25rZBh0bZMOp5KtFwUgU
x23hJ8EYSdH1Cum6pPhvkq0sNk6RfIqzUBZCXDoULKrpllK1CU5GVg==
-----END CERTIFICATE-----
Generated at Thu Jul 3 23:27:01 2025 by rpki-client