Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/12F9CF68572211F086C4E881C4F9AE02.roa
File: 12F9CF68572211F086C4E881C4F9AE02.roa (raw, json)
Hash identifier: 0nbGr6awf+bn60ZK4RzEkJ4qozLM4rRuAK3w+ndGejQ=
Subject key identifier: 74:7E:44:0F:0B:A2:3D:9F:E1:37:B3:B0:3F:44:12:1F:82:72:A9:9E
Certificate issuer: /CN=A911D75C/serialNumber=1A1A40AD93A4A4307ED7264D47D252CAF62DEFFD
Certificate serial: 0C99
Authority key identifier: 1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/12F9CF68572211F086C4E881C4F9AE02.roa
Signing time: Wed 02 Jul 2025 18:56:55 +0000
ROA not before: Wed 02 Jul 2025 18:56:55 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 134371
IP address blocks: 103.62.140.0/22 maxlen: 24
202.136.88.0/22 maxlen: 24
2400:3dc0::/32 maxlen: 32
2400:3dc0::/36 maxlen: 36
2400:3dc0::/44 maxlen: 48
2400:3dc0:10::/44 maxlen: 48
2400:3dc0:2e::/48 maxlen: 48
2400:3dc0:2f::/48 maxlen: 48
2400:3dc0:3e::/48 maxlen: 48
2400:3dc0:3f::/48 maxlen: 48
2400:3dc0:40::/44 maxlen: 47
2400:3dc0:40::/48 maxlen: 48
2400:3dc0:42::/47 maxlen: 48
2400:3dc0:45::/48 maxlen: 48
2400:3dc0:46::/47 maxlen: 48
2400:3dc0:48::/46 maxlen: 48
2400:3dc0:4c::/48 maxlen: 48
2400:3dc0:4e::/47 maxlen: 48
2400:3dc0:50::/44 maxlen: 47
2400:3dc0:50::/45 maxlen: 48
2400:3dc0:58::/48 maxlen: 48
2400:3dc0:5a::/47 maxlen: 48
2400:3dc0:5c::/46 maxlen: 48
2400:3dc0:60::/44 maxlen: 47
2400:3dc0:60::/45 maxlen: 48
2400:3dc0:68::/47 maxlen: 48
2400:3dc0:6a::/48 maxlen: 48
2400:3dc0:6c::/48 maxlen: 48
2400:3dc0:6e::/47 maxlen: 48
2400:3dc0:89::/48 maxlen: 48
2400:3dc0:100::/48 maxlen: 48
2400:3dc0:101::/48 maxlen: 48
2400:3dc0:140::/48 maxlen: 48
2400:3dc0:200::/48 maxlen: 48
2400:3dc0:201::/48 maxlen: 48
2400:3dc0:300::/48 maxlen: 48
2400:3dc0:400::/48 maxlen: 48
2400:3dc0:500::/48 maxlen: 48
2400:3dc0:600::/48 maxlen: 48
2400:3dc0:700::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.crl
rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 09 Jul 2025 18:56:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3225 (0xc99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D75C, serialNumber=1A1A40AD93A4A4307ED7264D47D252CAF62DEFFD
Validity
Not Before: Jul 2 18:56:55 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=686580f7-e40d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8a:8b:37:4e:f4:b8:cf:8d:3a:8f:af:19:b4:
13:90:56:02:f5:99:4b:12:a7:e5:3c:0d:c8:ce:99:
be:15:c4:38:68:6e:75:8e:05:67:87:84:e0:d2:88:
8a:7f:48:e0:91:ce:07:6b:52:72:db:e3:90:db:e6:
c2:24:b6:ff:55:54:73:37:35:f9:64:12:1d:76:68:
d0:5b:48:83:e9:f5:7e:6b:f4:63:06:07:5c:83:0b:
3d:ec:31:4b:a4:02:fb:b0:e8:fd:bf:55:fa:02:21:
97:1e:e5:ee:8c:2f:f4:02:f9:18:bd:e9:42:88:f3:
72:15:bc:1d:35:bc:3e:ea:42:4e:49:11:64:c6:5a:
0a:9b:66:f5:fc:f8:cb:ce:17:1d:b6:06:a0:e2:b7:
dc:42:d0:a1:a5:a8:c5:97:70:86:73:5f:8d:c7:bc:
41:f8:f9:91:e6:7a:a3:cb:2d:e6:0e:2b:16:24:47:
f7:85:15:e5:3b:0a:3a:05:62:1f:a1:9c:30:ec:74:
d6:6c:f7:01:c6:f6:a8:0c:24:96:04:cc:2c:c2:02:
6d:db:a1:96:d4:74:d1:2a:27:85:9a:8a:d1:54:23:
e8:d6:5a:c3:f7:b8:58:7a:2f:a5:ee:f4:23:d8:fa:
80:15:b7:af:12:f3:09:72:46:e4:27:6d:25:f1:42:
12:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:7E:44:0F:0B:A2:3D:9F:E1:37:B3:B0:3F:44:12:1F:82:72:A9:9E
X509v3 Authority Key Identifier:
keyid:1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/12F9CF68572211F086C4E881C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.62.140.0/22
202.136.88.0/22
IPv6:
2400:3dc0::/32
Signature Algorithm: sha256WithRSAEncryption
09:13:c2:8e:2e:ba:da:7c:d9:52:01:a2:3d:ae:fd:a3:75:a7:
73:77:f8:4e:b2:cf:8e:11:be:09:0c:e1:5e:71:1b:28:88:9a:
85:d9:d4:74:81:f6:cf:45:ba:54:53:cd:26:3c:3c:f4:4b:f1:
f5:c4:4e:b0:0e:94:86:1d:33:b8:dc:c0:a1:32:a6:14:55:ba:
9b:f4:f0:8b:76:36:9c:b1:c6:19:67:fe:4e:b0:13:88:08:ab:
ef:49:9b:02:ca:44:47:4c:73:8f:cb:00:39:f6:b7:6b:e5:c1:
ff:d9:49:2f:b1:9c:42:65:50:02:79:18:4c:8a:2f:18:53:7d:
b8:7b:37:69:7a:2f:a4:48:1d:ec:e9:7e:97:ae:ca:d2:ab:4b:
e2:34:f8:1e:b3:ac:60:a1:f4:9a:89:1b:05:8b:cb:ab:31:1c:
57:e5:32:76:52:fc:17:fe:db:07:c3:9a:eb:90:62:5c:5d:fe:
91:ac:06:91:44:f2:64:ca:0c:1c:e2:05:15:eb:a3:42:d4:81:
4a:0b:3f:3f:4e:43:e9:bf:d1:aa:4c:bf:21:d7:1d:78:5d:a2:
a2:69:3b:5d:13:42:95:89:3a:c8:23:f1:bc:8b:b1:28:3e:fd:
04:0c:a5:b9:a3:6a:4f:89:f7:32:12:49:8b:fa:83:13:b0:ba:
39:c8:5d:50
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDJkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQ3NUMxMTAvBgNVBAUTKDFBMUE0MEFEOTNBNEE0MzA3RUQ3MjY0RDQ3RDI1MkNB
RjYyREVGRkQwHhcNMjUwNzAyMTg1NjU1WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODY1ODBmNy1lNDBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr4qLN070uM+NOo+vGbQTkFYC9ZlLEqflPA3Izpm+FcQ4aG51jgVnh4Tg0oiK
f0jgkc4Ha1Jy2+OQ2+bCJLb/VVRzNzX5ZBIddmjQW0iD6fV+a/RjBgdcgws97DFL
pAL7sOj9v1X6AiGXHuXujC/0AvkYvelCiPNyFbwdNbw+6kJOSRFkxloKm2b1/PjL
zhcdtgag4rfcQtChpajFl3CGc1+Nx7xB+PmR5nqjyy3mDisWJEf3hRXlOwo6BWIf
oZww7HTWbPcBxvaoDCSWBMwswgJt26GW1HTRKieFmorRVCPo1lrD97hYei+l7vQj
2PqAFbevEvMJckbkJ20l8UIShwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFHR+RA8L
oj2f4TezsD9EEh+CcqmeMB8GA1UdIwQYMBaAFBoaQK2TpKQwftcmTUfSUsr2Le/9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDc1Qy8yQkM1RkQ0MDA2
QzAxMUVBQkM0M0I3MDlDNEY5QUUwMi9HaHBBclpPa3BEQi0xeVpOUjlKU3l2WXQ3
XzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0docEFyWk9rcERCLTF5Wk5SOUpTeXZZdDdfMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQ3NUMvMkJDNUZENDAwNkMwMTFFQUJDNDNCNzA5QzRGOUFFMDIvMTJGOUNGNjg1
NzIyMTFGMDg2QzRFODgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnPowDBALKiFgwDQQCAAIwBwMFACQAPcAwDQYJKoZIhvcN
AQELBQADggEBAAkTwo4uutp82VIBoj2u/aN1p3N3+E6yz44RvgkM4V5xGyiImoXZ
1HSB9s9FulRTzSY8PPRL8fXETrAOlIYdM7jcwKEyphRVupv08It2Npyxxhln/k6w
E4gIq+9JmwLKREdMc4/LADn2t2vlwf/ZSS+xnEJlUAJ5GEyKLxhTfbh7N2l6L6RI
HezpfpeuytKrS+I0+B6zrGCh9JqJGwWLy6sxHFflMnZS/Bf+2wfDmuuQYlxd/pGs
BpFE8mTKDBziBRXro0LUgUoLPz9OQ+m/0apMvyHXHXhdoqJpO10TQpWJOsgj8byL
sSg+/QQMpbmjak+J9zISSYv6gxOwujnIXVA=
-----END CERTIFICATE-----
Generated at Thu Jul 3 13:56:23 2025 by rpki-client