Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/7179245C619311EE9B52D046C4F9AE02.roa
File: 7179245C619311EE9B52D046C4F9AE02.roa (raw, json)
Hash identifier: OIoiXK5HUidUkMvfbT28pcn/cDbn540RgN8Pi5zH+4Y=
Subject key identifier: D3:89:27:D8:82:AE:75:88:F5:D3:C0:84:81:5A:E1:2A:50:E1:0D:C3
Certificate issuer: /CN=A9125475/serialNumber=4440F6C422E9500C7D46A62D7DEB70D33A88750E
Certificate serial: 36D0
Authority key identifier: 44:40:F6:C4:22:E9:50:0C:7D:46:A6:2D:7D:EB:70:D3:3A:88:75:0E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RED2xCLpUAx9RqYtfetw0zqIdQ4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/7179245C619311EE9B52D046C4F9AE02.roa
Signing time: Tue 17 Jun 2025 04:19:52 +0000
ROA not before: Tue 17 Jun 2025 04:19:52 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 4651
IP address blocks: 61.19.0.0/24 maxlen: 24
61.19.1.0/24 maxlen: 24
61.19.2.0/24 maxlen: 24
61.19.4.0/24 maxlen: 24
61.19.7.0/24 maxlen: 24
61.19.9.0/24 maxlen: 24
61.19.14.0/24 maxlen: 24
122.155.224.0/24 maxlen: 24
122.155.225.0/24 maxlen: 24
122.155.226.0/24 maxlen: 24
122.155.227.0/24 maxlen: 24
122.155.228.0/24 maxlen: 24
122.155.230.0/24 maxlen: 24
122.155.232.0/24 maxlen: 24
122.155.236.0/24 maxlen: 24
122.155.237.0/24 maxlen: 24
122.155.238.0/24 maxlen: 24
122.155.243.0/24 maxlen: 24
122.155.243.0/25 maxlen: 25
122.155.244.0/22 maxlen: 24
202.47.253.0/24 maxlen: 24
2001:c38:5000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/RED2xCLpUAx9RqYtfetw0zqIdQ4.crl
rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/RED2xCLpUAx9RqYtfetw0zqIdQ4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RED2xCLpUAx9RqYtfetw0zqIdQ4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 09 Jul 2025 14:20:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14032 (0x36d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9125475, serialNumber=4440F6C422E9500C7D46A62D7DEB70D33A88750E
Validity
Not Before: Jun 17 04:19:52 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6850ece7-87da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:84:53:bc:49:90:ba:fd:95:61:28:2e:db:1f:
f9:7f:f1:e2:2a:33:92:3e:a2:45:38:8b:0a:78:18:
58:e0:22:5c:b3:5b:bd:c6:55:e3:d9:f7:53:8f:ea:
19:3d:8f:36:aa:8c:2b:c3:79:13:e1:34:80:29:90:
c2:ac:77:2c:31:18:ca:94:cc:05:f6:87:ca:99:ef:
fe:0c:1f:ef:1d:94:5d:90:08:6f:bf:bd:9e:07:42:
5c:77:10:4e:20:86:c2:bb:3c:fd:e5:cc:2d:53:73:
66:46:88:f0:12:8e:4c:1b:a1:61:dd:52:23:fa:72:
5c:52:ac:35:25:5e:ef:bb:20:ee:f1:2b:7d:4a:a4:
5a:46:37:ac:e5:22:ba:62:7b:fe:77:44:21:6f:48:
16:0d:9d:87:65:fa:07:78:53:4c:e0:76:1a:0d:de:
d4:52:a5:1e:fc:8f:5d:b6:e1:14:56:54:1e:cf:a4:
1d:29:a6:d9:38:d0:e0:b7:0e:d5:69:f9:3d:4e:2f:
f5:e9:3d:45:93:21:c6:6e:96:25:85:71:53:b0:1b:
5b:3e:69:d4:cd:f2:a5:7b:fc:d7:ae:1b:31:0a:a5:
d0:a2:53:77:e1:d4:dc:7a:69:fd:79:80:bd:aa:3c:
97:76:ed:24:c3:1c:8a:52:ac:1c:1f:e7:82:e2:f1:
6a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:89:27:D8:82:AE:75:88:F5:D3:C0:84:81:5A:E1:2A:50:E1:0D:C3
X509v3 Authority Key Identifier:
keyid:44:40:F6:C4:22:E9:50:0C:7D:46:A6:2D:7D:EB:70:D3:3A:88:75:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/RED2xCLpUAx9RqYtfetw0zqIdQ4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RED2xCLpUAx9RqYtfetw0zqIdQ4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/7179245C619311EE9B52D046C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.19.0.0-61.19.2.255
61.19.4.0/24
61.19.7.0/24
61.19.9.0/24
61.19.14.0/24
122.155.224.0-122.155.228.255
122.155.230.0/24
122.155.232.0/24
122.155.236.0-122.155.238.255
122.155.243.0-122.155.247.255
202.47.253.0/24
IPv6:
2001:c38:5000::/48
Signature Algorithm: sha256WithRSAEncryption
2c:75:33:bf:67:23:db:0c:3e:e3:5e:7c:9d:7a:3a:72:74:48:
ca:4a:75:34:72:a6:d5:9f:aa:c9:c1:fa:55:2d:d8:54:3f:58:
7e:a4:cb:b3:ed:e7:f6:0f:94:54:8f:e5:38:ac:62:24:c9:c3:
eb:ad:09:4e:9a:61:af:a0:65:96:43:fc:ff:5d:ac:ed:4a:17:
1b:9e:ce:25:bc:69:12:c2:d9:cd:17:85:24:10:2f:8c:c0:ad:
c6:d2:ed:16:19:b6:f5:f4:22:e9:6f:0a:90:23:54:53:fd:7d:
50:73:f0:a9:fe:d1:f0:a7:22:d3:46:2f:8e:cb:d4:2b:09:79:
b5:f0:f3:39:6f:af:7f:2b:56:19:f8:f0:35:ef:eb:0f:ad:a3:
b1:d4:31:b6:b0:7e:fc:d6:b6:2e:61:25:8e:05:72:15:7b:65:
eb:7a:28:45:35:32:a5:ff:74:eb:db:50:b0:ed:90:91:62:d6:
ec:d5:08:4b:23:6c:e0:9e:d4:51:90:81:7c:4d:2a:b7:14:f1:
1a:72:d6:cf:cd:59:c5:83:f2:3f:bd:0c:af:bb:fc:a2:50:51:
1a:a2:49:54:d5:42:90:4f:df:5f:d5:11:f0:f7:02:d0:79:86:
92:eb:13:80:71:d5:d7:a4:37:ce:e9:7f:f8:bc:a7:27:ad:48:
57:e0:5b:ce
-----BEGIN CERTIFICATE-----
MIIF3jCCBMagAwIBAgICNtAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjU0NzUxMTAvBgNVBAUTKDQ0NDBGNkM0MjJFOTUwMEM3RDQ2QTYyRDdERUI3MEQz
M0E4ODc1MEUwHhcNMjUwNjE3MDQxOTUyWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODUwZWNlNy04N2RhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt4RTvEmQuv2VYSgu2x/5f/HiKjOSPqJFOIsKeBhY4CJcs1u9xlXj2fdTj+oZ
PY82qowrw3kT4TSAKZDCrHcsMRjKlMwF9ofKme/+DB/vHZRdkAhvv72eB0JcdxBO
IIbCuzz95cwtU3NmRojwEo5MG6Fh3VIj+nJcUqw1JV7vuyDu8St9SqRaRjes5SK6
Ynv+d0Qhb0gWDZ2HZfoHeFNM4HYaDd7UUqUe/I9dtuEUVlQez6QdKabZONDgtw7V
afk9Ti/16T1FkyHGbpYlhXFTsBtbPmnUzfKle/zXrhsxCqXQolN34dTcemn9eYC9
qjyXdu0kwxyKUqwcH+eC4vFqIwIDAQABo4IDAjCCAv4wHQYDVR0OBBYEFNOJJ9iC
rnWI9dPAhIFa4SpQ4Q3DMB8GA1UdIwQYMBaAFERA9sQi6VAMfUamLX3rcNM6iHUO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNTQ3NS9BQjQ0Nzk3MjFE
NzgxMUUyQURCNkYyQzQwOEIwMkNEMi9SRUQyeENMcFVBeDlScVl0ZmV0dzB6cUlk
UTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JFRDJ4Q0xwVUF4OVJxWXRmZXR3MHpxSWRRNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjU0NzUvQUI0NDc5NzIxRDc4MTFFMkFEQjZGMkM0MDhCMDJDRDIvNzE3OTI0NUM2
MTkzMTFFRTlCNTJEMDQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYsGCCsGAQUFBwEHAQH/
BHwwejBnBAIAATBhMAsDAwA9EwMEAD0TAgMEAD0TBAMEAD0TBwMEAD0TCQMEAD0T
DjAMAwQFepvgAwQAepvkAwQAepvmAwQAepvoMAwDBAJ6m+wDBAB6m+4wDAMEAHqb
8wMEA3qb8AMEAMov/TAPBAIAAjAJAwcAIAEMOFAAMA0GCSqGSIb3DQEBCwUAA4IB
AQAsdTO/ZyPbDD7jXnydejpydEjKSnU0cqbVn6rJwfpVLdhUP1h+pMuz7ef2D5RU
j+U4rGIkycPrrQlOmmGvoGWWQ/z/XaztShcbns4lvGkSwtnNF4UkEC+MwK3G0u0W
Gbb19CLpbwqQI1RT/X1Qc/Cp/tHwpyLTRi+Oy9QrCXm18PM5b69/K1YZ+PA17+sP
raOx1DG2sH781rYuYSWOBXIVe2XreihFNTKl/3Tr21Cw7ZCRYtbs1QhLI2zgntRR
kIF8TSq3FPEactbPzVnFg/I/vQyvu/yiUFEaoklU1UKQT99f1RHw9wLQeYaS6xOA
cdXXpDfO6X/4vKcnrUhX4FvO
-----END CERTIFICATE-----
Generated at Thu Jul 3 12:14:39 2025 by rpki-client