Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915465A/8894A70A1C5511EBAB88C182C4F9AE02/7E099DB21C5611EBB91D2683C4F9AE02.roa
File: 7E099DB21C5611EBB91D2683C4F9AE02.roa (raw, json)
Hash identifier: 68DPPkIx3TMycMvhxJ/OJZVSsCBVKZGTA7YjwfeBQOY=
Subject key identifier: D5:29:77:B1:34:47:17:E8:2F:5A:97:A5:9F:64:F8:57:AB:16:F4:C6
Certificate issuer: /CN=A915465A/serialNumber=785E0BFF07B9037C60334B2DF3369281A4DC3F5A
Certificate serial: 07A3
Authority key identifier: 78:5E:0B:FF:07:B9:03:7C:60:33:4B:2D:F3:36:92:81:A4:DC:3F:5A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eF4L_we5A3xgM0st8zaSgaTcP1o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915465A/8894A70A1C5511EBAB88C182C4F9AE02/7E099DB21C5611EBB91D2683C4F9AE02.roa
Signing time: Thu 12 Jun 2025 21:39:29 +0000
ROA not before: Thu 12 Jun 2025 21:39:29 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 45785
IP address blocks: 116.193.157.0/24 maxlen: 24
183.78.168.0/24 maxlen: 24
183.78.169.0/24 maxlen: 24
183.78.170.0/24 maxlen: 24
183.78.171.0/24 maxlen: 24
202.43.100.0/24 maxlen: 24
202.43.101.0/24 maxlen: 24
202.43.102.0/24 maxlen: 24
202.43.103.0/24 maxlen: 24
210.1.224.0/24 maxlen: 24
210.1.225.0/24 maxlen: 24
210.1.226.0/24 maxlen: 24
210.1.227.0/24 maxlen: 24
210.1.228.0/24 maxlen: 24
210.1.229.0/24 maxlen: 24
210.1.230.0/24 maxlen: 24
210.1.231.0/24 maxlen: 24
2401:c400::/32 maxlen: 32
2401:c400:1000::/48 maxlen: 48
2401:c400:2000::/48 maxlen: 48
2401:c400:3000::/48 maxlen: 48
2401:c400:4000::/48 maxlen: 48
2401:c400:5000::/48 maxlen: 48
2401:c400:6000::/48 maxlen: 48
2401:c400:7000::/48 maxlen: 48
2401:c400:8000::/48 maxlen: 48
2401:c400:9000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915465A/8894A70A1C5511EBAB88C182C4F9AE02/eF4L_we5A3xgM0st8zaSgaTcP1o.crl
rsync://rpki.apnic.net/member_repository/A915465A/8894A70A1C5511EBAB88C182C4F9AE02/eF4L_we5A3xgM0st8zaSgaTcP1o.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eF4L_we5A3xgM0st8zaSgaTcP1o.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 09 Jul 2025 21:47:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1955 (0x7a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915465A, serialNumber=785E0BFF07B9037C60334B2DF3369281A4DC3F5A
Validity
Not Before: Jun 12 21:39:29 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=684b4910-9278
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:84:6d:39:96:cb:39:b2:8b:fe:02:b6:e8:ad:
ef:a1:7d:ae:28:9f:89:9e:d8:54:66:94:c3:74:12:
28:fc:7f:b3:e3:cf:16:b6:9e:06:7e:07:b4:3d:dd:
92:8c:f3:1b:2e:f6:ae:ba:7f:06:0a:51:5c:ed:13:
ff:4e:ef:e1:8b:10:1d:70:1a:cf:7c:c0:da:68:6a:
e6:2d:fb:c4:a2:08:13:9b:47:3c:ac:b1:85:eb:4f:
b5:76:ab:85:25:94:2c:09:48:6c:e3:2d:fa:48:88:
71:7e:84:72:a5:d7:79:e1:c4:15:a4:0a:1a:57:1a:
66:a8:ff:d6:33:0f:ee:e5:64:4c:5f:55:53:fe:2e:
1d:e0:67:8b:fe:cf:25:f2:91:e1:51:1a:15:51:9d:
a9:3f:38:24:a0:5d:8c:eb:94:6c:f6:a6:4a:90:bf:
76:94:c0:37:cc:7b:42:b2:cc:39:13:3f:2e:89:99:
43:c6:be:30:7e:4f:79:0b:8c:a0:74:85:08:89:20:
82:c5:69:98:b6:31:cb:d6:65:eb:d8:69:77:37:ea:
23:3c:0a:5a:b5:ac:4d:21:ce:0a:1c:4d:c7:c0:54:
5d:fc:7b:6e:85:0b:0f:e7:29:49:b9:ee:ac:93:4d:
c3:27:2c:47:27:04:13:cb:5e:1a:cd:28:ee:70:e1:
58:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:29:77:B1:34:47:17:E8:2F:5A:97:A5:9F:64:F8:57:AB:16:F4:C6
X509v3 Authority Key Identifier:
keyid:78:5E:0B:FF:07:B9:03:7C:60:33:4B:2D:F3:36:92:81:A4:DC:3F:5A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915465A/8894A70A1C5511EBAB88C182C4F9AE02/eF4L_we5A3xgM0st8zaSgaTcP1o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eF4L_we5A3xgM0st8zaSgaTcP1o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915465A/8894A70A1C5511EBAB88C182C4F9AE02/7E099DB21C5611EBB91D2683C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.193.157.0/24
183.78.168.0/22
202.43.100.0/22
210.1.224.0/21
IPv6:
2401:c400::/32
Signature Algorithm: sha256WithRSAEncryption
32:70:4e:8c:62:14:8a:07:36:ee:26:ed:7b:3c:39:89:b3:8e:
12:45:fa:41:f9:00:b7:a1:7b:21:f7:52:40:8f:17:5a:51:59:
12:7b:e8:7c:3c:01:07:05:10:28:6d:17:11:b5:e6:05:53:84:
d0:be:f2:03:f5:28:91:f9:53:f8:b5:8d:9a:1f:cd:1c:b8:f6:
3a:92:15:69:91:47:4d:c5:6f:56:3a:0e:09:ca:76:fb:e2:13:
56:4c:85:cb:58:f5:a2:f2:77:07:45:8f:d3:50:a5:5f:e3:9b:
7a:b2:c4:0e:e8:5e:41:55:fa:db:36:ff:b8:31:a8:2e:23:c0:
8d:e8:3c:9b:31:78:38:3c:63:c8:45:36:c4:59:e7:f0:b8:f8:
0d:2f:f3:cc:50:de:b4:94:23:f4:9d:0a:dd:e4:db:ef:35:ae:
38:d4:51:59:e8:1e:cf:85:f7:30:02:b5:09:64:58:fa:d7:72:
11:82:ec:45:4f:fd:69:8f:3a:3d:7d:0c:77:a9:24:27:4a:1b:
b7:fc:be:7f:c3:69:dd:87:c1:36:88:e8:86:eb:6b:7c:cf:37:
8f:d3:9b:5b:c2:43:c9:40:28:3e:d9:46:76:d1:42:1b:db:2a:
d2:f7:84:19:e2:67:8b:b1:ea:7a:04:bd:46:38:1b:7b:e8:92:
c9:3c:3d:b6
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICB6MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTQ2NUExMTAvBgNVBAUTKDc4NUUwQkZGMDdCOTAzN0M2MDMzNEIyREYzMzY5Mjgx
QTREQzNGNUEwHhcNMjUwNjEyMjEzOTI5WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODRiNDkxMC05Mjc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsYRtOZbLObKL/gK26K3voX2uKJ+JnthUZpTDdBIo/H+z488Wtp4Gfge0Pd2S
jPMbLvauun8GClFc7RP/Tu/hixAdcBrPfMDaaGrmLfvEoggTm0c8rLGF60+1dquF
JZQsCUhs4y36SIhxfoRypdd54cQVpAoaVxpmqP/WMw/u5WRMX1VT/i4d4GeL/s8l
8pHhURoVUZ2pPzgkoF2M65Rs9qZKkL92lMA3zHtCssw5Ez8uiZlDxr4wfk95C4yg
dIUIiSCCxWmYtjHL1mXr2Gl3N+ojPApataxNIc4KHE3HwFRd/HtuhQsP5ylJue6s
k03DJyxHJwQTy14azSjucOFYFwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFNUpd7E0
RxfoL1qXpZ9k+FerFvTGMB8GA1UdIwQYMBaAFHheC/8HuQN8YDNLLfM2koGk3D9a
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NDY1QS84ODk0QTcwQTFD
NTUxMUVCQUI4OEMxODJDNEY5QUUwMi9lRjRMX3dlNUEzeGdNMHN0OHphU2dhVGNQ
MW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VGNExfd2U1QTN4Z00wc3Q4emFTZ2FUY1Axby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTQ2NUEvODg5NEE3MEExQzU1MTFFQkFCODhDMTgyQzRGOUFFMDIvN0UwOTlEQjIx
QzU2MTFFQkI5MUQyNjgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAB0wZ0DBAK3TqgDBALKK2QDBAPSAeAwDQQCAAIwBwMFACQB
xAAwDQYJKoZIhvcNAQELBQADggEBADJwToxiFIoHNu4m7Xs8OYmzjhJF+kH5ALeh
eyH3UkCPF1pRWRJ76Hw8AQcFEChtFxG15gVThNC+8gP1KJH5U/i1jZofzRy49jqS
FWmRR03Fb1Y6DgnKdvviE1ZMhctY9aLydwdFj9NQpV/jm3qyxA7oXkFV+ts2/7gx
qC4jwI3oPJsxeDg8Y8hFNsRZ5/C4+A0v88xQ3rSUI/SdCt3k2+81rjjUUVnoHs+F
9zACtQlkWPrXchGC7EVP/WmPOj19DHepJCdKG7f8vn/Dad2HwTaI6Ibra3zPN4/T
m1vCQ8lAKD7ZRnbRQhvbKtL3hBniZ4ux6noEvUY4G3voksk8PbY=
-----END CERTIFICATE-----
Generated at Thu Jul 3 17:38:32 2025 by rpki-client