Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915ACE2/51CD7FBA72CE11F08421AA48C4F9AE02/C13BBA7472CE11F08EC1A954C4F9AE02.roa
File: C13BBA7472CE11F08EC1A954C4F9AE02.roa (raw, json)
Hash identifier: Z5wKN86h43WnhaCcXnSDpddiCRId/k2KmWdqONanrqc=
Subject key identifier: BC:88:33:FF:78:A8:33:80:AA:24:65:0B:E1:90:B1:56:64:60:01:EA
Certificate issuer: /CN=A915ACE2/serialNumber=DAE1CE0ADA67B44713C61B1FAEC4F5D4D67A159F
Certificate serial: 1F
Authority key identifier: DA:E1:CE:0A:DA:67:B4:47:13:C6:1B:1F:AE:C4:F5:D4:D6:7A:15:9F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2uHOCtpntEcTxhsfrsT11NZ6FZ8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915ACE2/51CD7FBA72CE11F08421AA48C4F9AE02/C13BBA7472CE11F08EC1A954C4F9AE02.roa
Signing time: Wed 06 Aug 2025 20:46:20 +0000
ROA not before: Wed 06 Aug 2025 20:46:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 38584
IP address blocks: 202.63.192.0/24 maxlen: 24
202.63.193.0/24 maxlen: 24
202.63.194.0/24 maxlen: 24
202.63.195.0/24 maxlen: 24
202.63.196.0/24 maxlen: 24
202.63.197.0/24 maxlen: 24
202.63.198.0/24 maxlen: 24
202.63.199.0/24 maxlen: 24
202.63.200.0/24 maxlen: 24
202.63.201.0/24 maxlen: 24
202.63.202.0/24 maxlen: 24
202.63.203.0/24 maxlen: 24
202.63.204.0/24 maxlen: 24
202.63.205.0/24 maxlen: 24
202.63.206.0/24 maxlen: 24
202.63.207.0/24 maxlen: 24
202.63.208.0/24 maxlen: 24
202.63.209.0/24 maxlen: 24
202.63.210.0/24 maxlen: 24
202.63.211.0/24 maxlen: 24
202.63.212.0/24 maxlen: 24
202.63.213.0/24 maxlen: 24
202.63.214.0/24 maxlen: 24
202.63.215.0/24 maxlen: 24
202.63.216.0/24 maxlen: 24
202.63.217.0/24 maxlen: 24
202.63.218.0/24 maxlen: 24
202.63.219.0/24 maxlen: 24
202.63.220.0/24 maxlen: 24
202.63.221.0/24 maxlen: 24
202.63.222.0/24 maxlen: 24
202.63.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915ACE2/51CD7FBA72CE11F08421AA48C4F9AE02/2uHOCtpntEcTxhsfrsT11NZ6FZ8.crl
rsync://rpki.apnic.net/member_repository/A915ACE2/51CD7FBA72CE11F08421AA48C4F9AE02/2uHOCtpntEcTxhsfrsT11NZ6FZ8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2uHOCtpntEcTxhsfrsT11NZ6FZ8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Aug 2025 08:21:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31 (0x1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915ACE2, serialNumber=DAE1CE0ADA67B44713C61B1FAEC4F5D4D67A159F
Validity
Not Before: Aug 6 20:46:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6893bf1c-2c93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f8:12:42:82:a8:73:ed:18:65:76:7e:3d:0f:
bd:b0:d2:c1:51:2f:32:2a:71:4f:96:8f:fe:33:d2:
58:29:24:54:fa:04:18:11:0e:36:43:01:ba:a1:5f:
06:cc:c8:88:35:67:08:8c:9e:74:f1:9e:87:08:ae:
5c:74:b9:1f:04:93:28:88:8e:05:06:ae:1c:1a:77:
4b:c8:7d:2a:ac:98:60:9f:f0:fb:44:4d:26:32:50:
00:fe:24:87:92:cc:30:d1:9e:6e:51:54:99:6d:37:
e2:24:2a:3e:5a:9d:df:99:42:5f:74:ee:6d:13:00:
12:4f:6b:46:94:ac:7f:8c:66:7c:eb:5b:2e:8a:bd:
02:cb:a3:73:d7:93:7b:14:1a:f2:30:a1:28:5b:24:
f4:21:25:a8:07:98:92:d4:e1:e1:a1:10:d1:13:c0:
73:49:40:eb:5a:3c:8f:5a:ee:1e:66:db:b4:75:7c:
b8:eb:27:bb:d2:51:e8:03:ec:42:37:8d:86:ff:39:
d7:c5:04:04:0b:07:8e:a5:45:2b:70:33:cd:d7:62:
d4:2c:a6:86:9e:b7:c0:36:24:97:55:e7:0e:c6:a3:
94:f6:fb:f3:f0:ac:59:44:55:5b:39:f0:ac:e7:de:
29:3e:a6:8d:a6:71:ff:f7:bb:68:82:97:43:d3:5c:
51:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:88:33:FF:78:A8:33:80:AA:24:65:0B:E1:90:B1:56:64:60:01:EA
X509v3 Authority Key Identifier:
keyid:DA:E1:CE:0A:DA:67:B4:47:13:C6:1B:1F:AE:C4:F5:D4:D6:7A:15:9F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915ACE2/51CD7FBA72CE11F08421AA48C4F9AE02/2uHOCtpntEcTxhsfrsT11NZ6FZ8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2uHOCtpntEcTxhsfrsT11NZ6FZ8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915ACE2/51CD7FBA72CE11F08421AA48C4F9AE02/C13BBA7472CE11F08EC1A954C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.63.192.0/19
Signature Algorithm: sha256WithRSAEncryption
4c:66:0a:68:2d:ec:7e:2b:1d:bb:ed:e0:9d:8c:5b:21:ed:d2:
a5:e4:05:e5:63:7c:e2:01:9d:84:f4:3c:ad:15:30:6b:d2:72:
cf:ab:40:5c:77:db:e5:8e:31:d8:d7:54:2f:fc:5a:a1:88:c8:
f7:db:13:6c:6b:9e:ee:ee:2e:8f:00:8e:52:4c:56:63:1e:be:
8d:18:85:9c:f1:2a:c7:20:17:f5:8a:82:77:02:fe:8b:ab:9e:
1d:45:36:02:9c:65:c2:b8:71:28:6d:32:f3:1c:b0:e2:70:ae:
bd:c6:a2:73:90:6c:bf:c0:ea:c1:bc:d4:6e:3d:c3:7d:3d:a4:
b7:2f:c7:27:89:83:50:dc:42:c7:0e:59:14:d2:93:db:67:b4:
8a:6c:c3:2f:87:4e:94:09:bb:c3:6b:ae:21:2c:27:4b:32:02:
e1:94:c0:da:ec:7e:d4:ea:5c:b0:4f:1b:7c:01:ff:b1:51:b2:
3e:ff:85:f1:17:53:08:30:e9:d9:43:b8:22:d1:90:e5:81:b6:
b0:81:77:4c:fd:63:53:11:09:f0:c4:99:3b:f0:12:65:85:71:
34:40:2e:98:45:56:ac:17:73:c9:77:53:88:2e:1b:46:74:c2:
4b:56:1f:50:2a:e2:53:f2:29:af:21:33:cc:70:d0:29:e6:07:
2e:0b:36:f6
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBHzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
QUNFMjExMC8GA1UEBRMoREFFMUNFMEFEQTY3QjQ0NzEzQzYxQjFGQUVDNEY1RDRE
NjdBMTU5RjAeFw0yNTA4MDYyMDQ2MjBaFw0yNjA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4OTNiZjFjLTJjOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDJ+BJCgqhz7Rhldn49D72w0sFRLzIqcU+Wj/4z0lgpJFT6BBgRDjZDAbqhXwbM
yIg1ZwiMnnTxnocIrlx0uR8EkyiIjgUGrhwad0vIfSqsmGCf8PtETSYyUAD+JIeS
zDDRnm5RVJltN+IkKj5and+ZQl907m0TABJPa0aUrH+MZnzrWy6KvQLLo3PXk3sU
GvIwoShbJPQhJagHmJLU4eGhENETwHNJQOtaPI9a7h5m27R1fLjrJ7vSUegD7EI3
jYb/OdfFBAQLB46lRStwM83XYtQspoaet8A2JJdV5w7Go5T2+/PwrFlEVVs58Kzn
3ik+po2mcf/3u2iCl0PTXFFDAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUvIgz/3io
M4CqJGUL4ZCxVmRgAeowHwYDVR0jBBgwFoAU2uHOCtpntEcTxhsfrsT11NZ6FZ8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVBQ0UyLzUxQ0Q3RkJBNzJD
RTExRjA4NDIxQUE0OEM0RjlBRTAyLzJ1SE9DdHBudEVjVHhoc2Zyc1QxMU5aNkZa
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMnVIT0N0cG50RWNUeGhzZnJzVDExTlo2Rlo4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
QUNFMi81MUNEN0ZCQTcyQ0UxMUYwODQyMUFBNDhDNEY5QUUwMi9DMTNCQkE3NDcy
Q0UxMUYwOEVDMUE5NTRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEBco/wDANBgkqhkiG9w0BAQsFAAOCAQEATGYKaC3sfisdu+3g
nYxbIe3SpeQF5WN84gGdhPQ8rRUwa9Jyz6tAXHfb5Y4x2NdUL/xaoYjI99sTbGue
7u4ujwCOUkxWYx6+jRiFnPEqxyAX9YqCdwL+i6ueHUU2ApxlwrhxKG0y8xyw4nCu
vcaic5Bsv8DqwbzUbj3DfT2kty/HJ4mDUNxCxw5ZFNKT22e0imzDL4dOlAm7w2uu
ISwnSzIC4ZTA2ux+1OpcsE8bfAH/sVGyPv+F8RdTCDDp2UO4ItGQ5YG2sIF3TP1j
UxEJ8MSZO/ASZYVxNEAumEVWrBdzyXdTiC4bRnTCS1YfUCriU/IpryEzzHDQKeYH
Lgs29g==
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:51:03 2025 by rpki-client