Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91619BE/752991C61D8511E293861BDC08B02CD2/3AA9ABDAA6C711E9933CF621C4F9AE02.roa
File: 3AA9ABDAA6C711E9933CF621C4F9AE02.roa (raw, json)
Hash identifier: 0Vd+S2y27VtxJNaIaSzS26hUg229nb/6aZufw7SyqnQ=
Subject key identifier: A9:A9:40:93:99:03:71:28:33:FE:5D:33:02:9E:97:C0:AB:AF:45:62
Certificate issuer: /CN=A91619BE/serialNumber=C316319585EE2CF247B5350371467DC269DC9CE5
Certificate serial: 34D8
Authority key identifier: C3:16:31:95:85:EE:2C:F2:47:B5:35:03:71:46:7D:C2:69:DC:9C:E5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wxYxlYXuLPJHtTUDcUZ9wmncnOU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91619BE/752991C61D8511E293861BDC08B02CD2/3AA9ABDAA6C711E9933CF621C4F9AE02.roa
Signing time: Wed 02 Jul 2025 14:50:29 +0000
ROA not before: Wed 02 Jul 2025 14:50:29 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 9927
IP address blocks: 45.64.120.0/24 maxlen: 24
45.64.121.0/24 maxlen: 24
45.64.122.0/24 maxlen: 24
45.64.123.0/24 maxlen: 24
58.97.160.0/24 maxlen: 24
58.97.161.0/24 maxlen: 24
58.97.163.0/24 maxlen: 24
58.97.164.0/24 maxlen: 24
58.97.165.0/24 maxlen: 24
58.97.166.0/24 maxlen: 24
58.97.167.0/24 maxlen: 24
58.97.168.0/24 maxlen: 24
58.97.169.0/24 maxlen: 24
58.97.170.0/24 maxlen: 24
58.97.171.0/24 maxlen: 24
58.97.172.0/24 maxlen: 24
58.97.173.0/24 maxlen: 24
58.97.174.0/24 maxlen: 24
58.97.175.0/24 maxlen: 24
58.97.176.0/24 maxlen: 24
58.97.177.0/24 maxlen: 24
58.97.178.0/24 maxlen: 24
58.97.179.0/24 maxlen: 24
58.97.180.0/24 maxlen: 24
58.97.181.0/24 maxlen: 24
58.97.182.0/24 maxlen: 24
58.97.183.0/24 maxlen: 24
58.97.184.0/24 maxlen: 24
58.97.185.0/24 maxlen: 24
58.97.186.0/24 maxlen: 24
58.97.187.0/24 maxlen: 24
58.97.188.0/24 maxlen: 24
58.97.189.0/24 maxlen: 24
58.97.190.0/24 maxlen: 24
58.97.191.0/24 maxlen: 24
103.21.12.0/24 maxlen: 24
103.21.13.0/24 maxlen: 24
103.21.14.0/24 maxlen: 24
103.21.15.0/24 maxlen: 24
202.57.32.0/24 maxlen: 24
202.57.33.0/24 maxlen: 24
202.57.34.0/24 maxlen: 24
202.57.35.0/24 maxlen: 24
202.57.36.0/24 maxlen: 24
202.57.37.0/24 maxlen: 24
202.57.38.0/24 maxlen: 24
202.57.39.0/24 maxlen: 24
202.57.40.0/24 maxlen: 24
202.57.41.0/24 maxlen: 24
202.57.42.0/24 maxlen: 24
202.57.43.0/24 maxlen: 24
202.57.44.0/24 maxlen: 24
202.57.45.0/24 maxlen: 24
202.57.46.0/24 maxlen: 24
202.57.47.0/24 maxlen: 24
202.57.48.0/24 maxlen: 24
202.57.49.0/24 maxlen: 24
202.57.50.0/24 maxlen: 24
202.57.51.0/24 maxlen: 24
202.57.52.0/24 maxlen: 24
202.57.53.0/24 maxlen: 24
202.57.54.0/24 maxlen: 24
202.57.55.0/24 maxlen: 24
202.57.57.0/24 maxlen: 24
202.57.58.0/24 maxlen: 24
202.57.61.0/24 maxlen: 24
202.57.62.0/24 maxlen: 24
202.57.63.0/24 maxlen: 24
2405:d400::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91619BE/752991C61D8511E293861BDC08B02CD2/wxYxlYXuLPJHtTUDcUZ9wmncnOU.crl
rsync://rpki.apnic.net/member_repository/A91619BE/752991C61D8511E293861BDC08B02CD2/wxYxlYXuLPJHtTUDcUZ9wmncnOU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wxYxlYXuLPJHtTUDcUZ9wmncnOU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 09 Jul 2025 14:50:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13528 (0x34d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91619BE, serialNumber=C316319585EE2CF247B5350371467DC269DC9CE5
Validity
Not Before: Jul 2 14:50:29 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=68654735-de7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:99:52:cf:9b:71:0c:b1:ff:eb:3a:cd:88:93:
c9:c4:6f:6c:99:01:81:49:88:fc:03:b7:94:76:62:
97:fb:17:0d:8c:27:38:2b:92:40:8f:28:61:d8:55:
ca:9d:71:39:4e:b7:7b:62:e2:e8:de:bb:66:af:f0:
0d:cc:f2:7d:29:0d:cf:09:e4:ad:3c:89:1b:9b:59:
a1:11:42:9a:ef:6f:37:0a:01:8e:a0:17:7c:e6:5f:
f9:60:e0:18:ac:db:f2:d1:63:ca:6e:02:5d:4d:dd:
98:d6:c9:ac:64:d3:0e:2e:6b:64:8e:df:22:56:56:
1c:30:fe:39:d1:53:56:47:0e:f8:ca:dc:ef:71:fc:
fa:36:b2:97:18:6e:53:f7:cd:09:3e:e2:52:bb:d8:
8d:b3:25:80:20:d7:f8:30:5b:62:bc:8d:0d:e6:c6:
ea:c8:1b:95:37:02:e3:ab:e9:96:01:16:1d:a9:d0:
35:2f:3f:74:54:84:3d:7d:4d:06:aa:06:9d:88:eb:
f9:b3:f5:1b:bb:78:cb:8d:2c:06:1f:64:15:6c:49:
f6:d2:9a:e0:f0:2f:31:af:8b:95:2a:f2:b2:4d:ae:
2d:a1:13:8c:88:dc:7e:d3:47:33:56:32:70:49:e4:
07:f2:21:0f:38:f1:7f:e2:f3:10:66:9a:99:c4:f2:
1a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:A9:40:93:99:03:71:28:33:FE:5D:33:02:9E:97:C0:AB:AF:45:62
X509v3 Authority Key Identifier:
keyid:C3:16:31:95:85:EE:2C:F2:47:B5:35:03:71:46:7D:C2:69:DC:9C:E5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91619BE/752991C61D8511E293861BDC08B02CD2/wxYxlYXuLPJHtTUDcUZ9wmncnOU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wxYxlYXuLPJHtTUDcUZ9wmncnOU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91619BE/752991C61D8511E293861BDC08B02CD2/3AA9ABDAA6C711E9933CF621C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.64.120.0/22
58.97.160.0/23
58.97.163.0-58.97.191.255
103.21.12.0/22
202.57.32.0-202.57.55.255
202.57.57.0-202.57.58.255
202.57.61.0-202.57.63.255
IPv6:
2405:d400::/32
Signature Algorithm: sha256WithRSAEncryption
62:bd:16:dd:1d:cf:cd:41:e2:2c:cf:8b:40:b2:aa:d6:a2:6e:
0f:5f:1a:e9:98:d2:96:b5:8a:4c:6c:9f:65:6b:58:37:86:9f:
74:6c:7f:27:01:d7:e5:6b:a6:ed:6d:27:76:7a:df:5c:c7:30:
21:83:fb:60:d1:00:6b:d9:5e:22:76:8e:54:70:76:5c:08:e8:
13:fe:d9:89:cf:71:bf:c7:80:51:67:68:5f:98:13:59:7e:d5:
c3:56:d6:27:98:64:d1:93:95:38:37:42:fb:51:39:f8:5a:92:
fc:33:2f:db:45:49:6d:94:7c:b4:a9:ff:81:30:b6:51:27:c2:
4e:e4:ab:40:0e:c0:4a:e0:eb:ea:9f:0f:8d:3e:5e:e7:08:19:
64:d5:b2:ab:8f:7c:cb:dc:e1:7e:30:b0:c4:66:a8:cc:ef:93:
90:e6:9c:03:16:30:f6:ee:a5:7b:4b:66:b3:89:61:55:e9:16:
63:48:a5:95:68:f3:2b:4a:12:e7:ee:aa:7b:c7:94:d8:92:7f:
f8:13:5b:15:37:9d:e7:d9:77:d5:5e:14:3a:db:56:7b:e3:f0:
74:88:da:5b:9c:b1:c9:9d:3e:71:91:8c:dc:5c:af:ef:2d:51:
d3:30:98:80:ce:0d:94:e0:a3:fe:c8:bd:d3:c4:95:c5:32:46:
1e:71:d6:e3
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgICNNgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjE5QkUxMTAvBgNVBAUTKEMzMTYzMTk1ODVFRTJDRjI0N0I1MzUwMzcxNDY3REMy
NjlEQzlDRTUwHhcNMjUwNzAyMTQ1MDI5WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODY1NDczNS1kZTdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyJlSz5txDLH/6zrNiJPJxG9smQGBSYj8A7eUdmKX+xcNjCc4K5JAjyhh2FXK
nXE5Trd7YuLo3rtmr/ANzPJ9KQ3PCeStPIkbm1mhEUKa7283CgGOoBd85l/5YOAY
rNvy0WPKbgJdTd2Y1smsZNMOLmtkjt8iVlYcMP450VNWRw74ytzvcfz6NrKXGG5T
980JPuJSu9iNsyWAINf4MFtivI0N5sbqyBuVNwLjq+mWARYdqdA1Lz90VIQ9fU0G
qgadiOv5s/Ubu3jLjSwGH2QVbEn20prg8C8xr4uVKvKyTa4toROMiNx+00czVjJw
SeQH8iEPOPF/4vMQZpqZxPIa9QIDAQABo4IC6DCCAuQwHQYDVR0OBBYEFKmpQJOZ
A3EoM/5dMwKel8Crr0ViMB8GA1UdIwQYMBaAFMMWMZWF7izyR7U1A3FGfcJp3Jzl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MTlCRS83NTI5OTFDNjFE
ODUxMUUyOTM4NjFCREMwOEIwMkNEMi93eFl4bFlYdUxQSkh0VFVEY1VaOXdtbmNu
T1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3d4WXhsWVh1TFBKSHRUVURjVVo5d21uY25PVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjE5QkUvNzUyOTkxQzYxRDg1MTFFMjkzODYxQkRDMDhCMDJDRDIvM0FBOUFCREFB
NkM3MTFFOTkzM0NGNjIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcgYIKwYBBQUHAQcBAf8E
YzBhMFAEAgABMEoDBAItQHgDBAE6YaAwDAMEADphowMEBjphgAMEAmcVDDAMAwQF
yjkgAwQDyjkwMAwDBADKOTkDBADKOTowDAMEAMo5PQMEBso5ADANBAIAAjAHAwUA
JAXUADANBgkqhkiG9w0BAQsFAAOCAQEAYr0W3R3PzUHiLM+LQLKq1qJuD18a6ZjS
lrWKTGyfZWtYN4afdGx/JwHX5Wum7W0ndnrfXMcwIYP7YNEAa9leInaOVHB2XAjo
E/7Zic9xv8eAUWdoX5gTWX7Vw1bWJ5hk0ZOVODdC+1E5+FqS/DMv20VJbZR8tKn/
gTC2USfCTuSrQA7ASuDr6p8PjT5e5wgZZNWyq498y9zhfjCwxGaozO+TkOacAxYw
9u6le0tms4lhVekWY0illWjzK0oS5+6qe8eU2JJ/+BNbFTed59l31V4UOttWe+Pw
dIjaW5yxyZ0+cZGM3Fyv7y1R0zCYgM4NlOCj/si908SVxTJGHnHW4w==
-----END CERTIFICATE-----
Generated at Wed Jul 2 16:11:27 2025 by rpki-client