Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9181375/AED5831E1F0611EFA61ABA51C4F9AE02/A51B73A01F0711EFB7C30655C4F9AE02.roa
File: A51B73A01F0711EFB7C30655C4F9AE02.roa (raw, json)
Hash identifier: kzK64g+3VdJ70eJ8iwPZF9UwtUca3Ror+UcoTeSU+vo=
Subject key identifier: B8:2A:71:52:22:16:BF:C1:E3:9D:31:A9:C4:4A:56:FE:EA:90:F6:D8
Certificate issuer: /CN=A9181375/serialNumber=8DCDE52B9B8B0522BE26713A41865670A61EE86D
Certificate serial: DE
Authority key identifier: 8D:CD:E5:2B:9B:8B:05:22:BE:26:71:3A:41:86:56:70:A6:1E:E8:6D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jc3lK5uLBSK-JnE6QYZWcKYe6G0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9181375/AED5831E1F0611EFA61ABA51C4F9AE02/A51B73A01F0711EFB7C30655C4F9AE02.roa
Signing time: Tue 01 Jul 2025 06:43:53 +0000
ROA not before: Tue 01 Jul 2025 06:43:53 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 45701
IP address blocks: 43.224.168.0/24 maxlen: 24
43.224.169.0/24 maxlen: 24
43.224.170.0/24 maxlen: 24
43.224.171.0/24 maxlen: 24
59.153.128.0/24 maxlen: 24
59.153.129.0/24 maxlen: 24
59.153.130.0/24 maxlen: 24
59.153.131.0/24 maxlen: 24
103.89.76.0/24 maxlen: 24
103.89.77.0/24 maxlen: 24
103.89.78.0/24 maxlen: 24
103.89.79.0/24 maxlen: 24
103.225.148.0/24 maxlen: 24
103.225.149.0/24 maxlen: 24
103.225.150.0/24 maxlen: 24
103.225.151.0/24 maxlen: 24
153.124.160.0/24 maxlen: 24
153.124.161.0/24 maxlen: 24
153.124.162.0/24 maxlen: 24
153.124.163.0/24 maxlen: 24
153.124.164.0/24 maxlen: 24
153.124.165.0/24 maxlen: 24
153.124.166.0/24 maxlen: 24
153.124.167.0/24 maxlen: 24
202.58.192.0/24 maxlen: 24
202.58.193.0/24 maxlen: 24
202.58.194.0/24 maxlen: 24
202.58.195.0/24 maxlen: 24
202.58.196.0/24 maxlen: 24
202.58.197.0/24 maxlen: 24
202.58.198.0/24 maxlen: 24
202.58.199.0/24 maxlen: 24
202.58.200.0/24 maxlen: 24
202.58.201.0/24 maxlen: 24
202.58.203.0/24 maxlen: 24
202.58.204.0/24 maxlen: 24
202.58.205.0/24 maxlen: 24
202.58.206.0/24 maxlen: 24
202.58.207.0/24 maxlen: 24
203.28.216.0/24 maxlen: 24
203.28.217.0/24 maxlen: 24
203.28.218.0/24 maxlen: 24
203.28.219.0/24 maxlen: 24
2001:df0:a900::/48 maxlen: 48
2402:2900::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9181375/AED5831E1F0611EFA61ABA51C4F9AE02/jc3lK5uLBSK-JnE6QYZWcKYe6G0.crl
rsync://rpki.apnic.net/member_repository/A9181375/AED5831E1F0611EFA61ABA51C4F9AE02/jc3lK5uLBSK-JnE6QYZWcKYe6G0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jc3lK5uLBSK-JnE6QYZWcKYe6G0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 10 Jul 2025 03:15:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 222 (0xde)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9181375, serialNumber=8DCDE52B9B8B0522BE26713A41865670A61EE86D
Validity
Not Before: Jul 1 06:43:53 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=686383a9-0555
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:cd:e9:5b:d2:4b:98:51:81:18:5d:64:3c:ab:
38:bf:ac:2a:39:83:d3:47:c6:77:d8:51:6b:85:ba:
69:77:ee:23:41:51:6f:ec:87:17:71:04:20:d2:78:
e2:16:32:7a:23:81:8c:cb:74:a1:71:09:b9:ad:39:
d1:d8:08:82:c7:04:52:dd:30:0c:26:12:34:7a:d1:
c8:5c:e6:72:8e:24:a3:46:18:41:c5:8c:5e:11:f7:
97:73:5d:83:5f:ae:0e:3e:c1:4d:35:79:b8:7c:72:
65:16:6e:15:8f:79:21:6a:b9:31:a6:03:a4:5e:63:
3d:11:8f:e6:f9:62:a7:32:88:00:8c:68:c7:35:e6:
ea:e8:90:2a:88:04:3a:70:89:ea:29:1e:8f:f2:99:
d2:89:5a:a2:fa:8a:09:84:ea:97:a1:f5:65:5f:a8:
f1:07:09:33:a2:1a:ac:f8:50:d7:28:0f:5f:b7:79:
7e:1e:5f:11:d6:c2:e9:71:96:f5:d2:1b:2e:2b:2a:
ff:f6:1c:dd:40:98:d9:6d:cd:c6:ec:7b:e1:91:c2:
76:47:db:17:11:59:e6:d7:bc:6a:1b:66:22:9a:ab:
94:3c:62:68:6c:70:3f:e1:d1:a4:53:f7:f4:c1:33:
43:ce:37:40:18:3b:29:ec:73:e4:51:9a:43:31:5b:
24:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:2A:71:52:22:16:BF:C1:E3:9D:31:A9:C4:4A:56:FE:EA:90:F6:D8
X509v3 Authority Key Identifier:
keyid:8D:CD:E5:2B:9B:8B:05:22:BE:26:71:3A:41:86:56:70:A6:1E:E8:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9181375/AED5831E1F0611EFA61ABA51C4F9AE02/jc3lK5uLBSK-JnE6QYZWcKYe6G0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jc3lK5uLBSK-JnE6QYZWcKYe6G0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9181375/AED5831E1F0611EFA61ABA51C4F9AE02/A51B73A01F0711EFB7C30655C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.224.168.0/22
59.153.128.0/22
103.89.76.0/22
103.225.148.0/22
153.124.160.0/21
202.58.192.0-202.58.201.255
202.58.203.0-202.58.207.255
203.28.216.0/22
IPv6:
2001:df0:a900::/48
2402:2900::/32
Signature Algorithm: sha256WithRSAEncryption
58:90:83:fa:79:a6:65:cc:7a:fc:a4:bd:de:16:1e:fe:18:23:
63:4d:59:28:10:a5:5c:4c:a8:83:aa:69:0b:09:af:e3:dc:61:
38:06:b0:cc:20:df:96:0f:35:b6:4a:9f:4b:43:4b:e2:b4:ee:
7a:61:9a:c2:cd:89:63:34:9e:46:f0:5b:d9:8f:9d:05:54:f1:
55:b8:f5:3c:68:63:92:ec:54:73:6b:b6:3f:d9:d4:2b:db:d7:
6a:a9:19:c1:d2:b4:c3:05:83:6c:5b:f2:36:55:24:09:55:41:
d1:55:bd:c4:01:57:c1:84:f3:c2:65:4f:3c:8c:20:9a:09:97:
f8:5b:a0:a1:3b:f3:7f:7e:21:df:fd:99:ae:6c:01:1b:53:d7:
79:b8:f6:67:ff:34:cc:26:9b:75:f1:97:19:b1:a8:89:2a:91:
8e:8b:86:85:73:37:f4:d0:5d:5e:cb:7a:ba:16:a0:7f:9c:d2:
c1:a2:a6:bc:d9:68:2a:22:72:5d:dc:48:02:79:75:ea:9a:1a:
3c:9d:9d:43:4b:76:a7:5e:ef:fe:b0:2c:22:b7:7a:2e:84:9b:
82:37:e8:05:8d:7a:25:39:55:9f:a0:ba:dd:1f:4f:f8:90:2d:
e1:ac:bf:e8:7e:de:a2:56:06:9f:60:a9:10:88:87:af:9b:49:
70:db:0e:d4
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgICAN4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODEzNzUxMTAvBgNVBAUTKDhEQ0RFNTJCOUI4QjA1MjJCRTI2NzEzQTQxODY1Njcw
QTYxRUU4NkQwHhcNMjUwNzAxMDY0MzUzWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODYzODNhOS0wNTU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAts3pW9JLmFGBGF1kPKs4v6wqOYPTR8Z32FFrhbppd+4jQVFv7IcXcQQg0nji
FjJ6I4GMy3ShcQm5rTnR2AiCxwRS3TAMJhI0etHIXOZyjiSjRhhBxYxeEfeXc12D
X64OPsFNNXm4fHJlFm4Vj3kharkxpgOkXmM9EY/m+WKnMogAjGjHNebq6JAqiAQ6
cInqKR6P8pnSiVqi+ooJhOqXofVlX6jxBwkzohqs+FDXKA9ft3l+Hl8R1sLpcZb1
0hsuKyr/9hzdQJjZbc3G7HvhkcJ2R9sXEVnm17xqG2YimquUPGJobHA/4dGkU/f0
wTNDzjdAGDsp7HPkUZpDMVsktQIDAQABo4IC5zCCAuMwHQYDVR0OBBYEFLgqcVIi
Fr/B450xqcRKVv7qkPbYMB8GA1UdIwQYMBaAFI3N5SubiwUiviZxOkGGVnCmHuht
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MTM3NS9BRUQ1ODMxRTFG
MDYxMUVGQTYxQUJBNTFDNEY5QUUwMi9qYzNsSzV1TEJTSy1KbkU2UVlaV2NLWWU2
RzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2pjM2xLNXVMQlNLLUpuRTZRWVpXY0tZZTZHMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODEzNzUvQUVENTgzMUUxRjA2MTFFRkE2MUFCQTUxQzRGOUFFMDIvQTUxQjczQTAx
RjA3MTFFRkI3QzMwNjU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcQYIKwYBBQUHAQcBAf8E
YjBgMEYEAgABMEADBAIr4KgDBAI7mYADBAJnWUwDBAJn4ZQDBAOZfKAwDAMEBso6
wAMEAco6yDAMAwQAyjrLAwQEyjrAAwQCyxzYMBYEAgACMBADBwAgAQ3wqQADBQAk
AikAMA0GCSqGSIb3DQEBCwUAA4IBAQBYkIP6eaZlzHr8pL3eFh7+GCNjTVkoEKVc
TKiDqmkLCa/j3GE4BrDMIN+WDzW2Sp9LQ0vitO56YZrCzYljNJ5G8FvZj50FVPFV
uPU8aGOS7FRza7Y/2dQr29dqqRnB0rTDBYNsW/I2VSQJVUHRVb3EAVfBhPPCZU88
jCCaCZf4W6ChO/N/fiHf/ZmubAEbU9d5uPZn/zTMJpt18ZcZsaiJKpGOi4aFczf0
0F1ey3q6FqB/nNLBoqa82WgqInJd3EgCeXXqmho8nZ1DS3anXu/+sCwit3ouhJuC
N+gFjXolOVWfoLrdH0/4kC3hrL/oft6iVgafYKkQiIevm0lw2w7U
-----END CERTIFICATE-----
Generated at Thu Jul 3 21:56:46 2025 by rpki-client