Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/F4FCC41E648311EC88370386C4F9AE02.roa
File: F4FCC41E648311EC88370386C4F9AE02.roa (raw, json)
Hash identifier: uk6OgnE8kYMPxv30SaMJe+3Z+6TjbuZqXinPmLVzBz4=
Subject key identifier: D7:E1:B1:97:69:5E:D3:AD:A6:59:5D:8B:51:DB:0D:7B:3A:45:16:94
Certificate issuer: /CN=A9182502/serialNumber=8C3CCB4FFB89189C6EF5B34DFDAABE1806A5218A
Certificate serial: 0ACC
Authority key identifier: 8C:3C:CB:4F:FB:89:18:9C:6E:F5:B3:4D:FD:AA:BE:18:06:A5:21:8A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jDzLT_uJGJxu9bNN_aq-GAalIYo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/F4FCC41E648311EC88370386C4F9AE02.roa
Signing time: Tue 12 Aug 2025 20:31:16 +0000
ROA not before: Tue 12 Aug 2025 20:31:16 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 149175
IP address blocks: 39.109.67.0/24 maxlen: 24
39.109.68.0/24 maxlen: 24
39.109.69.0/24 maxlen: 24
39.109.70.0/24 maxlen: 24
39.109.71.0/24 maxlen: 24
39.109.72.0/24 maxlen: 24
39.109.73.0/24 maxlen: 24
39.109.74.0/24 maxlen: 24
39.109.75.0/24 maxlen: 24
39.109.76.0/24 maxlen: 24
39.109.78.0/24 maxlen: 24
39.109.79.0/24 maxlen: 24
39.109.80.0/24 maxlen: 24
39.109.82.0/24 maxlen: 24
39.109.84.0/24 maxlen: 24
39.109.85.0/24 maxlen: 24
39.109.88.0/24 maxlen: 24
39.109.89.0/24 maxlen: 24
103.82.216.0/24 maxlen: 24
103.82.217.0/24 maxlen: 24
103.82.218.0/24 maxlen: 24
103.82.219.0/24 maxlen: 24
103.98.14.0/24 maxlen: 24
103.98.15.0/24 maxlen: 24
103.119.132.0/24 maxlen: 24
103.119.133.0/24 maxlen: 24
2403:e840::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/jDzLT_uJGJxu9bNN_aq-GAalIYo.crl
rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/jDzLT_uJGJxu9bNN_aq-GAalIYo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jDzLT_uJGJxu9bNN_aq-GAalIYo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 19:51:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2764 (0xacc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9182502, serialNumber=8C3CCB4FFB89189C6EF5B34DFDAABE1806A5218A
Validity
Not Before: Aug 12 20:31:16 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=689ba494-3d01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:58:25:9b:86:ac:51:04:9d:b2:d5:33:4b:9e:
b2:42:30:64:0e:22:66:d8:38:c9:73:57:32:65:b5:
9c:18:a5:e2:89:1b:ec:0a:ac:b8:0a:c8:14:75:38:
50:87:32:d4:f8:b6:d3:04:cd:83:ca:e5:6d:6c:bb:
e8:be:2e:11:fa:4d:a1:e9:93:6c:25:e0:1d:cf:c2:
e7:4e:9a:ed:ff:75:b4:76:c7:94:cd:70:85:e8:cd:
36:48:eb:a1:8a:34:30:bd:48:d9:96:1a:bb:e4:4c:
fd:71:18:9b:5f:fd:af:d3:ca:df:8c:76:5b:29:31:
8a:aa:46:77:c6:91:05:e9:a7:c9:ac:03:4e:35:ad:
d2:36:f3:c8:ca:6c:6c:91:68:48:d9:af:0f:78:16:
b2:d6:83:8d:40:fd:29:d1:da:95:6a:f4:8f:8f:41:
7f:5a:3e:76:bd:6c:0a:c0:b1:53:b6:dc:45:43:25:
b2:f1:5d:69:4d:1a:eb:be:bb:78:99:88:70:1e:14:
41:7c:bc:5e:f5:62:e0:88:66:07:13:57:2e:86:5c:
8e:03:41:1b:62:47:1e:88:e2:dd:43:dc:bf:05:bb:
02:92:1d:66:47:74:c6:bd:59:6e:66:b2:35:0b:8e:
ba:7c:4c:74:eb:b8:a8:70:a3:77:de:1f:a4:4c:e1:
33:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:E1:B1:97:69:5E:D3:AD:A6:59:5D:8B:51:DB:0D:7B:3A:45:16:94
X509v3 Authority Key Identifier:
keyid:8C:3C:CB:4F:FB:89:18:9C:6E:F5:B3:4D:FD:AA:BE:18:06:A5:21:8A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/jDzLT_uJGJxu9bNN_aq-GAalIYo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jDzLT_uJGJxu9bNN_aq-GAalIYo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/F4FCC41E648311EC88370386C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
39.109.67.0-39.109.76.255
39.109.78.0-39.109.80.255
39.109.82.0/24
39.109.84.0/23
39.109.88.0/23
103.82.216.0/22
103.98.14.0/23
103.119.132.0/23
IPv6:
2403:e840::/33
Signature Algorithm: sha256WithRSAEncryption
58:25:cd:d9:0e:41:49:6d:aa:55:bb:39:1d:d3:26:53:b2:1f:
ba:6d:4c:8d:f5:1f:80:d6:45:6b:cb:13:b7:41:06:8c:46:4e:
b5:4e:22:db:85:12:c5:c6:09:be:cf:31:d0:47:52:9d:90:f4:
54:66:bd:94:e0:7a:59:64:f4:93:1b:8e:04:9a:80:30:c2:10:
e9:ce:30:11:02:c5:c6:69:98:b6:47:f9:3f:7d:f3:d6:89:82:
88:e7:8a:64:c7:2a:d8:6b:bd:c8:cf:02:af:6d:2b:78:08:d5:
70:3d:1a:77:d1:ec:b5:2f:05:c9:5c:7e:be:b9:c6:f9:a6:2c:
d1:b1:c1:d2:ad:52:6d:f9:f0:ea:ad:44:d0:17:36:96:cc:b5:
6b:95:c2:34:df:ce:f1:70:24:25:69:2b:3a:e5:36:93:63:4c:
ee:c7:08:6c:83:6d:1a:cd:47:89:3a:da:af:f4:18:00:b2:c0:
f2:9b:c6:a2:7c:94:82:c4:68:b1:32:d2:89:23:f8:22:13:16:
66:51:49:45:13:93:dc:82:07:f9:c0:4a:b3:cf:d8:8b:e6:0b:
9d:6f:f5:3c:af:de:11:e4:50:e6:02:23:61:66:98:7a:83:e2:
bb:9c:8a:8c:38:81:39:ef:81:64:46:37:aa:a5:2e:76:05:04:
b3:2b:c0:64
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgICCswwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODI1MDIxMTAvBgNVBAUTKDhDM0NDQjRGRkI4OTE4OUM2RUY1QjM0REZEQUFCRTE4
MDZBNTIxOEEwHhcNMjUwODEyMjAzMTE2WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODliYTQ5NC0zZDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv1glm4asUQSdstUzS56yQjBkDiJm2DjJc1cyZbWcGKXiiRvsCqy4CsgUdThQ
hzLU+LbTBM2DyuVtbLvovi4R+k2h6ZNsJeAdz8LnTprt/3W0dseUzXCF6M02SOuh
ijQwvUjZlhq75Ez9cRibX/2v08rfjHZbKTGKqkZ3xpEF6afJrANONa3SNvPIymxs
kWhI2a8PeBay1oONQP0p0dqVavSPj0F/Wj52vWwKwLFTttxFQyWy8V1pTRrrvrt4
mYhwHhRBfLxe9WLgiGYHE1cuhlyOA0EbYkceiOLdQ9y/BbsCkh1mR3TGvVluZrI1
C466fEx067iocKN33h+kTOEzhwIDAQABo4IC3zCCAtswHQYDVR0OBBYEFNfhsZdp
XtOtplldi1HbDXs6RRaUMB8GA1UdIwQYMBaAFIw8y0/7iRicbvWzTf2qvhgGpSGK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MjUwMi9EQTE2QzYzQTcz
Q0MxMUVBQTM5OTUzMjZDNEY5QUUwMi9qRHpMVF91SkdKeHU5Yk5OX2FxLUdBYWxJ
WW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2pEekxUX3VKR0p4dTliTk5fYXEtR0FhbElZby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODI1MDIvREExNkM2M0E3M0NDMTFFQUEzOTk1MzI2QzRGOUFFMDIvRjRGQ0M0MUU2
NDgzMTFFQzg4MzcwMzg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwaQYIKwYBBQUHAQcBAf8E
WjBYMEYEAgABMEAwDAMEACdtQwMEACdtTDAMAwQBJ21OAwQAJ21QAwQAJ21SAwQB
J21UAwQBJ21YAwQCZ1LYAwQBZ2IOAwQBZ3eEMA4EAgACMAgDBgckA+hAADANBgkq
hkiG9w0BAQsFAAOCAQEAWCXN2Q5BSW2qVbs5HdMmU7Ifum1MjfUfgNZFa8sTt0EG
jEZOtU4i24USxcYJvs8x0EdSnZD0VGa9lOB6WWT0kxuOBJqAMMIQ6c4wEQLFxmmY
tkf5P33z1omCiOeKZMcq2Gu9yM8Cr20reAjVcD0ad9HstS8FyVx+vrnG+aYs0bHB
0q1Sbfnw6q1E0Bc2lsy1a5XCNN/O8XAkJWkrOuU2k2NM7scIbINtGs1HiTrar/QY
ALLA8pvGonyUgsRosTLSiSP4IhMWZlFJRROT3IIH+cBKs8/Yi+YLnW/1PK/eEeRQ
5gIjYWaYeoPiu5yKjDiBOe+BZEY3qqUudgUEsyvAZA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:39:45 2025 by rpki-client