Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B96D3BB2767311F0B208256DC4F9AE02.roa
File: B96D3BB2767311F0B208256DC4F9AE02.roa (raw, json)
Hash identifier: kBcHD+FAvYoyeir/Vw4RH2tAfPKP/UIKxu1NhgueoC0=
Subject key identifier: D6:A7:62:61:9D:C9:1F:26:08:5B:B2:FE:79:4D:9A:3D:E1:D6:EA:29
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: C260
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B96D3BB2767311F0B208256DC4F9AE02.roa
Signing time: Tue 12 Aug 2025 09:41:35 +0000
ROA not before: Tue 12 Aug 2025 09:41:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9498
IP address blocks: 45.121.44.0/22 maxlen: 24
45.124.224.0/22 maxlen: 24
45.124.228.0/22 maxlen: 24
45.124.232.0/22 maxlen: 24
45.124.236.0/22 maxlen: 24
103.29.197.0/24 maxlen: 24
103.61.132.0/22 maxlen: 24
103.68.220.0/23 maxlen: 24
103.171.87.0/24 maxlen: 24
103.209.96.0/23 maxlen: 24
192.12.109.0/24 maxlen: 24
202.53.87.0/24 maxlen: 24
202.58.102.0/23 maxlen: 24
202.65.141.0/24 maxlen: 24
202.65.142.0/24 maxlen: 24
2405:a700::/32 maxlen: 32
2405:a700:14::/48 maxlen: 48
2405:a700:15::/48 maxlen: 48
2405:a700:1b::/48 maxlen: 48
2405:a700:1c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 15:25:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49760 (0xc260)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 12 09:41:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=689b0c4e-ef00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e3:a1:3c:0f:ae:dc:1c:bd:4d:f9:8c:f3:99:
17:a0:89:02:78:7d:5f:0e:af:98:05:24:95:ae:8d:
60:24:b4:96:3d:5e:a7:ce:41:b6:1b:ba:2c:40:ef:
79:a9:a8:46:c9:cb:87:2b:ed:b3:5d:1d:c8:4c:68:
26:08:bd:5d:09:e7:28:a0:ad:a3:23:84:ec:c4:b7:
37:76:43:72:5b:02:4e:88:7c:e2:70:c8:1d:a8:d8:
fd:d9:be:45:ba:af:52:92:8e:b1:e5:75:74:de:3a:
e7:7b:70:51:87:25:f5:86:c4:23:85:56:d3:49:b5:
e5:92:42:11:5a:83:ff:5e:d9:50:ae:95:b6:ff:04:
6d:07:72:7c:be:12:a5:81:a8:0c:c6:72:30:26:c4:
8d:e6:ba:13:32:04:e7:b7:81:a3:5f:58:24:ca:f7:
e1:6e:8e:23:41:ec:e7:87:d1:a4:5e:af:99:48:8b:
a8:cb:2a:d9:8f:9b:35:3e:95:cd:56:39:0e:5a:ad:
fe:96:48:5a:02:bc:00:5c:a8:9d:9b:b2:3a:19:3b:
7a:46:6b:e7:2d:31:d5:d5:99:72:16:6a:99:a8:a0:
2f:63:1d:eb:5f:26:a8:2f:85:51:ea:34:58:68:3e:
b9:d0:f3:65:08:73:eb:78:ae:59:b7:19:b8:b9:43:
6c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:A7:62:61:9D:C9:1F:26:08:5B:B2:FE:79:4D:9A:3D:E1:D6:EA:29
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B96D3BB2767311F0B208256DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.121.44.0/22
45.124.224.0/20
103.29.197.0/24
103.61.132.0/22
103.68.220.0/23
103.171.87.0/24
103.209.96.0/23
192.12.109.0/24
202.53.87.0/24
202.58.102.0/23
202.65.141.0-202.65.142.255
IPv6:
2405:a700::/32
Signature Algorithm: sha256WithRSAEncryption
5d:5b:3d:4d:6d:7c:e3:52:1a:a2:e9:0f:cb:9d:6f:c2:a1:16:
47:24:2c:92:4d:9a:31:06:b9:52:8e:8b:ca:f8:c9:34:d2:4a:
b7:4c:94:1f:1f:b5:33:0b:75:94:c3:7d:1d:a0:21:6a:1f:45:
2c:60:41:52:60:24:15:2b:44:49:d3:e3:8a:11:47:22:33:df:
65:b1:b3:3d:75:1f:0a:7d:d9:b1:11:b2:22:04:fe:3a:32:40:
e1:2d:cd:4e:fa:1b:09:b5:6d:b0:5b:d2:1f:f1:90:a3:3c:78:
c7:62:9a:09:f8:35:d0:99:60:a1:df:78:8d:6a:34:41:66:07:
e6:ea:16:8f:aa:1a:92:17:36:37:1f:43:f8:0e:ff:69:25:6d:
53:02:b1:e0:4d:bc:6a:fb:ff:74:43:9e:23:af:7a:be:21:92:
73:fe:8a:5e:3f:dd:dc:d0:ba:7f:ba:a1:bb:da:1e:9f:5e:13:
06:25:ee:1d:89:1b:c9:3d:c7:4c:79:9c:17:fd:61:83:2e:fa:
d4:ba:02:cc:85:e8:88:7a:89:45:02:25:b0:02:27:8f:34:8f:
0a:b8:61:b7:78:5c:11:aa:91:38:b0:6c:a1:0a:ca:45:6f:8e:
9e:76:0e:9f:75:02:ef:f6:b9:6d:76:27:96:00:01:1d:f9:b5:
07:d8:70:bf
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIDAMJgMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDgxMjA5NDEzNVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjg5YjBjNGUtZWYwMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK3joTwPrtwcvU35jPOZF6CJAnh9Xw6vmAUkla6NYCS0lj1ep85Bthu6LEDv
eamoRsnLhyvts10dyExoJgi9XQnnKKCtoyOE7MS3N3ZDclsCToh84nDIHajY/dm+
RbqvUpKOseV1dN4653twUYcl9YbEI4VW00m15ZJCEVqD/17ZUK6Vtv8EbQdyfL4S
pYGoDMZyMCbEjea6EzIE57eBo19YJMr34W6OI0Hs54fRpF6vmUiLqMsq2Y+bNT6V
zVY5Dlqt/pZIWgK8AFyonZuyOhk7ekZr5y0x1dWZchZqmaigL2Md618mqC+FUeo0
WGg+udDzZQhz63iuWbcZuLlDbKUCAwEAAaOCAugwggLkMB0GA1UdDgQWBBTWp2Jh
nckfJghbsv55TZo94dbqKTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0I5NkQzQkIy
NzY3MzExRjBCMjA4MjU2REM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMHIGCCsGAQUFBwEHAQH/
BGMwYTBQBAIAATBKAwQCLXksAwQELXzgAwQAZx3FAwQCZz2EAwQBZ0TcAwQAZ6tX
AwQBZ9FgAwQAwAxtAwQAyjVXAwQByjpmMAwDBADKQY0DBADKQY4wDQQCAAIwBwMF
ACQFpwAwDQYJKoZIhvcNAQELBQADggEBAF1bPU1tfONSGqLpD8udb8KhFkckLJJN
mjEGuVKOi8r4yTTSSrdMlB8ftTMLdZTDfR2gIWofRSxgQVJgJBUrREnT44oRRyIz
32Wxsz11Hwp92bERsiIE/joyQOEtzU76Gwm1bbBb0h/xkKM8eMdimgn4NdCZYKHf
eI1qNEFmB+bqFo+qGpIXNjcfQ/gO/2klbVMCseBNvGr7/3RDniOver4hknP+il4/
3dzQun+6obvaHp9eEwYl7h2JG8k9x0x5nBf9YYMu+tS6AsyF6Ih6iUUCJbACJ480
jwq4Ybd4XBGqkTiwbKEKykVvjp52Dp91Au/2uW12J5YAAR35tQfYcL8=
-----END CERTIFICATE-----
Generated at Sun Aug 24 01:27:11 2025 by rpki-client