Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/A4A3FAEAEDE811EFA5767A5DC4F9AE02.roa
File: A4A3FAEAEDE811EFA5767A5DC4F9AE02.roa (raw, json)
Hash identifier: e7Dy/yrmu0hcKMxT0huel1vNg0CC7+GJucCX8fymY2o=
Subject key identifier: F8:ED:32:03:4A:99:AE:89:1B:7A:13:C4:D6:9E:4C:9F:4E:90:F8:23
Certificate issuer: /CN=A91955C8/serialNumber=C6673D3648F43F4674F5F5EBFCBFA31BB964F64B
Certificate serial: 309E
Authority key identifier: C6:67:3D:36:48:F4:3F:46:74:F5:F5:EB:FC:BF:A3:1B:B9:64:F6:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/A4A3FAEAEDE811EFA5767A5DC4F9AE02.roa
Signing time: Wed 30 Apr 2025 15:52:55 +0000
ROA not before: Wed 30 Apr 2025 15:52:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6421
IP address blocks: 43.241.40.0/24 maxlen: 24
103.16.252.0/23 maxlen: 23
103.16.254.0/23 maxlen: 23
116.0.66.0/24 maxlen: 24
180.87.13.0/24 maxlen: 24
180.87.27.0/24 maxlen: 24
180.87.29.0/24 maxlen: 24
180.87.68.0/24 maxlen: 24
180.87.76.0/24 maxlen: 24
180.87.91.0/24 maxlen: 24
180.87.92.0/24 maxlen: 24
180.87.115.0/24 maxlen: 24
180.87.117.0/24 maxlen: 24
180.87.119.0/24 maxlen: 24
180.87.120.0/24 maxlen: 24
180.87.121.0/24 maxlen: 24
180.87.122.0/24 maxlen: 24
180.87.124.0/24 maxlen: 24
180.87.126.0/24 maxlen: 24
180.87.127.0/24 maxlen: 24
180.87.129.0/24 maxlen: 24
180.87.138.0/24 maxlen: 24
180.87.139.0/24 maxlen: 24
180.87.140.0/24 maxlen: 24
180.87.141.0/24 maxlen: 24
180.87.152.0/24 maxlen: 24
180.87.153.0/24 maxlen: 24
180.87.182.0/24 maxlen: 24
180.87.190.0/24 maxlen: 24
180.87.191.0/24 maxlen: 24
202.183.64.0/24 maxlen: 24
202.183.65.0/24 maxlen: 24
202.183.66.0/24 maxlen: 24
202.183.69.0/24 maxlen: 24
202.183.70.0/24 maxlen: 24
202.183.72.0/24 maxlen: 24
202.183.73.0/24 maxlen: 24
202.183.74.0/24 maxlen: 24
202.183.75.0/24 maxlen: 24
202.183.76.0/24 maxlen: 24
202.183.77.0/24 maxlen: 24
202.183.79.0/24 maxlen: 24
2405:2001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.crl
rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 23 May 2025 15:39:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12446 (0x309e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91955C8, serialNumber=C6673D3648F43F4674F5F5EBFCBFA31BB964F64B
Validity
Not Before: Apr 30 15:52:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68124757-6ab5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:11:59:a4:ea:f8:99:65:a2:50:d0:d8:a4:11:
33:3f:5a:2a:92:86:17:92:ef:d2:a0:69:63:b0:33:
59:38:40:a2:7d:43:3c:70:ce:26:ad:ea:ba:2d:98:
36:47:bf:4e:61:83:d7:66:a5:32:82:e0:9b:dd:d9:
1c:ef:95:88:3f:ee:89:cf:e0:2f:7e:41:3c:8a:b9:
cf:7e:91:46:81:e0:68:af:f7:50:d4:1e:af:d0:bf:
0e:99:1c:64:f3:cc:6f:54:25:0c:ed:42:3d:ee:8c:
ca:dc:19:c0:f7:b0:21:08:86:21:67:d7:77:1b:83:
90:d6:7c:78:b4:9e:33:9e:b3:94:a5:e2:fb:c8:8d:
a7:76:64:81:0c:64:58:83:0a:7a:47:8a:9a:fc:8d:
9f:9e:09:10:4e:a2:fa:47:43:f0:3a:f4:85:84:fb:
64:93:e6:58:f9:eb:92:1e:a9:86:14:f1:1b:e6:b3:
53:67:36:6e:4c:e5:84:0b:87:95:4f:a1:da:a8:eb:
80:06:84:36:82:21:7f:ac:4f:e6:89:06:7f:df:49:
59:f1:8f:d0:66:bb:5e:3f:47:37:8b:31:f2:e5:77:
1e:dc:cd:1f:20:4e:c7:43:32:69:98:6f:d5:23:9d:
3f:07:53:0b:fa:11:9c:ba:b5:7a:e5:28:01:df:4b:
8f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:ED:32:03:4A:99:AE:89:1B:7A:13:C4:D6:9E:4C:9F:4E:90:F8:23
X509v3 Authority Key Identifier:
keyid:C6:67:3D:36:48:F4:3F:46:74:F5:F5:EB:FC:BF:A3:1B:B9:64:F6:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/A4A3FAEAEDE811EFA5767A5DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.40.0/24
103.16.252.0/22
116.0.66.0/24
180.87.13.0/24
180.87.27.0/24
180.87.29.0/24
180.87.68.0/24
180.87.76.0/24
180.87.91.0-180.87.92.255
180.87.115.0/24
180.87.117.0/24
180.87.119.0-180.87.122.255
180.87.124.0/24
180.87.126.0/23
180.87.129.0/24
180.87.138.0-180.87.141.255
180.87.152.0/23
180.87.182.0/24
180.87.190.0/23
202.183.64.0-202.183.66.255
202.183.69.0-202.183.70.255
202.183.72.0-202.183.77.255
202.183.79.0/24
IPv6:
2405:2001::/48
Signature Algorithm: sha256WithRSAEncryption
61:d1:f3:37:af:75:ec:13:cb:69:51:84:d6:db:37:e3:7c:20:
76:6c:0d:30:c7:96:b5:8e:ea:4a:b2:da:ec:03:41:e0:cc:04:
de:26:95:61:c6:55:50:a2:be:03:54:e5:60:a1:8c:ce:31:02:
d0:b8:4a:17:87:df:b9:75:1b:fc:83:d9:cb:2e:05:b5:39:57:
35:a1:d2:41:33:49:0e:0d:09:dd:77:02:1c:81:03:3a:17:c4:
73:7c:cc:8d:05:3f:c6:43:ff:9e:c3:b5:55:1c:77:ee:10:2c:
dd:b1:c5:61:18:1d:57:07:4b:f7:71:bd:13:73:93:c5:47:65:
dd:55:6b:9f:6b:a1:64:42:7a:c8:46:de:10:cf:a9:20:e4:d7:
63:99:b6:e9:58:37:63:bc:4b:c0:0e:c1:3a:68:9c:14:48:48:
f2:57:b2:80:aa:37:ff:2d:a3:c9:41:ba:2d:d9:9e:3c:a8:b4:
32:83:13:fe:4c:b5:d5:c0:92:2e:6a:dc:cf:90:ae:8e:81:00:
08:5a:ea:d3:c2:e4:ef:b5:57:e5:3a:72:d0:f6:10:07:c9:ab:
f2:7e:75:46:a0:e3:e9:2b:89:9b:41:84:0d:f0:bb:2b:c0:d3:
d5:17:21:04:48:29:09:e4:56:df:35:b5:e5:c7:d9:0b:01:5a:
82:3d:ed:96
-----BEGIN CERTIFICATE-----
MIIGOzCCBSOgAwIBAgICMJ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTU1QzgxMTAvBgNVBAUTKEM2NjczRDM2NDhGNDNGNDY3NEY1RjVFQkZDQkZBMzFC
Qjk2NEY2NEIwHhcNMjUwNDMwMTU1MjU1WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODEyNDc1Ny02YWI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxxFZpOr4mWWiUNDYpBEzP1oqkoYXku/SoGljsDNZOECifUM8cM4mreq6LZg2
R79OYYPXZqUyguCb3dkc75WIP+6Jz+AvfkE8irnPfpFGgeBor/dQ1B6v0L8OmRxk
88xvVCUM7UI97ozK3BnA97AhCIYhZ9d3G4OQ1nx4tJ4znrOUpeL7yI2ndmSBDGRY
gwp6R4qa/I2fngkQTqL6R0PwOvSFhPtkk+ZY+euSHqmGFPEb5rNTZzZuTOWEC4eV
T6HaqOuABoQ2giF/rE/miQZ/30lZ8Y/QZrteP0c3izHy5Xce3M0fIE7HQzJpmG/V
I50/B1ML+hGcurV65SgB30uPbwIDAQABo4IDXzCCA1swHQYDVR0OBBYEFPjtMgNK
ma6JG3oTxNaeTJ9OkPgjMB8GA1UdIwQYMBaAFMZnPTZI9D9GdPX16/y/oxu5ZPZL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NTVDOC85Q0QzRThGNkZG
NTgxMUUyQkI0QjJFM0Y1OTExRUEzMi94bWM5TmtqMFAwWjA5ZlhyX0wtakc3bGs5
a3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3htYzlOa2owUDBaMDlmWHJfTC1qRzdsazlrcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTU1QzgvOUNEM0U4RjZGRjU4MTFFMkJCNEIyRTNGNTkxMUVBMzIvQTRBM0ZBRUFF
REU4MTFFRkE1NzY3QTVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgegGCCsGAQUFBwEHAQH/
BIHYMIHVMIHBBAIAATCBugMEACvxKAMEAmcQ/AMEAHQAQgMEALRXDQMEALRXGwME
ALRXHQMEALRXRAMEALRXTDAMAwQAtFdbAwQAtFdcAwQAtFdzAwQAtFd1MAwDBAC0
V3cDBAC0V3oDBAC0V3wDBAG0V34DBAC0V4EwDAMEAbRXigMEAbRXjAMEAbRXmAME
ALRXtgMEAbRXvjAMAwQGyrdAAwQAyrdCMAwDBADKt0UDBADKt0YwDAMEA8q3SAME
Acq3TAMEAMq3TzAPBAIAAjAJAwcAJAUgAQAAMA0GCSqGSIb3DQEBCwUAA4IBAQBh
0fM3r3XsE8tpUYTW2zfjfCB2bA0wx5a1jupKstrsA0HgzATeJpVhxlVQor4DVOVg
oYzOMQLQuEoXh9+5dRv8g9nLLgW1OVc1odJBM0kODQnddwIcgQM6F8RzfMyNBT/G
Q/+ew7VVHHfuECzdscVhGB1XB0v3cb0Tc5PFR2XdVWufa6FkQnrIRt4Qz6kg5Ndj
mbbpWDdjvEvADsE6aJwUSEjyV7KAqjf/LaPJQbot2Z48qLQygxP+TLXVwJIuatzP
kK6OgQAIWurTwuTvtVflOnLQ9hAHyavyfnVGoOPpK4mbQYQN8LsrwNPVFyEESCkJ
5FbfNbXlx9kLAVqCPe2W
-----END CERTIFICATE-----
Generated at Fri May 16 21:24:40 2025 by rpki-client