Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919819A/63EA20921D9E11E2ADB73F8E08B02CD2/73462B74643C11EB9E7DF918C4F9AE02.roa
File: 73462B74643C11EB9E7DF918C4F9AE02.roa (raw, json)
Hash identifier: OVp7PpV4WrIA8CZ/VZbdyu0UkcIERq8sMNiqxbn0hvE=
Subject key identifier: 77:49:B9:82:15:51:15:64:50:B4:22:30:99:E9:94:6B:16:EB:F6:EB
Certificate issuer: /CN=A919819A/serialNumber=358399C736EF055D5D592CAB19016FE3816F6608
Certificate serial: 34B9
Authority key identifier: 35:83:99:C7:36:EF:05:5D:5D:59:2C:AB:19:01:6F:E3:81:6F:66:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NYOZxzbvBV1dWSyrGQFv44FvZgg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919819A/63EA20921D9E11E2ADB73F8E08B02CD2/73462B74643C11EB9E7DF918C4F9AE02.roa
Signing time: Wed 02 Jul 2025 15:20:55 +0000
ROA not before: Wed 02 Jul 2025 15:20:55 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 45780
IP address blocks: 103.23.0.0/22 maxlen: 24
110.173.232.0/22 maxlen: 22
110.173.232.0/23 maxlen: 24
110.173.234.0/23 maxlen: 23
110.173.235.0/24 maxlen: 24
110.173.236.0/22 maxlen: 24
111.118.216.0/24 maxlen: 24
111.118.217.0/24 maxlen: 24
111.118.218.0/24 maxlen: 24
111.118.219.0/24 maxlen: 24
119.17.32.0/19 maxlen: 24
123.254.112.0/20 maxlen: 24
163.47.52.0/22 maxlen: 23
175.103.16.0/20 maxlen: 20
175.103.16.0/23 maxlen: 23
175.103.18.0/24 maxlen: 24
175.103.19.0/24 maxlen: 24
175.103.20.0/24 maxlen: 24
175.103.21.0/24 maxlen: 24
175.103.22.0/24 maxlen: 24
175.103.23.0/24 maxlen: 24
175.103.24.0/23 maxlen: 23
175.103.26.0/23 maxlen: 23
175.103.28.0/22 maxlen: 24
2404:fa00::/36 maxlen: 36
2404:fa00::/40 maxlen: 40
2404:fa00:1000::/36 maxlen: 36
2404:fa00:2000::/36 maxlen: 36
2404:fa00:5000::/36 maxlen: 36
2404:fa00:d000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919819A/63EA20921D9E11E2ADB73F8E08B02CD2/NYOZxzbvBV1dWSyrGQFv44FvZgg.crl
rsync://rpki.apnic.net/member_repository/A919819A/63EA20921D9E11E2ADB73F8E08B02CD2/NYOZxzbvBV1dWSyrGQFv44FvZgg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NYOZxzbvBV1dWSyrGQFv44FvZgg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 09 Jul 2025 15:20:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13497 (0x34b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919819A, serialNumber=358399C736EF055D5D592CAB19016FE3816F6608
Validity
Not Before: Jul 2 15:20:55 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=68654e57-ee32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c4:61:bd:d1:ef:d5:e4:29:28:67:d2:1b:78:
00:6f:2b:31:0b:88:0a:b8:4a:67:fd:41:ee:c8:d7:
66:f7:f4:e1:dc:08:e5:47:47:e2:a1:4f:e4:24:64:
18:50:3d:fa:fd:1f:9d:f1:7a:9c:10:69:b1:1f:b3:
3a:0c:fd:81:60:10:9e:61:00:d8:45:b0:61:a1:83:
6e:e3:e6:1c:07:d2:21:a5:da:7d:2b:1f:02:eb:16:
c0:c6:58:62:25:97:df:47:ed:e7:37:53:28:8b:5c:
94:85:70:d8:4a:a0:03:8c:b1:ce:6a:1e:b8:38:40:
f8:5c:3a:48:21:38:a3:9b:a4:91:9c:e7:fe:c0:35:
a1:e4:74:dd:f9:00:e7:e2:d8:95:12:26:5c:32:47:
97:fc:ae:8a:c7:97:76:05:d3:32:3d:f9:fd:c2:e8:
25:a3:af:b7:2b:3d:2e:8c:a5:ed:40:16:07:2d:20:
40:87:79:b4:69:04:19:3e:cd:01:0e:f7:64:be:6c:
f8:98:b3:99:03:ce:96:8c:3d:4e:0e:41:da:e9:ee:
1a:4e:73:29:29:53:25:da:79:b9:9a:a8:aa:a8:02:
45:2e:90:eb:f2:90:fa:37:12:e7:7c:1c:ee:b7:d8:
1a:ad:f0:0e:8b:6e:5d:59:79:55:b2:58:58:c2:72:
9d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:49:B9:82:15:51:15:64:50:B4:22:30:99:E9:94:6B:16:EB:F6:EB
X509v3 Authority Key Identifier:
keyid:35:83:99:C7:36:EF:05:5D:5D:59:2C:AB:19:01:6F:E3:81:6F:66:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919819A/63EA20921D9E11E2ADB73F8E08B02CD2/NYOZxzbvBV1dWSyrGQFv44FvZgg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NYOZxzbvBV1dWSyrGQFv44FvZgg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919819A/63EA20921D9E11E2ADB73F8E08B02CD2/73462B74643C11EB9E7DF918C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.23.0.0/22
110.173.232.0/21
111.118.216.0/22
119.17.32.0/19
123.254.112.0/20
163.47.52.0/22
175.103.16.0/20
IPv6:
2404:fa00::-2404:fa00:2fff:ffff:ffff:ffff:ffff:ffff
2404:fa00:5000::/36
2404:fa00:d000::/36
Signature Algorithm: sha256WithRSAEncryption
4d:5d:07:ed:53:f2:6f:d4:b1:fc:66:74:10:5c:c1:73:32:f7:
a7:3b:60:d3:ab:70:37:f3:77:52:9f:01:25:04:d1:6a:b7:af:
b2:64:78:1e:b5:f3:ff:46:0e:95:0f:c2:24:35:90:99:2c:4f:
e8:3e:d9:75:79:c9:6f:1f:81:62:a0:21:fc:22:9d:4e:c4:27:
1c:06:37:1a:ce:1b:f4:b4:f5:4b:9b:55:d6:b4:3f:45:78:7d:
7d:f8:67:02:2f:1e:fb:5b:2e:d5:cd:de:8b:1c:50:02:7f:28:
66:86:fb:51:d2:97:9a:f6:a9:81:1f:ce:a4:18:55:bd:36:28:
94:ac:25:8e:88:a8:5e:a2:14:24:40:09:c7:e4:75:1c:f9:cc:
a2:5c:9d:e3:ae:b7:6e:0a:f1:0e:2a:a6:43:09:91:d9:bb:46:
df:a9:27:c7:d5:fd:4b:2d:65:1b:43:f5:8b:81:a4:60:d8:88:
c4:79:2f:f2:a5:bd:b2:7f:c6:9d:ca:2d:6e:0e:e0:06:f9:58:
c6:1f:da:0f:ed:da:14:5a:5c:4a:b2:b1:8f:d0:fc:5b:27:ee:
dc:7c:20:84:e5:66:b9:66:4b:78:a0:a8:58:83:f7:cb:65:38:
1c:ba:2e:11:ec:cc:64:4b:0d:03:b1:72:3a:dc:bd:66:1d:7a:
d5:cf:a2:b5
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgICNLkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTgxOUExMTAvBgNVBAUTKDM1ODM5OUM3MzZFRjA1NUQ1RDU5MkNBQjE5MDE2RkUz
ODE2RjY2MDgwHhcNMjUwNzAyMTUyMDU1WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODY1NGU1Ny1lZTMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArMRhvdHv1eQpKGfSG3gAbysxC4gKuEpn/UHuyNdm9/Th3AjlR0fioU/kJGQY
UD36/R+d8XqcEGmxH7M6DP2BYBCeYQDYRbBhoYNu4+YcB9Ihpdp9Kx8C6xbAxlhi
JZffR+3nN1Moi1yUhXDYSqADjLHOah64OED4XDpIITijm6SRnOf+wDWh5HTd+QDn
4tiVEiZcMkeX/K6Kx5d2BdMyPfn9wuglo6+3Kz0ujKXtQBYHLSBAh3m0aQQZPs0B
Dvdkvmz4mLOZA86WjD1ODkHa6e4aTnMpKVMl2nm5mqiqqAJFLpDr8pD6NxLnfBzu
t9garfAOi25dWXlVslhYwnKdxwIDAQABo4IC4TCCAt0wHQYDVR0OBBYEFHdJuYIV
URVkULQiMJnplGsW6/brMB8GA1UdIwQYMBaAFDWDmcc27wVdXVksqxkBb+OBb2YI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5ODE5QS82M0VBMjA5MjFE
OUUxMUUyQURCNzNGOEUwOEIwMkNEMi9OWU9aeHpidkJWMWRXU3lyR1FGdjQ0RnZa
Z2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05ZT1p4emJ2QlYxZFdTeXJHUUZ2NDRGdlpnZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTgxOUEvNjNFQTIwOTIxRDlFMTFFMkFEQjczRjhFMDhCMDJDRDIvNzM0NjJCNzQ2
NDNDMTFFQjlFN0RGOTE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwawYIKwYBBQUHAQcBAf8E
XDBaMDAEAgABMCoDBAJnFwADBANuregDBAJvdtgDBAV3ESADBAR7/nADBAKjLzQD
BASvZxAwJgQCAAIwIDAOAwQBJAT6AwYEJAT6ACADBgQkBPoAUAMGBCQE+gDQMA0G
CSqGSIb3DQEBCwUAA4IBAQBNXQftU/Jv1LH8ZnQQXMFzMvenO2DTq3A383dSnwEl
BNFqt6+yZHgetfP/Rg6VD8IkNZCZLE/oPtl1eclvH4FioCH8Ip1OxCccBjcazhv0
tPVLm1XWtD9FeH19+GcCLx77Wy7Vzd6LHFACfyhmhvtR0pea9qmBH86kGFW9NiiU
rCWOiKheohQkQAnH5HUc+cyiXJ3jrrduCvEOKqZDCZHZu0bfqSfH1f1LLWUbQ/WL
gaRg2IjEeS/ypb2yf8adyi1uDuAG+VjGH9oP7doUWlxKsrGP0PxbJ+7cfCCE5Wa5
Zkt4oKhYg/fLZTgcui4R7MxkSw0DsXI63L1mHXrVz6K1
-----END CERTIFICATE-----
Generated at Fri Jul 4 00:39:06 2025 by rpki-client