Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/5AE16D9A386F11EFABF4E132C4F9AE02.roa
File: 5AE16D9A386F11EFABF4E132C4F9AE02.roa (raw, json)
Hash identifier: 9Ncc5eO7lsxHhsxCWRYMxRGSAkh2VnH6ZKESuNAQzvA=
Subject key identifier: 70:B1:61:E6:47:73:85:1A:A5:7C:66:46:7A:E9:FD:28:E4:95:EA:FE
Certificate issuer: /CN=A919DAF2/serialNumber=139CC1DB6B9D24B93B14928A7518D04EB3B26A3A
Certificate serial: 21FD
Authority key identifier: 13:9C:C1:DB:6B:9D:24:B9:3B:14:92:8A:75:18:D0:4E:B3:B2:6A:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E5zB22udJLk7FJKKdRjQTrOyajo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/5AE16D9A386F11EFABF4E132C4F9AE02.roa
Signing time: Tue 06 May 2025 16:23:37 +0000
ROA not before: Tue 06 May 2025 16:23:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 18196
IP address blocks: 45.117.128.0/22 maxlen: 22
45.117.128.0/24 maxlen: 24
45.117.129.0/24 maxlen: 24
45.117.130.0/24 maxlen: 24
45.117.131.0/24 maxlen: 24
103.255.112.0/24 maxlen: 24
103.255.113.0/24 maxlen: 24
103.255.114.0/24 maxlen: 24
202.134.154.0/24 maxlen: 24
202.134.155.0/24 maxlen: 24
202.134.156.0/24 maxlen: 24
202.134.160.0/24 maxlen: 24
202.134.161.0/24 maxlen: 24
202.134.162.0/24 maxlen: 24
202.134.163.0/24 maxlen: 24
202.134.164.0/24 maxlen: 24
202.134.165.0/24 maxlen: 24
202.134.166.0/24 maxlen: 24
202.134.167.0/24 maxlen: 24
202.134.169.0/24 maxlen: 24
202.134.170.0/24 maxlen: 24
202.134.171.0/24 maxlen: 24
202.134.172.0/24 maxlen: 24
202.134.173.0/24 maxlen: 24
202.134.174.0/24 maxlen: 24
202.134.175.0/24 maxlen: 24
202.134.184.0/24 maxlen: 24
202.134.185.0/24 maxlen: 24
202.134.186.0/24 maxlen: 24
202.134.187.0/24 maxlen: 24
202.134.189.0/24 maxlen: 24
202.134.190.0/24 maxlen: 24
202.134.191.0/24 maxlen: 24
2402:f200::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/E5zB22udJLk7FJKKdRjQTrOyajo.crl
rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/E5zB22udJLk7FJKKdRjQTrOyajo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E5zB22udJLk7FJKKdRjQTrOyajo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 17 May 2025 15:50:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8701 (0x21fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919DAF2, serialNumber=139CC1DB6B9D24B93B14928A7518D04EB3B26A3A
Validity
Not Before: May 6 16:23:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=681a3789-124d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:5c:ac:d8:6b:ab:ec:74:8d:1e:88:d5:11:3c:
7a:d0:b9:a7:d1:d2:a5:22:58:74:e8:99:fb:c6:68:
5e:3c:09:59:f8:6b:1c:0f:92:d8:50:fd:10:70:2f:
5b:1d:75:e3:bb:58:77:48:b1:16:2a:a4:43:fc:66:
41:09:83:ee:af:07:b7:3a:05:00:7e:be:67:ff:c8:
95:ca:ad:14:81:9f:d8:7f:41:03:dd:f3:ea:02:ba:
26:23:20:80:8c:02:b2:d9:31:63:8b:4d:db:46:8d:
ed:d7:05:06:b6:a3:f6:cd:5b:b6:bb:f0:ce:a9:db:
cf:14:25:02:d9:7c:14:15:67:2c:83:9a:f6:1c:1e:
2a:77:a2:d6:46:84:b2:24:e5:b6:c9:a6:be:c4:72:
7f:2d:3b:60:cf:92:d8:8d:1a:8c:34:c8:00:f3:45:
3f:3c:66:e7:7a:96:66:07:08:18:c3:a0:bc:ef:b9:
ab:00:26:e0:50:4c:3c:c8:a2:05:08:11:03:cb:1c:
23:38:fd:d9:c6:f4:9d:0c:48:0b:35:18:59:1e:ca:
ff:63:7f:cb:b8:52:10:ec:89:f8:6e:6f:a8:bb:52:
6f:de:f9:3b:28:89:17:23:c0:7a:05:4d:85:2e:40:
14:71:31:90:04:3b:4a:5b:cd:6b:3c:83:55:f2:98:
13:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:B1:61:E6:47:73:85:1A:A5:7C:66:46:7A:E9:FD:28:E4:95:EA:FE
X509v3 Authority Key Identifier:
keyid:13:9C:C1:DB:6B:9D:24:B9:3B:14:92:8A:75:18:D0:4E:B3:B2:6A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/E5zB22udJLk7FJKKdRjQTrOyajo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E5zB22udJLk7FJKKdRjQTrOyajo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919DAF2/26EC6DDAD3DA11E58C5CD40FC4F9AE02/5AE16D9A386F11EFABF4E132C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.117.128.0/22
103.255.112.0-103.255.114.255
202.134.154.0-202.134.156.255
202.134.160.0/21
202.134.169.0-202.134.175.255
202.134.184.0/22
202.134.189.0-202.134.191.255
IPv6:
2402:f200::/32
Signature Algorithm: sha256WithRSAEncryption
1e:dd:b3:65:04:cd:db:d3:be:a4:63:1e:e1:41:d6:f9:17:ed:
6d:b3:0d:a0:70:bb:02:86:db:d0:51:3a:92:21:bf:ef:dc:a7:
df:cf:a9:eb:3b:8f:03:7c:3c:a4:d9:1c:7a:5e:61:af:25:fa:
2d:60:a1:c4:3e:1f:cc:d2:de:87:59:87:23:e3:05:bb:63:25:
c9:c4:e6:64:ee:68:56:0f:96:7d:a6:55:0a:17:95:9d:05:66:
f1:fa:6e:9d:c7:ad:f2:64:22:63:1a:07:6b:82:00:23:6c:37:
80:63:a5:93:21:7c:2c:b2:f1:c6:25:ae:3b:23:5f:ff:39:15:
31:06:1c:29:88:61:a1:5c:a9:18:09:ab:d4:73:73:c9:7d:c5:
a5:bf:71:20:ae:f2:3d:b7:27:b1:6d:2a:d2:e6:b5:8c:64:36:
5c:2a:26:6d:5d:ad:4a:64:10:59:c3:f9:a9:9c:f7:69:4b:f8:
c6:d8:c7:d1:bb:56:7e:90:9f:3e:b7:8f:f6:05:84:83:c6:24:
75:83:98:c3:3a:95:16:b9:7a:db:ad:c0:1b:80:73:ac:00:f7:
fc:af:48:9c:07:bd:0f:93:87:e2:7c:ca:bf:6e:32:69:f6:20:
81:78:8d:55:28:e0:3c:21:f2:8c:07:80:f7:bd:75:54:53:b0:
9a:18:27:a2
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgICIf0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OURBRjIxMTAvBgNVBAUTKDEzOUNDMURCNkI5RDI0QjkzQjE0OTI4QTc1MThEMDRF
QjNCMjZBM0EwHhcNMjUwNTA2MTYyMzM3WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODFhMzc4OS0xMjRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3Fys2Gur7HSNHojVETx60Lmn0dKlIlh06Jn7xmhePAlZ+GscD5LYUP0QcC9b
HXXju1h3SLEWKqRD/GZBCYPurwe3OgUAfr5n/8iVyq0UgZ/Yf0ED3fPqAromIyCA
jAKy2TFji03bRo3t1wUGtqP2zVu2u/DOqdvPFCUC2XwUFWcsg5r2HB4qd6LWRoSy
JOW2yaa+xHJ/LTtgz5LYjRqMNMgA80U/PGbnepZmBwgYw6C877mrACbgUEw8yKIF
CBEDyxwjOP3ZxvSdDEgLNRhZHsr/Y3/LuFIQ7In4bm+ou1Jv3vk7KIkXI8B6BU2F
LkAUcTGQBDtKW81rPINV8pgTZQIDAQABo4IC6DCCAuQwHQYDVR0OBBYEFHCxYeZH
c4UapXxmRnrp/Sjkler+MB8GA1UdIwQYMBaAFBOcwdtrnSS5OxSSinUY0E6zsmo6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5REFGMi8yNkVDNkREQUQz
REExMUU1OEM1Q0Q0MEZDNEY5QUUwMi9FNXpCMjJ1ZEpMazdGSktLZFJqUVRyT3lh
am8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0U1ekIyMnVkSkxrN0ZKS0tkUmpRVHJPeWFqby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OURBRjIvMjZFQzZEREFEM0RBMTFFNThDNUNENDBGQzRGOUFFMDIvNUFFMTZEOUEz
ODZGMTFFRkFCRjRFMTMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcgYIKwYBBQUHAQcBAf8E
YzBhMFAEAgABMEoDBAItdYAwDAMEBGf/cAMEAGf/cjAMAwQByoaaAwQAyoacAwQD
yoagMAwDBADKhqkDBATKhqADBALKhrgwDAMEAMqGvQMEBsqGgDANBAIAAjAHAwUA
JALyADANBgkqhkiG9w0BAQsFAAOCAQEAHt2zZQTN29O+pGMe4UHW+RftbbMNoHC7
Aobb0FE6kiG/79yn38+p6zuPA3w8pNkcel5hryX6LWChxD4fzNLeh1mHI+MFu2Ml
ycTmZO5oVg+WfaZVCheVnQVm8fpuncet8mQiYxoHa4IAI2w3gGOlkyF8LLLxxiWu
OyNf/zkVMQYcKYhhoVypGAmr1HNzyX3Fpb9xIK7yPbcnsW0q0ua1jGQ2XCombV2t
SmQQWcP5qZz3aUv4xtjH0btWfpCfPreP9gWEg8YkdYOYwzqVFrl6263AG4BzrAD3
/K9InAe9D5OH4nzKv24yafYggXiNVSjgPCHyjAeA9711VFOwmhgnog==
-----END CERTIFICATE-----
Generated at Mon May 12 07:26:58 2025 by rpki-client