Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/956DEFE80CDB11EAB14B9162C4F9AE02.roa
File: 956DEFE80CDB11EAB14B9162C4F9AE02.roa (raw, json)
Hash identifier: 9iPRz/py3WiOljnKI7Jr3v4dx6W46Rk8EsivjaERwto=
Subject key identifier: D0:EF:F0:F1:48:6C:2A:49:56:8E:C6:C8:6C:F5:45:A5:03:E5:03:2B
Certificate issuer: /CN=A919EAAD/serialNumber=25099046EB59D645D419A428FC701A57353FBF2C
Certificate serial: 0C71
Authority key identifier: 25:09:90:46:EB:59:D6:45:D4:19:A4:28:FC:70:1A:57:35:3F:BF:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JQmQRutZ1kXUGaQo_HAaVzU_vyw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/956DEFE80CDB11EAB14B9162C4F9AE02.roa
Signing time: Fri 15 Aug 2025 03:34:21 +0000
ROA not before: Fri 15 Aug 2025 03:34:21 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 133385
IP address blocks: 45.120.84.0/22 maxlen: 22
45.120.84.0/24 maxlen: 24
45.120.85.0/24 maxlen: 24
45.120.86.0/24 maxlen: 24
45.120.87.0/24 maxlen: 24
103.255.172.0/22 maxlen: 22
103.255.172.0/24 maxlen: 24
103.255.172.64/26 maxlen: 26
103.255.172.128/25 maxlen: 25
103.255.173.0/24 maxlen: 24
103.255.174.0/24 maxlen: 24
103.255.175.0/24 maxlen: 24
2400:8480:1000::/48 maxlen: 48
2400:8480:1100::/48 maxlen: 48
2400:8480:2010::/44 maxlen: 44
2400:8480:2020::/44 maxlen: 44
2400:8480:2030::/44 maxlen: 44
2400:8480:2040::/44 maxlen: 44
2400:8480:2110::/44 maxlen: 44
2400:8480:2120::/44 maxlen: 44
2400:8480:2130::/44 maxlen: 44
2400:8480:2140::/44 maxlen: 44
2400:8480:3010::/44 maxlen: 44
2400:8480:3020::/44 maxlen: 44
2400:8480:3030::/44 maxlen: 44
2400:8480:3040::/44 maxlen: 44
2400:8480:3110::/44 maxlen: 44
2400:8480:3120::/44 maxlen: 44
2400:8480:3130::/44 maxlen: 44
2400:8480:3140::/44 maxlen: 44
2400:8480:4000::/36 maxlen: 36
2400:8480:5000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/JQmQRutZ1kXUGaQo_HAaVzU_vyw.crl
rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/JQmQRutZ1kXUGaQo_HAaVzU_vyw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JQmQRutZ1kXUGaQo_HAaVzU_vyw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 18:37:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3185 (0xc71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919EAAD, serialNumber=25099046EB59D645D419A428FC701A57353FBF2C
Validity
Not Before: Aug 15 03:34:21 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=689eaabd-4857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:83:6b:eb:8f:24:1a:65:b4:b4:76:28:fb:8f:
aa:28:ad:bf:26:e9:d2:83:6c:17:b0:81:04:e5:47:
5f:c7:45:24:ee:3c:a1:f5:ba:3a:2b:25:e4:25:2b:
4a:aa:3e:73:f6:11:0d:a6:33:a9:00:e8:bd:75:e9:
25:50:97:ce:d3:f2:68:5d:0c:46:dd:0f:d8:89:1f:
f5:d2:c3:32:18:23:cf:d0:6e:2d:8f:01:f4:31:cc:
0f:88:1d:b6:de:18:92:f8:20:28:78:e6:f5:a2:2d:
f2:92:3b:e6:fb:4b:55:de:22:ac:b1:75:d4:6c:5c:
f9:3d:e4:c1:65:4d:9f:8c:e3:4b:28:4c:59:4c:42:
c1:69:86:27:a7:5a:76:bb:de:0c:a8:e1:8b:be:b0:
48:91:0f:2a:a1:37:f5:f7:96:cb:d7:40:d1:a2:da:
a7:84:9e:30:af:ff:25:fc:c2:a1:e9:75:82:5c:14:
a8:7c:83:9b:7c:a8:12:f9:ee:c7:ab:11:88:4e:99:
7f:b8:b3:32:f6:78:8b:4c:4e:35:cf:e1:a8:f8:18:
55:0a:56:70:b9:59:be:dd:66:82:bf:92:fb:83:f9:
ff:ff:49:d5:6f:33:8a:3b:30:b5:e4:c6:e2:67:ff:
4d:a3:dd:67:db:bd:9d:13:8d:92:ec:58:c3:8b:7c:
c6:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:EF:F0:F1:48:6C:2A:49:56:8E:C6:C8:6C:F5:45:A5:03:E5:03:2B
X509v3 Authority Key Identifier:
keyid:25:09:90:46:EB:59:D6:45:D4:19:A4:28:FC:70:1A:57:35:3F:BF:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/JQmQRutZ1kXUGaQo_HAaVzU_vyw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JQmQRutZ1kXUGaQo_HAaVzU_vyw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/956DEFE80CDB11EAB14B9162C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.120.84.0/22
103.255.172.0/22
IPv6:
2400:8480:1000::/48
2400:8480:1100::/48
2400:8480:2010::-2400:8480:204f:ffff:ffff:ffff:ffff:ffff
2400:8480:2110::-2400:8480:214f:ffff:ffff:ffff:ffff:ffff
2400:8480:3010::-2400:8480:304f:ffff:ffff:ffff:ffff:ffff
2400:8480:3110::-2400:8480:314f:ffff:ffff:ffff:ffff:ffff
2400:8480:4000::/35
Signature Algorithm: sha256WithRSAEncryption
b9:6e:84:54:50:15:c4:7d:23:7f:e5:d0:b8:a7:02:3d:94:0a:
93:07:16:18:5e:d7:b3:05:66:a2:cf:e0:88:09:30:d1:6d:d3:
46:0e:5d:88:e2:e2:f7:14:f6:46:e4:7d:4e:e3:a0:85:1f:b1:
e3:9d:3e:5e:97:d2:0e:60:92:53:55:2b:f4:60:ed:ec:4b:2c:
98:eb:2e:81:9c:c0:a9:4a:42:c7:af:a1:58:10:c1:65:cd:58:
65:21:d8:c5:35:84:cb:8f:31:9a:e4:8b:21:b0:0f:d5:a4:c4:
50:89:6a:e7:01:30:21:72:34:7b:da:61:60:f3:47:cb:55:56:
53:0a:4d:70:37:f8:a4:26:af:8f:0e:23:a4:2b:f3:e7:18:0d:
7d:a5:a1:91:1a:48:46:2c:d8:79:11:90:e6:41:3d:bd:c0:18:
5c:5e:ef:0b:95:95:ae:2e:f7:d0:89:ff:65:ff:f0:37:bf:e3:
fc:c0:5e:eb:48:e7:fd:53:40:b0:02:81:c3:4e:81:7e:65:8e:
12:8f:df:28:c9:ad:98:59:a2:d1:58:59:57:ce:9a:56:17:7e:
fc:40:49:dc:fe:7c:2b:63:cb:26:4d:eb:67:26:9d:f8:f4:7d:
d4:92:98:82:d8:f7:c7:b8:b2:bb:65:b6:72:06:73:bc:83:26:
86:e6:19:6b
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgICDHEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUVBQUQxMTAvBgNVBAUTKDI1MDk5MDQ2RUI1OUQ2NDVENDE5QTQyOEZDNzAxQTU3
MzUzRkJGMkMwHhcNMjUwODE1MDMzNDIxWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODllYWFiZC00ODU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5oNr648kGmW0tHYo+4+qKK2/JunSg2wXsIEE5Udfx0Uk7jyh9bo6KyXkJStK
qj5z9hENpjOpAOi9deklUJfO0/JoXQxG3Q/YiR/10sMyGCPP0G4tjwH0McwPiB22
3hiS+CAoeOb1oi3ykjvm+0tV3iKssXXUbFz5PeTBZU2fjONLKExZTELBaYYnp1p2
u94MqOGLvrBIkQ8qoTf195bL10DRotqnhJ4wr/8l/MKh6XWCXBSofIObfKgS+e7H
qxGITpl/uLMy9niLTE41z+Go+BhVClZwuVm+3WaCv5L7g/n//0nVbzOKOzC15Mbi
Z/9No91n272dE42S7FjDi3zGFQIDAQABo4IDEDCCAwwwHQYDVR0OBBYEFNDv8PFI
bCpJVo7GyGz1RaUD5QMrMB8GA1UdIwQYMBaAFCUJkEbrWdZF1BmkKPxwGlc1P78s
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RUFBRC83N0Q5NTBGMjA5
RDUxMUVBQjc2QzczMTdDNEY5QUUwMi9KUW1RUnV0WjFrWFVHYVFvX0hBYVZ6VV92
eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pRbVFSdXRaMWtYVUdhUW9fSEFhVnpVX3Z5dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUVBQUQvNzdEOTUwRjIwOUQ1MTFFQUI3NkM3MzE3QzRGOUFFMDIvOTU2REVGRTgw
Q0RCMTFFQUIxNEI5MTYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZkGCCsGAQUFBwEHAQH/
BIGJMIGGMBIEAgABMAwDBAIteFQDBAJn/6wwcAQCAAIwagMHACQAhIAQAAMHACQA
hIARADASAwcEJACEgCAQAwcEJACEgCBAMBIDBwQkAISAIRADBwQkAISAIUAwEgMH
BCQAhIAwEAMHBCQAhIAwQDASAwcEJACEgDEQAwcEJACEgDFAAwYFJACEgEAwDQYJ
KoZIhvcNAQELBQADggEBALluhFRQFcR9I3/l0LinAj2UCpMHFhhe17MFZqLP4IgJ
MNFt00YOXYji4vcU9kbkfU7joIUfseOdPl6X0g5gklNVK/Rg7exLLJjrLoGcwKlK
QsevoVgQwWXNWGUh2MU1hMuPMZrkiyGwD9WkxFCJaucBMCFyNHvaYWDzR8tVVlMK
TXA3+KQmr48OI6Qr8+cYDX2loZEaSEYs2HkRkOZBPb3AGFxe7wuVla4u99CJ/2X/
8De/4/zAXutI5/1TQLACgcNOgX5ljhKP3yjJrZhZotFYWVfOmlYXfvxASdz+fCtj
yyZN62cmnfj0fdSSmILY98e4srtltnIGc7yDJobmGWs=
-----END CERTIFICATE-----
Generated at Sun Aug 24 08:51:47 2025 by rpki-client