Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B527E/E8A88CBAAB7211E4B8BBB81CC4F9AE02/C22BA9D094E411EA9076F758C4F9AE02.roa
File: C22BA9D094E411EA9076F758C4F9AE02.roa (raw, json)
Hash identifier: 0PS4/rj5Rh5J9qWit0urM3xL4w3DPtmcsnvl2FziSAo=
Subject key identifier: 01:8D:11:EA:33:84:00:26:A3:A9:14:58:C4:15:25:1B:8C:1A:4C:38
Certificate issuer: /CN=A91B527E/serialNumber=57B687274B3319ED9071B966158F9B8AB64AE6F7
Certificate serial: 2783
Authority key identifier: 57:B6:87:27:4B:33:19:ED:90:71:B9:66:15:8F:9B:8A:B6:4A:E6:F7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/V7aHJ0szGe2QcblmFY-birZK5vc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B527E/E8A88CBAAB7211E4B8BBB81CC4F9AE02/C22BA9D094E411EA9076F758C4F9AE02.roa
Signing time: Sat 26 Apr 2025 15:52:39 +0000
ROA not before: Sat 26 Apr 2025 15:52:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 38553
IP address blocks: 103.123.40.0/24 maxlen: 24
103.123.41.0/24 maxlen: 24
103.123.42.0/24 maxlen: 24
103.123.43.0/24 maxlen: 24
120.72.16.0/24 maxlen: 24
120.72.17.0/24 maxlen: 24
120.72.18.0/24 maxlen: 24
120.72.19.0/24 maxlen: 24
120.72.20.0/24 maxlen: 24
120.72.21.0/24 maxlen: 24
120.72.22.0/24 maxlen: 24
120.72.23.0/24 maxlen: 24
120.72.24.0/24 maxlen: 24
120.72.25.0/24 maxlen: 24
120.72.26.0/24 maxlen: 24
120.72.27.0/24 maxlen: 24
120.72.28.0/24 maxlen: 24
120.72.29.0/24 maxlen: 24
120.72.30.0/24 maxlen: 24
120.72.31.0/24 maxlen: 24
202.137.112.0/24 maxlen: 24
202.137.113.0/24 maxlen: 24
202.137.114.0/24 maxlen: 24
202.137.115.0/24 maxlen: 24
202.137.116.0/24 maxlen: 24
202.137.117.0/24 maxlen: 24
202.137.118.0/24 maxlen: 24
202.137.119.0/24 maxlen: 24
202.137.120.0/24 maxlen: 24
202.137.121.0/24 maxlen: 24
202.137.122.0/24 maxlen: 24
202.137.123.0/24 maxlen: 24
202.137.124.0/24 maxlen: 24
202.137.125.0/24 maxlen: 24
202.137.126.0/24 maxlen: 24
202.137.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B527E/E8A88CBAAB7211E4B8BBB81CC4F9AE02/V7aHJ0szGe2QcblmFY-birZK5vc.crl
rsync://rpki.apnic.net/member_repository/A91B527E/E8A88CBAAB7211E4B8BBB81CC4F9AE02/V7aHJ0szGe2QcblmFY-birZK5vc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/V7aHJ0szGe2QcblmFY-birZK5vc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 17 May 2025 15:34:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10115 (0x2783)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B527E, serialNumber=57B687274B3319ED9071B966158F9B8AB64AE6F7
Validity
Not Before: Apr 26 15:52:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=680d0147-4427
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:80:e9:05:de:cb:92:9e:2d:08:cf:19:af:db:
47:cc:1b:ba:d3:a7:85:c3:06:9c:ad:2f:aa:50:d9:
34:61:9e:fe:ec:7b:77:07:5e:ae:d3:86:3d:ea:ec:
86:b4:34:1b:c9:ac:71:38:1f:df:48:8e:d8:20:ce:
d7:72:1b:67:c2:77:9d:7b:6e:16:8c:d2:d8:db:64:
8a:ca:84:1e:07:04:07:a4:4d:56:ec:1e:06:ba:f7:
f6:c8:c5:a9:21:86:dc:32:ef:c9:9a:c8:6a:46:eb:
79:e4:8c:d1:6c:0b:81:1c:33:b5:8d:7f:a8:56:d6:
8b:db:b1:9f:69:33:fc:d2:b9:9f:91:d4:42:be:b5:
34:70:d0:6e:cc:bb:2f:14:66:40:0d:da:76:28:59:
46:4b:84:32:19:2c:77:7d:9a:93:91:43:d2:71:3a:
59:4d:a8:2a:d3:d7:e4:42:12:8f:96:89:22:b5:61:
80:ad:e4:cc:c6:1d:97:57:e1:c6:65:ff:c5:0b:21:
21:16:77:61:b1:a6:2b:f7:e7:26:18:05:da:e7:cf:
41:9c:35:09:54:64:b9:74:b9:60:f8:db:8f:44:38:
89:a7:11:07:5c:d7:9e:23:0e:e8:62:75:ad:42:04:
c3:e3:91:47:e2:f7:06:6b:27:4b:24:cb:d3:ef:9a:
21:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:8D:11:EA:33:84:00:26:A3:A9:14:58:C4:15:25:1B:8C:1A:4C:38
X509v3 Authority Key Identifier:
keyid:57:B6:87:27:4B:33:19:ED:90:71:B9:66:15:8F:9B:8A:B6:4A:E6:F7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B527E/E8A88CBAAB7211E4B8BBB81CC4F9AE02/V7aHJ0szGe2QcblmFY-birZK5vc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/V7aHJ0szGe2QcblmFY-birZK5vc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B527E/E8A88CBAAB7211E4B8BBB81CC4F9AE02/C22BA9D094E411EA9076F758C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.123.40.0/22
120.72.16.0/20
202.137.112.0/20
Signature Algorithm: sha256WithRSAEncryption
0f:8c:8b:b9:aa:4f:b3:4f:24:75:24:a7:64:19:14:81:87:c4:
ca:98:dd:3d:e0:66:25:4b:e2:95:7e:49:6a:3a:7a:50:66:00:
e7:fd:85:2b:4a:cf:6f:99:b7:b6:06:56:bc:97:69:25:96:e5:
d6:07:bf:f6:22:ce:63:8c:16:77:45:dc:d0:44:67:0b:00:26:
10:6e:67:eb:a0:12:df:ef:62:5b:d6:6b:54:f1:54:74:10:da:
62:fa:4b:e9:02:27:33:c3:7c:ea:a7:7b:12:27:d4:a0:1f:d5:
2a:1e:72:71:6b:c7:a8:e5:1d:a5:b9:db:df:6f:0b:17:1c:60:
e5:7f:6d:e4:1b:b7:61:12:9c:46:f0:fa:de:76:cd:c1:83:cb:
f7:93:31:24:e6:6a:90:c7:6e:fa:26:c0:a9:af:aa:a5:ef:8a:
40:12:71:ff:49:14:52:a0:95:81:4f:47:60:e8:54:b2:62:20:
01:12:f3:31:b3:5d:05:a5:4e:92:aa:6e:8d:15:0f:e5:4b:a2:
0a:e9:90:8e:65:44:d4:02:1c:97:6d:5a:ba:77:01:9b:6d:3b:
60:8c:e6:71:a1:27:c0:7c:19:ac:63:47:e5:30:13:89:85:ae:
39:97:bb:c9:dd:77:db:83:fb:fa:42:e6:fd:26:98:c2:ec:85:
ae:1e:b9:4b
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICJ4MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjUyN0UxMTAvBgNVBAUTKDU3QjY4NzI3NEIzMzE5RUQ5MDcxQjk2NjE1OEY5QjhB
QjY0QUU2RjcwHhcNMjUwNDI2MTU1MjM5WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODBkMDE0Ny00NDI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwIDpBd7Lkp4tCM8Zr9tHzBu606eFwwacrS+qUNk0YZ7+7Ht3B16u04Y96uyG
tDQbyaxxOB/fSI7YIM7Xchtnwnede24WjNLY22SKyoQeBwQHpE1W7B4Guvf2yMWp
IYbcMu/JmshqRut55IzRbAuBHDO1jX+oVtaL27GfaTP80rmfkdRCvrU0cNBuzLsv
FGZADdp2KFlGS4QyGSx3fZqTkUPScTpZTagq09fkQhKPlokitWGAreTMxh2XV+HG
Zf/FCyEhFndhsaYr9+cmGAXa589BnDUJVGS5dLlg+NuPRDiJpxEHXNeeIw7oYnWt
QgTD45FH4vcGaydLJMvT75ohcwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFAGNEeoz
hAAmo6kUWMQVJRuMGkw4MB8GA1UdIwQYMBaAFFe2hydLMxntkHG5ZhWPm4q2Sub3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNTI3RS9FOEE4OENCQUFC
NzIxMUU0QjhCQkI4MUNDNEY5QUUwMi9WN2FISjBzekdlMlFjYmxtRlktYmlyWks1
dmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1Y3YUhKMHN6R2UyUWNibG1GWS1iaXJaSzV2Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjUyN0UvRThBODhDQkFBQjcyMTFFNEI4QkJCODFDQzRGOUFFMDIvQzIyQkE5RDA5
NEU0MTFFQTkwNzZGNzU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAJneygDBAR4SBADBATKiXAwDQYJKoZIhvcNAQELBQADggEB
AA+Mi7mqT7NPJHUkp2QZFIGHxMqY3T3gZiVL4pV+SWo6elBmAOf9hStKz2+Zt7YG
VryXaSWW5dYHv/YizmOMFndF3NBEZwsAJhBuZ+ugEt/vYlvWa1TxVHQQ2mL6S+kC
JzPDfOqnexIn1KAf1SoecnFrx6jlHaW5299vCxccYOV/beQbt2ESnEbw+t52zcGD
y/eTMSTmapDHbvomwKmvqqXvikAScf9JFFKglYFPR2DoVLJiIAES8zGzXQWlTpKq
bo0VD+VLogrpkI5lRNQCHJdtWrp3AZttO2CM5nGhJ8B8GaxjR+UwE4mFrjmXu8nd
d9uD+/pC5v0mmMLsha4euUs=
-----END CERTIFICATE-----
Generated at Mon May 12 12:26:30 2025 by rpki-client