Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E1BAB/0B97601AF66411EA91CD2A53C4F9AE02/37A46070F6F211EA922F482BC4F9AE02.roa
File: 37A46070F6F211EA922F482BC4F9AE02.roa (raw, json)
Hash identifier: 945IwSRQpquR63B4O0BtV6nqh3ke3gGQ6coFK1lAOcs=
Subject key identifier: 00:97:21:E3:90:5E:49:B5:C6:C3:21:98:D4:C2:58:AE:F3:07:C0:52
Certificate issuer: /CN=A91E1BAB/serialNumber=48B9945987F676B46CED3DE12849A8A38F4068B5
Certificate serial: 07FC
Authority key identifier: 48:B9:94:59:87:F6:76:B4:6C:ED:3D:E1:28:49:A8:A3:8F:40:68:B5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SLmUWYf2drRs7T3hKEmoo49AaLU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E1BAB/0B97601AF66411EA91CD2A53C4F9AE02/37A46070F6F211EA922F482BC4F9AE02.roa
Signing time: Tue 24 Jun 2025 21:18:34 +0000
ROA not before: Tue 24 Jun 2025 21:18:34 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 17978
IP address blocks: 61.28.192.0/24 maxlen: 24
61.28.193.0/24 maxlen: 24
61.28.194.0/24 maxlen: 24
61.28.195.0/24 maxlen: 24
61.28.196.0/24 maxlen: 24
61.28.197.0/24 maxlen: 24
61.28.198.0/24 maxlen: 24
61.28.199.0/24 maxlen: 24
61.28.200.0/24 maxlen: 24
61.28.201.0/24 maxlen: 24
61.28.202.0/24 maxlen: 24
61.28.203.0/24 maxlen: 24
61.28.204.0/24 maxlen: 24
61.28.205.0/24 maxlen: 24
61.28.206.0/24 maxlen: 24
61.28.207.0/24 maxlen: 24
61.28.208.0/24 maxlen: 24
61.28.209.0/24 maxlen: 24
61.28.210.0/24 maxlen: 24
61.28.211.0/24 maxlen: 24
61.28.212.0/24 maxlen: 24
61.28.213.0/24 maxlen: 24
61.28.214.0/24 maxlen: 24
61.28.215.0/24 maxlen: 24
61.28.216.0/24 maxlen: 24
61.28.217.0/24 maxlen: 24
61.28.218.0/24 maxlen: 24
61.28.219.0/24 maxlen: 24
61.28.220.0/24 maxlen: 24
61.28.221.0/24 maxlen: 24
61.28.222.0/24 maxlen: 24
61.28.223.0/24 maxlen: 24
103.1.60.0/22 maxlen: 24
115.85.129.0/24 maxlen: 24
115.85.130.0/24 maxlen: 24
115.85.132.0/24 maxlen: 24
115.85.133.0/24 maxlen: 24
115.85.134.0/24 maxlen: 24
115.85.135.0/24 maxlen: 24
203.215.128.0/24 maxlen: 24
203.215.129.0/24 maxlen: 24
203.215.130.0/24 maxlen: 24
203.215.131.0/24 maxlen: 24
203.215.132.0/24 maxlen: 24
203.215.133.0/24 maxlen: 24
203.215.134.0/24 maxlen: 24
203.215.135.0/24 maxlen: 24
203.215.136.0/24 maxlen: 24
203.215.137.0/24 maxlen: 24
203.215.138.0/24 maxlen: 24
203.215.139.0/24 maxlen: 24
203.215.140.0/24 maxlen: 24
203.215.141.0/24 maxlen: 24
203.215.142.0/24 maxlen: 24
203.215.143.0/24 maxlen: 24
203.215.144.0/24 maxlen: 24
203.215.145.0/24 maxlen: 24
203.215.146.0/24 maxlen: 24
203.215.147.0/24 maxlen: 24
203.215.148.0/24 maxlen: 24
203.215.149.0/24 maxlen: 24
203.215.150.0/24 maxlen: 24
203.215.151.0/24 maxlen: 24
203.215.152.0/24 maxlen: 24
203.215.154.0/24 maxlen: 24
203.215.155.0/24 maxlen: 24
203.215.156.0/24 maxlen: 24
203.215.157.0/24 maxlen: 24
203.215.158.0/24 maxlen: 24
203.215.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E1BAB/0B97601AF66411EA91CD2A53C4F9AE02/SLmUWYf2drRs7T3hKEmoo49AaLU.crl
rsync://rpki.apnic.net/member_repository/A91E1BAB/0B97601AF66411EA91CD2A53C4F9AE02/SLmUWYf2drRs7T3hKEmoo49AaLU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SLmUWYf2drRs7T3hKEmoo49AaLU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 09 Jul 2025 21:20:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2044 (0x7fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E1BAB, serialNumber=48B9945987F676B46CED3DE12849A8A38F4068B5
Validity
Not Before: Jun 24 21:18:34 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=685b1629-2895
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c3:78:e9:cf:20:27:51:2a:eb:46:4a:95:98:
ad:39:a8:a3:fe:95:6e:95:72:03:9f:fb:9a:b4:7b:
72:ca:68:2a:81:05:f5:75:b8:4d:24:c3:1b:cb:6b:
41:25:f9:e2:26:2e:53:b7:23:f6:58:79:7e:cb:eb:
0c:a6:28:ef:d6:b2:77:d8:fb:c4:f7:45:92:de:3f:
87:6a:e3:19:2d:12:23:02:86:4a:16:28:41:d0:7b:
6e:6d:4d:e3:3c:da:aa:bb:30:3d:2e:1e:62:ba:a3:
22:c8:76:66:44:d5:8b:68:6f:4d:1c:c5:66:df:51:
4c:56:6a:84:9f:62:6d:2c:00:45:f4:6d:ae:b1:f5:
10:52:2d:64:7c:19:e7:6f:60:59:f3:4d:33:ae:b9:
ec:5a:2b:66:ad:ca:06:04:6a:5d:26:8c:c1:6a:b4:
ed:41:3c:ca:79:8d:e7:04:3a:bd:1d:e3:74:e8:7c:
c4:87:c3:e2:55:f1:c9:75:b3:18:a2:a6:98:a9:53:
6d:47:f4:4c:7b:89:10:c1:18:98:5c:c5:33:ec:18:
a5:c7:b5:be:3f:92:82:fe:0f:b6:7f:10:50:c3:4d:
58:bb:2d:57:84:90:05:13:e1:55:a6:ed:4a:a9:9a:
0d:2d:5b:67:52:6f:0c:6b:28:ce:b4:ec:8d:2b:ea:
68:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:97:21:E3:90:5E:49:B5:C6:C3:21:98:D4:C2:58:AE:F3:07:C0:52
X509v3 Authority Key Identifier:
keyid:48:B9:94:59:87:F6:76:B4:6C:ED:3D:E1:28:49:A8:A3:8F:40:68:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E1BAB/0B97601AF66411EA91CD2A53C4F9AE02/SLmUWYf2drRs7T3hKEmoo49AaLU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SLmUWYf2drRs7T3hKEmoo49AaLU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E1BAB/0B97601AF66411EA91CD2A53C4F9AE02/37A46070F6F211EA922F482BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.28.192.0/19
103.1.60.0/22
115.85.129.0-115.85.130.255
115.85.132.0/22
203.215.128.0-203.215.152.255
203.215.154.0-203.215.159.255
Signature Algorithm: sha256WithRSAEncryption
0e:59:5e:e8:34:78:59:8d:d2:d4:94:84:9b:a3:e5:9d:1b:b3:
93:96:91:81:b9:69:4d:cc:6f:f4:5f:c7:71:83:d0:6b:1f:42:
be:ab:80:ff:b3:15:32:bc:4d:2f:7d:a1:58:83:c9:42:42:2f:
9b:77:b9:39:d9:8c:fb:29:30:c4:d5:04:05:3f:cb:3e:0b:ff:
a5:dd:8f:72:11:51:30:64:71:21:be:07:e2:b8:dd:d0:01:db:
99:9a:94:e8:c5:f9:cc:19:3f:fc:02:74:34:94:55:b3:81:8d:
c6:1c:f2:e8:d0:83:e0:d7:af:71:ef:91:d8:d5:43:b3:db:de:
56:e0:b4:ff:49:35:69:88:fb:a9:20:d9:32:e8:bb:82:4e:60:
af:e0:25:20:cc:c9:03:7b:89:06:ce:11:f7:e9:28:60:4e:41:
b0:2c:25:a9:20:4f:e5:2d:c7:6c:c3:3f:be:ae:90:a7:08:60:
d3:16:5f:a9:b2:02:e0:91:8b:70:b9:dd:00:1f:9a:39:22:18:
a8:50:62:e4:2d:9a:a5:da:b0:96:4e:99:2d:5a:2d:58:ed:d2:
15:39:39:48:bd:99:3b:d6:88:f7:b0:6d:a8:b7:31:21:2c:b7:
f3:f7:87:83:c1:c0:5f:2a:44:5f:d7:1a:88:c9:6c:b7:c3:c2:
0b:2a:34:0f
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgICB/wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTFCQUIxMTAvBgNVBAUTKDQ4Qjk5NDU5ODdGNjc2QjQ2Q0VEM0RFMTI4NDlBOEEz
OEY0MDY4QjUwHhcNMjUwNjI0MjExODM0WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODViMTYyOS0yODk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn8N46c8gJ1Eq60ZKlZitOaij/pVulXIDn/uatHtyymgqgQX1dbhNJMMby2tB
JfniJi5TtyP2WHl+y+sMpijv1rJ32PvE90WS3j+HauMZLRIjAoZKFihB0HtubU3j
PNqquzA9Lh5iuqMiyHZmRNWLaG9NHMVm31FMVmqEn2JtLABF9G2usfUQUi1kfBnn
b2BZ800zrrnsWitmrcoGBGpdJozBarTtQTzKeY3nBDq9HeN06HzEh8PiVfHJdbMY
oqaYqVNtR/RMe4kQwRiYXMUz7Bilx7W+P5KC/g+2fxBQw01Yuy1XhJAFE+FVpu1K
qZoNLVtnUm8MayjOtOyNK+poqwIDAQABo4ICyzCCAscwHQYDVR0OBBYEFACXIeOQ
Xkm1xsMhmNTCWK7zB8BSMB8GA1UdIwQYMBaAFEi5lFmH9na0bO094ShJqKOPQGi1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMUJBQi8wQjk3NjAxQUY2
NjQxMUVBOTFDRDJBNTNDNEY5QUUwMi9TTG1VV1lmMmRyUnM3VDNoS0Vtb280OUFh
TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NMbVVXWWYyZHJSczdUM2hLRW1vbzQ5QWFMVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTFCQUIvMEI5NzYwMUFGNjY0MTFFQTkxQ0QyQTUzQzRGOUFFMDIvMzdBNDYwNzBG
NkYyMTFFQTkyMkY0ODJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVQYIKwYBBQUHAQcBAf8E
RjBEMEIEAgABMDwDBAU9HMADBAJnATwwDAMEAHNVgQMEAHNVggMEAnNVhDAMAwQH
y9eAAwQAy9eYMAwDBAHL15oDBAXL14AwDQYJKoZIhvcNAQELBQADggEBAA5ZXug0
eFmN0tSUhJuj5Z0bs5OWkYG5aU3Mb/Rfx3GD0GsfQr6rgP+zFTK8TS99oViDyUJC
L5t3uTnZjPspMMTVBAU/yz4L/6Xdj3IRUTBkcSG+B+K43dAB25malOjF+cwZP/wC
dDSUVbOBjcYc8ujQg+DXr3HvkdjVQ7Pb3lbgtP9JNWmI+6kg2TLou4JOYK/gJSDM
yQN7iQbOEffpKGBOQbAsJakgT+Utx2zDP76ukKcIYNMWX6myAuCRi3C53QAfmjki
GKhQYuQtmqXasJZOmS1aLVjt0hU5OUi9mTvWiPewbai3MSEst/P3h4PBwF8qRF/X
GojJbLfDwgsqNA8=
-----END CERTIFICATE-----
Generated at Thu Jul 3 02:55:33 2025 by rpki-client