Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
File: B32F80267BD111EBBB223C84C4F9AE02.roa (raw, json)
Hash identifier: rssAgIsNrYdPBZI1ncYzBhB5H6gqntjn15P67N6CTDU=
Subject key identifier: 1F:22:41:01:BF:32:B5:0D:D8:5F:5C:18:5C:15:6F:5F:89:7E:9A:54
Certificate issuer: /CN=A91EDB37/serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Certificate serial: 071F
Authority key identifier: 95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
Signing time: Mon 30 Jun 2025 08:36:18 +0000
ROA not before: Mon 30 Jun 2025 08:36:18 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 21859
IP address blocks: 129.227.17.0/24 maxlen: 24
129.227.18.0/24 maxlen: 24
129.227.19.0/24 maxlen: 24
129.227.29.0/24 maxlen: 24
129.227.30.0/24 maxlen: 24
129.227.31.0/24 maxlen: 24
129.227.63.0/24 maxlen: 24
129.227.176.0/23 maxlen: 24
129.227.192.0/24 maxlen: 24
129.227.193.0/24 maxlen: 24
129.227.194.0/23 maxlen: 24
156.59.16.0/22 maxlen: 24
156.59.48.0/23 maxlen: 24
156.59.50.0/23 maxlen: 24
156.59.52.0/22 maxlen: 24
156.59.73.0/24 maxlen: 24
156.59.80.0/21 maxlen: 24
156.59.94.0/23 maxlen: 24
156.59.108.0/24 maxlen: 24
156.59.123.0/24 maxlen: 24
156.59.128.0/21 maxlen: 24
156.59.136.0/21 maxlen: 24
156.59.146.0/24 maxlen: 24
156.59.216.0/24 maxlen: 24
156.59.224.0/24 maxlen: 24
156.59.225.0/24 maxlen: 24
156.59.241.0/24 maxlen: 24
162.128.43.0/24 maxlen: 24
162.128.44.0/24 maxlen: 24
162.128.53.0/24 maxlen: 24
162.128.54.0/24 maxlen: 24
162.128.55.0/24 maxlen: 24
162.128.140.0/24 maxlen: 24
162.128.149.0/24 maxlen: 24
162.128.150.0/24 maxlen: 24
162.128.196.0/24 maxlen: 24
162.128.199.0/24 maxlen: 24
162.128.200.0/24 maxlen: 24
162.128.201.0/24 maxlen: 24
162.128.202.0/24 maxlen: 24
162.128.204.0/24 maxlen: 24
162.128.205.0/24 maxlen: 24
162.128.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 09 Jul 2025 22:32:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1823 (0x71f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EDB37, serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Validity
Not Before: Jun 30 08:36:18 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=68624c81-a374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d5:a6:03:61:54:95:bb:07:6a:37:59:8a:81:
6b:67:c8:4d:d0:15:2c:49:fe:07:11:83:4c:da:4b:
91:14:22:0c:f1:11:22:d3:28:39:be:b1:22:62:cb:
6f:86:12:db:d6:d4:5e:33:5d:0e:ff:33:9d:6c:21:
23:90:48:3a:e7:13:61:84:63:6b:0a:33:62:a7:33:
f9:72:05:12:03:13:ee:d8:d2:b3:c6:45:a7:b2:15:
c5:db:e5:56:aa:70:10:72:c9:07:31:63:5e:4a:ab:
1f:25:c5:28:37:0c:da:6f:5a:ab:4f:15:aa:19:96:
22:b8:49:7b:8b:59:e4:13:3c:2c:98:77:07:57:06:
d5:9f:bd:76:be:91:21:7b:7a:13:07:b8:5a:f9:b1:
2b:ad:74:73:ba:26:f3:40:42:52:64:c7:16:83:00:
0e:ec:1e:e1:28:76:e0:b8:be:56:2d:8a:35:b3:ef:
49:96:41:6c:67:8a:57:79:be:02:10:e5:72:59:ec:
15:db:c8:83:66:72:3d:fa:64:16:6d:27:c5:17:a6:
5e:dd:f0:54:39:62:45:81:7a:43:3f:96:10:d3:20:
f1:75:64:e9:d2:00:c3:e9:8c:fc:6e:09:25:fb:cd:
5a:dd:6c:57:09:26:0c:0e:1b:0f:5a:04:05:0b:0a:
01:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:22:41:01:BF:32:B5:0D:D8:5F:5C:18:5C:15:6F:5F:89:7E:9A:54
X509v3 Authority Key Identifier:
keyid:95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.227.17.0-129.227.19.255
129.227.29.0-129.227.31.255
129.227.63.0/24
129.227.176.0/23
129.227.192.0/22
156.59.16.0/22
156.59.48.0/21
156.59.73.0/24
156.59.80.0/21
156.59.94.0/23
156.59.108.0/24
156.59.123.0/24
156.59.128.0/20
156.59.146.0/24
156.59.216.0/24
156.59.224.0/23
156.59.241.0/24
162.128.43.0-162.128.44.255
162.128.53.0-162.128.55.255
162.128.140.0/24
162.128.149.0-162.128.150.255
162.128.196.0/24
162.128.199.0-162.128.202.255
162.128.204.0/23
162.128.254.0/24
Signature Algorithm: sha256WithRSAEncryption
49:80:52:91:55:de:43:ce:f1:40:9f:05:2e:53:82:3c:98:09:
02:ea:48:8c:8f:5d:50:07:dc:94:73:9d:af:8d:a7:ac:f9:a4:
5e:c0:4c:1c:a8:94:b2:56:9a:99:5b:4a:71:d4:95:f1:2b:2c:
10:54:6b:79:4d:d4:82:f8:dc:82:88:4f:a2:9e:bd:79:21:14:
b8:11:06:9a:5a:3d:59:56:4e:9e:c8:15:1d:0a:79:e5:69:c4:
67:06:cc:39:dc:25:06:5a:2f:2a:ad:d0:1a:22:5c:b6:36:4f:
33:fa:29:5e:8b:ab:d8:fe:d1:45:03:b7:1c:ed:76:b6:09:4f:
8e:a7:8b:ad:3e:c3:6a:e5:06:68:1d:80:7f:fb:78:f8:81:74:
2b:0c:13:61:a2:5f:13:08:42:2c:36:0a:9b:72:e4:34:34:7e:
cf:85:47:8d:49:d7:35:9c:0d:1d:70:44:1e:6f:f0:48:d1:43:
5e:ea:b9:74:83:07:1c:f2:b3:9f:e1:c4:94:c4:d1:37:d5:52:
2f:5b:e3:00:ce:17:58:d8:fd:bd:8e:d2:8f:98:36:dd:21:df:
d0:50:fc:78:04:ed:75:9a:a1:a4:0d:4d:a1:e3:a6:72:fa:aa:
f0:93:5f:b7:a1:f0:10:d9:79:8b:29:76:93:a5:76:ec:99:ab:
5f:36:e8:4e
-----BEGIN CERTIFICATE-----
MIIGNjCCBR6gAwIBAgICBx8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RURCMzcxMTAvBgNVBAUTKDk1RkVCRTkzQTMzQTMzOTRCRDFGNjBEQ0JCRERCOUZE
RTA3MkI3RjMwHhcNMjUwNjMwMDgzNjE4WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODYyNGM4MS1hMzc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAptWmA2FUlbsHajdZioFrZ8hN0BUsSf4HEYNM2kuRFCIM8REi0yg5vrEiYstv
hhLb1tReM10O/zOdbCEjkEg65xNhhGNrCjNipzP5cgUSAxPu2NKzxkWnshXF2+VW
qnAQcskHMWNeSqsfJcUoNwzab1qrTxWqGZYiuEl7i1nkEzwsmHcHVwbVn712vpEh
e3oTB7ha+bErrXRzuibzQEJSZMcWgwAO7B7hKHbguL5WLYo1s+9JlkFsZ4pXeb4C
EOVyWewV28iDZnI9+mQWbSfFF6Ze3fBUOWJFgXpDP5YQ0yDxdWTp0gDD6Yz8bgkl
+81a3WxXCSYMDhsPWgQFCwoBDwIDAQABo4IDWjCCA1YwHQYDVR0OBBYEFB8iQQG/
MrUN2F9cGFwVb1+JfppUMB8GA1UdIwQYMBaAFJX+vpOjOjOUvR9g3Lvduf3gcrfz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFREIzNy80REU2MzVFMDc4
QTAxMUVCOTUwRDMxNzVDNEY5QUUwMi9sZjYtazZNNk01UzlIMkRjdTkyNV9lQnl0
X00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2xmNi1rNk02TTVTOUgyRGN1OTI1X2VCeXRfTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RURCMzcvNERFNjM1RTA3OEEwMTFFQjk1MEQzMTc1QzRGOUFFMDIvQjMyRjgwMjY3
QkQxMTFFQkJCMjIzQzg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgeMGCCsGAQUFBwEHAQH/
BIHTMIHQMIHNBAIAATCBxjAMAwQAgeMRAwQCgeMQMAwDBACB4x0DBAWB4wADBACB
4z8DBAGB47ADBAKB48ADBAKcOxADBAOcOzADBACcO0kDBAOcO1ADBAGcO14DBACc
O2wDBACcO3sDBAScO4ADBACcO5IDBACcO9gDBAGcO+ADBACcO/EwDAMEAKKAKwME
AKKALDAMAwQAooA1AwQDooAwAwQAooCMMAwDBACigJUDBACigJYDBACigMQwDAME
AKKAxwMEAKKAygMEAaKAzAMEAKKA/jANBgkqhkiG9w0BAQsFAAOCAQEASYBSkVXe
Q87xQJ8FLlOCPJgJAupIjI9dUAfclHOdr42nrPmkXsBMHKiUslaamVtKcdSV8Sss
EFRreU3UgvjcgohPop69eSEUuBEGmlo9WVZOnsgVHQp55WnEZwbMOdwlBlovKq3Q
GiJctjZPM/opXour2P7RRQO3HO12tglPjqeLrT7DauUGaB2Af/t4+IF0KwwTYaJf
EwhCLDYKm3LkNDR+z4VHjUnXNZwNHXBEHm/wSNFDXuq5dIMHHPKzn+HElMTRN9VS
L1vjAM4XWNj9vY7Sj5g23SHf0FD8eATtdZqhpA1NoeOmcvqq8JNft6HwENl5iyl2
k6V27JmrXzboTg==
-----END CERTIFICATE-----
Generated at Thu Jul 3 21:46:49 2025 by rpki-client