Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911ABDD/3AE004B4D77811E4B3778B72C4F9AE02/4BDAE70EB7A911EF9D4E880CC4F9AE02.roa
File: 4BDAE70EB7A911EF9D4E880CC4F9AE02.roa (raw, json)
Hash identifier: m2nIep6ftkfrIPBLf24Qcs2kiAMJ/4wpttb2LM7mGxA=
Subject key identifier: 2B:8F:0F:6F:91:6D:3A:8B:E8:D6:FA:AF:42:DE:7A:4A:1A:E4:D8:7C
Certificate issuer: /CN=A911ABDD/serialNumber=4287B3332176DB486A2CBC425402FA9C86B6DC48
Certificate serial: 1E5A
Authority key identifier: 42:87:B3:33:21:76:DB:48:6A:2C:BC:42:54:02:FA:9C:86:B6:DC:48
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QoezMyF220hqLLxCVAL6nIa23Eg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911ABDD/3AE004B4D77811E4B3778B72C4F9AE02/4BDAE70EB7A911EF9D4E880CC4F9AE02.roa
Signing time: Fri 08 Aug 2025 15:52:59 +0000
ROA not before: Fri 08 Aug 2025 15:52:59 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 23932
IP address blocks: 180.128.0.0/24 maxlen: 24
180.128.1.0/24 maxlen: 24
180.128.2.0/24 maxlen: 24
180.128.3.0/24 maxlen: 24
180.128.4.0/24 maxlen: 24
180.128.5.0/24 maxlen: 24
180.128.6.0/24 maxlen: 24
180.128.7.0/24 maxlen: 24
180.128.8.0/24 maxlen: 24
180.128.9.0/24 maxlen: 24
180.128.10.0/24 maxlen: 24
180.128.11.0/24 maxlen: 24
180.128.12.0/24 maxlen: 24
180.128.13.0/24 maxlen: 24
180.128.14.0/24 maxlen: 24
180.128.15.0/24 maxlen: 24
180.128.16.0/24 maxlen: 24
180.128.17.0/24 maxlen: 24
180.128.18.0/24 maxlen: 24
180.128.19.0/24 maxlen: 24
180.128.20.0/24 maxlen: 24
180.128.21.0/24 maxlen: 24
180.128.22.0/24 maxlen: 24
180.128.23.0/24 maxlen: 24
180.128.24.0/24 maxlen: 24
180.128.25.0/24 maxlen: 24
180.128.26.0/24 maxlen: 24
180.128.27.0/24 maxlen: 24
180.128.28.0/24 maxlen: 24
180.128.29.0/24 maxlen: 24
180.128.30.0/24 maxlen: 24
180.128.31.0/24 maxlen: 24
180.128.240.0/24 maxlen: 24
180.128.241.0/24 maxlen: 24
180.128.242.0/24 maxlen: 24
180.128.243.0/24 maxlen: 24
180.128.244.0/24 maxlen: 24
180.128.245.0/24 maxlen: 24
180.128.246.0/24 maxlen: 24
180.128.247.0/24 maxlen: 24
202.44.52.0/24 maxlen: 24
202.44.53.0/24 maxlen: 24
202.44.54.0/24 maxlen: 24
202.44.55.0/24 maxlen: 24
202.52.4.0/24 maxlen: 24
202.52.5.0/24 maxlen: 24
202.52.6.0/24 maxlen: 24
202.52.7.0/24 maxlen: 24
203.145.112.0/24 maxlen: 24
203.145.113.0/24 maxlen: 24
203.145.114.0/24 maxlen: 24
203.145.115.0/24 maxlen: 24
203.145.116.0/24 maxlen: 24
203.145.117.0/24 maxlen: 24
203.145.118.0/24 maxlen: 24
203.145.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911ABDD/3AE004B4D77811E4B3778B72C4F9AE02/QoezMyF220hqLLxCVAL6nIa23Eg.crl
rsync://rpki.apnic.net/member_repository/A911ABDD/3AE004B4D77811E4B3778B72C4F9AE02/QoezMyF220hqLLxCVAL6nIa23Eg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QoezMyF220hqLLxCVAL6nIa23Eg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7770 (0x1e5a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911ABDD, serialNumber=4287B3332176DB486A2CBC425402FA9C86B6DC48
Validity
Not Before: Aug 8 15:52:59 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=68961d5b-c64b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3c:73:fa:a2:4e:e7:d4:96:95:71:8c:ec:81:
cf:72:a7:d8:ed:be:1e:e7:54:b2:47:52:f7:2c:f3:
03:2b:ce:2c:0c:93:49:64:79:46:4c:da:80:b4:b4:
da:0a:8a:45:80:23:81:06:3c:aa:18:ec:5a:e8:fe:
d6:25:ff:4d:74:37:af:58:35:8a:68:0d:6e:dc:14:
8a:34:62:e1:c2:c7:45:7f:bc:01:ce:1c:6c:23:1f:
00:dc:56:46:5d:56:ae:f3:dd:c6:e1:89:97:2f:8f:
f5:9f:51:bb:f0:89:3b:96:94:c9:32:37:5a:71:90:
9a:16:1a:d5:64:93:a1:21:78:d5:b9:78:b7:06:f8:
1b:85:56:46:e8:31:6e:ab:42:68:df:f7:55:d2:1b:
8d:74:30:ad:ac:a3:e0:88:cb:59:cc:fc:99:f4:b6:
7c:77:54:4a:17:10:72:9a:9e:42:42:22:d0:ac:f8:
11:ac:3b:08:5f:b1:3a:07:a9:c3:1b:81:82:64:12:
b8:2e:d4:19:0b:18:4f:f3:30:c3:f9:5e:41:00:8b:
22:3a:a3:41:14:be:58:4a:bc:2f:ce:f7:c1:a1:51:
a5:69:b0:8b:06:00:f6:14:d8:ea:4f:ca:75:b7:12:
df:7b:f1:00:aa:ad:d9:58:3f:a4:68:69:34:9c:12:
ed:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:8F:0F:6F:91:6D:3A:8B:E8:D6:FA:AF:42:DE:7A:4A:1A:E4:D8:7C
X509v3 Authority Key Identifier:
keyid:42:87:B3:33:21:76:DB:48:6A:2C:BC:42:54:02:FA:9C:86:B6:DC:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911ABDD/3AE004B4D77811E4B3778B72C4F9AE02/QoezMyF220hqLLxCVAL6nIa23Eg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QoezMyF220hqLLxCVAL6nIa23Eg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911ABDD/3AE004B4D77811E4B3778B72C4F9AE02/4BDAE70EB7A911EF9D4E880CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
180.128.0.0/19
180.128.240.0/21
202.44.52.0/22
202.52.4.0/22
203.145.112.0/21
Signature Algorithm: sha256WithRSAEncryption
e4:a6:d2:f9:31:61:ca:65:cd:bb:23:a0:05:ae:80:9f:f3:38:
1b:90:0c:77:bc:db:03:2d:91:6c:28:57:70:1e:9d:57:d7:e9:
c3:ef:ad:37:02:92:a7:aa:2e:f7:e9:2e:db:28:e6:a9:cc:d4:
ba:38:6c:bb:2e:c5:47:73:20:55:60:5c:b4:42:7d:5a:6b:96:
0a:51:7d:3d:32:7b:3b:58:3e:39:62:99:b7:98:f2:96:68:c6:
e9:3d:69:88:b1:63:e1:89:11:18:f2:a7:0f:1c:de:6b:0c:0d:
56:00:49:6d:45:e4:2b:0d:aa:f3:62:af:28:d1:e4:d0:de:c6:
54:d8:cb:59:1f:04:16:36:2d:49:2d:d4:aa:d8:40:7f:de:c4:
ea:cd:e4:ca:d1:09:e5:ed:5d:fb:fc:7e:f2:78:01:68:ee:cc:
12:03:e1:da:6c:63:a8:c0:7f:f4:ca:4d:58:a1:4c:bf:44:26:
22:4c:2f:3b:3c:45:48:0b:40:5a:32:4f:e2:8a:62:de:7a:ab:
e9:d7:96:13:fc:93:b5:f9:2e:a8:36:40:ba:5c:61:88:8c:cd:
62:f4:a3:3d:ce:5d:1e:79:5d:84:b1:00:8b:3d:d7:98:3d:53:
b7:1d:1b:56:62:56:ad:b3:49:39:b8:16:b5:1a:af:9c:39:c8:
be:dd:e7:f7
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICHlowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUFCREQxMTAvBgNVBAUTKDQyODdCMzMzMjE3NkRCNDg2QTJDQkM0MjU0MDJGQTlD
ODZCNkRDNDgwHhcNMjUwODA4MTU1MjU5WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODk2MWQ1Yi1jNjRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtDxz+qJO59SWlXGM7IHPcqfY7b4e51SyR1L3LPMDK84sDJNJZHlGTNqAtLTa
CopFgCOBBjyqGOxa6P7WJf9NdDevWDWKaA1u3BSKNGLhwsdFf7wBzhxsIx8A3FZG
XVau893G4YmXL4/1n1G78Ik7lpTJMjdacZCaFhrVZJOhIXjVuXi3BvgbhVZG6DFu
q0Jo3/dV0huNdDCtrKPgiMtZzPyZ9LZ8d1RKFxBymp5CQiLQrPgRrDsIX7E6B6nD
G4GCZBK4LtQZCxhP8zDD+V5BAIsiOqNBFL5YSrwvzvfBoVGlabCLBgD2FNjqT8p1
txLfe/EAqq3ZWD+kaGk0nBLtBQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFCuPD2+R
bTqL6Nb6r0Leekoa5Nh8MB8GA1UdIwQYMBaAFEKHszMhdttIaiy8QlQC+pyGttxI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQUJERC8zQUUwMDRCNEQ3
NzgxMUU0QjM3NzhCNzJDNEY5QUUwMi9Rb2V6TXlGMjIwaHFMTHhDVkFMNm5JYTIz
RWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FvZXpNeUYyMjBocUxMeENWQUw2bklhMjNFZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUFCREQvM0FFMDA0QjRENzc4MTFFNEIzNzc4QjcyQzRGOUFFMDIvNEJEQUU3MEVC
N0E5MTFFRjlENEU4ODBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAW0gAADBAO0gPADBALKLDQDBALKNAQDBAPLkXAwDQYJKoZI
hvcNAQELBQADggEBAOSm0vkxYcplzbsjoAWugJ/zOBuQDHe82wMtkWwoV3AenVfX
6cPvrTcCkqeqLvfpLtso5qnM1Lo4bLsuxUdzIFVgXLRCfVprlgpRfT0yeztYPjli
mbeY8pZoxuk9aYixY+GJERjypw8c3msMDVYASW1F5CsNqvNiryjR5NDexlTYy1kf
BBY2LUkt1KrYQH/exOrN5MrRCeXtXfv8fvJ4AWjuzBID4dpsY6jAf/TKTVihTL9E
JiJMLzs8RUgLQFoyT+KKYt56q+nXlhP8k7X5Lqg2QLpcYYiMzWL0oz3OXR55XYSx
AIs915g9U7cdG1ZiVq2zSTm4FrUar5w5yL7d5/c=
-----END CERTIFICATE-----
Generated at Sun Aug 10 21:17:59 2025 by rpki-client