Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911BCF8/B7078F80005411EA9ABDF51FC4F9AE02/AFA9D654D9F711EEA1409D5DC4F9AE02.roa
File: AFA9D654D9F711EEA1409D5DC4F9AE02.roa (raw, json)
Hash identifier: jSwMcFszO57ienV1VmhbXd49FtQGNQErTQsLI54ATCo=
Subject key identifier: 38:3D:C8:92:FC:01:41:D5:6E:3F:3F:59:F9:4C:15:F8:6F:A5:56:B8
Certificate issuer: /CN=A911BCF8/serialNumber=889332A4E25C21E89BFA43FA002D2D1F0AD7E797
Certificate serial: 0C50
Authority key identifier: 88:93:32:A4:E2:5C:21:E8:9B:FA:43:FA:00:2D:2D:1F:0A:D7:E7:97
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iJMypOJcIeib-kP6AC0tHwrX55c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911BCF8/B7078F80005411EA9ABDF51FC4F9AE02/AFA9D654D9F711EEA1409D5DC4F9AE02.roa
Signing time: Thu 20 Mar 2025 18:27:57 +0000
ROA not before: Thu 20 Mar 2025 18:27:57 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 134113
IP address blocks: 27.123.252.0/22 maxlen: 24
103.52.134.0/23 maxlen: 24
103.71.46.0/23 maxlen: 24
2403:140::/32 maxlen: 32
2403:140::/48 maxlen: 48
2403:140:1::/48 maxlen: 48
2403:140:2::/48 maxlen: 48
2403:140:3::/48 maxlen: 48
2403:140:4::/48 maxlen: 48
2403:140:5::/48 maxlen: 48
2403:140:6::/48 maxlen: 48
2403:140:7::/48 maxlen: 48
2403:140:8::/48 maxlen: 48
2403:140:9::/48 maxlen: 48
2403:140:a::/48 maxlen: 48
2403:140:b::/48 maxlen: 48
2403:140:c::/48 maxlen: 48
2403:140:d::/48 maxlen: 48
2403:140:e::/48 maxlen: 48
2403:140:f::/48 maxlen: 48
2403:140:103::/48 maxlen: 48
2403:140:121::/48 maxlen: 48
2403:140:1111::/48 maxlen: 48
2403:140:8888::/48 maxlen: 48
2403:140:ff00::/40 maxlen: 40
2403:140:ff00::/48 maxlen: 48
2403:140:ff01::/48 maxlen: 48
2403:140:ff02::/48 maxlen: 48
2403:140:ff03::/48 maxlen: 48
2403:140:ff04::/48 maxlen: 48
2403:140:ff05::/48 maxlen: 48
2403:140:ff06::/48 maxlen: 48
2403:140:ff07::/48 maxlen: 48
2403:140:ff08::/48 maxlen: 48
2403:140:ff09::/48 maxlen: 48
2403:140:ff0a::/48 maxlen: 48
2403:140:ff0b::/48 maxlen: 48
2403:140:ff0c::/48 maxlen: 48
2403:140:ff0d::/48 maxlen: 48
2403:140:ff0e::/48 maxlen: 48
2403:140:ff0f::/48 maxlen: 48
2403:140:ff10::/48 maxlen: 48
2403:140:ff11::/48 maxlen: 48
2403:140:ff12::/48 maxlen: 48
2403:140:ff13::/48 maxlen: 48
2403:140:ff14::/48 maxlen: 48
2403:140:ff15::/48 maxlen: 48
2403:140:ff16::/48 maxlen: 48
2403:140:ff17::/48 maxlen: 48
2403:140:ff18::/48 maxlen: 48
2403:140:ff19::/48 maxlen: 48
2403:140:ff1a::/48 maxlen: 48
2403:140:ff1b::/48 maxlen: 48
2403:140:ff1c::/48 maxlen: 48
2403:140:ff1d::/48 maxlen: 48
2403:140:ff1e::/48 maxlen: 48
2403:140:ff1f::/48 maxlen: 48
2403:140:ff20::/48 maxlen: 48
2403:140:ff21::/48 maxlen: 48
2403:140:ff22::/48 maxlen: 48
2403:140:ff23::/48 maxlen: 48
2403:140:ff24::/48 maxlen: 48
2403:140:ff25::/48 maxlen: 48
2403:140:ff26::/48 maxlen: 48
2403:140:ff27::/48 maxlen: 48
2403:140:ff28::/48 maxlen: 48
2403:140:ff29::/48 maxlen: 48
2403:140:ff2a::/48 maxlen: 48
2403:140:ff2b::/48 maxlen: 48
2403:140:ff2c::/48 maxlen: 48
2403:140:ff2d::/48 maxlen: 48
2403:140:ff2e::/48 maxlen: 48
2403:140:ff2f::/48 maxlen: 48
2403:140:ff30::/48 maxlen: 48
2403:140:ff31::/48 maxlen: 48
2403:140:ff32::/48 maxlen: 48
2403:140:ff33::/48 maxlen: 48
2403:140:ff34::/48 maxlen: 48
2403:140:ff35::/48 maxlen: 48
2403:140:ff36::/48 maxlen: 48
2403:140:ff37::/48 maxlen: 48
2403:140:ff38::/48 maxlen: 48
2403:140:ff39::/48 maxlen: 48
2403:140:ff3a::/48 maxlen: 48
2403:140:ff3b::/48 maxlen: 48
2403:140:ff3c::/48 maxlen: 48
2403:140:ff3d::/48 maxlen: 48
2403:140:ff3e::/48 maxlen: 48
2403:140:ff3f::/48 maxlen: 48
2403:140:ff40::/48 maxlen: 48
2403:140:ff41::/48 maxlen: 48
2403:140:ff42::/48 maxlen: 48
2403:140:ff43::/48 maxlen: 48
2403:140:ff44::/48 maxlen: 48
2403:140:ff45::/48 maxlen: 48
2403:140:ff46::/48 maxlen: 48
2403:140:ff47::/48 maxlen: 48
2403:140:ff48::/48 maxlen: 48
2403:140:ff49::/48 maxlen: 48
2403:140:ff4a::/48 maxlen: 48
2403:140:ff4b::/48 maxlen: 48
2403:140:ff4c::/48 maxlen: 48
2403:140:ff4d::/48 maxlen: 48
2403:140:ff4e::/48 maxlen: 48
2403:140:ff4f::/48 maxlen: 48
2403:140:ff50::/48 maxlen: 48
2403:140:ff51::/48 maxlen: 48
2403:140:ff52::/48 maxlen: 48
2403:140:ff53::/48 maxlen: 48
2403:140:ff54::/48 maxlen: 48
2403:140:ff55::/48 maxlen: 48
2403:140:ff56::/48 maxlen: 48
2403:140:ff57::/48 maxlen: 48
2403:140:ff58::/48 maxlen: 48
2403:140:ff59::/48 maxlen: 48
2403:140:ff5a::/48 maxlen: 48
2403:140:ff5b::/48 maxlen: 48
2403:140:ff5c::/48 maxlen: 48
2403:140:ff5d::/48 maxlen: 48
2403:140:ff5e::/48 maxlen: 48
2403:140:ff5f::/48 maxlen: 48
2403:140:ff60::/48 maxlen: 48
2403:140:ff61::/48 maxlen: 48
2403:140:ff62::/48 maxlen: 48
2403:140:ff63::/48 maxlen: 48
2403:140:ff64::/48 maxlen: 48
2403:140:ff65::/48 maxlen: 48
2403:140:ff66::/48 maxlen: 48
2403:140:ff67::/48 maxlen: 48
2403:140:ff68::/48 maxlen: 48
2403:140:ff69::/48 maxlen: 48
2403:140:ff6a::/48 maxlen: 48
2403:140:ff6b::/48 maxlen: 48
2403:140:ff6c::/48 maxlen: 48
2403:140:ff6d::/48 maxlen: 48
2403:140:ff6e::/48 maxlen: 48
2403:140:ff6f::/48 maxlen: 48
2403:140:ff70::/48 maxlen: 48
2403:140:ff71::/48 maxlen: 48
2403:140:ff72::/48 maxlen: 48
2403:140:ff73::/48 maxlen: 48
2403:140:ff74::/48 maxlen: 48
2403:140:ff75::/48 maxlen: 48
2403:140:ff76::/48 maxlen: 48
2403:140:ff77::/48 maxlen: 48
2403:140:ff78::/48 maxlen: 48
2403:140:ff79::/48 maxlen: 48
2403:140:ff7a::/48 maxlen: 48
2403:140:ff7b::/48 maxlen: 48
2403:140:ff7c::/48 maxlen: 48
2403:140:ff7d::/48 maxlen: 48
2403:140:ff7e::/48 maxlen: 48
2403:140:ff7f::/48 maxlen: 48
2403:140:ff80::/48 maxlen: 48
2403:140:ff81::/48 maxlen: 48
2403:140:ff82::/48 maxlen: 48
2403:140:ff83::/48 maxlen: 48
2403:140:ff84::/48 maxlen: 48
2403:140:ff85::/48 maxlen: 48
2403:140:ff86::/48 maxlen: 48
2403:140:ff87::/48 maxlen: 48
2403:140:ff88::/48 maxlen: 48
2403:140:ff89::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911BCF8/B7078F80005411EA9ABDF51FC4F9AE02/iJMypOJcIeib-kP6AC0tHwrX55c.crl
rsync://rpki.apnic.net/member_repository/A911BCF8/B7078F80005411EA9ABDF51FC4F9AE02/iJMypOJcIeib-kP6AC0tHwrX55c.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iJMypOJcIeib-kP6AC0tHwrX55c.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 01 May 2025 18:17:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3152 (0xc50)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911BCF8, serialNumber=889332A4E25C21E89BFA43FA002D2D1F0AD7E797
Validity
Not Before: Mar 20 18:27:57 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67dc5e2c-b5e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:f7:60:5b:f3:08:33:e4:89:74:fe:11:55:8d:
29:7b:46:92:f2:f1:7a:29:d6:ae:d1:de:e3:4b:24:
f3:12:81:34:98:0b:b8:cb:19:77:06:a4:81:3d:54:
2f:5b:15:7a:07:dd:64:5a:c5:9a:94:20:fa:cc:82:
dd:fa:2b:5c:ee:31:7f:ec:11:b7:a9:c0:23:f2:82:
a1:ed:d0:4b:59:fb:ed:36:07:78:d8:35:71:f1:70:
11:6f:25:38:fc:eb:a8:5f:d4:f3:2c:91:6b:62:e1:
1e:8d:35:94:84:1f:3c:04:5a:29:2c:53:d3:be:77:
94:96:d9:54:1e:7f:7e:95:a4:a1:9a:c2:df:67:ac:
e3:2d:1a:8e:be:f8:90:2c:b5:fb:f7:0e:f6:02:9f:
d1:2a:b8:c6:5e:f3:f5:02:bf:77:cd:7e:ea:b9:61:
1c:c7:f1:f6:86:41:bd:43:1b:46:e4:16:7e:c3:86:
8e:ec:7e:13:3f:4c:26:10:41:e4:dc:6b:d5:52:3e:
f3:6a:45:e5:d6:98:a0:c3:66:6f:d4:a6:97:ff:44:
93:9e:9b:e8:47:0c:90:78:8d:6e:21:2a:a9:2f:e5:
86:87:f4:fb:fb:04:2b:a8:30:c5:41:07:60:ec:e3:
5e:b7:96:d5:69:3e:d0:09:c2:91:7c:15:70:c5:cf:
ad:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:3D:C8:92:FC:01:41:D5:6E:3F:3F:59:F9:4C:15:F8:6F:A5:56:B8
X509v3 Authority Key Identifier:
keyid:88:93:32:A4:E2:5C:21:E8:9B:FA:43:FA:00:2D:2D:1F:0A:D7:E7:97
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911BCF8/B7078F80005411EA9ABDF51FC4F9AE02/iJMypOJcIeib-kP6AC0tHwrX55c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iJMypOJcIeib-kP6AC0tHwrX55c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BCF8/B7078F80005411EA9ABDF51FC4F9AE02/AFA9D654D9F711EEA1409D5DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.123.252.0/22
103.52.134.0/23
103.71.46.0/23
IPv6:
2403:140::/32
Signature Algorithm: sha256WithRSAEncryption
69:f3:28:e7:30:76:33:24:3d:0b:85:2e:0b:03:6f:d1:95:69:
95:b9:8d:29:fe:27:83:de:40:0a:31:68:56:ef:37:58:cf:7f:
b9:28:49:67:da:91:b9:39:04:0b:40:9e:5b:7e:89:9e:03:1d:
4f:a3:a8:23:17:a7:2f:d7:d5:45:24:53:76:b3:67:d1:bb:f8:
97:3f:64:38:ce:f8:89:6e:88:d2:2d:70:a2:ab:e6:fc:2a:28:
d4:7f:cd:89:5d:17:9d:7f:6e:9e:dc:61:39:39:5d:2a:9b:fc:
d2:7e:bb:f8:a4:06:d3:9f:1b:81:62:c3:bb:f1:70:56:0e:c6:
cc:7b:2f:7e:65:d4:ed:79:88:a5:c7:8e:08:5b:3e:f2:a1:df:
28:be:37:68:67:44:f0:f7:42:64:fd:a6:01:15:e8:64:43:8c:
68:d9:46:0d:81:d3:70:bb:ca:6d:49:34:50:27:3a:85:8a:91:
a5:65:8f:f2:4d:e7:38:c0:b9:24:2e:25:68:e2:a8:66:79:e3:
bd:23:92:ed:a8:b3:d4:4f:63:16:42:d3:41:8a:ed:66:91:0f:
16:fc:30:62:9f:b9:64:86:93:24:77:59:01:ee:66:74:2f:81:
40:96:72:eb:24:c5:bf:d1:d4:75:67:77:93:f7:81:c2:70:64:
60:0f:3f:46
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICDFAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUJDRjgxMTAvBgNVBAUTKDg4OTMzMkE0RTI1QzIxRTg5QkZBNDNGQTAwMkQyRDFG
MEFEN0U3OTcwHhcNMjUwMzIwMTgyNzU3WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RjNWUyYy1iNWU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9PdgW/MIM+SJdP4RVY0pe0aS8vF6Kdau0d7jSyTzEoE0mAu4yxl3BqSBPVQv
WxV6B91kWsWalCD6zILd+itc7jF/7BG3qcAj8oKh7dBLWfvtNgd42DVx8XARbyU4
/OuoX9TzLJFrYuEejTWUhB88BFopLFPTvneUltlUHn9+laShmsLfZ6zjLRqOvviQ
LLX79w72Ap/RKrjGXvP1Ar93zX7quWEcx/H2hkG9QxtG5BZ+w4aO7H4TP0wmEEHk
3GvVUj7zakXl1pigw2Zv1KaX/0STnpvoRwyQeI1uISqpL+WGh/T7+wQrqDDFQQdg
7ONet5bVaT7QCcKRfBVwxc+t1wIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFDg9yJL8
AUHVbj8/WflMFfhvpVa4MB8GA1UdIwQYMBaAFIiTMqTiXCHom/pD+gAtLR8K1+eX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkNGOC9CNzA3OEY4MDAw
NTQxMUVBOUFCREY1MUZDNEY5QUUwMi9pSk15cE9KY0llaWIta1A2QUMwdEh3clg1
NWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lKTXlwT0pjSWVpYi1rUDZBQzB0SHdyWDU1Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUJDRjgvQjcwNzhGODAwMDU0MTFFQTlBQkRGNTFGQzRGOUFFMDIvQUZBOUQ2NTRE
OUY3MTFFRUExNDA5RDVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAIbe/wDBAFnNIYDBAFnRy4wDQQCAAIwBwMFACQDAUAwDQYJ
KoZIhvcNAQELBQADggEBAGnzKOcwdjMkPQuFLgsDb9GVaZW5jSn+J4PeQAoxaFbv
N1jPf7koSWfakbk5BAtAnlt+iZ4DHU+jqCMXpy/X1UUkU3azZ9G7+Jc/ZDjO+Ilu
iNItcKKr5vwqKNR/zYldF51/bp7cYTk5XSqb/NJ+u/ikBtOfG4Fiw7vxcFYOxsx7
L35l1O15iKXHjghbPvKh3yi+N2hnRPD3QmT9pgEV6GRDjGjZRg2B03C7ym1JNFAn
OoWKkaVlj/JN5zjAuSQuJWjiqGZ5470jku2os9RPYxZC00GK7WaRDxb8MGKfuWSG
kyR3WQHuZnQvgUCWcuskxb/R1HVnd5P3gcJwZGAPP0Y=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:18:28 2025 by rpki-client