Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912FAB9/938A70E495CD11E6BF4A8232C4F9AE02/AE5C97A8AFB711E79FACFF11C4F9AE02.roa
File: AE5C97A8AFB711E79FACFF11C4F9AE02.roa (raw, json)
Hash identifier: UCPIk7PqTNU3ro9Psv5YDODZfhBpvATekxfIDIhqyNU=
Subject key identifier: D2:72:D9:0A:7D:1C:FB:D5:71:59:F7:A5:EB:B7:26:74:4A:62:E2:02
Certificate issuer: /CN=A912FAB9/serialNumber=349C09E99CA806E335915735CF972A1BF864A6C3
Certificate serial: 1DD7
Authority key identifier: 34:9C:09:E9:9C:A8:06:E3:35:91:57:35:CF:97:2A:1B:F8:64:A6:C3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJwJ6ZyoBuM1kVc1z5cqG_hkpsM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912FAB9/938A70E495CD11E6BF4A8232C4F9AE02/AE5C97A8AFB711E79FACFF11C4F9AE02.roa
Signing time: Fri 06 Jun 2025 16:35:18 +0000
ROA not before: Fri 06 Jun 2025 16:35:18 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 10226
IP address blocks: 43.252.244.0/22 maxlen: 24
101.78.8.0/21 maxlen: 21
101.78.8.0/21 maxlen: 24
101.78.8.0/24 maxlen: 24
101.78.9.0/24 maxlen: 24
101.78.10.0/24 maxlen: 24
101.78.11.0/24 maxlen: 24
101.78.12.0/24 maxlen: 24
101.78.13.0/24 maxlen: 24
101.78.14.0/24 maxlen: 24
101.78.15.0/24 maxlen: 24
103.13.88.0/22 maxlen: 22
103.13.88.0/22 maxlen: 24
103.13.88.0/24 maxlen: 24
103.13.89.0/24 maxlen: 24
103.13.90.0/24 maxlen: 24
103.13.91.0/24 maxlen: 24
114.129.24.0/21 maxlen: 21
114.129.24.0/21 maxlen: 24
114.129.24.0/24 maxlen: 24
114.129.25.0/24 maxlen: 24
114.129.26.0/24 maxlen: 24
114.129.27.0/24 maxlen: 24
114.129.28.0/22 maxlen: 22
114.129.28.0/24 maxlen: 24
114.129.29.0/24 maxlen: 24
114.129.30.0/24 maxlen: 24
114.129.31.0/24 maxlen: 24
202.62.96.0/20 maxlen: 24
202.62.96.0/24 maxlen: 24
202.62.97.0/24 maxlen: 24
202.62.98.0/24 maxlen: 24
202.62.99.0/24 maxlen: 24
202.62.100.0/24 maxlen: 24
202.62.101.0/24 maxlen: 24
202.62.102.0/24 maxlen: 24
202.62.103.0/24 maxlen: 24
202.62.104.0/24 maxlen: 24
202.62.105.0/24 maxlen: 24
202.62.106.0/24 maxlen: 24
202.62.107.0/24 maxlen: 24
202.62.108.0/24 maxlen: 24
202.62.109.0/24 maxlen: 24
202.62.110.0/24 maxlen: 24
202.62.111.0/24 maxlen: 24
2404:2e00::/32 maxlen: 32
2404:2e00::/48 maxlen: 48
2404:2e00:1::/48 maxlen: 48
2404:2e00:2::/48 maxlen: 48
2404:2e00:3::/48 maxlen: 48
2404:2e00:4::/48 maxlen: 48
2404:2e00:5::/48 maxlen: 48
2404:2e00:6::/48 maxlen: 48
2404:2e00:7::/48 maxlen: 48
2404:2e00:8::/48 maxlen: 48
2404:2e00:9::/48 maxlen: 48
2404:2e00:a::/48 maxlen: 48
2404:2e00:b::/48 maxlen: 48
2404:2e00:c::/48 maxlen: 48
2404:2e00:d::/48 maxlen: 48
2404:2e00:e::/48 maxlen: 48
2404:2e00:f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A912FAB9/938A70E495CD11E6BF4A8232C4F9AE02/NJwJ6ZyoBuM1kVc1z5cqG_hkpsM.crl
rsync://rpki.apnic.net/member_repository/A912FAB9/938A70E495CD11E6BF4A8232C4F9AE02/NJwJ6ZyoBuM1kVc1z5cqG_hkpsM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJwJ6ZyoBuM1kVc1z5cqG_hkpsM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 21 Jun 2025 16:04:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7639 (0x1dd7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912FAB9, serialNumber=349C09E99CA806E335915735CF972A1BF864A6C3
Validity
Not Before: Jun 6 16:35:18 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=684318c5-9a32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:7d:c2:bd:d7:74:7c:39:ab:e1:2b:42:6a:a2:
44:e7:88:9f:1b:a4:56:47:03:d7:ab:c6:73:91:6c:
1b:9d:8c:53:34:33:e0:7a:73:9c:84:c1:6d:3d:6f:
39:56:88:70:c6:0d:68:08:e4:38:dd:ec:a7:02:fa:
d8:01:b0:44:11:1e:6b:9f:74:7b:c9:ab:06:94:61:
44:3d:62:32:4f:ef:d3:0a:d2:0a:dd:72:59:50:7d:
fc:26:40:d0:98:b4:d8:c1:8c:c1:e5:4d:84:b8:6b:
59:4b:5b:61:83:ba:f0:11:26:1e:d1:82:19:a9:37:
30:2b:63:44:8b:f7:e1:1a:d3:cd:ee:90:9f:e7:cc:
f0:07:b9:51:34:e5:dc:5c:34:8c:f4:fe:22:37:8b:
23:ff:48:31:12:cd:6e:f7:55:21:46:47:00:b9:34:
d8:23:91:ad:42:f1:e0:77:06:9d:ef:7b:3c:1f:fb:
a2:11:ca:df:e2:84:3c:04:77:73:a7:dd:58:f8:dc:
26:2f:59:b8:50:c1:ab:4a:02:86:4d:e9:52:fd:ed:
af:18:78:34:0a:bd:50:9b:9f:14:1e:3f:9b:a8:f8:
75:c1:02:43:8d:51:fe:75:5c:25:4e:35:0b:83:0e:
4f:47:ad:49:3c:9c:65:66:85:46:b9:a6:f9:1b:4b:
63:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:72:D9:0A:7D:1C:FB:D5:71:59:F7:A5:EB:B7:26:74:4A:62:E2:02
X509v3 Authority Key Identifier:
keyid:34:9C:09:E9:9C:A8:06:E3:35:91:57:35:CF:97:2A:1B:F8:64:A6:C3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912FAB9/938A70E495CD11E6BF4A8232C4F9AE02/NJwJ6ZyoBuM1kVc1z5cqG_hkpsM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJwJ6ZyoBuM1kVc1z5cqG_hkpsM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FAB9/938A70E495CD11E6BF4A8232C4F9AE02/AE5C97A8AFB711E79FACFF11C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.244.0/22
101.78.8.0/21
103.13.88.0/22
114.129.24.0/21
202.62.96.0/20
IPv6:
2404:2e00::/32
Signature Algorithm: sha256WithRSAEncryption
67:4c:eb:62:20:97:4b:d1:06:3b:dd:91:63:f5:02:a4:01:2d:
b5:23:67:ac:a0:31:45:ad:b8:fc:ef:30:75:19:f1:91:b3:0f:
58:35:fa:4f:b8:44:16:50:b6:0b:82:c6:da:3b:9c:2f:d2:f4:
ce:d1:9d:9e:3f:b4:1f:74:b3:f9:5c:10:bc:74:96:18:d3:e8:
2c:70:fd:c9:6b:cb:de:c4:43:c4:d6:57:ab:a1:f6:d0:d8:87:
06:8d:e6:03:d8:cf:05:f8:6f:e8:80:45:6d:f8:c2:9e:2a:f1:
f7:91:6e:82:2a:6d:c5:85:d3:47:c4:3a:ee:fc:45:2a:bd:58:
0f:ca:66:12:b4:f5:54:b3:1f:bd:9a:c3:bd:87:46:77:52:22:
b9:a2:ef:ea:eb:2f:ad:6f:97:1a:33:e7:ac:c0:3b:c5:90:30:
7e:72:5b:09:ba:ce:05:38:7c:87:da:f4:94:a1:fc:ce:2d:e6:
28:6d:8d:8d:89:7d:9c:dd:37:d9:97:cd:93:e9:1b:21:15:ff:
bd:85:28:72:10:74:56:30:ae:cb:61:a4:a8:57:78:b1:9e:2b:
e3:8a:a0:a6:6e:34:f1:42:ea:0b:53:01:0a:af:dd:05:f4:b9:
af:eb:66:cb:51:4d:ff:78:32:6d:eb:26:ae:e2:24:32:2c:0f:
e0:b5:46:7b
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICHdcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkZBQjkxMTAvBgNVBAUTKDM0OUMwOUU5OUNBODA2RTMzNTkxNTczNUNGOTcyQTFC
Rjg2NEE2QzMwHhcNMjUwNjA2MTYzNTE4WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODQzMThjNS05YTMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0X3Cvdd0fDmr4StCaqJE54ifG6RWRwPXq8ZzkWwbnYxTNDPgenOchMFtPW85
Vohwxg1oCOQ43eynAvrYAbBEER5rn3R7yasGlGFEPWIyT+/TCtIK3XJZUH38JkDQ
mLTYwYzB5U2EuGtZS1thg7rwESYe0YIZqTcwK2NEi/fhGtPN7pCf58zwB7lRNOXc
XDSM9P4iN4sj/0gxEs1u91UhRkcAuTTYI5GtQvHgdwad73s8H/uiEcrf4oQ8BHdz
p91Y+NwmL1m4UMGrSgKGTelS/e2vGHg0Cr1Qm58UHj+bqPh1wQJDjVH+dVwlTjUL
gw5PR61JPJxlZoVGuab5G0tjGwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFNJy2Qp9
HPvVcVn3peu3JnRKYuICMB8GA1UdIwQYMBaAFDScCemcqAbjNZFXNc+XKhv4ZKbD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkFCOS85MzhBNzBFNDk1
Q0QxMUU2QkY0QTgyMzJDNEY5QUUwMi9OSndKNlp5b0J1TTFrVmMxejVjcUdfaGtw
c00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05Kd0o2WnlvQnVNMWtWYzF6NWNxR19oa3BzTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkZBQjkvOTM4QTcwRTQ5NUNEMTFFNkJGNEE4MjMyQzRGOUFFMDIvQUU1Qzk3QThB
RkI3MTFFNzlGQUNGRjExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAIr/PQDBANlTggDBAJnDVgDBANygRgDBATKPmAwDQQCAAIw
BwMFACQELgAwDQYJKoZIhvcNAQELBQADggEBAGdM62Igl0vRBjvdkWP1AqQBLbUj
Z6ygMUWtuPzvMHUZ8ZGzD1g1+k+4RBZQtguCxto7nC/S9M7RnZ4/tB90s/lcELx0
lhjT6Cxw/clry97EQ8TWV6uh9tDYhwaN5gPYzwX4b+iARW34wp4q8feRboIqbcWF
00fEOu78RSq9WA/KZhK09VSzH72aw72HRndSIrmi7+rrL61vlxoz56zAO8WQMH5y
Wwm6zgU4fIfa9JSh/M4t5ihtjY2JfZzdN9mXzZPpGyEV/72FKHIQdFYwrsthpKhX
eLGeK+OKoKZuNPFC6gtTAQqv3QX0ua/rZstRTf94Mm3rJq7iJDIsD+C1Rns=
-----END CERTIFICATE-----
Generated at Sun Jun 15 16:08:26 2025 by rpki-client