Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/4ACF06E24CE111F08EB6EB2AC4F9AE02.roa
File: 4ACF06E24CE111F08EB6EB2AC4F9AE02.roa (raw, json)
Hash identifier: Efx4cvLJwgDVDbTYOOkuaG1d46gN7cwEwLt6snlfZA0=
Subject key identifier: 13:67:90:F6:5C:C5:82:1F:36:87:8A:5C:AF:42:C0:12:67:0B:ED:E3
Certificate issuer: /CN=A9139B49/serialNumber=4EE540A48AD973FBD831ABD02603B5FB0FB945BE
Certificate serial: 1887
Authority key identifier: 4E:E5:40:A4:8A:D9:73:FB:D8:31:AB:D0:26:03:B5:FB:0F:B9:45:BE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/4ACF06E24CE111F08EB6EB2AC4F9AE02.roa
Signing time: Thu 19 Jun 2025 07:44:55 +0000
ROA not before: Thu 19 Jun 2025 07:44:55 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 17911
IP address blocks: 122.129.64.0/24 maxlen: 24
122.129.66.0/24 maxlen: 24
122.129.69.0/24 maxlen: 24
122.129.72.0/24 maxlen: 24
122.129.73.0/24 maxlen: 24
122.129.74.0/24 maxlen: 24
122.129.75.0/24 maxlen: 24
122.129.76.0/24 maxlen: 24
122.129.77.0/24 maxlen: 24
122.129.78.0/24 maxlen: 24
122.129.79.0/24 maxlen: 24
122.129.80.0/24 maxlen: 24
122.129.81.0/24 maxlen: 24
122.129.82.0/24 maxlen: 24
122.129.84.0/24 maxlen: 24
122.129.85.0/24 maxlen: 24
122.129.89.0/24 maxlen: 24
122.129.90.0/24 maxlen: 24
122.129.91.0/24 maxlen: 24
122.129.92.0/24 maxlen: 24
122.129.93.0/24 maxlen: 24
122.129.94.0/24 maxlen: 24
203.128.0.0/24 maxlen: 24
203.128.1.0/24 maxlen: 24
203.128.3.0/24 maxlen: 24
203.128.4.0/24 maxlen: 24
203.128.5.0/24 maxlen: 24
203.128.6.0/24 maxlen: 24
203.128.7.0/24 maxlen: 24
203.128.8.0/24 maxlen: 24
203.128.9.0/24 maxlen: 24
203.128.11.0/24 maxlen: 24
203.128.12.0/24 maxlen: 24
203.128.13.0/24 maxlen: 24
203.128.14.0/24 maxlen: 24
203.128.15.0/24 maxlen: 24
203.128.16.0/24 maxlen: 24
203.128.17.0/24 maxlen: 24
203.128.18.0/24 maxlen: 24
203.128.19.0/24 maxlen: 24
203.128.21.0/24 maxlen: 24
203.128.22.0/24 maxlen: 24
203.128.23.0/24 maxlen: 24
203.128.25.0/24 maxlen: 24
203.128.26.0/24 maxlen: 24
203.128.27.0/24 maxlen: 24
203.128.28.0/24 maxlen: 24
203.128.31.0/24 maxlen: 24
2400:4f00::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/TuVApIrZc_vYMavQJgO1-w-5Rb4.crl
rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/TuVApIrZc_vYMavQJgO1-w-5Rb4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 26 Jun 2025 07:44:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6279 (0x1887)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139B49, serialNumber=4EE540A48AD973FBD831ABD02603B5FB0FB945BE
Validity
Not Before: Jun 19 07:44:55 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6853bff7-99a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:da:ae:4d:11:a6:3e:cb:2e:c0:7c:ea:f7:d5:
dd:80:61:ca:ab:48:fa:17:09:83:6b:d7:71:10:64:
da:d4:48:7d:54:41:b1:8c:06:2c:96:dd:ee:a0:bd:
6b:93:53:e0:66:d1:1f:15:12:16:c0:45:fb:d1:7d:
86:b6:65:c8:39:88:15:3d:d0:fd:16:47:e7:ec:a2:
e0:12:47:b8:56:e4:db:fd:45:2a:31:bc:8b:9b:5a:
49:17:59:cd:66:83:fe:8e:cc:fe:92:d7:19:ec:d3:
03:c6:ab:35:4d:a9:b1:4d:d0:3b:28:68:9f:a9:3d:
57:b4:c3:9a:1d:78:1a:21:81:11:6c:f5:14:ef:ad:
c2:91:f6:d9:1a:6b:07:b3:37:fa:43:48:ff:60:ef:
b0:2a:00:f5:2b:79:ab:c3:45:39:2d:77:0c:34:97:
f5:04:90:c5:ed:f0:ea:23:0e:4b:9c:3d:c4:79:db:
93:c9:13:6e:ea:05:45:46:43:bc:75:83:72:2d:80:
d9:37:df:4c:a6:91:96:fb:8b:7e:4a:b1:c0:b8:33:
a8:5c:c2:5e:0f:5d:32:16:a0:78:01:61:45:01:6a:
53:af:10:88:03:a4:6a:39:3f:21:38:08:e1:19:c0:
0b:d8:5e:ff:70:94:f0:c3:cc:d7:b8:02:ba:3f:cf:
a5:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:67:90:F6:5C:C5:82:1F:36:87:8A:5C:AF:42:C0:12:67:0B:ED:E3
X509v3 Authority Key Identifier:
keyid:4E:E5:40:A4:8A:D9:73:FB:D8:31:AB:D0:26:03:B5:FB:0F:B9:45:BE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/TuVApIrZc_vYMavQJgO1-w-5Rb4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/4ACF06E24CE111F08EB6EB2AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.129.64.0/24
122.129.66.0/24
122.129.69.0/24
122.129.72.0-122.129.82.255
122.129.84.0/23
122.129.89.0-122.129.94.255
203.128.0.0/23
203.128.3.0-203.128.9.255
203.128.11.0-203.128.19.255
203.128.21.0-203.128.23.255
203.128.25.0-203.128.28.255
203.128.31.0/24
IPv6:
2400:4f00::/36
Signature Algorithm: sha256WithRSAEncryption
d6:a7:fe:22:d9:8f:5e:71:86:e1:d3:8b:8f:54:8d:d6:8d:55:
8a:5d:83:7f:83:1c:ae:23:bc:50:3e:6b:e4:0c:cd:5e:2f:4f:
1d:04:52:65:ca:13:9e:b3:20:6d:2b:8c:73:e3:5e:b7:cb:cc:
59:2f:c1:37:5d:05:d1:44:28:40:35:5b:3d:9c:90:61:f6:37:
a8:4b:cc:f9:83:47:2c:e2:f0:84:66:7e:56:59:b9:70:80:00:
1b:89:28:59:15:7c:cb:e2:93:d3:86:47:b9:55:05:a1:1d:6d:
c0:70:cf:1f:a3:6b:92:b4:b5:27:b8:ed:17:5f:03:c1:69:ae:
b5:9b:00:61:7b:e1:31:a3:f1:c4:0e:0b:17:a3:b8:93:b5:47:
27:f2:77:3d:74:05:fa:b4:92:96:75:b5:42:59:e6:0a:5e:72:
5e:e7:4e:2a:1e:88:73:55:cd:17:71:95:9d:05:96:48:87:22:
92:e6:e3:23:cb:6f:92:d8:61:aa:3d:2b:47:1f:1c:4d:ce:56:
ff:cb:a8:a5:8b:63:18:a9:e5:f7:b0:42:f5:52:20:af:00:bd:
ec:3b:01:2f:6c:97:7e:dd:3e:66:b9:36:c4:34:a1:01:16:42:
ab:57:04:07:bf:b5:ea:52:f2:ea:6b:88:80:c5:f6:2b:d6:35:
92:2b:d2:8c
-----BEGIN CERTIFICATE-----
MIIF9jCCBN6gAwIBAgICGIcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzlCNDkxMTAvBgNVBAUTKDRFRTU0MEE0OEFEOTczRkJEODMxQUJEMDI2MDNCNUZC
MEZCOTQ1QkUwHhcNMjUwNjE5MDc0NDU1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODUzYmZmNy05OWE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy9quTRGmPssuwHzq99XdgGHKq0j6FwmDa9dxEGTa1Eh9VEGxjAYslt3uoL1r
k1PgZtEfFRIWwEX70X2GtmXIOYgVPdD9Fkfn7KLgEke4VuTb/UUqMbyLm1pJF1nN
ZoP+jsz+ktcZ7NMDxqs1TamxTdA7KGifqT1XtMOaHXgaIYERbPUU763CkfbZGmsH
szf6Q0j/YO+wKgD1K3mrw0U5LXcMNJf1BJDF7fDqIw5LnD3EeduTyRNu6gVFRkO8
dYNyLYDZN99MppGW+4t+SrHAuDOoXMJeD10yFqB4AWFFAWpTrxCIA6RqOT8hOAjh
GcAL2F7/cJTww8zXuAK6P8+l+wIDAQABo4IDGjCCAxYwHQYDVR0OBBYEFBNnkPZc
xYIfNoeKXK9CwBJnC+3jMB8GA1UdIwQYMBaAFE7lQKSK2XP72DGr0CYDtfsPuUW+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOUI0OS8wNzgwQjk5MEM5
RjgxMUU3OUVGMTIwMDlDNEY5QUUwMi9UdVZBcElyWmNfdllNYXZRSmdPMS13LTVS
YjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1R1VkFwSXJaY192WU1hdlFKZ08xLXctNVJiNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzlCNDkvMDc4MEI5OTBDOUY4MTFFNzlFRjEyMDA5QzRGOUFFMDIvNEFDRjA2RTI0
Q0UxMTFGMDhFQjZFQjJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaMGCCsGAQUFBwEHAQH/
BIGTMIGQMH4EAgABMHgDBAB6gUADBAB6gUIDBAB6gUUwDAMEA3qBSAMEAHqBUgME
AXqBVDAMAwQAeoFZAwQAeoFeAwQBy4AAMAwDBADLgAMDBAHLgAgwDAMEAMuACwME
AsuAEDAMAwQAy4AVAwQDy4AQMAwDBADLgBkDBADLgBwDBADLgB8wDgQCAAIwCAMG
BCQATwAAMA0GCSqGSIb3DQEBCwUAA4IBAQDWp/4i2Y9ecYbh04uPVI3WjVWKXYN/
gxyuI7xQPmvkDM1eL08dBFJlyhOesyBtK4xz4163y8xZL8E3XQXRRChANVs9nJBh
9jeoS8z5g0cs4vCEZn5WWblwgAAbiShZFXzL4pPThke5VQWhHW3AcM8fo2uStLUn
uO0XXwPBaa61mwBhe+Exo/HEDgsXo7iTtUcn8nc9dAX6tJKWdbVCWeYKXnJe504q
HohzVc0XcZWdBZZIhyKS5uMjy2+S2GGqPStHHxxNzlb/y6ili2MYqeX3sEL1UiCv
AL3sOwEvbJd+3T5muTbENKEBFkKrVwQHv7XqUvLqa4iAxfYr1jWSK9KM
-----END CERTIFICATE-----
Generated at Fri Jun 20 12:14:55 2025 by rpki-client