Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/B5B4AB0839DA11EF9ECCF886C4F9AE02.roa
File: B5B4AB0839DA11EF9ECCF886C4F9AE02.roa (raw, json)
Hash identifier: rHWQYZcSw3k4Ya1RWhKJg45iU72cthm5jk1Q/c6I/Z8=
Subject key identifier: 36:C6:9E:31:A5:F7:9A:2D:27:BD:16:36:CD:CD:D5:3C:F7:2E:5E:11
Certificate issuer: /CN=A91402DC/serialNumber=C2B9F5F3C68C576727239B92A93B36297D1B1653
Certificate serial: 1311
Authority key identifier: C2:B9:F5:F3:C6:8C:57:67:27:23:9B:92:A9:3B:36:29:7D:1B:16:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/B5B4AB0839DA11EF9ECCF886C4F9AE02.roa
Signing time: Tue 20 May 2025 09:44:59 +0000
ROA not before: Tue 20 May 2025 09:44:59 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 138345
IP address blocks: 27.54.32.0/22 maxlen: 22
27.54.37.0/24 maxlen: 24
101.127.200.0/22 maxlen: 22
101.127.204.0/23 maxlen: 23
113.10.64.0/18 maxlen: 24
117.20.128.0/23 maxlen: 24
117.20.130.0/23 maxlen: 24
117.20.140.0/22 maxlen: 24
117.20.144.0/22 maxlen: 24
117.20.150.0/23 maxlen: 24
117.20.152.0/23 maxlen: 24
117.20.154.0/24 maxlen: 24
117.20.160.0/19 maxlen: 24
122.11.150.0/23 maxlen: 23
122.11.152.0/21 maxlen: 21
122.11.169.0/24 maxlen: 24
122.11.170.0/23 maxlen: 23
122.11.172.0/24 maxlen: 24
122.11.197.0/24 maxlen: 24
122.11.212.0/24 maxlen: 24
122.11.213.0/24 maxlen: 24
122.11.214.0/24 maxlen: 24
122.11.215.0/24 maxlen: 24
122.11.216.0/24 maxlen: 24
122.11.217.0/24 maxlen: 24
122.11.218.0/24 maxlen: 24
122.11.219.0/24 maxlen: 24
122.11.245.0/24 maxlen: 24
122.11.246.0/24 maxlen: 24
171.0.0.0/15 maxlen: 15
171.0.0.0/16 maxlen: 24
171.1.0.0/16 maxlen: 24
171.207.0.0/16 maxlen: 24
203.116.107.0/24 maxlen: 24
203.116.116.0/24 maxlen: 24
203.116.119.0/24 maxlen: 24
203.116.181.0/24 maxlen: 24
203.117.40.0/23 maxlen: 23
203.117.245.0/24 maxlen: 24
203.117.246.0/24 maxlen: 24
203.117.247.0/24 maxlen: 24
203.117.248.0/22 maxlen: 22
203.117.252.0/24 maxlen: 24
203.117.253.0/24 maxlen: 24
2406:3000:5a::/48 maxlen: 56
2406:3000:5b::/48 maxlen: 56
2406:3000:5c::/48 maxlen: 56
2406:3000:5d::/48 maxlen: 56
2406:3000:202::/47 maxlen: 48
2406:3000:204::/46 maxlen: 46
2406:3000:204::/48 maxlen: 48
2406:3000:205::/48 maxlen: 48
2406:3000:206::/48 maxlen: 48
2406:3000:207::/48 maxlen: 48
2406:3000:208::/47 maxlen: 48
2406:3000:20a::/47 maxlen: 48
2406:3000:20c::/46 maxlen: 46
2406:3000:20c::/48 maxlen: 48
2406:3000:20d::/48 maxlen: 48
2406:3000:20e::/48 maxlen: 48
2406:3000:20f::/48 maxlen: 48
2406:3000:210::/47 maxlen: 48
2406:3000:212::/48 maxlen: 48
2406:3000:213::/48 maxlen: 48
2406:3000:214::/48 maxlen: 48
2406:3002:40::/48 maxlen: 56
2406:3002:50::/48 maxlen: 56
2406:3002:402:200::/56 maxlen: 56
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.crl
rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 21 Jun 2025 17:09:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4881 (0x1311)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91402DC, serialNumber=C2B9F5F3C68C576727239B92A93B36297D1B1653
Validity
Not Before: May 20 09:44:59 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=682c4f1b-8041
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:7d:f2:c3:6a:86:34:92:fd:39:3b:31:9f:f6:
f4:2f:29:38:0a:62:6e:b5:c6:68:d8:f1:94:33:8d:
cf:69:bb:82:fb:96:02:4f:4f:94:11:56:91:57:ac:
38:7e:27:3c:b7:2e:13:0b:7a:44:bc:e5:ac:75:5f:
5a:ce:25:69:e9:f2:20:dd:b3:39:e9:f2:f1:a0:19:
e4:b1:60:4d:68:98:1e:68:ec:ba:e9:ab:e3:d8:a5:
5a:df:fa:24:8d:88:34:32:07:6c:fd:63:88:99:11:
a8:c2:92:67:47:cb:28:db:33:68:c9:b3:1a:33:72:
b1:56:43:57:51:ec:13:b7:73:69:c6:d7:27:ab:46:
b7:a7:4f:e2:a8:5f:99:8a:5d:c6:b4:fc:19:fa:d9:
c8:bd:0c:85:40:f6:8c:50:13:89:7b:e4:bf:55:ec:
be:87:a4:3d:70:54:01:27:b6:f6:90:b7:3c:53:86:
99:7f:ef:96:14:e3:cd:ad:dc:70:1f:29:c7:c6:46:
3a:fb:45:95:70:ed:78:53:0e:d2:07:bc:de:76:59:
93:72:71:80:4b:41:b8:5d:91:7b:29:e2:21:b1:ab:
de:78:30:f9:b6:34:f5:a1:0f:e2:11:97:eb:bf:05:
79:02:f7:6d:17:b1:4a:22:cb:32:c1:15:8e:00:a5:
63:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:C6:9E:31:A5:F7:9A:2D:27:BD:16:36:CD:CD:D5:3C:F7:2E:5E:11
X509v3 Authority Key Identifier:
keyid:C2:B9:F5:F3:C6:8C:57:67:27:23:9B:92:A9:3B:36:29:7D:1B:16:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/B5B4AB0839DA11EF9ECCF886C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.54.32.0/22
27.54.37.0/24
101.127.200.0-101.127.205.255
113.10.64.0/18
117.20.128.0/22
117.20.140.0-117.20.147.255
117.20.150.0-117.20.154.255
117.20.160.0/19
122.11.150.0-122.11.159.255
122.11.169.0-122.11.172.255
122.11.197.0/24
122.11.212.0-122.11.219.255
122.11.245.0-122.11.246.255
171.0.0.0/15
171.207.0.0/16
203.116.107.0/24
203.116.116.0/24
203.116.119.0/24
203.116.181.0/24
203.117.40.0/23
203.117.245.0-203.117.253.255
IPv6:
2406:3000:5a::-2406:3000:5d:ffff:ffff:ffff:ffff:ffff
2406:3000:202::-2406:3000:214:ffff:ffff:ffff:ffff:ffff
2406:3002:40::/48
2406:3002:50::/48
2406:3002:402:200::/56
Signature Algorithm: sha256WithRSAEncryption
aa:b4:4c:82:39:79:90:2b:ac:49:5c:26:b4:1c:12:ea:11:9e:
32:0c:da:fe:b9:97:5f:4d:50:84:b5:3a:ee:94:7e:d2:5f:02:
8b:8f:b3:40:49:3d:30:4a:b5:3b:0d:2b:33:30:51:48:9a:c7:
1c:5c:a0:db:b9:6c:6d:a2:86:00:fe:52:81:2a:43:6d:91:84:
78:15:dc:59:e7:31:0c:fd:ab:46:fd:d6:96:73:50:3e:b6:1b:
f9:6c:22:9e:78:ef:d7:3e:4f:fc:eb:00:88:b1:71:9d:71:d3:
2b:70:d7:1b:ac:f6:49:c0:45:fc:29:f7:33:88:c9:45:d2:b1:
78:90:ee:2e:22:33:90:87:8e:11:4f:92:d5:9a:be:14:85:35:
01:c7:99:15:b7:c6:5e:64:2e:b5:8d:87:6b:37:52:7e:a0:a3:
c8:e0:e1:0a:43:4e:b0:33:88:00:41:eb:c3:67:60:f7:da:49:
c9:bc:cb:d5:e1:01:62:8a:c1:34:d7:c4:83:ec:8c:24:a9:61:
9c:c3:0f:b8:9c:21:fd:af:3d:b8:16:be:9b:4e:26:b0:4b:cd:
64:42:1c:6a:c4:e7:49:5f:0e:ef:b0:95:4d:49:43:3f:b3:4c:
73:4a:1e:a1:0b:ff:ed:c5:73:59:62:a1:b2:72:d4:8e:1d:cc:
01:1f:73:5b
-----BEGIN CERTIFICATE-----
MIIGezCCBWOgAwIBAgICExEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDAyREMxMTAvBgNVBAUTKEMyQjlGNUYzQzY4QzU3NjcyNzIzOUI5MkE5M0IzNjI5
N0QxQjE2NTMwHhcNMjUwNTIwMDk0NDU5WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODJjNGYxYi04MDQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzn3yw2qGNJL9OTsxn/b0Lyk4CmJutcZo2PGUM43PabuC+5YCT0+UEVaRV6w4
fic8ty4TC3pEvOWsdV9aziVp6fIg3bM56fLxoBnksWBNaJgeaOy66avj2KVa3/ok
jYg0Mgds/WOImRGowpJnR8so2zNoybMaM3KxVkNXUewTt3Npxtcnq0a3p0/iqF+Z
il3GtPwZ+tnIvQyFQPaMUBOJe+S/Vey+h6Q9cFQBJ7b2kLc8U4aZf++WFOPNrdxw
HynHxkY6+0WVcO14Uw7SB7zedlmTcnGAS0G4XZF7KeIhsaveeDD5tjT1oQ/iEZfr
vwV5AvdtF7FKIssywRWOAKVjIwIDAQABo4IDnzCCA5swHQYDVR0OBBYEFDbGnjGl
95otJ70WNs3N1Tz3Ll4RMB8GA1UdIwQYMBaAFMK59fPGjFdnJyObkqk7Nil9GxZT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDJEQy8yRDUxQUY0MkZE
M0UxMUU4ODhDNTM5NDRDNEY5QUUwMi93cm4xODhhTVYyY25JNXVTcVRzMktYMGJG
bE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dybjE4OGFNVjJjbkk1dVNxVHMyS1gwYkZsTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDAyREMvMkQ1MUFGNDJGRDNFMTFFODg4QzUzOTQ0QzRGOUFFMDIvQjVCNEFCMDgz
OURBMTFFRjlFQ0NGODg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEnBggrBgEFBQcBBwEB
/wSCARYwggESMIHDBAIAATCBvAMEAhs2IAMEABs2JTAMAwQDZX/IAwQBZX/MAwQG
cQpAAwQCdRSAMAwDBAJ1FIwDBAJ1FJAwDAMEAXUUlgMEAHUUmgMEBXUUoDAMAwQB
eguWAwQFeguAMAwDBAB6C6kDBAB6C6wDBAB6C8UwDAMEAnoL1AMEAnoL2DAMAwQA
egv1AwQAegv2AwMBqwADAwCrzwMEAMt0awMEAMt0dAMEAMt0dwMEAMt0tQMEAct1
KDAMAwQAy3X1AwQBy3X8MEoEAgACMEQwEgMHASQGMAAAWgMHASQGMAAAXDASAwcB
JAYwAAICAwcAJAYwAAIUAwcAJAYwAgBAAwcAJAYwAgBQAwgAJAYwAgQCAjANBgkq
hkiG9w0BAQsFAAOCAQEAqrRMgjl5kCusSVwmtBwS6hGeMgza/rmXX01QhLU67pR+
0l8Ci4+zQEk9MEq1Ow0rMzBRSJrHHFyg27lsbaKGAP5SgSpDbZGEeBXcWecxDP2r
Rv3WlnNQPrYb+Wwinnjv1z5P/OsAiLFxnXHTK3DXG6z2ScBF/Cn3M4jJRdKxeJDu
LiIzkIeOEU+S1Zq+FIU1AceZFbfGXmQutY2HazdSfqCjyODhCkNOsDOIAEHrw2dg
99pJybzL1eEBYorBNNfEg+yMJKlhnMMPuJwh/a89uBa+m04msEvNZEIcasTnSV8O
77CVTUlDP7NMc0oeoQv/7cVzWWKhsnLUjh3MAR9zWw==
-----END CERTIFICATE-----
Generated at Sun Jun 15 06:07:33 2025 by rpki-client