Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/B5B4AB0839DA11EF9ECCF886C4F9AE02.roa
File: B5B4AB0839DA11EF9ECCF886C4F9AE02.roa (raw, json)
Hash identifier: 3pO0l/yUtX7x2D/AxqjrC/P01Kg4CqMSxw9LDwoutV8=
Subject key identifier: C0:47:D7:F2:E3:BC:E6:CF:22:2D:CE:2A:20:91:A7:B4:C9:F8:4A:65
Certificate issuer: /CN=A91402DC/serialNumber=C2B9F5F3C68C576727239B92A93B36297D1B1653
Certificate serial: 12F7
Authority key identifier: C2:B9:F5:F3:C6:8C:57:67:27:23:9B:92:A9:3B:36:29:7D:1B:16:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/B5B4AB0839DA11EF9ECCF886C4F9AE02.roa
Signing time: Thu 17 Apr 2025 04:51:43 +0000
ROA not before: Thu 17 Apr 2025 04:51:43 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 138345
IP address blocks: 27.54.32.0/22 maxlen: 22
27.54.37.0/24 maxlen: 24
101.127.200.0/22 maxlen: 22
101.127.204.0/23 maxlen: 23
113.10.64.0/18 maxlen: 24
117.20.128.0/23 maxlen: 24
117.20.130.0/23 maxlen: 24
117.20.140.0/22 maxlen: 24
117.20.144.0/22 maxlen: 24
117.20.150.0/23 maxlen: 24
117.20.152.0/23 maxlen: 24
117.20.154.0/24 maxlen: 24
117.20.160.0/19 maxlen: 24
122.11.150.0/23 maxlen: 23
122.11.152.0/21 maxlen: 21
122.11.169.0/24 maxlen: 24
122.11.170.0/23 maxlen: 23
122.11.172.0/24 maxlen: 24
122.11.197.0/24 maxlen: 24
122.11.212.0/24 maxlen: 24
122.11.213.0/24 maxlen: 24
122.11.214.0/24 maxlen: 24
122.11.215.0/24 maxlen: 24
122.11.216.0/24 maxlen: 24
122.11.217.0/24 maxlen: 24
122.11.218.0/24 maxlen: 24
122.11.219.0/24 maxlen: 24
122.11.245.0/24 maxlen: 24
122.11.246.0/24 maxlen: 24
171.0.0.0/15 maxlen: 15
171.0.0.0/16 maxlen: 24
171.1.0.0/16 maxlen: 24
171.207.0.0/16 maxlen: 24
203.116.107.0/24 maxlen: 24
203.116.116.0/24 maxlen: 24
203.116.119.0/24 maxlen: 24
203.116.181.0/24 maxlen: 24
203.117.40.0/23 maxlen: 23
203.117.245.0/24 maxlen: 24
203.117.246.0/24 maxlen: 24
203.117.247.0/24 maxlen: 24
203.117.248.0/22 maxlen: 22
203.117.252.0/24 maxlen: 24
203.117.253.0/24 maxlen: 24
2406:3000:5a::/48 maxlen: 56
2406:3000:5b::/48 maxlen: 56
2406:3000:5c::/48 maxlen: 56
2406:3000:5d::/48 maxlen: 56
2406:3000:202::/47 maxlen: 48
2406:3000:204::/46 maxlen: 46
2406:3000:204::/48 maxlen: 48
2406:3000:205::/48 maxlen: 48
2406:3000:206::/48 maxlen: 48
2406:3000:207::/48 maxlen: 48
2406:3000:208::/47 maxlen: 48
2406:3000:20a::/47 maxlen: 48
2406:3000:20c::/46 maxlen: 46
2406:3000:20c::/48 maxlen: 48
2406:3000:20d::/48 maxlen: 48
2406:3000:20e::/48 maxlen: 48
2406:3000:20f::/48 maxlen: 48
2406:3000:210::/47 maxlen: 48
2406:3000:212::/48 maxlen: 48
2406:3000:213::/48 maxlen: 48
2406:3000:214::/48 maxlen: 48
2406:3002:40::/48 maxlen: 56
2406:3002:50::/48 maxlen: 56
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.crl
rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 01 May 2025 17:14:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4855 (0x12f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91402DC, serialNumber=C2B9F5F3C68C576727239B92A93B36297D1B1653
Validity
Not Before: Apr 17 04:51:43 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=680088df-ff4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:3f:c0:ca:37:94:90:b0:a6:62:3c:3a:69:2b:
ae:75:ff:a1:3a:10:ad:96:60:ee:91:e3:fe:32:da:
e4:f6:eb:40:8b:99:92:46:23:1d:37:09:f0:df:33:
b6:b1:40:1f:c4:a7:2a:c6:2f:93:24:cf:15:3e:62:
03:42:46:b2:1b:5c:48:0c:e2:ee:20:3d:45:ad:81:
4b:7a:65:0a:29:b6:1f:e7:1e:05:20:f7:f1:fd:58:
b6:9e:5b:e8:8d:d6:7c:7c:4e:fd:70:00:56:22:9e:
19:85:5f:32:a2:33:58:5d:8b:65:c9:70:04:d1:6d:
ff:d5:61:67:93:6a:82:84:d0:64:32:1b:d7:42:38:
65:af:6d:32:ea:f3:34:f7:6a:a5:43:f9:03:f5:20:
30:4e:b2:84:38:55:b7:51:0e:8c:f4:26:f1:89:ea:
70:dc:01:3d:b5:84:78:3e:8c:00:b7:14:1a:64:9f:
d7:f4:d5:35:67:a8:a4:fe:36:ff:26:80:56:8c:7e:
c8:e4:f1:87:21:f4:28:37:03:98:48:a4:8d:44:a8:
92:81:37:7c:c5:70:ad:63:80:55:30:7e:c2:c5:1d:
2a:d1:2a:f6:9e:6b:71:c0:5e:69:2e:d8:01:1e:87:
ad:7d:60:50:99:a2:43:21:58:61:1a:f5:59:2f:ca:
e4:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:47:D7:F2:E3:BC:E6:CF:22:2D:CE:2A:20:91:A7:B4:C9:F8:4A:65
X509v3 Authority Key Identifier:
keyid:C2:B9:F5:F3:C6:8C:57:67:27:23:9B:92:A9:3B:36:29:7D:1B:16:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/B5B4AB0839DA11EF9ECCF886C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.54.32.0/22
27.54.37.0/24
101.127.200.0-101.127.205.255
113.10.64.0/18
117.20.128.0/22
117.20.140.0-117.20.147.255
117.20.150.0-117.20.154.255
117.20.160.0/19
122.11.150.0-122.11.159.255
122.11.169.0-122.11.172.255
122.11.197.0/24
122.11.212.0-122.11.219.255
122.11.245.0-122.11.246.255
171.0.0.0/15
171.207.0.0/16
203.116.107.0/24
203.116.116.0/24
203.116.119.0/24
203.116.181.0/24
203.117.40.0/23
203.117.245.0-203.117.253.255
IPv6:
2406:3000:5a::-2406:3000:5d:ffff:ffff:ffff:ffff:ffff
2406:3000:202::-2406:3000:214:ffff:ffff:ffff:ffff:ffff
2406:3002:40::/48
2406:3002:50::/48
Signature Algorithm: sha256WithRSAEncryption
63:d0:ad:57:3e:9f:fc:11:e9:ab:d7:de:c0:8c:66:57:b0:4f:
36:8b:6c:dd:6d:ae:f3:d3:51:8e:c8:1f:54:26:4e:3e:e7:71:
9b:d3:61:6c:e4:14:0a:66:5d:1e:67:45:29:9c:a5:60:11:92:
f1:69:b1:d8:5a:75:5d:01:16:96:8e:19:d0:76:55:30:a4:9c:
8d:5f:6b:ff:b6:82:b7:c5:fd:4c:ab:5e:15:f5:6f:d2:d6:df:
6d:0e:7e:6d:1e:1b:f3:3c:a6:2c:bc:97:6a:9c:94:73:6a:7c:
03:94:c1:3d:8c:ed:d5:e5:c8:07:a7:b5:64:6c:d0:83:65:a2:
cf:d8:38:4f:48:e5:61:84:9c:45:f1:7e:f8:4f:11:1e:ce:4a:
64:74:24:4e:1d:9c:a7:a0:b2:27:09:01:91:ea:df:4d:5c:60:
50:c5:3c:57:9f:5f:b5:36:6d:ac:cb:7f:f9:90:80:ba:eb:a5:
36:57:33:31:ed:b3:6f:e4:0b:43:b9:3a:50:75:e3:88:0e:f3:
ee:83:8a:d4:3f:69:66:24:97:96:39:fe:64:66:77:43:71:4d:
9b:fc:5f:e2:86:05:b8:00:38:f6:16:8d:7b:4e:42:9e:8e:d7:
6e:85:c7:50:a9:ed:47:3b:ec:1b:57:72:c5:2b:69:e7:b8:ed:
a5:95:9a:35
-----BEGIN CERTIFICATE-----
MIIGcTCCBVmgAwIBAgICEvcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDAyREMxMTAvBgNVBAUTKEMyQjlGNUYzQzY4QzU3NjcyNzIzOUI5MkE5M0IzNjI5
N0QxQjE2NTMwHhcNMjUwNDE3MDQ1MTQzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODAwODhkZi1mZjRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3T/AyjeUkLCmYjw6aSuudf+hOhCtlmDukeP+Mtrk9utAi5mSRiMdNwnw3zO2
sUAfxKcqxi+TJM8VPmIDQkayG1xIDOLuID1FrYFLemUKKbYf5x4FIPfx/Vi2nlvo
jdZ8fE79cABWIp4ZhV8yojNYXYtlyXAE0W3/1WFnk2qChNBkMhvXQjhlr20y6vM0
92qlQ/kD9SAwTrKEOFW3UQ6M9Cbxiepw3AE9tYR4PowAtxQaZJ/X9NU1Z6ik/jb/
JoBWjH7I5PGHIfQoNwOYSKSNRKiSgTd8xXCtY4BVMH7CxR0q0Sr2nmtxwF5pLtgB
HoetfWBQmaJDIVhhGvVZL8rkgQIDAQABo4IDlTCCA5EwHQYDVR0OBBYEFMBH1/Lj
vObPIi3OKiCRp7TJ+EplMB8GA1UdIwQYMBaAFMK59fPGjFdnJyObkqk7Nil9GxZT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDJEQy8yRDUxQUY0MkZE
M0UxMUU4ODhDNTM5NDRDNEY5QUUwMi93cm4xODhhTVYyY25JNXVTcVRzMktYMGJG
bE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dybjE4OGFNVjJjbkk1dVNxVHMyS1gwYkZsTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDAyREMvMkQ1MUFGNDJGRDNFMTFFODg4QzUzOTQ0QzRGOUFFMDIvQjVCNEFCMDgz
OURBMTFFRjlFQ0NGODg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEdBggrBgEFBQcBBwEB
/wSCAQwwggEIMIHDBAIAATCBvAMEAhs2IAMEABs2JTAMAwQDZX/IAwQBZX/MAwQG
cQpAAwQCdRSAMAwDBAJ1FIwDBAJ1FJAwDAMEAXUUlgMEAHUUmgMEBXUUoDAMAwQB
eguWAwQFeguAMAwDBAB6C6kDBAB6C6wDBAB6C8UwDAMEAnoL1AMEAnoL2DAMAwQA
egv1AwQAegv2AwMBqwADAwCrzwMEAMt0awMEAMt0dAMEAMt0dwMEAMt0tQMEAct1
KDAMAwQAy3X1AwQBy3X8MEAEAgACMDowEgMHASQGMAAAWgMHASQGMAAAXDASAwcB
JAYwAAICAwcAJAYwAAIUAwcAJAYwAgBAAwcAJAYwAgBQMA0GCSqGSIb3DQEBCwUA
A4IBAQBj0K1XPp/8Eemr197AjGZXsE82i2zdba7z01GOyB9UJk4+53Gb02Fs5BQK
Zl0eZ0UpnKVgEZLxabHYWnVdARaWjhnQdlUwpJyNX2v/toK3xf1Mq14V9W/S1t9t
Dn5tHhvzPKYsvJdqnJRzanwDlME9jO3V5cgHp7VkbNCDZaLP2DhPSOVhhJxF8X74
TxEezkpkdCROHZynoLInCQGR6t9NXGBQxTxXn1+1Nm2sy3/5kIC666U2VzMx7bNv
5AtDuTpQdeOIDvPug4rUP2lmJJeWOf5kZndDcU2b/F/ihgW4ADj2Fo17TkKejtdu
hcdQqe1HO+wbV3LFK2nnuO2llZo1
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:22:43 2025 by rpki-client