Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/65EED7943BB711F0AD49434CC4F9AE02.roa
File: 65EED7943BB711F0AD49434CC4F9AE02.roa (raw, json)
Hash identifier: bXCcYz5WUzXP1x56wMDeUhuzn+CtJahnNgctsC79cCY=
Subject key identifier: D1:04:67:97:40:CF:3E:C5:EF:69:47:8E:92:E9:13:43:E3:6F:9F:62
Certificate issuer: /CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Certificate serial: 1EF3
Authority key identifier: AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/65EED7943BB711F0AD49434CC4F9AE02.roa
Signing time: Fri 06 Jun 2025 06:52:03 +0000
ROA not before: Fri 06 Jun 2025 06:52:03 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 4809
IP address blocks: 27.148.248.0/21 maxlen: 21
58.43.192.0/18 maxlen: 18
58.43.192.0/22 maxlen: 22
58.49.108.0/24 maxlen: 24
59.43.0.0/16 maxlen: 16
59.60.0.0/20 maxlen: 24
59.173.248.0/24 maxlen: 24
106.122.216.0/21 maxlen: 21
116.211.0.0/18 maxlen: 24
116.248.192.0/18 maxlen: 24
117.28.224.0/19 maxlen: 24
117.38.0.0/16 maxlen: 16
117.38.0.0/18 maxlen: 18
117.38.64.0/20 maxlen: 20
117.38.80.0/20 maxlen: 20
117.38.96.0/20 maxlen: 20
117.41.0.0/17 maxlen: 17
117.41.0.0/19 maxlen: 20
117.41.32.0/20 maxlen: 20
117.41.48.0/20 maxlen: 20
117.41.64.0/20 maxlen: 20
117.41.80.0/20 maxlen: 20
117.41.96.0/20 maxlen: 20
117.41.112.0/20 maxlen: 20
117.62.8.0/22 maxlen: 22
117.62.12.0/22 maxlen: 22
117.62.24.0/21 maxlen: 21
117.62.32.0/22 maxlen: 22
118.85.98.68/30 maxlen: 30
118.85.105.16/28 maxlen: 28
118.85.105.32/28 maxlen: 28
118.85.105.48/28 maxlen: 28
118.85.112.164/30 maxlen: 30
118.85.116.0/22 maxlen: 22
120.41.108.0/24 maxlen: 24
120.41.117.0/24 maxlen: 24
120.88.8.0/21 maxlen: 21
121.59.2.0/24 maxlen: 24
121.59.4.0/24 maxlen: 24
121.59.8.0/24 maxlen: 24
121.59.9.0/24 maxlen: 24
121.59.29.0/24 maxlen: 24
121.59.30.0/24 maxlen: 24
121.59.31.0/24 maxlen: 24
121.59.32.0/22 maxlen: 24
121.59.37.0/24 maxlen: 24
121.59.38.0/24 maxlen: 24
121.59.100.0/23 maxlen: 24
121.59.104.0/24 maxlen: 24
121.59.106.0/24 maxlen: 24
121.59.107.0/24 maxlen: 24
121.59.109.0/24 maxlen: 24
121.59.110.0/24 maxlen: 24
121.59.120.0/22 maxlen: 24
121.59.124.0/23 maxlen: 24
121.59.128.0/24 maxlen: 24
121.59.140.0/24 maxlen: 24
121.59.142.0/24 maxlen: 24
121.59.143.0/24 maxlen: 24
121.59.144.0/24 maxlen: 24
121.59.146.0/24 maxlen: 24
121.59.147.0/24 maxlen: 24
121.59.151.0/24 maxlen: 24
121.59.152.0/24 maxlen: 24
121.59.153.0/24 maxlen: 24
121.207.128.0/21 maxlen: 21
122.225.128.0/22 maxlen: 22
123.151.192.0/18 maxlen: 18
123.178.0.0/20 maxlen: 20
124.119.240.0/20 maxlen: 20
124.119.240.0/21 maxlen: 24
124.119.248.0/22 maxlen: 24
124.119.252.0/22 maxlen: 24
124.224.200.0/22 maxlen: 22
124.227.64.0/23 maxlen: 23
124.227.66.0/23 maxlen: 23
124.233.0.0/19 maxlen: 19
124.233.32.0/19 maxlen: 19
124.233.64.0/18 maxlen: 18
124.233.128.0/18 maxlen: 18
124.233.192.0/20 maxlen: 20
124.233.208.0/20 maxlen: 20
124.233.224.0/21 maxlen: 21
124.233.232.0/21 maxlen: 21
124.233.240.0/20 maxlen: 20
125.69.72.0/21 maxlen: 21
125.69.224.0/19 maxlen: 20
125.76.0.0/19 maxlen: 20
202.67.3.0/24 maxlen: 24
202.111.192.0/20 maxlen: 20
202.111.208.0/20 maxlen: 20
203.12.200.0/24 maxlen: 24
203.12.201.0/24 maxlen: 24
203.12.202.0/24 maxlen: 24
203.12.203.0/24 maxlen: 24
203.20.136.0/24 maxlen: 24
203.20.137.0/24 maxlen: 24
203.20.138.0/24 maxlen: 24
203.20.139.0/24 maxlen: 24
203.25.52.0/24 maxlen: 24
203.86.112.0/24 maxlen: 24
203.89.8.0/23 maxlen: 24
203.100.52.0/24 maxlen: 24
203.129.8.0/24 maxlen: 24
203.196.8.0/24 maxlen: 24
203.196.9.0/24 maxlen: 24
203.196.10.0/24 maxlen: 24
203.196.11.0/24 maxlen: 24
203.196.15.0/24 maxlen: 24
210.48.136.0/22 maxlen: 24
210.48.140.0/22 maxlen: 22
210.48.143.0/24 maxlen: 24
218.30.39.0/24 maxlen: 24
218.30.62.0/23 maxlen: 23
218.30.63.0/24 maxlen: 24
218.30.165.0/24 maxlen: 24
218.185.241.0/24 maxlen: 24
218.185.243.0/24 maxlen: 24
220.182.40.0/23 maxlen: 23
220.191.160.0/19 maxlen: 19
221.231.12.0/24 maxlen: 24
222.87.208.0/22 maxlen: 22
222.92.1.0/24 maxlen: 24
2402:8800::/32 maxlen: 35
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 25 Jun 2025 16:19:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7923 (0x1ef3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE4, serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Validity
Not Before: Jun 6 06:52:03 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=68429013-2f1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ac:2a:e6:bb:a4:93:f7:90:c6:a5:8f:39:93:
47:4c:bf:15:e6:89:58:87:60:24:00:49:84:2a:f1:
05:81:9b:95:b7:29:33:de:96:6e:21:0d:2e:00:24:
0c:0e:be:49:bf:fb:5d:04:05:4c:53:1e:bd:6e:73:
57:04:dd:03:06:b4:ab:25:ee:5a:4a:37:b5:0d:12:
61:e8:cb:c4:48:b5:d1:46:b5:46:5a:9f:d4:33:1d:
73:5d:68:be:ff:ac:64:37:af:d6:e0:a2:1f:18:b7:
87:8a:1f:e4:9d:18:2b:ff:17:a9:61:21:2c:91:f1:
c8:b7:ad:06:30:9f:86:eb:a8:48:0a:05:b2:14:59:
c5:06:7e:59:44:52:e5:1a:08:c4:6a:9b:5d:df:75:
6a:81:8d:e3:f5:75:ab:13:7b:36:46:49:c9:60:36:
f0:2d:22:bd:c3:ab:65:e5:3b:ee:83:c0:f3:d0:59:
02:0a:65:e7:f4:c3:c7:13:1f:c1:fe:a8:05:e9:f2:
65:b7:25:9a:3d:0c:75:28:e1:59:b1:6b:19:9f:aa:
20:e9:d3:80:ce:40:be:d4:8e:70:80:2c:3a:a3:38:
28:ae:76:25:ed:31:ad:dc:64:0e:7c:2b:f8:75:ad:
d7:5c:5e:6b:66:5b:50:41:aa:1a:33:5c:96:f5:f6:
9d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:04:67:97:40:CF:3E:C5:EF:69:47:8E:92:E9:13:43:E3:6F:9F:62
X509v3 Authority Key Identifier:
keyid:AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/65EED7943BB711F0AD49434CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.148.248.0/21
58.43.192.0/18
58.49.108.0/24
59.43.0.0/16
59.60.0.0/20
59.173.248.0/24
106.122.216.0/21
116.211.0.0/18
116.248.192.0/18
117.28.224.0/19
117.38.0.0/16
117.41.0.0/17
117.62.8.0/21
117.62.24.0-117.62.35.255
118.85.98.68/30
118.85.105.16-118.85.105.63
118.85.112.164/30
118.85.116.0/22
120.41.108.0/24
120.41.117.0/24
120.88.8.0/21
121.59.2.0/24
121.59.4.0/24
121.59.8.0/23
121.59.29.0-121.59.35.255
121.59.37.0-121.59.38.255
121.59.100.0/23
121.59.104.0/24
121.59.106.0/23
121.59.109.0-121.59.110.255
121.59.120.0-121.59.125.255
121.59.128.0/24
121.59.140.0/24
121.59.142.0-121.59.144.255
121.59.146.0/23
121.59.151.0-121.59.153.255
121.207.128.0/21
122.225.128.0/22
123.151.192.0/18
123.178.0.0/20
124.119.240.0/20
124.224.200.0/22
124.227.64.0/22
124.233.0.0/16
125.69.72.0/21
125.69.224.0/19
125.76.0.0/19
202.67.3.0/24
202.111.192.0/19
203.12.200.0/22
203.20.136.0/22
203.25.52.0/24
203.86.112.0/24
203.89.8.0/23
203.100.52.0/24
203.129.8.0/24
203.196.8.0/22
203.196.15.0/24
210.48.136.0/21
218.30.39.0/24
218.30.62.0/23
218.30.165.0/24
218.185.241.0/24
218.185.243.0/24
220.182.40.0/23
220.191.160.0/19
221.231.12.0/24
222.87.208.0/22
222.92.1.0/24
IPv6:
2402:8800::/32
Signature Algorithm: sha256WithRSAEncryption
6f:5e:0d:46:62:80:e5:5d:d8:55:a1:31:b1:37:46:2c:3d:d7:
f9:12:51:7a:95:e8:8f:30:45:9b:95:19:35:1a:f7:dd:d5:35:
6e:7e:f7:06:85:93:f5:af:44:c0:79:d0:b1:10:27:fb:47:7d:
cd:1d:ef:30:6a:ed:6c:9c:ba:36:95:a9:66:fe:de:2a:24:11:
a9:c9:22:5c:33:4e:92:ce:a3:b9:24:25:e0:09:69:b0:44:de:
cb:50:e4:9d:17:8b:3c:f0:90:07:e4:29:4c:4e:84:59:10:cb:
79:3f:23:52:6b:06:31:44:53:7d:fc:d9:57:a4:85:c2:f9:86:
15:03:e2:c6:7a:eb:30:77:c9:0a:2d:5b:7a:74:0d:8e:7d:6c:
ca:71:81:aa:10:b1:d5:51:be:ca:6a:2d:74:cd:56:6a:4e:bf:
24:63:3a:8c:61:30:52:61:d8:8b:1b:25:f1:df:58:47:0d:03:
ed:cc:a7:df:99:07:17:86:16:1d:b5:e2:1f:59:6e:6a:5e:62:
72:b2:ac:aa:bf:14:63:41:f8:8f:f5:bb:4e:f6:d7:f3:45:ec:
47:c1:5b:2b:93:75:df:c3:49:5b:fb:ca:7e:5e:44:22:5e:80:
55:66:e6:44:f6:16:43:01:29:01:2a:19:b5:97:47:c3:6e:98:
ce:37:b7:93
-----BEGIN CERTIFICATE-----
MIIHYzCCBkugAwIBAgICHvMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVBRTQxMTAvBgNVBAUTKEFENTZCNjcxODdBOThCQTMxNDA4NDQwNTc5N0JEOTY1
NkU4QUM4QkEwHhcNMjUwNjA2MDY1MjAzWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODQyOTAxMy0yZjFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu6wq5rukk/eQxqWPOZNHTL8V5olYh2AkAEmEKvEFgZuVtykz3pZuIQ0uACQM
Dr5Jv/tdBAVMUx69bnNXBN0DBrSrJe5aSje1DRJh6MvESLXRRrVGWp/UMx1zXWi+
/6xkN6/W4KIfGLeHih/knRgr/xepYSEskfHIt60GMJ+G66hICgWyFFnFBn5ZRFLl
GgjEaptd33VqgY3j9XWrE3s2RknJYDbwLSK9w6tl5Tvug8Dz0FkCCmXn9MPHEx/B
/qgF6fJltyWaPQx1KOFZsWsZn6og6dOAzkC+1I5wgCw6ozgornYl7TGt3GQOfCv4
da3XXF5rZltQQaoaM1yW9fad+wIDAQABo4IEhzCCBIMwHQYDVR0OBBYEFNEEZ5dA
zz7F72lHjpLpE0Pjb59iMB8GA1UdIwQYMBaAFK1WtnGHqYujFAhEBXl72WVuisi6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUFFNC82NzUzQjhBRTI1
NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi9yVmEyY1llcGk2TVVDRVFGZVh2WlpXNkt5
TG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JWYTJjWWVwaTZNVUNFUUZlWHZaWlc2S3lMby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVBRTQvNjc1M0I4QUUyNTc1MTFFN0FDMEQxNzJBQzRGOUFFMDIvNjVFRUQ3OTQz
QkI3MTFGMEFENDk0MzRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggIPBggrBgEFBQcBBwEB
/wSCAf4wggH6MIIB5wQCAAEwggHfAwQDG5T4AwQGOivAAwQAOjFsAwMAOysDBAQ7
PAADBAA7rfgDBANqetgDBAZ00wADBAZ0+MADBAV1HOADAwB1JgMEB3UpAAMEA3U+
CDAMAwQDdT4YAwQCdT4gAwUCdlViRDAOAwUEdlVpEAMFBnZVaQADBQJ2VXCkAwQC
dlV0AwQAeClsAwQAeCl1AwQDeFgIAwQAeTsCAwQAeTsEAwQBeTsIMAwDBAB5Ox0D
BAJ5OyAwDAMEAHk7JQMEAHk7JgMEAXk7ZAMEAHk7aAMEAXk7ajAMAwQAeTttAwQA
eTtuMAwDBAN5O3gDBAF5O3wDBAB5O4ADBAB5O4wwDAMEAXk7jgMEAHk7kAMEAXk7
kjAMAwQAeTuXAwQBeTuYAwQDec+AAwQCeuGAAwQGe5fAAwQEe7IAAwQEfHfwAwQC
fODIAwQCfONAAwMAfOkDBAN9RUgDBAV9ReADBAV9TAADBADKQwMDBAXKb8ADBALL
DMgDBALLFIgDBADLGTQDBADLVnADBAHLWQgDBADLZDQDBADLgQgDBALLxAgDBADL
xA8DBAPSMIgDBADaHicDBAHaHj4DBADaHqUDBADaufEDBADaufMDBAHctigDBAXc
v6ADBADd5wwDBALeV9ADBADeXAEwDQQCAAIwBwMFACQCiAAwDQYJKoZIhvcNAQEL
BQADggEBAG9eDUZigOVd2FWhMbE3Riw91/kSUXqV6I8wRZuVGTUa993VNW5+9waF
k/WvRMB50LEQJ/tHfc0d7zBq7WycujaVqWb+3iokEanJIlwzTpLOo7kkJeAJabBE
3stQ5J0XizzwkAfkKUxOhFkQy3k/I1JrBjFEU3382VekhcL5hhUD4sZ66zB3yQot
W3p0DY59bMpxgaoQsdVRvspqLXTNVmpOvyRjOoxhMFJh2IsbJfHfWEcNA+3Mp9+Z
BxeGFh214h9ZbmpeYnKyrKq/FGNB+I/1u0721/NF7EfBWyuTdd/DSVv7yn5eRCJe
gFVm5kT2FkMBKQEqGbWXR8NumM43t5M=
-----END CERTIFICATE-----
Generated at Fri Jun 20 11:38:48 2025 by rpki-client