Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157861/34D26C88846F11E6A313C022C4F9AE02/C22F80E4D1F011EEB68A503EC4F9AE02.roa
File: C22F80E4D1F011EEB68A503EC4F9AE02.roa (raw, json)
Hash identifier: Kjjm0gZskFT6tVxY5Ur25GzEYJIZngsq5sGod6YlbMM=
Subject key identifier: 56:B6:FE:52:80:09:E0:3C:5B:F5:F5:BC:E6:DD:16:BA:4A:A7:65:61
Certificate issuer: /CN=A9157861/serialNumber=BD5F088894D9DA7565D4436143EE026C320E4A2A
Certificate serial: 1E82
Authority key identifier: BD:5F:08:88:94:D9:DA:75:65:D4:43:61:43:EE:02:6C:32:0E:4A:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vV8IiJTZ2nVl1ENhQ-4CbDIOSio.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157861/34D26C88846F11E6A313C022C4F9AE02/C22F80E4D1F011EEB68A503EC4F9AE02.roa
Signing time: Sat 02 Aug 2025 16:24:23 +0000
ROA not before: Sat 02 Aug 2025 16:24:23 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 38176
IP address blocks: 113.208.64.0/23 maxlen: 23
113.208.66.0/24 maxlen: 24
113.208.67.0/24 maxlen: 24
113.208.68.0/22 maxlen: 22
113.208.68.0/24 maxlen: 24
113.208.69.0/24 maxlen: 24
113.208.70.0/24 maxlen: 24
113.208.71.0/24 maxlen: 24
113.208.72.0/24 maxlen: 24
113.208.73.0/24 maxlen: 24
113.208.74.0/24 maxlen: 24
113.208.75.0/24 maxlen: 24
113.208.76.0/24 maxlen: 24
113.208.78.0/24 maxlen: 24
113.208.79.0/24 maxlen: 24
113.208.80.0/24 maxlen: 24
113.208.81.0/24 maxlen: 24
113.208.82.0/24 maxlen: 24
113.208.83.0/24 maxlen: 24
113.208.84.0/24 maxlen: 24
113.208.85.0/24 maxlen: 24
113.208.86.0/24 maxlen: 24
113.208.87.0/24 maxlen: 24
113.208.88.0/24 maxlen: 24
113.208.89.0/24 maxlen: 24
113.208.90.0/24 maxlen: 24
113.208.91.0/24 maxlen: 24
113.208.92.0/24 maxlen: 24
113.208.93.0/24 maxlen: 24
113.208.94.0/24 maxlen: 24
203.202.224.0/23 maxlen: 23
203.202.224.0/24 maxlen: 24
203.202.225.0/24 maxlen: 24
203.202.226.0/23 maxlen: 23
203.202.226.0/24 maxlen: 24
203.202.227.0/24 maxlen: 24
203.202.228.0/23 maxlen: 23
203.202.228.0/24 maxlen: 24
203.202.229.0/24 maxlen: 24
203.202.230.0/23 maxlen: 23
203.202.230.0/24 maxlen: 24
203.202.231.0/24 maxlen: 24
2405:1400::/34 maxlen: 34
2405:1400:4000::/34 maxlen: 34
2405:1400:8000::/34 maxlen: 34
2405:1400:c000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9157861/34D26C88846F11E6A313C022C4F9AE02/vV8IiJTZ2nVl1ENhQ-4CbDIOSio.crl
rsync://rpki.apnic.net/member_repository/A9157861/34D26C88846F11E6A313C022C4F9AE02/vV8IiJTZ2nVl1ENhQ-4CbDIOSio.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vV8IiJTZ2nVl1ENhQ-4CbDIOSio.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7810 (0x1e82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157861, serialNumber=BD5F088894D9DA7565D4436143EE026C320E4A2A
Validity
Not Before: Aug 2 16:24:23 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=688e3bb6-b4bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:7a:24:67:27:55:a6:ab:81:3a:3c:ce:29:cd:
16:f1:25:d2:52:7a:1b:71:29:e5:79:e9:22:6c:37:
fc:b5:40:24:0b:bf:f2:5a:49:61:61:75:9d:ce:9d:
84:1e:cf:9f:bc:dd:8f:f2:fa:e7:93:52:58:86:c4:
b9:d7:df:04:c3:3f:be:18:7f:f4:d2:6e:f8:11:39:
bc:8a:92:78:73:8c:31:9f:d1:36:d1:d1:c9:55:f8:
71:77:d9:9f:b4:bf:5a:40:3a:a8:1c:24:03:83:4e:
a3:d3:80:b3:9c:10:84:6e:7d:43:d4:d0:95:5d:5a:
ff:38:a0:94:f3:82:3c:7b:8b:12:76:39:64:2b:f1:
2a:5e:1c:9b:b7:07:61:ff:21:49:07:59:4f:08:4a:
d8:2f:13:6d:0b:0e:78:e4:1a:c1:86:bb:0e:66:1d:
6f:1f:d0:53:c1:3f:3c:4a:3b:50:87:9a:85:fc:64:
fb:9e:04:d3:63:2f:b5:c6:07:7b:e2:67:5c:ad:47:
c5:92:f2:c8:04:16:f3:97:7e:83:36:82:52:34:18:
b2:2f:1e:5d:d1:61:05:c1:cc:81:8f:65:3c:7e:70:
8c:e4:3e:57:0d:73:57:ef:ee:72:6e:63:d5:b7:e0:
84:3b:9b:0a:4f:8d:73:0d:45:4e:48:6e:4f:96:57:
6e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:B6:FE:52:80:09:E0:3C:5B:F5:F5:BC:E6:DD:16:BA:4A:A7:65:61
X509v3 Authority Key Identifier:
keyid:BD:5F:08:88:94:D9:DA:75:65:D4:43:61:43:EE:02:6C:32:0E:4A:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157861/34D26C88846F11E6A313C022C4F9AE02/vV8IiJTZ2nVl1ENhQ-4CbDIOSio.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vV8IiJTZ2nVl1ENhQ-4CbDIOSio.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157861/34D26C88846F11E6A313C022C4F9AE02/C22F80E4D1F011EEB68A503EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.208.64.0-113.208.76.255
113.208.78.0-113.208.94.255
203.202.224.0/21
IPv6:
2405:1400::/32
Signature Algorithm: sha256WithRSAEncryption
21:ed:54:66:ee:2b:09:5d:30:5b:cd:d0:09:fd:12:1f:33:50:
69:1f:42:4a:42:cc:4e:10:97:77:9f:03:e4:4c:74:49:62:27:
28:9e:96:b8:44:0b:02:e3:3e:c2:f5:58:36:2f:47:88:4c:13:
e9:99:f0:ae:a9:88:7d:6c:33:98:98:45:03:56:df:2e:72:4b:
9e:d3:d5:16:5a:f9:ab:c9:4d:37:92:0a:e1:00:85:cc:a9:02:
e1:2d:09:53:30:ed:99:57:e1:ae:4a:e1:f0:25:4d:cb:1c:17:
c5:3b:3a:f6:e9:58:9a:05:f7:41:9a:6b:8c:28:e5:56:7d:25:
c5:57:dc:85:e3:35:1a:0b:a4:33:8d:b2:f0:80:4f:f9:09:95:
0d:82:42:3f:7c:dc:bc:2c:36:74:90:da:3a:4a:a1:99:78:f8:
f4:9a:81:8b:ca:9f:ce:5a:c4:29:10:5a:e8:15:d4:4a:49:3f:
32:84:75:1a:ea:19:97:7b:a9:09:2a:5b:71:6f:ef:67:49:ee:
f0:7e:88:d0:63:49:05:f9:d0:02:f2:e2:73:24:ea:f8:ec:29:
45:0f:1d:bb:20:5d:62:4a:21:21:ee:1a:4b:c8:61:73:e9:bc:
66:e6:0d:2c:7b:e0:4f:63:7b:e3:a4:57:17:a5:73:e7:89:9d:
99:8a:8b:5a
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgICHoIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTc4NjExMTAvBgNVBAUTKEJENUYwODg4OTREOURBNzU2NUQ0NDM2MTQzRUUwMjZD
MzIwRTRBMkEwHhcNMjUwODAyMTYyNDIzWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODhlM2JiNi1iNGJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvHokZydVpquBOjzOKc0W8SXSUnobcSnleekibDf8tUAkC7/yWklhYXWdzp2E
Hs+fvN2P8vrnk1JYhsS5198Ewz++GH/00m74ETm8ipJ4c4wxn9E20dHJVfhxd9mf
tL9aQDqoHCQDg06j04CznBCEbn1D1NCVXVr/OKCU84I8e4sSdjlkK/EqXhybtwdh
/yFJB1lPCErYLxNtCw545BrBhrsOZh1vH9BTwT88SjtQh5qF/GT7ngTTYy+1xgd7
4mdcrUfFkvLIBBbzl36DNoJSNBiyLx5d0WEFwcyBj2U8fnCM5D5XDXNX7+5ybmPV
t+CEO5sKT41zDUVOSG5PlldupQIDAQABo4ICwDCCArwwHQYDVR0OBBYEFFa2/lKA
CeA8W/X1vObdFrpKp2VhMB8GA1UdIwQYMBaAFL1fCIiU2dp1ZdRDYUPuAmwyDkoq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Nzg2MS8zNEQyNkM4ODg0
NkYxMUU2QTMxM0MwMjJDNEY5QUUwMi92VjhJaUpUWjJuVmwxRU5oUS00Q2JESU9T
aW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZWOElpSlRaMm5WbDFFTmhRLTRDYkRJT1Npby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTc4NjEvMzREMjZDODg4NDZGMTFFNkEzMTNDMDIyQzRGOUFFMDIvQzIyRjgwRTRE
MUYwMTFFRUI2OEE1MDNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSgYIKwYBBQUHAQcBAf8E
OzA5MCgEAgABMCIwDAMEBnHQQAMEAHHQTDAMAwQBcdBOAwQAcdBeAwQDy8rgMA0E
AgACMAcDBQAkBRQAMA0GCSqGSIb3DQEBCwUAA4IBAQAh7VRm7isJXTBbzdAJ/RIf
M1BpH0JKQsxOEJd3nwPkTHRJYiconpa4RAsC4z7C9Vg2L0eITBPpmfCuqYh9bDOY
mEUDVt8uckue09UWWvmryU03kgrhAIXMqQLhLQlTMO2ZV+GuSuHwJU3LHBfFOzr2
6ViaBfdBmmuMKOVWfSXFV9yF4zUaC6QzjbLwgE/5CZUNgkI/fNy8LDZ0kNo6SqGZ
ePj0moGLyp/OWsQpEFroFdRKST8yhHUa6hmXe6kJKltxb+9nSe7wfojQY0kF+dAC
8uJzJOr47ClFDx27IF1iSiEh7hpLyGFz6bxm5g0se+BPY3vjpFcXpXPniZ2Ziota
-----END CERTIFICATE-----
Generated at Sat Aug 9 23:26:58 2025 by rpki-client