Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/844EFBDA766C11EF8CE33A86C4F9AE02.roa
File: 844EFBDA766C11EF8CE33A86C4F9AE02.roa (raw, json)
Hash identifier: P7ML1zua1vWGcEbBxHBGy+N0awfVzYw0xfSbdU5Alt4=
Subject key identifier: 4F:4F:B2:FD:02:89:D2:5F:E5:8C:17:71:7B:B4:78:F8:FE:F5:D1:7D
Certificate issuer: /CN=A9162EE1/serialNumber=6076BD0BA4DB797A72A68FEFF9BFB558C44398B2
Certificate serial: 0410
Authority key identifier: 60:76:BD:0B:A4:DB:79:7A:72:A6:8F:EF:F9:BF:B5:58:C4:43:98:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/844EFBDA766C11EF8CE33A86C4F9AE02.roa
Signing time: Wed 04 Jun 2025 08:51:10 +0000
ROA not before: Wed 04 Jun 2025 08:51:10 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 147049
IP address blocks: 103.173.150.0/23 maxlen: 23
103.173.150.0/24 maxlen: 24
103.173.151.0/24 maxlen: 24
116.204.193.0/24 maxlen: 24
116.204.194.0/24 maxlen: 24
116.204.195.0/24 maxlen: 24
2407:e8c0::/48 maxlen: 48
2407:e8c0:1::/48 maxlen: 48
2407:e8c0:2::/48 maxlen: 48
2407:e8c0:3::/48 maxlen: 48
2407:e8c0:4::/48 maxlen: 48
2407:e8c0:5::/48 maxlen: 48
2407:e8c0:6::/48 maxlen: 48
2407:e8c0:7::/48 maxlen: 48
2407:e8c0:8::/48 maxlen: 48
2407:e8c0:9::/48 maxlen: 48
2407:e8c0:a::/48 maxlen: 48
2407:e8c0:b::/48 maxlen: 48
2407:e8c0:c::/48 maxlen: 48
2407:e8c0:d::/48 maxlen: 48
2407:e8c0:e::/48 maxlen: 48
2407:e8c0:f::/48 maxlen: 48
2407:e8c0:11::/48 maxlen: 48
2407:e8c0:12::/48 maxlen: 48
2407:e8c0:13::/48 maxlen: 48
2407:e8c0:1f::/48 maxlen: 48
2407:e8c0:20::/48 maxlen: 48
2407:e8c0:4a00::/40 maxlen: 40
2407:e8c0:4b00::/40 maxlen: 40
2407:e8c0:4c00::/40 maxlen: 40
2407:e8c0:4d00::/40 maxlen: 40
2407:e8c0:4e00::/40 maxlen: 40
2407:e8c0:4f00::/40 maxlen: 40
2407:e8c0:5000::/40 maxlen: 40
2407:e8c0:5100::/40 maxlen: 40
2407:e8c0:5200::/40 maxlen: 40
2407:e8c0:5300::/40 maxlen: 40
2407:e8c0:5400::/40 maxlen: 40
2407:e8c0:5500::/40 maxlen: 40
2407:e8c0:5600::/40 maxlen: 40
2407:e8c0:5700::/40 maxlen: 40
2407:e8c0:5800::/40 maxlen: 40
2407:e8c0:5a00::/40 maxlen: 40
2407:e8c0:5b00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.crl
rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 26 Jun 2025 00:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1040 (0x410)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162EE1, serialNumber=6076BD0BA4DB797A72A68FEFF9BFB558C44398B2
Validity
Not Before: Jun 4 08:51:10 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=684008fe-a06d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:80:34:58:43:92:19:3f:21:c2:cd:58:d9:d8:
ac:e3:ab:84:0f:38:92:85:87:d8:1f:1b:4b:88:b3:
a5:8f:68:89:da:9c:0a:26:56:94:56:c0:cd:6d:f4:
3e:53:86:3f:fb:d6:a1:63:28:83:40:1a:50:90:e3:
21:f9:ff:bc:cf:0f:99:d7:7e:ad:46:01:af:6c:39:
45:66:3b:e1:12:16:47:1c:c3:8f:36:76:35:49:32:
b0:2a:24:62:2e:c0:37:81:cf:21:b4:6e:9a:67:21:
4b:ec:8b:5f:71:41:9c:ad:4c:6f:03:31:65:8d:ff:
d5:db:1f:1a:a3:94:9a:c1:7c:6f:c4:7c:c4:22:53:
2e:29:6c:55:71:d5:0b:d4:1b:e4:5d:a5:4f:69:65:
16:fa:8f:bb:9c:1a:05:d8:63:52:86:98:8c:43:d3:
1e:4c:bd:59:46:92:97:f9:20:5a:d4:0d:ca:4c:f0:
5e:1f:d2:92:ce:1d:f9:fa:49:ad:9b:e4:31:a1:bd:
9d:e4:7d:53:02:90:82:01:ae:d9:ea:55:f1:fc:18:
62:b4:1d:9f:6d:31:8b:09:22:ce:d7:7e:17:65:8c:
9a:96:eb:45:9b:e9:e7:92:ef:6b:b1:94:d8:ed:81:
d3:d1:04:01:4e:a3:07:97:2b:a9:f9:07:e0:b6:9f:
b0:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:4F:B2:FD:02:89:D2:5F:E5:8C:17:71:7B:B4:78:F8:FE:F5:D1:7D
X509v3 Authority Key Identifier:
keyid:60:76:BD:0B:A4:DB:79:7A:72:A6:8F:EF:F9:BF:B5:58:C4:43:98:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/844EFBDA766C11EF8CE33A86C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.173.150.0/23
116.204.193.0-116.204.195.255
IPv6:
2407:e8c0::/44
2407:e8c0:11::-2407:e8c0:13:ffff:ffff:ffff:ffff:ffff
2407:e8c0:1f::-2407:e8c0:20:ffff:ffff:ffff:ffff:ffff
2407:e8c0:4a00::-2407:e8c0:58ff:ffff:ffff:ffff:ffff:ffff
2407:e8c0:5a00::/39
Signature Algorithm: sha256WithRSAEncryption
b0:d8:d2:4f:92:7f:83:14:4e:9b:7d:cb:02:f9:a8:16:8a:4e:
10:e1:26:06:c0:50:ab:a8:be:2b:ce:be:7c:8d:1d:d4:11:d7:
43:17:c1:15:08:32:e0:ef:fb:c5:62:18:9a:e5:6d:8d:9d:64:
1b:02:60:21:89:d4:78:10:df:2e:d3:c9:44:2b:02:1f:32:ed:
29:e5:a5:5d:22:b2:b4:b9:f0:62:03:ee:dd:3c:41:89:23:66:
8d:0e:e9:76:27:13:84:37:f1:2c:1d:e5:e9:41:72:66:a4:8e:
e7:32:d7:f9:ee:0c:0c:24:25:9f:76:db:9e:c0:68:f5:92:5e:
68:1e:e1:96:33:19:fc:ff:9e:ec:60:85:db:2a:36:39:b8:9d:
19:7d:50:8c:bd:25:bd:4f:69:10:2f:04:b0:c1:9a:22:52:e3:
b2:11:99:3d:e2:ed:39:c2:af:86:80:c5:c5:a5:24:a2:d9:8f:
6c:f2:e7:3d:9f:1c:24:4d:85:44:61:d0:49:5a:81:ec:92:35:
2a:6d:b6:7d:5e:40:ba:ff:b7:9f:3e:76:12:17:85:da:cc:b4:
eb:87:38:08:c9:f2:f2:66:e2:39:4f:48:12:69:8a:de:97:41:
11:d3:2a:88:0e:98:2f:07:85:a5:92:1f:17:49:55:cc:5c:09:
92:28:fe:66
-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgICBBAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjJFRTExMTAvBgNVBAUTKDYwNzZCRDBCQTREQjc5N0E3MkE2OEZFRkY5QkZCNTU4
QzQ0Mzk4QjIwHhcNMjUwNjA0MDg1MTEwWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODQwMDhmZS1hMDZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyIA0WEOSGT8hws1Y2dis46uEDziShYfYHxtLiLOlj2iJ2pwKJlaUVsDNbfQ+
U4Y/+9ahYyiDQBpQkOMh+f+8zw+Z136tRgGvbDlFZjvhEhZHHMOPNnY1STKwKiRi
LsA3gc8htG6aZyFL7ItfcUGcrUxvAzFljf/V2x8ao5SawXxvxHzEIlMuKWxVcdUL
1BvkXaVPaWUW+o+7nBoF2GNShpiMQ9MeTL1ZRpKX+SBa1A3KTPBeH9KSzh35+kmt
m+Qxob2d5H1TApCCAa7Z6lXx/BhitB2fbTGLCSLO134XZYyalutFm+nnku9rsZTY
7YHT0QQBTqMHlyup+Qfgtp+w9QIDAQABo4IC9zCCAvMwHQYDVR0OBBYEFE9Psv0C
idJf5YwXcXu0ePj+9dF9MB8GA1UdIwQYMBaAFGB2vQuk23l6cqaP7/m/tVjEQ5iy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MkVFMS83NTJENDJFODhG
RDIxMUVDOTQ4QTkzN0VDNEY5QUUwMi9ZSGE5QzZUYmVYcHlwb192LWItMVdNUkRt
TEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lIYTlDNlRiZVhweXBvX3YtYi0xV01SRG1MSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjJFRTEvNzUyRDQyRTg4RkQyMTFFQzk0OEE5MzdFQzRGOUFFMDIvODQ0RUZCREE3
NjZDMTFFRjhDRTMzQTg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYAGCCsGAQUFBwEHAQH/
BHEwbzAaBAIAATAUAwQBZ62WMAwDBAB0zMEDBAJ0zMAwUQQCAAIwSwMHBCQH6MAA
ADASAwcAJAfowAARAwcCJAfowAAQMBIDBwAkB+jAAB8DBwAkB+jAACAwEAMGASQH
6MBKAwYAJAfowFgDBgEkB+jAWjANBgkqhkiG9w0BAQsFAAOCAQEAsNjST5J/gxRO
m33LAvmoFopOEOEmBsBQq6i+K86+fI0d1BHXQxfBFQgy4O/7xWIYmuVtjZ1kGwJg
IYnUeBDfLtPJRCsCHzLtKeWlXSKytLnwYgPu3TxBiSNmjQ7pdicThDfxLB3l6UFy
ZqSO5zLX+e4MDCQln3bbnsBo9ZJeaB7hljMZ/P+e7GCF2yo2ObidGX1QjL0lvU9p
EC8EsMGaIlLjshGZPeLtOcKvhoDFxaUkotmPbPLnPZ8cJE2FRGHQSVqB7JI1Km22
fV5Auv+3nz52EheF2sy064c4CMny8mbiOU9IEmmK3pdBEdMqiA6YLweFpZIfF0lV
zFwJkij+Zg==
-----END CERTIFICATE-----
Generated at Thu Jun 19 08:38:28 2025 by rpki-client