Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/6AE44D5C3E4511F090A5C643C4F9AE02.roa
File: 6AE44D5C3E4511F090A5C643C4F9AE02.roa (raw, json)
Hash identifier: KvPwwQitCLdp1wselY09GkbM7S1n62UBniOlJEvvNRY=
Subject key identifier: 36:F4:C0:8E:59:7D:58:57:CB:93:76:CA:ED:95:AA:8D:B3:97:D4:A3
Certificate issuer: /CN=A91657DD/serialNumber=FBBAC1656A0C63708BCCD60DC825E6C3191A719B
Certificate serial: 0F5B
Authority key identifier: FB:BA:C1:65:6A:0C:63:70:8B:CC:D6:0D:C8:25:E6:C3:19:1A:71:9B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-7rBZWoMY3CLzNYNyCXmwxkacZs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/6AE44D5C3E4511F090A5C643C4F9AE02.roa
Signing time: Sat 31 May 2025 17:33:52 +0000
ROA not before: Sat 31 May 2025 17:33:52 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 63996
IP address blocks: 45.120.112.0/22 maxlen: 24
103.60.172.0/22 maxlen: 24
103.205.68.0/22 maxlen: 24
192.144.86.0/23 maxlen: 24
203.95.220.0/22 maxlen: 24
2400:3240::/32 maxlen: 36
2400:3240:300::/40 maxlen: 40
2400:3240:7000::/42 maxlen: 48
2400:3240:7080::/42 maxlen: 42
2400:3240:7400::/42 maxlen: 42
2400:3240:7440::/42 maxlen: 42
2400:3240:8000::/48 maxlen: 48
2400:3240:9000::/43 maxlen: 43
2400:3240:9020::/43 maxlen: 43
2400:3240:9060::/43 maxlen: 43
2400:3240:9080::/43 maxlen: 43
2400:3240:90a0::/43 maxlen: 43
2400:3240:9100::/43 maxlen: 43
2400:3240:9120::/43 maxlen: 43
2400:3240:91a0::/43 maxlen: 43
2400:3240:91c0::/43 maxlen: 43
2400:3240:91e0::/43 maxlen: 43
2400:3240:9200::/43 maxlen: 43
2400:3240:9240::/43 maxlen: 48
2404:1380::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/-7rBZWoMY3CLzNYNyCXmwxkacZs.crl
rsync://rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/-7rBZWoMY3CLzNYNyCXmwxkacZs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-7rBZWoMY3CLzNYNyCXmwxkacZs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 21 Jun 2025 17:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3931 (0xf5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91657DD, serialNumber=FBBAC1656A0C63708BCCD60DC825E6C3191A719B
Validity
Not Before: May 31 17:33:52 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=683b3d7f-da2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:12:5f:97:6d:09:c3:12:62:0b:bf:f1:ad:31:
f5:b2:2d:1f:80:10:a8:42:56:21:1b:00:89:55:e9:
d4:f6:7f:bf:9d:a8:cf:b2:52:7f:71:67:55:16:c3:
9a:ce:39:93:ff:dd:4c:8f:a9:42:9c:42:07:57:0b:
c1:62:23:62:dc:c5:c9:d1:18:84:2e:5f:2c:50:a1:
04:d5:ae:c7:1c:01:1d:6f:65:ef:cd:d5:c2:30:c3:
97:ab:bd:a9:a8:70:5a:ee:ae:c1:31:54:81:98:98:
d5:52:73:f8:86:31:51:f8:f3:f3:d7:56:e4:6e:b3:
9f:2c:40:57:cb:1d:39:1c:c8:4d:bf:a6:12:1b:44:
c2:fd:e4:c0:25:8c:05:26:8d:a7:ab:d8:21:67:6c:
21:21:2d:e6:71:f5:7d:d1:a8:57:ad:44:3d:e8:49:
62:00:02:ae:9e:72:c2:67:97:c1:cf:ac:4c:83:79:
04:ee:10:2c:e8:79:48:a6:c8:91:71:9c:d7:f5:97:
82:35:12:e5:b4:df:2c:59:2d:67:ef:e1:73:e6:a5:
66:09:08:c8:fd:c3:da:6b:03:c5:20:32:77:f5:20:
35:2d:34:b0:d2:fa:1e:98:5d:cc:0f:b5:cc:42:05:
f1:47:b9:c3:f3:67:dd:80:20:ab:e0:58:a3:89:1b:
56:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:F4:C0:8E:59:7D:58:57:CB:93:76:CA:ED:95:AA:8D:B3:97:D4:A3
X509v3 Authority Key Identifier:
keyid:FB:BA:C1:65:6A:0C:63:70:8B:CC:D6:0D:C8:25:E6:C3:19:1A:71:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/-7rBZWoMY3CLzNYNyCXmwxkacZs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-7rBZWoMY3CLzNYNyCXmwxkacZs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/6AE44D5C3E4511F090A5C643C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.120.112.0/22
103.60.172.0/22
103.205.68.0/22
192.144.86.0/23
203.95.220.0/22
IPv6:
2400:3240::/32
2404:1380::/32
Signature Algorithm: sha256WithRSAEncryption
14:fd:11:23:c1:e4:13:0b:b1:9d:39:ed:28:64:04:06:f8:e7:
81:df:93:6e:d3:f0:15:74:a3:b8:57:e6:eb:a8:e6:4d:c6:e9:
b4:05:76:78:2b:cd:27:26:b3:d1:8d:77:d2:ed:63:d1:cc:33:
12:72:90:63:b6:82:b5:14:6c:a8:50:18:29:00:cc:4d:48:d5:
fd:cc:28:24:2e:3a:9d:c5:d8:2f:74:2c:99:1c:9b:8f:c2:c0:
24:bc:52:a8:09:c1:7c:1f:9c:74:24:ce:70:5b:1a:d0:72:99:
dc:11:32:6f:5b:ab:d5:2e:51:9a:fb:a8:5c:0e:04:4b:ea:11:
fa:fc:19:41:7c:4c:4a:83:a4:17:01:52:1b:82:45:04:ca:d7:
34:88:2c:65:11:83:8e:26:aa:ff:b6:a9:87:5b:bf:c9:a0:b9:
6d:e0:ff:ea:25:8e:38:80:3c:96:96:8c:e8:9a:3c:d4:db:02:
ef:07:3c:03:1e:7f:64:44:5e:d5:22:c7:72:1d:e6:42:ac:80:
80:21:c5:96:d2:bf:5c:ff:5c:15:db:68:ed:3f:f6:0c:95:86:
1c:e8:d9:5b:85:e2:8e:8d:68:4c:c4:b7:54:b9:d0:0a:eb:c4:
31:38:bb:0b:b7:6e:bf:f7:95:e6:ad:30:5c:b8:62:3c:9c:1f:
88:f0:97:f7
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgICD1swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjU3REQxMTAvBgNVBAUTKEZCQkFDMTY1NkEwQzYzNzA4QkNDRDYwREM4MjVFNkMz
MTkxQTcxOUIwHhcNMjUwNTMxMTczMzUyWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODNiM2Q3Zi1kYTJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsBJfl20JwxJiC7/xrTH1si0fgBCoQlYhGwCJVenU9n+/najPslJ/cWdVFsOa
zjmT/91Mj6lCnEIHVwvBYiNi3MXJ0RiELl8sUKEE1a7HHAEdb2XvzdXCMMOXq72p
qHBa7q7BMVSBmJjVUnP4hjFR+PPz11bkbrOfLEBXyx05HMhNv6YSG0TC/eTAJYwF
Jo2nq9ghZ2whIS3mcfV90ahXrUQ96EliAAKunnLCZ5fBz6xMg3kE7hAs6HlIpsiR
cZzX9ZeCNRLltN8sWS1n7+Fz5qVmCQjI/cPaawPFIDJ39SA1LTSw0voemF3MD7XM
QgXxR7nD82fdgCCr4FijiRtWDwIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFDb0wI5Z
fVhXy5N2yu2Vqo2zl9SjMB8GA1UdIwQYMBaAFPu6wWVqDGNwi8zWDcgl5sMZGnGb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTdERC9BRDYxNUY2RTZF
NTYxMUU5QkQ5QjVFNjlDNEY5QUUwMi8tN3JCWldvTVkzQ0x6TllOeUNYbXd4a2Fj
WnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy03ckJaV29NWTNDTHpOWU55Q1htd3hrYWNacy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjU3REQvQUQ2MTVGNkU2RTU2MTFFOUJEOUI1RTY5QzRGOUFFMDIvNkFFNDRENUMz
RTQ1MTFGMDkwQTVDNjQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTQYIKwYBBQUHAQcBAf8E
PjA8MCQEAgABMB4DBAIteHADBAJnPKwDBAJnzUQDBAHAkFYDBALLX9wwFAQCAAIw
DgMFACQAMkADBQAkBBOAMA0GCSqGSIb3DQEBCwUAA4IBAQAU/REjweQTC7GdOe0o
ZAQG+OeB35Nu0/AVdKO4V+brqOZNxum0BXZ4K80nJrPRjXfS7WPRzDMScpBjtoK1
FGyoUBgpAMxNSNX9zCgkLjqdxdgvdCyZHJuPwsAkvFKoCcF8H5x0JM5wWxrQcpnc
ETJvW6vVLlGa+6hcDgRL6hH6/BlBfExKg6QXAVIbgkUEytc0iCxlEYOOJqr/tqmH
W7/JoLlt4P/qJY44gDyWlozomjzU2wLvBzwDHn9kRF7VIsdyHeZCrICAIcWW0r9c
/1wV22jtP/YMlYYc6NlbheKOjWhMxLdUudAK68QxOLsLt26/95XmrTBcuGI8nB+I
8Jf3
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:06:03 2025 by rpki-client