Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916A983/0E082E72CD0F11E89D9FF165C4F9AE02/429A130C13D811EEBE72B647C4F9AE02.roa
File: 429A130C13D811EEBE72B647C4F9AE02.roa (raw, json)
Hash identifier: Yr7221/AjrFVZuk28SsMWsCKf7jgwJUz8UL6k6tO024=
Subject key identifier: D0:3F:57:11:FD:80:81:EA:01:7E:58:8C:9A:32:DC:AE:A2:69:FD:5C
Certificate issuer: /CN=A916A983/serialNumber=88D87B102F5C2771C367064E2049B68A903C71B5
Certificate serial: 134A
Authority key identifier: 88:D8:7B:10:2F:5C:27:71:C3:67:06:4E:20:49:B6:8A:90:3C:71:B5
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iNh7EC9cJ3HDZwZOIEm2ipA8cbU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916A983/0E082E72CD0F11E89D9FF165C4F9AE02/429A130C13D811EEBE72B647C4F9AE02.roa
Signing time: Wed 06 Aug 2025 17:26:27 +0000
ROA not before: Wed 06 Aug 2025 17:26:27 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 1221
IP address blocks: 137.147.0.0/16 maxlen: 16
138.130.0.0/16 maxlen: 16
138.217.0.0/16 maxlen: 16
139.130.0.0/16 maxlen: 16
139.134.0.0/16 maxlen: 16
139.168.0.0/16 maxlen: 16
143.238.0.0/16 maxlen: 16
144.130.0.0/15 maxlen: 15
144.130.0.0/17 maxlen: 17
144.130.144.0/20 maxlen: 20
144.130.160.0/19 maxlen: 19
144.130.192.0/18 maxlen: 18
144.131.0.0/16 maxlen: 16
144.132.0.0/14 maxlen: 14
144.136.0.0/15 maxlen: 15
144.139.0.0/16 maxlen: 16
144.140.0.0/16 maxlen: 16
147.69.0.0/16 maxlen: 16
149.135.0.0/16 maxlen: 16
165.228.0.0/16 maxlen: 16
192.67.84.0/24 maxlen: 24
192.70.219.0/24 maxlen: 24
192.73.66.0/24 maxlen: 24
192.74.139.0/24 maxlen: 24
192.74.140.0/22 maxlen: 26
192.74.144.0/20 maxlen: 20
192.74.160.0/19 maxlen: 19
192.74.192.0/20 maxlen: 20
192.74.208.0/24 maxlen: 24
192.82.143.0/24 maxlen: 24
192.111.105.0/24 maxlen: 24
192.131.27.0/24 maxlen: 24
192.131.28.0/23 maxlen: 23
192.131.30.0/24 maxlen: 24
192.148.116.0/22 maxlen: 22
192.148.120.0/21 maxlen: 21
192.148.128.0/19 maxlen: 19
192.148.160.0/22 maxlen: 22
192.148.164.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916A983/0E082E72CD0F11E89D9FF165C4F9AE02/iNh7EC9cJ3HDZwZOIEm2ipA8cbU.crl
rsync://rpki.apnic.net/member_repository/A916A983/0E082E72CD0F11E89D9FF165C4F9AE02/iNh7EC9cJ3HDZwZOIEm2ipA8cbU.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iNh7EC9cJ3HDZwZOIEm2ipA8cbU.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4938 (0x134a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916A983, serialNumber=88D87B102F5C2771C367064E2049B68A903C71B5
Validity
Not Before: Aug 6 17:26:27 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=68939043-6ab3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:15:c1:66:59:10:62:2e:56:b8:c4:6a:91:7c:
7e:3f:40:15:8f:29:2f:e1:69:9a:49:1b:4f:03:1e:
45:c3:af:58:e9:84:0c:60:9b:01:e2:33:8a:ed:c3:
83:91:22:d1:44:99:ac:2e:dd:61:27:b4:67:f5:c6:
43:1a:4c:5b:06:9a:0c:8f:c2:a8:13:0a:9d:ac:a0:
78:6e:fb:0e:07:3f:af:75:a1:d8:99:8a:fe:80:68:
18:0a:e3:7c:43:ac:ea:25:44:ce:3c:a6:bd:0b:49:
c0:db:92:2a:4e:e6:91:d4:02:8c:04:cf:cd:6f:fb:
32:c7:25:6f:89:45:a2:2f:06:22:73:33:e1:b7:d2:
fd:8e:8c:b4:18:32:5d:21:56:33:a4:03:6f:9e:df:
2d:0c:82:8a:95:e1:0f:7a:bd:e1:5c:54:4c:27:d9:
56:d3:3a:60:27:e1:65:1e:12:2d:ec:93:52:e1:a9:
be:0a:1e:97:df:00:a7:20:e7:41:3a:8f:2c:09:e5:
ab:3d:9b:5e:cb:55:27:64:2c:82:e8:7c:70:ec:ec:
28:8b:19:98:92:7d:c9:de:7f:8b:5a:88:23:02:07:
84:c9:50:3b:d7:f0:57:ee:50:41:f4:29:05:ea:04:
69:b0:c3:27:b2:7e:85:a7:ac:53:38:21:fb:0e:67:
07:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:3F:57:11:FD:80:81:EA:01:7E:58:8C:9A:32:DC:AE:A2:69:FD:5C
X509v3 Authority Key Identifier:
keyid:88:D8:7B:10:2F:5C:27:71:C3:67:06:4E:20:49:B6:8A:90:3C:71:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916A983/0E082E72CD0F11E89D9FF165C4F9AE02/iNh7EC9cJ3HDZwZOIEm2ipA8cbU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iNh7EC9cJ3HDZwZOIEm2ipA8cbU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916A983/0E082E72CD0F11E89D9FF165C4F9AE02/429A130C13D811EEBE72B647C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
137.147.0.0/16
138.130.0.0/16
138.217.0.0/16
139.130.0.0/16
139.134.0.0/16
139.168.0.0/16
143.238.0.0/16
144.130.0.0-144.137.255.255
144.139.0.0-144.140.255.255
147.69.0.0/16
149.135.0.0/16
165.228.0.0/16
192.67.84.0/24
192.70.219.0/24
192.73.66.0/24
192.74.139.0-192.74.208.255
192.82.143.0/24
192.111.105.0/24
192.131.27.0-192.131.30.255
192.148.116.0-192.148.165.255
Signature Algorithm: sha256WithRSAEncryption
24:f6:84:86:b8:17:5c:17:c4:bd:d2:36:0c:b5:85:ec:d8:2e:
c4:e1:3b:81:e4:ed:f5:68:81:0f:1e:61:25:e3:a9:2e:fd:d3:
12:8a:fc:e0:d1:bc:90:28:06:70:7d:53:30:48:f4:53:9d:64:
ca:15:21:7d:99:f4:97:91:e6:2e:e0:9a:61:eb:50:94:3d:89:
b0:68:7a:45:66:90:7e:55:40:1c:ce:93:e1:81:0a:e5:b0:49:
a5:69:4f:29:41:58:13:81:9e:cb:c6:f2:67:99:ce:62:8d:1f:
69:ce:52:a9:e3:3a:9d:fe:85:51:99:6e:7f:5f:43:2d:bc:57:
a0:6d:41:80:90:c5:99:3a:31:cc:b6:e8:5b:85:e2:12:7c:85:
05:cd:8c:4b:75:f5:45:fd:3a:f3:50:8d:01:fb:dc:c8:84:d1:
c0:15:76:44:c7:b3:a9:f7:0d:31:15:8c:71:1e:9e:a7:3f:4c:
36:25:59:06:08:a4:32:c2:4a:96:95:e8:4d:32:47:b5:91:84:
50:62:a5:7e:4e:78:24:b0:05:b6:84:4a:0d:74:60:f7:9f:a9:
c7:ff:45:5e:b9:b7:f2:9e:9d:dd:c0:ba:df:52:65:66:b2:ee:
69:6f:49:94:71:cd:be:ef:87:96:9a:06:01:54:b6:28:f2:db:
b7:75:44:17
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgICE0owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkE5ODMxMTAvBgNVBAUTKDg4RDg3QjEwMkY1QzI3NzFDMzY3MDY0RTIwNDlCNjhB
OTAzQzcxQjUwHhcNMjUwODA2MTcyNjI3WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODkzOTA0My02YWIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8RXBZlkQYi5WuMRqkXx+P0AVjykv4WmaSRtPAx5Fw69Y6YQMYJsB4jOK7cOD
kSLRRJmsLt1hJ7Rn9cZDGkxbBpoMj8KoEwqdrKB4bvsOBz+vdaHYmYr+gGgYCuN8
Q6zqJUTOPKa9C0nA25IqTuaR1AKMBM/Nb/syxyVviUWiLwYiczPht9L9joy0GDJd
IVYzpANvnt8tDIKKleEPer3hXFRMJ9lW0zpgJ+FlHhIt7JNS4am+Ch6X3wCnIOdB
Oo8sCeWrPZtey1UnZCyC6Hxw7OwoixmYkn3J3n+LWogjAgeEyVA71/BX7lBB9CkF
6gRpsMMnsn6Fp6xTOCH7DmcHYQIDAQABo4IDJjCCAyIwHQYDVR0OBBYEFNA/VxH9
gIHqAX5YjJoy3K6iaf1cMB8GA1UdIwQYMBaAFIjYexAvXCdxw2cGTiBJtoqQPHG1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QTk4My8wRTA4MkU3MkNE
MEYxMUU4OUQ5RkYxNjVDNEY5QUUwMi9pTmg3RUM5Y0ozSERad1pPSUVtMmlwQThj
YlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lOaDdFQzljSjNIRFp3Wk9JRW0yaXBBOGNiVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkE5ODMvMEUwODJFNzJDRDBGMTFFODlEOUZGMTY1QzRGOUFFMDIvNDI5QTEzMEMx
M0Q4MTFFRUJFNzJCNjQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwga8GCCsGAQUFBwEHAQH/
BIGfMIGcMIGZBAIAATCBkgMDAImTAwMAioIDAwCK2QMDAIuCAwMAi4YDAwCLqAMD
AI/uMAoDAwGQggMDAZCIMAoDAwCQiwMDAJCMAwMAk0UDAwCVhwMDAKXkAwQAwENU
AwQAwEbbAwQAwElCMAwDBADASosDBADAStADBADAUo8DBADAb2kwDAMEAMCDGwME
AMCDHjAMAwQCwJR0AwQBwJSkMA0GCSqGSIb3DQEBCwUAA4IBAQAk9oSGuBdcF8S9
0jYMtYXs2C7E4TuB5O31aIEPHmEl46ku/dMSivzg0byQKAZwfVMwSPRTnWTKFSF9
mfSXkeYu4Jph61CUPYmwaHpFZpB+VUAczpPhgQrlsEmlaU8pQVgTgZ7LxvJnmc5i
jR9pzlKp4zqd/oVRmW5/X0MtvFegbUGAkMWZOjHMtuhbheISfIUFzYxLdfVF/Trz
UI0B+9zIhNHAFXZEx7Op9w0xFYxxHp6nP0w2JVkGCKQywkqWlehNMke1kYRQYqV+
TngksAW2hEoNdGD3n6nH/0Veubfynp3dwLrfUmVmsu5pb0mUcc2+74eWmgYBVLYo
8tu3dUQX
-----END CERTIFICATE-----
Generated at Mon Aug 11 02:04:52 2025 by rpki-client