
Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916AC30/6BC4CDFE8C6211EF99464085C4F9AE02/33A6DBFAD31C11EFA728D52FC4F9AE02.roa
File: 33A6DBFAD31C11EFA728D52FC4F9AE02.roa (raw, json)
Hash identifier: C51FnirOwHNLSENUvzzb2TxTVOy5VJ2d+aAfYjutEMA=
Subject key identifier: A3:ED:E1:76:35:1A:E5:7E:28:2A:F0:CA:46:28:E5:AD:A0:98:11:61
Certificate issuer: /CN=A916AC30/serialNumber=576790244CC29275C112356FF620F2620D7D615E
Certificate serial: CB
Authority key identifier: 57:67:90:24:4C:C2:92:75:C1:12:35:6F:F6:20:F2:62:0D:7D:61:5E
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/V2eQJEzCknXBEjVv9iDyYg19YV4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916AC30/6BC4CDFE8C6211EF99464085C4F9AE02/33A6DBFAD31C11EFA728D52FC4F9AE02.roa
Signing time: Wed 23 Jul 2025 14:48:41 +0000
ROA not before: Wed 23 Jul 2025 14:48:41 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 59253
IP address blocks: 23.106.48.0/21 maxlen: 21
23.106.50.0/24 maxlen: 24
23.106.64.0/20 maxlen: 20
23.106.67.0/24 maxlen: 24
23.106.120.0/21 maxlen: 21
23.106.248.0/21 maxlen: 21
23.106.248.0/22 maxlen: 22
23.106.252.0/22 maxlen: 22
23.108.96.0/21 maxlen: 21
23.108.96.0/22 maxlen: 22
23.108.100.0/22 maxlen: 22
23.111.12.0/22 maxlen: 22
64.120.92.0/22 maxlen: 22
64.120.110.0/23 maxlen: 24
142.91.96.0/23 maxlen: 23
142.91.98.0/23 maxlen: 23
142.91.100.0/23 maxlen: 23
142.91.102.0/23 maxlen: 23
173.234.0.0/23 maxlen: 23
173.234.2.0/23 maxlen: 23
173.234.4.0/22 maxlen: 22
173.234.8.0/22 maxlen: 22
173.234.12.0/23 maxlen: 23
173.234.14.0/23 maxlen: 23
209.58.160.0/20 maxlen: 20
209.58.160.0/21 maxlen: 21
209.58.168.0/21 maxlen: 21
209.58.176.0/21 maxlen: 21
209.58.176.0/22 maxlen: 22
209.58.180.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916AC30/6BC4CDFE8C6211EF99464085C4F9AE02/V2eQJEzCknXBEjVv9iDyYg19YV4.crl
rsync://rpki.apnic.net/member_repository/A916AC30/6BC4CDFE8C6211EF99464085C4F9AE02/V2eQJEzCknXBEjVv9iDyYg19YV4.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/V2eQJEzCknXBEjVv9iDyYg19YV4.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 203 (0xcb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916AC30, serialNumber=576790244CC29275C112356FF620F2620D7D615E
Validity
Not Before: Jul 23 14:48:41 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6880f649-ba68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:1b:4f:72:49:f9:81:1b:af:e1:6c:2f:40:c5:
71:db:13:dc:f6:88:19:6a:4e:c0:2c:44:7b:35:9e:
df:e6:b5:3a:59:2d:be:df:66:a4:50:8f:ad:ee:63:
95:e6:d1:37:ad:d2:1b:11:31:db:b6:17:f7:d5:ff:
e4:ca:8f:a4:3a:76:f0:ae:98:ec:56:51:3b:ec:46:
73:5e:42:7a:bf:90:ac:79:0c:89:94:82:88:69:96:
6e:90:e8:8b:93:dc:bc:1d:9d:41:55:15:c6:dc:9e:
4d:bf:4e:48:7d:02:de:ef:04:6e:b7:55:60:e5:74:
09:56:0e:a3:f5:dd:f8:f6:de:7e:ae:1b:7e:20:e9:
4e:63:1d:85:9e:f1:b2:c8:bf:16:22:05:1e:ea:a1:
f3:c2:63:8e:c3:17:41:c5:2a:a0:b2:38:b3:7d:40:
1a:61:b7:f0:f8:92:90:69:d2:b6:e2:6c:c1:11:b2:
03:ec:ed:0a:e6:df:79:f4:4a:ba:8e:e9:cc:2c:6f:
86:f0:52:bb:16:56:12:0c:41:7f:f4:7e:36:10:08:
2d:56:ca:74:95:02:0f:f3:2b:fb:5c:99:4a:4c:a4:
5a:9d:5f:41:8e:82:4c:8b:34:1c:50:61:ae:c7:35:
b2:e9:a5:b4:97:41:c0:ea:ab:34:5c:b2:52:45:cb:
75:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:ED:E1:76:35:1A:E5:7E:28:2A:F0:CA:46:28:E5:AD:A0:98:11:61
X509v3 Authority Key Identifier:
keyid:57:67:90:24:4C:C2:92:75:C1:12:35:6F:F6:20:F2:62:0D:7D:61:5E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916AC30/6BC4CDFE8C6211EF99464085C4F9AE02/V2eQJEzCknXBEjVv9iDyYg19YV4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/V2eQJEzCknXBEjVv9iDyYg19YV4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916AC30/6BC4CDFE8C6211EF99464085C4F9AE02/33A6DBFAD31C11EFA728D52FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
23.106.48.0/21
23.106.64.0/20
23.106.120.0/21
23.106.248.0/21
23.108.96.0/21
23.111.12.0/22
64.120.92.0/22
64.120.110.0/23
142.91.96.0/21
173.234.0.0/20
209.58.160.0-209.58.183.255
Signature Algorithm: sha256WithRSAEncryption
47:01:76:82:90:b2:28:49:c5:a1:0f:bd:04:19:90:6d:10:38:
ee:44:0a:fd:49:c6:b5:46:bf:84:87:9d:8d:14:00:43:15:20:
03:51:5b:22:89:07:ee:34:60:6a:fa:ff:43:97:ed:fb:69:06:
ab:4d:e8:6b:cc:80:8d:c6:81:b9:9c:e1:a8:4b:09:74:d2:d1:
63:bd:f4:6a:2a:71:ec:85:cc:a5:0e:14:33:58:e8:f4:83:46:
e9:81:5b:4c:87:13:68:2e:aa:2d:55:62:d2:c0:ee:20:d4:f4:
2a:92:c5:a7:1c:a9:2c:58:dd:1d:c8:cc:5c:32:e5:f4:db:71:
99:36:09:ba:39:c0:00:86:0d:b3:2e:2f:58:4e:92:98:93:f5:
54:ea:94:6e:23:c7:a8:da:05:11:22:73:a2:9c:b1:24:f2:95:
79:8d:50:1f:04:fc:dc:bb:bd:fb:7c:cb:a9:6a:4d:66:40:5f:
99:65:58:75:82:f9:28:cc:29:5a:98:e1:81:f4:8f:43:4e:3c:
8d:e7:28:6d:d9:1c:4c:a1:a8:26:9a:10:e6:64:c6:fa:01:1d:
22:8a:85:6f:dc:f5:b3:46:0e:8f:00:6e:7d:fc:44:e1:39:c1:
d1:b4:9f:8b:66:0c:ae:c3:91:f8:ad:d3:fc:a4:c8:3a:68:df:
c1:17:20:42
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgICAMswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkFDMzAxMTAvBgNVBAUTKDU3Njc5MDI0NENDMjkyNzVDMTEyMzU2RkY2MjBGMjYy
MEQ3RDYxNUUwHhcNMjUwNzIzMTQ0ODQxWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODgwZjY0OS1iYTY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvhtPckn5gRuv4WwvQMVx2xPc9ogZak7ALER7NZ7f5rU6WS2+32akUI+t7mOV
5tE3rdIbETHbthf31f/kyo+kOnbwrpjsVlE77EZzXkJ6v5CseQyJlIKIaZZukOiL
k9y8HZ1BVRXG3J5Nv05IfQLe7wRut1Vg5XQJVg6j9d349t5+rht+IOlOYx2FnvGy
yL8WIgUe6qHzwmOOwxdBxSqgsjizfUAaYbfw+JKQadK24mzBEbID7O0K5t959Eq6
junMLG+G8FK7FlYSDEF/9H42EAgtVsp0lQIP8yv7XJlKTKRanV9BjoJMizQcUGGu
xzWy6aW0l0HA6qs0XLJSRct1yQIDAQABo4IC2TCCAtUwHQYDVR0OBBYEFKPt4XY1
GuV+KCrwykYo5a2gmBFhMB8GA1UdIwQYMBaAFFdnkCRMwpJ1wRI1b/Yg8mINfWFe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QUMzMC82QkM0Q0RGRThD
NjIxMUVGOTk0NjQwODVDNEY5QUUwMi9WMmVRSkV6Q2tuWEJFalZ2OWlEeVlnMTlZ
VjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1YyZVFKRXpDa25YQkVqVnY5aUR5WWcxOVlWNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkFDMzAvNkJDNENERkU4QzYyMTFFRjk5NDY0MDg1QzRGOUFFMDIvMzNBNkRCRkFE
MzFDMTFFRkE3MjhENTJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYwYIKwYBBQUHAQcBAf8E
VDBSMFAEAgABMEoDBAMXajADBAQXakADBAMXangDBAMXavgDBAMXbGADBAIXbwwD
BAJAeFwDBAFAeG4DBAOOW2ADBASt6gAwDAMEBdE6oAMEA9E6sDANBgkqhkiG9w0B
AQsFAAOCAQEARwF2gpCyKEnFoQ+9BBmQbRA47kQK/UnGtUa/hIedjRQAQxUgA1Fb
IokH7jRgavr/Q5ft+2kGq03oa8yAjcaBuZzhqEsJdNLRY730aipx7IXMpQ4UM1jo
9ING6YFbTIcTaC6qLVVi0sDuINT0KpLFpxypLFjdHcjMXDLl9NtxmTYJujnAAIYN
sy4vWE6SmJP1VOqUbiPHqNoFESJzopyxJPKVeY1QHwT83Lu9+3zLqWpNZkBfmWVY
dYL5KMwpWpjhgfSPQ048jecobdkcTKGoJpoQ5mTG+gEdIoqFb9z1s0YOjwBuffxE
4TnB0bSfi2YMrsOR+K3T/KTIOmjfwRcgQg==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:04:29 2025 by rpki-client