Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/87F433B2234C11EBA94AE637C4F9AE02.roa
File: 87F433B2234C11EBA94AE637C4F9AE02.roa (raw, json)
Hash identifier: Rkz8G55vowkF7kydrCN5pxGVCB20c+IGP3x592UMfSw=
Subject key identifier: AD:EC:9E:13:2D:7D:6D:A6:D1:74:EF:5C:34:5A:55:29:C6:92:6D:F0
Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Certificate serial: 1D62
Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/87F433B2234C11EBA94AE637C4F9AE02.roa
Signing time: Sat 09 Aug 2025 11:25:59 +0000
ROA not before: Sat 09 Aug 2025 11:25:59 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 141031
IP address blocks: 113.203.192.0/24 maxlen: 24
113.203.194.0/24 maxlen: 24
113.203.196.0/24 maxlen: 24
113.203.197.0/24 maxlen: 24
113.203.198.0/24 maxlen: 24
113.203.199.0/24 maxlen: 24
118.103.224.0/24 maxlen: 24
118.103.225.0/24 maxlen: 24
2406:d00:ee00::/48 maxlen: 48
2406:d00:ee01::/48 maxlen: 48
2406:d00:ee02::/48 maxlen: 48
2406:d00:ee03::/48 maxlen: 48
2406:d00:ee04::/48 maxlen: 48
2406:d00:ee05::/48 maxlen: 48
2406:d00:ee06::/48 maxlen: 48
2406:d00:ee0a::/48 maxlen: 48
2406:d00:ee0b::/48 maxlen: 48
2406:d00:ee0c::/48 maxlen: 48
2406:d00:ee0d::/48 maxlen: 48
2406:d00:ee0e::/48 maxlen: 48
2406:d00:ee0f::/48 maxlen: 48
2406:d00:ee55::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7522 (0x1d62)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917A84A, serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Validity
Not Before: Aug 9 11:25:59 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=68973046-2abb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1a:31:4b:09:b2:36:3f:ca:f0:23:f3:55:d2:
c7:dd:db:8d:c5:70:15:03:5b:81:87:a4:66:b1:cb:
a6:3e:1e:08:20:4e:24:9a:a6:58:b4:ff:ff:de:86:
35:7d:02:97:07:b0:3d:ff:1f:cd:5d:90:fc:03:c9:
d7:36:05:d6:94:d8:0c:20:b5:1f:a3:7f:7c:e1:b8:
d3:a3:76:53:fe:61:8f:88:90:97:bb:1a:72:72:a2:
00:6f:c5:fb:fd:a8:15:0d:ff:64:65:af:c8:f5:59:
0b:c2:f3:df:54:ad:d1:2d:62:0b:87:9a:bb:f7:ee:
dd:f9:0f:6f:c1:9f:5a:cd:76:2f:91:67:71:89:a4:
7e:d9:53:5a:08:a1:13:60:a9:b5:70:be:73:12:a5:
d7:1e:f9:2d:22:96:6a:2f:8f:4d:83:fa:0b:a6:f4:
2b:3c:71:16:d5:8d:f8:78:13:71:bb:24:1e:b2:50:
ae:bf:9d:8f:06:1a:ac:08:b0:53:36:43:72:ea:21:
55:2d:5a:da:1f:df:d2:de:94:4b:57:b6:a7:85:b6:
02:f7:c9:ed:61:b3:1e:2c:5e:7e:60:2d:c4:8e:8f:
78:06:40:28:e1:cd:e6:09:12:61:49:fe:1e:54:f7:
d4:98:65:65:33:26:f1:3a:ad:23:ab:5e:74:73:b2:
60:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:EC:9E:13:2D:7D:6D:A6:D1:74:EF:5C:34:5A:55:29:C6:92:6D:F0
X509v3 Authority Key Identifier:
keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/87F433B2234C11EBA94AE637C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.192.0/24
113.203.194.0/24
113.203.196.0/22
118.103.224.0/23
IPv6:
2406:d00:ee00::-2406:d00:ee06:ffff:ffff:ffff:ffff:ffff
2406:d00:ee0a::-2406:d00:ee0f:ffff:ffff:ffff:ffff:ffff
2406:d00:ee55::/48
Signature Algorithm: sha256WithRSAEncryption
11:f6:48:5e:06:da:c7:e8:5f:5f:92:51:78:c6:89:99:c1:15:
23:ea:85:76:36:2d:6b:17:ea:b6:9a:8e:df:b1:3d:b6:cd:a0:
d3:bd:05:ba:a8:16:16:1e:73:57:b5:4e:cf:d6:0f:16:21:2a:
58:4a:92:09:86:23:55:dc:c1:3b:aa:d5:b3:94:da:5e:6f:ae:
24:1e:fd:da:86:15:f4:24:8d:af:56:8d:3a:2f:7c:78:28:75:
b8:0f:1f:a8:00:0d:93:13:05:45:bd:4f:cb:70:92:39:e9:09:
0a:cc:fe:7b:b3:87:69:4a:9f:a9:ce:f1:91:95:12:e6:dd:b3:
98:97:e6:b8:74:54:db:b2:ba:b5:6e:00:c2:a3:6d:6a:28:9f:
f9:cd:0c:97:0b:a5:a1:f1:c2:89:44:29:7a:58:d1:70:72:35:
c2:bd:e8:8a:e8:a7:d3:0d:4f:38:1a:55:92:71:1d:d2:65:3c:
4c:41:10:46:ee:0a:a3:fc:2d:cf:ad:6d:60:46:f8:34:61:39:
6b:03:42:d8:78:6c:12:4c:c5:2c:fc:f3:31:6b:b7:a3:74:f7:
ba:8b:df:61:ec:7d:ce:db:89:3b:c8:05:1f:fb:5b:da:2b:b7:
43:d7:34:fe:6f:f6:42:62:77:a3:69:99:2b:0c:0d:b4:c8:d4:
41:b5:56:b7
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgICHWIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB
ODEzOTYwM0EwHhcNMjUwODA5MTEyNTU5WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODk3MzA0Ni0yYWJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtBoxSwmyNj/K8CPzVdLH3duNxXAVA1uBh6RmscumPh4IIE4kmqZYtP//3oY1
fQKXB7A9/x/NXZD8A8nXNgXWlNgMILUfo3984bjTo3ZT/mGPiJCXuxpycqIAb8X7
/agVDf9kZa/I9VkLwvPfVK3RLWILh5q79+7d+Q9vwZ9azXYvkWdxiaR+2VNaCKET
YKm1cL5zEqXXHvktIpZqL49Ng/oLpvQrPHEW1Y34eBNxuyQeslCuv52PBhqsCLBT
NkNy6iFVLVraH9/S3pRLV7anhbYC98ntYbMeLF5+YC3Ejo94BkAo4c3mCRJhSf4e
VPfUmGVlMybxOq0jq150c7JgywIDAQABo4IC3zCCAtswHQYDVR0OBBYEFK3snhMt
fW2m0XTvXDRaVSnGkm3wMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx
RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ
RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0E4NEEvMTgwNTE5MUFFMUVGMTFFNjlEMzY1MDFCQzRGOUFFMDIvODdGNDMzQjIy
MzRDMTFFQkE5NEFFNjM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwaQYIKwYBBQUHAQcBAf8E
WjBYMB4EAgABMBgDBABxy8ADBABxy8IDBAJxy8QDBAF2Z+AwNgQCAAIwMDARAwYB
JAYNAO4DBwAkBg0A7gYwEgMHASQGDQDuCgMHBCQGDQDuAAMHACQGDQDuVTANBgkq
hkiG9w0BAQsFAAOCAQEAEfZIXgbax+hfX5JReMaJmcEVI+qFdjYtaxfqtpqO37E9
ts2g070FuqgWFh5zV7VOz9YPFiEqWEqSCYYjVdzBO6rVs5TaXm+uJB792oYV9CSN
r1aNOi98eCh1uA8fqAANkxMFRb1Py3CSOekJCsz+e7OHaUqfqc7xkZUS5t2zmJfm
uHRU27K6tW4AwqNtaiif+c0MlwulofHCiUQpeljRcHI1wr3oiuin0w1POBpVknEd
0mU8TEEQRu4Ko/wtz61tYEb4NGE5awNC2HhsEkzFLPzzMWu3o3T3uovfYex9ztuJ
O8gFH/tb2iu3Q9c0/m/2QmJ3o2mZKwwNtMjUQbVWtw==
-----END CERTIFICATE-----
Generated at Sun Aug 10 18:29:22 2025 by rpki-client