Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9181375/AED5831E1F0611EFA61ABA51C4F9AE02/A51B73A01F0711EFB7C30655C4F9AE02.roa
File: A51B73A01F0711EFB7C30655C4F9AE02.roa (raw, json)
Hash identifier: fl+IoRPDWf9s2ZcrS7/FMHfvwNKoBXCzQH5GQ7VA1jM=
Subject key identifier: 67:50:D0:61:E6:16:87:1E:8D:12:7B:D3:89:43:0E:97:C4:77:7D:52
Certificate issuer: /CN=A9181375/serialNumber=8DCDE52B9B8B0522BE26713A41865670A61EE86D
Certificate serial: CB
Authority key identifier: 8D:CD:E5:2B:9B:8B:05:22:BE:26:71:3A:41:86:56:70:A6:1E:E8:6D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jc3lK5uLBSK-JnE6QYZWcKYe6G0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9181375/AED5831E1F0611EFA61ABA51C4F9AE02/A51B73A01F0711EFB7C30655C4F9AE02.roa
Signing time: Mon 02 Jun 2025 09:11:36 +0000
ROA not before: Mon 02 Jun 2025 09:11:36 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 45701
IP address blocks: 43.224.168.0/24 maxlen: 24
43.224.169.0/24 maxlen: 24
43.224.170.0/24 maxlen: 24
43.224.171.0/24 maxlen: 24
59.153.128.0/24 maxlen: 24
59.153.129.0/24 maxlen: 24
59.153.130.0/24 maxlen: 24
59.153.131.0/24 maxlen: 24
103.89.76.0/24 maxlen: 24
103.89.77.0/24 maxlen: 24
103.89.78.0/24 maxlen: 24
103.89.79.0/24 maxlen: 24
103.225.148.0/24 maxlen: 24
103.225.149.0/24 maxlen: 24
103.225.150.0/24 maxlen: 24
103.225.151.0/24 maxlen: 24
153.124.160.0/24 maxlen: 24
153.124.161.0/24 maxlen: 24
153.124.162.0/24 maxlen: 24
153.124.163.0/24 maxlen: 24
153.124.164.0/24 maxlen: 24
153.124.165.0/24 maxlen: 24
153.124.166.0/24 maxlen: 24
153.124.167.0/24 maxlen: 24
202.58.192.0/24 maxlen: 24
202.58.193.0/24 maxlen: 24
202.58.194.0/24 maxlen: 24
202.58.195.0/24 maxlen: 24
202.58.196.0/24 maxlen: 24
202.58.197.0/24 maxlen: 24
202.58.198.0/24 maxlen: 24
202.58.199.0/24 maxlen: 24
202.58.200.0/24 maxlen: 24
202.58.201.0/24 maxlen: 24
202.58.203.0/24 maxlen: 24
202.58.204.0/24 maxlen: 24
202.58.205.0/24 maxlen: 24
202.58.206.0/24 maxlen: 24
202.58.207.0/24 maxlen: 24
203.28.216.0/24 maxlen: 24
203.28.217.0/24 maxlen: 24
203.28.218.0/24 maxlen: 24
203.28.219.0/24 maxlen: 24
2001:df0:a900::/48 maxlen: 48
2402:2900::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9181375/AED5831E1F0611EFA61ABA51C4F9AE02/jc3lK5uLBSK-JnE6QYZWcKYe6G0.crl
rsync://rpki.apnic.net/member_repository/A9181375/AED5831E1F0611EFA61ABA51C4F9AE02/jc3lK5uLBSK-JnE6QYZWcKYe6G0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jc3lK5uLBSK-JnE6QYZWcKYe6G0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 28 Jun 2025 04:51:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 203 (0xcb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9181375, serialNumber=8DCDE52B9B8B0522BE26713A41865670A61EE86D
Validity
Not Before: Jun 2 09:11:36 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=683d6ac8-6703
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:62:f4:0d:e5:02:09:8e:94:f1:e6:c1:ea:79:
65:ce:bf:fb:36:55:af:e3:d8:18:0f:18:5c:ff:81:
f3:b2:36:b7:0e:7d:13:25:44:5b:d7:04:a9:c2:30:
f2:11:31:e6:fc:12:57:88:84:02:42:22:4e:aa:92:
93:3c:27:33:59:51:45:a2:3d:48:a8:1c:d5:e8:5f:
e2:dc:4d:74:3c:16:ec:ae:c3:d2:61:de:fc:e1:3d:
81:a3:d5:65:78:cf:51:05:da:28:13:dd:2a:21:fe:
16:d9:23:c3:28:f0:c1:3c:b4:4f:8c:cb:fc:e3:15:
1a:7e:8d:45:ec:0b:51:40:e1:36:d7:4d:98:b3:55:
f9:86:02:09:6a:fc:cc:a9:24:f6:0a:31:4b:3b:1b:
6b:02:ad:3d:85:b4:c2:1e:41:d5:cc:97:9d:be:f6:
2b:93:de:55:af:f6:1c:dd:07:17:3c:82:3e:a7:5a:
9a:e2:8f:e1:a1:f2:cd:54:6d:f2:a1:82:7f:28:a9:
3a:b1:55:e6:aa:1d:97:53:b1:5a:09:b9:08:9a:81:
33:99:67:4b:92:9a:4f:51:7d:42:2e:a8:65:9a:66:
98:d6:e2:c1:e3:7f:1e:db:42:bb:51:2a:c6:40:90:
66:d4:74:55:d4:0b:c0:0c:ad:b9:85:e0:da:1a:e3:
93:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:50:D0:61:E6:16:87:1E:8D:12:7B:D3:89:43:0E:97:C4:77:7D:52
X509v3 Authority Key Identifier:
keyid:8D:CD:E5:2B:9B:8B:05:22:BE:26:71:3A:41:86:56:70:A6:1E:E8:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9181375/AED5831E1F0611EFA61ABA51C4F9AE02/jc3lK5uLBSK-JnE6QYZWcKYe6G0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jc3lK5uLBSK-JnE6QYZWcKYe6G0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9181375/AED5831E1F0611EFA61ABA51C4F9AE02/A51B73A01F0711EFB7C30655C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.224.168.0/22
59.153.128.0/22
103.89.76.0/22
103.225.148.0/22
153.124.160.0/21
202.58.192.0-202.58.201.255
202.58.203.0-202.58.207.255
203.28.216.0/22
IPv6:
2001:df0:a900::/48
2402:2900::/32
Signature Algorithm: sha256WithRSAEncryption
31:9b:d5:4a:51:7e:2f:fd:9c:8b:41:04:eb:51:ca:eb:6e:f3:
ab:43:fe:38:48:6c:9c:09:2c:5a:e1:a7:f4:6e:ae:27:3e:a2:
cf:b1:e7:fb:39:b7:65:35:f9:7b:3b:e9:1a:c6:fc:46:39:7f:
aa:fb:db:f2:ac:02:ed:be:6f:7a:0c:ee:cf:a3:f4:8b:62:4c:
d4:94:8e:7d:30:a7:2a:cc:fe:41:80:d3:c0:3e:58:cc:ec:e6:
03:ce:92:d6:22:ec:f9:64:17:d3:43:e8:dd:df:44:39:77:95:
76:ac:24:16:73:a2:fe:2d:88:fb:11:5b:41:91:52:97:03:53:
72:f0:77:3b:05:e2:75:f7:23:ca:3e:a6:87:bb:6b:ff:18:b2:
f6:ae:b7:a2:11:0f:5c:d8:56:b5:5a:53:fd:8f:21:f7:60:70:
1d:2e:19:15:7e:a0:30:61:43:ac:e2:ff:ba:18:d1:ec:d8:14:
03:67:a3:5c:24:c7:f5:e4:26:79:1e:53:0e:82:a1:b5:0d:9d:
f0:ae:65:d5:5f:d5:79:d5:7a:f0:ea:cb:0a:15:db:58:55:09:
f6:4a:79:7f:64:b4:35:a6:62:d1:f5:e3:fe:dd:5e:cc:df:49:
4f:86:ce:cd:f1:30:8d:cb:8d:bd:7c:0a:47:de:74:d8:2d:83:
08:45:0e:6c
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgICAMswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODEzNzUxMTAvBgNVBAUTKDhEQ0RFNTJCOUI4QjA1MjJCRTI2NzEzQTQxODY1Njcw
QTYxRUU4NkQwHhcNMjUwNjAyMDkxMTM2WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODNkNmFjOC02NzAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxmL0DeUCCY6U8ebB6nllzr/7NlWv49gYDxhc/4Hzsja3Dn0TJURb1wSpwjDy
ETHm/BJXiIQCQiJOqpKTPCczWVFFoj1IqBzV6F/i3E10PBbsrsPSYd784T2Bo9Vl
eM9RBdooE90qIf4W2SPDKPDBPLRPjMv84xUafo1F7AtRQOE2102Ys1X5hgIJavzM
qST2CjFLOxtrAq09hbTCHkHVzJedvvYrk95Vr/Yc3QcXPII+p1qa4o/hofLNVG3y
oYJ/KKk6sVXmqh2XU7FaCbkImoEzmWdLkppPUX1CLqhlmmaY1uLB438e20K7USrG
QJBm1HRV1AvADK25heDaGuOT7QIDAQABo4IC5zCCAuMwHQYDVR0OBBYEFGdQ0GHm
FocejRJ704lDDpfEd31SMB8GA1UdIwQYMBaAFI3N5SubiwUiviZxOkGGVnCmHuht
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MTM3NS9BRUQ1ODMxRTFG
MDYxMUVGQTYxQUJBNTFDNEY5QUUwMi9qYzNsSzV1TEJTSy1KbkU2UVlaV2NLWWU2
RzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2pjM2xLNXVMQlNLLUpuRTZRWVpXY0tZZTZHMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODEzNzUvQUVENTgzMUUxRjA2MTFFRkE2MUFCQTUxQzRGOUFFMDIvQTUxQjczQTAx
RjA3MTFFRkI3QzMwNjU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcQYIKwYBBQUHAQcBAf8E
YjBgMEYEAgABMEADBAIr4KgDBAI7mYADBAJnWUwDBAJn4ZQDBAOZfKAwDAMEBso6
wAMEAco6yDAMAwQAyjrLAwQEyjrAAwQCyxzYMBYEAgACMBADBwAgAQ3wqQADBQAk
AikAMA0GCSqGSIb3DQEBCwUAA4IBAQAxm9VKUX4v/ZyLQQTrUcrrbvOrQ/44SGyc
CSxa4af0bq4nPqLPsef7ObdlNfl7O+kaxvxGOX+q+9vyrALtvm96DO7Po/SLYkzU
lI59MKcqzP5BgNPAPljM7OYDzpLWIuz5ZBfTQ+jd30Q5d5V2rCQWc6L+LYj7EVtB
kVKXA1Ny8Hc7BeJ19yPKPqaHu2v/GLL2rreiEQ9c2Fa1WlP9jyH3YHAdLhkVfqAw
YUOs4v+6GNHs2BQDZ6NcJMf15CZ5HlMOgqG1DZ3wrmXVX9V51Xrw6ssKFdtYVQn2
Snl/ZLQ1pmLR9eP+3V7M30lPhs7N8TCNy429fApH3nTYLYMIRQ5s
-----END CERTIFICATE-----
Generated at Sat Jun 21 17:31:48 2025 by rpki-client