Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/6CF60CB6785811E99A6E965AC4F9AE02.roa
File: 6CF60CB6785811E99A6E965AC4F9AE02.roa (raw, json)
Hash identifier: YyptlnV8Kncn2OsfGo3yGW3ikSl+iB4x9XPnDfMD5wE=
Subject key identifier: 83:D8:54:22:B9:6F:03:1E:55:27:FF:2B:D5:8F:8E:4F:01:AB:64:09
Certificate issuer: /CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Certificate serial: 368E
Authority key identifier: F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/6CF60CB6785811E99A6E965AC4F9AE02.roa
Signing time: Sat 02 Aug 2025 15:52:49 +0000
ROA not before: Sat 02 Aug 2025 15:52:49 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 135478
IP address blocks: 45.126.80.0/23 maxlen: 23
45.126.82.0/23 maxlen: 23
45.126.82.0/24 maxlen: 24
101.128.64.0/22 maxlen: 22
101.128.64.0/24 maxlen: 24
101.128.65.0/24 maxlen: 24
101.128.67.0/24 maxlen: 24
101.128.68.0/22 maxlen: 22
101.128.68.0/24 maxlen: 24
101.128.72.0/22 maxlen: 22
101.128.72.0/24 maxlen: 24
101.128.76.0/22 maxlen: 22
101.128.76.0/24 maxlen: 24
101.128.80.0/22 maxlen: 22
101.128.80.0/24 maxlen: 24
101.128.84.0/22 maxlen: 22
101.128.84.0/24 maxlen: 24
101.128.88.0/22 maxlen: 22
101.128.88.0/24 maxlen: 24
101.128.92.0/22 maxlen: 22
101.128.92.0/24 maxlen: 24
101.128.96.0/22 maxlen: 22
101.128.96.0/24 maxlen: 24
101.128.100.0/22 maxlen: 22
101.128.100.0/24 maxlen: 24
101.128.104.0/22 maxlen: 22
101.128.104.0/24 maxlen: 24
101.128.112.0/22 maxlen: 22
101.128.112.0/24 maxlen: 24
101.128.116.0/22 maxlen: 22
101.128.116.0/24 maxlen: 24
101.128.120.0/22 maxlen: 22
101.128.120.0/24 maxlen: 24
101.128.124.0/22 maxlen: 22
101.128.124.0/24 maxlen: 24
175.158.36.0/22 maxlen: 22
175.158.36.0/24 maxlen: 24
175.158.40.0/22 maxlen: 22
175.158.40.0/24 maxlen: 24
175.158.44.0/22 maxlen: 22
175.158.44.0/24 maxlen: 24
175.158.48.0/22 maxlen: 22
175.158.48.0/24 maxlen: 24
175.158.52.0/22 maxlen: 22
175.158.52.0/24 maxlen: 24
175.158.56.0/22 maxlen: 22
175.158.56.0/24 maxlen: 24
175.158.60.0/22 maxlen: 22
2405:8180::/32 maxlen: 32
2405:8180::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13966 (0x368e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186214, serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Validity
Not Before: Aug 2 15:52:49 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=688e3451-e5cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:2f:d8:75:2f:4e:ff:72:2e:96:99:55:09:b3:
5d:57:7c:23:62:e5:c9:e5:61:d0:76:b4:c5:94:29:
34:cf:d4:49:85:4c:50:22:f0:0a:de:b7:56:64:53:
8c:49:c3:0d:af:6d:f2:90:bb:a4:71:50:6a:cf:c6:
5c:24:85:be:9f:56:aa:8c:bd:1a:5e:f2:be:ff:e3:
9b:f5:62:c6:4c:0a:a5:9e:f5:05:04:d8:c8:ba:49:
02:d9:6f:4e:23:6d:4e:6f:40:b5:90:e2:43:6c:86:
31:51:39:7a:4e:e9:94:74:d8:13:65:48:40:37:d8:
7b:15:99:dd:94:c0:4b:82:96:51:3e:db:1d:22:65:
d7:47:21:00:15:28:33:12:80:02:ed:0e:fa:57:29:
d9:dd:23:34:7a:b7:61:5d:9f:28:91:fe:8c:63:e9:
dc:2b:32:33:30:b6:a1:d6:6f:f2:56:c0:19:09:cf:
ce:2a:cf:10:86:fa:97:6e:df:11:e8:f3:1e:20:4e:
bb:1f:f9:91:df:3f:10:4f:84:87:e3:6e:c6:66:a2:
f2:d0:a7:92:7d:f1:32:a7:ce:79:d1:dd:02:b8:7f:
3f:ec:d6:c5:cc:3f:d7:a5:18:60:93:57:01:e5:eb:
b9:fc:92:0d:12:d8:8d:aa:d2:a2:52:e3:c2:5e:78:
34:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:D8:54:22:B9:6F:03:1E:55:27:FF:2B:D5:8F:8E:4F:01:AB:64:09
X509v3 Authority Key Identifier:
keyid:F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/6CF60CB6785811E99A6E965AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.126.80.0/22
101.128.64.0-101.128.107.255
101.128.112.0/20
175.158.36.0-175.158.63.255
IPv6:
2405:8180::/32
Signature Algorithm: sha256WithRSAEncryption
47:f0:cb:b4:1e:3f:5d:d0:8f:5f:57:8b:77:68:21:5f:60:57:
05:00:cb:12:1e:c6:74:f3:3b:eb:64:c9:ea:b9:c1:00:ff:17:
b2:21:a3:a1:be:66:06:77:0f:1b:4b:d1:f1:55:c9:f8:9d:6a:
05:2d:e9:e0:bd:e4:b2:25:de:5c:87:cd:30:27:61:b6:a3:b1:
03:b6:43:75:21:c2:4d:e4:2d:8a:a4:d6:f3:41:2d:4d:9f:68:
91:04:d0:85:99:bd:a1:a4:52:81:7d:48:56:28:29:a2:ce:ba:
ff:e7:55:48:e2:94:2f:25:e5:db:d7:2e:c4:0c:2f:3d:8e:91:
69:29:bc:34:ee:07:83:c0:29:a1:4b:a6:12:c7:e4:6b:d4:22:
64:ba:91:76:ad:ff:f5:8a:6b:04:14:57:fe:5f:c2:c2:1a:c2:
76:e5:da:7d:b4:db:27:76:8e:a6:fa:39:9f:17:ff:81:4a:ac:
19:74:5c:40:6f:78:32:a8:7c:1a:0c:df:18:14:c1:5a:45:f4:
c9:5f:8e:2f:3f:8f:ea:23:5f:66:e2:c9:de:69:5d:e4:09:23:
c6:c5:0c:28:41:d7:f5:3f:5c:ad:26:96:fe:cc:f1:df:63:59:
92:8e:1a:59:f1:2c:b0:ea:7c:8f:12:f5:f6:a4:a2:ef:43:4d:
62:90:a0:2b
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgICNo4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODYyMTQxMTAvBgNVBAUTKEYzREI5RjE2MjAwOEJENjY2Q0JGOEM5OTYwNzgxNENG
QUIyNEQ3RTcwHhcNMjUwODAyMTU1MjQ5WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODhlMzQ1MS1lNWNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoS/YdS9O/3IulplVCbNdV3wjYuXJ5WHQdrTFlCk0z9RJhUxQIvAK3rdWZFOM
ScMNr23ykLukcVBqz8ZcJIW+n1aqjL0aXvK+/+Ob9WLGTAqlnvUFBNjIukkC2W9O
I21Ob0C1kOJDbIYxUTl6TumUdNgTZUhAN9h7FZndlMBLgpZRPtsdImXXRyEAFSgz
EoAC7Q76VynZ3SM0erdhXZ8okf6MY+ncKzIzMLah1m/yVsAZCc/OKs8QhvqXbt8R
6PMeIE67H/mR3z8QT4SH427GZqLy0KeSffEyp8550d0CuH8/7NbFzD/XpRhgk1cB
5eu5/JINEtiNqtKiUuPCXng0AwIDAQABo4ICxjCCAsIwHQYDVR0OBBYEFIPYVCK5
bwMeVSf/K9WPjk8Bq2QJMB8GA1UdIwQYMBaAFPPbnxYgCL1mbL+MmWB4FM+rJNfn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjIxNC9DNjVENTM2NDMz
MUExMUU0QUYyQUIzN0NDNEY5QUUwMi84OXVmRmlBSXZXWnN2NHlaWUhnVXo2c2sx
LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg5dWZGaUFJdldac3Y0eVpZSGdVejZzazEtYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODYyMTQvQzY1RDUzNjQzMzFBMTFFNEFGMkFCMzdDQzRGOUFFMDIvNkNGNjBDQjY3
ODU4MTFFOTlBNkU5NjVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUAYIKwYBBQUHAQcBAf8E
QTA/MC4EAgABMCgDBAItflAwDAMEBmWAQAMEAmWAaAMEBGWAcDAMAwQCr54kAwQG
r54AMA0EAgACMAcDBQAkBYGAMA0GCSqGSIb3DQEBCwUAA4IBAQBH8Mu0Hj9d0I9f
V4t3aCFfYFcFAMsSHsZ08zvrZMnqucEA/xeyIaOhvmYGdw8bS9HxVcn4nWoFLeng
veSyJd5ch80wJ2G2o7EDtkN1IcJN5C2KpNbzQS1Nn2iRBNCFmb2hpFKBfUhWKCmi
zrr/51VI4pQvJeXb1y7EDC89jpFpKbw07geDwCmhS6YSx+Rr1CJkupF2rf/1imsE
FFf+X8LCGsJ25dp9tNsndo6m+jmfF/+BSqwZdFxAb3gyqHwaDN8YFMFaRfTJX44v
P4/qI19m4sneaV3kCSPGxQwoQdf1P1ytJpb+zPHfY1mSjhpZ8Syw6nyPEvX2pKLv
Q01ikKAr
-----END CERTIFICATE-----
Generated at Sat Aug 9 02:48:43 2025 by rpki-client