Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/DF70A63C6BF111F0A9181236C4F9AE02.roa
File: DF70A63C6BF111F0A9181236C4F9AE02.roa (raw, json)
Hash identifier: q7i3CsKTp0yL6iYZiFHlx/5hnnt+XvM120dMmxFLBaI=
Subject key identifier: D5:99:54:F8:AF:DD:E3:A8:52:D3:E0:4A:1E:6F:AC:E0:B7:CA:E5:37
Certificate issuer: /CN=A9186E8A/serialNumber=BDD5E9A76F1AC4C8E51797ECE99E3DCEECEE7493
Certificate serial: 0800
Authority key identifier: BD:D5:E9:A7:6F:1A:C4:C8:E5:17:97:EC:E9:9E:3D:CE:EC:EE:74:93
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vdXpp28axMjlF5fs6Z49zuzudJM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/DF70A63C6BF111F0A9181236C4F9AE02.roa
Signing time: Sat 02 Aug 2025 12:15:13 +0000
ROA not before: Sat 02 Aug 2025 12:15:13 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 135377
IP address blocks: 152.32.128.0/24 maxlen: 24
152.32.129.0/24 maxlen: 24
152.32.130.0/24 maxlen: 24
152.32.131.0/24 maxlen: 24
152.32.132.0/24 maxlen: 24
152.32.133.0/24 maxlen: 24
152.32.134.0/24 maxlen: 24
152.32.135.0/24 maxlen: 24
152.32.136.0/24 maxlen: 24
152.32.137.0/24 maxlen: 24
152.32.138.0/24 maxlen: 24
152.32.139.0/24 maxlen: 24
152.32.140.0/24 maxlen: 24
152.32.141.0/24 maxlen: 24
152.32.142.0/24 maxlen: 24
152.32.143.0/24 maxlen: 24
152.32.144.0/24 maxlen: 24
152.32.145.0/24 maxlen: 24
152.32.146.0/24 maxlen: 24
152.32.147.0/24 maxlen: 24
152.32.148.0/24 maxlen: 24
152.32.149.0/24 maxlen: 24
152.32.150.0/24 maxlen: 24
152.32.151.0/24 maxlen: 24
152.32.152.0/24 maxlen: 24
152.32.153.0/24 maxlen: 24
152.32.154.0/24 maxlen: 24
152.32.155.0/24 maxlen: 24
152.32.156.0/24 maxlen: 24
152.32.157.0/24 maxlen: 24
152.32.158.0/24 maxlen: 24
152.32.159.0/24 maxlen: 24
152.32.160.0/24 maxlen: 24
152.32.161.0/24 maxlen: 24
152.32.162.0/24 maxlen: 24
152.32.163.0/24 maxlen: 24
152.32.164.0/24 maxlen: 24
152.32.165.0/24 maxlen: 24
152.32.166.0/24 maxlen: 24
152.32.167.0/24 maxlen: 24
152.32.168.0/24 maxlen: 24
152.32.169.0/24 maxlen: 24
152.32.170.0/24 maxlen: 24
152.32.171.0/24 maxlen: 24
152.32.172.0/24 maxlen: 24
152.32.173.0/24 maxlen: 24
152.32.174.0/24 maxlen: 24
152.32.175.0/24 maxlen: 24
152.32.176.0/24 maxlen: 24
152.32.177.0/24 maxlen: 24
152.32.178.0/24 maxlen: 24
152.32.179.0/24 maxlen: 24
152.32.180.0/24 maxlen: 24
152.32.181.0/24 maxlen: 24
152.32.182.0/24 maxlen: 24
152.32.183.0/24 maxlen: 24
152.32.184.0/24 maxlen: 24
152.32.185.0/24 maxlen: 24
152.32.186.0/24 maxlen: 24
152.32.187.0/24 maxlen: 24
152.32.188.0/24 maxlen: 24
152.32.189.0/24 maxlen: 24
152.32.190.0/24 maxlen: 24
152.32.191.0/24 maxlen: 24
152.32.192.0/24 maxlen: 24
152.32.193.0/24 maxlen: 24
152.32.194.0/24 maxlen: 24
152.32.195.0/24 maxlen: 24
152.32.196.0/24 maxlen: 24
152.32.197.0/24 maxlen: 24
152.32.198.0/24 maxlen: 24
152.32.199.0/24 maxlen: 24
152.32.200.0/24 maxlen: 24
152.32.201.0/24 maxlen: 24
152.32.202.0/24 maxlen: 24
152.32.203.0/24 maxlen: 24
152.32.204.0/24 maxlen: 24
152.32.205.0/24 maxlen: 24
152.32.206.0/24 maxlen: 24
152.32.207.0/24 maxlen: 24
152.32.208.0/24 maxlen: 24
152.32.209.0/24 maxlen: 24
152.32.210.0/24 maxlen: 24
152.32.211.0/24 maxlen: 24
152.32.212.0/24 maxlen: 24
152.32.213.0/24 maxlen: 24
152.32.214.0/24 maxlen: 24
152.32.215.0/24 maxlen: 24
152.32.216.0/24 maxlen: 24
152.32.217.0/24 maxlen: 24
152.32.218.0/24 maxlen: 24
152.32.219.0/24 maxlen: 24
152.32.220.0/24 maxlen: 24
152.32.221.0/24 maxlen: 24
152.32.222.0/24 maxlen: 24
152.32.223.0/24 maxlen: 24
152.32.224.0/24 maxlen: 24
152.32.225.0/24 maxlen: 24
152.32.226.0/24 maxlen: 24
152.32.227.0/24 maxlen: 24
152.32.228.0/24 maxlen: 24
152.32.229.0/24 maxlen: 24
152.32.230.0/24 maxlen: 24
152.32.231.0/24 maxlen: 24
152.32.232.0/24 maxlen: 24
152.32.233.0/24 maxlen: 24
152.32.234.0/24 maxlen: 24
152.32.235.0/24 maxlen: 24
152.32.236.0/24 maxlen: 24
152.32.237.0/24 maxlen: 24
152.32.238.0/24 maxlen: 24
152.32.239.0/24 maxlen: 24
152.32.240.0/24 maxlen: 24
152.32.241.0/24 maxlen: 24
152.32.242.0/24 maxlen: 24
152.32.243.0/24 maxlen: 24
152.32.244.0/24 maxlen: 24
152.32.245.0/24 maxlen: 24
152.32.246.0/24 maxlen: 24
152.32.247.0/24 maxlen: 24
152.32.248.0/24 maxlen: 24
152.32.249.0/24 maxlen: 24
152.32.250.0/24 maxlen: 24
152.32.251.0/24 maxlen: 24
152.32.252.0/24 maxlen: 24
152.32.253.0/24 maxlen: 24
152.32.254.0/24 maxlen: 24
152.32.255.0/24 maxlen: 24
165.154.0.0/17 maxlen: 24
165.154.128.0/18 maxlen: 24
165.154.218.0/23 maxlen: 24
165.154.220.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/vdXpp28axMjlF5fs6Z49zuzudJM.crl
rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/vdXpp28axMjlF5fs6Z49zuzudJM.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vdXpp28axMjlF5fs6Z49zuzudJM.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2048 (0x800)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186E8A, serialNumber=BDD5E9A76F1AC4C8E51797ECE99E3DCEECEE7493
Validity
Not Before: Aug 2 12:15:13 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=688e0151-1ce4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b4:b9:a4:47:ba:38:ef:b6:f7:8d:dd:a8:99:
f2:41:b1:db:f4:26:9d:99:8e:8c:be:72:c2:09:2a:
73:91:cb:00:ed:e9:f7:31:0d:08:a0:b1:ec:14:e4:
70:64:c8:69:1b:1a:f7:9b:af:0f:89:09:75:92:b0:
e4:2f:6f:c3:d6:37:ed:65:ae:b5:8c:42:57:b7:b2:
47:bd:a8:fe:51:ec:03:2a:80:3e:e1:2b:bf:21:56:
20:cd:b6:35:55:20:3c:40:f8:50:59:10:35:ea:a9:
79:7c:26:ae:1d:47:be:f7:6c:f2:67:70:da:fd:24:
dc:73:5a:fd:7e:3b:22:75:5c:21:73:94:cf:53:ff:
d0:02:31:29:a7:3e:98:23:12:62:a7:44:0b:36:e5:
31:06:3c:63:24:66:89:6a:3d:48:68:f2:af:ae:8a:
51:06:78:98:2c:eb:53:52:0c:1b:9a:44:6f:52:d4:
f8:06:e8:4f:24:a2:22:53:77:b3:1e:a7:03:00:a6:
0b:96:c6:55:2b:8c:98:4e:51:1b:0e:53:42:dc:79:
02:74:1b:f7:73:cc:f0:dc:ce:e0:4a:63:33:29:d4:
51:53:43:e4:99:7a:53:03:77:59:53:92:14:8c:44:
e9:66:15:24:a4:6c:89:20:64:e9:df:98:e1:30:02:
63:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:99:54:F8:AF:DD:E3:A8:52:D3:E0:4A:1E:6F:AC:E0:B7:CA:E5:37
X509v3 Authority Key Identifier:
keyid:BD:D5:E9:A7:6F:1A:C4:C8:E5:17:97:EC:E9:9E:3D:CE:EC:EE:74:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/vdXpp28axMjlF5fs6Z49zuzudJM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vdXpp28axMjlF5fs6Z49zuzudJM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/DF70A63C6BF111F0A9181236C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
152.32.128.0/17
165.154.0.0-165.154.191.255
165.154.218.0-165.154.223.255
Signature Algorithm: sha256WithRSAEncryption
75:2c:a6:4b:45:40:42:fe:96:68:eb:45:2d:7c:83:16:79:2e:
c5:4d:d9:9d:9b:f4:fc:17:73:c3:71:fc:7e:22:1c:54:f3:bd:
64:7b:34:2f:a4:d5:85:fd:66:c7:3d:39:82:7d:c1:da:6c:7a:
a5:77:84:21:77:ae:54:b1:9f:47:39:cc:10:61:a7:fc:17:e5:
db:6c:dc:86:2e:d1:67:ef:a8:27:a0:f7:82:7f:00:cb:f5:98:
0d:33:34:91:bf:6e:65:65:d3:e2:aa:a1:69:47:ef:c8:69:39:
19:b4:91:8b:31:e6:15:8e:ac:62:a5:01:32:21:d8:98:bc:1f:
76:1c:f2:79:24:e1:4f:6a:06:d0:3e:a2:98:70:71:e6:c2:0a:
04:d6:b7:74:63:5f:08:34:fa:3f:e9:70:bb:36:49:05:44:37:
a5:8b:95:d8:aa:9b:e8:b2:33:d9:77:bf:59:f4:3e:5c:33:36:
ac:73:60:fb:a3:5e:54:48:4c:d7:d1:b8:d2:84:46:0b:e6:ce:
0d:36:41:e6:41:ea:53:f3:8d:45:8a:b3:64:8c:06:5d:cf:55:
be:69:b3:96:29:d1:b3:29:93:95:02:36:88:b3:63:1e:2a:bc:
f3:9d:00:df:94:6d:d1:97:bf:ab:f5:f3:83:28:e9:bf:61:39:
0a:24:88:b2
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICCAAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODZFOEExMTAvBgNVBAUTKEJERDVFOUE3NkYxQUM0QzhFNTE3OTdFQ0U5OUUzRENF
RUNFRTc0OTMwHhcNMjUwODAyMTIxNTEzWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02ODhlMDE1MS0xY2U0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvbS5pEe6OO+2943dqJnyQbHb9CadmY6MvnLCCSpzkcsA7en3MQ0IoLHsFORw
ZMhpGxr3m68PiQl1krDkL2/D1jftZa61jEJXt7JHvaj+UewDKoA+4Su/IVYgzbY1
VSA8QPhQWRA16ql5fCauHUe+92zyZ3Da/STcc1r9fjsidVwhc5TPU//QAjEppz6Y
IxJip0QLNuUxBjxjJGaJaj1IaPKvropRBniYLOtTUgwbmkRvUtT4BuhPJKIiU3ez
HqcDAKYLlsZVK4yYTlEbDlNC3HkCdBv3c8zw3M7gSmMzKdRRU0PkmXpTA3dZU5IU
jETpZhUkpGyJIGTp35jhMAJjYwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFNWZVPiv
3eOoUtPgSh5vrOC3yuU3MB8GA1UdIwQYMBaAFL3V6advGsTI5ReX7OmePc7s7nST
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NkU4QS8zMTQ4REM5RTJE
RkYxMUVCODY4QTkxMzVDNEY5QUUwMi92ZFhwcDI4YXhNamxGNWZzNlo0OXp1enVk
Sk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3ZkWHBwMjhheE1qbEY1ZnM2WjQ5enV6dWRKTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODZFOEEvMzE0OERDOUUyREZGMTFFQjg2OEE5MTM1QzRGOUFFMDIvREY3MEE2M0M2
QkYxMTFGMEE5MTgxMjM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMCcEAgABMCEDBAeYIIAwCwMDAaWaAwQGpZqAMAwDBAGlmtoDBAWlmsAwDQYJ
KoZIhvcNAQELBQADggEBAHUspktFQEL+lmjrRS18gxZ5LsVN2Z2b9PwXc8Nx/H4i
HFTzvWR7NC+k1YX9Zsc9OYJ9wdpseqV3hCF3rlSxn0c5zBBhp/wX5dts3IYu0Wfv
qCeg94J/AMv1mA0zNJG/bmVl0+KqoWlH78hpORm0kYsx5hWOrGKlATIh2Ji8H3Yc
8nkk4U9qBtA+ophwcebCCgTWt3RjXwg0+j/pcLs2SQVEN6WLldiqm+iyM9l3v1n0
PlwzNqxzYPujXlRITNfRuNKERgvmzg02QeZB6lPzjUWKs2SMBl3PVb5ps5Yp0bMp
k5UCNoizYx4qvPOdAN+UbdGXv6v184Mo6b9hOQokiLI=
-----END CERTIFICATE-----
Generated at Sun Aug 10 19:00:28 2025 by rpki-client