Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/70F51BEE4B0D11EF94975151C4F9AE02.roa
File: 70F51BEE4B0D11EF94975151C4F9AE02.roa (raw, json)
Hash identifier: 5OJq3TQL6UcD1e0FTm6+f4tFRojNv3dxN2hOmwh/XMU=
Subject key identifier: D2:0C:B0:AC:4C:BB:55:E0:0B:98:2E:25:51:C0:92:02:39:07:6D:31
Certificate issuer: /CN=A9199197/serialNumber=6835DDFB8438D24BB6C5979316E54891066090A7
Certificate serial: 08AD
Authority key identifier: 68:35:DD:FB:84:38:D2:4B:B6:C5:97:93:16:E5:48:91:06:60:90:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aDXd-4Q40ku2xZeTFuVIkQZgkKc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/70F51BEE4B0D11EF94975151C4F9AE02.roa
Signing time: Thu 12 Jun 2025 20:58:45 +0000
ROA not before: Thu 12 Jun 2025 20:58:45 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 45609
IP address blocks: 27.56.0.0/13 maxlen: 24
103.235.8.0/22 maxlen: 24
106.192.0.0/11 maxlen: 24
110.224.0.0/14 maxlen: 24
117.96.0.0/17 maxlen: 22
117.96.0.0/18 maxlen: 24
117.96.64.0/19 maxlen: 24
117.96.96.0/20 maxlen: 24
117.96.112.0/21 maxlen: 24
117.96.120.0/22 maxlen: 24
117.96.124.0/23 maxlen: 23
117.96.128.0/20 maxlen: 24
117.96.144.0/21 maxlen: 24
117.96.153.0/24 maxlen: 24
117.96.154.0/24 maxlen: 24
117.96.160.0/20 maxlen: 24
117.96.176.0/20 maxlen: 24
117.97.0.0/17 maxlen: 19
117.97.0.0/18 maxlen: 24
117.97.64.0/19 maxlen: 20
117.97.64.0/20 maxlen: 24
117.97.80.0/21 maxlen: 21
117.97.80.0/22 maxlen: 24
117.97.91.0/24 maxlen: 24
117.97.92.0/24 maxlen: 24
117.97.93.0/24 maxlen: 24
117.97.94.0/24 maxlen: 24
117.97.128.0/17 maxlen: 24
117.98.0.0/17 maxlen: 24
150.129.212.0/22 maxlen: 24
223.176.0.0/12 maxlen: 24
223.224.32.0/19 maxlen: 24
223.224.64.0/18 maxlen: 24
223.224.128.0/17 maxlen: 24
223.225.0.0/16 maxlen: 24
223.226.0.0/15 maxlen: 24
223.228.0.0/14 maxlen: 24
223.232.0.0/13 maxlen: 24
2401:4900:800::/37 maxlen: 48
2401:4900:1000::/37 maxlen: 48
2401:4900:1800::/37 maxlen: 48
2401:4900:2000::/37 maxlen: 48
2401:4900:2800::/37 maxlen: 48
2401:4900:3000::/37 maxlen: 48
2401:4900:3800::/37 maxlen: 48
2401:4900:4000::/37 maxlen: 48
2401:4900:4800::/37 maxlen: 48
2401:4900:5000::/37 maxlen: 48
2401:4900:5800::/37 maxlen: 48
2401:4900:6000::/37 maxlen: 48
2401:4900:7000::/37 maxlen: 48
2401:4900:7800::/37 maxlen: 48
2401:4900:8000::/37 maxlen: 48
2401:4900:9000::/37 maxlen: 48
2401:4900:a000::/37 maxlen: 48
2401:4900:a800::/37 maxlen: 44
2401:4900:b000::/37 maxlen: 48
2401:4900:b800::/37 maxlen: 48
2401:4900:c000::/37 maxlen: 48
2401:4900:c800::/37 maxlen: 48
2401:4900:d000::/37 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/aDXd-4Q40ku2xZeTFuVIkQZgkKc.crl
rsync://rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/aDXd-4Q40ku2xZeTFuVIkQZgkKc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aDXd-4Q40ku2xZeTFuVIkQZgkKc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 25 Jun 2025 20:54:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2221 (0x8ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9199197, serialNumber=6835DDFB8438D24BB6C5979316E54891066090A7
Validity
Not Before: Jun 12 20:58:45 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=684b3f84-118a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:f6:08:94:9c:15:4a:2b:40:7f:a6:b7:09:b2:
b1:1e:77:26:13:65:68:e8:55:ad:3f:0a:08:3d:d3:
47:57:fa:e9:82:e2:fe:06:7f:86:26:b4:b9:fb:7c:
26:32:40:45:48:08:4b:df:8e:dc:f0:73:60:fc:2d:
c8:dd:ef:c1:a5:a6:b8:40:66:26:43:bf:5e:88:03:
50:a9:95:d1:95:9c:f4:da:f0:56:9c:0f:0f:a0:66:
15:69:fe:98:90:26:92:9c:a6:79:fd:c2:ca:bd:c5:
95:d3:d7:e2:33:25:46:c5:14:6d:83:8e:17:5f:ad:
cc:a5:3b:90:d8:e9:c9:b5:16:a7:d5:c0:22:73:74:
00:3d:51:04:f6:a6:94:ff:81:e9:4b:13:27:b5:e2:
eb:e2:ca:0f:ef:64:fa:eb:a3:2d:fa:59:97:b2:13:
9a:13:29:3e:c9:56:aa:b1:7c:57:68:98:0b:b6:1f:
e0:ca:1e:e6:45:92:1a:be:94:b4:dd:c1:66:85:67:
91:d4:18:4d:42:c3:c2:4c:65:f7:f3:5a:19:65:37:
28:a1:55:15:05:d7:2f:3b:e6:34:3a:f8:f7:b2:f8:
2f:83:5e:26:55:ed:7c:13:4e:9c:10:88:93:0b:e0:
3b:42:32:58:35:3a:13:9f:99:4c:8c:3c:2f:c5:ef:
9d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:0C:B0:AC:4C:BB:55:E0:0B:98:2E:25:51:C0:92:02:39:07:6D:31
X509v3 Authority Key Identifier:
keyid:68:35:DD:FB:84:38:D2:4B:B6:C5:97:93:16:E5:48:91:06:60:90:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/aDXd-4Q40ku2xZeTFuVIkQZgkKc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aDXd-4Q40ku2xZeTFuVIkQZgkKc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/70F51BEE4B0D11EF94975151C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.56.0.0/13
103.235.8.0/22
106.192.0.0/11
110.224.0.0/14
117.96.0.0-117.96.151.255
117.96.153.0-117.96.154.255
117.96.160.0/19
117.97.0.0-117.98.127.255
150.129.212.0/22
223.176.0.0/12
223.224.32.0-223.239.255.255
IPv6:
2401:4900:800::-2401:4900:67ff:ffff:ffff:ffff:ffff:ffff
2401:4900:7000::-2401:4900:87ff:ffff:ffff:ffff:ffff:ffff
2401:4900:9000::/37
2401:4900:a000::-2401:4900:d7ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
06:86:55:3c:67:72:03:ae:67:22:2e:5b:46:23:f7:d7:38:c4:
b6:bc:96:fb:73:c3:0d:cb:59:cb:fe:c1:3f:04:28:6d:d5:92:
a9:47:91:c3:ab:1f:c1:60:a9:7e:f7:8f:f1:25:03:ee:06:9a:
a2:59:b4:a2:d7:98:33:84:1e:da:5d:63:29:6e:89:f0:0a:16:
7e:14:66:76:42:73:22:7e:8b:27:f3:e3:19:9a:65:2b:e3:40:
8b:26:3a:c1:d6:d5:bf:89:66:57:4c:1e:7f:c4:e4:68:e9:79:
1a:c0:fd:25:c1:d7:69:87:fb:c9:c4:20:da:c0:83:e6:d2:a2:
a8:b7:cf:90:6d:ea:05:77:d7:e2:ae:86:fd:18:64:8c:2e:39:
42:94:bd:1f:bd:fa:be:0b:80:90:5b:0c:d3:d1:07:b5:b3:34:
9f:74:6e:ea:0a:4d:c2:ff:ba:37:b0:22:2d:fd:da:37:28:49:
0a:66:97:f0:08:2f:2c:70:cd:60:74:a1:8e:9c:12:ca:ce:d5:
31:70:78:d8:19:ef:4c:d4:cc:4e:09:12:08:40:94:21:dc:4c:
01:f3:c0:d6:c2:a9:1c:af:4e:88:98:6a:ee:82:3f:4e:ce:3b:
2b:6d:e9:d8:69:f1:27:a9:59:2f:f1:73:3a:b0:28:95:a5:8b:
fb:31:d7:77
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgICCK0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTkxOTcxMTAvBgNVBAUTKDY4MzVEREZCODQzOEQyNEJCNkM1OTc5MzE2RTU0ODkx
MDY2MDkwQTcwHhcNMjUwNjEyMjA1ODQ1WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODRiM2Y4NC0xMThhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3fYIlJwVSitAf6a3CbKxHncmE2Vo6FWtPwoIPdNHV/rpguL+Bn+GJrS5+3wm
MkBFSAhL347c8HNg/C3I3e/Bpaa4QGYmQ79eiANQqZXRlZz02vBWnA8PoGYVaf6Y
kCaSnKZ5/cLKvcWV09fiMyVGxRRtg44XX63MpTuQ2OnJtRan1cAic3QAPVEE9qaU
/4HpSxMnteLr4soP72T666Mt+lmXshOaEyk+yVaqsXxXaJgLth/gyh7mRZIavpS0
3cFmhWeR1BhNQsPCTGX381oZZTcooVUVBdcvO+Y0Ovj3svgvg14mVe18E06cEIiT
C+A7QjJYNToTn5lMjDwvxe+dnwIDAQABo4IDMzCCAy8wHQYDVR0OBBYEFNIMsKxM
u1XgC5guJVHAkgI5B20xMB8GA1UdIwQYMBaAFGg13fuEONJLtsWXkxblSJEGYJCn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTE5Ny84NEIyRUM5OEYy
N0QxMUVBOTQ1NkVFNjBDNEY5QUUwMi9hRFhkLTRRNDBrdTJ4WmVURnVWSWtRWmdr
S2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FEWGQtNFE0MGt1MnhaZVRGdVZJa1FaZ2tLYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTkxOTcvODRCMkVDOThGMjdEMTFFQTk0NTZFRTYwQzRGOUFFMDIvNzBGNTFCRUU0
QjBEMTFFRjk0OTc1MTUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbwGCCsGAQUFBwEHAQH/
BIGsMIGpMGEEAgABMFsDAwMbOAMEAmfrCAMDBWrAAwMCbuAwCwMDBXVgAwQDdWCQ
MAwDBAB1YJkDBAB1YJoDBAV1YKAwCwMDAHVhAwQHdWIAAwQCloHUAwME37AwCwME
Bd/gIAMDBN/gMEQEAgACMD4wEAMGAyQBSQAIAwYDJAFJAGAwEAMGBCQBSQBwAwYD
JAFJAIADBgMkAUkAkDAQAwYFJAFJAKADBgMkAUkA0DANBgkqhkiG9w0BAQsFAAOC
AQEABoZVPGdyA65nIi5bRiP31zjEtryW+3PDDctZy/7BPwQobdWSqUeRw6sfwWCp
fveP8SUD7gaaolm0oteYM4Qe2l1jKW6J8AoWfhRmdkJzIn6LJ/PjGZplK+NAiyY6
wdbVv4lmV0wef8TkaOl5GsD9JcHXaYf7ycQg2sCD5tKiqLfPkG3qBXfX4q6G/Rhk
jC45QpS9H736vguAkFsM09EHtbM0n3Ru6gpNwv+6N7AiLf3aNyhJCmaX8AgvLHDN
YHShjpwSys7VMXB42BnvTNTMTgkSCECUIdxMAfPA1sKpHK9OiJhq7oI/Ts47K23p
2GnxJ6lZL/FzOrAolaWL+zHXdw==
-----END CERTIFICATE-----
Generated at Fri Jun 20 07:50:53 2025 by rpki-client