Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/70F51BEE4B0D11EF94975151C4F9AE02.roa
File: 70F51BEE4B0D11EF94975151C4F9AE02.roa (raw, json)
Hash identifier: fAr1enb5w/370RjL/x8r/ZzPE+PyrRrXS5WPT3O+CnA=
Subject key identifier: 5F:1C:77:06:10:00:15:7C:51:CD:09:7B:CD:B4:CE:0D:FE:C3:10:64
Certificate issuer: /CN=A9199197/serialNumber=6835DDFB8438D24BB6C5979316E54891066090A7
Certificate serial: 088F
Authority key identifier: 68:35:DD:FB:84:38:D2:4B:B6:C5:97:93:16:E5:48:91:06:60:90:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aDXd-4Q40ku2xZeTFuVIkQZgkKc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/70F51BEE4B0D11EF94975151C4F9AE02.roa
Signing time: Wed 23 Apr 2025 05:30:31 +0000
ROA not before: Wed 23 Apr 2025 05:30:31 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 45609
IP address blocks: 27.56.0.0/13 maxlen: 24
103.235.8.0/22 maxlen: 24
106.192.0.0/11 maxlen: 24
110.224.0.0/14 maxlen: 24
117.96.0.0/17 maxlen: 22
117.96.0.0/18 maxlen: 24
117.96.64.0/19 maxlen: 24
117.96.96.0/20 maxlen: 24
117.96.112.0/21 maxlen: 24
117.96.120.0/22 maxlen: 24
117.96.124.0/23 maxlen: 23
117.96.128.0/20 maxlen: 24
117.96.144.0/21 maxlen: 24
117.96.153.0/24 maxlen: 24
117.96.154.0/24 maxlen: 24
117.96.160.0/20 maxlen: 24
117.96.176.0/20 maxlen: 24
117.97.0.0/17 maxlen: 19
117.97.0.0/18 maxlen: 24
117.97.64.0/19 maxlen: 20
117.97.64.0/20 maxlen: 24
117.97.80.0/21 maxlen: 21
117.97.80.0/22 maxlen: 24
117.97.91.0/24 maxlen: 24
117.97.92.0/24 maxlen: 24
117.97.93.0/24 maxlen: 24
117.97.94.0/24 maxlen: 24
117.97.128.0/17 maxlen: 24
117.98.0.0/17 maxlen: 24
150.129.212.0/22 maxlen: 24
223.176.0.0/12 maxlen: 24
223.224.32.0/19 maxlen: 24
223.224.64.0/18 maxlen: 24
223.224.128.0/17 maxlen: 24
223.225.0.0/16 maxlen: 24
223.226.0.0/15 maxlen: 24
223.228.0.0/14 maxlen: 24
223.232.0.0/13 maxlen: 24
2401:4900:800::/37 maxlen: 48
2401:4900:1000::/37 maxlen: 48
2401:4900:1800::/37 maxlen: 48
2401:4900:2000::/37 maxlen: 48
2401:4900:2800::/37 maxlen: 48
2401:4900:3000::/37 maxlen: 48
2401:4900:3800::/37 maxlen: 48
2401:4900:4000::/37 maxlen: 48
2401:4900:4800::/37 maxlen: 48
2401:4900:5000::/37 maxlen: 48
2401:4900:5800::/37 maxlen: 48
2401:4900:6000::/37 maxlen: 48
2401:4900:7000::/37 maxlen: 48
2401:4900:7800::/37 maxlen: 48
2401:4900:8000::/37 maxlen: 48
2401:4900:9000::/37 maxlen: 48
2401:4900:a000::/37 maxlen: 48
2401:4900:a800::/37 maxlen: 44
2401:4900:b000::/37 maxlen: 48
2401:4900:b800::/37 maxlen: 48
2401:4900:c000::/37 maxlen: 48
2401:4900:c800::/37 maxlen: 48
2401:4900:d000::/37 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/aDXd-4Q40ku2xZeTFuVIkQZgkKc.crl
rsync://rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/aDXd-4Q40ku2xZeTFuVIkQZgkKc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aDXd-4Q40ku2xZeTFuVIkQZgkKc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 01 May 2025 20:57:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2191 (0x88f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9199197, serialNumber=6835DDFB8438D24BB6C5979316E54891066090A7
Validity
Not Before: Apr 23 05:30:31 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=68087af7-6da1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5f:8e:a5:8e:2b:68:3e:72:3f:2d:b2:e9:08:
6b:02:fa:12:7e:96:41:54:51:99:19:98:83:a5:6f:
49:ca:b3:2c:4a:c8:c1:e4:df:4c:7c:2b:e2:0d:ec:
3b:14:03:a2:1b:02:cf:78:1a:e2:08:2b:4e:f2:0d:
2f:53:32:61:9f:be:6a:28:6f:27:d3:16:8e:9d:b6:
46:5d:8f:26:c9:f1:90:cf:e5:65:a6:08:95:0f:3c:
87:2f:0d:0e:92:ab:7c:5f:5e:e7:5f:17:7d:8d:32:
f4:53:77:f9:ab:47:a6:ad:f8:52:5f:bf:ba:4b:0e:
0f:b6:20:aa:75:0c:65:35:86:8a:c4:ff:ba:41:5f:
59:c1:05:38:fe:14:bc:bd:38:62:b3:72:bd:7a:f7:
b8:a7:37:1b:bf:72:92:12:33:30:9d:fc:0c:2b:9a:
71:95:dd:79:d9:79:9e:f8:52:69:83:d1:a2:39:38:
96:e2:1d:85:cd:64:c3:69:7a:92:a9:d8:83:da:7f:
31:38:21:2e:f8:4b:f8:c6:73:fc:84:11:94:c6:e4:
5b:6e:79:0f:fa:b8:95:e8:24:c5:a4:51:bd:f2:88:
71:57:b6:b5:49:d4:48:9a:50:fc:68:df:cf:76:63:
48:ec:52:27:bc:fb:9c:7a:3d:02:e3:87:6e:77:5a:
37:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:1C:77:06:10:00:15:7C:51:CD:09:7B:CD:B4:CE:0D:FE:C3:10:64
X509v3 Authority Key Identifier:
keyid:68:35:DD:FB:84:38:D2:4B:B6:C5:97:93:16:E5:48:91:06:60:90:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/aDXd-4Q40ku2xZeTFuVIkQZgkKc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aDXd-4Q40ku2xZeTFuVIkQZgkKc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/70F51BEE4B0D11EF94975151C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.56.0.0/13
103.235.8.0/22
106.192.0.0/11
110.224.0.0/14
117.96.0.0-117.96.151.255
117.96.153.0-117.96.154.255
117.96.160.0/19
117.97.0.0-117.98.127.255
150.129.212.0/22
223.176.0.0/12
223.224.32.0-223.239.255.255
IPv6:
2401:4900:800::-2401:4900:67ff:ffff:ffff:ffff:ffff:ffff
2401:4900:7000::-2401:4900:87ff:ffff:ffff:ffff:ffff:ffff
2401:4900:9000::/37
2401:4900:a000::-2401:4900:d7ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
76:f9:af:84:f2:94:bd:1d:b9:0f:c0:d6:17:27:d9:ab:7b:b0:
a4:46:61:9b:9f:b9:5a:2f:57:c1:f4:e6:58:b9:e1:be:fb:87:
76:98:7c:16:30:ee:5a:b8:c8:59:1f:49:ed:f6:cf:fe:d1:43:
1b:6c:dd:7f:a5:58:fc:6f:dd:46:6c:a2:f9:8c:51:0e:4c:5d:
c2:8e:91:96:ea:6c:ba:e4:b0:a3:21:c0:e8:74:f3:1e:36:ac:
b9:c1:30:a2:7a:c7:04:d2:c0:c4:d8:cb:a3:83:13:5e:86:e2:
7f:d5:87:80:43:22:a7:e8:09:07:3c:16:e3:47:6f:e1:41:a7:
d6:85:b4:c7:00:39:b3:0c:14:d5:31:45:ed:10:7c:6b:a7:4e:
64:93:c7:6b:5f:2a:e7:c2:63:90:a5:3a:8e:a4:50:7f:87:99:
a9:c7:3a:ec:1e:5e:e2:e3:ba:e9:1d:92:9e:fe:c4:17:05:2c:
c5:96:c1:c0:d1:df:c4:3c:e7:de:8e:2c:7d:e6:48:0d:14:66:
37:a1:b6:76:36:8d:49:a7:30:3a:9a:bc:1d:91:fd:f4:df:de:
55:11:c1:a4:24:1a:80:a9:26:3e:8f:fe:b2:2a:10:f2:85:d9:
e4:fe:ec:04:bd:51:fd:d6:11:12:ea:b7:24:2e:0b:35:db:75:
26:0f:f6:10
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgICCI8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTkxOTcxMTAvBgNVBAUTKDY4MzVEREZCODQzOEQyNEJCNkM1OTc5MzE2RTU0ODkx
MDY2MDkwQTcwHhcNMjUwNDIzMDUzMDMxWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODA4N2FmNy02ZGExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoV+OpY4raD5yPy2y6QhrAvoSfpZBVFGZGZiDpW9JyrMsSsjB5N9MfCviDew7
FAOiGwLPeBriCCtO8g0vUzJhn75qKG8n0xaOnbZGXY8myfGQz+VlpgiVDzyHLw0O
kqt8X17nXxd9jTL0U3f5q0emrfhSX7+6Sw4PtiCqdQxlNYaKxP+6QV9ZwQU4/hS8
vThis3K9eve4pzcbv3KSEjMwnfwMK5pxld152Xme+FJpg9GiOTiW4h2FzWTDaXqS
qdiD2n8xOCEu+Ev4xnP8hBGUxuRbbnkP+riV6CTFpFG98ohxV7a1SdRImlD8aN/P
dmNI7FInvPucej0C44dud1o3TQIDAQABo4IDMzCCAy8wHQYDVR0OBBYEFF8cdwYQ
ABV8Uc0Je820zg3+wxBkMB8GA1UdIwQYMBaAFGg13fuEONJLtsWXkxblSJEGYJCn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTE5Ny84NEIyRUM5OEYy
N0QxMUVBOTQ1NkVFNjBDNEY5QUUwMi9hRFhkLTRRNDBrdTJ4WmVURnVWSWtRWmdr
S2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FEWGQtNFE0MGt1MnhaZVRGdVZJa1FaZ2tLYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTkxOTcvODRCMkVDOThGMjdEMTFFQTk0NTZFRTYwQzRGOUFFMDIvNzBGNTFCRUU0
QjBEMTFFRjk0OTc1MTUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbwGCCsGAQUFBwEHAQH/
BIGsMIGpMGEEAgABMFsDAwMbOAMEAmfrCAMDBWrAAwMCbuAwCwMDBXVgAwQDdWCQ
MAwDBAB1YJkDBAB1YJoDBAV1YKAwCwMDAHVhAwQHdWIAAwQCloHUAwME37AwCwME
Bd/gIAMDBN/gMEQEAgACMD4wEAMGAyQBSQAIAwYDJAFJAGAwEAMGBCQBSQBwAwYD
JAFJAIADBgMkAUkAkDAQAwYFJAFJAKADBgMkAUkA0DANBgkqhkiG9w0BAQsFAAOC
AQEAdvmvhPKUvR25D8DWFyfZq3uwpEZhm5+5Wi9XwfTmWLnhvvuHdph8FjDuWrjI
WR9J7fbP/tFDG2zdf6VY/G/dRmyi+YxRDkxdwo6RlupsuuSwoyHA6HTzHjasucEw
onrHBNLAxNjLo4MTXobif9WHgEMip+gJBzwW40dv4UGn1oW0xwA5swwU1TFF7RB8
a6dOZJPHa18q58JjkKU6jqRQf4eZqcc67B5e4uO66R2Snv7EFwUsxZbBwNHfxDzn
3o4sfeZIDRRmN6G2djaNSacwOpq8HZH99N/eVRHBpCQagKkmPo/+sioQ8oXZ5P7s
BL1R/dYREuq3JC4LNdt1Jg/2EA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:07:08 2025 by rpki-client