Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/C27C0758916B11EF81BBB521C4F9AE02.roa
File: C27C0758916B11EF81BBB521C4F9AE02.roa (raw, json)
Hash identifier: 8Zvpm3KnGOfMYiGyvHAjhpr9nIDqYbZmm/Akwakh/XI=
Subject key identifier: 37:8E:8C:C6:14:90:69:3E:B0:29:5F:43:10:90:E9:57:D7:7E:8E:92
Certificate issuer: /CN=A91A7169/serialNumber=E50CB250BFAD0863E85C2902EA0219D53CC0812E
Certificate serial: 011A
Authority key identifier: E5:0C:B2:50:BF:AD:08:63:E8:5C:29:02:EA:02:19:D5:3C:C0:81:2E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5QyyUL-tCGPoXCkC6gIZ1TzAgS4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/C27C0758916B11EF81BBB521C4F9AE02.roa
Signing time: Wed 06 Aug 2025 00:29:11 +0000
ROA not before: Wed 06 Aug 2025 00:29:11 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 53813
IP address blocks: 101.2.192.0/24 maxlen: 24
101.2.193.0/24 maxlen: 24
101.2.194.0/24 maxlen: 24
101.2.195.0/24 maxlen: 24
101.2.196.0/24 maxlen: 24
101.2.197.0/24 maxlen: 24
175.107.128.0/23 maxlen: 24
175.107.130.0/23 maxlen: 24
175.107.190.0/24 maxlen: 24
2400:7aa0:1200::/40 maxlen: 48
2400:7aa0:1300::/40 maxlen: 48
2400:7aa0:1400::/40 maxlen: 48
2400:7aa0:1500::/40 maxlen: 48
2400:7aa0:1600::/40 maxlen: 48
2400:7aa0:1700::/40 maxlen: 48
2400:7aa0:1800::/40 maxlen: 48
2400:7aa0:1900::/40 maxlen: 48
2400:7aa0:1a00::/40 maxlen: 48
2400:7aa0:1b00::/40 maxlen: 48
2400:7aa0:1c00::/40 maxlen: 48
2400:7aa0:1d00::/40 maxlen: 40
2400:7aa0:1e00::/40 maxlen: 48
2400:7aa0:1f00::/40 maxlen: 48
2400:7aa0:2200::/40 maxlen: 48
2400:7aa0:2300::/40 maxlen: 48
2400:7aa0:2400::/40 maxlen: 48
2400:7aa0:2500::/40 maxlen: 48
2400:7aa0:2600::/40 maxlen: 48
2400:7aa0:2800::/40 maxlen: 48
2400:7aa0:2900::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/5QyyUL-tCGPoXCkC6gIZ1TzAgS4.crl
rsync://rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/5QyyUL-tCGPoXCkC6gIZ1TzAgS4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5QyyUL-tCGPoXCkC6gIZ1TzAgS4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 282 (0x11a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A7169, serialNumber=E50CB250BFAD0863E85C2902EA0219D53CC0812E
Validity
Not Before: Aug 6 00:29:11 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=6892a1d7-8f9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6d:95:08:9f:7f:6a:96:71:8b:d6:de:8b:ca:
b3:f7:f7:33:fd:30:4a:32:8f:08:8f:be:a1:de:48:
dc:4d:e7:71:66:0d:ed:19:cd:b1:db:69:95:f2:74:
34:a2:0d:d3:bf:6d:9e:41:9c:87:e2:7d:c9:f8:96:
9c:4c:08:4e:0c:df:b6:33:df:3c:80:cf:0a:57:52:
2d:60:e1:79:f0:ec:92:c1:80:55:14:13:5f:fe:bc:
4b:78:98:9f:25:bc:1b:7c:1b:e2:4e:14:2e:ce:88:
36:d4:93:79:fd:e6:6b:33:20:ab:05:45:c0:7e:e4:
b8:48:cf:db:03:7f:aa:d1:55:7d:c1:33:13:2e:f8:
11:04:47:b0:0a:eb:92:1f:e9:22:21:97:7f:dd:3d:
95:4c:35:18:20:8b:fe:c7:d3:a1:29:1e:43:05:47:
e4:3f:38:95:f3:af:92:89:1c:80:ae:23:a3:1a:39:
78:78:5b:c9:db:c7:a4:f1:2c:dc:38:be:84:cc:d6:
0c:93:29:06:9e:95:ac:5d:4f:40:a7:a1:79:9b:9c:
f2:bb:77:6e:b6:ba:39:ec:4a:48:34:2e:2d:5f:68:
85:2f:a8:a8:7e:ca:f0:57:6e:78:f5:b3:00:e9:10:
a5:da:25:90:21:46:a5:d8:ba:09:1a:20:96:fb:41:
9e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:8E:8C:C6:14:90:69:3E:B0:29:5F:43:10:90:E9:57:D7:7E:8E:92
X509v3 Authority Key Identifier:
keyid:E5:0C:B2:50:BF:AD:08:63:E8:5C:29:02:EA:02:19:D5:3C:C0:81:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/5QyyUL-tCGPoXCkC6gIZ1TzAgS4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5QyyUL-tCGPoXCkC6gIZ1TzAgS4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/C27C0758916B11EF81BBB521C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.2.192.0-101.2.197.255
175.107.128.0/22
175.107.190.0/24
IPv6:
2400:7aa0:1200::-2400:7aa0:1fff:ffff:ffff:ffff:ffff:ffff
2400:7aa0:2200::-2400:7aa0:26ff:ffff:ffff:ffff:ffff:ffff
2400:7aa0:2800::/39
Signature Algorithm: sha256WithRSAEncryption
06:d7:b9:43:bf:60:a1:43:aa:1b:b7:1f:d4:53:98:73:10:9e:
11:24:be:0c:7a:a3:ae:a5:96:ee:79:54:46:da:e2:4b:34:64:
5e:7a:f9:70:c7:08:3d:82:1d:54:d9:12:7a:d0:34:63:74:f5:
03:46:11:48:01:d6:14:00:87:82:08:fc:56:9b:31:aa:18:c1:
0e:e3:6e:88:6f:c9:2b:98:2b:c5:3e:0d:96:8e:40:33:99:3a:
fe:04:0c:bf:a3:c8:b7:fd:47:70:7d:89:7d:e5:92:0e:c9:03:
c4:3e:bf:b7:0d:29:2b:0d:94:6f:13:69:de:a6:f4:17:59:99:
2d:57:73:af:fe:2a:82:5f:b9:c1:b9:54:28:3c:58:73:94:6d:
8b:3b:62:e0:af:6e:06:c4:e1:fd:14:db:d4:6d:b7:76:f8:12:
bb:ac:73:e9:c5:c4:01:f8:7b:72:3c:6f:4b:d8:f7:41:5d:82:
1a:2b:c2:3a:e7:b0:9c:f0:43:e1:f8:e2:00:b7:40:48:aa:e9:
fe:ce:a0:79:70:0a:3e:c1:a3:4a:e4:2d:03:7d:10:c0:5d:f0:
c2:31:ab:75:c2:38:a3:b0:9b:b7:08:63:13:10:aa:9a:20:44:
4f:d3:98:c5:a5:c3:ed:05:c1:76:43:f5:f1:ed:3f:0b:61:8c:
0e:15:9e:c6
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgICARowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTcxNjkxMTAvBgNVBAUTKEU1MENCMjUwQkZBRDA4NjNFODVDMjkwMkVBMDIxOUQ1
M0NDMDgxMkUwHhcNMjUwODA2MDAyOTExWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODkyYTFkNy04ZjlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt22VCJ9/apZxi9bei8qz9/cz/TBKMo8Ij76h3kjcTedxZg3tGc2x22mV8nQ0
og3Tv22eQZyH4n3J+JacTAhODN+2M988gM8KV1ItYOF58OySwYBVFBNf/rxLeJif
JbwbfBviThQuzog21JN5/eZrMyCrBUXAfuS4SM/bA3+q0VV9wTMTLvgRBEewCuuS
H+kiIZd/3T2VTDUYIIv+x9OhKR5DBUfkPziV86+SiRyAriOjGjl4eFvJ28ek8Szc
OL6EzNYMkykGnpWsXU9Ap6F5m5zyu3dutro57EpINC4tX2iFL6iofsrwV2549bMA
6RCl2iWQIUal2LoJGiCW+0Ge6QIDAQABo4IC3TCCAtkwHQYDVR0OBBYEFDeOjMYU
kGk+sClfQxCQ6VfXfo6SMB8GA1UdIwQYMBaAFOUMslC/rQhj6FwpAuoCGdU8wIEu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNzE2OS82QjdGOTkzQ0VC
QUUxMUVFOEEwRUQ5NjRDNEY5QUUwMi81UXl5VUwtdENHUG9YQ2tDNmdJWjFUekFn
UzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVReXlVTC10Q0dQb1hDa0M2Z0laMVR6QWdTNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTcxNjkvNkI3Rjk5M0NFQkFFMTFFRThBMEVEOTY0QzRGOUFFMDIvQzI3QzA3NTg5
MTZCMTFFRjgxQkJCNTIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZwYIKwYBBQUHAQcBAf8E
WDBWMCAEAgABMBowDAMEBmUCwAMEAWUCxAMEAq9rgAMEAK9rvjAyBAIAAjAsMBAD
BgEkAHqgEgMGBSQAeqAAMBADBgEkAHqgIgMGACQAeqAmAwYBJAB6oCgwDQYJKoZI
hvcNAQELBQADggEBAAbXuUO/YKFDqhu3H9RTmHMQnhEkvgx6o66llu55VEba4ks0
ZF56+XDHCD2CHVTZEnrQNGN09QNGEUgB1hQAh4II/FabMaoYwQ7jbohvySuYK8U+
DZaOQDOZOv4EDL+jyLf9R3B9iX3lkg7JA8Q+v7cNKSsNlG8Tad6m9BdZmS1Xc6/+
KoJfucG5VCg8WHOUbYs7YuCvbgbE4f0U29Rtt3b4Erusc+nFxAH4e3I8b0vY90Fd
ghorwjrnsJzwQ+H44gC3QEiq6f7OoHlwCj7Bo0rkLQN9EMBd8MIxq3XCOKOwm7cI
YxMQqpogRE/TmMWlw+0FwXZD9fHtPwthjA4VnsY=
-----END CERTIFICATE-----
Generated at Sat Aug 9 15:18:06 2025 by rpki-client