Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/340190F8465911F096DBFB74C4F9AE02.roa
File: 340190F8465911F096DBFB74C4F9AE02.roa (raw, json)
Hash identifier: nKsQveWFFMV7LI445POLRkTyLozvNsB7LhZewvB4Y3s=
Subject key identifier: BB:91:37:F1:31:1F:02:82:EA:AA:B8:6F:72:71:4D:BC:68:8B:EC:0C
Certificate issuer: /CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
Certificate serial: 0266
Authority key identifier: 45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/340190F8465911F096DBFB74C4F9AE02.roa
Signing time: Wed 11 Jun 2025 00:15:39 +0000
ROA not before: Wed 11 Jun 2025 00:15:39 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 23871
IP address blocks: 123.108.68.0/23 maxlen: 24
123.108.71.0/24 maxlen: 24
125.62.76.0/22 maxlen: 22
125.62.76.0/24 maxlen: 24
125.62.78.0/24 maxlen: 24
125.62.79.0/24 maxlen: 24
202.10.82.0/24 maxlen: 24
202.10.84.0/24 maxlen: 24
202.10.85.0/24 maxlen: 24
202.10.86.0/24 maxlen: 24
202.10.87.0/24 maxlen: 24
202.10.88.0/24 maxlen: 24
202.10.89.0/24 maxlen: 24
202.10.90.0/24 maxlen: 24
202.10.91.0/24 maxlen: 24
202.10.93.0/24 maxlen: 24
202.10.95.0/24 maxlen: 24
202.126.100.0/24 maxlen: 24
202.134.224.0/19 maxlen: 19
202.134.224.0/24 maxlen: 24
202.134.225.0/24 maxlen: 24
202.134.226.0/24 maxlen: 24
202.134.227.0/24 maxlen: 24
202.134.228.0/24 maxlen: 24
202.134.229.0/24 maxlen: 24
202.134.232.0/24 maxlen: 24
202.134.234.0/24 maxlen: 24
202.134.236.0/24 maxlen: 24
202.134.237.0/24 maxlen: 24
202.134.238.0/24 maxlen: 24
202.134.240.0/24 maxlen: 24
202.134.242.0/24 maxlen: 24
202.134.243.0/24 maxlen: 24
202.134.244.0/24 maxlen: 24
202.134.245.0/24 maxlen: 24
202.134.246.0/24 maxlen: 24
202.134.250.0/24 maxlen: 24
202.134.251.0/24 maxlen: 24
202.134.252.0/24 maxlen: 24
202.134.255.0/24 maxlen: 24
203.34.248.0/23 maxlen: 24
203.62.158.0/23 maxlen: 24
2406:1600:200::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/RW7qBpLGpPJvU9LSN9HLTc14MwU.crl
rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/RW7qBpLGpPJvU9LSN9HLTc14MwU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 26 Jun 2025 02:46:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 614 (0x266)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C6550, serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
Validity
Not Before: Jun 11 00:15:39 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=6848caaa-12e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:32:5d:a5:18:b1:91:d2:98:0b:f8:85:84:c6:
83:03:72:29:26:4b:8a:e6:25:4e:77:40:fd:75:04:
43:99:c8:36:d6:b7:69:1d:db:d7:f8:7a:3f:e7:41:
a6:9d:1a:99:ee:5f:1e:04:46:f8:39:8b:58:ea:60:
fa:fa:25:41:30:61:07:fc:61:3e:d5:f2:4d:a4:d8:
74:7c:2d:e6:e8:48:9b:b3:65:4f:4a:8e:3e:d5:9e:
a6:7a:79:7a:15:c3:dc:b4:dc:ae:ae:24:e1:5d:49:
0c:97:a9:1e:79:be:99:70:74:46:e4:ba:61:09:23:
55:ed:fe:09:9a:11:cc:d7:72:4d:bc:a9:b7:fd:97:
b0:8c:7a:3b:e8:28:6e:00:1b:18:af:cc:5f:45:50:
7c:10:55:07:12:2f:42:72:15:35:0d:4f:df:51:a0:
9e:01:48:2a:42:5e:8d:3b:e2:b8:ce:43:5f:82:ef:
90:db:44:44:a9:66:1a:fc:de:22:ee:15:77:b8:be:
80:f3:60:af:9d:b4:a1:bc:eb:6f:09:64:19:8c:22:
9f:0f:07:bb:61:d8:00:57:d6:10:68:b6:56:9f:0d:
fe:b3:7d:71:90:34:8f:dc:ff:47:89:e0:70:a2:4e:
cc:04:df:78:f9:89:57:01:88:a0:e9:50:32:74:96:
4d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:91:37:F1:31:1F:02:82:EA:AA:B8:6F:72:71:4D:BC:68:8B:EC:0C
X509v3 Authority Key Identifier:
keyid:45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/RW7qBpLGpPJvU9LSN9HLTc14MwU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/340190F8465911F096DBFB74C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
123.108.68.0/23
123.108.71.0/24
125.62.76.0/22
202.10.82.0/24
202.10.84.0-202.10.91.255
202.10.93.0/24
202.10.95.0/24
202.126.100.0/24
202.134.224.0/19
203.34.248.0/23
203.62.158.0/23
IPv6:
2406:1600:200::/48
Signature Algorithm: sha256WithRSAEncryption
1f:fa:99:e3:c9:6f:76:c3:af:3e:a8:17:72:13:26:fc:a5:1d:
c5:6d:29:ad:c2:39:a2:c3:2c:3c:aa:51:3f:34:d7:3b:34:c1:
29:e1:17:43:0b:49:39:60:b4:ff:b3:08:58:4c:38:eb:f0:33:
42:28:e8:13:4d:68:44:8d:f4:2c:52:27:40:0f:78:5a:bd:cf:
81:5b:fc:74:f5:95:f6:61:38:db:4c:7a:78:87:3d:a1:d5:1e:
03:5e:e2:61:32:58:36:74:5a:cc:d0:c4:c1:7d:79:57:eb:30:
1d:21:14:90:80:3e:e1:37:b9:b2:53:c3:38:2e:ef:88:ef:35:
e8:3b:b4:f8:36:5a:83:08:b8:61:07:43:6a:cc:d3:d2:81:cc:
68:98:9c:a3:f3:d9:94:32:21:d0:01:8a:68:07:df:2c:1f:ec:
14:12:40:5c:57:1c:c3:14:d8:12:e9:2c:eb:f0:56:2a:d6:60:
74:87:c6:a8:c1:27:6d:8b:18:20:8d:37:cc:fb:e8:29:2f:6f:
28:5d:c8:5c:43:20:e5:0b:0b:5b:f6:b2:6c:04:4b:2b:45:72:
2c:4a:09:8d:3a:89:0a:a6:ca:7e:d8:92:59:5b:cf:04:4d:ed:
41:ab:4b:e6:ea:56:ac:6e:ed:64:3d:68:94:b6:72:ab:e0:3d:
6f:be:09:47
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgICAmYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzY1NTAxMTAvBgNVBAUTKDQ1NkVFQTA2OTJDNkE0RjI2RjUzRDJEMjM3RDFDQjRE
Q0Q3ODMzMDUwHhcNMjUwNjExMDAxNTM5WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODQ4Y2FhYS0xMmU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwDJdpRixkdKYC/iFhMaDA3IpJkuK5iVOd0D9dQRDmcg21rdpHdvX+Ho/50Gm
nRqZ7l8eBEb4OYtY6mD6+iVBMGEH/GE+1fJNpNh0fC3m6Eibs2VPSo4+1Z6menl6
FcPctNyuriThXUkMl6keeb6ZcHRG5LphCSNV7f4JmhHM13JNvKm3/ZewjHo76Chu
ABsYr8xfRVB8EFUHEi9CchU1DU/fUaCeAUgqQl6NO+K4zkNfgu+Q20REqWYa/N4i
7hV3uL6A82CvnbShvOtvCWQZjCKfDwe7YdgAV9YQaLZWnw3+s31xkDSP3P9HieBw
ok7MBN94+YlXAYig6VAydJZNdwIDAQABo4IC6jCCAuYwHQYDVR0OBBYEFLuRN/Ex
HwKC6qq4b3JxTbxoi+wMMB8GA1UdIwQYMBaAFEVu6gaSxqTyb1PS0jfRy03NeDMF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNjU1MC84NDAwOTU0QUNF
QzQxMUVEOEE4M0ZCMTFDNEY5QUUwMi9SVzdxQnBMR3BQSnZVOUxTTjlITFRjMTRN
d1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JXN3FCcExHcFBKdlU5TFNOOUhMVGMxNE13VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzY1NTAvODQwMDk1NEFDRUM0MTFFRDhBODNGQjExQzRGOUFFMDIvMzQwMTkwRjg0
NjU5MTFGMDk2REJGQjc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdAYIKwYBBQUHAQcBAf8E
ZTBjMFAEAgABMEoDBAF7bEQDBAB7bEcDBAJ9PkwDBADKClIwDAMEAsoKVAMEAsoK
WAMEAMoKXQMEAMoKXwMEAMp+ZAMEBcqG4AMEAcsi+AMEAcs+njAPBAIAAjAJAwcA
JAYWAAIAMA0GCSqGSIb3DQEBCwUAA4IBAQAf+pnjyW92w68+qBdyEyb8pR3FbSmt
wjmiwyw8qlE/NNc7NMEp4RdDC0k5YLT/swhYTDjr8DNCKOgTTWhEjfQsUidAD3ha
vc+BW/x09ZX2YTjbTHp4hz2h1R4DXuJhMlg2dFrM0MTBfXlX6zAdIRSQgD7hN7my
U8M4Lu+I7zXoO7T4NlqDCLhhB0NqzNPSgcxomJyj89mUMiHQAYpoB98sH+wUEkBc
VxzDFNgS6Szr8FYq1mB0h8aowSdtixggjTfM++gpL28oXchcQyDlCwtb9rJsBEsr
RXIsSgmNOokKpsp+2JJZW88ETe1Bq0vm6lasbu1kPWiUtnKr4D1vvglH
-----END CERTIFICATE-----
Generated at Fri Jun 20 01:53:22 2025 by rpki-client