Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9785/47DF9CEC56EC11E7BAD48D3BC4F9AE02/CBCD905AA6E811EFB43BBB4EC4F9AE02.roa
File: CBCD905AA6E811EFB43BBB4EC4F9AE02.roa (raw, json)
Hash identifier: /HeNZUmasiA1sFyQ07qK6IR+x8tI1Ek4b4MMz3sVfn8=
Subject key identifier: 98:36:8F:F9:56:12:FB:18:5F:AD:98:5E:A2:78:C3:21:B4:48:B2:68
Certificate issuer: /CN=A91D9785/serialNumber=7EDEFAD656FD88326F6DFAE2487010580402A35F
Certificate serial: 1A17
Authority key identifier: 7E:DE:FA:D6:56:FD:88:32:6F:6D:FA:E2:48:70:10:58:04:02:A3:5F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ft761lb9iDJvbfriSHAQWAQCo18.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D9785/47DF9CEC56EC11E7BAD48D3BC4F9AE02/CBCD905AA6E811EFB43BBB4EC4F9AE02.roa
Signing time: Sat 14 Jun 2025 16:26:36 +0000
ROA not before: Sat 14 Jun 2025 16:26:36 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 17726
IP address blocks: 45.127.152.0/22 maxlen: 22
45.127.152.0/24 maxlen: 24
45.127.153.0/24 maxlen: 24
45.127.154.0/24 maxlen: 24
45.127.155.0/24 maxlen: 24
103.6.8.0/22 maxlen: 22
103.6.8.0/24 maxlen: 24
103.6.9.0/24 maxlen: 24
103.6.10.0/24 maxlen: 24
103.6.11.0/24 maxlen: 24
103.101.156.0/22 maxlen: 22
103.101.156.0/24 maxlen: 24
103.101.157.0/24 maxlen: 24
103.101.158.0/24 maxlen: 24
103.101.159.0/24 maxlen: 24
103.248.40.0/22 maxlen: 22
103.248.40.0/24 maxlen: 24
103.248.41.0/24 maxlen: 24
103.248.42.0/24 maxlen: 24
103.248.43.0/24 maxlen: 24
202.150.8.0/24 maxlen: 24
202.150.9.0/24 maxlen: 24
202.150.10.0/24 maxlen: 24
202.150.11.0/24 maxlen: 24
203.223.32.0/20 maxlen: 20
203.223.32.0/24 maxlen: 24
203.223.33.0/24 maxlen: 24
203.223.34.0/24 maxlen: 24
203.223.35.0/24 maxlen: 24
203.223.36.0/24 maxlen: 24
203.223.37.0/24 maxlen: 24
203.223.38.0/24 maxlen: 24
203.223.39.0/24 maxlen: 24
203.223.40.0/24 maxlen: 24
203.223.41.0/24 maxlen: 24
203.223.42.0/24 maxlen: 24
203.223.43.0/24 maxlen: 24
203.223.44.0/24 maxlen: 24
203.223.45.0/24 maxlen: 24
203.223.46.0/24 maxlen: 24
203.223.47.0/24 maxlen: 24
2401:a700::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D9785/47DF9CEC56EC11E7BAD48D3BC4F9AE02/ft761lb9iDJvbfriSHAQWAQCo18.crl
rsync://rpki.apnic.net/member_repository/A91D9785/47DF9CEC56EC11E7BAD48D3BC4F9AE02/ft761lb9iDJvbfriSHAQWAQCo18.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ft761lb9iDJvbfriSHAQWAQCo18.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 21 Jun 2025 16:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6679 (0x1a17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D9785, serialNumber=7EDEFAD656FD88326F6DFAE2487010580402A35F
Validity
Not Before: Jun 14 16:26:36 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=684da2bc-d9ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:90:95:bb:30:9b:ba:ef:80:e2:24:64:3f:75:
08:c0:a6:97:81:40:54:14:39:f6:08:a0:92:b9:04:
95:ef:bb:20:78:98:55:af:d3:f4:bf:85:fb:ea:58:
cd:f6:3c:b0:19:1d:41:d6:e8:f0:ed:69:98:45:90:
80:ae:d3:7f:5e:62:54:79:dd:91:44:8b:6a:9e:48:
3b:17:dd:bd:e0:5b:4e:e7:62:52:6a:e9:97:54:a4:
73:9f:b3:ad:3b:25:4f:04:45:43:72:3b:f5:09:b4:
63:02:4f:fa:cc:26:a0:1b:9d:59:d8:8e:fb:b3:0c:
46:6c:fa:df:2f:d6:dc:37:d6:7a:9c:ed:8e:c9:bd:
a9:f5:eb:08:09:cc:d4:1d:97:48:ab:13:e7:91:63:
14:87:e4:46:c1:a0:88:39:31:19:95:db:1b:43:6f:
c8:c9:63:26:2c:ca:4b:2e:da:03:47:92:45:fc:d1:
dc:80:8d:d3:9b:6e:49:43:56:9b:f3:1e:f1:30:30:
30:17:28:86:8c:0b:a6:f8:dc:10:6f:c5:51:02:dc:
06:a8:f5:c1:dc:7d:a8:92:c9:a4:5e:5f:f5:af:1f:
12:a9:56:f8:f7:73:c3:b7:b7:2a:f5:05:6f:0a:d2:
dd:cc:44:2d:9a:f5:53:0a:ac:f1:a9:f1:41:ce:3b:
1e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:36:8F:F9:56:12:FB:18:5F:AD:98:5E:A2:78:C3:21:B4:48:B2:68
X509v3 Authority Key Identifier:
keyid:7E:DE:FA:D6:56:FD:88:32:6F:6D:FA:E2:48:70:10:58:04:02:A3:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D9785/47DF9CEC56EC11E7BAD48D3BC4F9AE02/ft761lb9iDJvbfriSHAQWAQCo18.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ft761lb9iDJvbfriSHAQWAQCo18.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9785/47DF9CEC56EC11E7BAD48D3BC4F9AE02/CBCD905AA6E811EFB43BBB4EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.127.152.0/22
103.6.8.0/22
103.101.156.0/22
103.248.40.0/22
202.150.8.0/22
203.223.32.0/20
IPv6:
2401:a700::/32
Signature Algorithm: sha256WithRSAEncryption
b9:e8:02:ce:fc:af:59:06:c9:9a:74:83:5b:ec:a1:37:c5:ae:
8e:51:48:dd:5b:d7:ea:61:d5:6c:76:fa:b2:98:df:1a:06:da:
2a:83:7a:1e:35:07:8e:5d:3d:b7:47:95:02:8c:69:8d:b4:2c:
e5:be:a1:87:b7:54:6b:5c:f1:5f:12:e9:65:c6:21:6e:90:7e:
5f:49:f9:06:79:60:06:e7:09:e5:fd:82:3f:e2:fe:55:12:00:
22:d9:46:aa:16:b4:9c:ae:bd:14:11:3a:99:a3:40:11:3e:f9:
a7:78:74:be:bf:8c:82:67:4d:dd:42:d7:0b:fc:de:26:c7:29:
40:69:d3:12:f6:27:40:39:4a:41:c8:bc:e4:b4:73:18:14:b2:
99:85:22:07:70:dc:59:f8:ec:c0:89:7a:6f:b2:71:b4:d5:ff:
21:0f:aa:ca:a1:3d:98:ac:6e:1b:3f:e2:5f:fb:7e:03:4b:44:
26:61:41:26:21:15:10:59:73:fe:4d:ce:92:6c:da:9b:94:28:
99:4f:35:2e:56:1c:4d:08:bc:f7:2a:d0:8b:7b:6f:54:b3:e6:
a6:ad:d1:e1:c3:19:b3:1f:83:ac:01:7a:7e:16:02:7e:f6:ea:
15:06:90:40:39:39:eb:36:f0:85:a2:4b:d1:a4:dd:95:e0:12:
96:21:b5:08
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICGhcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDk3ODUxMTAvBgNVBAUTKDdFREVGQUQ2NTZGRDg4MzI2RjZERkFFMjQ4NzAxMDU4
MDQwMkEzNUYwHhcNMjUwNjE0MTYyNjM2WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODRkYTJiYy1kOWFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzJCVuzCbuu+A4iRkP3UIwKaXgUBUFDn2CKCSuQSV77sgeJhVr9P0v4X76ljN
9jywGR1B1ujw7WmYRZCArtN/XmJUed2RRItqnkg7F9294FtO52JSaumXVKRzn7Ot
OyVPBEVDcjv1CbRjAk/6zCagG51Z2I77swxGbPrfL9bcN9Z6nO2Oyb2p9esICczU
HZdIqxPnkWMUh+RGwaCIOTEZldsbQ2/IyWMmLMpLLtoDR5JF/NHcgI3Tm25JQ1ab
8x7xMDAwFyiGjAum+NwQb8VRAtwGqPXB3H2oksmkXl/1rx8SqVb493PDt7cq9QVv
CtLdzEQtmvVTCqzxqfFBzjseUwIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFJg2j/lW
EvsYX62YXqJ4wyG0SLJoMB8GA1UdIwQYMBaAFH7e+tZW/Ygyb2364khwEFgEAqNf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOTc4NS80N0RGOUNFQzU2
RUMxMUU3QkFENDhEM0JDNEY5QUUwMi9mdDc2MWxiOWlESnZiZnJpU0hBUVdBUUNv
MTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Z0NzYxbGI5aURKdmJmcmlTSEFRV0FRQ28xOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDk3ODUvNDdERjlDRUM1NkVDMTFFN0JBRDQ4RDNCQzRGOUFFMDIvQ0JDRDkwNUFB
NkU4MTFFRkI0M0JCQjRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E
PTA7MCoEAgABMCQDBAItf5gDBAJnBggDBAJnZZwDBAJn+CgDBALKlggDBATL3yAw
DQQCAAIwBwMFACQBpwAwDQYJKoZIhvcNAQELBQADggEBALnoAs78r1kGyZp0g1vs
oTfFro5RSN1b1+ph1Wx2+rKY3xoG2iqDeh41B45dPbdHlQKMaY20LOW+oYe3VGtc
8V8S6WXGIW6Qfl9J+QZ5YAbnCeX9gj/i/lUSACLZRqoWtJyuvRQROpmjQBE++ad4
dL6/jIJnTd1C1wv83ibHKUBp0xL2J0A5SkHIvOS0cxgUspmFIgdw3Fn47MCJem+y
cbTV/yEPqsqhPZisbhs/4l/7fgNLRCZhQSYhFRBZc/5NzpJs2puUKJlPNS5WHE0I
vPcq0It7b1Sz5qat0eHDGbMfg6wBen4WAn726hUGkEA5Oes28IWiS9Gk3ZXgEpYh
tQg=
-----END CERTIFICATE-----
Generated at Mon Jun 16 16:32:10 2025 by rpki-client