Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
File: B32F80267BD111EBBB223C84C4F9AE02.roa (raw, json)
Hash identifier: q9guakhiGGPJ/r5Gu6gD576OxsAfOwuMRm17GWjvfT4=
Subject key identifier: 2E:1E:FB:6B:30:0F:E3:6E:5F:F5:EC:6B:4B:E7:2C:AA:E6:31:39:15
Certificate issuer: /CN=A91EDB37/serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Certificate serial: 0713
Authority key identifier: 95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
Signing time: Wed 18 Jun 2025 08:49:46 +0000
ROA not before: Wed 18 Jun 2025 08:49:46 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 21859
IP address blocks: 129.227.17.0/24 maxlen: 24
129.227.18.0/24 maxlen: 24
129.227.19.0/24 maxlen: 24
129.227.29.0/24 maxlen: 24
129.227.30.0/24 maxlen: 24
129.227.31.0/24 maxlen: 24
129.227.63.0/24 maxlen: 24
129.227.176.0/23 maxlen: 24
129.227.192.0/24 maxlen: 24
129.227.193.0/24 maxlen: 24
129.227.194.0/23 maxlen: 24
156.59.16.0/22 maxlen: 24
156.59.48.0/23 maxlen: 24
156.59.50.0/23 maxlen: 24
156.59.52.0/22 maxlen: 24
156.59.73.0/24 maxlen: 24
156.59.80.0/21 maxlen: 24
156.59.94.0/23 maxlen: 24
156.59.108.0/24 maxlen: 24
156.59.123.0/24 maxlen: 24
156.59.128.0/21 maxlen: 24
156.59.136.0/21 maxlen: 24
156.59.146.0/24 maxlen: 24
156.59.216.0/24 maxlen: 24
156.59.224.0/24 maxlen: 24
156.59.225.0/24 maxlen: 24
156.59.241.0/24 maxlen: 24
162.128.43.0/24 maxlen: 24
162.128.44.0/24 maxlen: 24
162.128.53.0/24 maxlen: 24
162.128.54.0/24 maxlen: 24
162.128.55.0/24 maxlen: 24
162.128.140.0/24 maxlen: 24
162.128.149.0/24 maxlen: 24
162.128.196.0/24 maxlen: 24
162.128.199.0/24 maxlen: 24
162.128.200.0/24 maxlen: 24
162.128.201.0/24 maxlen: 24
162.128.202.0/24 maxlen: 24
162.128.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 27 Jun 2025 22:04:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1811 (0x713)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EDB37, serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Validity
Not Before: Jun 18 08:49:46 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=68527daa-a9bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:20:dc:ad:d4:33:aa:85:5c:8e:fd:61:7a:16:
72:1c:01:58:9b:ec:88:03:50:8d:f8:73:6e:3f:5a:
7b:36:50:b4:3e:37:06:da:07:84:8e:4f:91:50:45:
b3:8c:5b:4c:1c:9c:fc:dd:0f:4e:50:0a:d0:27:f5:
0f:1f:4e:d2:c0:44:78:97:55:2e:39:a7:e0:f4:9b:
54:e4:38:58:e7:0e:47:d9:05:cc:33:36:b4:0f:ff:
e9:0a:c6:39:b6:68:7e:84:69:f3:63:a7:a4:ed:b3:
48:3d:d4:8e:c8:ab:f1:66:63:b6:51:4d:e0:65:81:
ca:93:4a:b5:89:0b:a2:56:8b:8b:b5:d0:1c:98:62:
f5:0a:00:e4:cd:0e:40:c5:f4:78:d1:15:f9:41:16:
99:e3:90:37:69:03:de:67:f1:44:18:b1:1b:a2:cc:
14:92:0c:c8:4d:fb:33:77:81:ee:98:d3:13:25:69:
d3:19:45:06:95:2d:27:fa:58:5c:a0:42:eb:da:42:
29:19:1e:d6:5c:38:5d:70:9e:25:ea:29:87:62:76:
0f:5c:19:a5:f9:55:5d:db:17:93:b9:07:93:46:c8:
41:06:49:16:9b:f7:f2:a7:4e:2d:8a:97:5a:83:39:
cb:c7:87:b6:8e:82:c7:cc:ff:fb:1d:c1:c4:c7:b2:
69:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:1E:FB:6B:30:0F:E3:6E:5F:F5:EC:6B:4B:E7:2C:AA:E6:31:39:15
X509v3 Authority Key Identifier:
keyid:95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.227.17.0-129.227.19.255
129.227.29.0-129.227.31.255
129.227.63.0/24
129.227.176.0/23
129.227.192.0/22
156.59.16.0/22
156.59.48.0/21
156.59.73.0/24
156.59.80.0/21
156.59.94.0/23
156.59.108.0/24
156.59.123.0/24
156.59.128.0/20
156.59.146.0/24
156.59.216.0/24
156.59.224.0/23
156.59.241.0/24
162.128.43.0-162.128.44.255
162.128.53.0-162.128.55.255
162.128.140.0/24
162.128.149.0/24
162.128.196.0/24
162.128.199.0-162.128.202.255
162.128.254.0/24
Signature Algorithm: sha256WithRSAEncryption
21:48:9d:ac:47:35:27:a4:cf:bd:56:51:8b:88:99:8c:0b:b5:
8b:de:02:a7:c9:5b:7a:67:60:d0:fb:9b:fd:e8:e0:85:1b:e9:
bb:4a:40:35:ec:38:48:c6:93:ab:cc:e6:0a:f9:14:bd:46:09:
e8:b9:5d:3c:7e:0a:d4:45:8a:dc:b6:65:a6:a3:3f:e8:6f:7f:
c7:d1:d5:68:24:3b:2b:04:a9:ed:bd:09:92:b3:1c:41:f5:6d:
b3:13:a5:0b:01:b0:4d:5b:9a:03:22:d0:be:f5:b9:d6:d9:54:
5f:cb:29:7e:0e:76:9f:90:5a:69:ca:6e:1b:bc:38:aa:6e:b3:
2a:bc:55:26:a8:72:5e:2d:12:ab:51:e5:5e:95:a1:1f:fe:db:
f2:0b:d0:ee:e5:17:37:ae:3b:8f:22:4a:db:d2:bb:bf:2c:16:
3f:88:ff:76:33:7e:57:41:93:71:3b:7a:13:61:4a:05:d9:2e:
d0:f7:fd:b9:ae:8b:89:09:3e:4f:25:7a:9a:1e:1f:52:b0:98:
58:e0:ca:35:24:d9:7a:d4:01:e8:6d:61:20:c1:70:0c:62:06:
98:80:af:84:26:a5:a2:d4:fa:89:c6:59:15:08:06:e0:5b:c8:
34:cf:ca:a3:d0:42:a5:d0:59:e4:be:e3:8e:c0:4e:a1:ba:ed:
3e:e9:6b:a4
-----BEGIN CERTIFICATE-----
MIIGKDCCBRCgAwIBAgICBxMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RURCMzcxMTAvBgNVBAUTKDk1RkVCRTkzQTMzQTMzOTRCRDFGNjBEQ0JCRERCOUZE
RTA3MkI3RjMwHhcNMjUwNjE4MDg0OTQ2WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODUyN2RhYS1hOWJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnyDcrdQzqoVcjv1hehZyHAFYm+yIA1CN+HNuP1p7NlC0PjcG2geEjk+RUEWz
jFtMHJz83Q9OUArQJ/UPH07SwER4l1UuOafg9JtU5DhY5w5H2QXMMza0D//pCsY5
tmh+hGnzY6ek7bNIPdSOyKvxZmO2UU3gZYHKk0q1iQuiVouLtdAcmGL1CgDkzQ5A
xfR40RX5QRaZ45A3aQPeZ/FEGLEboswUkgzITfszd4HumNMTJWnTGUUGlS0n+lhc
oELr2kIpGR7WXDhdcJ4l6imHYnYPXBml+VVd2xeTuQeTRshBBkkWm/fyp04tipda
gznLx4e2joLHzP/7HcHEx7JprQIDAQABo4IDTDCCA0gwHQYDVR0OBBYEFC4e+2sw
D+NuX/Xsa0vnLKrmMTkVMB8GA1UdIwQYMBaAFJX+vpOjOjOUvR9g3Lvduf3gcrfz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFREIzNy80REU2MzVFMDc4
QTAxMUVCOTUwRDMxNzVDNEY5QUUwMi9sZjYtazZNNk01UzlIMkRjdTkyNV9lQnl0
X00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2xmNi1rNk02TTVTOUgyRGN1OTI1X2VCeXRfTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RURCMzcvNERFNjM1RTA3OEEwMTFFQjk1MEQzMTc1QzRGOUFFMDIvQjMyRjgwMjY3
QkQxMTFFQkJCMjIzQzg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgdUGCCsGAQUFBwEHAQH/
BIHFMIHCMIG/BAIAATCBuDAMAwQAgeMRAwQCgeMQMAwDBACB4x0DBAWB4wADBACB
4z8DBAGB47ADBAKB48ADBAKcOxADBAOcOzADBACcO0kDBAOcO1ADBAGcO14DBACc
O2wDBACcO3sDBAScO4ADBACcO5IDBACcO9gDBAGcO+ADBACcO/EwDAMEAKKAKwME
AKKALDAMAwQAooA1AwQDooAwAwQAooCMAwQAooCVAwQAooDEMAwDBACigMcDBACi
gMoDBACigP4wDQYJKoZIhvcNAQELBQADggEBACFInaxHNSekz71WUYuImYwLtYve
AqfJW3pnYND7m/3o4IUb6btKQDXsOEjGk6vM5gr5FL1GCei5XTx+CtRFity2Zaaj
P+hvf8fR1WgkOysEqe29CZKzHEH1bbMTpQsBsE1bmgMi0L71udbZVF/LKX4Odp+Q
WmnKbhu8OKpusyq8VSaocl4tEqtR5V6VoR/+2/IL0O7lFzeuO48iStvSu78sFj+I
/3YzfldBk3E7ehNhSgXZLtD3/bmui4kJPk8lepoeH1KwmFjgyjUk2XrUAehtYSDB
cAxiBpiAr4QmpaLU+onGWRUIBuBbyDTPyqPQQqXQWeS+447ATqG67T7pa6Q=
-----END CERTIFICATE-----
Generated at Sat Jun 21 03:34:35 2025 by rpki-client