Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDE13/151FE47E2A5611F0B84F5220C4F9AE02/5B45D97C2A5611F0B7C8BB20C4F9AE02.roa
File: 5B45D97C2A5611F0B7C8BB20C4F9AE02.roa (raw, json)
Hash identifier: UkjJv6j01kk67tAR7WvPOWkiQImQuY607Dwbp++ebI8=
Subject key identifier: 19:48:C2:6C:DA:11:F1:22:08:34:CB:E6:89:19:C1:F6:B4:3D:BA:A3
Certificate issuer: /CN=A91FDE13/serialNumber=49FD33D6F51AD6A49884469FA39FEF0432336F81
Certificate serial: 17
Authority key identifier: 49:FD:33:D6:F5:1A:D6:A4:98:84:46:9F:A3:9F:EF:04:32:33:6F:81
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Sf0z1vUa1qSYhEafo5_vBDIzb4E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FDE13/151FE47E2A5611F0B84F5220C4F9AE02/5B45D97C2A5611F0B7C8BB20C4F9AE02.roa
Signing time: Wed 21 May 2025 07:19:46 +0000
ROA not before: Wed 21 May 2025 07:19:46 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 17497
IP address blocks: 45.253.244.0/24 maxlen: 24
45.253.245.0/24 maxlen: 24
103.211.228.0/24 maxlen: 24
103.211.229.0/24 maxlen: 24
163.227.196.0/24 maxlen: 24
163.227.197.0/24 maxlen: 24
2402:620::/48 maxlen: 48
2402:620:1::/48 maxlen: 48
2402:620:2::/48 maxlen: 48
2402:620:3::/48 maxlen: 48
2402:620:4::/48 maxlen: 48
2402:620:5::/48 maxlen: 48
2402:620:6::/48 maxlen: 48
2402:620:7::/48 maxlen: 48
2402:620:8::/48 maxlen: 48
2402:620:9::/48 maxlen: 48
2402:620:a::/48 maxlen: 48
2402:620:b::/48 maxlen: 48
2402:620:c::/48 maxlen: 48
2402:620:d::/48 maxlen: 48
2402:620:e::/48 maxlen: 48
2402:620:f::/48 maxlen: 48
2402:620:10::/48 maxlen: 48
2402:620:11::/48 maxlen: 48
2402:620:12::/48 maxlen: 48
2402:620:13::/48 maxlen: 48
2402:620:14::/48 maxlen: 48
2402:620:15::/48 maxlen: 48
2402:620:16::/48 maxlen: 48
2402:620:17::/48 maxlen: 48
2402:620:18::/48 maxlen: 48
2402:620:19::/48 maxlen: 48
2402:620:1a::/48 maxlen: 48
2402:620:1b::/48 maxlen: 48
2402:620:1c::/48 maxlen: 48
2402:620:1d::/48 maxlen: 48
2402:620:1e::/48 maxlen: 48
2402:620:1f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91FDE13/151FE47E2A5611F0B84F5220C4F9AE02/Sf0z1vUa1qSYhEafo5_vBDIzb4E.crl
rsync://rpki.apnic.net/member_repository/A91FDE13/151FE47E2A5611F0B84F5220C4F9AE02/Sf0z1vUa1qSYhEafo5_vBDIzb4E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Sf0z1vUa1qSYhEafo5_vBDIzb4E.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 26 Jun 2025 07:19:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23 (0x17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FDE13, serialNumber=49FD33D6F51AD6A49884469FA39FEF0432336F81
Validity
Not Before: May 21 07:19:46 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=682d7e92-7d1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:93:5b:92:f0:b4:94:2e:8c:58:11:20:de:e5:
6b:46:53:c1:ce:1a:f3:3a:76:55:2b:0b:21:bc:ed:
bd:21:09:2a:26:0a:7a:07:a7:53:aa:10:69:76:00:
64:c0:d3:9a:34:1f:a2:be:97:93:f5:a8:19:d5:ab:
ca:df:a1:d4:3d:15:b9:37:0a:4f:10:6e:67:43:9d:
2c:5b:d3:37:17:2d:5e:fa:5f:2c:7d:37:54:1a:a8:
18:b2:38:d4:27:d3:bf:ac:82:31:4f:92:38:16:d7:
ea:bf:27:19:25:13:ad:11:c1:69:a8:ae:fd:40:b8:
b6:2f:bd:80:d7:85:a4:ad:a1:4d:08:d3:4b:31:63:
f9:ea:68:40:2e:bb:2b:3c:50:87:d2:e1:2e:49:09:
9d:ec:fd:98:d7:d1:e9:16:96:ae:79:fd:e5:b8:22:
02:a5:b2:8d:2b:6e:54:99:b5:70:4c:ed:2c:68:7e:
41:c2:6e:92:25:cf:81:e3:b0:67:a2:fe:a4:ab:9c:
16:36:4e:ba:a9:e5:fa:d8:48:ba:91:28:41:b4:7b:
0e:7e:11:25:8b:9b:02:0c:6e:3c:6c:b6:d7:d2:4b:
2c:a7:3c:e3:5b:9a:cf:91:12:a8:c9:dc:1a:55:ba:
83:6c:50:e8:b0:e5:43:99:87:42:7c:bc:50:c7:b3:
84:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:48:C2:6C:DA:11:F1:22:08:34:CB:E6:89:19:C1:F6:B4:3D:BA:A3
X509v3 Authority Key Identifier:
keyid:49:FD:33:D6:F5:1A:D6:A4:98:84:46:9F:A3:9F:EF:04:32:33:6F:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FDE13/151FE47E2A5611F0B84F5220C4F9AE02/Sf0z1vUa1qSYhEafo5_vBDIzb4E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Sf0z1vUa1qSYhEafo5_vBDIzb4E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDE13/151FE47E2A5611F0B84F5220C4F9AE02/5B45D97C2A5611F0B7C8BB20C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.253.244.0/23
103.211.228.0/23
163.227.196.0/23
IPv6:
2402:620::/43
Signature Algorithm: sha256WithRSAEncryption
04:c3:bc:0f:05:ee:c7:02:3e:14:3b:1b:7a:70:bd:85:27:4f:
e1:bd:b8:94:b5:18:40:b6:8d:09:a3:a2:a1:31:f6:f0:e8:84:
ff:2b:fd:af:58:a2:e2:f7:21:11:bb:d2:e7:22:88:16:5f:b7:
27:8e:9f:0e:eb:47:5d:c1:4f:2b:61:04:c3:fd:00:0a:38:9e:
18:25:25:19:6c:01:6a:b8:32:d7:6f:95:19:b3:33:55:b3:8f:
a6:22:82:46:80:6f:e0:8d:08:79:46:7b:ed:82:d6:fd:c6:81:
7b:ce:84:36:40:5f:ee:32:eb:4e:8c:62:8d:d6:c6:41:e3:ba:
33:ae:e9:86:ee:61:46:21:0a:b1:eb:25:a1:a7:39:7e:84:25:
39:b9:f2:cb:ad:69:73:c9:eb:45:18:3d:ad:a1:0f:ec:75:65:
ae:64:4f:d2:85:b6:a1:fd:10:3e:ce:87:ad:02:a5:59:03:1e:
6e:96:20:f8:8a:20:86:29:47:28:62:5d:85:aa:4d:7d:78:7b:
d6:ea:15:ee:00:f8:07:0b:74:a1:64:e1:b6:f9:2f:a3:37:7d:
c4:4a:a1:f5:40:2d:c8:44:93:02:34:3e:af:54:d1:62:f4:b2:
8c:b2:99:ad:cb:18:3b:5a:3c:d9:8a:45:21:4c:19:82:69:a7:
e3:2d:9a:14
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIBFzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
REUxMzExMC8GA1UEBRMoNDlGRDMzRDZGNTFBRDZBNDk4ODQ0NjlGQTM5RkVGMDQz
MjMzNkY4MTAeFw0yNTA1MjEwNzE5NDZaFw0yNjA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4MmQ3ZTkyLTdkMWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDWk1uS8LSULoxYESDe5WtGU8HOGvM6dlUrCyG87b0hCSomCnoHp1OqEGl2AGTA
05o0H6K+l5P1qBnVq8rfodQ9Fbk3Ck8QbmdDnSxb0zcXLV76Xyx9N1QaqBiyONQn
07+sgjFPkjgW1+q/JxklE60RwWmorv1AuLYvvYDXhaStoU0I00sxY/nqaEAuuys8
UIfS4S5JCZ3s/ZjX0ekWlq55/eW4IgKlso0rblSZtXBM7SxofkHCbpIlz4HjsGei
/qSrnBY2Trqp5frYSLqRKEG0ew5+ESWLmwIMbjxsttfSSyynPONbms+REqjJ3BpV
uoNsUOiw5UOZh0J8vFDHs4QfAgMBAAGjggKyMIICrjAdBgNVHQ4EFgQUGUjCbNoR
8SIINMvmiRnB9rQ9uqMwHwYDVR0jBBgwFoAUSf0z1vUa1qSYhEafo5/vBDIzb4Ew
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZERTEzLzE1MUZFNDdFMkE1
NjExRjBCODRGNTIyMEM0RjlBRTAyL1NmMHoxdlVhMXFTWWhFYWZvNV92QkRJemI0
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvU2YwejF2VWExcVNZaEVhZm81X3ZCREl6YjRFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
REUxMy8xNTFGRTQ3RTJBNTYxMUYwQjg0RjUyMjBDNEY5QUUwMi81QjQ1RDk3QzJB
NTYxMUYwQjdDOEJCMjBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA8BggrBgEFBQcBBwEB/wQt
MCswGAQCAAEwEgMEAS399AMEAWfT5AMEAaPjxDAPBAIAAjAJAwcFJAIGIAAAMA0G
CSqGSIb3DQEBCwUAA4IBAQAEw7wPBe7HAj4UOxt6cL2FJ0/hvbiUtRhAto0Jo6Kh
Mfbw6IT/K/2vWKLi9yERu9LnIogWX7cnjp8O60ddwU8rYQTD/QAKOJ4YJSUZbAFq
uDLXb5UZszNVs4+mIoJGgG/gjQh5Rnvtgtb9xoF7zoQ2QF/uMutOjGKN1sZB47oz
rumG7mFGIQqx6yWhpzl+hCU5ufLLrWlzyetFGD2toQ/sdWWuZE/Shbah/RA+zoet
AqVZAx5uliD4iiCGKUcoYl2Fqk19eHvW6hXuAPgHC3ShZOG2+S+jN33ESqH1QC3I
RJMCND6vVNFi9LKMspmtyxg7WjzZikUhTBmCaafjLZoU
-----END CERTIFICATE-----
Generated at Fri Jun 20 11:10:28 2025 by rpki-client