Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/A0F26482C9F211EF986EE370C4F9AE02.roa
File: A0F26482C9F211EF986EE370C4F9AE02.roa (raw, json)
Hash identifier: IncpLcKA56KouK4nJfe3cMJBEi1TzpOjSfCTV1wFUog=
Subject key identifier: E9:49:CE:89:9E:93:19:53:F2:9C:C0:32:7F:01:F2:03:99:D3:BC:24
Certificate issuer: /CN=A911CA78/serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6
Certificate serial: 0CD6
Authority key identifier: 40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/A0F26482C9F211EF986EE370C4F9AE02.roa
Signing time: Fri 09 May 2025 00:46:44 +0000
ROA not before: Fri 09 May 2025 00:46:44 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 18206
IP address blocks: 49.236.192.0/24 maxlen: 24
49.236.193.0/24 maxlen: 24
49.236.194.0/24 maxlen: 24
49.236.195.0/24 maxlen: 24
49.236.197.0/24 maxlen: 24
49.236.198.0/24 maxlen: 24
49.236.199.0/24 maxlen: 24
49.236.200.0/24 maxlen: 24
49.236.202.0/24 maxlen: 24
49.236.203.0/24 maxlen: 24
49.236.204.0/24 maxlen: 24
49.236.205.0/24 maxlen: 24
112.137.160.0/24 maxlen: 24
112.137.161.0/24 maxlen: 24
112.137.162.0/24 maxlen: 24
112.137.163.0/24 maxlen: 24
112.137.164.0/24 maxlen: 24
112.137.165.0/24 maxlen: 24
112.137.168.0/24 maxlen: 24
112.137.169.0/24 maxlen: 24
112.137.170.0/24 maxlen: 24
112.137.171.0/24 maxlen: 24
112.137.172.0/24 maxlen: 24
112.137.173.0/24 maxlen: 24
112.137.174.0/24 maxlen: 24
112.137.175.0/24 maxlen: 24
119.110.97.0/24 maxlen: 24
119.110.98.0/24 maxlen: 24
119.110.99.0/24 maxlen: 24
119.110.100.0/24 maxlen: 24
119.110.102.0/24 maxlen: 24
119.110.105.0/24 maxlen: 24
119.110.107.0/24 maxlen: 24
119.110.108.0/24 maxlen: 24
124.197.224.0/20 maxlen: 20
124.197.224.0/22 maxlen: 22
124.197.224.0/24 maxlen: 24
124.197.225.0/24 maxlen: 24
124.197.233.0/24 maxlen: 24
124.197.238.0/24 maxlen: 24
124.197.239.0/24 maxlen: 24
202.71.96.0/20 maxlen: 23
202.71.96.0/21 maxlen: 24
202.71.104.0/22 maxlen: 24
202.71.108.0/24 maxlen: 24
202.71.110.0/23 maxlen: 24
202.75.32.0/20 maxlen: 23
202.75.32.0/21 maxlen: 24
202.75.40.0/24 maxlen: 24
202.75.42.0/23 maxlen: 24
202.75.44.0/22 maxlen: 24
202.75.48.0/20 maxlen: 24
202.162.0.0/19 maxlen: 24
202.165.0.0/19 maxlen: 24
203.153.80.0/20 maxlen: 24
210.48.144.0/20 maxlen: 24
2401:b000::/32 maxlen: 32
2401:b000::/48 maxlen: 48
2401:b000:0:5::/64 maxlen: 64
2401:b000:0:6::/64 maxlen: 64
2401:b000:10::/48 maxlen: 48
2404:b8::/32 maxlen: 32
2404:b8::/48 maxlen: 48
2404:b8:0:1::/64 maxlen: 64
2404:b8:1::/48 maxlen: 48
2404:b8:3::/48 maxlen: 48
2404:b8:20::/43 maxlen: 43
2404:b8:2000::/44 maxlen: 44
2404:b8:2020::/43 maxlen: 43
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.crl
rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 21 May 2025 19:16:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3286 (0xcd6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911CA78, serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6
Validity
Not Before: May 9 00:46:44 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=681d5074-af3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0f:43:49:3d:86:9d:98:d7:a2:43:07:21:1a:
5d:c8:c9:7a:df:f6:aa:38:b9:b8:b7:5f:9e:94:41:
d0:a5:98:87:57:10:2e:ec:b0:d4:83:0f:15:1b:0f:
d2:32:96:41:36:40:fe:b3:7f:86:f2:4b:c5:c8:67:
47:94:25:19:fc:dd:81:4f:7e:82:4d:05:2d:b6:c7:
13:60:12:dc:2a:6a:07:87:0d:19:75:66:55:f4:3e:
bb:6a:53:65:6b:e7:48:d4:68:db:5b:96:1b:12:4d:
41:e9:4b:5a:a4:54:60:15:a6:a5:28:8e:18:06:38:
47:c3:90:f5:f8:6a:54:e7:f4:59:5b:e3:ec:d1:5a:
65:dd:13:6c:d4:99:a4:c1:32:a0:a2:63:50:85:12:
f9:98:a1:2e:5d:29:2a:75:a7:b4:22:55:2e:59:a5:
76:1a:6b:ca:88:dc:35:6e:48:37:c1:55:76:60:ee:
1d:49:2d:10:ef:c7:cd:97:29:86:8a:e6:56:09:ca:
7f:32:ce:e7:f5:00:43:4c:c9:52:bb:00:51:7a:de:
5c:7f:db:f3:d3:90:39:b1:98:b7:72:6c:57:c0:4e:
eb:46:99:cf:97:e0:56:23:e0:7e:2e:c4:00:01:df:
c7:df:bb:f2:e2:44:1d:2d:1b:2c:87:ad:48:5c:32:
7f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:49:CE:89:9E:93:19:53:F2:9C:C0:32:7F:01:F2:03:99:D3:BC:24
X509v3 Authority Key Identifier:
keyid:40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/A0F26482C9F211EF986EE370C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.236.192.0/22
49.236.197.0-49.236.200.255
49.236.202.0-49.236.205.255
112.137.160.0-112.137.165.255
112.137.168.0/21
119.110.97.0-119.110.100.255
119.110.102.0/24
119.110.105.0/24
119.110.107.0-119.110.108.255
124.197.224.0/20
202.71.96.0/20
202.75.32.0/19
202.162.0.0/19
202.165.0.0/19
203.153.80.0/20
210.48.144.0/20
IPv6:
2401:b000::/32
2404:b8::/32
Signature Algorithm: sha256WithRSAEncryption
27:69:68:a6:fc:37:cb:1b:be:a5:f1:fa:92:9f:48:0b:5a:7d:
a0:c1:41:77:63:0f:c3:1e:be:bb:fa:ba:e8:b3:cb:a4:ac:95:
c5:d9:c8:2f:67:b7:11:3e:c2:0b:b4:7b:04:fc:fe:ca:41:6f:
14:6a:28:89:7f:5a:66:a8:9c:59:4c:78:f4:67:dc:76:38:4f:
7f:19:92:f0:75:2c:53:67:8e:ea:4e:07:cc:aa:d8:9d:97:eb:
f7:76:8c:5b:5f:c2:b2:eb:ac:6f:44:1a:2f:11:36:75:5b:43:
14:22:27:c1:ee:33:cc:c2:24:b8:f5:d1:f6:e8:2c:63:dd:c2:
79:4e:27:b1:2b:05:d4:a8:dd:1f:f6:cd:72:ea:2c:e0:10:59:
b3:35:1d:81:c4:82:69:eb:2e:bc:62:59:c0:45:a3:54:0a:5d:
34:a2:94:25:e1:3e:b7:6e:22:70:57:b4:5b:5d:11:2c:54:11:
95:d1:b0:fc:5c:30:cc:8e:85:91:b3:66:7b:43:ce:7d:e4:6f:
24:84:6f:32:88:d8:60:30:d4:ec:b2:8e:f7:1e:21:e8:a2:b0:
9e:52:9c:c0:fb:a0:33:3b:79:12:54:63:b6:b5:4b:0a:91:5c:
ae:02:be:86:58:6c:cb:5b:e5:82:01:92:0b:97:d6:b8:45:27:
61:07:9f:44
-----BEGIN CERTIFICATE-----
MIIGDjCCBPagAwIBAgICDNYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUNBNzgxMTAvBgNVBAUTKDQwNTYyQzE0M0EyOUNCMTlDNzBGRkM5Qjk5QjYwQkJF
Q0QxRDczQjYwHhcNMjUwNTA5MDA0NjQ0WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODFkNTA3NC1hZjNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqg9DST2GnZjXokMHIRpdyMl63/aqOLm4t1+elEHQpZiHVxAu7LDUgw8VGw/S
MpZBNkD+s3+G8kvFyGdHlCUZ/N2BT36CTQUttscTYBLcKmoHhw0ZdWZV9D67alNl
a+dI1GjbW5YbEk1B6UtapFRgFaalKI4YBjhHw5D1+GpU5/RZW+Ps0Vpl3RNs1Jmk
wTKgomNQhRL5mKEuXSkqdae0IlUuWaV2GmvKiNw1bkg3wVV2YO4dSS0Q78fNlymG
iuZWCcp/Ms7n9QBDTMlSuwBRet5cf9vz05A5sZi3cmxXwE7rRpnPl+BWI+B+LsQA
Ad/H37vy4kQdLRssh61IXDJ/6QIDAQABo4IDMjCCAy4wHQYDVR0OBBYEFOlJzome
kxlT8pzAMn8B8gOZ07wkMB8GA1UdIwQYMBaAFEBWLBQ6KcsZxw/8m5m2C77NHXO2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0E3OC9CRTg4NDZEMjM1
RDgxMUVBQTczMEVDNDZDNEY5QUUwMi9RRllzRkRvcHl4bkhEX3libWJZTHZzMGRj
N1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FGWXNGRG9weXhuSERfeWJtYllMdnMwZGM3WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUNBNzgvQkU4ODQ2RDIzNUQ4MTFFQUE3MzBFQzQ2QzRGOUFFMDIvQTBGMjY0ODJD
OUYyMTFFRjk4NkVFMzcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbsGCCsGAQUFBwEHAQH/
BIGrMIGoMIGPBAIAATCBiAMEAjHswDAMAwQAMezFAwQAMezIMAwDBAEx7MoDBAEx
7MwwDAMEBXCJoAMEAXCJpAMEA3CJqDAMAwQAd25hAwQAd25kAwQAd25mAwQAd25p
MAwDBAB3bmsDBAB3bmwDBAR8xeADBATKR2ADBAXKSyADBAXKogADBAXKpQADBATL
mVADBATSMJAwFAQCAAIwDgMFACQBsAADBQAkBAC4MA0GCSqGSIb3DQEBCwUAA4IB
AQAnaWim/DfLG76l8fqSn0gLWn2gwUF3Yw/DHr67+rros8ukrJXF2cgvZ7cRPsIL
tHsE/P7KQW8UaiiJf1pmqJxZTHj0Z9x2OE9/GZLwdSxTZ47qTgfMqtidl+v3doxb
X8Ky66xvRBovETZ1W0MUIifB7jPMwiS49dH26Cxj3cJ5TiexKwXUqN0f9s1y6izg
EFmzNR2BxIJp6y68YlnARaNUCl00opQl4T63biJwV7RbXREsVBGV0bD8XDDMjoWR
s2Z7Q8595G8khG8yiNhgMNTsso73HiHoorCeUpzA+6AzO3kSVGO2tUsKkVyuAr6G
WGzLW+WCAZILl9a4RSdhB59E
-----END CERTIFICATE-----
Generated at Thu May 15 12:46:19 2025 by rpki-client