Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/72D237AEEBA011EC87608210C4F9AE02.roa
File: 72D237AEEBA011EC87608210C4F9AE02.roa (raw, json)
Hash identifier: iSdaxxqgc4SH7DXdUJ6oZreikaVBPpaQcLPWc3b7FIc=
Subject key identifier: 97:1A:A7:97:EC:9D:B1:FB:67:3F:9E:79:F5:25:A8:D1:CD:13:22:4E
Certificate issuer: /CN=A912442A/serialNumber=8485A39ED6B62128EDF4F99B2C2A811F5C201570
Certificate serial: 0356
Authority key identifier: 84:85:A3:9E:D6:B6:21:28:ED:F4:F9:9B:2C:2A:81:1F:5C:20:15:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIWjnta2ISjt9PmbLCqBH1wgFXA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/72D237AEEBA011EC87608210C4F9AE02.roa
Signing time: Tue 13 May 2025 03:09:45 +0000
ROA not before: Tue 13 May 2025 03:09:45 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 38794
IP address blocks: 43.240.112.0/22 maxlen: 24
43.249.56.0/22 maxlen: 24
43.249.60.0/22 maxlen: 24
43.249.64.0/22 maxlen: 24
43.249.68.0/22 maxlen: 24
43.249.104.0/22 maxlen: 24
43.249.108.0/22 maxlen: 24
43.249.112.0/22 maxlen: 24
43.251.204.0/22 maxlen: 24
43.252.180.0/22 maxlen: 24
45.64.88.0/22 maxlen: 24
45.117.208.0/22 maxlen: 24
45.122.48.0/22 maxlen: 24
45.127.60.0/22 maxlen: 24
103.4.228.0/22 maxlen: 24
103.28.240.0/23 maxlen: 24
103.40.132.0/22 maxlen: 24
103.40.136.0/22 maxlen: 24
103.40.140.0/22 maxlen: 24
103.40.144.0/22 maxlen: 24
103.40.148.0/22 maxlen: 24
103.40.180.0/22 maxlen: 24
103.40.184.0/22 maxlen: 24
103.40.188.0/22 maxlen: 24
103.225.24.0/22 maxlen: 24
103.240.60.0/22 maxlen: 24
103.245.112.0/22 maxlen: 24
115.31.128.0/18 maxlen: 24
116.193.144.0/22 maxlen: 24
116.193.148.0/22 maxlen: 24
117.121.208.0/20 maxlen: 24
119.13.24.0/21 maxlen: 24
119.63.64.0/19 maxlen: 24
124.197.48.0/21 maxlen: 24
125.254.52.0/22 maxlen: 24
150.107.220.0/22 maxlen: 24
202.27.110.0/24 maxlen: 24
202.94.240.0/20 maxlen: 24
202.148.176.0/20 maxlen: 24
203.114.68.0/22 maxlen: 24
203.188.224.0/21 maxlen: 24
223.27.192.0/18 maxlen: 24
2001:df0:1e::/48 maxlen: 48
2400:cd00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/hIWjnta2ISjt9PmbLCqBH1wgFXA.crl
rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/hIWjnta2ISjt9PmbLCqBH1wgFXA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIWjnta2ISjt9PmbLCqBH1wgFXA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 20 May 2025 03:58:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 854 (0x356)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912442A, serialNumber=8485A39ED6B62128EDF4F99B2C2A811F5C201570
Validity
Not Before: May 13 03:09:45 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6822b7f9-4de1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ef:93:df:be:23:a0:d0:4c:27:7d:9f:48:1a:
30:2e:53:44:b2:fe:9e:41:db:d4:1b:d9:23:19:ec:
e6:ab:83:37:2c:1d:1a:5d:bb:db:a1:0d:35:b6:66:
d9:2e:a7:02:cc:8c:af:c0:bc:49:23:a7:68:4f:02:
69:c1:dd:bd:91:96:49:39:48:c6:6d:76:97:8c:93:
94:9a:3f:7d:08:2a:d3:33:bf:fe:5d:d0:a4:5e:68:
92:5a:f9:e2:e5:66:92:8e:b1:bd:55:f4:78:a4:b7:
15:f8:aa:ac:9c:e6:97:f8:c2:51:e7:78:f9:f7:ac:
58:ef:73:4a:54:5d:fc:89:e6:1d:a6:2a:36:18:eb:
76:67:66:84:80:ee:65:7c:5c:5a:03:da:04:2d:26:
e9:60:ab:56:5c:04:53:e9:2a:a5:bb:25:b6:fd:58:
f1:a1:f0:90:83:68:8c:8d:c2:9d:3b:51:1c:8e:a0:
71:20:2b:2d:0e:b5:b6:30:96:a3:39:94:09:40:1b:
2e:eb:78:53:a2:c7:15:c6:73:1f:10:6e:36:79:6e:
bf:06:d9:03:e4:46:25:0a:29:ca:33:a1:9a:c0:ff:
53:0c:85:62:80:35:7a:c7:40:b0:27:d5:ec:67:27:
38:66:79:53:56:f1:b5:09:00:52:5f:02:a8:d3:b9:
e3:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:1A:A7:97:EC:9D:B1:FB:67:3F:9E:79:F5:25:A8:D1:CD:13:22:4E
X509v3 Authority Key Identifier:
keyid:84:85:A3:9E:D6:B6:21:28:ED:F4:F9:9B:2C:2A:81:1F:5C:20:15:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/hIWjnta2ISjt9PmbLCqBH1wgFXA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIWjnta2ISjt9PmbLCqBH1wgFXA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/72D237AEEBA011EC87608210C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.240.112.0/22
43.249.56.0-43.249.71.255
43.249.104.0-43.249.115.255
43.251.204.0/22
43.252.180.0/22
45.64.88.0/22
45.117.208.0/22
45.122.48.0/22
45.127.60.0/22
103.4.228.0/22
103.28.240.0/23
103.40.132.0-103.40.151.255
103.40.180.0-103.40.191.255
103.225.24.0/22
103.240.60.0/22
103.245.112.0/22
115.31.128.0/18
116.193.144.0/21
117.121.208.0/20
119.13.24.0/21
119.63.64.0/19
124.197.48.0/21
125.254.52.0/22
150.107.220.0/22
202.27.110.0/24
202.94.240.0/20
202.148.176.0/20
203.114.68.0/22
203.188.224.0/21
223.27.192.0/18
IPv6:
2001:df0:1e::/48
2400:cd00::/32
Signature Algorithm: sha256WithRSAEncryption
ac:99:da:15:13:12:df:5f:86:7c:db:0b:c2:01:71:18:01:64:
ec:9e:ac:20:91:9c:4e:69:e3:f1:bb:15:32:da:4d:3e:ec:9f:
78:d5:79:ed:68:a3:a2:40:27:8c:81:92:45:19:e2:05:9a:4e:
6e:89:97:3a:d5:26:4d:3e:40:ba:53:ce:61:4d:79:1e:15:3b:
41:d8:d1:64:80:1d:02:16:5e:e9:a5:2c:69:38:e5:bb:f9:54:
87:4d:dc:81:bc:13:4d:08:6d:a1:19:23:3a:2f:c2:d9:77:6e:
7b:51:f0:a3:27:ac:28:94:2b:58:03:ea:21:22:4c:07:a1:ad:
75:b9:53:26:51:27:09:e0:1d:6a:e0:5a:34:42:9a:ff:e8:35:
cd:7c:49:6e:4f:f4:99:bb:13:4a:d7:ba:78:43:7b:db:84:15:
e0:f8:b2:8e:e7:20:07:0e:4e:39:62:a8:fd:33:84:0d:1b:9a:
24:7d:76:81:e3:51:f7:ee:ae:c4:d1:96:cf:99:09:93:31:e1:
0b:d9:d0:57:b7:a7:eb:01:f5:2a:a4:00:a1:b3:fa:8b:f7:8f:
ab:42:ec:df:b3:3e:a8:db:ea:9b:12:44:41:70:e5:db:16:3a:
8c:e9:0f:c3:18:18:5f:b8:75:a7:a1:08:02:cc:9e:1e:fa:17:
8a:7b:ee:9c
-----BEGIN CERTIFICATE-----
MIIGXTCCBUWgAwIBAgICA1YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjQ0MkExMTAvBgNVBAUTKDg0ODVBMzlFRDZCNjIxMjhFREY0Rjk5QjJDMkE4MTFG
NUMyMDE1NzAwHhcNMjUwNTEzMDMwOTQ1WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODIyYjdmOS00ZGUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAve+T374joNBMJ32fSBowLlNEsv6eQdvUG9kjGezmq4M3LB0aXbvboQ01tmbZ
LqcCzIyvwLxJI6doTwJpwd29kZZJOUjGbXaXjJOUmj99CCrTM7/+XdCkXmiSWvni
5WaSjrG9VfR4pLcV+KqsnOaX+MJR53j596xY73NKVF38ieYdpio2GOt2Z2aEgO5l
fFxaA9oELSbpYKtWXART6SqluyW2/VjxofCQg2iMjcKdO1EcjqBxICstDrW2MJaj
OZQJQBsu63hToscVxnMfEG42eW6/BtkD5EYlCinKM6GawP9TDIVigDV6x0CwJ9Xs
Zyc4ZnlTVvG1CQBSXwKo07njNQIDAQABo4IDgTCCA30wHQYDVR0OBBYEFJcap5fs
nbH7Zz+eefUlqNHNEyJOMB8GA1UdIwQYMBaAFISFo57WtiEo7fT5mywqgR9cIBVw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDQyQS8yMEYyQ0IwMEVC
OUMxMUVDQTY4MjEyMENDNEY5QUUwMi9oSVdqbnRhMklTanQ5UG1iTENxQkgxd2dG
WEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hJV2pudGEySVNqdDlQbWJMQ3FCSDF3Z0ZYQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjQ0MkEvMjBGMkNCMDBFQjlDMTFFQ0E2ODIxMjBDQzRGOUFFMDIvNzJEMjM3QUVF
QkEwMTFFQzg3NjA4MjEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEJBggrBgEFBQcBBwEB
/wSB+TCB9jCB2wQCAAEwgdQDBAIr8HAwDAMEAyv5OAMEAyv5QDAMAwQDK/loAwQC
K/lwAwQCK/vMAwQCK/y0AwQCLUBYAwQCLXXQAwQCLXowAwQCLX88AwQCZwTkAwQB
ZxzwMAwDBAJnKIQDBANnKJAwDAMEAmcotAMEBmcogAMEAmfhGAMEAmfwPAMEAmf1
cAMEBnMfgAMEA3TBkAMEBHV50AMEA3cNGAMEBXc/QAMEA3zFMAMEAn3+NAMEApZr
3AMEAMobbgMEBMpe8AMEBMqUsAMEAstyRAMEA8u84AMEBt8bwDAWBAIAAjAQAwcA
IAEN8AAeAwUAJADNADANBgkqhkiG9w0BAQsFAAOCAQEArJnaFRMS31+GfNsLwgFx
GAFk7J6sIJGcTmnj8bsVMtpNPuyfeNV57WijokAnjIGSRRniBZpObomXOtUmTT5A
ulPOYU15HhU7QdjRZIAdAhZe6aUsaTjlu/lUh03cgbwTTQhtoRkjOi/C2Xdue1Hw
oyesKJQrWAPqISJMB6GtdblTJlEnCeAdauBaNEKa/+g1zXxJbk/0mbsTSte6eEN7
24QV4PiyjucgBw5OOWKo/TOEDRuaJH12geNR9+6uxNGWz5kJkzHhC9nQV7en6wH1
KqQAobP6i/ePq0Ls37M+qNvqmxJEQXDl2xY6jOkPwxgYX7h1p6EIAsyeHvoXinvu
nA==
-----END CERTIFICATE-----
Generated at Wed May 14 06:49:38 2025 by rpki-client