Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914DA2D/8383620A50D511E79ECE4013C4F9AE02/442A935E2F1F11F0A35F5757C4F9AE02.roa
File: 442A935E2F1F11F0A35F5757C4F9AE02.roa (raw, json)
Hash identifier: hBSO24ULXhKu94YR3RfqFp/a4boCJIBAaE6mmtZ9Bvs=
Subject key identifier: 89:A1:8A:ED:D2:89:0E:3A:94:5E:B7:B0:DF:93:34:F9:70:2C:B9:B7
Certificate issuer: /CN=A914DA2D/serialNumber=29962325DE0BADE4DC9DDBC576AE277012BC3758
Certificate serial: 1A51
Authority key identifier: 29:96:23:25:DE:0B:AD:E4:DC:9D:DB:C5:76:AE:27:70:12:BC:37:58
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KZYjJd4LreTcndvFdq4ncBK8N1g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914DA2D/8383620A50D511E79ECE4013C4F9AE02/442A935E2F1F11F0A35F5757C4F9AE02.roa
Signing time: Mon 12 May 2025 10:52:58 +0000
ROA not before: Mon 12 May 2025 10:52:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 17882
IP address blocks: 14.1.124.0/24 maxlen: 24
14.1.125.0/24 maxlen: 24
14.1.126.0/24 maxlen: 24
14.1.127.0/24 maxlen: 24
103.11.192.0/24 maxlen: 24
103.11.193.0/24 maxlen: 24
103.11.194.0/24 maxlen: 24
103.11.195.0/24 maxlen: 24
103.48.184.0/24 maxlen: 24
103.48.185.0/24 maxlen: 24
103.48.186.0/24 maxlen: 24
103.48.187.0/24 maxlen: 24
103.79.156.0/23 maxlen: 24
103.212.116.0/24 maxlen: 24
103.212.117.0/24 maxlen: 24
103.212.118.0/24 maxlen: 24
103.212.119.0/24 maxlen: 24
103.219.136.0/24 maxlen: 24
103.219.137.0/24 maxlen: 24
103.219.138.0/24 maxlen: 24
103.219.139.0/24 maxlen: 24
103.239.56.0/24 maxlen: 24
103.239.57.0/24 maxlen: 24
103.239.58.0/24 maxlen: 24
103.239.59.0/24 maxlen: 24
122.201.16.0/24 maxlen: 24
122.201.17.0/24 maxlen: 24
122.201.18.0/24 maxlen: 24
122.201.19.0/24 maxlen: 24
122.201.20.0/24 maxlen: 24
122.201.23.0/24 maxlen: 24
122.201.24.0/24 maxlen: 24
122.201.25.0/24 maxlen: 24
122.201.26.0/24 maxlen: 24
122.201.27.0/24 maxlen: 24
122.201.28.0/24 maxlen: 24
122.201.29.0/24 maxlen: 24
122.201.30.0/24 maxlen: 24
122.201.31.0/24 maxlen: 24
139.5.216.0/24 maxlen: 24
139.5.217.0/24 maxlen: 24
139.5.218.0/24 maxlen: 24
139.5.219.0/24 maxlen: 24
202.70.33.0/24 maxlen: 24
202.70.34.0/24 maxlen: 24
202.70.35.0/24 maxlen: 24
202.70.36.0/24 maxlen: 24
202.70.37.0/24 maxlen: 24
202.70.38.0/24 maxlen: 24
202.70.39.0/24 maxlen: 24
202.70.40.0/24 maxlen: 24
202.70.41.0/24 maxlen: 24
202.70.42.0/24 maxlen: 24
202.70.43.0/24 maxlen: 24
202.70.44.0/24 maxlen: 24
202.70.45.0/24 maxlen: 24
202.70.46.0/24 maxlen: 24
202.70.47.0/24 maxlen: 24
203.17.23.0/24 maxlen: 24
203.21.120.0/24 maxlen: 24
203.23.49.0/24 maxlen: 24
203.23.199.0/24 maxlen: 24
203.98.76.0/23 maxlen: 24
2405:5700::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914DA2D/8383620A50D511E79ECE4013C4F9AE02/KZYjJd4LreTcndvFdq4ncBK8N1g.crl
rsync://rpki.apnic.net/member_repository/A914DA2D/8383620A50D511E79ECE4013C4F9AE02/KZYjJd4LreTcndvFdq4ncBK8N1g.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KZYjJd4LreTcndvFdq4ncBK8N1g.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 19 May 2025 16:19:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6737 (0x1a51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914DA2D, serialNumber=29962325DE0BADE4DC9DDBC576AE277012BC3758
Validity
Not Before: May 12 10:52:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6821d30a-10b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:5c:b5:be:f5:e0:0f:3f:dc:fd:6d:9e:f2:fa:
f8:37:2d:05:52:6f:1e:c1:80:09:2e:6e:b6:1d:65:
4c:fd:ff:15:de:2d:e0:d3:20:fa:37:d8:8a:7a:92:
85:9f:5e:5d:0b:5f:8a:29:11:0d:74:3b:42:14:ed:
4a:76:ac:fd:2c:c7:a7:3b:f5:f9:01:05:57:83:00:
a7:1c:c1:d8:b1:66:09:ba:a6:04:cc:f5:25:18:42:
b8:de:cf:43:3b:df:d5:c8:20:1d:c8:09:b5:a3:5b:
0e:4f:55:55:ea:77:49:2c:13:68:99:23:15:e6:d6:
0e:43:17:d8:8f:23:03:ef:d7:be:72:c6:19:d4:f0:
7f:19:93:01:87:6d:14:90:fb:76:84:2c:4e:f8:a9:
4e:7c:a2:d8:58:e5:a1:26:cb:61:4a:6e:31:59:5b:
df:f2:0f:f0:4d:cf:f9:ba:ae:2e:b6:7c:d8:16:25:
a8:a1:0d:2f:1b:77:86:25:55:47:68:8b:39:b8:61:
3b:de:2c:99:87:73:4a:33:ff:03:8d:aa:1c:54:57:
10:d5:0e:6b:21:37:00:9d:e2:34:8c:08:3b:ad:c1:
df:42:43:74:ae:59:c0:1e:2e:84:d0:d3:c7:d4:ed:
a9:73:2e:a8:7e:3e:e0:14:6c:2b:21:ad:ce:e8:75:
ad:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:A1:8A:ED:D2:89:0E:3A:94:5E:B7:B0:DF:93:34:F9:70:2C:B9:B7
X509v3 Authority Key Identifier:
keyid:29:96:23:25:DE:0B:AD:E4:DC:9D:DB:C5:76:AE:27:70:12:BC:37:58
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914DA2D/8383620A50D511E79ECE4013C4F9AE02/KZYjJd4LreTcndvFdq4ncBK8N1g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KZYjJd4LreTcndvFdq4ncBK8N1g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914DA2D/8383620A50D511E79ECE4013C4F9AE02/442A935E2F1F11F0A35F5757C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.1.124.0/22
103.11.192.0/22
103.48.184.0/22
103.79.156.0/23
103.212.116.0/22
103.219.136.0/22
103.239.56.0/22
122.201.16.0-122.201.20.255
122.201.23.0-122.201.31.255
139.5.216.0/22
202.70.33.0-202.70.47.255
203.17.23.0/24
203.21.120.0/24
203.23.49.0/24
203.23.199.0/24
203.98.76.0/23
IPv6:
2405:5700::/32
Signature Algorithm: sha256WithRSAEncryption
79:5a:54:65:30:91:fb:14:9e:1a:7a:1a:85:0b:7b:86:a1:23:
d5:db:ed:da:2d:a6:99:97:6a:3e:19:07:79:f5:c9:76:2f:f2:
c6:02:c6:69:01:1e:a1:b2:e2:3e:90:52:2d:a1:5c:b8:22:61:
00:cf:a5:45:a9:4f:c5:7b:11:04:91:cd:99:8f:2d:7f:7d:4d:
d6:01:bd:20:d0:ce:50:b7:bf:e2:9c:1e:0a:46:0a:66:45:04:
9d:12:19:42:6b:0f:c9:c4:98:6d:f6:56:29:13:b1:b0:68:a7:
e7:81:22:8d:38:5b:67:ac:85:0c:6f:f9:fc:59:ea:4d:02:b0:
83:8c:7d:3d:0e:64:10:02:5a:f4:a1:0a:d4:6d:2c:7e:f0:d8:
3b:c5:11:5f:ea:71:4c:09:3e:4a:b9:0b:0a:68:8f:c5:94:08:
d8:26:d9:9d:4d:45:b4:9d:26:c2:0d:71:81:be:df:08:fa:98:
de:4b:7f:1f:a5:7e:34:5b:94:a0:ec:fa:b0:e9:fe:d9:ac:89:
3e:7f:d0:7f:7d:92:60:0d:5d:e1:79:2b:74:bd:7e:20:0d:f6:
42:83:ea:91:0b:31:c8:f9:ec:38:fc:c3:f9:3e:28:9b:73:db:
7a:3d:22:7f:70:3c:97:93:4e:fd:1b:43:48:0a:e0:fa:4a:aa:
7e:fc:d8:36
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgICGlEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NERBMkQxMTAvBgNVBAUTKDI5OTYyMzI1REUwQkFERTREQzlEREJDNTc2QUUyNzcw
MTJCQzM3NTgwHhcNMjUwNTEyMTA1MjU4WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODIxZDMwYS0xMGIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyVy1vvXgDz/c/W2e8vr4Ny0FUm8ewYAJLm62HWVM/f8V3i3g0yD6N9iKepKF
n15dC1+KKRENdDtCFO1Kdqz9LMenO/X5AQVXgwCnHMHYsWYJuqYEzPUlGEK43s9D
O9/VyCAdyAm1o1sOT1VV6ndJLBNomSMV5tYOQxfYjyMD79e+csYZ1PB/GZMBh20U
kPt2hCxO+KlOfKLYWOWhJsthSm4xWVvf8g/wTc/5uq4utnzYFiWooQ0vG3eGJVVH
aIs5uGE73iyZh3NKM/8DjaocVFcQ1Q5rITcAneI0jAg7rcHfQkN0rlnAHi6E0NPH
1O2pcy6ofj7gFGwrIa3O6HWtqQIDAQABo4IDGTCCAxUwHQYDVR0OBBYEFImhiu3S
iQ46lF63sN+TNPlwLLm3MB8GA1UdIwQYMBaAFCmWIyXeC63k3J3bxXauJ3ASvDdY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0REEyRC84MzgzNjIwQTUw
RDUxMUU3OUVDRTQwMTNDNEY5QUUwMi9LWllqSmQ0THJlVGNuZHZGZHE0bmNCSzhO
MWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0taWWpKZDRMcmVUY25kdkZkcTRuY0JLOE4xZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NERBMkQvODM4MzYyMEE1MEQ1MTFFNzlFQ0U0MDEzQzRGOUFFMDIvNDQyQTkzNUUy
RjFGMTFGMEEzNUY1NzU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaIGCCsGAQUFBwEHAQH/
BIGSMIGPMH4EAgABMHgDBAIOAXwDBAJnC8ADBAJnMLgDBAFnT5wDBAJn1HQDBAJn
24gDBAJn7zgwDAMEBHrJEAMEAHrJFDAMAwQAeskXAwQFeskAAwQCiwXYMAwDBADK
RiEDBATKRiADBADLERcDBADLFXgDBADLFzEDBADLF8cDBAHLYkwwDQQCAAIwBwMF
ACQFVwAwDQYJKoZIhvcNAQELBQADggEBAHlaVGUwkfsUnhp6GoULe4ahI9Xb7dot
ppmXaj4ZB3n1yXYv8sYCxmkBHqGy4j6QUi2hXLgiYQDPpUWpT8V7EQSRzZmPLX99
TdYBvSDQzlC3v+KcHgpGCmZFBJ0SGUJrD8nEmG32VikTsbBop+eBIo04W2eshQxv
+fxZ6k0CsIOMfT0OZBACWvShCtRtLH7w2DvFEV/qcUwJPkq5Cwpoj8WUCNgm2Z1N
RbSdJsINcYG+3wj6mN5Lfx+lfjRblKDs+rDp/tmsiT5/0H99kmANXeF5K3S9fiAN
9kKD6pELMcj57Dj8w/k+KJtz23o9In9wPJeTTv0bQ0gK4PpKqn782DY=
-----END CERTIFICATE-----
Generated at Tue May 13 00:05:03 2025 by rpki-client