Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/75D2A3666E8011EF92BDE465C4F9AE02.roa
File: 75D2A3666E8011EF92BDE465C4F9AE02.roa (raw, json)
Hash identifier: v4gS8ldmKvalHREezxuxhcHIAFJJZ1vxP5clbWg3+4Q=
Subject key identifier: A3:3D:4B:E6:14:33:B5:A4:35:84:6D:D1:C0:3F:38:0A:FA:12:9B:47
Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Certificate serial: 1D2F
Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/75D2A3666E8011EF92BDE465C4F9AE02.roa
Signing time: Tue 13 May 2025 15:33:50 +0000
ROA not before: Tue 13 May 2025 15:33:49 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 132165
IP address blocks: 43.245.128.0/24 maxlen: 24
43.245.129.0/24 maxlen: 24
43.245.130.0/24 maxlen: 24
43.245.131.0/24 maxlen: 24
103.12.120.0/24 maxlen: 24
103.12.121.0/24 maxlen: 24
103.12.122.0/24 maxlen: 24
103.12.123.0/24 maxlen: 24
111.119.160.0/24 maxlen: 24
111.119.161.0/24 maxlen: 24
111.119.162.0/24 maxlen: 24
111.119.163.0/24 maxlen: 24
111.119.164.0/24 maxlen: 24
111.119.165.0/24 maxlen: 24
111.119.166.0/24 maxlen: 24
111.119.167.0/24 maxlen: 24
113.203.192.0/24 maxlen: 24
113.203.193.0/24 maxlen: 24
113.203.195.0/24 maxlen: 24
113.203.200.0/24 maxlen: 24
113.203.201.0/24 maxlen: 24
113.203.202.0/24 maxlen: 24
113.203.203.0/24 maxlen: 24
113.203.204.0/24 maxlen: 24
113.203.205.0/24 maxlen: 24
113.203.207.0/24 maxlen: 24
115.42.64.0/24 maxlen: 24
115.42.65.0/24 maxlen: 24
115.42.66.0/24 maxlen: 24
115.42.67.0/24 maxlen: 24
115.42.68.0/24 maxlen: 24
115.42.69.0/24 maxlen: 24
115.42.70.0/24 maxlen: 24
118.103.226.0/24 maxlen: 24
118.103.227.0/24 maxlen: 24
118.103.228.0/24 maxlen: 24
118.103.229.0/24 maxlen: 24
118.103.230.0/24 maxlen: 24
118.103.231.0/24 maxlen: 24
118.103.232.0/24 maxlen: 24
118.103.233.0/24 maxlen: 24
118.103.234.0/24 maxlen: 24
118.103.235.0/24 maxlen: 24
118.103.236.0/24 maxlen: 24
118.103.237.0/24 maxlen: 24
118.103.238.0/24 maxlen: 24
118.103.239.0/24 maxlen: 24
2406:d00::/48 maxlen: 48
2406:d00:2222::/48 maxlen: 48
2406:d00:5555::/48 maxlen: 48
2406:d00:aaaa::/48 maxlen: 48
2406:d00:bbbb::/48 maxlen: 48
2406:d00:ccaa::/47 maxlen: 48
2406:d00:ccad::/48 maxlen: 48
2406:d00:ccc0::/46 maxlen: 48
2406:d00:cccc::/46 maxlen: 48
2406:d00:cce0::/48 maxlen: 48
2406:d00:ccea::/48 maxlen: 48
2406:d00:ddc1::/48 maxlen: 48
2406:d00:ddcc::/48 maxlen: 48
2406:d00:ddd1::/48 maxlen: 48
2406:d00:dddd::/48 maxlen: 48
2406:d00:ddf1::/48 maxlen: 48
2406:d00:ddff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 23 May 2025 16:24:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7471 (0x1d2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917A84A, serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Validity
Not Before: May 13 15:33:49 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=6823665d-8f29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:83:fb:85:c9:7e:c9:bc:b8:c6:97:f1:d4:98:
21:eb:c8:96:c6:db:cf:ad:d6:26:b6:de:68:62:e8:
b3:0c:dd:cb:15:2b:e2:b1:01:ce:07:5d:d2:24:4d:
70:5c:4a:51:30:e3:6e:6a:86:ae:b1:b1:18:b5:fa:
1c:e5:a7:89:2b:91:7a:2d:52:eb:4c:39:ff:ac:2d:
d1:a4:fb:6d:b4:ef:65:ab:ef:b6:ec:c0:3f:dc:b7:
ac:e1:08:3f:4c:20:db:f7:59:bd:9d:4e:da:5d:66:
06:93:87:ec:7e:fa:ab:e9:6d:b0:33:d7:ce:ea:fd:
ad:29:00:70:e7:77:bf:47:1a:e0:74:9e:89:27:ff:
52:3c:68:60:c1:40:41:cb:81:de:20:18:58:44:0c:
3d:7f:f2:4f:cf:a5:ac:a0:5a:9b:9d:a1:2b:b5:e7:
f2:dd:e1:02:3c:93:eb:f2:ed:fb:2d:2a:8b:af:89:
46:45:5e:e2:34:f1:e7:f6:bf:6a:62:4d:33:25:56:
46:80:49:a7:e0:b6:89:fc:c6:e1:09:a8:b7:78:3d:
06:e9:1e:60:0a:5b:ef:37:fd:a9:36:8e:6d:da:d9:
eb:ff:4c:26:e8:4f:a6:cb:cb:ec:d3:00:44:d6:43:
0a:3c:d4:d6:96:fc:43:f5:8b:ef:c8:92:ac:c4:ff:
b6:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:3D:4B:E6:14:33:B5:A4:35:84:6D:D1:C0:3F:38:0A:FA:12:9B:47
X509v3 Authority Key Identifier:
keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/75D2A3666E8011EF92BDE465C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.245.128.0/22
103.12.120.0/22
111.119.160.0/21
113.203.192.0/23
113.203.195.0/24
113.203.200.0-113.203.205.255
113.203.207.0/24
115.42.64.0-115.42.70.255
118.103.226.0-118.103.239.255
IPv6:
2406:d00::/48
2406:d00:2222::/48
2406:d00:5555::/48
2406:d00:aaaa::/48
2406:d00:bbbb::/48
2406:d00:ccaa::/47
2406:d00:ccad::/48
2406:d00:ccc0::/46
2406:d00:cccc::/46
2406:d00:cce0::/48
2406:d00:ccea::/48
2406:d00:ddc1::/48
2406:d00:ddcc::/48
2406:d00:ddd1::/48
2406:d00:dddd::/48
2406:d00:ddf1::/48
2406:d00:ddff::/48
Signature Algorithm: sha256WithRSAEncryption
c8:d9:69:a5:06:7d:3a:2c:43:a2:79:fc:22:9f:35:f6:a8:f2:
71:69:da:ec:1d:26:5f:bb:e0:57:cd:e6:af:28:7f:46:7d:2b:
c9:0e:8c:07:50:52:1d:84:99:9d:b8:bd:5a:6e:84:f4:d7:4b:
05:27:8a:d5:93:75:2c:f8:31:30:81:25:fa:5b:dc:0b:6f:e5:
8e:e6:6a:ce:c7:86:dd:0c:f4:ed:7a:d9:05:02:90:7f:78:30:
4c:99:f3:ea:6e:f7:79:b8:73:a3:e6:ee:6a:25:38:cf:1a:dc:
e1:54:4d:6d:df:e0:60:50:57:ba:f4:29:dd:6d:46:af:a7:40:
00:69:05:a7:42:77:cc:a2:6d:95:cb:d8:74:cf:b2:9c:21:3f:
10:b2:6e:07:1c:9a:cb:f3:bf:e1:23:d6:72:6e:e3:38:c8:49:
f3:93:4b:a0:e0:21:4e:a9:2b:d4:8b:36:99:e3:5c:1f:dc:d1:
12:b2:ba:0d:f1:da:6d:e0:d6:04:8d:11:02:3b:5c:a9:7e:0a:
af:26:0d:96:a9:66:6a:07:b7:0f:a4:7f:8d:35:8d:ad:76:27:
0d:ab:30:df:e0:6a:9d:a6:05:25:7c:69:7f:d3:a8:8f:c9:c7:
2f:8a:d6:e6:db:d0:91:dc:29:77:c9:4d:75:a0:e0:95:c9:4e:
dd:20:df:97
-----BEGIN CERTIFICATE-----
MIIGYDCCBUigAwIBAgICHS8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB
ODEzOTYwM0EwHhcNMjUwNTEzMTUzMzQ5WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODIzNjY1ZC04ZjI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvoP7hcl+yby4xpfx1Jgh68iWxtvPrdYmtt5oYuizDN3LFSvisQHOB13SJE1w
XEpRMONuaoausbEYtfoc5aeJK5F6LVLrTDn/rC3RpPtttO9lq++27MA/3Les4Qg/
TCDb91m9nU7aXWYGk4fsfvqr6W2wM9fO6v2tKQBw53e/RxrgdJ6JJ/9SPGhgwUBB
y4HeIBhYRAw9f/JPz6WsoFqbnaErtefy3eECPJPr8u37LSqLr4lGRV7iNPHn9r9q
Yk0zJVZGgEmn4LaJ/MbhCai3eD0G6R5gClvvN/2pNo5t2tnr/0wm6E+my8vs0wBE
1kMKPNTWlvxD9YvvyJKsxP+2NQIDAQABo4IDhDCCA4AwHQYDVR0OBBYEFKM9S+YU
M7WkNYRt0cA/OAr6EptHMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx
RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ
RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0E4NEEvMTgwNTE5MUFFMUVGMTFFNjlEMzY1MDFCQzRGOUFFMDIvNzVEMkEzNjY2
RTgwMTFFRjkyQkRFNDY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEMBggrBgEFBQcBBwEB
/wSB/DCB+TBUBAIAATBOAwQCK/WAAwQCZwx4AwQDb3egAwQBccvAAwQAccvDMAwD
BANxy8gDBAFxy8wDBABxy88wDAMEBnMqQAMEAHMqRjAMAwQBdmfiAwQEdmfgMIGg
BAIAAjCBmQMHACQGDQAAAAMHACQGDQAiIgMHACQGDQBVVQMHACQGDQCqqgMHACQG
DQC7uwMHASQGDQDMqgMHACQGDQDMrQMHAiQGDQDMwAMHAiQGDQDMzAMHACQGDQDM
4AMHACQGDQDM6gMHACQGDQDdwQMHACQGDQDdzAMHACQGDQDd0QMHACQGDQDd3QMH
ACQGDQDd8QMHACQGDQDd/zANBgkqhkiG9w0BAQsFAAOCAQEAyNlppQZ9OixDonn8
Ip819qjycWna7B0mX7vgV83mryh/Rn0ryQ6MB1BSHYSZnbi9Wm6E9NdLBSeK1ZN1
LPgxMIEl+lvcC2/ljuZqzseG3Qz07XrZBQKQf3gwTJnz6m73ebhzo+buaiU4zxrc
4VRNbd/gYFBXuvQp3W1Gr6dAAGkFp0J3zKJtlcvYdM+ynCE/ELJuBxyay/O/4SPW
cm7jOMhJ85NLoOAhTqkr1Is2meNcH9zRErK6DfHabeDWBI0RAjtcqX4KryYNlqlm
age3D6R/jTWNrXYnDasw3+BqnaYFJXxpf9Ooj8nHL4rW5tvQkdwpd8lNdaDglclO
3SDflw==
-----END CERTIFICATE-----
Generated at Sat May 17 15:41:54 2025 by rpki-client