Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/694CCE66E53911EF9DD1B90DC4F9AE02.roa
File: 694CCE66E53911EF9DD1B90DC4F9AE02.roa (raw, json)
Hash identifier: Q50guEdFQrac2WGNIOWOMwAPEusnnVtr+0WbjS+0Iw8=
Subject key identifier: A6:37:BD:5F:B6:31:55:6B:27:80:88:76:13:53:6B:FB:52:85:D0:46
Certificate issuer: /CN=A918495F/serialNumber=90C22F7393850E8ECF6B5F1E320D07B2D1ACD8FD
Certificate serial: 17D1
Authority key identifier: 90:C2:2F:73:93:85:0E:8E:CF:6B:5F:1E:32:0D:07:B2:D1:AC:D8:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMIvc5OFDo7Pa18eMg0HstGs2P0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/694CCE66E53911EF9DD1B90DC4F9AE02.roa
Signing time: Thu 08 May 2025 17:17:44 +0000
ROA not before: Thu 08 May 2025 17:17:44 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 134190
IP address blocks: 42.3.226.0/24 maxlen: 32
203.198.4.0/25 maxlen: 32
203.198.4.128/25 maxlen: 32
203.198.7.0/26 maxlen: 32
203.198.7.64/26 maxlen: 32
203.198.23.0/24 maxlen: 32
203.198.24.64/26 maxlen: 32
218.102.1.0/24 maxlen: 32
218.102.2.0/24 maxlen: 32
218.102.3.0/24 maxlen: 32
218.102.11.64/27 maxlen: 32
218.102.16.0/25 maxlen: 32
218.102.16.208/30 maxlen: 32
218.102.20.80/28 maxlen: 32
218.102.20.128/27 maxlen: 32
218.102.20.192/27 maxlen: 32
218.102.20.224/27 maxlen: 32
218.102.21.32/28 maxlen: 32
218.102.21.224/27 maxlen: 32
218.102.22.64/27 maxlen: 32
218.102.22.96/27 maxlen: 32
218.102.23.0/24 maxlen: 32
218.102.32.0/24 maxlen: 32
218.102.34.0/24 maxlen: 32
218.102.43.64/27 maxlen: 32
218.102.43.96/27 maxlen: 32
218.102.48.0/24 maxlen: 32
218.102.49.0/26 maxlen: 32
218.102.49.80/28 maxlen: 32
218.102.49.128/26 maxlen: 32
218.102.49.192/28 maxlen: 32
218.102.50.0/24 maxlen: 32
218.102.51.0/24 maxlen: 32
218.102.52.80/28 maxlen: 32
218.102.53.0/24 maxlen: 32
218.102.60.64/26 maxlen: 32
218.102.62.0/24 maxlen: 32
219.76.0.64/27 maxlen: 32
219.76.5.0/25 maxlen: 32
219.76.7.0/25 maxlen: 32
219.76.14.64/27 maxlen: 32
219.76.14.96/27 maxlen: 32
219.76.26.128/27 maxlen: 32
219.76.26.160/27 maxlen: 32
219.76.26.192/26 maxlen: 32
219.76.64.64/26 maxlen: 32
219.76.64.160/28 maxlen: 32
219.76.64.192/26 maxlen: 32
219.76.67.96/27 maxlen: 32
219.76.68.0/26 maxlen: 32
219.76.68.64/26 maxlen: 32
219.76.94.0/24 maxlen: 32
219.76.95.0/24 maxlen: 32
219.76.98.64/27 maxlen: 32
219.76.99.0/24 maxlen: 32
219.76.100.0/26 maxlen: 32
219.76.100.64/26 maxlen: 32
219.76.100.128/25 maxlen: 32
219.76.104.64/28 maxlen: 32
219.76.111.0/24 maxlen: 32
219.76.112.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/kMIvc5OFDo7Pa18eMg0HstGs2P0.crl
rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/kMIvc5OFDo7Pa18eMg0HstGs2P0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMIvc5OFDo7Pa18eMg0HstGs2P0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 17 May 2025 16:31:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6097 (0x17d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918495F, serialNumber=90C22F7393850E8ECF6B5F1E320D07B2D1ACD8FD
Validity
Not Before: May 8 17:17:44 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=681ce738-ff2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:43:1d:01:8d:bb:63:fe:3d:43:06:69:3d:8f:
29:92:00:d4:7b:20:13:2b:39:77:59:a5:df:45:a0:
39:f4:95:33:d6:8c:4a:9b:95:1e:98:9b:fc:f5:5d:
bc:44:d7:a7:c1:f5:53:4a:46:62:f8:92:eb:0e:91:
fc:dc:cb:c4:12:3a:aa:8b:33:81:fb:e7:8c:32:9f:
48:bc:0f:08:60:3d:a8:92:d2:8c:08:7f:53:7c:e4:
9f:5b:13:b2:12:a6:23:5e:81:0b:e8:c8:2c:ee:a3:
2c:48:24:17:e0:b0:8a:4f:67:e0:fd:85:6b:9c:11:
5e:49:3c:a5:04:6c:ca:e6:b9:20:5b:c9:3e:97:86:
e1:6e:ba:c8:c7:c0:4b:68:a4:85:a8:58:0d:06:4e:
c2:03:67:b4:e9:39:0d:9e:06:03:68:da:22:53:08:
d8:5f:96:ed:86:88:cb:b7:6a:57:48:91:ff:7b:9d:
eb:34:cc:f4:5d:36:22:f2:41:74:67:29:17:02:0f:
36:6d:14:53:d1:9a:46:3f:01:4f:9d:62:30:f8:86:
b3:7a:c3:e8:3d:7f:11:9f:08:ad:74:dd:08:8d:3e:
59:45:2c:92:c8:6a:e0:9e:46:00:9b:b9:cf:00:8c:
74:bb:ad:d3:b7:03:43:41:4b:29:9a:2f:4b:82:9b:
8b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:37:BD:5F:B6:31:55:6B:27:80:88:76:13:53:6B:FB:52:85:D0:46
X509v3 Authority Key Identifier:
keyid:90:C2:2F:73:93:85:0E:8E:CF:6B:5F:1E:32:0D:07:B2:D1:AC:D8:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/kMIvc5OFDo7Pa18eMg0HstGs2P0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMIvc5OFDo7Pa18eMg0HstGs2P0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/694CCE66E53911EF9DD1B90DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
42.3.226.0/24
203.198.4.0/24
203.198.7.0/25
203.198.23.0/24
203.198.24.64/26
218.102.1.0-218.102.3.255
218.102.11.64/27
218.102.16.0/25
218.102.16.208/30
218.102.20.80/28
218.102.20.128/27
218.102.20.192/26
218.102.21.32/28
218.102.21.224/27
218.102.22.64/26
218.102.23.0/24
218.102.32.0/24
218.102.34.0/24
218.102.43.64/26
218.102.48.0-218.102.49.63
218.102.49.80/28
218.102.49.128-218.102.49.207
218.102.50.0/23
218.102.52.80/28
218.102.53.0/24
218.102.60.64/26
218.102.62.0/24
219.76.0.64/27
219.76.5.0/25
219.76.7.0/25
219.76.14.64/26
219.76.26.128/25
219.76.64.64/26
219.76.64.160/28
219.76.64.192/26
219.76.67.96/27
219.76.68.0/25
219.76.94.0/23
219.76.98.64/27
219.76.99.0-219.76.100.255
219.76.104.64/28
219.76.111.0-219.76.112.255
Signature Algorithm: sha256WithRSAEncryption
b9:1c:d8:fd:eb:9d:1d:19:2f:ea:63:2d:35:e8:92:1f:11:f4:
af:84:44:24:9e:1c:35:72:11:7a:af:8c:bc:ce:61:fc:22:89:
6f:26:f8:27:86:50:17:bd:9b:1e:1c:e7:39:d4:f5:f2:a5:d9:
b3:cf:82:30:5f:f9:50:a1:6e:1b:71:29:2f:c2:e6:70:8e:d7:
04:04:c4:38:ee:a3:12:cd:c7:77:52:35:5e:77:ad:d9:80:d9:
8d:56:1b:62:3c:bd:c3:9c:5a:36:50:c0:6e:bd:8a:c6:82:04:
e8:e8:2e:a2:e5:34:fe:d4:ae:90:51:83:52:e6:3c:06:d5:74:
a3:b7:fb:cb:31:e6:44:6f:dd:4c:5e:3f:9a:dd:8e:b6:76:15:
2e:2a:67:a9:50:52:d8:c6:d4:62:01:f7:60:7e:2e:e0:fb:48:
dc:bb:d2:0f:7a:af:6e:db:21:2d:99:2c:28:5a:76:93:25:cd:
66:8b:ea:b9:a9:6b:ac:60:05:ca:97:45:46:eb:ca:da:7b:1d:
f7:c7:9d:82:ea:c8:cf:da:ce:06:09:5b:1f:a0:a4:56:9d:e5:
96:aa:f2:15:e7:ed:72:20:14:5c:21:6c:1c:2c:e6:13:a7:04:
44:cd:e6:0c:8a:95:cd:24:c5:e6:e3:5f:96:b2:c9:13:81:7f:
1e:5f:c1:c5
-----BEGIN CERTIFICATE-----
MIIGtzCCBZ+gAwIBAgICF9EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODQ5NUYxMTAvBgNVBAUTKDkwQzIyRjczOTM4NTBFOEVDRjZCNUYxRTMyMEQwN0Iy
RDFBQ0Q4RkQwHhcNMjUwNTA4MTcxNzQ0WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODFjZTczOC1mZjJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAykMdAY27Y/49QwZpPY8pkgDUeyATKzl3WaXfRaA59JUz1oxKm5UemJv89V28
RNenwfVTSkZi+JLrDpH83MvEEjqqizOB++eMMp9IvA8IYD2oktKMCH9TfOSfWxOy
EqYjXoEL6Mgs7qMsSCQX4LCKT2fg/YVrnBFeSTylBGzK5rkgW8k+l4bhbrrIx8BL
aKSFqFgNBk7CA2e06TkNngYDaNoiUwjYX5bthojLt2pXSJH/e53rNMz0XTYi8kF0
ZykXAg82bRRT0ZpGPwFPnWIw+IazesPoPX8RnwitdN0IjT5ZRSySyGrgnkYAm7nP
AIx0u63TtwNDQUspmi9LgpuLnQIDAQABo4ID2zCCA9cwHQYDVR0OBBYEFKY3vV+2
MVVrJ4CIdhNTa/tShdBGMB8GA1UdIwQYMBaAFJDCL3OThQ6Oz2tfHjINB7LRrNj9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDk1Ri84NDhDODU3Q0RG
RUMxMUU3QTI3QTIyMTNDNEY5QUUwMi9rTUl2YzVPRkRvN1BhMThlTWcwSHN0R3My
UDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tNSXZjNU9GRG83UGExOGVNZzBIc3RHczJQMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODQ5NUYvODQ4Qzg1N0NERkVDMTFFN0EyN0EyMjEzQzRGOUFFMDIvNjk0Q0NFNjZF
NTM5MTFFRjlERDFCOTBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggFjBggrBgEFBQcBBwEB
/wSCAVIwggFOMIIBSgQCAAEwggFCAwQAKgPiAwQAy8YEAwUHy8YHAAMEAMvGFwMF
BsvGGEAwDAMEANpmAQMEAtpmAAMFBdpmC0ADBQfaZhAAAwUC2mYQ0AMFBNpmFFAD
BQXaZhSAAwUG2mYUwAMFBNpmFSADBQXaZhXgAwUG2mYWQAMEANpmFwMEANpmIAME
ANpmIgMFBtpmK0AwDQMEBNpmMAMFBtpmMQADBQTaZjFQMA4DBQfaZjGAAwUE2mYx
wAMEAdpmMgMFBNpmNFADBADaZjUDBQbaZjxAAwQA2mY+AwUF20wAQAMFB9tMBQAD
BQfbTAcAAwUG20wOQAMFB9tMGoADBQbbTEBAAwUE20xAoAMFBttMQMADBQXbTENg
AwUH20xEAAMEAdtMXgMFBdtMYkAwDAMEANtMYwMEANtMZAMFBNtMaEAwDAMEANtM
bwMEANtMcDANBgkqhkiG9w0BAQsFAAOCAQEAuRzY/eudHRkv6mMtNeiSHxH0r4RE
JJ4cNXIReq+MvM5h/CKJbyb4J4ZQF72bHhznOdT18qXZs8+CMF/5UKFuG3EpL8Lm
cI7XBATEOO6jEs3Hd1I1Xnet2YDZjVYbYjy9w5xaNlDAbr2KxoIE6OguouU0/tSu
kFGDUuY8BtV0o7f7yzHmRG/dTF4/mt2OtnYVLipnqVBS2MbUYgH3YH4u4PtI3LvS
D3qvbtshLZksKFp2kyXNZovqualrrGAFypdFRuvK2nsd98edgurIz9rOBglbH6Ck
Vp3llqryFeftciAUXCFsHCzmE6cERM3mDIqVzSTF5uNflrLJE4F/Hl/BxQ==
-----END CERTIFICATE-----
Generated at Sun May 11 22:39:43 2025 by rpki-client