Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0DB557D08A9111EDA4336377C4F9AE02.roa
File: 0DB557D08A9111EDA4336377C4F9AE02.roa (raw, json)
Hash identifier: q+EJW6Fp/TqNQigeOsWhOL4SuhzUrxEhOAcAcxfyyTk=
Subject key identifier: A4:04:A9:C1:0C:12:09:B5:5E:6E:EB:29:65:E1:AE:DA:25:EE:9B:84
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: BA4C
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0DB557D08A9111EDA4336377C4F9AE02.roa
Signing time: Thu 08 May 2025 16:31:48 +0000
ROA not before: Thu 08 May 2025 16:31:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58659
IP address blocks: 43.254.204.0/22 maxlen: 24
43.254.212.0/22 maxlen: 24
43.255.132.0/22 maxlen: 24
43.255.140.0/22 maxlen: 24
45.126.8.0/22 maxlen: 24
103.12.192.0/22 maxlen: 24
103.19.248.0/22 maxlen: 24
103.67.12.0/22 maxlen: 24
103.83.152.0/22 maxlen: 24
103.91.168.0/23 maxlen: 24
103.183.102.0/23 maxlen: 24
103.183.138.0/23 maxlen: 24
103.187.232.0/23 maxlen: 24
103.201.144.0/22 maxlen: 24
103.211.176.0/22 maxlen: 24
103.228.44.0/22 maxlen: 24
103.236.152.0/22 maxlen: 24
103.243.184.0/22 maxlen: 24
103.249.120.0/22 maxlen: 24
139.5.100.0/22 maxlen: 24
202.9.124.0/22 maxlen: 24
2001:df2:c0::/48 maxlen: 48
2400:e1c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 22 May 2025 11:04:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47692 (0xba4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 8 16:31:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=681cdc73-7128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d9:fd:b2:7b:4a:ea:4d:9a:a8:ff:1f:06:29:
b3:96:03:31:83:5b:da:fe:61:5c:a5:76:21:80:ee:
80:38:9d:56:14:c6:98:e2:65:49:1b:60:ae:4e:aa:
0e:7d:14:a4:3d:86:14:dd:59:37:5b:0b:90:bb:2a:
c7:37:23:2d:05:31:19:a2:88:f2:d4:d8:a7:25:52:
e2:8a:6c:aa:6b:6d:30:ca:c7:20:7c:14:d6:98:df:
7a:fe:fe:2c:26:7c:e2:6e:6a:9b:d9:65:2b:28:b2:
1e:79:fd:cb:a2:d0:a8:70:bf:57:e1:f5:ff:ff:b2:
3a:26:fb:26:81:6a:a1:9b:0e:7f:c1:5a:58:16:54:
ca:9e:2a:e4:9e:a8:56:d3:cc:86:00:bb:e8:a8:fe:
fc:e2:ba:52:78:01:6e:38:7c:dc:50:b2:17:5c:4a:
8f:d7:27:53:24:d3:8a:5f:ce:0f:78:e0:03:7c:d2:
96:cc:ac:0c:c7:cd:2a:31:a4:99:ea:2e:fa:04:57:
c6:4e:a8:a1:59:5c:1b:da:d2:b1:cf:b4:8b:81:ef:
eb:c5:f2:a0:05:6e:53:d7:83:50:e2:22:30:c2:d6:
60:15:6a:a9:29:aa:43:12:c2:9f:36:f2:d9:e4:1e:
df:1e:12:48:74:1c:a9:d5:db:d4:6e:8f:20:f0:d0:
b8:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:04:A9:C1:0C:12:09:B5:5E:6E:EB:29:65:E1:AE:DA:25:EE:9B:84
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0DB557D08A9111EDA4336377C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.204.0/22
43.254.212.0/22
43.255.132.0/22
43.255.140.0/22
45.126.8.0/22
103.12.192.0/22
103.19.248.0/22
103.67.12.0/22
103.83.152.0/22
103.91.168.0/23
103.183.102.0/23
103.183.138.0/23
103.187.232.0/23
103.201.144.0/22
103.211.176.0/22
103.228.44.0/22
103.236.152.0/22
103.243.184.0/22
103.249.120.0/22
139.5.100.0/22
202.9.124.0/22
IPv6:
2001:df2:c0::/48
2400:e1c0::/32
Signature Algorithm: sha256WithRSAEncryption
5b:bf:bd:e6:d4:23:92:4b:69:7b:4a:3d:fe:ec:f3:70:f8:a1:
e3:d2:49:33:e7:fb:74:b6:b5:94:d7:d3:79:10:8b:0b:ec:a7:
e7:10:85:9b:1a:5e:c9:4f:05:67:7b:6c:c3:3d:25:d8:12:19:
7e:a2:f5:d7:22:49:20:7a:84:37:70:bd:d1:35:9f:45:4f:a3:
99:e1:22:61:27:5d:a2:ba:b8:30:87:c8:37:a2:16:de:f9:fb:
b2:f9:8b:65:7d:8d:27:f6:38:0d:ad:b2:ac:4a:4b:5d:31:b8:
67:e3:76:74:b4:da:19:55:32:06:94:7e:59:e4:fb:f4:b0:cc:
20:94:d5:53:51:a4:fb:ec:8d:38:56:e7:08:25:2e:34:52:8f:
a2:4e:93:a1:f2:dc:31:ff:8c:b8:6c:21:c7:ff:2a:7a:b9:b3:
c1:63:24:c8:53:67:f9:a1:c0:5c:0c:03:76:81:32:44:e9:47:
25:bb:0d:6e:8c:51:cb:af:4e:22:8c:5f:f5:b4:6e:0c:1a:3e:
6e:d2:a1:ea:8b:3d:ab:d4:41:1a:ab:1e:e5:8b:f5:1d:9d:3c:
14:e0:f8:06:36:42:55:ed:f6:87:a5:d9:cf:27:c8:b4:26:cd:
2f:4e:3b:2b:a3:c7:0f:ff:68:33:f1:20:40:da:59:05:cc:f6:
40:ac:f8:fd
-----BEGIN CERTIFICATE-----
MIIGBjCCBO6gAwIBAgIDALpMMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUwODE2MzE0OFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgxY2RjNzMtNzEyODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7Z/bJ7SupNmqj/HwYps5YDMYNb2v5hXKV2IYDugDidVhTGmOJlSRtgrk6q
Dn0UpD2GFN1ZN1sLkLsqxzcjLQUxGaKI8tTYpyVS4opsqmttMMrHIHwU1pjfev7+
LCZ84m5qm9llKyiyHnn9y6LQqHC/V+H1//+yOib7JoFqoZsOf8FaWBZUyp4q5J6o
VtPMhgC76Kj+/OK6UngBbjh83FCyF1xKj9cnUyTTil/OD3jgA3zSlsysDMfNKjGk
meou+gRXxk6ooVlcG9rSsc+0i4Hv68XyoAVuU9eDUOIiMMLWYBVqqSmqQxLCnzby
2eQe3x4SSHQcqdXb1G6PIPDQuMcCAwEAAaOCAykwggMlMB0GA1UdDgQWBBSkBKnB
DBIJtV5u6yll4a7aJe6bhDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzBEQjU1N0Qw
OEE5MTExRURBNDMzNjM3N0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGyBggrBgEFBQcBBwEB
/wSBojCBnzCBhAQCAAEwfgMEAiv+zAMEAiv+1AMEAiv/hAMEAiv/jAMEAi1+CAME
AmcMwAMEAmcT+AMEAmdDDAMEAmdTmAMEAWdbqAMEAWe3ZgMEAWe3igMEAWe76AME
AmfJkAMEAmfTsAMEAmfkLAMEAmfsmAMEAmfzuAMEAmf5eAMEAosFZAMEAsoJfDAW
BAIAAjAQAwcAIAEN8gDAAwUAJADhwDANBgkqhkiG9w0BAQsFAAOCAQEAW7+95tQj
kktpe0o9/uzzcPih49JJM+f7dLa1lNfTeRCLC+yn5xCFmxpeyU8FZ3tswz0l2BIZ
fqL11yJJIHqEN3C90TWfRU+jmeEiYSddorq4MIfIN6IW3vn7svmLZX2NJ/Y4Da2y
rEpLXTG4Z+N2dLTaGVUyBpR+WeT79LDMIJTVU1Gk++yNOFbnCCUuNFKPok6TofLc
Mf+MuGwhx/8qermzwWMkyFNn+aHAXAwDdoEyROlHJbsNboxRy69OIoxf9bRuDBo+
btKh6os9q9RBGqse5Yv1HZ08FOD4BjZCVe32h6XZzyfItCbNL047K6PHD/9oM/Eg
QNpZBcz2QKz4/Q==
-----END CERTIFICATE-----
Generated at Thu May 15 21:45:44 2025 by rpki-client