Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/346F90C45F7A11EFB8032057C4F9AE02.roa
File: 346F90C45F7A11EFB8032057C4F9AE02.roa (raw, json)
Hash identifier: f//tlLDlEawBehqmYf6Up53vrJdxbyGu0g8PSpXJ5sU=
Subject key identifier: 45:7D:D7:61:D0:72:0B:85:B0:26:E3:94:B2:81:2B:76:CC:2E:A4:CF
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: B9D5
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/346F90C45F7A11EFB8032057C4F9AE02.roa
Signing time: Thu 08 May 2025 16:29:53 +0000
ROA not before: Thu 08 May 2025 16:29:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 17625
IP address blocks: 36.255.8.0/22 maxlen: 24
43.252.192.0/22 maxlen: 24
45.64.196.0/22 maxlen: 24
45.64.204.0/22 maxlen: 24
45.114.56.0/22 maxlen: 24
45.114.64.0/22 maxlen: 24
45.114.212.0/22 maxlen: 24
45.116.56.0/24 maxlen: 24
45.116.57.0/24 maxlen: 24
45.116.58.0/24 maxlen: 24
45.116.59.0/24 maxlen: 24
103.19.196.0/22 maxlen: 24
103.54.12.0/22 maxlen: 24
103.54.20.0/22 maxlen: 24
103.54.188.0/22 maxlen: 24
103.91.132.0/22 maxlen: 24
103.206.56.0/22 maxlen: 24
103.208.224.0/22 maxlen: 24
103.254.32.0/22 maxlen: 24
103.254.244.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 19 May 2025 18:54:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47573 (0xb9d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 8 16:29:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=681cdc01-fe03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:4d:f4:80:0f:09:23:80:cd:d9:d7:62:0d:3a:
77:c6:93:b0:5d:1e:07:05:0e:20:19:ae:65:34:79:
9c:17:22:07:82:8c:07:29:82:7d:87:32:45:18:f6:
44:3d:cb:e8:ae:49:68:f7:eb:e2:5b:9a:4f:f8:6c:
b3:1b:1e:76:c1:18:c7:04:aa:45:33:23:f1:30:ae:
12:1e:44:b0:1e:5c:f9:59:52:1f:13:83:2f:87:e6:
3c:ae:85:7f:2f:39:5e:a7:f2:3c:f7:ec:87:dc:68:
84:bc:ff:90:25:84:01:49:24:12:39:af:97:2e:c3:
e7:b1:91:1a:06:e7:b7:e7:02:05:07:03:f6:0c:4f:
b4:7a:c5:dc:32:99:f1:41:09:f3:58:93:e4:9d:26:
e2:bd:35:33:85:1a:80:9e:58:08:e4:46:fd:ea:74:
8a:8d:2f:b7:41:ee:13:f3:84:fb:bf:d7:15:1b:c0:
a5:9b:ee:c0:a3:09:28:c4:96:d3:67:5a:5a:6f:22:
8a:1f:61:01:3f:a4:06:2e:41:e5:69:5f:1c:ec:2d:
7d:35:46:26:5c:16:ef:46:f0:60:10:ef:44:1f:9d:
71:5b:45:df:39:d6:db:dd:53:c7:ea:1b:71:07:ab:
00:91:f1:e0:0f:10:8f:87:ef:d6:dd:bb:39:a5:01:
eb:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:7D:D7:61:D0:72:0B:85:B0:26:E3:94:B2:81:2B:76:CC:2E:A4:CF
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/346F90C45F7A11EFB8032057C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.8.0/22
43.252.192.0/22
45.64.196.0/22
45.64.204.0/22
45.114.56.0/22
45.114.64.0/22
45.114.212.0/22
45.116.56.0/22
103.19.196.0/22
103.54.12.0/22
103.54.20.0/22
103.54.188.0/22
103.91.132.0/22
103.206.56.0/22
103.208.224.0/22
103.254.32.0/22
103.254.244.0/22
Signature Algorithm: sha256WithRSAEncryption
87:9d:3d:a5:75:ce:92:81:7d:b3:8c:ae:7c:f7:4b:4e:23:11:
1e:af:40:86:a6:91:f4:00:ca:52:72:6c:d3:47:1a:e7:99:29:
96:c5:d6:5f:76:6a:db:a6:c1:be:07:85:e3:2e:0e:9b:4f:84:
07:30:3d:6f:a4:85:87:64:7d:dd:79:41:2f:53:d8:a4:ea:90:
2b:bc:d8:19:18:c5:92:7d:15:2a:f7:ff:f8:ed:18:e4:c1:5b:
7f:76:f7:a7:2e:31:c0:fe:68:3d:8c:c0:86:0e:be:4f:9e:06:
70:4f:02:dd:bc:a6:f7:e6:78:77:42:57:ad:72:22:25:d6:55:
34:c2:d2:51:75:2e:d3:b6:17:50:b8:d6:cb:04:72:00:4e:0a:
c9:a7:be:56:a6:28:f9:eb:06:3b:8a:bc:81:e1:41:4f:7d:42:
84:7f:e5:93:81:cd:80:13:16:0c:6c:2a:90:8c:3c:35:16:39:
71:26:14:ce:dc:67:ae:ec:b8:dd:0f:7a:cf:56:05:89:72:8d:
61:cf:33:40:a7:14:4b:99:13:ca:ff:db:77:22:ad:c9:74:7f:
3f:e7:ad:5b:d7:16:28:8e:0c:90:5e:53:61:db:ab:85:c7:6e:
13:06:7c:b1:fd:7f:67:78:56:3b:77:e7:25:b6:5d:51:fc:e4:
3c:77:a4:17
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgIDALnVMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUwODE2Mjk1M1oXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgxY2RjMDEtZmUwMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN5N9IAPCSOAzdnXYg06d8aTsF0eBwUOIBmuZTR5nBciB4KMBymCfYcyRRj2
RD3L6K5JaPfr4luaT/hssxsedsEYxwSqRTMj8TCuEh5EsB5c+VlSHxODL4fmPK6F
fy85XqfyPPfsh9xohLz/kCWEAUkkEjmvly7D57GRGgbnt+cCBQcD9gxPtHrF3DKZ
8UEJ81iT5J0m4r01M4UagJ5YCORG/ep0io0vt0HuE/OE+7/XFRvApZvuwKMJKMSW
02daWm8iih9hAT+kBi5B5WlfHOwtfTVGJlwW70bwYBDvRB+dcVtF3znW291Tx+ob
cQerAJHx4A8Qj4fv1t27OaUB6wUCAwEAAaOCAvUwggLxMB0GA1UdDgQWBBRFfddh
0HILhbAm45SygSt2zC6kzzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzM0NkY5MEM0
NUY3QTExRUZCODAzMjA1N0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMH8GCCsGAQUFBwEHAQH/
BHAwbjBsBAIAATBmAwQCJP8IAwQCK/zAAwQCLUDEAwQCLUDMAwQCLXI4AwQCLXJA
AwQCLXLUAwQCLXQ4AwQCZxPEAwQCZzYMAwQCZzYUAwQCZza8AwQCZ1uEAwQCZ844
AwQCZ9DgAwQCZ/4gAwQCZ/70MA0GCSqGSIb3DQEBCwUAA4IBAQCHnT2ldc6SgX2z
jK5890tOIxEer0CGppH0AMpScmzTRxrnmSmWxdZfdmrbpsG+B4XjLg6bT4QHMD1v
pIWHZH3deUEvU9ik6pArvNgZGMWSfRUq9//47RjkwVt/dvenLjHA/mg9jMCGDr5P
ngZwTwLdvKb35nh3QletciIl1lU0wtJRdS7TthdQuNbLBHIATgrJp75Wpij56wY7
iryB4UFPfUKEf+WTgc2AExYMbCqQjDw1FjlxJhTO3Geu7LjdD3rPVgWJco1hzzNA
pxRLmRPK/9t3Iq3JdH8/561b1xYojgyQXlNh26uFx24TBnyx/X9neFY7d+cltl1R
/OQ8d6QX
-----END CERTIFICATE-----
Generated at Tue May 13 02:12:19 2025 by rpki-client