Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5CAB807015A711EE8398177FC4F9AE02.roa
File: 5CAB807015A711EE8398177FC4F9AE02.roa (raw, json)
Hash identifier: wIhgYvNpoHNNE4ybDPzf3DauSV0ki+LwNpZY5fn4EME=
Subject key identifier: 27:3D:23:B0:9D:FE:CB:87:0B:BC:7E:E1:DF:82:0A:09:F8:86:A8:C5
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: BA8D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5CAB807015A711EE8398177FC4F9AE02.roa
Signing time: Fri 09 May 2025 07:56:19 +0000
ROA not before: Fri 09 May 2025 07:56:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 55824
IP address blocks: 45.118.48.0/21 maxlen: 21
45.118.48.0/22 maxlen: 24
45.118.52.0/22 maxlen: 24
45.118.96.0/22 maxlen: 24
45.118.100.0/22 maxlen: 24
45.118.168.0/22 maxlen: 24
45.118.172.0/22 maxlen: 24
45.118.192.0/22 maxlen: 24
45.118.196.0/22 maxlen: 24
45.118.208.0/22 maxlen: 24
45.118.212.0/22 maxlen: 24
45.119.16.0/22 maxlen: 24
45.119.20.0/22 maxlen: 24
45.119.32.0/22 maxlen: 24
45.119.36.0/22 maxlen: 24
45.119.168.0/22 maxlen: 24
45.119.172.0/22 maxlen: 24
45.124.184.0/22 maxlen: 24
45.124.188.0/22 maxlen: 24
45.125.144.0/22 maxlen: 24
45.125.148.0/22 maxlen: 24
45.125.176.0/22 maxlen: 24
45.125.180.0/22 maxlen: 24
45.127.64.0/24 maxlen: 24
45.127.65.0/24 maxlen: 24
45.127.66.0/24 maxlen: 24
45.127.67.0/24 maxlen: 24
45.127.68.0/24 maxlen: 24
45.127.69.0/24 maxlen: 24
45.127.70.0/24 maxlen: 24
45.127.71.0/24 maxlen: 24
45.127.72.0/24 maxlen: 24
45.127.73.0/24 maxlen: 24
45.127.74.0/24 maxlen: 24
45.127.75.0/24 maxlen: 24
45.127.76.0/24 maxlen: 24
45.127.77.0/24 maxlen: 24
103.58.80.0/22 maxlen: 24
103.58.84.0/22 maxlen: 24
103.58.120.0/22 maxlen: 23
103.58.120.0/24 maxlen: 24
103.58.122.0/23 maxlen: 24
103.58.124.0/22 maxlen: 24
103.58.168.0/22 maxlen: 24
103.58.172.0/22 maxlen: 24
103.58.200.0/22 maxlen: 24
103.58.204.0/22 maxlen: 24
103.58.240.0/22 maxlen: 24
103.58.244.0/22 maxlen: 24
103.59.16.0/22 maxlen: 23
103.59.17.0/24 maxlen: 24
103.59.18.0/23 maxlen: 24
103.59.20.0/22 maxlen: 24
103.59.66.0/24 maxlen: 24
103.59.80.0/22 maxlen: 24
103.59.84.0/22 maxlen: 24
103.59.224.0/22 maxlen: 24
103.59.228.0/22 maxlen: 24
103.60.48.0/22 maxlen: 24
103.60.52.0/22 maxlen: 24
103.68.177.0/24 maxlen: 24
103.88.228.0/24 maxlen: 24
103.127.161.0/24 maxlen: 24
103.194.24.0/24 maxlen: 24
103.194.25.0/24 maxlen: 24
103.194.28.0/22 maxlen: 24
103.194.56.0/22 maxlen: 24
103.194.60.0/22 maxlen: 24
103.194.136.0/22 maxlen: 24
103.194.140.0/22 maxlen: 24
103.194.200.0/22 maxlen: 24
103.194.204.0/22 maxlen: 24
103.194.216.0/22 maxlen: 24
103.194.220.0/22 maxlen: 24
103.213.16.0/22 maxlen: 24
103.213.20.0/22 maxlen: 24
103.218.144.0/22 maxlen: 24
103.218.148.0/22 maxlen: 24
220.156.190.0/23 maxlen: 24
2001:df1:5200::/48 maxlen: 48
2001:df3:1e00::/48 maxlen: 48
2406:f00:3::/48 maxlen: 48
2406:f00:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 21 May 2025 13:32:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47757 (0xba8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 9 07:56:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=681db523-0188
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9d:18:27:28:47:e3:ae:bb:29:03:bb:0c:e1:
45:2a:38:82:32:49:d4:60:0d:a1:f8:cf:a3:8a:4b:
07:47:2b:72:3b:18:2a:9c:ba:2c:b8:34:4e:7a:d1:
a5:f2:f0:44:b0:70:26:fa:ac:6c:e6:26:c5:d3:5e:
2e:81:cd:3c:56:12:0c:49:64:2c:71:8b:4a:1d:71:
41:af:c0:16:63:cb:ab:b1:76:f3:6b:fc:f2:f2:4e:
19:29:96:f0:bd:ff:d3:fb:81:9b:29:bc:ed:65:57:
b1:f1:44:18:fa:45:a6:9f:81:5e:c5:61:29:51:92:
33:ac:bb:b4:0d:8b:7c:9f:fa:a4:24:1c:33:70:28:
f5:e8:c3:15:65:87:43:d0:f7:a0:ea:e5:c5:9d:77:
80:cf:6a:14:11:63:66:c9:93:38:41:48:e4:6c:a6:
52:24:81:78:5c:ed:8d:66:a2:b5:e1:c1:ba:5a:3b:
97:3d:12:df:a5:b6:c7:48:1b:aa:e9:c3:f2:83:4f:
66:4e:2b:5b:f0:89:95:cd:e9:8a:72:69:7a:5a:a7:
b5:74:c0:6f:96:0d:1a:0d:c1:62:77:e5:e5:e4:02:
7e:5c:7b:3d:69:4d:fa:20:1b:26:57:4c:dd:c9:81:
5f:a2:ec:ab:ea:e5:60:c7:e8:07:a9:e0:a0:44:64:
be:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:3D:23:B0:9D:FE:CB:87:0B:BC:7E:E1:DF:82:0A:09:F8:86:A8:C5
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5CAB807015A711EE8398177FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.118.48.0/21
45.118.96.0/21
45.118.168.0/21
45.118.192.0/21
45.118.208.0/21
45.119.16.0/21
45.119.32.0/21
45.119.168.0/21
45.124.184.0/21
45.125.144.0/21
45.125.176.0/21
45.127.64.0-45.127.77.255
103.58.80.0/21
103.58.120.0/21
103.58.168.0/21
103.58.200.0/21
103.58.240.0/21
103.59.16.0/21
103.59.66.0/24
103.59.80.0/21
103.59.224.0/21
103.60.48.0/21
103.68.177.0/24
103.88.228.0/24
103.127.161.0/24
103.194.24.0/23
103.194.28.0/22
103.194.56.0/21
103.194.136.0/21
103.194.200.0/21
103.194.216.0/21
103.213.16.0/21
103.218.144.0/21
220.156.190.0/23
IPv6:
2001:df1:5200::/48
2001:df3:1e00::/48
2406:f00:3::/48
2406:f00:7::/48
Signature Algorithm: sha256WithRSAEncryption
40:47:d4:ea:b3:8c:66:92:dd:06:cb:5f:3d:62:89:87:64:7d:
a5:49:e4:90:42:f3:f7:29:8a:10:04:b5:e3:75:e7:bd:d9:0c:
88:ae:65:dc:4b:44:dc:74:3a:68:75:f0:fc:22:e1:23:b0:2d:
0e:0e:ee:54:e7:1c:30:22:16:cb:ce:f5:a4:ea:b1:32:fb:22:
a8:da:eb:cc:6e:3a:f1:3a:0a:1d:e2:fa:a9:8e:77:0c:0a:51:
f8:79:3b:c1:9e:3f:c9:e8:79:ee:6d:4f:f6:03:31:40:ad:1c:
a8:59:3c:e9:03:fe:a4:1c:18:5f:75:34:ce:9e:34:c9:05:68:
78:40:cb:e7:d3:6e:61:09:27:4a:d2:d2:7f:fe:20:58:07:80:
ec:33:1c:67:c8:c3:f6:8c:ff:0c:66:02:a7:33:60:d1:35:7f:
fb:0e:11:c1:31:e6:e4:a7:af:d6:e8:b7:08:22:85:0a:44:6d:
0c:87:b3:97:9b:f3:0b:71:98:f0:71:3c:29:59:bf:ba:0e:6d:
b4:8a:7c:d7:87:cb:ec:4a:88:00:c6:f6:27:77:c6:b9:32:af:
bc:99:16:7c:60:c7:3b:c1:10:a3:b2:54:14:87:dd:30:fb:55:
c2:bd:c1:5d:0a:a6:f0:1b:a0:03:79:be:8d:94:f9:46:8f:c5:
73:ae:7e:87
-----BEGIN CERTIFICATE-----
MIIGdDCCBVygAwIBAgIDALqNMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUwOTA3NTYxOVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgxZGI1MjMtMDE4ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+dGCcoR+OuuykDuwzhRSo4gjJJ1GANofjPo4pLB0crcjsYKpy6LLg0TnrR
pfLwRLBwJvqsbOYmxdNeLoHNPFYSDElkLHGLSh1xQa/AFmPLq7F282v88vJOGSmW
8L3/0/uBmym87WVXsfFEGPpFpp+BXsVhKVGSM6y7tA2LfJ/6pCQcM3Ao9ejDFWWH
Q9D3oOrlxZ13gM9qFBFjZsmTOEFI5GymUiSBeFztjWaiteHBulo7lz0S36W2x0gb
qunD8oNPZk4rW/CJlc3pinJpelqntXTAb5YNGg3BYnfl5eQCflx7PWlN+iAbJldM
3cmBX6Lsq+rlYMfoB6ngoERkvt8CAwEAAaOCA5cwggOTMB0GA1UdDgQWBBQnPSOw
nf7Lhwu8fuHfggoJ+IaoxTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzVDQUI4MDcw
MTVBNzExRUU4Mzk4MTc3RkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBHwYIKwYBBQUHAQcB
Af8EggEOMIIBCjCB2wQCAAEwgdQDBAMtdjADBAMtdmADBAMtdqgDBAMtdsADBAMt
dtADBAMtdxADBAMtdyADBAMtd6gDBAMtfLgDBAMtfZADBAMtfbAwDAMEBi1/QAME
AS1/TAMEA2c6UAMEA2c6eAMEA2c6qAMEA2c6yAMEA2c68AMEA2c7EAMEAGc7QgME
A2c7UAMEA2c74AMEA2c8MAMEAGdEsQMEAGdY5AMEAGd/oQMEAWfCGAMEAmfCHAME
A2fCOAMEA2fCiAMEA2fCyAMEA2fC2AMEA2fVEAMEA2fakAMEAdycvjAqBAIAAjAk
AwcAIAEN8VIAAwcAIAEN8x4AAwcAJAYPAAADAwcAJAYPAAAHMA0GCSqGSIb3DQEB
CwUAA4IBAQBAR9Tqs4xmkt0Gy189YomHZH2lSeSQQvP3KYoQBLXjdee92QyIrmXc
S0TcdDpodfD8IuEjsC0ODu5U5xwwIhbLzvWk6rEy+yKo2uvMbjrxOgod4vqpjncM
ClH4eTvBnj/J6HnubU/2AzFArRyoWTzpA/6kHBhfdTTOnjTJBWh4QMvn025hCSdK
0tJ//iBYB4DsMxxnyMP2jP8MZgKnM2DRNX/7DhHBMebkp6/W6LcIIoUKRG0Mh7OX
m/MLcZjwcTwpWb+6Dm20inzXh8vsSogAxvYnd8a5Mq+8mRZ8YMc7wRCjslQUh90w
+1XCvcFdCqbwG6ADeb6NlPlGj8Vzrn6H
-----END CERTIFICATE-----
Generated at Wed May 14 17:28:11 2025 by rpki-client