Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6961E392007D11EFA93C7732C4F9AE02.roa
File: 6961E392007D11EFA93C7732C4F9AE02.roa (raw, json)
Hash identifier: 7eIc3RStRHBmG1sBTgyWeNW9s8qlpi6gUMS2sD5/Ywc=
Subject key identifier: 4F:89:15:70:4E:2B:F7:A6:69:A6:0D:04:C4:22:26:95:64:2F:AA:AC
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: B9D1
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6961E392007D11EFA93C7732C4F9AE02.roa
Signing time: Thu 08 May 2025 16:29:50 +0000
ROA not before: Thu 08 May 2025 16:29:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 17439
IP address blocks: 43.225.0.0/22 maxlen: 24
45.251.76.0/22 maxlen: 24
103.19.52.0/22 maxlen: 24
103.35.164.0/23 maxlen: 23
103.48.50.0/23 maxlen: 23
103.48.50.0/24 maxlen: 24
103.48.51.0/24 maxlen: 24
103.55.244.0/22 maxlen: 24
103.96.95.0/24 maxlen: 24
103.115.194.0/24 maxlen: 24
103.117.117.0/24 maxlen: 24
103.129.97.0/24 maxlen: 24
103.143.38.0/24 maxlen: 24
103.165.78.0/23 maxlen: 24
103.170.114.0/24 maxlen: 24
103.171.44.0/23 maxlen: 24
103.174.54.0/23 maxlen: 23
103.175.22.0/24 maxlen: 24
103.175.23.0/24 maxlen: 24
103.175.163.0/24 maxlen: 24
103.181.20.0/23 maxlen: 24
103.214.114.0/24 maxlen: 24
103.214.115.0/24 maxlen: 24
103.214.122.0/23 maxlen: 24
103.218.124.0/22 maxlen: 22
103.218.124.0/24 maxlen: 24
103.218.125.0/24 maxlen: 24
103.218.126.0/24 maxlen: 24
103.218.127.0/24 maxlen: 24
103.225.99.0/24 maxlen: 24
103.226.224.0/24 maxlen: 24
103.228.103.0/24 maxlen: 24
103.235.104.0/22 maxlen: 22
103.239.136.0/22 maxlen: 24
103.247.97.0/24 maxlen: 24
103.247.98.0/24 maxlen: 24
202.66.172.0/22 maxlen: 24
203.112.136.0/21 maxlen: 24
203.112.144.0/21 maxlen: 24
2001:df0:3a00::/48 maxlen: 48
2001:df2:f980::/48 maxlen: 48
2407:e9c0::/48 maxlen: 48
2407:e9c0:1::/48 maxlen: 48
2407:e9c0:2::/48 maxlen: 48
2407:e9c0:5::/48 maxlen: 48
2407:e9c0:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 21 May 2025 15:25:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47569 (0xb9d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 8 16:29:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=681cdbfe-9e54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:de:5c:c6:a8:3f:e5:31:03:d5:67:7d:e6:0c:
c6:42:60:36:e1:62:37:58:ba:06:10:86:ae:5a:6a:
4c:83:e8:f4:7e:8f:2d:fd:79:4a:1a:35:27:df:da:
0a:a0:38:05:3b:51:2c:db:22:a3:d3:0c:e1:3f:2a:
73:10:85:53:38:6d:12:ba:c3:d5:fb:3f:e2:36:75:
52:ae:d0:d8:06:12:03:9c:88:07:6e:4c:5d:f3:8d:
a7:1c:69:61:c7:78:13:4f:38:99:58:07:70:fd:61:
2b:30:aa:e5:9d:8a:13:d0:1c:5d:cf:cc:f1:bb:3f:
d5:a9:ab:82:a2:37:12:9f:08:36:a9:3e:16:c2:53:
43:00:e5:bc:68:df:2c:ce:20:f7:d0:29:4d:32:18:
2e:ca:5a:85:e7:fa:02:01:ca:c5:fa:44:82:bc:03:
9d:70:d3:ec:87:fe:d7:20:81:99:43:09:c9:83:69:
2f:8b:d0:2d:56:9e:ee:38:7c:ae:83:86:dd:79:60:
b7:8c:31:f7:7f:09:8c:d2:20:77:86:cd:2c:1d:24:
03:3e:47:cb:08:dc:e6:ff:c4:72:70:cf:ad:5b:19:
af:77:ac:a8:55:d8:0f:24:9c:d3:17:c7:31:d9:60:
ed:e5:ef:c5:a3:e2:aa:cb:27:24:3f:ee:57:ba:6a:
d3:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:89:15:70:4E:2B:F7:A6:69:A6:0D:04:C4:22:26:95:64:2F:AA:AC
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6961E392007D11EFA93C7732C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.0.0/22
45.251.76.0/22
103.19.52.0/22
103.35.164.0/23
103.48.50.0/23
103.55.244.0/22
103.96.95.0/24
103.115.194.0/24
103.117.117.0/24
103.129.97.0/24
103.143.38.0/24
103.165.78.0/23
103.170.114.0/24
103.171.44.0/23
103.174.54.0/23
103.175.22.0/23
103.175.163.0/24
103.181.20.0/23
103.214.114.0/23
103.214.122.0/23
103.218.124.0/22
103.225.99.0/24
103.226.224.0/24
103.228.103.0/24
103.235.104.0/22
103.239.136.0/22
103.247.97.0-103.247.98.255
202.66.172.0/22
203.112.136.0-203.112.151.255
IPv6:
2001:df0:3a00::/48
2001:df2:f980::/48
2407:e9c0::-2407:e9c0:2:ffff:ffff:ffff:ffff:ffff
2407:e9c0:5::/48
2407:e9c0:7::/48
Signature Algorithm: sha256WithRSAEncryption
41:6f:7c:60:0b:4d:44:68:2f:cf:da:32:98:c9:c9:88:3f:3d:
31:dc:9d:b1:12:97:b2:9a:a0:eb:39:23:cf:83:c3:c7:73:7b:
75:c0:74:97:39:05:74:69:4b:01:0b:0a:64:f5:90:3d:42:79:
a9:dd:5f:6b:21:6b:61:02:62:db:2a:0d:73:20:f2:da:7a:74:
14:ba:72:19:35:44:ff:02:2e:ab:b5:eb:3f:2e:25:1a:ee:29:
c9:62:17:1e:ed:cd:31:9f:5c:1e:b8:5e:4d:a5:e4:86:1e:1c:
f5:3e:6d:14:20:ce:4a:43:d1:92:7d:94:da:c9:f1:dd:11:46:
2c:20:77:42:57:a2:97:84:2c:2b:51:70:5a:7d:2f:9f:19:4f:
8a:50:eb:ad:ed:a8:80:d1:ba:05:39:f4:26:2a:3f:54:48:aa:
f9:cc:af:e8:38:28:08:6c:f5:07:66:9e:fa:11:d3:fe:19:27:
aa:2f:49:62:b4:26:74:59:0f:4f:c5:00:4a:d9:d1:ae:71:a1:
42:d2:32:63:ef:8b:b0:47:95:91:36:4e:75:7a:61:ae:39:67:
32:99:c0:bf:31:56:32:ca:57:18:64:fe:ff:41:2b:ed:07:4f:
e1:b3:2c:6c:fd:59:85:1a:1d:c1:80:90:76:d4:c3:05:b8:7e:
d0:7b:0e:94
-----BEGIN CERTIFICATE-----
MIIGcDCCBVigAwIBAgIDALnRMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUwODE2Mjk1MFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgxY2RiZmUtOWU1NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOfeXMaoP+UxA9VnfeYMxkJgNuFiN1i6BhCGrlpqTIPo9H6PLf15Sho1J9/a
CqA4BTtRLNsio9MM4T8qcxCFUzhtErrD1fs/4jZ1Uq7Q2AYSA5yIB25MXfONpxxp
Ycd4E084mVgHcP1hKzCq5Z2KE9AcXc/M8bs/1amrgqI3Ep8INqk+FsJTQwDlvGjf
LM4g99ApTTIYLspahef6AgHKxfpEgrwDnXDT7If+1yCBmUMJyYNpL4vQLVae7jh8
roOG3Xlgt4wx938JjNIgd4bNLB0kAz5Hywjc5v/EcnDPrVsZr3esqFXYDySc0xfH
Mdlg7eXvxaPiqssnJD/uV7pq09ECAwEAAaOCA5MwggOPMB0GA1UdDgQWBBRPiRVw
Tiv3pmmmDQTEIiaVZC+qrDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzY5NjFFMzky
MDA3RDExRUZBOTNDNzczMkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBGwYIKwYBBQUHAQcB
Af8EggEKMIIBBjCBxQQCAAEwgb4DBAIr4QADBAIt+0wDBAJnEzQDBAFnI6QDBAFn
MDIDBAJnN/QDBABnYF8DBABnc8IDBABndXUDBABngWEDBABnjyYDBAFnpU4DBABn
qnIDBAFnqywDBAFnrjYDBAFnrxYDBABnr6MDBAFntRQDBAFn1nIDBAFn1noDBAJn
2nwDBABn4WMDBABn4uADBABn5GcDBAJn62gDBAJn74gwDAMEAGf3YQMEAGf3YgME
AspCrDAMAwQDy3CIAwQDy3CQMDwEAgACMDYDBwAgAQ3wOgADBwAgAQ3y+YAwEAMF
BiQH6cADBwAkB+nAAAIDBwAkB+nAAAUDBwAkB+nAAAcwDQYJKoZIhvcNAQELBQAD
ggEBAEFvfGALTURoL8/aMpjJyYg/PTHcnbESl7KaoOs5I8+Dw8dze3XAdJc5BXRp
SwELCmT1kD1CeandX2sha2ECYtsqDXMg8tp6dBS6chk1RP8CLqu16z8uJRruKcli
Fx7tzTGfXB64Xk2l5IYeHPU+bRQgzkpD0ZJ9lNrJ8d0RRiwgd0JXopeELCtRcFp9
L58ZT4pQ663tqIDRugU59CYqP1RIqvnMr+g4KAhs9QdmnvoR0/4ZJ6ovSWK0JnRZ
D0/FAErZ0a5xoULSMmPvi7BHlZE2TnV6Ya45ZzKZwL8xVjLKVxhk/v9BK+0HT+Gz
LGz9WYUaHcGAkHbUwwW4ftB7DpQ=
-----END CERTIFICATE-----
Generated at Wed May 14 23:15:45 2025 by rpki-client