Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A9B9265C16AD11F0B9A9472EC4F9AE02.roa
File: A9B9265C16AD11F0B9A9472EC4F9AE02.roa (raw, json)
Hash identifier: n4WNsLB6IWLpyJ14ILUl2dqc9qWkHo4tDUsyiAE/O8g=
Subject key identifier: 3B:0E:FE:86:07:6E:74:C5:CD:DB:C8:DC:92:BA:14:27:78:2C:FB:ED
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: B1E7
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A9B9265C16AD11F0B9A9472EC4F9AE02.roa
Signing time: Thu 08 May 2025 15:59:04 +0000
ROA not before: Thu 08 May 2025 15:59:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 133661
IP address blocks: 45.248.156.0/22 maxlen: 24
45.248.160.0/22 maxlen: 24
101.0.32.0/22 maxlen: 24
101.0.37.0/24 maxlen: 24
101.0.38.0/24 maxlen: 24
101.0.41.0/24 maxlen: 24
101.0.42.0/24 maxlen: 24
101.0.45.0/24 maxlen: 24
101.0.49.0/24 maxlen: 24
101.0.50.0/24 maxlen: 24
101.0.53.0/24 maxlen: 24
101.0.54.0/23 maxlen: 24
101.0.57.0/24 maxlen: 24
103.40.196.0/22 maxlen: 24
103.41.20.0/22 maxlen: 24
103.41.24.0/22 maxlen: 24
103.41.36.0/22 maxlen: 24
103.66.204.0/22 maxlen: 24
103.66.208.0/22 maxlen: 24
103.72.168.0/22 maxlen: 24
103.72.220.0/22 maxlen: 24
103.73.148.0/24 maxlen: 24
103.73.149.0/24 maxlen: 24
103.73.150.0/24 maxlen: 24
103.110.248.0/24 maxlen: 24
103.110.249.0/24 maxlen: 24
103.110.250.0/24 maxlen: 24
103.110.251.0/24 maxlen: 24
103.114.64.0/24 maxlen: 24
103.114.65.0/24 maxlen: 24
103.114.66.0/24 maxlen: 24
103.114.67.0/24 maxlen: 24
103.165.72.0/23 maxlen: 24
103.165.76.0/24 maxlen: 24
103.166.215.0/24 maxlen: 24
103.167.154.0/23 maxlen: 24
103.167.182.0/23 maxlen: 24
103.167.212.0/23 maxlen: 24
103.168.0.0/23 maxlen: 24
103.168.33.0/24 maxlen: 24
103.169.242.0/23 maxlen: 24
103.170.36.0/23 maxlen: 24
103.174.92.0/23 maxlen: 24
103.178.64.0/23 maxlen: 24
103.178.203.0/24 maxlen: 24
103.179.10.0/23 maxlen: 24
103.179.100.0/23 maxlen: 24
103.179.102.0/23 maxlen: 24
103.179.120.0/24 maxlen: 24
103.179.224.0/24 maxlen: 24
103.179.226.0/24 maxlen: 24
103.180.168.0/24 maxlen: 24
103.180.174.0/24 maxlen: 24
103.180.212.0/23 maxlen: 24
103.180.214.0/23 maxlen: 24
103.180.238.0/23 maxlen: 24
103.181.56.0/23 maxlen: 24
103.181.110.0/23 maxlen: 24
103.181.151.0/24 maxlen: 24
103.181.152.0/23 maxlen: 24
103.181.154.0/23 maxlen: 24
103.181.174.0/23 maxlen: 24
103.183.30.0/23 maxlen: 24
103.183.32.0/23 maxlen: 24
103.183.34.0/23 maxlen: 24
103.187.84.0/23 maxlen: 24
103.187.96.0/23 maxlen: 24
103.187.102.0/23 maxlen: 24
103.187.130.0/23 maxlen: 24
103.187.158.0/23 maxlen: 24
103.187.170.0/23 maxlen: 24
103.217.116.0/22 maxlen: 24
103.217.120.0/22 maxlen: 24
103.223.8.0/22 maxlen: 24
103.223.12.0/22 maxlen: 24
114.134.24.0/22 maxlen: 24
163.47.212.0/22 maxlen: 24
175.176.184.0/22 maxlen: 24
180.188.224.0/24 maxlen: 24
180.188.232.0/24 maxlen: 24
180.188.236.0/23 maxlen: 24
180.188.241.0/24 maxlen: 24
180.188.242.0/23 maxlen: 24
180.188.246.0/23 maxlen: 24
180.188.248.0/24 maxlen: 24
180.188.249.0/24 maxlen: 24
180.188.250.0/24 maxlen: 24
180.188.251.0/24 maxlen: 24
180.188.252.0/22 maxlen: 24
202.14.120.0/22 maxlen: 24
203.76.178.0/24 maxlen: 24
203.76.180.0/24 maxlen: 24
203.76.181.0/24 maxlen: 24
203.76.188.0/24 maxlen: 24
203.76.190.0/24 maxlen: 24
203.76.191.0/24 maxlen: 24
203.115.68.0/24 maxlen: 24
203.115.73.0/24 maxlen: 24
203.115.84.0/23 maxlen: 24
203.115.91.0/24 maxlen: 24
210.89.39.0/24 maxlen: 24
210.89.58.0/23 maxlen: 24
210.89.61.0/24 maxlen: 24
210.89.62.0/23 maxlen: 24
223.130.28.0/22 maxlen: 24
2001:df0:e400::/48 maxlen: 48
2001:df2:e200::/48 maxlen: 48
2001:df2:e600::/48 maxlen: 48
2400:7b20::/32 maxlen: 32
2401:a880::/32 maxlen: 48
2404:7c80::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 22 May 2025 03:38:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45543 (0xb1e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 8 15:59:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=681cd4c8-24e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:61:9b:a6:ab:d6:c3:0d:e4:e2:49:00:ef:b2:
73:e4:a5:fd:d6:0b:ea:d6:05:ba:2c:16:a2:c4:04:
76:83:b7:75:6f:42:ca:13:dd:4f:14:19:72:ec:6c:
d1:62:5f:84:97:77:f4:3b:ba:8c:91:18:e4:d0:8b:
49:e0:bf:8d:ba:eb:79:22:74:d5:f7:5b:3f:8e:59:
58:63:d5:db:a1:71:cd:fe:5c:5f:58:d0:d9:15:6e:
81:b7:aa:35:38:ff:ce:c3:d9:b5:e3:ca:34:c1:f4:
c6:da:96:25:bc:67:41:2c:4e:c8:ac:b4:05:1d:41:
24:2e:07:4a:e6:32:23:28:6c:ca:e0:f3:79:6d:d6:
77:49:dd:de:38:f6:c5:82:6d:84:a8:3f:85:b1:c4:
c4:2c:b7:c8:18:5b:f1:3a:db:b9:09:e6:97:c7:2c:
a0:76:de:d8:f2:e0:23:e3:1f:84:7e:01:9d:91:77:
0e:d5:07:73:7e:f9:fb:f5:1f:a6:34:05:38:39:de:
9e:b1:0e:63:65:47:ae:b5:00:ae:86:45:26:15:2b:
89:ea:bc:77:c4:4f:f0:e6:94:03:8c:5e:95:f5:d8:
47:bd:3a:10:6b:76:3d:f8:51:00:ab:5c:cc:8e:f8:
77:6b:fd:93:99:21:03:8a:b4:1e:9f:ce:77:4a:d6:
08:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:0E:FE:86:07:6E:74:C5:CD:DB:C8:DC:92:BA:14:27:78:2C:FB:ED
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A9B9265C16AD11F0B9A9472EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.248.156.0-45.248.163.255
101.0.32.0/22
101.0.37.0-101.0.38.255
101.0.41.0-101.0.42.255
101.0.45.0/24
101.0.49.0-101.0.50.255
101.0.53.0-101.0.55.255
101.0.57.0/24
103.40.196.0/22
103.41.20.0-103.41.27.255
103.41.36.0/22
103.66.204.0-103.66.211.255
103.72.168.0/22
103.72.220.0/22
103.73.148.0-103.73.150.255
103.110.248.0/22
103.114.64.0/22
103.165.72.0/23
103.165.76.0/24
103.166.215.0/24
103.167.154.0/23
103.167.182.0/23
103.167.212.0/23
103.168.0.0/23
103.168.33.0/24
103.169.242.0/23
103.170.36.0/23
103.174.92.0/23
103.178.64.0/23
103.178.203.0/24
103.179.10.0/23
103.179.100.0/22
103.179.120.0/24
103.179.224.0/24
103.179.226.0/24
103.180.168.0/24
103.180.174.0/24
103.180.212.0/22
103.180.238.0/23
103.181.56.0/23
103.181.110.0/23
103.181.151.0-103.181.155.255
103.181.174.0/23
103.183.30.0-103.183.35.255
103.187.84.0/23
103.187.96.0/23
103.187.102.0/23
103.187.130.0/23
103.187.158.0/23
103.187.170.0/23
103.217.116.0-103.217.123.255
103.223.8.0/21
114.134.24.0/22
163.47.212.0/22
175.176.184.0/22
180.188.224.0/24
180.188.232.0/24
180.188.236.0/23
180.188.241.0-180.188.243.255
180.188.246.0-180.188.255.255
202.14.120.0/22
203.76.178.0/24
203.76.180.0/23
203.76.188.0/24
203.76.190.0/23
203.115.68.0/24
203.115.73.0/24
203.115.84.0/23
203.115.91.0/24
210.89.39.0/24
210.89.58.0/23
210.89.61.0-210.89.63.255
223.130.28.0/22
IPv6:
2001:df0:e400::/48
2001:df2:e200::/48
2001:df2:e600::/48
2400:7b20::/32
2401:a880::/32
2404:7c80::/32
Signature Algorithm: sha256WithRSAEncryption
ad:03:00:23:a6:dd:1a:58:f7:27:48:ca:e0:b9:06:75:91:0f:
96:f2:ea:24:c3:28:f0:cb:74:f3:4d:7a:35:4a:36:f1:8f:75:
ba:d3:62:f1:48:69:cf:f4:b7:94:a4:74:0f:08:8b:13:2a:14:
f2:61:72:90:f9:30:93:62:07:69:c2:0e:98:db:88:73:e9:37:
77:50:b6:39:8e:b6:f6:dc:ae:33:af:c1:5d:14:c1:4b:43:99:
fe:03:ef:52:2f:32:eb:14:86:6b:26:f2:bc:df:92:63:9f:f0:
56:3b:e6:42:9b:fe:a7:90:4a:47:6e:53:19:1a:42:33:a1:00:
ae:39:49:f0:12:47:fe:9a:17:51:56:f0:43:a5:ce:29:e1:66:
cf:65:54:da:80:f4:29:1a:32:45:6e:f8:ec:ad:e8:f4:8c:22:
34:d0:ce:72:4d:eb:d8:ae:2a:89:e1:ad:cb:02:ca:47:30:5d:
9c:b9:ad:82:2a:26:4b:9e:40:05:9e:d2:5d:0c:04:ef:0b:76:
9a:2d:cb:52:29:20:97:01:11:5e:5d:ae:4a:2e:f2:8d:27:7c:
1b:54:9c:43:c7:a2:a1:0d:7d:54:df:c5:e4:98:f3:07:e0:d2:
4c:79:44:d9:3f:83:e9:19:32:c5:61:7c:09:a7:1a:ad:6f:e0:
84:ef:5f:02
-----BEGIN CERTIFICATE-----
MIIH0zCCBrugAwIBAgIDALHnMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUwODE1NTkwNFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgxY2Q0YzgtMjRlODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFhm6ar1sMN5OJJAO+yc+Sl/dYL6tYFuiwWosQEdoO3dW9CyhPdTxQZcuxs
0WJfhJd39Du6jJEY5NCLSeC/jbrreSJ01fdbP45ZWGPV26Fxzf5cX1jQ2RVugbeq
NTj/zsPZtePKNMH0xtqWJbxnQSxOyKy0BR1BJC4HSuYyIyhsyuDzeW3Wd0nd3jj2
xYJthKg/hbHExCy3yBhb8TrbuQnml8csoHbe2PLgI+MfhH4BnZF3DtUHc375+/Uf
pjQFODnenrEOY2VHrrUAroZFJhUrieq8d8RP8OaUA4xelfXYR706EGt2PfhRAKtc
zI74d2v9k5khA4q0Hp/Od0rWCN8CAwEAAaOCBPYwggTyMB0GA1UdDgQWBBQ7Dv6G
B250xc3byNySuhQneCz77TAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0E5QjkyNjVD
MTZBRDExRjBCOUE5NDcyRUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIICfgYIKwYBBQUHAQcB
Af8EggJtMIICaTCCAi0EAgABMIICJTAMAwQCLficAwQCLfigAwQCZQAgMAwDBABl
ACUDBABlACYwDAMEAGUAKQMEAGUAKgMEAGUALTAMAwQAZQAxAwQAZQAyMAwDBABl
ADUDBANlADADBABlADkDBAJnKMQwDAMEAmcpFAMEAmcpGAMEAmcpJDAMAwQCZ0LM
AwQCZ0LQAwQCZ0ioAwQCZ0jcMAwDBAJnSZQDBABnSZYDBAJnbvgDBAJnckADBAFn
pUgDBABnpUwDBABnptcDBAFnp5oDBAFnp7YDBAFnp9QDBAFnqAADBABnqCEDBAFn
qfIDBAFnqiQDBAFnrlwDBAFnskADBABnsssDBAFnswoDBAJns2QDBABns3gDBABn
s+ADBABns+IDBABntKgDBABntK4DBAJntNQDBAFntO4DBAFntTgDBAFntW4wDAME
AGe1lwMEAme1mAMEAWe1rjAMAwQBZ7ceAwQCZ7cgAwQBZ7tUAwQBZ7tgAwQBZ7tm
AwQBZ7uCAwQBZ7ueAwQBZ7uqMAwDBAJn2XQDBAJn2XgDBANn3wgDBAJyhhgDBAKj
L9QDBAKvsLgDBAC0vOADBAC0vOgDBAG0vOwwDAMEALS88QMEArS88DALAwQBtLz2
AwMAtLwDBALKDngDBADLTLIDBAHLTLQDBADLTLwDBAHLTL4DBADLc0QDBADLc0kD
BAHLc1QDBADLc1sDBADSWScDBAHSWTowDAMEANJZPQMEBtJZAAMEAt+CHDA2BAIA
AjAwAwcAIAEN8OQAAwcAIAEN8uIAAwcAIAEN8uYAAwUAJAB7IAMFACQBqIADBQAk
BHyAMA0GCSqGSIb3DQEBCwUAA4IBAQCtAwAjpt0aWPcnSMrguQZ1kQ+W8uokwyjw
y3TzTXo1Sjbxj3W602LxSGnP9LeUpHQPCIsTKhTyYXKQ+TCTYgdpwg6Y24hz6Td3
ULY5jrb23K4zr8FdFMFLQ5n+A+9SLzLrFIZrJvK835Jjn/BWO+ZCm/6nkEpHblMZ
GkIzoQCuOUnwEkf+mhdRVvBDpc4p4WbPZVTagPQpGjJFbvjsrej0jCI00M5yTevY
riqJ4a3LAspHMF2cua2CKiZLnkAFntJdDATvC3aaLctSKSCXARFeXa5KLvKNJ3wb
VJxDx6KhDX1U38XkmPMH4NJMeUTZP4PpGTLFYXwJpxqtb+CE718C
-----END CERTIFICATE-----
Generated at Thu May 15 07:09:37 2025 by rpki-client