Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C5511440E77511EFB562B673C4F9AE02.roa
File: C5511440E77511EFB562B673C4F9AE02.roa (raw, json)
Hash identifier: cXka4CvyUJYnJSI6ZwN0/l0S+Obebyuv+4iXg+GQIAI=
Subject key identifier: 10:11:29:B5:DC:E6:0C:32:A0:2E:89:66:CD:5F:CB:0C:90:3F:F0:76
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: BA51
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C5511440E77511EFB562B673C4F9AE02.roa
Signing time: Thu 08 May 2025 16:31:52 +0000
ROA not before: Thu 08 May 2025 16:31:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58762
IP address blocks: 45.117.180.0/24 maxlen: 24
45.117.181.0/24 maxlen: 24
45.117.182.0/24 maxlen: 24
45.117.183.0/24 maxlen: 24
103.18.72.0/24 maxlen: 24
103.18.73.0/24 maxlen: 24
103.18.74.0/24 maxlen: 24
103.18.75.0/24 maxlen: 24
103.69.12.0/22 maxlen: 24
103.84.184.0/22 maxlen: 24
103.88.0.0/22 maxlen: 24
103.138.8.0/24 maxlen: 24
103.138.9.0/24 maxlen: 24
103.147.0.0/24 maxlen: 24
103.147.1.0/24 maxlen: 24
103.153.12.0/24 maxlen: 24
103.157.4.0/23 maxlen: 24
103.157.10.0/23 maxlen: 24
103.164.46.0/23 maxlen: 24
103.165.28.0/23 maxlen: 24
103.225.56.0/22 maxlen: 22
103.225.56.0/24 maxlen: 24
103.225.57.0/24 maxlen: 24
103.225.58.0/24 maxlen: 24
103.225.59.0/24 maxlen: 24
150.129.44.0/24 maxlen: 24
150.129.45.0/24 maxlen: 24
150.129.46.0/24 maxlen: 24
150.129.47.0/24 maxlen: 24
2001:df0:8000::/48 maxlen: 56
2407:c140::/32 maxlen: 38
2407:c140::/36 maxlen: 40
2407:c140:1000::/37 maxlen: 40
2407:c140:1800::/38 maxlen: 40
2407:c140:1c00::/39 maxlen: 40
2407:c140:1e00::/40 maxlen: 40
2407:c140:1f00::/40 maxlen: 40
2407:c140:2000::/35 maxlen: 40
2407:c140:4000::/34 maxlen: 40
2407:c140:8000::/33 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 21 May 2025 07:03:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47697 (0xba51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 8 16:31:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=681cdc78-ea26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:17:ad:d9:17:31:46:8d:22:92:4e:68:e5:54:
85:f2:cf:8e:96:1b:76:13:29:de:26:b1:00:bf:da:
2e:11:0c:5c:88:a1:46:94:ee:62:8a:8f:a3:c3:d9:
fc:d8:0c:bd:e3:c1:a5:59:c9:22:82:6f:2c:ae:5c:
ad:fa:44:3d:1e:7c:57:18:20:16:f1:1b:cd:40:e8:
62:66:78:8a:87:3b:14:04:88:13:1d:4d:ad:61:cd:
b0:a3:2f:40:8b:60:2a:09:70:5e:cd:f7:f0:e1:41:
e4:7d:2d:ff:d5:29:91:9d:b2:4c:18:b1:2f:7a:41:
bb:9a:b6:2f:56:5b:88:d3:9e:42:5c:6e:23:22:12:
1e:a9:12:36:a9:13:4f:14:5e:2d:b6:65:b9:59:d4:
9a:75:dc:1e:6c:f6:37:fa:dc:1a:45:dc:eb:b8:01:
24:30:7f:7a:58:5b:6f:e9:b4:f8:a1:99:97:ad:37:
4e:de:3c:8e:86:13:a7:a7:6e:de:16:5b:6f:c2:ab:
a1:90:82:e0:09:ca:6a:31:70:23:06:5d:39:ed:7d:
92:69:42:78:d5:8f:13:70:28:83:89:ff:fe:f9:56:
35:04:44:3a:6a:11:08:49:fe:15:d0:ab:50:fd:bd:
93:a3:99:38:56:0c:d3:ad:9d:5f:92:49:c2:e4:d1:
19:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:11:29:B5:DC:E6:0C:32:A0:2E:89:66:CD:5F:CB:0C:90:3F:F0:76
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C5511440E77511EFB562B673C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.117.180.0/22
103.18.72.0/22
103.69.12.0/22
103.84.184.0/22
103.88.0.0/22
103.138.8.0/23
103.147.0.0/23
103.153.12.0/24
103.157.4.0/23
103.157.10.0/23
103.164.46.0/23
103.165.28.0/23
103.225.56.0/22
150.129.44.0/22
IPv6:
2001:df0:8000::/48
2407:c140::/32
Signature Algorithm: sha256WithRSAEncryption
09:e3:94:de:28:45:d1:9f:a6:01:1d:67:ea:f9:2c:72:2c:eb:
6f:60:4c:9a:a4:6b:be:85:15:0f:2a:21:ad:11:0e:d0:57:e5:
3a:ea:e3:57:2a:89:d3:21:36:a1:9b:a0:fc:14:72:db:37:bd:
7c:85:76:f9:90:75:ea:7c:7e:1c:a0:79:a4:80:69:54:ce:7c:
3c:2b:1f:75:a4:1f:e6:11:6e:2a:7d:cc:9b:35:78:63:aa:8e:
4b:ec:e4:b9:f8:06:19:f0:95:94:58:41:77:f5:7b:2c:80:3e:
95:9b:61:79:25:7f:b2:cc:b7:6a:f8:9f:2c:7a:0d:db:83:89:
5f:01:e2:02:f8:e7:e2:63:a9:0e:1e:67:e1:f7:1e:6c:e9:3e:
b0:61:df:3c:7d:f5:fa:c9:ae:d7:65:a5:51:cf:71:49:72:0c:
58:09:12:f4:61:86:6c:ac:dc:a7:e3:88:54:4a:82:14:2b:2c:
d3:0c:25:a1:a0:15:dc:0e:f8:e0:d2:94:be:33:f9:bd:22:d0:
a4:6c:bc:30:46:38:5e:bf:18:ce:cb:75:cb:2d:63:e7:c9:55:
54:f5:aa:ad:6a:14:60:2e:fe:52:3e:e6:c4:93:08:4a:d6:85:
25:68:60:26:9e:27:f3:33:c9:4c:a2:35:8c:00:5e:cc:22:30:
45:4b:40:d3
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgIDALpRMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUwODE2MzE1MloXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgxY2RjNzgtZWEyNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMIXrdkXMUaNIpJOaOVUhfLPjpYbdhMp3iaxAL/aLhEMXIihRpTuYoqPo8PZ
/NgMvePBpVnJIoJvLK5crfpEPR58VxggFvEbzUDoYmZ4ioc7FASIEx1NrWHNsKMv
QItgKglwXs338OFB5H0t/9UpkZ2yTBixL3pBu5q2L1ZbiNOeQlxuIyISHqkSNqkT
TxReLbZluVnUmnXcHmz2N/rcGkXc67gBJDB/elhbb+m0+KGZl603Tt48joYTp6du
3hZbb8KroZCC4AnKajFwIwZdOe19kmlCeNWPE3Aog4n//vlWNQREOmoRCEn+FdCr
UP29k6OZOFYM062dX5JJwuTRGQ8CAwEAAaOCAvwwggL4MB0GA1UdDgQWBBQQESm1
3OYMMqAuiWbNX8sMkD/wdjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0M1NTExNDQw
RTc3NTExRUZCNTYyQjY3M0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGFBggrBgEFBQcBBwEB
/wR2MHQwWgQCAAEwVAMEAi11tAMEAmcSSAMEAmdFDAMEAmdUuAMEAmdYAAMEAWeK
CAMEAWeTAAMEAGeZDAMEAWedBAMEAWedCgMEAWekLgMEAWelHAMEAmfhOAMEApaB
LDAWBAIAAjAQAwcAIAEN8IAAAwUAJAfBQDANBgkqhkiG9w0BAQsFAAOCAQEACeOU
3ihF0Z+mAR1n6vkscizrb2BMmqRrvoUVDyohrREO0FflOurjVyqJ0yE2oZug/BRy
2ze9fIV2+ZB16nx+HKB5pIBpVM58PCsfdaQf5hFuKn3MmzV4Y6qOS+zkufgGGfCV
lFhBd/V7LIA+lZtheSV/ssy3avifLHoN24OJXwHiAvjn4mOpDh5n4fcebOk+sGHf
PH31+smu12WlUc9xSXIMWAkS9GGGbKzcp+OIVEqCFCss0wwloaAV3A744NKUvjP5
vSLQpGy8MEY4Xr8Yzst1yy1j58lVVPWqrWoUYC7+Uj7mxJMIStaFJWhgJp4n8zPJ
TKI1jABezCIwRUtA0w==
-----END CERTIFICATE-----
Generated at Wed May 14 08:36:43 2025 by rpki-client