Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D6AABD98BC6B11EFAA982820C4F9AE02.roa
File: D6AABD98BC6B11EFAA982820C4F9AE02.roa (raw, json)
Hash identifier: SlV9kqnn0MYmJecps8739JQpZNE7Oz0yRusTVUjtaSk=
Subject key identifier: 46:12:AD:73:68:4F:BD:BB:3A:BC:8C:B7:B3:6B:7F:49:C4:33:16:6B
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: B121
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D6AABD98BC6B11EFAA982820C4F9AE02.roa
Signing time: Thu 08 May 2025 15:55:55 +0000
ROA not before: Thu 08 May 2025 15:55:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 10225
IP address blocks: 103.41.74.0/23 maxlen: 24
103.119.113.0/24 maxlen: 24
202.41.0.0/23 maxlen: 23
202.53.64.0/19 maxlen: 19
202.53.64.0/24 maxlen: 24
202.53.65.0/24 maxlen: 24
202.53.65.160/29 maxlen: 29
202.53.66.0/24 maxlen: 24
202.53.67.0/24 maxlen: 24
202.53.68.0/24 maxlen: 24
202.53.68.96/29 maxlen: 29
202.53.69.0/24 maxlen: 24
202.53.70.0/24 maxlen: 24
202.53.71.0/24 maxlen: 24
202.53.72.0/24 maxlen: 24
202.53.73.0/24 maxlen: 24
202.53.74.0/24 maxlen: 24
202.53.75.0/24 maxlen: 24
202.53.76.0/24 maxlen: 24
202.53.77.0/24 maxlen: 24
202.53.78.0/24 maxlen: 24
202.53.79.0/24 maxlen: 24
202.53.79.0/25 maxlen: 25
202.53.79.0/29 maxlen: 29
202.53.79.32/27 maxlen: 27
202.53.79.64/27 maxlen: 27
202.53.79.128/27 maxlen: 27
202.53.79.240/28 maxlen: 28
202.53.80.0/24 maxlen: 24
202.53.81.0/24 maxlen: 24
202.53.82.0/24 maxlen: 24
202.53.83.0/24 maxlen: 24
202.53.84.0/24 maxlen: 24
202.53.85.0/24 maxlen: 24
202.53.86.0/24 maxlen: 24
202.53.87.0/24 maxlen: 24
202.53.88.0/24 maxlen: 24
202.53.89.0/24 maxlen: 24
202.53.90.0/24 maxlen: 24
202.53.91.0/24 maxlen: 24
202.53.92.0/24 maxlen: 24
202.53.93.0/24 maxlen: 24
202.53.94.0/24 maxlen: 24
202.53.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 20 May 2025 05:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45345 (0xb121)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 8 15:55:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=681cd40a-dff9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e9:c9:7f:44:1f:4f:a7:6a:e7:9f:46:be:e6:
f5:be:23:b0:8a:3c:f3:77:b0:de:48:7a:2d:8e:9b:
02:cd:52:aa:c1:92:bf:b3:4a:b8:92:52:18:1e:b9:
48:01:15:9e:79:84:83:9d:70:14:2f:17:d2:6e:ea:
b3:48:7b:09:10:8c:01:84:66:74:1a:2a:c1:15:73:
b7:c1:5e:88:77:96:72:55:9e:78:4b:22:64:3b:7b:
13:67:46:10:df:7f:d0:25:c4:6c:9a:ba:a7:c1:70:
77:aa:10:e0:6d:76:59:c4:e0:1a:72:4a:8d:2a:fe:
19:7b:7c:be:d3:c9:2b:7e:20:45:01:6f:79:fc:7a:
19:a6:92:b3:f6:49:af:95:b2:39:63:ad:73:cd:61:
cf:ca:8b:18:84:7a:12:2f:2e:ee:2b:83:e5:8a:b7:
0f:cd:00:22:40:72:0d:b2:5a:12:96:54:97:30:ff:
bc:70:11:37:be:94:bd:84:10:8e:e2:9c:d8:d0:2a:
c3:4f:1d:e7:b9:fa:2b:fb:94:89:00:db:6b:99:92:
34:3c:da:8e:6c:ab:e5:a6:7f:5a:5d:a9:8c:ce:7b:
52:2a:d1:75:35:1f:3b:f0:e4:68:e5:4b:05:5e:db:
0e:49:cd:f0:d7:47:70:80:e8:c9:cc:8a:ce:a7:1a:
96:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:12:AD:73:68:4F:BD:BB:3A:BC:8C:B7:B3:6B:7F:49:C4:33:16:6B
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D6AABD98BC6B11EFAA982820C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.41.74.0/23
103.119.113.0/24
202.41.0.0/23
202.53.64.0/19
Signature Algorithm: sha256WithRSAEncryption
27:6d:b9:1c:25:86:3d:6c:46:6f:14:c2:99:e6:00:23:4c:57:
fd:b3:c3:1d:1c:77:6e:2a:ef:38:fb:02:da:8b:8c:37:7e:9a:
62:70:ea:93:c3:4a:81:e8:91:32:2f:bb:57:43:3e:e9:37:9c:
48:3d:6d:c3:d4:c7:8b:a7:a4:4c:32:54:86:75:f5:76:88:07:
07:4b:27:05:7b:f8:96:82:5a:de:cc:f4:91:13:96:85:24:41:
b5:91:ee:51:ca:4e:1d:43:78:3f:f7:b3:83:6c:21:03:ec:7b:
e7:30:2f:9c:e8:6f:d5:16:40:f4:51:03:d1:5b:f9:f1:6a:20:
e3:a9:63:27:fa:f3:2b:f3:ab:3f:32:d1:33:87:69:1b:59:dc:
e6:4d:34:77:44:7c:80:7e:cf:3e:6b:93:3d:84:af:0b:ba:ba:
f5:53:a3:b2:35:4f:bd:ca:f4:2a:06:e3:21:f5:ab:7e:e4:d2:
97:3e:fb:08:54:d9:c8:e1:b7:f9:f3:7f:af:05:dc:3e:43:28:
25:eb:3d:15:22:38:36:e1:17:b4:94:d5:ca:12:49:90:e7:cf:
77:75:43:19:68:92:28:e6:db:77:fc:5a:b2:3c:8a:5b:04:f2:
c9:ab:b0:cb:89:97:95:13:5e:34:d1:b1:06:1f:46:48:8e:ea:
c7:cd:ca:2c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALEhMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUwODE1NTU1NVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgxY2Q0MGEtZGZmOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMTpyX9EH0+nauefRr7m9b4jsIo883ew3kh6LY6bAs1SqsGSv7NKuJJSGB65
SAEVnnmEg51wFC8X0m7qs0h7CRCMAYRmdBoqwRVzt8FeiHeWclWeeEsiZDt7E2dG
EN9/0CXEbJq6p8Fwd6oQ4G12WcTgGnJKjSr+GXt8vtPJK34gRQFvefx6GaaSs/ZJ
r5WyOWOtc81hz8qLGIR6Ei8u7iuD5Yq3D80AIkByDbJaEpZUlzD/vHARN76UvYQQ
juKc2NAqw08d57n6K/uUiQDba5mSNDzajmyr5aZ/Wl2pjM57UirRdTUfO/DkaOVL
BV7bDknN8NdHcIDoycyKzqcaloUCAwEAAaOCAqcwggKjMB0GA1UdDgQWBBRGEq1z
aE+9uzq8jLeza39JxDMWazAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0Q2QUFCRDk4
QkM2QjExRUZBQTk4MjgyMEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDEGCCsGAQUFBwEHAQH/
BCIwIDAeBAIAATAYAwQBZylKAwQAZ3dxAwQByikAAwQFyjVAMA0GCSqGSIb3DQEB
CwUAA4IBAQAnbbkcJYY9bEZvFMKZ5gAjTFf9s8MdHHduKu84+wLai4w3fppicOqT
w0qB6JEyL7tXQz7pN5xIPW3D1MeLp6RMMlSGdfV2iAcHSycFe/iWglrezPSRE5aF
JEG1ke5Ryk4dQ3g/97ODbCED7HvnMC+c6G/VFkD0UQPRW/nxaiDjqWMn+vMr86s/
MtEzh2kbWdzmTTR3RHyAfs8+a5M9hK8Lurr1U6OyNU+9yvQqBuMh9at+5NKXPvsI
VNnI4bf583+vBdw+Qygl6z0VIjg24Re0lNXKEkmQ5893dUMZaJIo5tt3/FqyPIpb
BPLJq7DLiZeVE1400bEGH0ZIjurHzcos
-----END CERTIFICATE-----
Generated at Tue May 13 08:31:10 2025 by rpki-client