Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E38180A63B8C11F09DFC2A7BC4F9AE02.roa
File: E38180A63B8C11F09DFC2A7BC4F9AE02.roa (raw, json)
Hash identifier: nOsU+tUAb1ErzI/I41tFePlardx9evVeCebgAfsv2kk=
Subject key identifier: 49:79:F7:BA:51:2E:D3:68:C2:69:79:DA:09:0E:9A:D1:87:40:FE:7F
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: BE9D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E38180A63B8C11F09DFC2A7BC4F9AE02.roa
Signing time: Thu 19 Jun 2025 09:07:41 +0000
ROA not before: Thu 19 Jun 2025 09:07:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 45804
IP address blocks: 43.251.168.0/22 maxlen: 24
43.251.172.0/22 maxlen: 24
43.251.176.0/22 maxlen: 24
45.114.176.0/22 maxlen: 24
45.116.188.0/22 maxlen: 24
45.248.56.0/22 maxlen: 24
103.27.140.0/22 maxlen: 24
103.43.80.0/24 maxlen: 24
103.43.81.0/24 maxlen: 24
103.43.82.0/24 maxlen: 24
103.43.83.0/24 maxlen: 24
103.56.236.0/22 maxlen: 24
103.76.80.0/22 maxlen: 24
103.93.100.0/22 maxlen: 24
103.100.20.0/24 maxlen: 24
103.100.21.0/24 maxlen: 24
103.100.22.0/24 maxlen: 24
103.100.23.0/24 maxlen: 24
103.147.238.0/23 maxlen: 24
103.168.78.0/23 maxlen: 24
103.176.138.0/23 maxlen: 24
103.180.216.0/23 maxlen: 24
103.193.88.0/22 maxlen: 24
103.216.204.0/22 maxlen: 24
103.244.240.0/22 maxlen: 24
103.244.244.0/24 maxlen: 24
103.245.2.0/24 maxlen: 24
103.245.20.0/24 maxlen: 24
103.251.80.0/22 maxlen: 24
114.29.224.0/22 maxlen: 24
150.129.108.0/22 maxlen: 24
150.129.132.0/22 maxlen: 24
2001:df0:9fc0::/48 maxlen: 48
2001:df4:4240::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 10 Jul 2025 03:15:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48797 (0xbe9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jun 19 09:07:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6853d35d-d236
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:7e:9c:5b:e2:a2:a0:34:78:42:24:d0:dc:62:
15:26:60:cc:c0:6f:84:8e:47:d8:f8:5c:f2:03:98:
75:bb:56:dc:ef:78:9a:f0:65:61:84:9e:5d:e6:1d:
a4:ec:5e:90:48:bf:28:a0:63:00:2e:9c:45:6a:1e:
08:eb:14:2c:d6:e3:46:b2:c8:53:b9:90:f5:a2:89:
32:b2:85:67:f6:d8:46:c6:93:b1:bb:a2:5d:2a:d9:
ab:30:f1:c8:80:fc:37:fd:58:70:06:4e:a9:7a:1b:
4f:29:30:1b:66:df:8e:ff:20:ba:21:21:42:3d:dd:
a6:6c:8e:c3:87:26:b9:23:16:ac:d3:20:95:a6:5d:
b1:89:e1:a4:3b:ed:71:63:26:25:2a:c0:c9:dd:f9:
34:c4:83:4f:c0:45:f3:f1:ae:08:c4:b4:5e:88:90:
49:87:4e:87:5f:42:8f:b4:97:6e:24:78:f5:9b:86:
c0:06:8b:fc:fa:ff:b4:8c:70:9b:f4:df:7c:a3:b7:
f6:69:30:70:6a:b9:9f:0d:0b:c7:1c:7e:64:81:32:
eb:7d:8c:a7:58:98:09:0f:15:6e:11:cb:7d:e8:e5:
2c:20:ca:e5:3d:74:ad:14:68:d5:f1:7a:46:68:52:
eb:43:ae:85:54:c4:9b:f5:d5:a0:20:f6:8a:14:f0:
c9:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:79:F7:BA:51:2E:D3:68:C2:69:79:DA:09:0E:9A:D1:87:40:FE:7F
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E38180A63B8C11F09DFC2A7BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.251.168.0-43.251.179.255
45.114.176.0/22
45.116.188.0/22
45.248.56.0/22
103.27.140.0/22
103.43.80.0/22
103.56.236.0/22
103.76.80.0/22
103.93.100.0/22
103.100.20.0/22
103.147.238.0/23
103.168.78.0/23
103.176.138.0/23
103.180.216.0/23
103.193.88.0/22
103.216.204.0/22
103.244.240.0-103.244.244.255
103.245.2.0/24
103.245.20.0/24
103.251.80.0/22
114.29.224.0/22
150.129.108.0/22
150.129.132.0/22
IPv6:
2001:df0:9fc0::/48
2001:df4:4240::/48
Signature Algorithm: sha256WithRSAEncryption
a1:ab:27:fe:03:88:1c:48:59:c1:df:40:91:b3:90:25:a3:63:
e4:ee:fb:47:7c:19:50:f2:fe:46:e5:3d:a1:ba:f6:9b:2d:25:
1a:a9:34:8d:41:83:8e:3c:92:da:f8:c3:71:e9:6a:bc:81:d7:
e2:38:31:aa:a9:16:e7:49:96:b9:10:db:d9:7d:ec:bb:c5:db:
7c:a1:7a:ba:01:47:7f:42:79:f4:78:5b:62:4b:21:12:a6:b9:
f5:1d:ce:10:ba:44:af:47:0f:aa:f5:c8:74:3c:fa:b2:3f:de:
95:72:5c:53:2d:98:47:94:c6:57:79:f8:56:d8:65:da:dc:cc:
f6:21:5d:ea:6a:87:df:9e:9b:c4:88:89:fd:96:51:61:68:c2:
ef:8c:65:08:d2:68:b0:0e:5f:63:72:af:c3:af:d5:ee:17:3c:
8c:bf:db:bc:1e:23:bb:8a:5a:a9:f1:12:32:2a:ea:b9:f6:d5:
7d:76:a8:d2:64:e0:43:7e:f5:73:6c:6a:1e:5b:1f:6b:a4:a7:
a1:39:3a:53:05:d3:69:ef:43:84:7d:f0:e9:15:de:c4:ab:34:
f6:85:fa:0e:fc:a1:5f:08:48:11:c9:b2:fd:83:26:d1:5d:85:
71:5d:48:ce:8b:e4:61:70:e9:ba:7d:a7:53:17:22:fe:da:3d:
77:c4:e2:f1
-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgIDAL6dMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDYxOTA5MDc0MVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjg1M2QzNWQtZDIzNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN1+nFvioqA0eEIk0NxiFSZgzMBvhI5H2Phc8gOYdbtW3O94mvBlYYSeXeYd
pOxekEi/KKBjAC6cRWoeCOsULNbjRrLIU7mQ9aKJMrKFZ/bYRsaTsbuiXSrZqzDx
yID8N/1YcAZOqXobTykwG2bfjv8guiEhQj3dpmyOw4cmuSMWrNMglaZdsYnhpDvt
cWMmJSrAyd35NMSDT8BF8/GuCMS0XoiQSYdOh19Cj7SXbiR49ZuGwAaL/Pr/tIxw
m/TffKO39mkwcGq5nw0Lxxx+ZIEy632Mp1iYCQ8VbhHLfejlLCDK5T10rRRo1fF6
RmhS60OuhVTEm/XVoCD2ihTwyYUCAwEAAaOCA0gwggNEMB0GA1UdDgQWBBRJefe6
US7TaMJpedoJDprRh0D+fzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0UzODE4MEE2
M0I4QzExRjA5REZDMkE3QkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIHRBggrBgEFBQcBBwEB
/wSBwTCBvjCBoQQCAAEwgZowDAMEAyv7qAMEAiv7sAMEAi1ysAMEAi10vAMEAi34
OAMEAmcbjAMEAmcrUAMEAmc47AMEAmdMUAMEAmddZAMEAmdkFAMEAWeT7gMEAWeo
TgMEAWewigMEAWe02AMEAmfBWAMEAmfYzDAMAwQEZ/TwAwQAZ/T0AwQAZ/UCAwQA
Z/UUAwQCZ/tQAwQCch3gAwQCloFsAwQCloGEMBgEAgACMBIDBwAgAQ3wn8ADBwAg
AQ30QkAwDQYJKoZIhvcNAQELBQADggEBAKGrJ/4DiBxIWcHfQJGzkCWjY+Tu+0d8
GVDy/kblPaG69pstJRqpNI1Bg448ktr4w3HparyB1+I4MaqpFudJlrkQ29l97LvF
23yheroBR39CefR4W2JLIRKmufUdzhC6RK9HD6r1yHQ8+rI/3pVyXFMtmEeUxld5
+FbYZdrczPYhXepqh9+em8SIif2WUWFowu+MZQjSaLAOX2Nyr8Ov1e4XPIy/27we
I7uKWqnxEjIq6rn21X12qNJk4EN+9XNsah5bH2ukp6E5OlMF02nvQ4R98OkV3sSr
NPaF+g78oV8ISBHJsv2DJtFdhXFdSM6L5GFw6bp9p1MXIv7aPXfE4vE=
-----END CERTIFICATE-----
Generated at Thu Jul 3 07:06:09 2025 by rpki-client