Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EBD48D1E0F8311F0AB75BC25C4F9AE02.roa
File: EBD48D1E0F8311F0AB75BC25C4F9AE02.roa (raw, json)
Hash identifier: S8VTJ9wPYQ2KZz1TwDAGSy+7Rt+WUyP75tUDQUnUxUU=
Subject key identifier: CA:F2:46:8F:BC:86:3A:BF:0F:16:37:C2:F4:F7:AA:F7:E9:CC:C9:A5
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: B1D8
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EBD48D1E0F8311F0AB75BC25C4F9AE02.roa
Signing time: Thu 08 May 2025 15:58:48 +0000
ROA not before: Thu 08 May 2025 15:58:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 133594
IP address blocks: 14.102.1.0/24 maxlen: 24
14.102.2.0/23 maxlen: 24
14.102.3.0/24 maxlen: 24
14.102.22.0/23 maxlen: 24
14.102.24.0/22 maxlen: 24
14.102.32.0/22 maxlen: 24
14.102.36.0/23 maxlen: 24
14.102.38.0/24 maxlen: 24
14.102.40.0/22 maxlen: 24
14.102.43.0/24 maxlen: 24
14.102.44.0/24 maxlen: 24
14.102.45.0/24 maxlen: 24
14.102.48.0/24 maxlen: 24
14.102.50.0/24 maxlen: 24
14.102.56.0/23 maxlen: 24
14.102.57.0/24 maxlen: 24
14.102.59.0/24 maxlen: 24
14.102.64.0/22 maxlen: 24
14.102.66.0/24 maxlen: 24
14.102.68.0/22 maxlen: 24
14.102.72.0/22 maxlen: 24
14.102.76.0/23 maxlen: 24
14.102.78.0/24 maxlen: 24
14.102.80.0/23 maxlen: 24
14.102.82.0/24 maxlen: 24
14.102.88.0/24 maxlen: 24
14.102.92.0/23 maxlen: 24
14.102.95.0/24 maxlen: 24
14.102.96.0/23 maxlen: 24
14.102.100.0/23 maxlen: 24
14.102.103.0/24 maxlen: 24
14.102.104.0/22 maxlen: 24
14.102.108.0/22 maxlen: 24
14.102.112.0/22 maxlen: 24
14.102.116.0/22 maxlen: 24
14.102.120.0/22 maxlen: 24
14.102.123.0/24 maxlen: 24
14.102.125.0/24 maxlen: 24
14.102.126.0/23 maxlen: 24
110.172.136.0/24 maxlen: 24
110.172.150.0/24 maxlen: 24
110.172.168.0/24 maxlen: 24
111.235.64.0/22 maxlen: 24
118.91.176.0/24 maxlen: 24
202.89.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 21 May 2025 06:02:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45528 (0xb1d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 8 15:58:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=681cd4b8-95af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b5:9c:ec:11:61:7d:73:85:27:03:5c:7b:64:
2a:88:d4:6b:d8:35:4d:1f:61:19:4c:60:e8:f2:b5:
e0:f2:cd:ad:b4:2e:e5:fd:ef:ca:4c:39:05:99:8f:
60:f7:df:8f:a2:c8:c1:3a:48:ea:14:74:bc:b7:4a:
64:41:b4:d4:3d:62:1b:e3:4d:d1:30:00:af:65:14:
fc:df:97:04:27:58:95:80:7e:e5:7e:72:e7:dd:e9:
a8:f1:f0:77:1a:4c:23:09:0c:1f:30:4c:57:c3:cf:
af:fb:40:e7:0a:2e:c2:a1:7f:32:cb:bc:0b:3b:d0:
11:f7:68:25:b3:9b:e0:d1:65:fc:62:97:38:1a:cf:
f1:e5:79:47:3f:50:dc:2c:df:2e:19:3a:44:cc:19:
a6:5b:46:0e:54:d4:53:ed:20:92:ad:36:10:30:fb:
07:37:0e:cb:12:47:81:69:ce:85:c8:c0:7a:15:58:
84:57:ba:79:d3:04:41:27:e8:ba:84:f8:42:49:4b:
16:1e:3f:f6:fd:c8:44:57:4c:70:06:8f:41:18:2f:
77:54:71:5f:9a:ec:67:08:42:32:8c:f5:4f:b0:a1:
8d:a2:55:d2:17:9d:0d:e3:8d:dc:64:0d:6a:74:d2:
d2:17:da:89:26:d8:c1:d1:2c:1e:28:d5:18:a4:51:
28:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:F2:46:8F:BC:86:3A:BF:0F:16:37:C2:F4:F7:AA:F7:E9:CC:C9:A5
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EBD48D1E0F8311F0AB75BC25C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.102.1.0-14.102.3.255
14.102.22.0-14.102.27.255
14.102.32.0-14.102.38.255
14.102.40.0-14.102.45.255
14.102.48.0/24
14.102.50.0/24
14.102.56.0/23
14.102.59.0/24
14.102.64.0-14.102.78.255
14.102.80.0-14.102.82.255
14.102.88.0/24
14.102.92.0/23
14.102.95.0-14.102.97.255
14.102.100.0/23
14.102.103.0-14.102.123.255
14.102.125.0-14.102.127.255
110.172.136.0/24
110.172.150.0/24
110.172.168.0/24
111.235.64.0/22
118.91.176.0/24
202.89.70.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:e3:61:32:f1:36:d5:66:09:bb:91:8d:86:8c:9d:77:56:6d:
99:9c:b0:59:b9:78:52:55:17:5e:b5:51:1a:ac:f8:8a:7d:21:
bc:ac:6d:57:f5:b9:09:9a:4e:cc:83:a4:01:6b:67:27:95:49:
44:54:91:f2:3d:df:ca:3d:97:88:d3:0f:bf:a2:42:ce:cf:41:
fb:4f:49:89:ab:4c:4a:3c:05:69:f1:d9:65:35:04:d1:df:98:
3c:37:03:7b:4d:63:09:dc:35:e2:1f:7f:5c:36:ab:4f:0a:7b:
eb:0e:29:c2:26:72:2a:26:b3:a0:84:55:88:56:99:f7:68:71:
8c:a1:ac:6c:8a:12:19:68:ee:06:d6:a2:cf:ab:16:7f:e2:dc:
36:f7:be:ad:3a:51:70:9a:26:e3:56:6c:48:ec:c0:eb:45:e1:
36:3a:7b:f5:39:76:4c:18:eb:7d:95:5f:99:5a:02:59:c1:d6:
40:5b:65:51:8a:33:70:82:1b:09:c9:8f:de:ff:0b:dd:e5:23:
29:77:9a:56:f7:bf:c8:fe:e3:e2:49:5d:04:3b:bf:8b:fe:68:
0c:62:9f:66:04:19:45:d5:fe:d0:73:ff:e3:04:83:6b:6c:51:
44:a5:b1:63:0f:f3:db:be:93:73:d2:bb:4a:01:b9:c0:6b:e2:
0c:2a:cf:e1
-----BEGIN CERTIFICATE-----
MIIGPTCCBSWgAwIBAgIDALHYMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUwODE1NTg0OFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgxY2Q0YjgtOTVhZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMi1nOwRYX1zhScDXHtkKojUa9g1TR9hGUxg6PK14PLNrbQu5f3vykw5BZmP
YPffj6LIwTpI6hR0vLdKZEG01D1iG+NN0TAAr2UU/N+XBCdYlYB+5X5y593pqPHw
dxpMIwkMHzBMV8PPr/tA5wouwqF/Msu8CzvQEfdoJbOb4NFl/GKXOBrP8eV5Rz9Q
3CzfLhk6RMwZpltGDlTUU+0gkq02EDD7BzcOyxJHgWnOhcjAehVYhFe6edMEQSfo
uoT4QklLFh4/9v3IRFdMcAaPQRgvd1RxX5rsZwhCMoz1T7ChjaJV0hedDeON3GQN
anTS0hfaiSbYwdEsHijVGKRRKMkCAwEAAaOCA2AwggNcMB0GA1UdDgQWBBTK8kaP
vIY6vw8WN8L096r36czJpTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0VCRDQ4RDFF
MEY4MzExRjBBQjc1QkMyNUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIHpBggrBgEFBQcBBwEB
/wSB2TCB1jCB0wQCAAEwgcwwDAMEAA5mAQMEAg5mADAMAwQBDmYWAwQCDmYYMAwD
BAUOZiADBAAOZiYwDAMEAw5mKAMEAQ5mLAMEAA5mMAMEAA5mMgMEAQ5mOAMEAA5m
OzAMAwQGDmZAAwQADmZOMAwDBAQOZlADBAAOZlIDBAAOZlgDBAEOZlwwDAMEAA5m
XwMEAQ5mYAMEAQ5mZDAMAwQADmZnAwQCDmZ4MAwDBAAOZn0DBAcOZgADBABurIgD
BABurJYDBABurKgDBAJv60ADBAB2W7ADBADKWUYwDQYJKoZIhvcNAQELBQADggEB
AJzjYTLxNtVmCbuRjYaMnXdWbZmcsFm5eFJVF161URqs+Ip9IbysbVf1uQmaTsyD
pAFrZyeVSURUkfI938o9l4jTD7+iQs7PQftPSYmrTEo8BWnx2WU1BNHfmDw3A3tN
YwncNeIff1w2q08Ke+sOKcImcioms6CEVYhWmfdocYyhrGyKEhlo7gbWos+rFn/i
3Db3vq06UXCaJuNWbEjswOtF4TY6e/U5dkwY632VX5laAlnB1kBbZVGKM3CCGwnJ
j97/C93lIyl3mlb3v8j+4+JJXQQ7v4v+aAxin2YEGUXV/tBz/+MEg2tsUUSlsWMP
89u+k3PSu0oBucBr4gwqz+E=
-----END CERTIFICATE-----
Generated at Wed May 14 07:52:01 2025 by rpki-client