Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EF91B17CBD0111EAAA712152C4F9AE02.roa
File: EF91B17CBD0111EAAA712152C4F9AE02.roa (raw, json)
Hash identifier: 6uFx/Zm9V/Q3KJ4/2xqO/UgLtllw2l938IvwgLqmCWw=
Subject key identifier: B0:F8:F4:DD:8B:49:2D:92:2B:41:7C:3D:67:AA:3E:BB:79:80:E9:08
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: B9E1
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EF91B17CBD0111EAAA712152C4F9AE02.roa
Signing time: Thu 08 May 2025 16:30:08 +0000
ROA not before: Thu 08 May 2025 16:30:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 18207
IP address blocks: 103.170.42.0/23 maxlen: 24
203.88.128.0/24 maxlen: 24
203.88.129.0/24 maxlen: 24
203.88.130.0/24 maxlen: 24
203.88.131.0/24 maxlen: 24
203.88.133.0/24 maxlen: 24
203.88.135.0/24 maxlen: 24
203.88.137.0/24 maxlen: 24
203.88.138.0/24 maxlen: 24
203.88.139.0/24 maxlen: 24
203.88.140.0/24 maxlen: 24
203.88.141.0/24 maxlen: 24
203.88.142.0/24 maxlen: 24
203.88.143.0/24 maxlen: 24
203.88.144.0/24 maxlen: 24
203.88.145.0/24 maxlen: 24
203.88.147.0/24 maxlen: 24
203.88.148.0/24 maxlen: 24
203.88.149.0/24 maxlen: 24
203.88.154.0/24 maxlen: 24
203.88.155.0/24 maxlen: 24
203.88.156.0/24 maxlen: 24
203.88.157.0/24 maxlen: 24
203.88.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 19 May 2025 18:54:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47585 (0xb9e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 8 16:30:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=681cdc10-65c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:7d:f6:62:55:13:5a:8d:a3:ab:9d:00:77:63:
96:21:f1:e3:4f:ce:51:1a:62:36:96:fa:d7:f3:9f:
dc:7b:a9:2a:30:6b:d8:0e:0c:46:39:be:9f:c8:58:
70:e5:88:f6:da:c0:0c:59:41:dd:8e:e0:f5:b1:62:
ff:5c:db:80:bd:8f:9d:20:0c:29:07:2f:4d:f2:e1:
60:7d:87:58:2f:fe:2a:28:04:db:63:fe:71:47:7e:
9d:e9:8e:e4:02:d8:57:42:ad:e5:72:7b:ce:ab:2e:
bd:5f:a3:b5:19:e4:c6:1e:65:f7:8d:71:62:66:44:
42:c5:16:c8:cf:50:e9:73:56:5b:a5:16:3c:12:14:
55:74:29:76:9c:27:f0:8e:f1:a2:18:0f:1f:e7:35:
f1:02:f7:98:ec:7f:a5:4a:e7:17:2d:49:ec:84:db:
cb:34:1e:91:e7:18:b6:46:0c:3d:bf:36:39:a3:a6:
1e:e8:5f:81:38:be:b3:13:43:a4:70:59:a0:a4:cd:
d8:a0:38:3b:37:c4:96:cc:67:23:21:7f:b3:90:62:
5b:1d:96:40:52:6d:ae:d5:c6:39:8c:eb:87:c3:3b:
f8:40:23:81:f3:2a:50:9f:e1:be:e5:29:81:bd:69:
78:bc:25:d6:38:ac:35:45:46:0b:b7:f5:08:10:7d:
0e:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:F8:F4:DD:8B:49:2D:92:2B:41:7C:3D:67:AA:3E:BB:79:80:E9:08
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EF91B17CBD0111EAAA712152C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.170.42.0/23
203.88.128.0/22
203.88.133.0/24
203.88.135.0/24
203.88.137.0-203.88.145.255
203.88.147.0-203.88.149.255
203.88.154.0-203.88.158.255
Signature Algorithm: sha256WithRSAEncryption
0d:4f:5f:a9:96:57:45:8f:37:a0:4a:39:1b:5b:45:f8:ae:91:
1f:88:f6:fe:94:cb:be:9d:49:43:dd:40:fe:3f:52:29:16:f3:
11:80:81:ca:8c:b4:8e:e1:a7:39:34:d5:4d:2d:e1:f5:04:2e:
57:7c:58:3d:3c:ce:4d:5f:69:2c:7a:97:65:41:63:46:fb:20:
00:84:ab:b0:6f:35:8e:05:69:83:dc:7f:bd:07:22:4d:aa:b5:
35:0b:79:dc:e4:6b:a9:7b:b3:b7:60:a3:7e:7b:ac:99:7f:40:
5f:6a:45:47:5c:98:10:f8:46:17:8e:ac:a6:11:94:29:68:9d:
fd:c1:0c:b6:76:31:1f:8f:ac:72:e3:cb:f3:d6:ec:a8:a2:70:
e8:73:64:ae:78:87:06:29:c9:49:5c:85:17:3c:21:47:26:93:
ba:b5:42:78:5e:09:5d:34:9f:d8:c9:dc:a6:12:91:e5:00:4a:
31:0e:86:99:ea:3b:5e:03:70:95:d6:e0:f9:c5:99:d4:ce:b9:
31:e6:5f:07:d7:6a:fc:e1:c1:94:56:b9:66:09:95:8c:aa:a4:
02:a6:7c:6e:b4:e2:0b:b6:7e:b4:3b:f6:c0:9e:e4:af:91:84:
e5:19:eb:1b:e9:69:fd:68:fc:06:6d:90:be:9b:7d:f4:e7:ba:
3c:0b:2c:f9
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgIDALnhMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUwODE2MzAwOFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgxY2RjMTAtNjVjNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANF99mJVE1qNo6udAHdjliHx40/OURpiNpb61/Of3HupKjBr2A4MRjm+n8hY
cOWI9trADFlB3Y7g9bFi/1zbgL2PnSAMKQcvTfLhYH2HWC/+KigE22P+cUd+nemO
5ALYV0Kt5XJ7zqsuvV+jtRnkxh5l941xYmZEQsUWyM9Q6XNWW6UWPBIUVXQpdpwn
8I7xohgPH+c18QL3mOx/pUrnFy1J7ITbyzQekecYtkYMPb82OaOmHuhfgTi+sxND
pHBZoKTN2KA4OzfElsxnIyF/s5BiWx2WQFJtrtXGOYzrh8M7+EAjgfMqUJ/hvuUp
gb1peLwl1jisNUVGC7f1CBB9DncCAwEAAaOCAtEwggLNMB0GA1UdDgQWBBSw+PTd
i0ktkitBfD1nqj67eYDpCDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0VGOTFCMTdD
QkQwMTExRUFBQTcxMjE1MkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMFsGCCsGAQUFBwEHAQH/
BEwwSjBIBAIAATBCAwQBZ6oqAwQCy1iAAwQAy1iFAwQAy1iHMAwDBADLWIkDBAHL
WJAwDAMEAMtYkwMEActYlDAMAwQBy1iaAwQAy1ieMA0GCSqGSIb3DQEBCwUAA4IB
AQANT1+plldFjzegSjkbW0X4rpEfiPb+lMu+nUlD3UD+P1IpFvMRgIHKjLSO4ac5
NNVNLeH1BC5XfFg9PM5NX2ksepdlQWNG+yAAhKuwbzWOBWmD3H+9ByJNqrU1C3nc
5Gupe7O3YKN+e6yZf0BfakVHXJgQ+EYXjqymEZQpaJ39wQy2djEfj6xy48vz1uyo
onDoc2SueIcGKclJXIUXPCFHJpO6tUJ4XgldNJ/YydymEpHlAEoxDoaZ6jteA3CV
1uD5xZnUzrkx5l8H12r84cGUVrlmCZWMqqQCpnxutOILtn60O/bAnuSvkYTlGesb
6Wn9aPwGbZC+m33057o8Cyz5
-----END CERTIFICATE-----
Generated at Tue May 13 04:53:30 2025 by rpki-client