Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F0AD15386E4211EEA90FD86EC4F9AE02.roa
File: F0AD15386E4211EEA90FD86EC4F9AE02.roa (raw, json)
Hash identifier: BwELx3s0THP7S1L0vERGk2OM0v80rQa/TX9obmbslzc=
Subject key identifier: BA:82:A7:FA:E4:D8:CE:21:95:FA:43:64:58:78:3B:92:DF:AF:7F:1F
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: BA19
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F0AD15386E4211EEA90FD86EC4F9AE02.roa
Signing time: Thu 08 May 2025 16:30:59 +0000
ROA not before: Thu 08 May 2025 16:30:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 45582
IP address blocks: 27.116.16.0/21 maxlen: 24
45.112.184.0/24 maxlen: 24
45.112.185.0/24 maxlen: 24
45.112.186.0/24 maxlen: 24
45.112.187.0/24 maxlen: 24
45.118.72.0/22 maxlen: 24
45.249.48.0/24 maxlen: 24
45.249.50.0/24 maxlen: 24
103.10.132.0/22 maxlen: 24
103.22.172.0/22 maxlen: 24
103.52.36.0/22 maxlen: 24
103.124.28.0/23 maxlen: 24
103.126.42.0/23 maxlen: 24
103.178.208.0/23 maxlen: 24
103.196.4.0/22 maxlen: 24
103.217.212.0/22 maxlen: 24
119.235.48.0/21 maxlen: 24
182.48.214.0/24 maxlen: 24
182.48.219.0/24 maxlen: 24
182.48.254.0/24 maxlen: 24
202.131.131.0/24 maxlen: 24
202.140.56.0/24 maxlen: 24
202.140.57.0/24 maxlen: 24
2400:3680::/32 maxlen: 32
2400:3680:700::/40 maxlen: 40
2400:3680:800::/40 maxlen: 40
2400:3680:900::/40 maxlen: 40
2400:f1e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 19 May 2025 18:54:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47641 (0xba19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 8 16:30:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=681cdc43-b6a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ca:f3:20:be:7b:12:e9:d2:df:15:c8:20:b3:
cd:38:5e:d4:2c:f7:ea:f4:81:05:b3:fb:47:b2:23:
78:85:3d:e3:20:81:79:92:57:7c:8b:4c:ef:7a:ef:
9e:2f:52:92:c5:ca:18:be:29:2d:7e:1f:d1:86:e5:
c7:8f:d7:15:ea:b0:7a:45:0c:e8:ed:ed:76:ee:92:
d1:5c:b3:b3:33:8d:30:13:d2:6a:d9:65:d9:35:2f:
fb:c5:7b:44:f9:d4:fb:8d:6a:7b:a8:c5:bc:45:a7:
b5:32:ef:26:ac:a9:44:2b:7f:c9:7e:8d:df:56:b5:
8b:70:8d:b9:1f:29:7d:e8:fb:c2:b5:72:e6:e2:af:
66:e6:93:f2:b3:c8:13:98:75:8a:33:6f:e3:b4:5b:
ee:c0:07:c9:34:13:f8:4b:b3:15:de:47:50:e3:45:
2f:1e:38:8d:4c:a3:68:73:5a:f8:67:e6:ea:97:1d:
98:77:62:86:c4:3c:d0:e6:7f:f7:10:49:8b:62:c0:
75:93:cb:b9:e5:0e:02:0f:7b:c6:e6:8d:8b:24:f0:
6e:69:2a:bd:47:4a:b5:b7:03:78:78:0e:4d:3b:77:
e3:65:59:03:c4:bd:b0:be:28:45:26:3a:36:73:b9:
16:10:90:db:bc:a2:cd:5a:69:82:d4:3f:82:de:49:
34:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:82:A7:FA:E4:D8:CE:21:95:FA:43:64:58:78:3B:92:DF:AF:7F:1F
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F0AD15386E4211EEA90FD86EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.116.16.0/21
45.112.184.0/22
45.118.72.0/22
45.249.48.0/24
45.249.50.0/24
103.10.132.0/22
103.22.172.0/22
103.52.36.0/22
103.124.28.0/23
103.126.42.0/23
103.178.208.0/23
103.196.4.0/22
103.217.212.0/22
119.235.48.0/21
182.48.214.0/24
182.48.219.0/24
182.48.254.0/24
202.131.131.0/24
202.140.56.0/23
IPv6:
2400:3680::/32
2400:f1e0::/32
Signature Algorithm: sha256WithRSAEncryption
20:bc:e0:20:f6:76:7a:1c:5e:b4:4c:59:1a:c2:4e:09:fc:66:
5c:14:14:f1:ac:c6:35:c6:5f:6b:67:c6:6e:80:5c:3d:78:af:
5a:c0:75:89:78:bc:b3:18:b9:16:5a:d3:7b:7f:ed:fa:e1:2a:
1b:8f:e9:db:15:14:31:8f:03:c7:d2:27:ba:b7:f2:bf:60:bf:
40:25:84:50:fe:fe:60:ef:9f:54:f3:e5:c8:8f:7c:04:35:10:
56:cd:83:a6:a3:95:75:e8:b6:94:5f:09:f8:5f:3b:3d:58:35:
0b:c2:d0:c6:b4:76:e8:22:d6:10:fe:ce:0a:75:d8:a8:9e:77:
c2:5f:f2:a6:9c:43:09:a3:25:4c:48:24:88:53:cc:20:05:d8:
8a:77:ca:bd:19:eb:34:51:31:6c:52:e6:2c:79:36:8a:4d:7f:
27:d4:37:f8:08:42:71:65:ae:7f:84:a1:86:b3:44:5b:2b:0f:
75:cc:0f:43:7b:d6:60:cc:2b:8b:fb:8c:75:da:e7:1a:a7:f4:
21:cc:e4:e3:f1:13:d4:db:79:25:23:94:50:92:92:35:3c:b9:
fd:d2:82:ca:4d:ce:bb:ab:5e:e1:48:73:38:90:37:20:48:b9:
23:e1:60:d0:60:d4:40:f4:e5:41:1f:1a:a5:0b:c5:97:89:41:
67:47:78:96
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIDALoZMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUwODE2MzA1OVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgxY2RjNDMtYjZhMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN3K8yC+exLp0t8VyCCzzThe1Cz36vSBBbP7R7IjeIU94yCBeZJXfItM73rv
ni9SksXKGL4pLX4f0Yblx4/XFeqwekUM6O3tdu6S0VyzszONMBPSatll2TUv+8V7
RPnU+41qe6jFvEWntTLvJqypRCt/yX6N31a1i3CNuR8pfej7wrVy5uKvZuaT8rPI
E5h1ijNv47Rb7sAHyTQT+EuzFd5HUONFLx44jUyjaHNa+Gfm6pcdmHdihsQ80OZ/
9xBJi2LAdZPLueUOAg97xuaNiyTwbmkqvUdKtbcDeHgOTTt342VZA8S9sL4oRSY6
NnO5FhCQ27yizVppgtQ/gt5JNKUCAwEAAaOCAxowggMWMB0GA1UdDgQWBBS6gqf6
5NjOIZX6Q2RYeDuS369/HzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0YwQUQxNTM4
NkU0MjExRUVBOTBGRDg2RUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGjBggrBgEFBQcBBwEB
/wSBkzCBkDB4BAIAATByAwQDG3QQAwQCLXC4AwQCLXZIAwQALfkwAwQALfkyAwQC
ZwqEAwQCZxasAwQCZzQkAwQBZ3wcAwQBZ34qAwQBZ7LQAwQCZ8QEAwQCZ9nUAwQD
d+swAwQAtjDWAwQAtjDbAwQAtjD+AwQAyoODAwQByow4MBQEAgACMA4DBQAkADaA
AwUAJADx4DANBgkqhkiG9w0BAQsFAAOCAQEAILzgIPZ2ehxetExZGsJOCfxmXBQU
8azGNcZfa2fGboBcPXivWsB1iXi8sxi5FlrTe3/t+uEqG4/p2xUUMY8Dx9Inurfy
v2C/QCWEUP7+YO+fVPPlyI98BDUQVs2DpqOVdei2lF8J+F87PVg1C8LQxrR26CLW
EP7OCnXYqJ53wl/yppxDCaMlTEgkiFPMIAXYinfKvRnrNFExbFLmLHk2ik1/J9Q3
+AhCcWWuf4ShhrNEWysPdcwPQ3vWYMwri/uMddrnGqf0Iczk4/ET1Nt5JSOUUJKS
NTy5/dKCyk3Ou6te4UhzOJA3IEi5I+Fg0GDUQPTlQR8apQvFl4lBZ0d4lg==
-----END CERTIFICATE-----
Generated at Tue May 13 00:16:14 2025 by rpki-client