Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F1C4A79A0F8D11F0958C323CC4F9AE02.roa
File: F1C4A79A0F8D11F0958C323CC4F9AE02.roa (raw, json)
Hash identifier: 09QANeqLbEsTEQjKbnJB8yVw5DTn67ULQz7+ABmZc/U=
Subject key identifier: A1:20:D3:39:9E:9D:C9:9C:2C:EF:AB:79:15:59:76:A7:F3:AC:49:4A
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: B12B
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F1C4A79A0F8D11F0958C323CC4F9AE02.roa
Signing time: Thu 08 May 2025 15:56:06 +0000
ROA not before: Thu 08 May 2025 15:56:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 132116
IP address blocks: 27.123.240.0/22 maxlen: 24
43.247.40.0/24 maxlen: 24
43.247.41.0/24 maxlen: 24
43.247.42.0/24 maxlen: 24
43.247.43.0/24 maxlen: 24
43.248.152.0/22 maxlen: 24
43.248.240.0/24 maxlen: 24
43.248.241.0/24 maxlen: 24
43.248.242.0/24 maxlen: 24
43.248.243.0/24 maxlen: 24
45.248.0.0/22 maxlen: 24
45.248.172.0/24 maxlen: 24
45.248.173.0/24 maxlen: 24
45.248.174.0/24 maxlen: 24
45.248.175.0/24 maxlen: 24
103.16.28.0/24 maxlen: 24
103.16.29.0/24 maxlen: 24
103.16.30.0/24 maxlen: 24
103.16.31.0/24 maxlen: 24
103.28.252.0/22 maxlen: 24
103.40.200.0/22 maxlen: 24
103.68.20.0/24 maxlen: 24
103.68.22.0/24 maxlen: 24
103.68.23.0/24 maxlen: 24
103.68.87.0/24 maxlen: 24
103.69.24.0/24 maxlen: 24
103.69.25.0/24 maxlen: 24
103.69.26.0/24 maxlen: 24
103.69.27.0/24 maxlen: 24
103.69.244.0/22 maxlen: 24
103.70.80.0/24 maxlen: 24
103.70.81.0/24 maxlen: 24
103.70.82.0/24 maxlen: 24
103.70.83.0/24 maxlen: 24
103.91.73.0/24 maxlen: 24
103.91.74.0/24 maxlen: 24
103.94.83.0/24 maxlen: 24
103.100.4.0/22 maxlen: 24
103.102.147.0/24 maxlen: 24
103.103.55.0/24 maxlen: 24
103.105.96.0/24 maxlen: 24
103.124.120.0/23 maxlen: 24
103.153.12.0/24 maxlen: 24
103.164.141.0/24 maxlen: 24
103.165.88.0/23 maxlen: 24
103.165.102.0/23 maxlen: 24
103.167.154.0/23 maxlen: 24
103.167.182.0/23 maxlen: 24
103.167.224.0/23 maxlen: 24
103.167.238.0/23 maxlen: 24
103.168.60.0/23 maxlen: 24
103.169.242.0/23 maxlen: 24
103.170.36.0/23 maxlen: 24
103.170.38.0/23 maxlen: 24
103.170.84.0/23 maxlen: 24
103.183.86.0/23 maxlen: 24
103.183.233.0/24 maxlen: 24
103.190.8.0/24 maxlen: 24
103.190.9.0/24 maxlen: 24
103.192.64.0/24 maxlen: 24
103.192.66.0/24 maxlen: 24
103.192.67.0/24 maxlen: 24
103.198.172.0/22 maxlen: 24
103.216.140.0/24 maxlen: 24
103.216.142.0/24 maxlen: 24
103.216.143.0/24 maxlen: 24
103.217.132.0/22 maxlen: 24
103.224.144.0/22 maxlen: 24
119.42.56.0/22 maxlen: 24
163.53.84.0/22 maxlen: 24
180.149.225.0/24 maxlen: 24
180.149.226.0/24 maxlen: 24
180.149.227.0/24 maxlen: 24
2001:df1:d240::/48 maxlen: 48
2001:df3:6ec0::/48 maxlen: 48
2405:e100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 20 May 2025 13:22:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45355 (0xb12b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 8 15:56:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=681cd416-6bab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:34:36:f8:0b:38:97:a2:3e:c5:2f:d2:9f:1e:
6c:61:9e:43:c4:a4:7c:55:8d:b4:c9:d6:98:24:87:
2a:c4:dd:e3:4c:ce:6d:99:77:5f:12:f9:50:ae:7e:
5b:44:c4:60:d6:41:79:7d:61:e0:17:d9:0c:29:cb:
e9:59:b9:c0:bd:39:8f:08:03:37:20:d8:67:46:5a:
ef:81:03:d4:54:82:c3:7a:71:9b:55:ce:60:c3:12:
18:85:f6:d8:35:26:11:1d:c9:0f:8a:0e:79:57:0b:
7c:99:f8:e8:09:68:97:c1:36:a2:97:e5:f9:d6:d3:
15:0e:7c:a7:27:74:c6:53:15:1c:4e:c4:d5:c9:55:
8e:19:b6:ca:17:24:0d:3d:bf:05:09:31:52:21:c0:
d9:c9:71:f3:4f:8e:5b:79:05:94:19:f2:57:9c:4c:
38:31:f4:da:e4:44:66:b1:51:cf:7c:25:4f:ed:9a:
de:4e:55:2d:9c:f6:7d:e8:b1:12:2d:7d:f9:64:dd:
25:9c:be:4e:c6:b0:dc:73:25:1f:a6:a9:5f:e6:af:
db:30:70:33:87:3e:87:99:4f:e5:20:ff:99:18:25:
a9:63:bd:78:8a:64:90:27:76:88:bd:db:c6:cf:20:
e9:a2:e3:d0:63:bb:8e:6a:49:4a:a6:26:14:c6:5e:
ad:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:20:D3:39:9E:9D:C9:9C:2C:EF:AB:79:15:59:76:A7:F3:AC:49:4A
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F1C4A79A0F8D11F0958C323CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.123.240.0/22
43.247.40.0/22
43.248.152.0/22
43.248.240.0/22
45.248.0.0/22
45.248.172.0/22
103.16.28.0/22
103.28.252.0/22
103.40.200.0/22
103.68.20.0/24
103.68.22.0/23
103.68.87.0/24
103.69.24.0/22
103.69.244.0/22
103.70.80.0/22
103.91.73.0-103.91.74.255
103.94.83.0/24
103.100.4.0/22
103.102.147.0/24
103.103.55.0/24
103.105.96.0/24
103.124.120.0/23
103.153.12.0/24
103.164.141.0/24
103.165.88.0/23
103.165.102.0/23
103.167.154.0/23
103.167.182.0/23
103.167.224.0/23
103.167.238.0/23
103.168.60.0/23
103.169.242.0/23
103.170.36.0/22
103.170.84.0/23
103.183.86.0/23
103.183.233.0/24
103.190.8.0/23
103.192.64.0/24
103.192.66.0/23
103.198.172.0/22
103.216.140.0/24
103.216.142.0/23
103.217.132.0/22
103.224.144.0/22
119.42.56.0/22
163.53.84.0/22
180.149.225.0-180.149.227.255
IPv6:
2001:df1:d240::/48
2001:df3:6ec0::/48
2405:e100::/48
Signature Algorithm: sha256WithRSAEncryption
6b:40:e1:7b:14:11:62:af:0a:c6:49:c1:09:3f:16:38:18:87:
8d:c8:4e:b2:d3:84:e4:8f:4d:a9:f8:60:49:73:27:ec:05:85:
e4:e7:f6:8f:d4:47:57:78:b0:d7:9c:f0:fd:d2:5e:52:77:6e:
48:74:ec:32:54:29:06:13:ac:fc:cd:fa:3a:9a:c1:c7:84:2d:
ce:ce:16:71:e5:7c:a7:c9:e0:40:ed:56:4f:4e:4c:c8:b8:6f:
94:7f:ac:aa:86:35:d2:28:f3:b5:0c:85:5e:56:a7:16:5e:9a:
eb:b2:01:e7:58:d8:65:57:31:54:c7:02:ba:ea:25:d9:51:da:
b0:91:fa:43:8e:fe:96:cd:47:4f:0b:86:d8:33:c1:0e:e1:7f:
f4:fb:5c:f8:cb:97:cc:01:88:02:c1:ad:30:ec:34:ec:07:76:
f3:e1:cf:2e:05:aa:f0:87:01:01:ab:98:7a:88:d0:51:00:de:
3a:12:d5:98:fa:c3:88:bb:1c:32:17:80:d4:2c:11:b1:73:c8:
2c:6f:27:0e:39:f3:95:d2:84:91:96:dd:4d:4b:40:c5:f6:04:
6e:40:0b:05:ee:ba:2c:59:27:05:fe:6d:1d:51:36:0a:1a:1f:
1f:1f:29:ab:fb:7b:69:ec:b4:e4:7c:b9:23:b6:38:ee:81:a8:
9a:75:2c:09
-----BEGIN CERTIFICATE-----
MIIGwzCCBaugAwIBAgIDALErMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUwODE1NTYwNloXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgxY2Q0MTYtNmJhYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALk0NvgLOJeiPsUv0p8ebGGeQ8SkfFWNtMnWmCSHKsTd40zObZl3XxL5UK5+
W0TEYNZBeX1h4BfZDCnL6Vm5wL05jwgDNyDYZ0Za74ED1FSCw3pxm1XOYMMSGIX2
2DUmER3JD4oOeVcLfJn46Alol8E2opfl+dbTFQ58pyd0xlMVHE7E1clVjhm2yhck
DT2/BQkxUiHA2clx80+OW3kFlBnyV5xMODH02uREZrFRz3wlT+2a3k5VLZz2feix
Ei19+WTdJZy+Tsaw3HMlH6apX+av2zBwM4c+h5lP5SD/mRglqWO9eIpkkCd2iL3b
xs8g6aLj0GO7jmpJSqYmFMZeraMCAwEAAaOCA+YwggPiMB0GA1UdDgQWBBShINM5
np3JnCzvq3kVWXan86xJSjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0YxQzRBNzlB
MEY4RDExRjA5NThDMzIzQ0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBbgYIKwYBBQUHAQcB
Af8EggFdMIIBWTCCATIEAgABMIIBKgMEAht78AMEAiv3KAMEAiv4mAMEAiv48AME
Ai34AAMEAi34rAMEAmcQHAMEAmcc/AMEAmcoyAMEAGdEFAMEAWdEFgMEAGdEVwME
AmdFGAMEAmdF9AMEAmdGUDAMAwQAZ1tJAwQAZ1tKAwQAZ15TAwQCZ2QEAwQAZ2aT
AwQAZ2c3AwQAZ2lgAwQBZ3x4AwQAZ5kMAwQAZ6SNAwQBZ6VYAwQBZ6VmAwQBZ6ea
AwQBZ6e2AwQBZ6fgAwQBZ6fuAwQBZ6g8AwQBZ6nyAwQCZ6okAwQBZ6pUAwQBZ7dW
AwQAZ7fpAwQBZ74IAwQAZ8BAAwQBZ8BCAwQCZ8asAwQAZ9iMAwQBZ9iOAwQCZ9mE
AwQCZ+CQAwQCdyo4AwQCozVUMAwDBAC0leEDBAK0leAwIQQCAAIwGwMHACABDfHS
QAMHACABDfNuwAMHACQF4QAAADANBgkqhkiG9w0BAQsFAAOCAQEAa0DhexQRYq8K
xknBCT8WOBiHjchOstOE5I9NqfhgSXMn7AWF5Of2j9RHV3iw15zw/dJeUnduSHTs
MlQpBhOs/M36OprBx4Qtzs4WceV8p8ngQO1WT05MyLhvlH+sqoY10ijztQyFXlan
Fl6a67IB51jYZVcxVMcCuuol2VHasJH6Q47+ls1HTwuG2DPBDuF/9Ptc+MuXzAGI
AsGtMOw07Ad28+HPLgWq8IcBAauYeojQUQDeOhLVmPrDiLscMheA1CwRsXPILG8n
DjnzldKEkZbdTUtAxfYEbkALBe66LFknBf5tHVE2ChofHx8pq/t7aey05Hy5I7Y4
7oGomnUsCQ==
-----END CERTIFICATE-----
Generated at Tue May 13 19:44:37 2025 by rpki-client