Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F6973CAC265711F08B890022C4F9AE02.roa
File: F6973CAC265711F08B890022C4F9AE02.roa (raw, json)
Hash identifier: I7sZgOEaKpZJQM56yqYyVw+OxkhrYILZyHISt9HPUgE=
Subject key identifier: B0:E2:89:B4:1C:CE:53:33:CF:83:10:59:2C:CA:D6:AE:EF:2B:60:3D
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: BF41
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F6973CAC265711F08B890022C4F9AE02.roa
Signing time: Tue 01 Jul 2025 13:17:32 +0000
ROA not before: Tue 01 Jul 2025 13:17:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 135872
IP address blocks: 45.251.68.0/22 maxlen: 24
103.59.88.0/24 maxlen: 24
103.60.219.0/24 maxlen: 24
103.135.228.0/23 maxlen: 24
103.151.156.0/23 maxlen: 24
103.165.114.0/23 maxlen: 24
103.171.246.0/23 maxlen: 24
103.175.62.0/23 maxlen: 24
103.175.139.0/24 maxlen: 24
103.175.168.0/23 maxlen: 24
103.175.184.0/23 maxlen: 24
103.177.156.0/23 maxlen: 24
103.179.16.0/23 maxlen: 24
103.185.246.0/24 maxlen: 24
103.186.36.0/23 maxlen: 24
103.188.162.0/23 maxlen: 24
103.205.163.0/24 maxlen: 24
103.211.20.0/22 maxlen: 24
103.211.132.0/22 maxlen: 24
103.234.93.0/24 maxlen: 24
139.5.140.0/24 maxlen: 24
139.5.141.0/24 maxlen: 24
139.5.142.0/24 maxlen: 24
139.5.143.0/24 maxlen: 24
146.196.44.0/22 maxlen: 24
160.238.92.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 09 Jul 2025 15:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48961 (0xbf41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jul 1 13:17:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6863dfec-8035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:28:2f:fa:7d:47:a3:7a:a1:5f:b5:0d:20:59:
40:02:90:5a:24:de:cd:9b:18:3a:06:7c:9f:a0:fb:
d6:be:c8:d9:00:8c:57:fc:b6:33:90:48:7f:df:80:
ce:6f:e9:8f:86:b9:e2:11:5f:ad:80:ee:ff:60:2e:
10:34:9e:6a:09:02:98:f8:83:02:0c:5c:97:7b:d1:
97:e2:e3:43:23:ac:87:2b:a4:f0:52:95:a1:fe:0e:
cd:71:08:ef:74:a2:0d:e4:5e:c1:66:84:5b:c1:a6:
95:21:ce:9b:04:c3:a3:33:62:ac:40:ae:c3:e2:a8:
17:ba:88:0a:79:99:99:c7:04:2e:5c:45:3c:12:77:
a0:b6:ef:ec:7a:26:49:bc:a0:ed:c3:c1:45:e0:6d:
ba:79:9d:7c:be:65:4c:3f:7c:5b:3e:27:b3:b0:18:
05:c6:c2:20:cd:bc:0e:87:a5:a3:7a:ca:7b:d9:35:
53:69:68:45:d1:5c:dc:ea:a1:b9:8c:ce:39:d6:fc:
2d:33:c7:59:d6:be:6b:eb:75:af:70:31:4e:0e:47:
85:58:88:db:81:51:29:e1:f0:20:32:87:9b:51:35:
96:4a:43:da:61:f5:c7:5c:82:b2:21:dd:df:32:87:
e1:5f:ad:ee:d1:17:7f:5f:48:64:67:61:b4:8c:58:
24:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:E2:89:B4:1C:CE:53:33:CF:83:10:59:2C:CA:D6:AE:EF:2B:60:3D
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F6973CAC265711F08B890022C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.251.68.0/22
103.59.88.0/24
103.60.219.0/24
103.135.228.0/23
103.151.156.0/23
103.165.114.0/23
103.171.246.0/23
103.175.62.0/23
103.175.139.0/24
103.175.168.0/23
103.175.184.0/23
103.177.156.0/23
103.179.16.0/23
103.185.246.0/24
103.186.36.0/23
103.188.162.0/23
103.205.163.0/24
103.211.20.0/22
103.211.132.0/22
103.234.93.0/24
139.5.140.0/22
146.196.44.0/22
160.238.92.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:4a:7a:b2:b9:ea:9d:82:5a:a9:4e:32:7a:c6:5b:96:a8:f5:
23:b4:e5:d6:52:70:84:59:e9:59:d5:57:da:78:2b:64:15:69:
97:0c:cc:fc:8f:cc:69:c7:aa:aa:6b:8b:ce:e4:ae:d1:d1:b4:
7a:d4:a4:4a:81:8b:73:db:c0:29:4a:0b:56:c6:83:3b:7d:f4:
b7:dd:ce:a0:6c:c3:3e:9b:c7:2c:ce:b2:53:f4:66:61:8b:09:
b9:f5:e5:8e:e7:14:66:a4:16:76:da:16:39:41:33:bd:2c:9c:
f5:2f:0f:c3:fd:3c:09:8a:e5:24:d9:83:14:28:78:02:6a:50:
1c:c9:8b:8b:25:d0:d0:fa:54:45:5d:cc:38:b1:6c:3f:e1:76:
0f:dc:c3:b6:7b:1e:90:af:ba:3d:ba:5a:b3:6b:80:8a:de:90:
48:ff:b2:38:8d:f6:58:e5:72:fa:e2:d4:93:12:67:bb:de:83:
97:06:78:9a:b7:77:94:5d:f6:2d:61:11:90:19:01:29:b3:23:
e6:99:af:25:0e:10:da:7e:78:e6:30:3b:74:ae:e3:84:ef:68:
80:de:62:57:9e:4b:74:b0:a1:7b:97:10:76:c0:50:b8:e4:48:
17:3a:22:2f:df:de:48:6f:66:63:df:66:5d:fb:fa:8d:f9:37:
cb:a4:26:b9
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIDAL9BMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDcwMTEzMTczMloXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjg2M2RmZWMtODAzNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM0oL/p9R6N6oV+1DSBZQAKQWiTezZsYOgZ8n6D71r7I2QCMV/y2M5BIf9+A
zm/pj4a54hFfrYDu/2AuEDSeagkCmPiDAgxcl3vRl+LjQyOshyuk8FKVof4OzXEI
73SiDeRewWaEW8GmlSHOmwTDozNirECuw+KoF7qICnmZmccELlxFPBJ3oLbv7Hom
Sbyg7cPBReBtunmdfL5lTD98Wz4ns7AYBcbCIM28Doelo3rKe9k1U2loRdFc3Oqh
uYzOOdb8LTPHWda+a+t1r3AxTg5HhViI24FRKeHwIDKHm1E1lkpD2mH1x1yCsiHd
3zKH4V+t7tEXf19IZGdhtIxYJCMCAwEAAaOCAx4wggMaMB0GA1UdDgQWBBSw4om0
HM5TM8+DEFksytau7ytgPTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0Y2OTczQ0FD
MjY1NzExRjA4Qjg5MDAyMkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGnBggrBgEFBQcBBwEB
/wSBlzCBlDCBkQQCAAEwgYoDBAIt+0QDBABnO1gDBABnPNsDBAFnh+QDBAFnl5wD
BAFnpXIDBAFnq/YDBAFnrz4DBABnr4sDBAFnr6gDBAFnr7gDBAFnsZwDBAFnsxAD
BABnufYDBAFnuiQDBAFnvKIDBABnzaMDBAJn0xQDBAJn04QDBABn6l0DBAKLBYwD
BAKSxCwDBAKg7lwwDQYJKoZIhvcNAQELBQADggEBAIpKerK56p2CWqlOMnrGW5ao
9SO05dZScIRZ6VnVV9p4K2QVaZcMzPyPzGnHqqpri87krtHRtHrUpEqBi3PbwClK
C1bGgzt99LfdzqBswz6bxyzOslP0ZmGLCbn15Y7nFGakFnbaFjlBM70snPUvD8P9
PAmK5STZgxQoeAJqUBzJi4sl0ND6VEVdzDixbD/hdg/cw7Z7HpCvuj26WrNrgIre
kEj/sjiN9ljlcvri1JMSZ7veg5cGeJq3d5Rd9i1hEZAZASmzI+aZryUOENp+eOYw
O3Su44TvaIDeYleeS3SwoXuXEHbAULjkSBc6Ii/f3khvZmPfZl37+o35N8ukJrk=
-----END CERTIFICATE-----
Generated at Thu Jul 3 03:47:24 2025 by rpki-client