Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FFD7765202FC11F0A888CF27C4F9AE02.roa
File: FFD7765202FC11F0A888CF27C4F9AE02.roa (raw, json)
Hash identifier: JU0FqngLWkrUOG8A3P+nlsxV5lF99Sl5UuyyjVeoUrI=
Subject key identifier: E2:BB:7C:13:C0:51:1D:A1:36:B0:87:F2:F0:51:A9:09:BB:C0:5B:62
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: B9FB
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FFD7765202FC11F0A888CF27C4F9AE02.roa
Signing time: Thu 08 May 2025 16:30:32 +0000
ROA not before: Thu 08 May 2025 16:30:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24554
IP address blocks: 36.255.108.0/22 maxlen: 24
36.255.180.0/22 maxlen: 24
36.255.184.0/22 maxlen: 22
36.255.184.0/24 maxlen: 24
36.255.185.0/24 maxlen: 24
36.255.186.0/24 maxlen: 24
36.255.187.0/24 maxlen: 24
43.224.172.0/22 maxlen: 24
43.241.116.0/22 maxlen: 24
45.116.44.0/22 maxlen: 24
45.117.48.0/22 maxlen: 22
45.117.48.0/24 maxlen: 24
45.117.49.0/24 maxlen: 24
45.117.50.0/24 maxlen: 24
45.117.51.0/24 maxlen: 24
45.117.108.0/22 maxlen: 24
45.117.148.0/22 maxlen: 22
45.117.148.0/24 maxlen: 24
45.117.149.0/24 maxlen: 24
45.117.150.0/24 maxlen: 24
45.117.151.0/24 maxlen: 24
45.117.248.0/22 maxlen: 22
45.117.248.0/24 maxlen: 24
45.117.249.0/24 maxlen: 24
45.117.250.0/24 maxlen: 24
45.117.251.0/24 maxlen: 24
58.146.96.0/19 maxlen: 24
103.29.208.0/22 maxlen: 24
103.51.208.0/22 maxlen: 24
103.53.60.0/22 maxlen: 22
103.53.60.0/24 maxlen: 24
103.53.61.0/24 maxlen: 24
103.53.62.0/24 maxlen: 24
103.53.63.0/24 maxlen: 24
103.53.232.0/22 maxlen: 22
103.53.232.0/24 maxlen: 24
103.53.233.0/24 maxlen: 24
103.53.234.0/24 maxlen: 24
103.53.235.0/24 maxlen: 24
103.54.104.0/22 maxlen: 24
103.57.172.0/22 maxlen: 24
103.195.76.0/22 maxlen: 24
103.200.100.0/22 maxlen: 24
103.200.212.0/22 maxlen: 24
103.203.60.0/22 maxlen: 24
103.234.212.0/22 maxlen: 22
103.234.212.0/24 maxlen: 24
103.234.213.0/24 maxlen: 24
103.234.214.0/24 maxlen: 24
103.234.215.0/24 maxlen: 24
103.234.240.0/22 maxlen: 24
111.125.236.0/24 maxlen: 24
111.125.241.0/24 maxlen: 24
111.125.242.0/24 maxlen: 24
111.125.249.0/24 maxlen: 24
120.138.0.0/22 maxlen: 24
180.148.32.0/19 maxlen: 24
182.237.128.0/18 maxlen: 24
183.87.0.0/21 maxlen: 22
183.87.0.0/24 maxlen: 24
183.87.1.0/24 maxlen: 24
183.87.2.0/24 maxlen: 24
183.87.3.0/24 maxlen: 24
183.87.4.0/24 maxlen: 24
183.87.5.0/24 maxlen: 24
183.87.6.0/24 maxlen: 24
183.87.7.0/24 maxlen: 24
183.87.8.0/22 maxlen: 22
183.87.8.0/24 maxlen: 24
183.87.9.0/24 maxlen: 24
183.87.10.0/24 maxlen: 24
183.87.11.0/24 maxlen: 24
183.87.16.0/22 maxlen: 22
183.87.16.0/24 maxlen: 24
183.87.17.0/24 maxlen: 24
183.87.18.0/24 maxlen: 24
183.87.19.0/24 maxlen: 24
183.87.20.0/22 maxlen: 22
183.87.20.0/24 maxlen: 24
183.87.21.0/24 maxlen: 24
183.87.22.0/24 maxlen: 24
183.87.23.0/24 maxlen: 24
183.87.24.0/22 maxlen: 22
183.87.24.0/24 maxlen: 24
183.87.25.0/24 maxlen: 24
183.87.26.0/24 maxlen: 24
183.87.27.0/24 maxlen: 24
183.87.28.0/22 maxlen: 22
183.87.28.0/24 maxlen: 24
183.87.29.0/24 maxlen: 24
183.87.30.0/24 maxlen: 24
183.87.31.0/24 maxlen: 24
183.87.224.0/20 maxlen: 24
202.177.224.0/19 maxlen: 19
202.177.224.0/22 maxlen: 22
202.177.224.0/24 maxlen: 24
202.177.225.0/24 maxlen: 24
202.177.226.0/24 maxlen: 24
202.177.227.0/24 maxlen: 24
202.177.228.0/22 maxlen: 22
202.177.228.0/24 maxlen: 24
202.177.229.0/24 maxlen: 24
202.177.230.0/24 maxlen: 24
202.177.231.0/24 maxlen: 24
202.177.232.0/22 maxlen: 22
202.177.232.0/24 maxlen: 24
202.177.233.0/24 maxlen: 24
202.177.234.0/24 maxlen: 24
202.177.235.0/24 maxlen: 24
202.177.236.0/22 maxlen: 22
202.177.236.0/24 maxlen: 24
202.177.237.0/24 maxlen: 24
202.177.238.0/24 maxlen: 24
202.177.239.0/24 maxlen: 24
202.177.240.0/22 maxlen: 22
202.177.240.0/24 maxlen: 24
202.177.241.0/24 maxlen: 24
202.177.242.0/24 maxlen: 24
202.177.243.0/24 maxlen: 24
202.177.244.0/22 maxlen: 22
202.177.244.0/24 maxlen: 24
202.177.245.0/24 maxlen: 24
202.177.246.0/24 maxlen: 24
202.177.247.0/24 maxlen: 24
202.177.248.0/22 maxlen: 22
202.177.248.0/24 maxlen: 24
202.177.249.0/24 maxlen: 24
202.177.250.0/24 maxlen: 24
202.177.251.0/24 maxlen: 24
202.177.252.0/22 maxlen: 22
202.177.252.0/24 maxlen: 24
202.177.253.0/24 maxlen: 24
202.177.254.0/24 maxlen: 24
202.177.255.0/24 maxlen: 24
2402:b00::/32 maxlen: 32
2402:b00::/40 maxlen: 48
2402:b00:100::/40 maxlen: 48
2402:b00:200::/40 maxlen: 48
2402:b00:fffb::/48 maxlen: 48
2402:b00:fffc::/48 maxlen: 48
2402:b00:fffd::/48 maxlen: 48
2402:b00:fffe::/48 maxlen: 48
2402:b00:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 21 May 2025 15:25:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47611 (0xb9fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 8 16:30:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=681cdc28-3b43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:75:f5:d0:12:b2:bd:56:a0:6a:3c:98:53:28:
72:26:1b:59:6f:1d:e4:79:0f:d8:b8:57:a4:37:90:
19:0d:56:39:ff:dc:a3:d9:ed:e0:38:1c:71:7b:16:
1c:b6:29:93:41:79:9d:96:80:40:61:77:18:56:7b:
7e:4c:3e:4c:87:85:25:41:01:a3:26:08:a7:a0:52:
8d:5a:90:47:d2:37:8a:72:b4:c5:80:b5:48:fb:d9:
c9:f2:dc:1f:3c:34:ac:a1:f3:1f:b8:eb:80:0d:08:
d7:02:72:3a:33:b5:64:fd:9d:5e:a7:6b:6a:6f:2d:
cc:01:f2:a5:07:6e:dd:50:75:0f:08:05:4e:eb:53:
c1:ce:ca:a5:a9:b3:9c:97:31:6e:d6:a3:eb:32:71:
08:ce:d9:cf:7a:80:3b:2a:6d:52:55:25:66:1e:fd:
f0:a4:54:ab:35:1d:a5:a3:f0:c9:a1:6d:e4:71:5f:
de:c5:e3:4c:d6:11:4a:af:a9:ca:4e:c9:c4:4d:77:
10:ba:0d:b3:e5:af:30:a7:a3:17:1a:89:46:12:5f:
a8:10:d6:3c:61:51:23:f4:4a:44:b0:6b:14:33:8f:
d4:93:fc:53:9e:55:27:92:a2:d9:35:b1:47:83:76:
03:9a:d1:82:cf:10:73:cd:84:39:b1:8d:7c:a0:8e:
90:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:BB:7C:13:C0:51:1D:A1:36:B0:87:F2:F0:51:A9:09:BB:C0:5B:62
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FFD7765202FC11F0A888CF27C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.108.0/22
36.255.180.0-36.255.187.255
43.224.172.0/22
43.241.116.0/22
45.116.44.0/22
45.117.48.0/22
45.117.108.0/22
45.117.148.0/22
45.117.248.0/22
58.146.96.0/19
103.29.208.0/22
103.51.208.0/22
103.53.60.0/22
103.53.232.0/22
103.54.104.0/22
103.57.172.0/22
103.195.76.0/22
103.200.100.0/22
103.200.212.0/22
103.203.60.0/22
103.234.212.0/22
103.234.240.0/22
111.125.236.0/24
111.125.241.0-111.125.242.255
111.125.249.0/24
120.138.0.0/22
180.148.32.0/19
182.237.128.0/18
183.87.0.0-183.87.11.255
183.87.16.0/20
183.87.224.0/20
202.177.224.0/19
IPv6:
2402:b00::/32
Signature Algorithm: sha256WithRSAEncryption
60:c6:11:54:9d:8b:8d:00:bb:45:6d:67:cc:b4:b7:ff:7b:80:
af:67:79:c1:a3:d4:42:34:67:5d:3a:c8:03:a8:85:89:b8:a4:
6b:6d:cb:ad:8f:c4:d9:90:b0:92:06:bc:2b:25:bd:07:63:82:
6e:ee:0f:38:45:32:01:bb:f4:f4:d0:f5:80:02:75:5a:aa:c8:
e8:9c:62:3a:4a:3e:08:28:f9:7d:0a:c0:9f:4b:2e:6d:a2:bd:
f4:ec:02:39:5c:e7:3a:a8:2e:ee:f9:aa:0f:ca:4f:43:88:a4:
0f:82:4c:d8:c4:28:13:8c:12:a9:c7:ee:47:14:29:f3:1c:58:
a1:e0:5c:56:ea:1f:a4:45:22:1d:f2:22:42:d3:9e:94:a7:e7:
62:49:5c:34:a5:05:76:1f:d7:bf:0b:7e:ba:10:92:7a:ca:e1:
b1:cc:a5:fa:70:f9:f1:c5:43:b5:48:72:fd:c1:0c:e5:5f:bf:
d3:b8:c3:90:fd:d2:34:39:6f:1c:49:c6:b4:cc:97:12:3d:39:
3f:06:ab:85:58:97:9e:11:06:ae:6c:51:3c:11:1d:7e:57:9a:
87:70:2d:0e:06:c1:08:74:fc:51:86:ef:54:2d:9b:88:ac:c9:
50:17:a9:b1:61:fd:a5:2c:40:61:ad:75:78:b8:7a:80:c0:7f:
77:1c:7f:25
-----BEGIN CERTIFICATE-----
MIIGWDCCBUCgAwIBAgIDALn7MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUwODE2MzAzMloXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgxY2RjMjgtM2I0MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJ19dASsr1WoGo8mFMociYbWW8d5HkP2LhXpDeQGQ1WOf/co9nt4DgccXsW
HLYpk0F5nZaAQGF3GFZ7fkw+TIeFJUEBoyYIp6BSjVqQR9I3inK0xYC1SPvZyfLc
Hzw0rKHzH7jrgA0I1wJyOjO1ZP2dXqdram8tzAHypQdu3VB1DwgFTutTwc7Kpamz
nJcxbtaj6zJxCM7Zz3qAOyptUlUlZh798KRUqzUdpaPwyaFt5HFf3sXjTNYRSq+p
yk7JxE13ELoNs+WvMKejFxqJRhJfqBDWPGFRI/RKRLBrFDOP1JP8U55VJ5Ki2TWx
R4N2A5rRgs8Qc82EObGNfKCOkLMCAwEAAaOCA3swggN3MB0GA1UdDgQWBBTiu3wT
wFEdoTawh/LwUakJu8BbYjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0ZGRDc3NjUy
MDJGQzExRjBBODg4Q0YyN0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBAwYIKwYBBQUHAQcB
Af8EgfMwgfAwgd4EAgABMIHXAwQCJP9sMAwDBAIk/7QDBAIk/7gDBAIr4KwDBAIr
8XQDBAItdCwDBAItdTADBAItdWwDBAItdZQDBAItdfgDBAU6kmADBAJnHdADBAJn
M9ADBAJnNTwDBAJnNegDBAJnNmgDBAJnOawDBAJnw0wDBAJnyGQDBAJnyNQDBAJn
yzwDBAJn6tQDBAJn6vADBABvfewwDAMEAG998QMEAG998gMEAG99+QMEAniKAAME
BbSUIAMEBrbtgDALAwMAt1cDBAK3VwgDBAS3VxADBAS3V+ADBAXKseAwDQQCAAIw
BwMFACQCCwAwDQYJKoZIhvcNAQELBQADggEBAGDGEVSdi40Au0VtZ8y0t/97gK9n
ecGj1EI0Z106yAOohYm4pGtty62PxNmQsJIGvCslvQdjgm7uDzhFMgG79PTQ9YAC
dVqqyOicYjpKPggo+X0KwJ9LLm2ivfTsAjlc5zqoLu75qg/KT0OIpA+CTNjEKBOM
EqnH7kcUKfMcWKHgXFbqH6RFIh3yIkLTnpSn52JJXDSlBXYf178LfroQknrK4bHM
pfpw+fHFQ7VIcv3BDOVfv9O4w5D90jQ5bxxJxrTMlxI9OT8Gq4VYl54RBq5sUTwR
HX5XmodwLQ4GwQh0/FGG71Qtm4isyVAXqbFh/aUsQGGtdXi4eoDAf3ccfyU=
-----END CERTIFICATE-----
Generated at Wed May 14 19:41:18 2025 by rpki-client