Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/FBFEBECA10B211EEA9B11345C4F9AE02.roa
File: FBFEBECA10B211EEA9B11345C4F9AE02.roa (raw, json)
Hash identifier: 4+IsQGE9DpxrqXHaGDjhfyFcaRugPanxx+iKmCYBXD4=
Subject key identifier: BD:2F:ED:9E:AE:5F:9E:2F:C0:AC:BA:B0:1A:7F:4E:D5:33:B9:FE:89
Certificate issuer: /CN=A91955C8/serialNumber=C6673D3648F43F4674F5F5EBFCBFA31BB964F64B
Certificate serial: 309F
Authority key identifier: C6:67:3D:36:48:F4:3F:46:74:F5:F5:EB:FC:BF:A3:1B:B9:64:F6:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/FBFEBECA10B211EEA9B11345C4F9AE02.roa
Signing time: Wed 30 Apr 2025 15:52:56 +0000
ROA not before: Wed 30 Apr 2025 15:52:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6453
IP address blocks: 43.241.40.0/22 maxlen: 22
43.241.40.0/24 maxlen: 25
43.241.41.0/24 maxlen: 25
43.241.42.0/24 maxlen: 25
43.241.43.0/25 maxlen: 25
43.241.43.128/25 maxlen: 25
103.16.252.0/22 maxlen: 22
116.0.64.0/19 maxlen: 19
116.0.68.0/24 maxlen: 24
116.0.70.0/24 maxlen: 24
116.0.76.0/24 maxlen: 24
116.0.82.0/24 maxlen: 24
116.0.93.0/24 maxlen: 24
120.29.192.0/19 maxlen: 19
120.29.195.0/24 maxlen: 24
120.29.209.0/24 maxlen: 24
120.29.216.0/24 maxlen: 24
120.29.219.0/24 maxlen: 24
180.87.0.0/17 maxlen: 24
180.87.128.0/18 maxlen: 18
180.87.128.0/24 maxlen: 24
180.87.129.0/24 maxlen: 24
180.87.130.0/24 maxlen: 24
180.87.131.0/24 maxlen: 24
180.87.132.0/24 maxlen: 24
180.87.133.0/24 maxlen: 24
180.87.134.0/24 maxlen: 24
180.87.135.0/24 maxlen: 24
180.87.136.0/24 maxlen: 24
180.87.137.0/24 maxlen: 24
180.87.138.0/24 maxlen: 24
180.87.139.0/24 maxlen: 24
180.87.140.0/24 maxlen: 24
180.87.141.0/24 maxlen: 24
180.87.142.0/24 maxlen: 24
180.87.143.0/24 maxlen: 24
180.87.144.0/24 maxlen: 24
180.87.145.0/24 maxlen: 24
180.87.146.0/24 maxlen: 24
180.87.147.0/24 maxlen: 24
180.87.148.0/24 maxlen: 24
180.87.149.0/24 maxlen: 24
180.87.150.0/24 maxlen: 24
180.87.151.0/24 maxlen: 24
180.87.152.0/24 maxlen: 24
180.87.153.0/24 maxlen: 24
180.87.154.0/24 maxlen: 24
180.87.155.0/24 maxlen: 24
180.87.156.0/24 maxlen: 24
180.87.157.0/24 maxlen: 24
180.87.158.0/24 maxlen: 24
180.87.159.0/24 maxlen: 24
180.87.160.0/24 maxlen: 24
180.87.161.0/24 maxlen: 24
180.87.162.0/24 maxlen: 24
180.87.163.0/24 maxlen: 24
180.87.164.0/24 maxlen: 24
180.87.165.0/24 maxlen: 24
180.87.166.0/24 maxlen: 24
180.87.167.0/24 maxlen: 24
180.87.168.0/24 maxlen: 24
180.87.169.0/24 maxlen: 24
180.87.170.0/24 maxlen: 24
180.87.171.0/24 maxlen: 24
180.87.172.0/24 maxlen: 24
180.87.173.0/24 maxlen: 24
180.87.174.0/24 maxlen: 24
180.87.175.0/24 maxlen: 24
180.87.176.0/24 maxlen: 24
180.87.177.0/24 maxlen: 24
180.87.178.0/24 maxlen: 24
180.87.179.0/24 maxlen: 24
180.87.180.0/24 maxlen: 24
180.87.181.0/24 maxlen: 24
180.87.182.0/24 maxlen: 24
180.87.183.0/24 maxlen: 24
180.87.184.0/24 maxlen: 24
180.87.185.0/24 maxlen: 24
180.87.186.0/24 maxlen: 24
180.87.187.0/24 maxlen: 24
180.87.188.0/24 maxlen: 24
180.87.189.0/24 maxlen: 24
180.87.190.0/24 maxlen: 24
180.87.191.0/24 maxlen: 24
202.183.64.0/20 maxlen: 24
2405:2000::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.crl
rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 21 May 2025 15:30:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12447 (0x309f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91955C8, serialNumber=C6673D3648F43F4674F5F5EBFCBFA31BB964F64B
Validity
Not Before: Apr 30 15:52:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68124758-17d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:2c:a1:a6:e0:fb:90:ad:36:2d:19:d6:8e:81:
82:84:6a:35:89:f9:98:45:ac:a2:3e:4f:1e:bc:88:
6b:a7:bb:56:5f:54:d1:ef:68:b3:d6:16:64:dc:58:
a0:fc:11:7d:5f:6c:5e:a8:83:c5:d0:80:5a:e6:04:
6e:d4:13:13:53:d9:1a:ad:db:0c:dc:14:a2:5a:a0:
af:81:82:64:64:4d:80:f3:58:71:82:f8:de:92:b2:
ad:6f:54:ce:cf:6c:60:b1:b3:e2:84:87:9f:d2:37:
74:a8:2d:13:26:cd:92:14:65:b1:cd:f8:00:60:d7:
11:b7:ad:56:b5:97:b5:8d:18:17:1d:ef:f7:af:33:
22:90:3a:27:da:03:08:b1:21:bf:7e:b4:ee:51:7e:
63:8d:b4:66:bb:3d:1b:fc:fb:c9:67:52:78:68:4c:
5e:86:1b:1e:19:a5:52:fe:26:71:7b:2a:21:e6:aa:
7d:4e:5b:91:a8:76:2d:84:73:d8:84:40:ec:52:cf:
67:ad:ac:42:6b:3e:89:bb:12:a8:f5:c1:c3:a8:c4:
d6:14:1d:ca:2a:01:9f:bb:1a:46:9f:23:38:12:87:
97:69:30:54:2f:0f:9e:7e:63:79:bc:89:47:6f:b3:
d7:1a:aa:27:a0:17:fd:98:ea:f8:f1:62:75:e1:e2:
ec:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:2F:ED:9E:AE:5F:9E:2F:C0:AC:BA:B0:1A:7F:4E:D5:33:B9:FE:89
X509v3 Authority Key Identifier:
keyid:C6:67:3D:36:48:F4:3F:46:74:F5:F5:EB:FC:BF:A3:1B:B9:64:F6:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/FBFEBECA10B211EEA9B11345C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.40.0/22
103.16.252.0/22
116.0.64.0/19
120.29.192.0/19
180.87.0.0-180.87.191.255
202.183.64.0/20
IPv6:
2405:2000::/32
Signature Algorithm: sha256WithRSAEncryption
0a:25:af:a0:bf:25:53:95:53:d4:8e:b7:f6:f5:fa:82:ad:8d:
b9:dc:1a:1d:d6:06:e0:93:9b:eb:57:6c:ad:74:cc:bd:5e:30:
b7:14:a7:ef:f0:53:97:63:b3:a1:3c:aa:26:d4:94:d7:75:b6:
15:81:d3:f0:1e:61:b0:f5:c2:5a:f1:93:57:bc:76:2c:7a:51:
f4:72:17:60:90:0a:63:45:8e:ab:1a:97:a8:f0:f3:93:78:e7:
ca:4d:06:cd:cc:e5:7f:ce:88:ca:d1:a9:a7:b1:e5:40:16:f3:
b3:54:ed:dc:78:10:3b:e1:5b:a3:5a:61:8c:d1:be:16:a9:54:
10:9f:63:bf:ca:10:7c:a1:e8:e1:0a:ca:48:45:10:74:8f:f9:
0f:72:b8:12:df:91:3e:d6:10:97:60:85:7e:0a:f2:6c:bf:57:
5b:d9:10:72:a9:02:83:72:0b:7c:cb:16:e4:9a:0d:31:39:6f:
58:6f:9e:5c:98:c0:38:6d:c6:a4:b1:97:37:b0:24:8f:07:87:
5b:f2:ae:2d:c3:81:80:79:81:05:44:e4:18:a2:06:7b:d8:44:
33:40:94:bc:28:d4:18:e1:ac:50:00:a8:fd:3b:25:a9:cc:b2:
07:52:59:20:e1:37:92:2e:67:cf:2a:0b:49:8f:1e:f3:c9:2e:
de:01:ab:23
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgICMJ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTU1QzgxMTAvBgNVBAUTKEM2NjczRDM2NDhGNDNGNDY3NEY1RjVFQkZDQkZBMzFC
Qjk2NEY2NEIwHhcNMjUwNDMwMTU1MjU2WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODEyNDc1OC0xN2QyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1SyhpuD7kK02LRnWjoGChGo1ifmYRayiPk8evIhrp7tWX1TR72iz1hZk3Fig
/BF9X2xeqIPF0IBa5gRu1BMTU9kardsM3BSiWqCvgYJkZE2A81hxgvjekrKtb1TO
z2xgsbPihIef0jd0qC0TJs2SFGWxzfgAYNcRt61WtZe1jRgXHe/3rzMikDon2gMI
sSG/frTuUX5jjbRmuz0b/PvJZ1J4aExehhseGaVS/iZxeyoh5qp9TluRqHYthHPY
hEDsUs9nraxCaz6JuxKo9cHDqMTWFB3KKgGfuxpGnyM4EoeXaTBULw+efmN5vIlH
b7PXGqonoBf9mOr48WJ14eLszQIDAQABo4ICyTCCAsUwHQYDVR0OBBYEFL0v7Z6u
X54vwKy6sBp/TtUzuf6JMB8GA1UdIwQYMBaAFMZnPTZI9D9GdPX16/y/oxu5ZPZL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NTVDOC85Q0QzRThGNkZG
NTgxMUUyQkI0QjJFM0Y1OTExRUEzMi94bWM5TmtqMFAwWjA5ZlhyX0wtakc3bGs5
a3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3htYzlOa2owUDBaMDlmWHJfTC1qRzdsazlrcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTU1QzgvOUNEM0U4RjZGRjU4MTFFMkJCNEIyRTNGNTkxMUVBMzIvRkJGRUJFQ0Ex
MEIyMTFFRUE5QjExMzQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUwYIKwYBBQUHAQcBAf8E
RDBCMDEEAgABMCsDBAIr8SgDBAJnEPwDBAV0AEADBAV4HcAwCwMDALRXAwQGtFeA
AwQEyrdAMA0EAgACMAcDBQAkBSAAMA0GCSqGSIb3DQEBCwUAA4IBAQAKJa+gvyVT
lVPUjrf29fqCrY253Bod1gbgk5vrV2ytdMy9XjC3FKfv8FOXY7OhPKom1JTXdbYV
gdPwHmGw9cJa8ZNXvHYselH0chdgkApjRY6rGpeo8POTeOfKTQbNzOV/zojK0amn
seVAFvOzVO3ceBA74VujWmGM0b4WqVQQn2O/yhB8oejhCspIRRB0j/kPcrgS35E+
1hCXYIV+CvJsv1db2RByqQKDcgt8yxbkmg0xOW9Yb55cmMA4bcaksZc3sCSPB4db
8q4tw4GAeYEFROQYogZ72EQzQJS8KNQY4axQAKj9OyWpzLIHUlkg4TeSLmfPKgtJ
jx7zyS7eAasj
-----END CERTIFICATE-----
Generated at Fri May 16 07:27:48 2025 by rpki-client