Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919EDE5/4A2B6CCE1D9E11E29CA3098E08B02CD2/450B9058E3B511EF8A23824BC4F9AE02.roa
File: 450B9058E3B511EF8A23824BC4F9AE02.roa (raw, json)
Hash identifier: 4hXXGwZ0FWApQz+whfMxiiIRXcDlazyJkk1NgFoELqg=
Subject key identifier: C8:C6:12:B6:15:ED:45:CD:99:DC:5B:A1:0E:C8:8E:54:A9:55:82:E2
Certificate issuer: /CN=A919EDE5/serialNumber=23E983EB8BB7F86BA59235241A10160C8052C64E
Certificate serial: 3497
Authority key identifier: 23:E9:83:EB:8B:B7:F8:6B:A5:92:35:24:1A:10:16:0C:80:52:C6:4E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I-mD64u3-GulkjUkGhAWDIBSxk4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919EDE5/4A2B6CCE1D9E11E29CA3098E08B02CD2/450B9058E3B511EF8A23824BC4F9AE02.roa
Signing time: Thu 15 May 2025 12:14:58 +0000
ROA not before: Thu 15 May 2025 12:14:57 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 132618
IP address blocks: 49.237.64.0/21 maxlen: 21
49.237.64.0/24 maxlen: 24
49.237.65.0/24 maxlen: 24
49.237.66.0/24 maxlen: 24
49.237.67.0/24 maxlen: 24
49.237.68.0/24 maxlen: 24
49.237.69.0/24 maxlen: 24
49.237.70.0/24 maxlen: 24
49.237.71.0/24 maxlen: 24
49.237.72.0/21 maxlen: 21
49.237.72.0/24 maxlen: 24
49.237.73.0/24 maxlen: 24
49.237.74.0/24 maxlen: 24
49.237.75.0/24 maxlen: 24
49.237.76.0/24 maxlen: 24
49.237.77.0/24 maxlen: 24
49.237.78.0/24 maxlen: 24
49.237.79.0/24 maxlen: 24
49.237.80.0/21 maxlen: 21
49.237.80.0/24 maxlen: 24
49.237.81.0/24 maxlen: 24
49.237.82.0/24 maxlen: 24
49.237.83.0/24 maxlen: 24
49.237.84.0/24 maxlen: 24
49.237.85.0/24 maxlen: 24
49.237.86.0/24 maxlen: 24
49.237.87.0/24 maxlen: 24
49.237.88.0/21 maxlen: 21
49.237.88.0/24 maxlen: 24
49.237.89.0/24 maxlen: 24
49.237.90.0/24 maxlen: 24
49.237.91.0/24 maxlen: 24
49.237.92.0/24 maxlen: 24
49.237.93.0/24 maxlen: 24
49.237.94.0/24 maxlen: 24
49.237.95.0/24 maxlen: 24
49.237.96.0/21 maxlen: 21
49.237.112.0/21 maxlen: 21
49.237.204.0/23 maxlen: 23
223.24.172.0/23 maxlen: 23
223.24.192.0/21 maxlen: 21
223.24.192.0/24 maxlen: 24
223.24.193.0/24 maxlen: 24
223.24.194.0/24 maxlen: 24
223.24.195.0/24 maxlen: 24
223.24.196.0/24 maxlen: 24
223.24.197.0/24 maxlen: 24
223.24.198.0/24 maxlen: 24
223.24.199.0/24 maxlen: 24
223.24.200.0/21 maxlen: 21
223.24.200.0/24 maxlen: 24
223.24.201.0/24 maxlen: 24
223.24.202.0/24 maxlen: 24
223.24.203.0/24 maxlen: 24
223.24.204.0/24 maxlen: 24
223.24.205.0/24 maxlen: 24
223.24.206.0/24 maxlen: 24
223.24.207.0/24 maxlen: 24
223.24.208.0/21 maxlen: 21
223.24.208.0/24 maxlen: 24
223.24.209.0/24 maxlen: 24
223.24.210.0/24 maxlen: 24
223.24.211.0/24 maxlen: 24
223.24.212.0/24 maxlen: 24
223.24.213.0/24 maxlen: 24
223.24.214.0/24 maxlen: 24
223.24.215.0/24 maxlen: 24
223.24.216.0/21 maxlen: 21
223.24.216.0/24 maxlen: 24
223.24.217.0/24 maxlen: 24
223.24.218.0/24 maxlen: 24
223.24.219.0/24 maxlen: 24
223.24.220.0/24 maxlen: 24
223.24.221.0/24 maxlen: 24
223.24.222.0/24 maxlen: 24
223.24.223.0/24 maxlen: 24
223.24.224.0/21 maxlen: 21
223.24.240.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919EDE5/4A2B6CCE1D9E11E29CA3098E08B02CD2/I-mD64u3-GulkjUkGhAWDIBSxk4.crl
rsync://rpki.apnic.net/member_repository/A919EDE5/4A2B6CCE1D9E11E29CA3098E08B02CD2/I-mD64u3-GulkjUkGhAWDIBSxk4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I-mD64u3-GulkjUkGhAWDIBSxk4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 22 May 2025 12:50:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13463 (0x3497)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919EDE5, serialNumber=23E983EB8BB7F86BA59235241A10160C8052C64E
Validity
Not Before: May 15 12:14:57 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6825dac1-4e7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:10:e1:00:cc:bc:5d:45:72:6a:28:e9:d3:5d:
39:c0:34:2d:d4:eb:8f:ad:ac:1d:80:70:c3:5e:24:
53:cf:ca:3e:6e:a9:c3:57:e9:9a:1c:42:eb:1e:ba:
56:9c:d6:b2:ea:c4:ac:e8:78:db:96:18:99:c9:fa:
7a:8f:65:aa:8c:a4:bb:ee:23:74:39:cd:35:9b:c2:
73:bb:07:0d:f5:7e:5b:6b:92:ea:ef:d3:05:01:7d:
a0:67:c7:6e:90:b9:5e:f0:1e:64:41:19:03:87:d7:
d2:74:09:00:fb:99:0f:54:31:cc:a3:eb:3d:2b:1d:
d6:38:6d:6e:39:97:bd:aa:eb:0b:ba:77:d8:a8:9b:
f6:f2:c6:55:f7:4d:a7:95:37:da:c2:a0:89:e0:c3:
ca:47:ad:06:99:ec:4f:34:3d:8f:a9:48:f2:da:6b:
fc:e5:11:9a:e4:d4:be:91:a7:2e:33:43:96:c4:84:
f1:97:15:96:59:16:c4:3b:ac:bc:9a:b9:6e:cc:1b:
a9:10:ce:5e:57:8c:47:df:17:e8:dc:f8:09:45:0d:
74:fa:62:c5:d7:31:45:b3:84:20:47:87:60:14:14:
e1:b2:10:c8:2a:5f:61:7b:50:83:cb:38:4a:bc:5f:
84:76:e2:13:37:10:37:37:4e:51:1e:a4:38:ff:0a:
86:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:C6:12:B6:15:ED:45:CD:99:DC:5B:A1:0E:C8:8E:54:A9:55:82:E2
X509v3 Authority Key Identifier:
keyid:23:E9:83:EB:8B:B7:F8:6B:A5:92:35:24:1A:10:16:0C:80:52:C6:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919EDE5/4A2B6CCE1D9E11E29CA3098E08B02CD2/I-mD64u3-GulkjUkGhAWDIBSxk4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I-mD64u3-GulkjUkGhAWDIBSxk4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EDE5/4A2B6CCE1D9E11E29CA3098E08B02CD2/450B9058E3B511EF8A23824BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.237.64.0-49.237.103.255
49.237.112.0/21
49.237.204.0/23
223.24.172.0/23
223.24.192.0-223.24.231.255
223.24.240.0/21
Signature Algorithm: sha256WithRSAEncryption
3e:cd:bb:1a:0f:95:35:f7:a1:c2:45:75:8c:be:69:52:b5:37:
5f:de:80:eb:a4:b0:a8:ad:c6:d9:5b:00:3c:6f:3b:ee:a6:60:
4c:78:13:8b:91:81:3e:51:4e:a6:43:df:79:af:0b:c0:cd:92:
44:cd:a7:3f:4d:e1:ad:cf:3b:34:4e:18:8b:a6:a4:bc:9a:6a:
6d:3b:0c:24:77:52:70:fa:6d:50:0b:48:2f:c1:1f:46:4d:1e:
ff:2a:49:1f:ad:ee:0a:5f:e7:9c:5e:ac:48:17:4e:2d:e4:32:
4d:f4:db:58:da:84:08:48:75:2f:b7:44:cb:78:93:41:a3:a8:
5f:75:f0:ba:3f:5c:a7:7a:55:9d:41:ff:b4:53:7c:21:5f:94:
02:d1:59:63:8c:73:01:0e:5c:6c:98:66:94:d4:bb:67:0d:0a:
15:83:ff:3d:1a:93:e7:18:ff:33:65:92:fc:78:3a:9d:d6:16:
48:d5:cb:02:70:05:ed:36:5b:a1:3f:c4:b4:31:b5:57:d0:a2:
e4:69:f8:15:6a:9f:2c:7a:ec:72:8b:d5:b5:b7:da:e1:b1:65:
01:b2:25:c4:51:cc:1a:18:7c:8c:77:2f:2f:d6:5c:14:2b:59:
6a:8e:68:0b:48:0c:2c:2a:94:63:10:10:69:19:f5:df:ba:7b:
2f:da:24:c0
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgICNJcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUVERTUxMTAvBgNVBAUTKDIzRTk4M0VCOEJCN0Y4NkJBNTkyMzUyNDFBMTAxNjBD
ODA1MkM2NEUwHhcNMjUwNTE1MTIxNDU3WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODI1ZGFjMS00ZTdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwBDhAMy8XUVyaijp0105wDQt1OuPrawdgHDDXiRTz8o+bqnDV+maHELrHrpW
nNay6sSs6HjblhiZyfp6j2WqjKS77iN0Oc01m8JzuwcN9X5ba5Lq79MFAX2gZ8du
kLle8B5kQRkDh9fSdAkA+5kPVDHMo+s9Kx3WOG1uOZe9qusLunfYqJv28sZV902n
lTfawqCJ4MPKR60GmexPND2PqUjy2mv85RGa5NS+kacuM0OWxITxlxWWWRbEO6y8
mrluzBupEM5eV4xH3xfo3PgJRQ10+mLF1zFFs4QgR4dgFBThshDIKl9he1CDyzhK
vF+EduITNxA3N05RHqQ4/wqG0QIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFMjGErYV
7UXNmdxboQ7IjlSpVYLiMB8GA1UdIwQYMBaAFCPpg+uLt/hrpZI1JBoQFgyAUsZO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RURFNS80QTJCNkNDRTFE
OUUxMUUyOUNBMzA5OEUwOEIwMkNEMi9JLW1ENjR1My1HdWxralVrR2hBV0RJQlN4
azQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ktbUQ2NHUzLUd1bGtqVWtHaEFXRElCU3hrNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUVERTUvNEEyQjZDQ0UxRDlFMTFFMjlDQTMwOThFMDhCMDJDRDIvNDUwQjkwNThF
M0I1MTFFRjhBMjM4MjRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTQYIKwYBBQUHAQcBAf8E
PjA8MDoEAgABMDQwDAMEBjHtQAMEAzHtYAMEAzHtcAMEATHtzAMEAd8YrDAMAwQG
3xjAAwQD3xjgAwQD3xjwMA0GCSqGSIb3DQEBCwUAA4IBAQA+zbsaD5U196HCRXWM
vmlStTdf3oDrpLCorcbZWwA8bzvupmBMeBOLkYE+UU6mQ995rwvAzZJEzac/TeGt
zzs0ThiLpqS8mmptOwwkd1Jw+m1QC0gvwR9GTR7/Kkkfre4KX+ecXqxIF04t5DJN
9NtY2oQISHUvt0TLeJNBo6hfdfC6P1ynelWdQf+0U3whX5QC0VljjHMBDlxsmGaU
1LtnDQoVg/89GpPnGP8zZZL8eDqd1hZI1csCcAXtNluhP8S0MbVX0KLkafgVap8s
euxyi9W1t9rhsWUBsiXEUcwaGHyMdy8v1lwUK1lqjmgLSAwsKpRjEBBpGfXfunsv
2iTA
-----END CERTIFICATE-----
Generated at Fri May 16 09:57:16 2025 by rpki-client