Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919EDE5/4A2B6CCE1D9E11E29CA3098E08B02CD2/450B9058E3B511EF8A23824BC4F9AE02.roa
File: 450B9058E3B511EF8A23824BC4F9AE02.roa (raw, json)
Hash identifier: qBvM1ocHNLWqsae3sXlaLmM1xegZdbEXSnEFnb8zr9w=
Subject key identifier: 66:17:25:1E:2B:B0:90:96:B5:BE:B7:70:D9:B1:B4:DE:0C:F5:89:3B
Certificate issuer: /CN=A919EDE5/serialNumber=23E983EB8BB7F86BA59235241A10160C8052C64E
Certificate serial: 34BA
Authority key identifier: 23:E9:83:EB:8B:B7:F8:6B:A5:92:35:24:1A:10:16:0C:80:52:C6:4E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I-mD64u3-GulkjUkGhAWDIBSxk4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919EDE5/4A2B6CCE1D9E11E29CA3098E08B02CD2/450B9058E3B511EF8A23824BC4F9AE02.roa
Signing time: Tue 24 Jun 2025 03:01:54 +0000
ROA not before: Tue 24 Jun 2025 03:01:54 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 132618
IP address blocks: 49.237.8.0/22 maxlen: 22
49.237.8.0/24 maxlen: 24
49.237.9.0/24 maxlen: 24
49.237.10.0/24 maxlen: 24
49.237.11.0/24 maxlen: 24
49.237.32.0/22 maxlen: 22
49.237.32.0/24 maxlen: 24
49.237.33.0/24 maxlen: 24
49.237.34.0/24 maxlen: 24
49.237.35.0/24 maxlen: 24
49.237.64.0/21 maxlen: 21
49.237.64.0/24 maxlen: 24
49.237.65.0/24 maxlen: 24
49.237.66.0/24 maxlen: 24
49.237.67.0/24 maxlen: 24
49.237.68.0/24 maxlen: 24
49.237.69.0/24 maxlen: 24
49.237.70.0/24 maxlen: 24
49.237.71.0/24 maxlen: 24
49.237.72.0/21 maxlen: 21
49.237.72.0/24 maxlen: 24
49.237.73.0/24 maxlen: 24
49.237.74.0/24 maxlen: 24
49.237.75.0/24 maxlen: 24
49.237.76.0/24 maxlen: 24
49.237.77.0/24 maxlen: 24
49.237.78.0/24 maxlen: 24
49.237.79.0/24 maxlen: 24
49.237.80.0/21 maxlen: 21
49.237.80.0/24 maxlen: 24
49.237.81.0/24 maxlen: 24
49.237.82.0/24 maxlen: 24
49.237.83.0/24 maxlen: 24
49.237.84.0/24 maxlen: 24
49.237.85.0/24 maxlen: 24
49.237.86.0/24 maxlen: 24
49.237.87.0/24 maxlen: 24
49.237.88.0/21 maxlen: 21
49.237.88.0/24 maxlen: 24
49.237.89.0/24 maxlen: 24
49.237.90.0/24 maxlen: 24
49.237.91.0/24 maxlen: 24
49.237.92.0/24 maxlen: 24
49.237.93.0/24 maxlen: 24
49.237.94.0/24 maxlen: 24
49.237.95.0/24 maxlen: 24
49.237.96.0/21 maxlen: 21
49.237.112.0/21 maxlen: 21
49.237.168.0/22 maxlen: 22
49.237.168.0/24 maxlen: 24
49.237.169.0/24 maxlen: 24
49.237.170.0/24 maxlen: 24
49.237.171.0/24 maxlen: 24
49.237.176.0/22 maxlen: 22
49.237.176.0/24 maxlen: 24
49.237.177.0/24 maxlen: 24
49.237.178.0/24 maxlen: 24
49.237.179.0/24 maxlen: 24
49.237.204.0/23 maxlen: 23
223.24.172.0/23 maxlen: 23
223.24.192.0/21 maxlen: 21
223.24.192.0/24 maxlen: 24
223.24.193.0/24 maxlen: 24
223.24.194.0/24 maxlen: 24
223.24.195.0/24 maxlen: 24
223.24.196.0/24 maxlen: 24
223.24.197.0/24 maxlen: 24
223.24.198.0/24 maxlen: 24
223.24.199.0/24 maxlen: 24
223.24.200.0/21 maxlen: 21
223.24.200.0/24 maxlen: 24
223.24.201.0/24 maxlen: 24
223.24.202.0/24 maxlen: 24
223.24.203.0/24 maxlen: 24
223.24.204.0/24 maxlen: 24
223.24.205.0/24 maxlen: 24
223.24.206.0/24 maxlen: 24
223.24.207.0/24 maxlen: 24
223.24.208.0/21 maxlen: 21
223.24.208.0/24 maxlen: 24
223.24.209.0/24 maxlen: 24
223.24.210.0/24 maxlen: 24
223.24.211.0/24 maxlen: 24
223.24.212.0/24 maxlen: 24
223.24.213.0/24 maxlen: 24
223.24.214.0/24 maxlen: 24
223.24.215.0/24 maxlen: 24
223.24.216.0/21 maxlen: 21
223.24.216.0/24 maxlen: 24
223.24.217.0/24 maxlen: 24
223.24.218.0/24 maxlen: 24
223.24.219.0/24 maxlen: 24
223.24.220.0/24 maxlen: 24
223.24.221.0/24 maxlen: 24
223.24.222.0/24 maxlen: 24
223.24.223.0/24 maxlen: 24
223.24.224.0/21 maxlen: 21
223.24.240.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919EDE5/4A2B6CCE1D9E11E29CA3098E08B02CD2/I-mD64u3-GulkjUkGhAWDIBSxk4.crl
rsync://rpki.apnic.net/member_repository/A919EDE5/4A2B6CCE1D9E11E29CA3098E08B02CD2/I-mD64u3-GulkjUkGhAWDIBSxk4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I-mD64u3-GulkjUkGhAWDIBSxk4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 09 Jul 2025 15:04:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13498 (0x34ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919EDE5, serialNumber=23E983EB8BB7F86BA59235241A10160C8052C64E
Validity
Not Before: Jun 24 03:01:54 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=685a1521-cd49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:a5:05:90:a9:ae:8c:e1:8e:97:f7:9c:94:10:
fc:72:5b:1b:74:5d:6c:4a:6e:cc:04:c4:b0:e7:d0:
20:69:86:63:be:a3:7a:67:9a:35:c0:bc:c0:85:bf:
70:c2:9c:5e:2c:82:b0:2b:5b:93:10:b8:27:f6:7e:
82:33:56:bd:ae:8b:a0:fb:e6:49:75:5e:e9:37:87:
45:4b:0a:97:34:3f:ba:45:33:b0:59:57:e0:60:3c:
c2:e4:29:18:6c:8c:39:90:73:3d:51:52:a1:4d:3d:
e4:68:40:ec:42:69:e1:5d:bc:6b:36:7d:48:f1:46:
66:c4:eb:3a:1e:8a:41:e8:35:34:fe:96:e5:ce:e6:
07:5e:08:77:41:72:f6:af:cc:02:9f:91:ff:21:39:
f2:7f:a4:ea:7d:65:88:b3:06:13:47:b9:d3:64:fa:
62:c4:d6:e4:c0:c1:e0:a1:66:8a:0a:99:b0:a6:67:
60:49:ae:4f:89:cb:4f:26:42:23:22:02:18:9a:00:
e9:d1:6c:6c:46:57:0d:46:a1:c0:c0:58:00:74:91:
d9:26:f7:a6:96:7b:2b:c1:86:b0:da:ac:9f:81:26:
9a:23:7f:37:11:14:2d:db:c4:67:f2:71:3c:19:27:
c0:99:76:b1:7c:54:e0:83:ec:b2:76:0b:bc:f3:bd:
63:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:17:25:1E:2B:B0:90:96:B5:BE:B7:70:D9:B1:B4:DE:0C:F5:89:3B
X509v3 Authority Key Identifier:
keyid:23:E9:83:EB:8B:B7:F8:6B:A5:92:35:24:1A:10:16:0C:80:52:C6:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919EDE5/4A2B6CCE1D9E11E29CA3098E08B02CD2/I-mD64u3-GulkjUkGhAWDIBSxk4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I-mD64u3-GulkjUkGhAWDIBSxk4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EDE5/4A2B6CCE1D9E11E29CA3098E08B02CD2/450B9058E3B511EF8A23824BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.237.8.0/22
49.237.32.0/22
49.237.64.0-49.237.103.255
49.237.112.0/21
49.237.168.0/22
49.237.176.0/22
49.237.204.0/23
223.24.172.0/23
223.24.192.0-223.24.231.255
223.24.240.0/21
Signature Algorithm: sha256WithRSAEncryption
16:4a:33:c0:db:ba:f0:03:db:8f:36:ec:aa:a6:92:74:e9:85:
97:a7:76:69:55:c2:0e:13:74:41:57:47:79:29:7d:bd:24:94:
53:c7:7f:bb:65:d0:cc:c6:68:f4:c2:84:8b:f4:5e:72:dc:b8:
6d:51:3f:6c:73:05:60:99:a0:cb:01:62:ab:f9:a1:32:16:6c:
dd:78:3c:79:81:5c:22:cf:dc:dd:bf:0f:ac:49:5f:a3:57:10:
3a:34:9d:47:3d:30:c8:33:ae:ed:6b:68:b6:14:c8:b6:61:69:
c7:93:5e:76:af:2f:64:ed:96:61:5d:0a:5e:e8:6c:f4:58:b1:
4b:21:4d:73:01:ce:77:3a:10:2c:71:34:33:62:ba:71:08:f3:
24:d8:72:73:e3:d1:c1:45:f1:aa:4d:63:39:47:83:d4:d0:5a:
d0:ce:95:95:60:f1:56:7b:e1:75:96:43:ea:df:93:fe:cf:f9:
a6:9b:8f:91:e1:cf:c1:29:70:2e:bf:a7:e5:ac:7f:7a:72:81:
85:46:ab:91:48:33:f2:c8:6d:bd:f0:fc:92:33:b3:25:8a:42:
a1:ac:30:47:2d:7f:a6:56:7c:15:54:30:96:10:52:78:68:f0:
58:d1:9a:8b:6d:c6:37:1e:59:81:d3:d8:3e:c2:1d:0f:6f:51:
76:74:b7:e5
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgICNLowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUVERTUxMTAvBgNVBAUTKDIzRTk4M0VCOEJCN0Y4NkJBNTkyMzUyNDFBMTAxNjBD
ODA1MkM2NEUwHhcNMjUwNjI0MDMwMTU0WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODVhMTUyMS1jZDQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5qUFkKmujOGOl/eclBD8clsbdF1sSm7MBMSw59AgaYZjvqN6Z5o1wLzAhb9w
wpxeLIKwK1uTELgn9n6CM1a9roug++ZJdV7pN4dFSwqXND+6RTOwWVfgYDzC5CkY
bIw5kHM9UVKhTT3kaEDsQmnhXbxrNn1I8UZmxOs6HopB6DU0/pblzuYHXgh3QXL2
r8wCn5H/ITnyf6TqfWWIswYTR7nTZPpixNbkwMHgoWaKCpmwpmdgSa5PictPJkIj
IgIYmgDp0WxsRlcNRqHAwFgAdJHZJvemlnsrwYaw2qyfgSaaI383ERQt28Rn8nE8
GSfAmXaxfFTgg+yydgu8871j6wIDAQABo4IC2zCCAtcwHQYDVR0OBBYEFGYXJR4r
sJCWtb63cNmxtN4M9Yk7MB8GA1UdIwQYMBaAFCPpg+uLt/hrpZI1JBoQFgyAUsZO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RURFNS80QTJCNkNDRTFE
OUUxMUUyOUNBMzA5OEUwOEIwMkNEMi9JLW1ENjR1My1HdWxralVrR2hBV0RJQlN4
azQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ktbUQ2NHUzLUd1bGtqVWtHaEFXRElCU3hrNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUVERTUvNEEyQjZDQ0UxRDlFMTFFMjlDQTMwOThFMDhCMDJDRDIvNDUwQjkwNThF
M0I1MTFFRjhBMjM4MjRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZQYIKwYBBQUHAQcBAf8E
VjBUMFIEAgABMEwDBAIx7QgDBAIx7SAwDAMEBjHtQAMEAzHtYAMEAzHtcAMEAjHt
qAMEAjHtsAMEATHtzAMEAd8YrDAMAwQG3xjAAwQD3xjgAwQD3xjwMA0GCSqGSIb3
DQEBCwUAA4IBAQAWSjPA27rwA9uPNuyqppJ06YWXp3ZpVcIOE3RBV0d5KX29JJRT
x3+7ZdDMxmj0woSL9F5y3LhtUT9scwVgmaDLAWKr+aEyFmzdeDx5gVwiz9zdvw+s
SV+jVxA6NJ1HPTDIM67ta2i2FMi2YWnHk152ry9k7ZZhXQpe6Gz0WLFLIU1zAc53
OhAscTQzYrpxCPMk2HJz49HBRfGqTWM5R4PU0FrQzpWVYPFWe+F1lkPq35P+z/mm
m4+R4c/BKXAuv6flrH96coGFRquRSDPyyG298PySM7MlikKhrDBHLX+mVnwVVDCW
EFJ4aPBY0ZqLbcY3HlmB09g+wh0Pb1F2dLfl
-----END CERTIFICATE-----
Generated at Thu Jul 3 09:24:18 2025 by rpki-client