Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/CB304C36307111EDB0CBD946C4F9AE02.roa
File: CB304C36307111EDB0CBD946C4F9AE02.roa (raw, json)
Hash identifier: 6YYJp70ovWJbV5hwBiIeegk/fbVe4hEWR6AUPM6tWHc=
Subject key identifier: 4A:8F:3C:E7:CF:2D:D1:15:EC:4B:78:92:C4:C8:A9:F9:A2:F5:55:14
Certificate issuer: /CN=A911CA82/serialNumber=D2A0871BCD8376C11A8F049A39855AFCDB183064
Certificate serial: 0609
Authority key identifier: D2:A0:87:1B:CD:83:76:C1:1A:8F:04:9A:39:85:5A:FC:DB:18:30:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0qCHG82DdsEajwSaOYVa_NsYMGQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/CB304C36307111EDB0CBD946C4F9AE02.roa
Signing time: Tue 22 Apr 2025 11:02:09 +0000
ROA not before: Tue 22 Apr 2025 11:02:09 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 139628
IP address blocks: 43.255.114.0/23 maxlen: 24
103.20.80.0/22 maxlen: 22
103.20.80.0/24 maxlen: 24
103.20.81.0/24 maxlen: 24
103.20.82.0/24 maxlen: 24
103.20.83.0/24 maxlen: 24
103.106.204.0/22 maxlen: 22
103.106.204.0/24 maxlen: 24
103.106.205.0/24 maxlen: 24
103.106.206.0/24 maxlen: 24
103.106.207.0/24 maxlen: 24
103.119.96.0/22 maxlen: 22
103.119.96.0/24 maxlen: 24
103.119.97.0/24 maxlen: 24
103.119.98.0/24 maxlen: 24
103.119.99.0/24 maxlen: 24
103.136.176.0/22 maxlen: 22
103.136.176.0/24 maxlen: 24
103.136.177.0/24 maxlen: 24
103.136.178.0/24 maxlen: 24
103.136.179.0/24 maxlen: 24
103.142.208.0/23 maxlen: 23
103.142.208.0/24 maxlen: 24
103.142.209.0/24 maxlen: 24
103.147.234.0/23 maxlen: 24
111.67.96.0/22 maxlen: 22
111.67.96.0/24 maxlen: 24
111.67.97.0/24 maxlen: 24
111.67.98.0/24 maxlen: 24
111.67.99.0/24 maxlen: 24
111.67.100.0/22 maxlen: 22
111.67.100.0/24 maxlen: 24
111.67.101.0/24 maxlen: 24
111.67.102.0/24 maxlen: 24
111.67.103.0/24 maxlen: 24
115.178.24.0/23 maxlen: 23
115.178.24.0/24 maxlen: 24
115.178.25.0/24 maxlen: 24
124.108.4.0/22 maxlen: 22
124.108.4.0/24 maxlen: 24
124.108.5.0/24 maxlen: 24
124.108.6.0/24 maxlen: 24
124.108.7.0/24 maxlen: 24
150.129.20.0/22 maxlen: 22
150.129.20.0/24 maxlen: 24
150.129.21.0/24 maxlen: 24
150.129.22.0/24 maxlen: 24
150.129.23.0/24 maxlen: 24
202.58.16.0/23 maxlen: 23
202.58.16.0/24 maxlen: 24
202.58.17.0/24 maxlen: 24
202.58.18.0/23 maxlen: 23
202.58.18.0/24 maxlen: 24
202.58.19.0/24 maxlen: 24
203.80.170.0/23 maxlen: 23
203.80.170.0/24 maxlen: 24
203.80.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/0qCHG82DdsEajwSaOYVa_NsYMGQ.crl
rsync://rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/0qCHG82DdsEajwSaOYVa_NsYMGQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0qCHG82DdsEajwSaOYVa_NsYMGQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 01 May 2025 22:54:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1545 (0x609)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911CA82, serialNumber=D2A0871BCD8376C11A8F049A39855AFCDB183064
Validity
Not Before: Apr 22 11:02:09 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=68077730-7ca0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b4:87:2f:de:e2:16:1a:fb:b8:1a:fc:a8:cd:
20:10:43:68:79:8f:70:d2:19:60:44:75:e6:91:1c:
24:63:53:1a:30:e1:55:88:9c:5d:e7:e3:f4:cc:3c:
73:fe:f5:27:59:51:eb:c6:00:6f:7f:25:98:06:57:
7d:07:15:f5:2f:7d:2a:c3:38:22:7d:19:70:90:34:
b1:27:4b:b1:c8:3f:55:19:07:30:bb:b3:16:a3:68:
da:3a:ea:5f:78:00:99:4a:da:80:33:1c:ac:75:1f:
af:a5:fa:03:3d:48:92:83:91:62:e5:cd:2d:c3:7b:
d8:d6:44:f6:21:29:78:c2:62:f1:32:8f:e7:2c:d4:
61:b8:59:4c:a6:6f:48:5f:bb:26:f3:44:cd:56:ba:
1d:bb:f5:86:f8:cf:e9:4b:71:62:53:27:77:f6:10:
e5:9e:b5:cf:04:b0:29:f3:43:a3:8c:bc:05:f0:05:
52:33:a2:15:d7:8f:64:92:0c:60:aa:8f:c4:ed:8a:
f5:4a:b8:4f:33:e6:88:8b:82:a9:8f:e7:cf:8a:46:
33:9c:d2:7c:3a:8b:73:f1:bc:7f:b2:5d:dd:73:b3:
d1:84:96:50:59:45:78:78:0b:25:78:f1:a3:ee:70:
47:b0:29:04:30:a7:7e:b9:f3:50:52:d6:d4:50:3f:
d9:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:8F:3C:E7:CF:2D:D1:15:EC:4B:78:92:C4:C8:A9:F9:A2:F5:55:14
X509v3 Authority Key Identifier:
keyid:D2:A0:87:1B:CD:83:76:C1:1A:8F:04:9A:39:85:5A:FC:DB:18:30:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/0qCHG82DdsEajwSaOYVa_NsYMGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0qCHG82DdsEajwSaOYVa_NsYMGQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/CB304C36307111EDB0CBD946C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.114.0/23
103.20.80.0/22
103.106.204.0/22
103.119.96.0/22
103.136.176.0/22
103.142.208.0/23
103.147.234.0/23
111.67.96.0/21
115.178.24.0/23
124.108.4.0/22
150.129.20.0/22
202.58.16.0/22
203.80.170.0/23
Signature Algorithm: sha256WithRSAEncryption
59:fb:22:08:18:6e:20:66:8e:34:7e:75:62:cf:76:fa:fb:ea:
a5:cf:82:c0:b7:5a:85:73:37:44:ea:82:53:49:40:b4:12:23:
c1:7c:d5:ce:98:ba:7f:bb:b6:2e:19:d3:2b:2f:9a:91:30:0d:
65:92:51:dd:33:7b:0d:97:2e:6a:5d:40:7b:87:35:80:98:92:
88:50:59:6b:b7:db:79:a5:fd:59:c5:95:b2:88:e8:71:7e:fc:
96:8b:78:04:39:fb:70:25:a5:dd:5d:50:60:72:11:8a:8c:1e:
59:5b:70:7a:c3:1a:e2:5d:87:0c:c1:7d:5e:db:4c:e6:41:32:
54:07:e3:66:d0:fa:7b:1c:87:70:75:1e:37:61:3f:eb:34:8e:
0f:ec:6e:03:8c:c4:eb:68:14:2e:18:af:dc:8a:85:69:db:f6:
0e:95:d6:8e:b9:d7:57:dc:b7:ef:aa:2b:d8:a4:83:8d:56:c5:
1b:f8:4f:ee:6d:0f:81:c9:ed:96:af:14:c9:77:b4:91:60:6c:
b4:d3:74:c5:9d:a3:cf:c7:6b:b9:7f:93:6a:f9:a9:f1:f8:44:
eb:73:28:3d:f3:82:2e:92:a3:c5:c5:14:ea:f6:d6:5f:90:61:
fe:6d:79:68:47:e3:05:fe:c9:83:31:e6:41:22:cb:6c:a3:43:
3e:0b:9a:2c
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgICBgkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUNBODIxMTAvBgNVBAUTKEQyQTA4NzFCQ0Q4Mzc2QzExQThGMDQ5QTM5ODU1QUZD
REIxODMwNjQwHhcNMjUwNDIyMTEwMjA5WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODA3NzczMC03Y2EwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv7SHL97iFhr7uBr8qM0gEENoeY9w0hlgRHXmkRwkY1MaMOFViJxd5+P0zDxz
/vUnWVHrxgBvfyWYBld9BxX1L30qwzgifRlwkDSxJ0uxyD9VGQcwu7MWo2jaOupf
eACZStqAMxysdR+vpfoDPUiSg5Fi5c0tw3vY1kT2ISl4wmLxMo/nLNRhuFlMpm9I
X7sm80TNVrodu/WG+M/pS3FiUyd39hDlnrXPBLAp80OjjLwF8AVSM6IV149kkgxg
qo/E7Yr1SrhPM+aIi4Kpj+fPikYznNJ8Ootz8bx/sl3dc7PRhJZQWUV4eAslePGj
7nBHsCkEMKd+ufNQUtbUUD/ZbQIDAQABo4IC3TCCAtkwHQYDVR0OBBYEFEqPPOfP
LdEV7Et4ksTIqfmi9VUUMB8GA1UdIwQYMBaAFNKghxvNg3bBGo8EmjmFWvzbGDBk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0E4Mi8wQkVCMzc1QUJF
NDQxMUVCQUUzRDQzNDhDNEY5QUUwMi8wcUNIRzgyRGRzRWFqd1NhT1lWYV9Oc1lN
R1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBxQ0hHODJEZHNFYWp3U2FPWVZhX05zWU1HUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUNBODIvMEJFQjM3NUFCRTQ0MTFFQkFFM0Q0MzQ4QzRGOUFFMDIvQ0IzMDRDMzYz
MDcxMTFFREIwQ0JEOTQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZwYIKwYBBQUHAQcBAf8E
WDBWMFQEAgABME4DBAEr/3IDBAJnFFADBAJnaswDBAJnd2ADBAJniLADBAFnjtAD
BAFnk+oDBANvQ2ADBAFzshgDBAJ8bAQDBAKWgRQDBALKOhADBAHLUKowDQYJKoZI
hvcNAQELBQADggEBAFn7IggYbiBmjjR+dWLPdvr76qXPgsC3WoVzN0TqglNJQLQS
I8F81c6Yun+7ti4Z0ysvmpEwDWWSUd0zew2XLmpdQHuHNYCYkohQWWu323ml/VnF
lbKI6HF+/JaLeAQ5+3Alpd1dUGByEYqMHllbcHrDGuJdhwzBfV7bTOZBMlQH42bQ
+nsch3B1HjdhP+s0jg/sbgOMxOtoFC4Yr9yKhWnb9g6V1o6511fct++qK9ikg41W
xRv4T+5tD4HJ7ZavFMl3tJFgbLTTdMWdo8/Ha7l/k2r5qfH4ROtzKD3zgi6So8XF
FOr21l+QYf5teWhH4wX+yYMx5kEiy2yjQz4Lmiw=
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:15:19 2025 by rpki-client