Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/F0C8DB1CA54E11EF8592FD66C4F9AE02.roa
File: F0C8DB1CA54E11EF8592FD66C4F9AE02.roa (raw, json)
Hash identifier: 3tPU5Z40ENmKrBN3OAXsHJVkK9J8E3240xOs2Cjr+YQ=
Subject key identifier: 12:A3:D9:50:AF:DA:97:A0:4E:81:D6:96:96:B7:89:FD:83:0C:5F:A4
Certificate issuer: /CN=A911D848/serialNumber=1DD1B8687886924C4613116050EE90E9D494269E
Certificate serial: 63
Authority key identifier: 1D:D1:B8:68:78:86:92:4C:46:13:11:60:50:EE:90:E9:D4:94:26:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdG4aHiGkkxGExFgUO6Q6dSUJp4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/F0C8DB1CA54E11EF8592FD66C4F9AE02.roa
Signing time: Tue 15 Apr 2025 06:11:44 +0000
ROA not before: Tue 15 Apr 2025 06:11:44 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 9266
IP address blocks: 103.36.152.0/22 maxlen: 22
103.65.216.0/22 maxlen: 22
103.225.108.0/22 maxlen: 22
202.1.116.0/22 maxlen: 22
202.1.116.0/24 maxlen: 24
202.1.117.0/24 maxlen: 24
202.1.118.0/24 maxlen: 24
202.1.119.0/24 maxlen: 24
203.5.244.0/24 maxlen: 24
203.10.124.0/24 maxlen: 24
203.12.116.0/24 maxlen: 24
203.14.106.0/24 maxlen: 24
203.14.193.0/24 maxlen: 24
203.18.151.0/24 maxlen: 24
203.19.52.0/24 maxlen: 24
203.19.220.0/24 maxlen: 24
203.20.110.0/24 maxlen: 24
203.20.111.0/24 maxlen: 24
203.21.22.0/24 maxlen: 24
203.22.169.0/24 maxlen: 24
203.23.50.0/24 maxlen: 24
203.23.71.0/24 maxlen: 24
203.24.174.0/23 maxlen: 24
203.25.68.0/22 maxlen: 22
203.25.69.0/24 maxlen: 24
203.25.70.0/24 maxlen: 24
203.25.71.0/24 maxlen: 24
203.25.123.0/24 maxlen: 24
203.25.158.0/24 maxlen: 24
203.26.171.0/24 maxlen: 24
203.26.226.0/23 maxlen: 23
203.29.21.0/24 maxlen: 24
203.29.127.0/24 maxlen: 24
203.30.78.0/24 maxlen: 24
203.31.214.0/24 maxlen: 24
203.32.44.0/23 maxlen: 24
203.32.47.0/24 maxlen: 24
203.33.28.0/24 maxlen: 24
203.33.58.0/23 maxlen: 24
203.33.108.0/23 maxlen: 24
203.34.167.0/24 maxlen: 24
203.55.194.0/23 maxlen: 24
203.62.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.crl
rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdG4aHiGkkxGExFgUO6Q6dSUJp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 06:07:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99 (0x63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D848, serialNumber=1DD1B8687886924C4613116050EE90E9D494269E
Validity
Not Before: Apr 15 06:11:44 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67fdf8a0-5eb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ae:8b:c5:b8:3d:2f:79:8a:0b:bc:28:e5:18:
05:bf:06:32:db:43:3f:39:fb:23:b7:dc:71:1f:76:
8d:50:16:f7:20:84:23:6e:ae:a4:09:7c:26:c2:cc:
d9:cf:bd:55:16:e7:19:39:a2:ac:68:c8:58:0c:8a:
f6:5e:19:e5:55:22:67:56:28:a3:8e:7e:16:6c:9d:
e4:ae:cc:f1:0e:5d:47:38:1d:02:71:22:a4:05:14:
e1:ab:82:0c:38:5c:18:4c:ae:3d:85:1c:46:87:46:
34:6c:34:85:82:3e:58:5b:61:e6:88:aa:ba:3c:2e:
c0:4f:1e:65:87:19:86:5a:36:b7:ed:95:17:45:cb:
6a:6a:25:f8:0e:b4:79:52:3d:0c:01:b6:eb:fb:be:
04:d9:8d:09:2a:07:2e:24:4d:b3:5b:29:4c:0d:40:
81:00:c3:3c:b0:8a:c0:21:12:ca:1b:44:24:d7:cb:
54:31:df:23:92:1f:09:87:6b:cf:6e:4b:5a:21:78:
24:4e:25:bb:d8:34:2e:73:42:85:0a:12:ca:a5:88:
38:36:d5:59:2c:24:af:1e:eb:29:44:e0:47:66:ae:
54:8b:d4:43:3e:db:43:ec:77:72:1e:ec:9f:56:29:
2d:e8:69:44:8b:89:78:a3:22:07:de:e9:53:fa:af:
ae:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:A3:D9:50:AF:DA:97:A0:4E:81:D6:96:96:B7:89:FD:83:0C:5F:A4
X509v3 Authority Key Identifier:
keyid:1D:D1:B8:68:78:86:92:4C:46:13:11:60:50:EE:90:E9:D4:94:26:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdG4aHiGkkxGExFgUO6Q6dSUJp4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/F0C8DB1CA54E11EF8592FD66C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.36.152.0/22
103.65.216.0/22
103.225.108.0/22
202.1.116.0/22
203.5.244.0/24
203.10.124.0/24
203.12.116.0/24
203.14.106.0/24
203.14.193.0/24
203.18.151.0/24
203.19.52.0/24
203.19.220.0/24
203.20.110.0/23
203.21.22.0/24
203.22.169.0/24
203.23.50.0/24
203.23.71.0/24
203.24.174.0/23
203.25.68.0/22
203.25.123.0/24
203.25.158.0/24
203.26.171.0/24
203.26.226.0/23
203.29.21.0/24
203.29.127.0/24
203.30.78.0/24
203.31.214.0/24
203.32.44.0/23
203.32.47.0/24
203.33.28.0/24
203.33.58.0/23
203.33.108.0/23
203.34.167.0/24
203.55.194.0/23
203.62.147.0/24
Signature Algorithm: sha256WithRSAEncryption
32:32:5b:6d:8f:74:44:68:57:18:26:d9:a9:1e:2a:19:c7:b0:
3a:4c:ce:d7:04:a3:59:ef:74:93:0d:df:20:bc:d0:10:bb:82:
e0:af:ce:dc:56:3d:ae:a6:23:16:f5:f0:75:64:d6:65:09:cd:
e7:22:ef:35:06:39:bf:b6:92:09:3c:bf:d4:a2:11:bc:66:51:
fe:16:7f:d2:4a:05:27:8e:49:9d:c6:47:36:0d:d6:2d:19:19:
6b:73:3d:c7:c8:1c:da:5a:c9:dc:8f:0c:57:fc:cb:08:13:c2:
13:d2:69:79:1a:3b:5c:c2:df:0b:c5:26:b1:e1:a1:8f:68:9e:
a1:62:ca:39:3c:9e:0c:23:86:b5:a3:41:24:a2:df:27:e1:33:
68:69:f5:c3:a1:23:14:12:1c:cd:e3:30:6d:9a:f6:97:b0:11:
ad:cb:81:72:55:0f:68:31:10:db:15:f7:85:70:54:ff:71:49:
4e:96:db:58:01:be:7b:71:53:01:fa:0d:74:e2:95:a9:65:95:
28:67:df:6b:b2:79:a3:53:28:ac:ce:1d:63:d6:c4:98:a7:6f:
6b:3e:c0:92:72:92:87:70:99:5e:f1:b4:2c:2b:87:75:1b:9c:
42:e6:38:55:ba:c4:2c:54:f9:4a:0d:8b:98:9e:41:c2:0c:9f:
35:3e:e6:8a
-----BEGIN CERTIFICATE-----
MIIGQTCCBSmgAwIBAgIBYzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
RDg0ODExMC8GA1UEBRMoMUREMUI4Njg3ODg2OTI0QzQ2MTMxMTYwNTBFRTkwRTlE
NDk0MjY5RTAeFw0yNTA0MTUwNjExNDRaFw0yNTA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ZmRmOGEwLTVlYjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQClrovFuD0veYoLvCjlGAW/BjLbQz85+yO33HEfdo1QFvcghCNurqQJfCbCzNnP
vVUW5xk5oqxoyFgMivZeGeVVImdWKKOOfhZsneSuzPEOXUc4HQJxIqQFFOGrggw4
XBhMrj2FHEaHRjRsNIWCPlhbYeaIqro8LsBPHmWHGYZaNrftlRdFy2pqJfgOtHlS
PQwBtuv7vgTZjQkqBy4kTbNbKUwNQIEAwzywisAhEsobRCTXy1Qx3yOSHwmHa89u
S1oheCROJbvYNC5zQoUKEsqliDg21VksJK8e6ylE4EdmrlSL1EM+20Psd3Ie7J9W
KS3oaUSLiXijIgfe6VP6r65BAgMBAAGjggNmMIIDYjAdBgNVHQ4EFgQUEqPZUK/a
l6BOgdaWlreJ/YMMX6QwHwYDVR0jBBgwFoAUHdG4aHiGkkxGExFgUO6Q6dSUJp4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFEODQ4L0MyNTFCNUIyOUIx
MDExRUZBNzJCQTAyMEM0RjlBRTAyL0hkRzRhSGlHa2t4R0V4RmdVTzZRNmRTVUpw
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSGRHNGFIaUdra3hHRXhGZ1VPNlE2ZFNVSnA0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
RDg0OC9DMjUxQjVCMjlCMTAxMUVGQTcyQkEwMjBDNEY5QUUwMi9GMEM4REIxQ0E1
NEUxMUVGODU5MkZENjZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDCB7wYIKwYBBQUHAQcBAf8E
gd8wgdwwgdkEAgABMIHSAwQCZySYAwQCZ0HYAwQCZ+FsAwQCygF0AwQAywX0AwQA
ywp8AwQAywx0AwQAyw5qAwQAyw7BAwQAyxKXAwQAyxM0AwQAyxPcAwQByxRuAwQA
yxUWAwQAyxapAwQAyxcyAwQAyxdHAwQByxiuAwQCyxlEAwQAyxl7AwQAyxmeAwQA
yxqrAwQByxriAwQAyx0VAwQAyx1/AwQAyx5OAwQAyx/WAwQByyAsAwQAyyAvAwQA
yyEcAwQByyE6AwQByyFsAwQAyyKnAwQByzfCAwQAyz6TMA0GCSqGSIb3DQEBCwUA
A4IBAQAyMlttj3REaFcYJtmpHioZx7A6TM7XBKNZ73STDd8gvNAQu4Lgr87cVj2u
piMW9fB1ZNZlCc3nIu81Bjm/tpIJPL/UohG8ZlH+Fn/SSgUnjkmdxkc2DdYtGRlr
cz3HyBzaWsncjwxX/MsIE8IT0ml5Gjtcwt8LxSax4aGPaJ6hYso5PJ4MI4a1o0Ek
ot8n4TNoafXDoSMUEhzN4zBtmvaXsBGty4FyVQ9oMRDbFfeFcFT/cUlOlttYAb57
cVMB+g104pWpZZUoZ99rsnmjUyiszh1j1sSYp29rPsCScpKHcJle8bQsK4d1G5xC
5jhVusQsVPlKDYuYnkHCDJ81PuaK
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:02:16 2025 by rpki-client