Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/01A34AA220D911F08E8B910BC4F9AE02.roa
File: 01A34AA220D911F08E8B910BC4F9AE02.roa (raw, json)
Hash identifier: rRSZwuyNniJRhYgMcIbEH1c39jOVJWRBcxSW3fXY+nI=
Subject key identifier: 64:21:D7:4E:72:33:66:99:24:2E:E2:E1:8D:18:FD:A7:4B:EB:2A:1F
Certificate issuer: /CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD
Certificate serial: 0B14
Authority key identifier: 39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/01A34AA220D911F08E8B910BC4F9AE02.roa
Signing time: Fri 25 Apr 2025 06:00:13 +0000
ROA not before: Fri 25 Apr 2025 06:00:13 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 132203
IP address blocks: 43.128.222.0/23 maxlen: 23
43.128.224.0/19 maxlen: 19
43.128.241.0/24 maxlen: 24
43.129.32.0/20 maxlen: 20
43.129.48.0/20 maxlen: 20
43.130.0.0/17 maxlen: 24
43.130.128.0/18 maxlen: 24
43.130.224.0/19 maxlen: 19
43.131.0.0/18 maxlen: 24
43.131.224.0/19 maxlen: 24
43.132.12.0/22 maxlen: 22
43.132.16.0/22 maxlen: 22
43.132.28.0/22 maxlen: 22
43.132.32.0/22 maxlen: 22
43.132.40.0/22 maxlen: 22
43.132.52.0/22 maxlen: 22
43.132.68.0/24 maxlen: 24
43.132.96.0/19 maxlen: 24
43.132.128.0/17 maxlen: 24
43.133.0.0/19 maxlen: 19
43.133.128.0/20 maxlen: 20
43.133.144.0/20 maxlen: 20
43.133.160.0/19 maxlen: 19
43.133.192.0/19 maxlen: 19
43.134.0.0/18 maxlen: 18
43.134.64.0/18 maxlen: 18
43.135.58.0/24 maxlen: 24
43.135.187.0/24 maxlen: 24
43.135.192.0/19 maxlen: 19
43.135.221.0/24 maxlen: 24
43.152.74.0/23 maxlen: 23
43.152.76.0/22 maxlen: 22
43.152.80.0/22 maxlen: 22
43.152.92.0/23 maxlen: 23
43.152.96.0/19 maxlen: 24
43.152.192.0/19 maxlen: 19
43.152.224.0/19 maxlen: 19
43.153.0.0/18 maxlen: 18
43.153.64.0/18 maxlen: 18
43.153.128.0/18 maxlen: 18
43.153.164.0/24 maxlen: 24
43.153.187.0/24 maxlen: 24
43.153.192.0/18 maxlen: 18
43.153.250.0/23 maxlen: 23
43.154.0.0/18 maxlen: 18
43.154.64.0/18 maxlen: 18
43.154.128.0/18 maxlen: 18
43.154.192.0/18 maxlen: 18
43.155.0.0/17 maxlen: 18
43.155.127.0/24 maxlen: 24
43.155.128.0/17 maxlen: 18
43.155.149.0/24 maxlen: 24
43.156.0.0/18 maxlen: 18
43.156.64.0/18 maxlen: 18
43.156.128.0/18 maxlen: 18
43.156.192.0/18 maxlen: 18
43.156.252.0/24 maxlen: 24
43.156.254.0/24 maxlen: 24
43.157.0.0/17 maxlen: 24
43.157.128.0/18 maxlen: 24
43.157.192.0/18 maxlen: 24
43.158.0.0/16 maxlen: 16
43.158.0.0/17 maxlen: 24
43.158.128.0/18 maxlen: 24
43.158.192.0/18 maxlen: 24
43.159.0.0/16 maxlen: 16
43.159.0.0/20 maxlen: 24
43.159.16.0/20 maxlen: 24
43.159.32.0/19 maxlen: 24
43.159.76.0/24 maxlen: 24
43.159.128.0/18 maxlen: 24
43.159.192.0/18 maxlen: 24
43.160.0.0/16 maxlen: 24
43.161.0.0/17 maxlen: 24
43.161.128.0/17 maxlen: 24
43.162.0.0/17 maxlen: 24
43.162.128.0/17 maxlen: 24
43.163.0.0/16 maxlen: 16
43.163.0.0/17 maxlen: 17
43.163.0.0/18 maxlen: 24
43.163.64.0/18 maxlen: 24
43.163.128.0/18 maxlen: 18
43.163.140.0/24 maxlen: 24
43.163.192.0/18 maxlen: 24
43.164.0.0/16 maxlen: 24
43.165.0.0/16 maxlen: 24
43.166.0.0/16 maxlen: 24
43.167.0.0/16 maxlen: 24
43.172.0.0/16 maxlen: 24
43.173.0.0/16 maxlen: 24
101.32.94.0/23 maxlen: 23
101.32.96.0/20 maxlen: 20
101.32.102.0/23 maxlen: 23
101.32.104.0/21 maxlen: 21
101.32.140.0/24 maxlen: 24
101.33.4.0/23 maxlen: 23
101.33.17.0/24 maxlen: 24
101.33.18.0/23 maxlen: 23
101.33.26.0/23 maxlen: 23
101.33.30.0/23 maxlen: 23
101.33.41.0/24 maxlen: 24
101.33.52.0/22 maxlen: 22
101.33.114.0/23 maxlen: 24
124.156.208.0/20 maxlen: 20
124.156.224.0/20 maxlen: 20
150.109.90.0/24 maxlen: 24
150.109.91.0/24 maxlen: 24
150.109.140.0/22 maxlen: 22
150.109.192.0/20 maxlen: 20
150.109.192.0/21 maxlen: 21
150.109.192.0/23 maxlen: 23
150.109.200.0/22 maxlen: 22
150.109.204.0/23 maxlen: 23
150.109.206.0/24 maxlen: 24
150.109.207.0/24 maxlen: 24
240d:c000::/24 maxlen: 32
240d:c000:1000::/36 maxlen: 36
240d:c000:2000::/36 maxlen: 36
240d:c000:3000::/36 maxlen: 36
240d:c000:6000::/36 maxlen: 36
240d:c000:6000::/44 maxlen: 48
240d:c000:7000::/44 maxlen: 44
240d:c000:f000::/36 maxlen: 36
240d:c000:f000::/44 maxlen: 44
240d:c000:f010::/44 maxlen: 44
240d:c000:f020::/44 maxlen: 44
240d:c000:f030::/44 maxlen: 44
240d:c000:f040::/44 maxlen: 44
240d:c000:f050::/44 maxlen: 44
240d:c000:f060::/44 maxlen: 44
240d:c000:f070::/44 maxlen: 44
240d:c000:f0c0::/44 maxlen: 44
240d:c000:f0d0::/44 maxlen: 44
240d:c000:f0e0::/44 maxlen: 44
240d:c000:f0f0::/44 maxlen: 44
240d:c010::/48 maxlen: 48
240d:c010::/56 maxlen: 56
240d:c010:0:100::/56 maxlen: 56
240d:c010:10::/48 maxlen: 48
240d:c010:11::/48 maxlen: 48
240d:c010:12::/48 maxlen: 48
240d:c010:14::/48 maxlen: 48
240d:c010:16::/48 maxlen: 48
240d:c010:17::/48 maxlen: 48
240d:c010:20::/44 maxlen: 44
240d:c010:20::/56 maxlen: 56
240d:c010:20:100::/56 maxlen: 56
240d:c010:20:200::/56 maxlen: 56
240d:c010:30::/56 maxlen: 56
240d:c010:30:100::/56 maxlen: 56
240d:c010:50::/48 maxlen: 48
240d:c010:57::/48 maxlen: 48
240d:c010:58::/47 maxlen: 48
240d:c010:5c::/46 maxlen: 48
240d:c010:60::/48 maxlen: 48
240d:c010:66::/47 maxlen: 48
240d:c010:68::/48 maxlen: 48
240d:c010:6c::/47 maxlen: 48
240d:c010:6e::/48 maxlen: 48
240d:c040::/44 maxlen: 44
240d:c040:10::/44 maxlen: 44
240d:c040:20::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl
rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 06:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2836 (0xb14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157D67, serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD
Validity
Not Before: Apr 25 06:00:13 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=680b24ed-53ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ca:64:ad:2c:32:a3:91:7d:25:eb:87:c7:f3:
4a:3b:a5:3e:9a:a2:34:49:be:a4:42:8e:4d:db:74:
b5:8b:cb:9c:94:4c:cc:f6:e3:2d:14:69:d3:06:18:
f0:fc:5a:0b:17:30:8a:98:66:17:a9:b1:87:2c:b1:
68:a2:7d:fb:f3:ef:44:52:cb:97:92:1e:f8:e2:7f:
fb:71:98:f9:dc:11:2b:02:a6:60:dd:2e:97:2f:34:
30:41:be:db:47:76:e9:98:2d:9c:f3:7e:6b:fb:3c:
56:ee:d7:79:a4:f3:bc:51:7a:df:5f:50:ef:eb:fa:
dd:61:5e:09:99:30:3d:c5:42:ed:1a:83:29:7f:64:
08:fd:c4:36:f8:00:f4:26:08:09:35:84:5c:ea:55:
dc:18:55:e3:5a:1a:9b:a2:cb:d0:0e:19:ef:5f:69:
d5:07:36:56:7d:b4:a0:82:8d:e0:f3:f7:24:cb:45:
26:b4:f8:7e:0d:76:ae:60:c8:81:c8:0d:d0:46:52:
2c:ce:23:2b:3f:d7:d7:7f:aa:97:1f:e4:95:68:cf:
94:b1:02:f0:71:18:53:c0:5f:c5:0f:9d:c3:cf:7e:
e0:56:0b:ed:10:3f:d1:f0:a6:bf:d7:fc:27:08:76:
b7:7e:dd:0e:bf:9a:99:1f:2b:6e:9f:48:3d:b9:16:
13:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:21:D7:4E:72:33:66:99:24:2E:E2:E1:8D:18:FD:A7:4B:EB:2A:1F
X509v3 Authority Key Identifier:
keyid:39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/01A34AA220D911F08E8B910BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.128.222.0-43.128.255.255
43.129.32.0/19
43.130.0.0-43.130.191.255
43.130.224.0-43.131.63.255
43.131.224.0/19
43.132.12.0-43.132.19.255
43.132.28.0-43.132.35.255
43.132.40.0/22
43.132.52.0/22
43.132.68.0/24
43.132.96.0-43.133.31.255
43.133.128.0-43.133.223.255
43.134.0.0/17
43.135.58.0/24
43.135.187.0/24
43.135.192.0/19
43.152.74.0-43.152.83.255
43.152.92.0/23
43.152.96.0/19
43.152.192.0-43.167.255.255
43.172.0.0/15
101.32.94.0-101.32.111.255
101.32.140.0/24
101.33.4.0/23
101.33.17.0-101.33.19.255
101.33.26.0/23
101.33.30.0/23
101.33.41.0/24
101.33.52.0/22
101.33.114.0/23
124.156.208.0-124.156.239.255
150.109.90.0/23
150.109.140.0/22
150.109.192.0/20
IPv6:
240d:c000::/24
Signature Algorithm: sha256WithRSAEncryption
2b:c8:ee:99:6f:4c:00:e2:4d:95:2d:63:5c:fc:f4:9c:c3:e0:
84:fc:2f:e4:f8:0f:0b:2a:54:76:dd:f4:ef:96:ae:9c:9f:07:
dc:ba:76:03:46:27:56:4d:55:d6:9e:c8:67:32:86:4d:22:61:
63:ae:c1:e3:9c:8e:40:3a:26:a5:d0:7a:4f:e1:a7:b8:50:08:
3d:23:85:4e:34:fb:7f:6b:35:98:bf:07:e6:1c:b8:bf:c6:f0:
19:01:ea:72:78:92:0f:74:63:8c:4b:78:4d:ca:c3:ea:a2:1f:
27:e0:b2:63:07:76:b8:b5:3b:6b:27:5e:bc:5e:26:89:2a:b9:
70:95:35:9d:93:98:15:99:71:f0:86:90:a2:13:1f:41:90:10:
82:a1:e9:45:af:d1:e5:27:4d:93:c6:50:d5:ba:1d:69:73:f0:
62:0b:e7:1c:a6:4d:8e:74:86:e9:e0:b3:00:fa:93:4a:d1:84:
66:43:3d:22:e9:e1:2e:a4:76:64:91:24:0e:fb:de:18:f7:6e:
d7:45:26:e9:45:34:29:32:7a:2a:9f:77:85:34:b4:9d:12:99:
cc:77:6d:9d:34:85:a0:c2:b2:5f:29:44:21:88:c1:31:c4:6f:
fc:09:64:f8:00:4c:8a:ef:2a:06:1a:b2:28:35:e2:e5:d5:e5:
a0:9e:e8:f1
-----BEGIN CERTIFICATE-----
MIIGqzCCBZOgAwIBAgICCxQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdENjcxMTAvBgNVBAUTKDM5QzQzOTY3NTcwMDg3RjU4M0U0MjVBOUZFOUI2OUI5
NTA2QTU5QkQwHhcNMjUwNDI1MDYwMDEzWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODBiMjRlZC01M2FjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3MpkrSwyo5F9JeuHx/NKO6U+mqI0Sb6kQo5N23S1i8uclEzM9uMtFGnTBhjw
/FoLFzCKmGYXqbGHLLFoon378+9EUsuXkh744n/7cZj53BErAqZg3S6XLzQwQb7b
R3bpmC2c835r+zxW7td5pPO8UXrfX1Dv6/rdYV4JmTA9xULtGoMpf2QI/cQ2+AD0
JggJNYRc6lXcGFXjWhqbosvQDhnvX2nVBzZWfbSggo3g8/cky0UmtPh+DXauYMiB
yA3QRlIsziMrP9fXf6qXH+SVaM+UsQLwcRhTwF/FD53Dz37gVgvtED/R8Ka/1/wn
CHa3ft0Ov5qZHytun0g9uRYTcwIDAQABo4IDzzCCA8swHQYDVR0OBBYEFGQh105y
M2aZJC7i4Y0Y/adL6yofMB8GA1UdIwQYMBaAFDnEOWdXAIf1g+Qlqf6bablQalm9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q2Ny82OUU2QzE2QTQ0
MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhfV0Q1Q1dwX3B0cHVWQnFX
YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09jUTVaMWNBaF9XRDVDV3BfcHRwdVZCcVdiMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdENjcvNjlFNkMxNkE0NDJBMTFFQjk1OTlBRDM4QzRGOUFFMDIvMDFBMzRBQTIy
MEQ5MTFGMDhFOEI5MTBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggFXBggrBgEFBQcBBwEB
/wSCAUYwggFCMIIBMAQCAAEwggEoMAsDBAErgN4DAwArgAMEBSuBIDALAwMBK4ID
BAYrgoAwDAMEBSuC4AMEBiuDAAMEBSuD4DAMAwQCK4QMAwQCK4QQMAwDBAIrhBwD
BAIrhCADBAIrhCgDBAIrhDQDBAArhEQwDAMEBSuEYAMEBSuFADAMAwQHK4WAAwQF
K4XAAwQHK4YAAwQAK4c6AwQAK4e7AwQFK4fAMAwDBAErmEoDBAIrmFADBAErmFwD
BAUrmGAwCwMEBiuYwAMDAyugAwMBK6wwDAMEAWUgXgMEBGUgYAMEAGUgjAMEAWUh
BDAMAwQAZSERAwQCZSEQAwQBZSEaAwQBZSEeAwQAZSEpAwQCZSE0AwQBZSFyMAwD
BAR8nNADBAR8nOADBAGWbVoDBAKWbYwDBASWbcAwDAQCAAIwBgMEACQNwDANBgkq
hkiG9w0BAQsFAAOCAQEAK8jumW9MAOJNlS1jXPz0nMPghPwv5PgPCypUdt3075au
nJ8H3Lp2A0YnVk1V1p7IZzKGTSJhY67B45yOQDompdB6T+GnuFAIPSOFTjT7f2s1
mL8H5hy4v8bwGQHqcniSD3RjjEt4TcrD6qIfJ+CyYwd2uLU7aydevF4miSq5cJU1
nZOYFZlx8IaQohMfQZAQgqHpRa/R5SdNk8ZQ1bodaXPwYgvnHKZNjnSG6eCzAPqT
StGEZkM9IunhLqR2ZJEkDvveGPdu10Um6UU0KTJ6Kp93hTS0nRKZzHdtnTSFoMKy
XylEIYjBMcRv/Alk+ABMiu8qBhqyKDXi5dXloJ7o8Q==
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:07:23 2025 by rpki-client