Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1E9C98A2FF0A11EF98776D12C4F9AE02.roa
File: 1E9C98A2FF0A11EF98776D12C4F9AE02.roa (raw, json)
Hash identifier: A+XWK8OBkQS7+P4ULQIpC57tT+yw0zTG1vVaEdxpmLs=
Subject key identifier: 81:B3:72:48:D7:6B:D0:06:8A:D2:16:EE:FE:60:AC:8A:F4:BD:A1:12
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: AD51
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1E9C98A2FF0A11EF98776D12C4F9AE02.roa
Signing time: Tue 01 Apr 2025 12:13:43 +0000
ROA not before: Tue 01 Apr 2025 12:13:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 45769
IP address blocks: 45.112.144.0/22 maxlen: 24
45.112.148.0/22 maxlen: 24
45.112.184.0/22 maxlen: 24
103.26.232.0/22 maxlen: 24
103.51.232.0/22 maxlen: 24
103.51.236.0/22 maxlen: 24
103.52.36.0/22 maxlen: 24
150.242.205.0/24 maxlen: 24
150.242.206.0/24 maxlen: 24
150.242.207.0/24 maxlen: 24
182.48.192.0/18 maxlen: 24
202.122.16.0/24 maxlen: 24
202.122.17.0/24 maxlen: 24
202.122.18.0/24 maxlen: 24
202.122.19.0/24 maxlen: 24
202.122.20.0/24 maxlen: 24
202.122.21.0/24 maxlen: 24
202.122.22.0/24 maxlen: 24
202.122.23.0/24 maxlen: 24
202.131.128.0/24 maxlen: 24
202.131.129.0/24 maxlen: 24
202.131.130.0/24 maxlen: 24
202.131.131.0/24 maxlen: 24
202.131.132.0/24 maxlen: 24
202.131.133.0/24 maxlen: 24
202.131.134.0/24 maxlen: 24
202.131.135.0/24 maxlen: 24
202.131.136.0/23 maxlen: 24
202.131.138.0/24 maxlen: 24
202.131.139.0/24 maxlen: 24
202.131.140.0/24 maxlen: 24
202.131.141.0/24 maxlen: 24
202.131.142.0/23 maxlen: 24
202.131.144.0/24 maxlen: 24
202.131.145.0/24 maxlen: 24
202.131.146.0/24 maxlen: 24
202.131.147.0/24 maxlen: 24
202.131.148.0/24 maxlen: 24
202.131.149.0/24 maxlen: 24
202.131.150.0/24 maxlen: 24
202.131.151.0/24 maxlen: 24
202.131.152.0/24 maxlen: 24
202.131.153.0/24 maxlen: 24
202.131.154.0/23 maxlen: 24
202.131.156.0/24 maxlen: 24
202.131.157.0/24 maxlen: 24
202.131.158.0/23 maxlen: 24
202.140.33.0/24 maxlen: 24
202.140.34.0/24 maxlen: 24
202.140.35.0/24 maxlen: 24
202.140.36.0/24 maxlen: 24
202.140.37.0/24 maxlen: 24
202.140.38.0/24 maxlen: 24
202.140.39.0/24 maxlen: 24
202.140.41.0/24 maxlen: 24
202.140.42.0/23 maxlen: 24
202.140.44.0/24 maxlen: 24
202.140.45.0/24 maxlen: 24
202.140.47.0/24 maxlen: 24
202.140.48.0/24 maxlen: 24
202.140.49.0/24 maxlen: 24
202.140.50.0/24 maxlen: 24
202.140.51.0/24 maxlen: 24
202.140.52.0/24 maxlen: 24
202.140.53.0/24 maxlen: 24
202.140.54.0/24 maxlen: 24
202.140.55.0/24 maxlen: 24
202.140.56.0/24 maxlen: 24
202.140.57.0/24 maxlen: 24
202.140.58.0/24 maxlen: 24
202.140.59.0/24 maxlen: 24
202.140.60.0/24 maxlen: 24
202.140.61.0/24 maxlen: 24
202.140.62.0/24 maxlen: 24
202.140.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 03 May 2025 03:41:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44369 (0xad51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Apr 1 12:13:43 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67ebd877-cd30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5c:f1:cf:b3:94:2d:3b:c6:52:56:ca:12:52:
fb:bd:2c:18:de:64:48:81:e6:66:42:e8:52:62:7b:
e8:79:0c:02:c2:d2:09:57:29:05:7e:31:cd:9c:75:
27:1e:d2:79:30:68:51:90:9d:34:53:8c:ee:71:09:
a0:90:b6:31:df:00:f6:7b:89:fa:17:42:00:2a:3c:
2c:90:6e:f8:ee:52:92:c9:85:30:32:fd:35:d8:eb:
8e:11:b6:f7:7c:9b:47:b4:61:4f:9f:de:84:14:c9:
64:74:23:4c:17:80:45:a2:9c:11:c5:ea:47:c6:7e:
08:26:d7:33:95:71:73:b3:41:c2:b3:45:56:d7:c6:
ec:11:6a:a8:b6:90:72:df:2c:11:9c:f5:4e:e1:73:
21:37:40:c7:25:92:e7:20:12:ae:34:e8:7c:a5:5f:
9d:63:b0:97:56:17:1a:88:ed:50:56:17:e6:a9:fa:
88:b3:fc:9e:f2:5e:65:71:cf:cc:53:70:53:38:7d:
62:25:8e:e9:cb:eb:7c:80:60:b0:c0:85:e4:b9:00:
46:0e:8d:b2:f8:2b:d2:0f:43:4f:a1:15:d0:ca:04:
bc:6c:ae:fc:45:dd:4a:b3:dc:7d:cf:b3:87:03:6c:
e8:71:3d:01:d6:bf:ae:df:fe:b9:27:6f:e6:a5:c4:
12:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:B3:72:48:D7:6B:D0:06:8A:D2:16:EE:FE:60:AC:8A:F4:BD:A1:12
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1E9C98A2FF0A11EF98776D12C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.112.144.0/21
45.112.184.0/22
103.26.232.0/22
103.51.232.0/21
103.52.36.0/22
150.242.205.0-150.242.207.255
182.48.192.0/18
202.122.16.0/21
202.131.128.0/19
202.140.33.0-202.140.39.255
202.140.41.0-202.140.45.255
202.140.47.0-202.140.63.255
Signature Algorithm: sha256WithRSAEncryption
51:06:0d:ca:f6:bc:ca:7d:79:13:1e:0c:b8:03:4f:5d:fa:72:
92:0e:9b:af:32:ed:b4:fd:6c:24:10:8c:c1:2b:a8:6e:aa:97:
d0:ee:36:af:3e:1a:72:81:0d:c1:cc:06:3f:46:07:fa:4f:66:
e6:5a:b0:50:6e:64:80:a6:5c:cf:a7:91:bb:d8:e8:3e:a9:4b:
a7:fc:70:7e:ba:0b:56:29:40:9d:f0:b0:ac:59:dd:aa:fc:39:
e0:45:b6:34:a0:d8:00:9f:27:dd:fc:c4:34:8d:dd:07:ff:e0:
d3:7a:33:f1:d4:22:31:08:a8:d7:92:7c:64:36:54:84:f5:f5:
e9:6f:c0:c6:6f:7b:d6:13:9b:09:ad:1e:81:e3:6c:14:bb:57:
2b:d6:ef:3e:d1:76:11:4d:63:80:91:3c:3e:89:35:4a:39:ef:
82:ca:29:b1:6f:f4:15:0f:03:0c:d9:3d:ab:53:25:a1:51:a7:
8b:56:c8:73:9a:95:28:b2:04:82:75:c4:7f:77:ac:8a:eb:b3:
3c:56:ba:95:19:1e:09:fd:db:24:fc:96:8a:d3:f0:28:f6:d8:
7d:1d:ed:72:36:e3:82:9f:0b:64:10:76:a0:81:a9:61:af:47:
af:93:0c:ee:22:b1:c0:5e:d6:83:03:f4:45:1b:b4:5f:ab:6c:
1b:bc:80:98
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgIDAK1RMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDQwMTEyMTM0M1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdlYmQ4NzctY2QzMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlc8c+zlC07xlJWyhJS+70sGN5kSIHmZkLoUmJ76HkMAsLSCVcpBX4xzZx1
Jx7SeTBoUZCdNFOM7nEJoJC2Md8A9nuJ+hdCACo8LJBu+O5SksmFMDL9NdjrjhG2
93ybR7RhT5/ehBTJZHQjTBeARaKcEcXqR8Z+CCbXM5Vxc7NBwrNFVtfG7BFqqLaQ
ct8sEZz1TuFzITdAxyWS5yASrjTofKVfnWOwl1YXGojtUFYX5qn6iLP8nvJeZXHP
zFNwUzh9YiWO6cvrfIBgsMCF5LkARg6Nsvgr0g9DT6EV0MoEvGyu/EXdSrPcfc+z
hwNs6HE9Ada/rt/+uSdv5qXEEgECAwEAAaOCAvgwggL0MB0GA1UdDgQWBBSBs3JI
12vQBorSFu7+YKyK9L2hEjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzFFOUM5OEEy
RkYwQTExRUY5ODc3NkQxMkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGBBggrBgEFBQcBBwEB
/wRyMHAwbgQCAAEwaAMEAy1wkAMEAi1wuAMEAmca6AMEA2cz6AMEAmc0JDAMAwQA
lvLNAwQElvLAAwQGtjDAAwQDynoQAwQFyoOAMAwDBADKjCEDBAPKjCAwDAMEAMqM
KQMEAcqMLDAMAwQAyowvAwQGyowAMA0GCSqGSIb3DQEBCwUAA4IBAQBRBg3K9rzK
fXkTHgy4A09d+nKSDpuvMu20/WwkEIzBK6huqpfQ7javPhpygQ3BzAY/Rgf6T2bm
WrBQbmSAplzPp5G72Og+qUun/HB+ugtWKUCd8LCsWd2q/DngRbY0oNgAnyfd/MQ0
jd0H/+DTejPx1CIxCKjXknxkNlSE9fXpb8DGb3vWE5sJrR6B42wUu1cr1u8+0XYR
TWOAkTw+iTVKOe+Cyimxb/QVDwMM2T2rUyWhUaeLVshzmpUosgSCdcR/d6yK67M8
VrqVGR4J/dsk/JaK0/Ao9th9He1yNuOCnwtkEHaggalhr0evkwzuIrHAXtaDA/RF
G7Rfq2wbvICY
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:17:54 2025 by rpki-client