Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/43334614E45411EFB1C33D72C4F9AE02.roa
File: 43334614E45411EFB1C33D72C4F9AE02.roa (raw, json)
Hash identifier: wyuonw72HKOlYcMlI8/6lALfWEzVmcgm50WT8PwqraY=
Subject key identifier: B2:DF:25:0B:3D:52:83:49:EA:D8:81:A2:D8:7E:A9:3A:4A:13:EE:D7
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: AF83
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/43334614E45411EFB1C33D72C4F9AE02.roa
Signing time: Thu 24 Apr 2025 07:09:23 +0000
ROA not before: Thu 24 Apr 2025 07:09:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133647
IP address blocks: 43.229.162.0/24 maxlen: 24
43.230.156.0/22 maxlen: 24
45.115.252.0/22 maxlen: 24
45.116.68.0/22 maxlen: 24
103.38.70.0/24 maxlen: 24
103.43.4.0/22 maxlen: 24
103.49.56.0/22 maxlen: 24
103.50.4.0/22 maxlen: 24
103.55.6.0/23 maxlen: 24
103.61.102.0/23 maxlen: 24
103.69.216.0/22 maxlen: 24
103.70.144.0/22 maxlen: 24
103.70.176.0/23 maxlen: 24
103.79.112.0/22 maxlen: 24
103.87.48.0/24 maxlen: 24
103.87.49.0/24 maxlen: 24
103.91.68.0/22 maxlen: 24
103.93.176.0/22 maxlen: 24
103.109.72.0/23 maxlen: 24
103.122.84.0/24 maxlen: 24
103.122.85.0/24 maxlen: 24
103.129.194.0/24 maxlen: 24
103.129.195.0/24 maxlen: 24
103.144.37.0/24 maxlen: 24
103.156.168.0/23 maxlen: 24
103.157.160.0/23 maxlen: 24
103.159.154.0/23 maxlen: 24
103.161.230.0/23 maxlen: 24
103.161.232.0/24 maxlen: 24
103.161.233.0/24 maxlen: 24
103.174.105.0/24 maxlen: 24
103.175.76.0/24 maxlen: 24
103.175.77.0/24 maxlen: 24
103.176.71.0/24 maxlen: 24
103.214.97.0/24 maxlen: 24
103.220.28.0/24 maxlen: 24
103.220.29.0/24 maxlen: 24
103.220.30.0/24 maxlen: 24
103.220.31.0/24 maxlen: 24
103.237.172.0/24 maxlen: 24
103.237.173.0/24 maxlen: 24
103.237.174.0/24 maxlen: 24
103.237.175.0/24 maxlen: 24
175.111.180.0/24 maxlen: 24
175.111.182.0/24 maxlen: 24
175.111.183.0/24 maxlen: 24
2001:df0:dc80::/48 maxlen: 48
2001:df1:b280::/48 maxlen: 48
2001:df1:f440::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 03 May 2025 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44931 (0xaf83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Apr 24 07:09:23 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6809e3a3-fa34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:91:03:b7:3d:c3:02:82:66:42:cb:3c:08:f2:
db:1b:b2:a9:79:78:22:2d:69:a2:41:f6:87:a0:56:
53:f6:0b:84:5b:80:34:47:82:a0:49:66:97:0f:c2:
9d:0b:9f:32:82:8e:55:66:6c:22:78:e1:00:4d:c4:
f4:fe:38:fa:21:25:b1:cc:c4:c7:86:11:c9:34:46:
6c:ae:a6:9c:0f:6e:7d:0c:69:39:38:3a:e4:b1:3e:
e0:d3:61:94:d4:c8:b1:99:eb:db:db:97:2b:b5:49:
1d:29:95:bd:c3:09:ce:e2:f6:ac:14:52:50:ee:64:
60:e7:1f:c0:de:4b:1d:f6:da:70:dd:2d:5f:83:a6:
d9:05:0a:c6:2d:e3:32:0f:30:d2:bd:2f:2a:ba:ec:
9b:cb:75:84:44:5f:f8:92:33:3e:b5:62:d7:08:f1:
68:14:55:ff:5e:b0:7f:a5:53:d4:f2:8d:df:64:88:
c0:7a:6d:af:48:55:86:d9:5a:e0:c4:52:53:87:c3:
4c:b6:f1:46:3f:6c:ab:26:45:35:fd:ee:89:45:26:
d0:49:dd:c6:31:71:3c:aa:e7:dc:b9:af:c8:28:6b:
28:40:25:86:25:b6:ef:d5:44:9d:84:44:c3:ef:08:
aa:7a:c5:3a:6a:75:f9:ff:07:e3:72:61:d5:12:dc:
ca:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:DF:25:0B:3D:52:83:49:EA:D8:81:A2:D8:7E:A9:3A:4A:13:EE:D7
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/43334614E45411EFB1C33D72C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.162.0/24
43.230.156.0/22
45.115.252.0/22
45.116.68.0/22
103.38.70.0/24
103.43.4.0/22
103.49.56.0/22
103.50.4.0/22
103.55.6.0/23
103.61.102.0/23
103.69.216.0/22
103.70.144.0/22
103.70.176.0/23
103.79.112.0/22
103.87.48.0/23
103.91.68.0/22
103.93.176.0/22
103.109.72.0/23
103.122.84.0/23
103.129.194.0/23
103.144.37.0/24
103.156.168.0/23
103.157.160.0/23
103.159.154.0/23
103.161.230.0-103.161.233.255
103.174.105.0/24
103.175.76.0/23
103.176.71.0/24
103.214.97.0/24
103.220.28.0/22
103.237.172.0/22
175.111.180.0/24
175.111.182.0/23
IPv6:
2001:df0:dc80::/48
2001:df1:b280::/48
2001:df1:f440::/48
Signature Algorithm: sha256WithRSAEncryption
43:7d:e9:36:6e:af:62:24:80:e5:10:2f:b1:d3:58:7a:47:32:
7e:19:dc:51:af:bd:e2:a5:46:ba:1a:fb:29:8a:45:af:75:57:
1d:ea:18:f8:88:15:5b:14:08:28:35:77:82:cc:fe:0a:1f:a8:
f1:95:6f:d9:c5:e7:91:b8:73:ae:36:3c:e0:87:93:5c:22:c4:
ee:0d:dc:9e:53:b0:20:a9:3e:ee:f8:98:67:73:8f:48:ce:f3:
8d:62:a9:21:11:bd:c5:b3:39:8a:85:76:ac:a3:05:1a:27:a0:
b6:79:ee:cc:b0:fb:0b:20:05:2e:e7:6e:65:82:05:e8:fd:05:
80:d5:ee:eb:86:51:d6:e6:a8:e4:c1:dd:a5:98:aa:7f:af:54:
81:66:a0:3a:72:33:52:73:ed:4b:29:54:91:72:b0:3e:ac:55:
8b:56:8e:28:ab:f4:bc:fa:31:6d:1c:5d:1d:a4:d2:eb:6f:80:
40:7f:30:03:97:42:92:68:05:d0:7f:5e:6c:96:b9:55:f8:8b:
6a:7d:9e:b3:dc:f7:d8:c0:87:e4:0d:01:82:24:e1:fe:d9:13:
4a:e5:aa:85:a4:6e:e4:54:ae:91:6c:5f:31:87:d4:ce:bf:11:
25:08:69:76:7c:dd:29:f2:d4:a0:53:01:8c:26:92:52:46:1e:
f2:f2:91:41
-----BEGIN CERTIFICATE-----
MIIGYzCCBUugAwIBAgIDAK+DMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDQyNDA3MDkyM1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgwOWUzYTMtZmEzNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMKRA7c9wwKCZkLLPAjy2xuyqXl4Ii1pokH2h6BWU/YLhFuANEeCoElmlw/C
nQufMoKOVWZsInjhAE3E9P44+iElsczEx4YRyTRGbK6mnA9ufQxpOTg65LE+4NNh
lNTIsZnr29uXK7VJHSmVvcMJzuL2rBRSUO5kYOcfwN5LHfbacN0tX4Om2QUKxi3j
Mg8w0r0vKrrsm8t1hERf+JIzPrVi1wjxaBRV/16wf6VT1PKN32SIwHptr0hVhtla
4MRSU4fDTLbxRj9sqyZFNf3uiUUm0EndxjFxPKrn3LmvyChrKEAlhiW279VEnYRE
w+8IqnrFOmp1+f8H43Jh1RLcyrkCAwEAAaOCA4YwggOCMB0GA1UdDgQWBBSy3yUL
PVKDSerYgaLYfqk6ShPu1zAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzQzMzM0NjE0
RTQ1NDExRUZCMUMzM0Q3MkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBDgYIKwYBBQUHAQcB
Af8Egf4wgfswgdUEAgABMIHOAwQAK+WiAwQCK+acAwQCLXP8AwQCLXREAwQAZyZG
AwQCZysEAwQCZzE4AwQCZzIEAwQBZzcGAwQBZz1mAwQCZ0XYAwQCZ0aQAwQBZ0aw
AwQCZ09wAwQBZ1cwAwQCZ1tEAwQCZ12wAwQBZ21IAwQBZ3pUAwQBZ4HCAwQAZ5Al
AwQBZ5yoAwQBZ52gAwQBZ5+aMAwDBAFnoeYDBAFnoegDBABnrmkDBAFnr0wDBABn
sEcDBABn1mEDBAJn3BwDBAJn7awDBACvb7QDBAGvb7YwIQQCAAIwGwMHACABDfDc
gAMHACABDfGygAMHACABDfH0QDANBgkqhkiG9w0BAQsFAAOCAQEAQ33pNm6vYiSA
5RAvsdNYekcyfhncUa+94qVGuhr7KYpFr3VXHeoY+IgVWxQIKDV3gsz+Ch+o8ZVv
2cXnkbhzrjY84IeTXCLE7g3cnlOwIKk+7viYZ3OPSM7zjWKpIRG9xbM5ioV2rKMF
GiegtnnuzLD7CyAFLuduZYIF6P0FgNXu64ZR1uao5MHdpZiqf69UgWagOnIzUnPt
SylUkXKwPqxVi1aOKKv0vPoxbRxdHaTS62+AQH8wA5dCkmgF0H9ebJa5VfiLan2e
s9z32MCH5A0BgiTh/tkTSuWqhaRu5FSukWxfMYfUzr8RJQhpdnzdKfLUoFMBjCaS
UkYe8vKRQQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:38:46 2025 by rpki-client