Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6E44FA5E138011F0BD043B1DC4F9AE02.roa
File: 6E44FA5E138011F0BD043B1DC4F9AE02.roa (raw, json)
Hash identifier: 2opFybGgumc0TzKvwFG9fnO8oqZAq0zGYzrylWN0Rlc=
Subject key identifier: 10:15:C9:40:44:4C:BE:F7:0A:88:6A:2B:2F:13:1C:69:6F:47:F5:7E
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: ADC2
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6E44FA5E138011F0BD043B1DC4F9AE02.roa
Signing time: Mon 07 Apr 2025 07:17:57 +0000
ROA not before: Mon 07 Apr 2025 07:17:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 141514
IP address blocks: 103.160.126.0/23 maxlen: 24
103.170.214.0/23 maxlen: 24
103.173.240.0/23 maxlen: 24
103.175.134.0/23 maxlen: 24
103.175.190.0/23 maxlen: 24
103.177.82.0/23 maxlen: 24
103.177.112.0/23 maxlen: 24
103.177.204.0/23 maxlen: 24
103.178.122.0/23 maxlen: 24
103.178.126.0/23 maxlen: 24
103.181.112.0/23 maxlen: 24
103.183.228.0/23 maxlen: 24
103.184.104.0/23 maxlen: 24
103.185.234.0/23 maxlen: 24
103.186.54.0/23 maxlen: 24
103.187.228.0/23 maxlen: 24
2400:7f60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 03 May 2025 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44482 (0xadc2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Apr 7 07:17:57 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67f37c25-48fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b5:20:d1:24:4c:ae:51:86:b4:13:8d:49:cb:
4c:f0:74:b9:26:6e:01:4a:ff:13:44:e7:f8:6d:ff:
ac:07:c5:60:38:16:38:6b:c3:be:b8:16:97:c6:c9:
ad:93:03:07:8d:f4:3b:df:d6:46:91:1c:4e:cb:16:
18:25:f5:b2:e2:fa:b6:34:32:35:73:30:d8:fb:fd:
d1:a0:bb:f7:24:82:96:1d:91:02:f5:49:78:c4:a0:
11:e9:bb:32:12:ce:3e:5d:fc:e4:41:29:5c:c9:60:
93:4f:e9:44:bf:0d:72:5d:cd:fd:2d:56:64:91:bb:
7e:0f:01:73:13:39:fa:81:6a:45:1b:eb:4c:68:6d:
c6:68:04:b1:a8:a4:ad:71:1a:c6:6a:06:9d:2c:cd:
3b:db:74:69:44:c9:42:20:ed:9a:a2:90:c5:4b:e3:
2c:e0:86:8f:38:fa:7d:36:cf:8e:ce:ed:44:8f:dd:
02:2d:6f:14:d4:af:70:e2:bd:42:24:25:de:61:f1:
00:0e:e9:5a:4a:92:e7:78:46:d8:27:16:ab:ca:d6:
3d:bd:5f:63:b0:37:3e:b2:51:09:ea:d3:e3:d4:db:
b6:6a:64:87:39:fe:66:05:a5:97:d9:13:16:45:03:
b2:0e:e7:c7:2b:2c:e9:56:da:9b:d1:82:bc:fb:65:
2e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:15:C9:40:44:4C:BE:F7:0A:88:6A:2B:2F:13:1C:69:6F:47:F5:7E
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6E44FA5E138011F0BD043B1DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.160.126.0/23
103.170.214.0/23
103.173.240.0/23
103.175.134.0/23
103.175.190.0/23
103.177.82.0/23
103.177.112.0/23
103.177.204.0/23
103.178.122.0/23
103.178.126.0/23
103.181.112.0/23
103.183.228.0/23
103.184.104.0/23
103.185.234.0/23
103.186.54.0/23
103.187.228.0/23
IPv6:
2400:7f60::/32
Signature Algorithm: sha256WithRSAEncryption
23:5e:c6:4b:66:d0:cc:fa:53:03:d6:f5:78:9b:25:92:7e:78:
a4:01:57:b1:5b:16:d0:21:66:a2:bc:7b:b2:e6:44:5c:96:ae:
d5:f3:2e:3c:b3:10:9b:e4:0d:fc:0c:4c:21:10:33:ae:91:b0:
7a:5b:3a:9f:c4:cc:ba:ff:04:1c:e2:b6:a9:41:bc:0c:bd:bd:
93:92:f7:77:eb:90:79:7d:ce:39:21:5d:2f:fa:13:d4:7a:c6:
db:4b:fe:d5:bf:ae:0c:24:7e:63:9d:40:bf:e3:64:e7:85:2b:
e8:e8:19:59:2a:3e:c9:9a:9c:c4:5d:54:d8:c0:e4:02:fd:e7:
51:c3:d8:90:52:d8:9a:99:eb:c7:2e:f0:fb:f1:af:62:d6:aa:
43:9d:8e:ea:e4:a3:86:24:0a:af:e1:bd:d2:fc:fe:46:a8:d5:
b4:95:8b:5b:2b:a2:bd:66:2f:4f:cf:81:ab:a5:7b:6c:14:fb:
0b:aa:b0:32:4c:9f:d5:54:87:75:d7:a0:0d:b1:40:71:97:b8:
2e:de:18:67:2d:6f:ce:5b:dc:ab:c0:0a:02:86:0d:75:ae:3f:
d0:34:56:6c:12:b7:e5:9d:91:d9:cb:92:d1:56:bd:0e:ec:3c:
ba:fa:0b:e5:ad:97:60:f2:53:09:21:c6:db:73:ea:8e:1b:bf:
eb:9c:7e:96
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgIDAK3CMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDQwNzA3MTc1N1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdmMzdjMjUtNDhmZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALm1INEkTK5RhrQTjUnLTPB0uSZuAUr/E0Tn+G3/rAfFYDgWOGvDvrgWl8bJ
rZMDB430O9/WRpEcTssWGCX1suL6tjQyNXMw2Pv90aC79ySClh2RAvVJeMSgEem7
MhLOPl385EEpXMlgk0/pRL8Ncl3N/S1WZJG7fg8BcxM5+oFqRRvrTGhtxmgEsaik
rXEaxmoGnSzNO9t0aUTJQiDtmqKQxUvjLOCGjzj6fTbPjs7tRI/dAi1vFNSvcOK9
QiQl3mHxAA7pWkqS53hG2CcWq8rWPb1fY7A3PrJRCerT49Tbtmpkhzn+ZgWll9kT
FkUDsg7nxyss6Vbam9GCvPtlLkUCAwEAAaOCAv8wggL7MB0GA1UdDgQWBBQQFclA
REy+9wqIaisvExxpb0f1fjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzZFNDRGQTVF
MTM4MDExRjBCRDA0M0IxREM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGIBggrBgEFBQcBBwEB
/wR5MHcwZgQCAAEwYAMEAWegfgMEAWeq1gMEAWet8AMEAWevhgMEAWevvgMEAWex
UgMEAWexcAMEAWexzAMEAWeyegMEAWeyfgMEAWe1cAMEAWe35AMEAWe4aAMEAWe5
6gMEAWe6NgMEAWe75DANBAIAAjAHAwUAJAB/YDANBgkqhkiG9w0BAQsFAAOCAQEA
I17GS2bQzPpTA9b1eJslkn54pAFXsVsW0CFmorx7suZEXJau1fMuPLMQm+QN/AxM
IRAzrpGwels6n8TMuv8EHOK2qUG8DL29k5L3d+uQeX3OOSFdL/oT1HrG20v+1b+u
DCR+Y51Av+Nk54Ur6OgZWSo+yZqcxF1U2MDkAv3nUcPYkFLYmpnrxy7w+/GvYtaq
Q52O6uSjhiQKr+G90vz+RqjVtJWLWyuivWYvT8+Bq6V7bBT7C6qwMkyf1VSHddeg
DbFAcZe4Lt4YZy1vzlvcq8AKAoYNda4/0DRWbBK35Z2R2cuS0Va9Duw8uvoL5a2X
YPJTCSHG23Pqjhu/65x+lg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:25:47 2025 by rpki-client