Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F3720EF820F811F0929F7653C4F9AE02.roa
File: F3720EF820F811F0929F7653C4F9AE02.roa (raw, json)
Hash identifier: FyJ+3Kyqt3hgA8Sc2RlO9TIWenvHIoIAOJrSqssnJbI=
Subject key identifier: 72:87:A3:35:35:4E:4C:0D:BC:5E:3A:24:07:D3:2B:1D:67:20:1A:7B
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: AF97
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F3720EF820F811F0929F7653C4F9AE02.roa
Signing time: Thu 24 Apr 2025 10:43:26 +0000
ROA not before: Thu 24 Apr 2025 10:43:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 150008
IP address blocks: 14.192.0.0/22 maxlen: 24
36.50.124.0/23 maxlen: 24
43.225.24.0/24 maxlen: 24
43.225.25.0/24 maxlen: 24
43.225.26.0/24 maxlen: 24
43.225.27.0/24 maxlen: 24
43.228.92.0/22 maxlen: 24
43.249.224.0/22 maxlen: 24
45.112.28.0/22 maxlen: 24
45.112.48.0/24 maxlen: 24
45.112.49.0/24 maxlen: 24
45.112.50.0/24 maxlen: 24
45.112.51.0/24 maxlen: 24
45.127.56.0/22 maxlen: 24
45.249.76.0/24 maxlen: 24
45.249.77.0/24 maxlen: 24
45.249.78.0/24 maxlen: 24
45.249.79.0/24 maxlen: 24
103.24.124.0/24 maxlen: 24
103.24.125.0/24 maxlen: 24
103.24.126.0/24 maxlen: 24
103.24.127.0/24 maxlen: 24
103.41.96.0/22 maxlen: 24
103.42.200.0/24 maxlen: 24
103.42.201.0/24 maxlen: 24
103.44.0.0/24 maxlen: 24
103.44.1.0/24 maxlen: 24
103.44.2.0/24 maxlen: 24
103.69.28.0/23 maxlen: 24
103.70.129.0/24 maxlen: 24
103.70.130.0/24 maxlen: 24
103.95.173.0/24 maxlen: 24
103.99.108.0/24 maxlen: 24
103.99.109.0/24 maxlen: 24
103.99.110.0/24 maxlen: 24
103.99.111.0/24 maxlen: 24
103.102.18.0/23 maxlen: 24
103.105.101.0/24 maxlen: 24
103.105.103.0/24 maxlen: 24
103.117.36.0/23 maxlen: 24
103.154.206.0/24 maxlen: 24
103.157.12.0/23 maxlen: 24
103.159.250.0/23 maxlen: 24
103.161.243.0/24 maxlen: 24
103.162.128.0/23 maxlen: 24
103.164.200.0/23 maxlen: 24
103.168.82.0/23 maxlen: 24
103.171.190.0/24 maxlen: 24
103.171.191.0/24 maxlen: 24
103.172.202.0/23 maxlen: 24
103.174.80.0/23 maxlen: 24
103.174.160.0/23 maxlen: 24
103.182.117.0/24 maxlen: 24
103.183.202.0/24 maxlen: 24
103.183.203.0/24 maxlen: 24
103.186.254.0/23 maxlen: 24
103.204.35.0/24 maxlen: 24
103.206.104.0/22 maxlen: 24
103.213.202.0/23 maxlen: 24
103.217.236.0/24 maxlen: 24
103.217.237.0/24 maxlen: 24
103.217.238.0/24 maxlen: 24
103.217.239.0/24 maxlen: 24
103.220.234.0/23 maxlen: 24
103.233.73.0/24 maxlen: 24
103.236.193.0/24 maxlen: 24
103.239.36.0/24 maxlen: 24
103.239.37.0/24 maxlen: 24
103.239.38.0/24 maxlen: 24
103.239.39.0/24 maxlen: 24
103.248.208.0/22 maxlen: 24
103.252.144.0/22 maxlen: 24
103.255.144.0/22 maxlen: 24
106.0.36.0/23 maxlen: 24
182.18.177.0/24 maxlen: 24
202.65.129.0/24 maxlen: 24
202.65.130.0/24 maxlen: 24
202.65.133.0/24 maxlen: 24
202.65.134.0/24 maxlen: 24
202.65.138.0/24 maxlen: 24
202.65.142.0/24 maxlen: 24
202.65.144.0/24 maxlen: 24
202.65.147.0/24 maxlen: 24
202.65.148.0/24 maxlen: 24
202.65.154.0/24 maxlen: 24
202.65.155.0/24 maxlen: 24
202.65.158.0/24 maxlen: 24
202.65.159.0/24 maxlen: 24
2001:df7:bd80::/48 maxlen: 48
2001:df7:cb80::/48 maxlen: 48
2400:3b01::/32 maxlen: 32
2400:3b01::/48 maxlen: 48
2400:3b01:b::/48 maxlen: 48
2400:3b01:c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 03 May 2025 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44951 (0xaf97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Apr 24 10:43:26 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=680a15cd-5b0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:24:2c:0a:23:d3:4e:63:36:43:af:63:7b:51:
ae:5b:04:80:59:ef:7b:d8:dc:69:4f:75:ec:6d:02:
fd:27:99:81:85:82:58:af:11:23:e5:61:76:23:bf:
99:19:2a:42:0b:50:e8:f0:f9:9c:cf:0a:46:b6:7e:
8a:b8:c7:6b:83:42:29:3d:75:18:a6:df:8f:78:ef:
79:cb:a0:af:bf:5d:eb:ff:86:25:a4:b2:4c:63:9a:
4b:93:0b:98:da:67:54:0a:47:b9:b6:27:a3:05:0e:
fc:1b:33:95:80:9f:6b:06:13:20:8f:5d:45:91:fb:
25:02:82:ac:7b:b1:75:5a:79:bd:f6:ac:a8:3f:9d:
4f:9e:d2:83:87:5c:3a:6d:bd:15:6b:d5:12:43:8d:
0c:9d:d1:63:c0:c2:aa:86:32:6c:bc:df:8c:94:fc:
4a:75:b7:72:70:fe:91:8b:19:70:8d:85:86:98:dc:
7c:84:8c:a4:0d:ef:e1:9c:90:89:2f:90:c3:c0:a3:
8a:ac:0c:30:51:27:b1:75:5f:df:43:ab:2a:4e:15:
87:15:ed:c9:6e:b6:6c:89:6a:3c:45:a4:8d:6a:b7:
65:84:ce:65:3a:00:be:09:a8:61:8c:bc:c1:1a:d2:
05:5d:e1:b7:e4:da:39:b4:34:58:d1:69:5b:f0:3a:
fb:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:87:A3:35:35:4E:4C:0D:BC:5E:3A:24:07:D3:2B:1D:67:20:1A:7B
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F3720EF820F811F0929F7653C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.0.0/22
36.50.124.0/23
43.225.24.0/22
43.228.92.0/22
43.249.224.0/22
45.112.28.0/22
45.112.48.0/22
45.127.56.0/22
45.249.76.0/22
103.24.124.0/22
103.41.96.0/22
103.42.200.0/23
103.44.0.0-103.44.2.255
103.69.28.0/23
103.70.129.0-103.70.130.255
103.95.173.0/24
103.99.108.0/22
103.102.18.0/23
103.105.101.0/24
103.105.103.0/24
103.117.36.0/23
103.154.206.0/24
103.157.12.0/23
103.159.250.0/23
103.161.243.0/24
103.162.128.0/23
103.164.200.0/23
103.168.82.0/23
103.171.190.0/23
103.172.202.0/23
103.174.80.0/23
103.174.160.0/23
103.182.117.0/24
103.183.202.0/23
103.186.254.0/23
103.204.35.0/24
103.206.104.0/22
103.213.202.0/23
103.217.236.0/22
103.220.234.0/23
103.233.73.0/24
103.236.193.0/24
103.239.36.0/22
103.248.208.0/22
103.252.144.0/22
103.255.144.0/22
106.0.36.0/23
182.18.177.0/24
202.65.129.0-202.65.130.255
202.65.133.0-202.65.134.255
202.65.138.0/24
202.65.142.0/24
202.65.144.0/24
202.65.147.0-202.65.148.255
202.65.154.0/23
202.65.158.0/23
IPv6:
2001:df7:bd80::/48
2001:df7:cb80::/48
2400:3b01::/32
Signature Algorithm: sha256WithRSAEncryption
48:90:f0:7d:e5:5a:8f:ee:82:1d:1e:29:ad:cb:6b:49:7b:99:
84:a7:17:38:a9:25:0f:7d:05:20:c1:58:62:e7:b7:55:79:77:
ba:44:86:1a:4c:60:7c:56:78:3c:11:f7:3c:7e:de:e5:48:a2:
59:d3:9c:ae:1f:f2:ab:1b:f2:56:20:d5:2b:37:f0:ae:c2:a3:
22:e8:ee:ce:78:fd:4d:15:61:14:94:df:4a:14:7a:81:37:b5:
86:38:af:e3:0d:53:21:f0:b5:a7:ae:88:a5:7c:fc:b2:cc:fd:
61:1f:33:69:28:9b:f9:f6:f8:7a:d0:2d:d9:50:c3:a6:d1:a2:
3f:d5:53:d2:4c:28:24:15:2d:1a:b0:c6:54:d7:05:e9:88:72:
41:d6:6c:78:3d:9f:9f:20:5f:9c:60:fd:7c:24:6c:0c:c5:23:
f9:a8:6d:76:93:be:1c:c1:09:70:89:f0:c0:05:00:cc:4a:57:
1c:a5:b0:f3:29:7b:b6:db:26:2e:f4:af:3c:af:d8:3b:44:c9:
1f:60:0b:2a:71:b1:eb:c2:7c:4d:c0:0a:89:91:c4:da:38:b2:
b2:18:b0:4d:52:0a:35:e9:0f:ff:53:e0:7e:ca:b3:bb:bd:74:
c6:d7:e2:08:e6:9a:44:26:db:86:14:d4:56:26:5a:c5:ba:72:
eb:a5:a9:bf
-----BEGIN CERTIFICATE-----
MIIHDjCCBfagAwIBAgIDAK+XMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDQyNDEwNDMyNloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgwYTE1Y2QtNWIwYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANskLAoj005jNkOvY3tRrlsEgFnve9jcaU917G0C/SeZgYWCWK8RI+VhdiO/
mRkqQgtQ6PD5nM8KRrZ+irjHa4NCKT11GKbfj3jvecugr79d6/+GJaSyTGOaS5ML
mNpnVApHubYnowUO/BszlYCfawYTII9dRZH7JQKCrHuxdVp5vfasqD+dT57Sg4dc
Om29FWvVEkONDJ3RY8DCqoYybLzfjJT8SnW3cnD+kYsZcI2FhpjcfISMpA3v4ZyQ
iS+Qw8CjiqwMMFEnsXVf30OrKk4VhxXtyW62bIlqPEWkjWq3ZYTOZToAvgmoYYy8
wRrSBV3ht+TaObQ0WNFpW/A6+wUCAwEAAaOCBDEwggQtMB0GA1UdDgQWBBRyh6M1
NU5MDbxeOiQH0ysdZyAaezAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0YzNzIwRUY4
MjBGODExRjA5MjlGNzY1M0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBuQYIKwYBBQUHAQcB
Af8EggGoMIIBpDCCAX8EAgABMIIBdwMEAg7AAAMEASQyfAMEAivhGAMEAivkXAME
Aiv54AMEAi1wHAMEAi1wMAMEAi1/OAMEAi35TAMEAmcYfAMEAmcpYAMEAWcqyDAL
AwMCZywDBABnLAIDBAFnRRwwDAMEAGdGgQMEAGdGggMEAGdfrQMEAmdjbAMEAWdm
EgMEAGdpZQMEAGdpZwMEAWd1JAMEAGeazgMEAWedDAMEAWef+gMEAGeh8wMEAWei
gAMEAWekyAMEAWeoUgMEAWervgMEAWesygMEAWeuUAMEAWeuoAMEAGe2dQMEAWe3
ygMEAWe6/gMEAGfMIwMEAmfOaAMEAWfVygMEAmfZ7AMEAWfc6gMEAGfpSQMEAGfs
wQMEAmfvJAMEAmf40AMEAmf8kAMEAmf/kAMEAWoAJAMEALYSsTAMAwQAykGBAwQA
ykGCMAwDBADKQYUDBADKQYYDBADKQYoDBADKQY4DBADKQZAwDAMEAMpBkwMEAMpB
lAMEAcpBmgMEAcpBnjAfBAIAAjAZAwcAIAEN972AAwcAIAEN98uAAwUAJAA7ATAN
BgkqhkiG9w0BAQsFAAOCAQEASJDwfeVaj+6CHR4prctrSXuZhKcXOKklD30FIMFY
Yue3VXl3ukSGGkxgfFZ4PBH3PH7e5UiiWdOcrh/yqxvyViDVKzfwrsKjIujuznj9
TRVhFJTfShR6gTe1hjiv4w1TIfC1p66IpXz8ssz9YR8zaSib+fb4etAt2VDDptGi
P9VT0kwoJBUtGrDGVNcF6YhyQdZseD2fnyBfnGD9fCRsDMUj+ahtdpO+HMEJcInw
wAUAzEpXHKWw8yl7ttsmLvSvPK/YO0TJH2ALKnGx68J8TcAKiZHE2jiyshiwTVIK
NekP/1Pgfsqzu710xtfiCOaaRCbbhhTUViZaxbpy66Wpvw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:57:41 2025 by rpki-client