Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F6973CAC265711F08B890022C4F9AE02.roa
File: F6973CAC265711F08B890022C4F9AE02.roa (raw, json)
Hash identifier: 1oJUYNvxA2xjszfyqdS0saWeFlbpn8AqQnxTMq0Z/p8=
Subject key identifier: 72:A6:0C:77:EB:F3:D4:D7:1A:DB:06:AF:F7:66:B0:80:67:D2:AE:47
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: C07E
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F6973CAC265711F08B890022C4F9AE02.roa
Signing time: Fri 18 Jul 2025 11:25:29 +0000
ROA not before: Fri 18 Jul 2025 11:25:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 135872
IP address blocks: 45.251.68.0/22 maxlen: 24
103.59.88.0/24 maxlen: 24
103.60.219.0/24 maxlen: 24
103.135.228.0/23 maxlen: 24
103.151.156.0/23 maxlen: 24
103.165.114.0/23 maxlen: 24
103.171.246.0/23 maxlen: 24
103.175.62.0/23 maxlen: 24
103.175.139.0/24 maxlen: 24
103.175.168.0/23 maxlen: 24
103.175.184.0/23 maxlen: 24
103.177.156.0/23 maxlen: 24
103.178.210.0/23 maxlen: 24
103.179.16.0/23 maxlen: 24
103.185.246.0/24 maxlen: 24
103.186.36.0/23 maxlen: 24
103.188.162.0/23 maxlen: 24
103.205.163.0/24 maxlen: 24
103.211.20.0/22 maxlen: 24
103.211.132.0/22 maxlen: 24
103.234.93.0/24 maxlen: 24
139.5.140.0/24 maxlen: 24
139.5.141.0/24 maxlen: 24
139.5.142.0/24 maxlen: 24
139.5.143.0/24 maxlen: 24
146.196.44.0/22 maxlen: 24
160.238.92.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49278 (0xc07e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jul 18 11:25:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=687a2f29-d4a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:99:d3:44:4f:3a:f6:02:8f:53:32:09:e9:01:
94:47:f7:f7:ef:16:66:3c:94:3e:86:fe:da:3a:93:
93:cd:bb:bb:0c:37:ee:d4:0b:3f:07:5b:b2:c1:71:
eb:e9:73:56:fc:08:ca:8a:62:7f:b5:04:b7:ea:c2:
b6:6c:ec:48:df:55:28:bb:6c:a9:10:b8:26:52:7e:
fb:a2:c2:66:20:f0:df:44:a5:cf:1b:ab:af:6f:1f:
25:87:20:ce:6e:53:5a:26:cf:a3:a4:41:20:0e:5c:
aa:90:1a:ab:62:5e:87:78:19:c5:b3:31:2e:a0:c9:
67:34:5c:e1:7d:f4:99:6e:53:c4:ee:3b:91:c2:65:
4e:79:bd:d6:72:a8:35:e9:24:bd:ba:13:bd:39:59:
81:53:8a:b1:50:ed:8c:c5:bf:91:a7:45:73:2d:52:
18:6a:1e:c6:5f:8b:b6:49:8f:de:15:59:eb:2f:f8:
d4:eb:97:12:d8:8b:5e:f1:cd:46:73:50:00:36:c3:
9b:2a:a4:b9:e9:a3:5f:36:6c:87:6f:d9:e1:b9:b9:
c0:b8:95:9a:97:4e:7a:e9:c0:f3:25:13:f9:ba:3b:
c5:ec:02:62:f5:13:b1:f1:a5:c6:87:9c:b5:87:43:
79:38:ff:ed:81:29:32:47:4b:c7:9c:6d:a2:d1:7e:
78:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:A6:0C:77:EB:F3:D4:D7:1A:DB:06:AF:F7:66:B0:80:67:D2:AE:47
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F6973CAC265711F08B890022C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.251.68.0/22
103.59.88.0/24
103.60.219.0/24
103.135.228.0/23
103.151.156.0/23
103.165.114.0/23
103.171.246.0/23
103.175.62.0/23
103.175.139.0/24
103.175.168.0/23
103.175.184.0/23
103.177.156.0/23
103.178.210.0/23
103.179.16.0/23
103.185.246.0/24
103.186.36.0/23
103.188.162.0/23
103.205.163.0/24
103.211.20.0/22
103.211.132.0/22
103.234.93.0/24
139.5.140.0/22
146.196.44.0/22
160.238.92.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:e1:b3:f2:31:ee:06:f6:af:d3:f5:e5:44:1b:67:da:55:1c:
e4:2a:20:2e:f9:21:35:b4:6e:e9:3e:14:cb:a2:b0:ab:62:7a:
1e:88:74:96:9f:cd:d9:b5:5d:b2:c6:cc:2d:db:48:9e:04:eb:
f4:5f:82:84:51:f6:5f:be:58:44:71:f2:0a:5f:d2:24:32:75:
45:a4:94:9a:0d:c5:cf:c5:77:62:db:d0:70:51:90:88:1a:e1:
5f:36:08:69:28:3d:94:ee:ed:4a:2f:a8:c1:23:01:08:3e:43:
1d:03:c2:57:ef:d3:ff:31:e5:42:7e:50:3f:10:20:7d:73:71:
84:0e:c4:66:83:5c:5f:9d:0e:4b:a8:2b:c7:88:2f:7a:ed:56:
24:05:d0:0c:4f:af:30:ed:86:6c:ec:18:8c:91:3b:76:54:65:
36:e8:32:32:f5:34:8a:63:50:03:c6:8a:74:81:b0:f6:c5:a3:
10:44:26:22:8b:c7:ca:c9:be:c7:27:07:14:6f:b6:30:7a:7d:
07:77:53:9a:9d:89:d5:3f:68:91:a2:43:09:3f:b1:7d:b8:4d:
a3:97:32:e1:52:09:ff:f5:85:e7:1b:28:f6:76:4a:c9:dc:c4:
a3:f5:c5:c2:03:b9:a7:bb:61:68:90:3e:41:15:14:1c:f1:e9:
a7:06:64:50
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgIDAMB+MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDcxODExMjUyOVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjg3YTJmMjktZDRhNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANWZ00RPOvYCj1MyCekBlEf39+8WZjyUPob+2jqTk827uww37tQLPwdbssFx
6+lzVvwIyopif7UEt+rCtmzsSN9VKLtsqRC4JlJ++6LCZiDw30Slzxurr28fJYcg
zm5TWibPo6RBIA5cqpAaq2Jeh3gZxbMxLqDJZzRc4X30mW5TxO47kcJlTnm91nKo
NekkvboTvTlZgVOKsVDtjMW/kadFcy1SGGoexl+LtkmP3hVZ6y/41OuXEtiLXvHN
RnNQADbDmyqkuemjXzZsh2/Z4bm5wLiVmpdOeunA8yUT+bo7xewCYvUTsfGlxoec
tYdDeTj/7YEpMkdLx5xtotF+eDcCAwEAAaOCAyQwggMgMB0GA1UdDgQWBBRypgx3
6/PU1xrbBq/3ZrCAZ9KuRzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0Y2OTczQ0FD
MjY1NzExRjA4Qjg5MDAyMkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGtBggrBgEFBQcBBwEB
/wSBnTCBmjCBlwQCAAEwgZADBAIt+0QDBABnO1gDBABnPNsDBAFnh+QDBAFnl5wD
BAFnpXIDBAFnq/YDBAFnrz4DBABnr4sDBAFnr6gDBAFnr7gDBAFnsZwDBAFnstID
BAFnsxADBABnufYDBAFnuiQDBAFnvKIDBABnzaMDBAJn0xQDBAJn04QDBABn6l0D
BAKLBYwDBAKSxCwDBAKg7lwwDQYJKoZIhvcNAQELBQADggEBAA7hs/Ix7gb2r9P1
5UQbZ9pVHOQqIC75ITW0buk+FMuisKtieh6IdJafzdm1XbLGzC3bSJ4E6/RfgoRR
9l++WERx8gpf0iQydUWklJoNxc/Fd2Lb0HBRkIga4V82CGkoPZTu7UovqMEjAQg+
Qx0Dwlfv0/8x5UJ+UD8QIH1zcYQOxGaDXF+dDkuoK8eIL3rtViQF0AxPrzDthmzs
GIyRO3ZUZTboMjL1NIpjUAPGinSBsPbFoxBEJiKLx8rJvscnBxRvtjB6fQd3U5qd
idU/aJGiQwk/sX24TaOXMuFSCf/1hecbKPZ2SsncxKP1xcIDuae7YWiQPkEVFBzx
6acGZFA=
-----END CERTIFICATE-----
Generated at Sun Aug 10 13:47:20 2025 by rpki-client