Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919EDE5/4A2B6CCE1D9E11E29CA3098E08B02CD2/450B9058E3B511EF8A23824BC4F9AE02.roa
File: 450B9058E3B511EF8A23824BC4F9AE02.roa (raw, json)
Hash identifier: 55Td4R6IJ+5MI7rN+aoB5z9ka2ktycfIZh5c88sjY58=
Subject key identifier: BB:EB:1E:1A:A6:B9:6C:8E:E5:45:04:C5:B2:DA:42:FD:32:31:D8:E8
Certificate issuer: /CN=A919EDE5/serialNumber=23E983EB8BB7F86BA59235241A10160C8052C64E
Certificate serial: 34B2
Authority key identifier: 23:E9:83:EB:8B:B7:F8:6B:A5:92:35:24:1A:10:16:0C:80:52:C6:4E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I-mD64u3-GulkjUkGhAWDIBSxk4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919EDE5/4A2B6CCE1D9E11E29CA3098E08B02CD2/450B9058E3B511EF8A23824BC4F9AE02.roa
Signing time: Tue 17 Jun 2025 03:34:32 +0000
ROA not before: Tue 17 Jun 2025 03:34:32 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 132618
IP address blocks: 49.237.32.0/22 maxlen: 22
49.237.32.0/24 maxlen: 24
49.237.33.0/24 maxlen: 24
49.237.34.0/24 maxlen: 24
49.237.35.0/24 maxlen: 24
49.237.64.0/21 maxlen: 21
49.237.64.0/24 maxlen: 24
49.237.65.0/24 maxlen: 24
49.237.66.0/24 maxlen: 24
49.237.67.0/24 maxlen: 24
49.237.68.0/24 maxlen: 24
49.237.69.0/24 maxlen: 24
49.237.70.0/24 maxlen: 24
49.237.71.0/24 maxlen: 24
49.237.72.0/21 maxlen: 21
49.237.72.0/24 maxlen: 24
49.237.73.0/24 maxlen: 24
49.237.74.0/24 maxlen: 24
49.237.75.0/24 maxlen: 24
49.237.76.0/24 maxlen: 24
49.237.77.0/24 maxlen: 24
49.237.78.0/24 maxlen: 24
49.237.79.0/24 maxlen: 24
49.237.80.0/21 maxlen: 21
49.237.80.0/24 maxlen: 24
49.237.81.0/24 maxlen: 24
49.237.82.0/24 maxlen: 24
49.237.83.0/24 maxlen: 24
49.237.84.0/24 maxlen: 24
49.237.85.0/24 maxlen: 24
49.237.86.0/24 maxlen: 24
49.237.87.0/24 maxlen: 24
49.237.88.0/21 maxlen: 21
49.237.88.0/24 maxlen: 24
49.237.89.0/24 maxlen: 24
49.237.90.0/24 maxlen: 24
49.237.91.0/24 maxlen: 24
49.237.92.0/24 maxlen: 24
49.237.93.0/24 maxlen: 24
49.237.94.0/24 maxlen: 24
49.237.95.0/24 maxlen: 24
49.237.96.0/21 maxlen: 21
49.237.112.0/21 maxlen: 21
49.237.176.0/22 maxlen: 22
49.237.176.0/24 maxlen: 24
49.237.177.0/24 maxlen: 24
49.237.178.0/24 maxlen: 24
49.237.179.0/24 maxlen: 24
49.237.204.0/23 maxlen: 23
223.24.172.0/23 maxlen: 23
223.24.192.0/21 maxlen: 21
223.24.192.0/24 maxlen: 24
223.24.193.0/24 maxlen: 24
223.24.194.0/24 maxlen: 24
223.24.195.0/24 maxlen: 24
223.24.196.0/24 maxlen: 24
223.24.197.0/24 maxlen: 24
223.24.198.0/24 maxlen: 24
223.24.199.0/24 maxlen: 24
223.24.200.0/21 maxlen: 21
223.24.200.0/24 maxlen: 24
223.24.201.0/24 maxlen: 24
223.24.202.0/24 maxlen: 24
223.24.203.0/24 maxlen: 24
223.24.204.0/24 maxlen: 24
223.24.205.0/24 maxlen: 24
223.24.206.0/24 maxlen: 24
223.24.207.0/24 maxlen: 24
223.24.208.0/21 maxlen: 21
223.24.208.0/24 maxlen: 24
223.24.209.0/24 maxlen: 24
223.24.210.0/24 maxlen: 24
223.24.211.0/24 maxlen: 24
223.24.212.0/24 maxlen: 24
223.24.213.0/24 maxlen: 24
223.24.214.0/24 maxlen: 24
223.24.215.0/24 maxlen: 24
223.24.216.0/21 maxlen: 21
223.24.216.0/24 maxlen: 24
223.24.217.0/24 maxlen: 24
223.24.218.0/24 maxlen: 24
223.24.219.0/24 maxlen: 24
223.24.220.0/24 maxlen: 24
223.24.221.0/24 maxlen: 24
223.24.222.0/24 maxlen: 24
223.24.223.0/24 maxlen: 24
223.24.224.0/21 maxlen: 21
223.24.240.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919EDE5/4A2B6CCE1D9E11E29CA3098E08B02CD2/I-mD64u3-GulkjUkGhAWDIBSxk4.crl
rsync://rpki.apnic.net/member_repository/A919EDE5/4A2B6CCE1D9E11E29CA3098E08B02CD2/I-mD64u3-GulkjUkGhAWDIBSxk4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I-mD64u3-GulkjUkGhAWDIBSxk4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 25 Jun 2025 14:58:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13490 (0x34b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919EDE5, serialNumber=23E983EB8BB7F86BA59235241A10160C8052C64E
Validity
Not Before: Jun 17 03:34:32 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6850e248-3f31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:01:78:72:d1:b1:3e:f8:67:a0:4c:b3:50:b5:
ec:58:ef:c4:a9:29:42:52:ef:50:98:18:84:91:ef:
11:42:ec:21:59:7e:0c:76:4f:47:38:cc:c2:3a:dd:
42:fd:ed:04:32:18:f4:3e:d0:64:87:76:ca:9e:f4:
cc:50:42:44:0c:aa:86:cd:c8:b5:c5:8f:eb:6c:0e:
7b:1c:2f:3b:a8:6a:9f:97:d2:b0:fe:ea:6c:47:59:
ea:04:4a:55:a7:52:8e:55:dd:fa:0b:99:cd:76:89:
e7:32:c3:7a:a5:c6:54:31:9e:13:74:c2:25:a6:62:
85:6b:e8:89:be:4e:82:c7:bb:25:3a:34:00:31:ba:
8c:a8:33:25:52:e1:6d:92:c1:2f:09:4e:de:f3:08:
4c:ba:66:1e:a3:b1:73:0c:c8:45:70:29:d6:df:5c:
a3:f2:3e:dd:49:43:5e:96:4e:9e:7b:16:00:52:87:
26:db:48:fc:f1:41:11:1a:e9:f1:f6:e3:e0:e5:ea:
62:96:65:19:8f:21:96:1a:0e:3b:62:94:4f:0e:06:
c4:f0:c9:16:b8:b4:05:47:05:bb:16:6e:19:7b:4b:
84:2b:1a:73:c0:5f:ca:d4:00:59:48:6e:96:c1:57:
5c:86:74:45:de:ad:c3:26:7a:06:e9:f7:bb:65:8d:
28:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:EB:1E:1A:A6:B9:6C:8E:E5:45:04:C5:B2:DA:42:FD:32:31:D8:E8
X509v3 Authority Key Identifier:
keyid:23:E9:83:EB:8B:B7:F8:6B:A5:92:35:24:1A:10:16:0C:80:52:C6:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919EDE5/4A2B6CCE1D9E11E29CA3098E08B02CD2/I-mD64u3-GulkjUkGhAWDIBSxk4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I-mD64u3-GulkjUkGhAWDIBSxk4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EDE5/4A2B6CCE1D9E11E29CA3098E08B02CD2/450B9058E3B511EF8A23824BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.237.32.0/22
49.237.64.0-49.237.103.255
49.237.112.0/21
49.237.176.0/22
49.237.204.0/23
223.24.172.0/23
223.24.192.0-223.24.231.255
223.24.240.0/21
Signature Algorithm: sha256WithRSAEncryption
90:c5:6b:92:5f:3f:73:93:2b:5a:aa:9b:f8:83:bf:f2:37:8a:
d1:de:49:c8:5e:4c:03:35:d6:1e:69:f0:8d:ac:15:96:d2:47:
ff:06:44:19:d4:2a:50:14:5e:70:ed:5e:e5:e7:24:74:0b:8a:
76:4c:10:09:8a:46:12:38:05:db:b5:4e:8a:5b:ef:90:42:ed:
d2:ca:29:91:57:41:8d:f3:22:9e:b8:f8:22:3a:fa:30:b9:82:
e9:a8:50:69:c9:a8:6c:8f:d7:94:12:19:95:03:e6:02:d4:df:
76:f8:cf:2c:f6:79:d0:bc:08:e4:ef:44:79:bf:19:56:e6:96:
b7:be:b3:33:ad:1f:4e:5d:4d:ad:32:2f:6d:00:34:d9:1e:38:
99:b5:a8:43:01:2c:f2:5a:cf:bb:5e:86:eb:93:54:70:35:c6:
a7:a6:a9:18:6e:a7:09:c1:3d:cd:67:0e:29:ad:4a:ae:68:52:
0a:46:e0:10:64:a6:52:d4:b4:07:f3:d4:67:50:9b:49:e2:0d:
31:ca:66:c6:71:39:d6:ae:5d:c0:2c:ec:24:c2:ac:05:7f:ac:
ee:7c:dc:26:0b:39:88:70:2a:78:7a:b1:fb:e7:20:9d:8c:d7:
6d:6d:2c:d4:97:a7:c5:77:86:30:ee:c3:cf:d5:4b:c6:9c:d4:
a2:16:15:ec
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgICNLIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUVERTUxMTAvBgNVBAUTKDIzRTk4M0VCOEJCN0Y4NkJBNTkyMzUyNDFBMTAxNjBD
ODA1MkM2NEUwHhcNMjUwNjE3MDMzNDMyWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODUwZTI0OC0zZjMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvAF4ctGxPvhnoEyzULXsWO/EqSlCUu9QmBiEke8RQuwhWX4Mdk9HOMzCOt1C
/e0EMhj0PtBkh3bKnvTMUEJEDKqGzci1xY/rbA57HC87qGqfl9Kw/upsR1nqBEpV
p1KOVd36C5nNdonnMsN6pcZUMZ4TdMIlpmKFa+iJvk6Cx7slOjQAMbqMqDMlUuFt
ksEvCU7e8whMumYeo7FzDMhFcCnW31yj8j7dSUNelk6eexYAUocm20j88UERGunx
9uPg5epilmUZjyGWGg47YpRPDgbE8MkWuLQFRwW7Fm4Ze0uEKxpzwF/K1ABZSG6W
wVdchnRF3q3DJnoG6fe7ZY0onQIDAQABo4ICzzCCAsswHQYDVR0OBBYEFLvrHhqm
uWyO5UUExbLaQv0yMdjoMB8GA1UdIwQYMBaAFCPpg+uLt/hrpZI1JBoQFgyAUsZO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RURFNS80QTJCNkNDRTFE
OUUxMUUyOUNBMzA5OEUwOEIwMkNEMi9JLW1ENjR1My1HdWxralVrR2hBV0RJQlN4
azQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ktbUQ2NHUzLUd1bGtqVWtHaEFXRElCU3hrNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUVERTUvNEEyQjZDQ0UxRDlFMTFFMjlDQTMwOThFMDhCMDJDRDIvNDUwQjkwNThF
M0I1MTFFRjhBMjM4MjRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWQYIKwYBBQUHAQcBAf8E
SjBIMEYEAgABMEADBAIx7SAwDAMEBjHtQAMEAzHtYAMEAzHtcAMEAjHtsAMEATHt
zAMEAd8YrDAMAwQG3xjAAwQD3xjgAwQD3xjwMA0GCSqGSIb3DQEBCwUAA4IBAQCQ
xWuSXz9zkytaqpv4g7/yN4rR3knIXkwDNdYeafCNrBWW0kf/BkQZ1CpQFF5w7V7l
5yR0C4p2TBAJikYSOAXbtU6KW++QQu3SyimRV0GN8yKeuPgiOvowuYLpqFBpyahs
j9eUEhmVA+YC1N92+M8s9nnQvAjk70R5vxlW5pa3vrMzrR9OXU2tMi9tADTZHjiZ
tahDASzyWs+7Xobrk1RwNcanpqkYbqcJwT3NZw4prUquaFIKRuAQZKZS1LQH89Rn
UJtJ4g0xymbGcTnWrl3ALOwkwqwFf6zufNwmCzmIcCp4erH75yCdjNdtbSzUl6fF
d4Yw7sPP1UvGnNSiFhXs
-----END CERTIFICATE-----
Generated at Fri Jun 20 14:48:54 2025 by rpki-client