Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/5238AE021E9B11F0A7D85443C4F9AE02.roa
File: 5238AE021E9B11F0A7D85443C4F9AE02.roa (raw, json)
Hash identifier: fOovKPaRUp3IWHgQ3ATmNxfQBn2nrmAq53HobS/Izng=
Subject key identifier: 80:67:87:22:E4:8A:78:B6:CE:AE:86:22:33:92:F6:91:3C:A7:4C:8D
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 2617
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/5238AE021E9B11F0A7D85443C4F9AE02.roa
Signing time: Thu 24 Apr 2025 05:47:22 +0000
ROA not before: Thu 24 Apr 2025 05:47:22 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 138241
IP address blocks: 103.11.63.0/24 maxlen: 24
103.151.26.0/24 maxlen: 24
113.203.208.0/24 maxlen: 24
113.203.209.0/24 maxlen: 24
113.203.210.0/24 maxlen: 24
113.203.211.0/24 maxlen: 24
113.203.212.0/24 maxlen: 24
113.203.213.0/24 maxlen: 24
113.203.214.0/24 maxlen: 24
113.203.215.0/24 maxlen: 24
113.203.216.0/24 maxlen: 24
113.203.217.0/24 maxlen: 24
113.203.218.0/24 maxlen: 24
113.203.219.0/24 maxlen: 24
113.203.220.0/24 maxlen: 24
113.203.222.0/24 maxlen: 24
113.203.223.0/24 maxlen: 24
113.203.225.0/24 maxlen: 24
113.203.226.0/24 maxlen: 24
113.203.227.0/24 maxlen: 24
113.203.228.0/24 maxlen: 24
113.203.229.0/24 maxlen: 24
113.203.230.0/24 maxlen: 24
113.203.231.0/24 maxlen: 24
113.203.233.0/24 maxlen: 24
113.203.241.0/24 maxlen: 24
113.203.242.0/24 maxlen: 24
113.203.243.0/24 maxlen: 24
113.203.244.0/24 maxlen: 24
113.203.245.0/24 maxlen: 24
113.203.246.0/24 maxlen: 24
113.203.248.0/24 maxlen: 24
113.203.252.0/24 maxlen: 24
113.203.253.0/24 maxlen: 24
113.203.254.0/24 maxlen: 24
113.203.255.0/24 maxlen: 24
115.167.61.0/24 maxlen: 24
115.167.64.0/24 maxlen: 24
115.167.101.0/24 maxlen: 24
115.167.102.0/24 maxlen: 24
115.167.103.0/24 maxlen: 24
115.167.112.0/22 maxlen: 24
115.167.117.0/24 maxlen: 24
115.167.118.0/24 maxlen: 24
115.167.119.0/24 maxlen: 24
115.167.124.0/24 maxlen: 24
115.167.125.0/24 maxlen: 24
175.110.64.0/22 maxlen: 24
175.110.82.0/24 maxlen: 24
175.110.90.0/24 maxlen: 24
175.110.91.0/24 maxlen: 24
175.110.97.0/24 maxlen: 24
175.110.98.0/24 maxlen: 24
175.110.99.0/24 maxlen: 24
175.110.101.0/24 maxlen: 24
175.110.102.0/24 maxlen: 24
175.110.103.0/24 maxlen: 24
175.110.104.0/24 maxlen: 24
175.110.105.0/24 maxlen: 24
175.110.106.0/24 maxlen: 24
175.110.107.0/24 maxlen: 24
175.110.108.0/24 maxlen: 24
175.110.109.0/24 maxlen: 24
175.110.110.0/24 maxlen: 24
175.110.111.0/24 maxlen: 24
180.178.142.0/24 maxlen: 24
180.178.144.0/24 maxlen: 24
180.178.146.0/24 maxlen: 24
180.178.147.0/24 maxlen: 24
180.178.148.0/24 maxlen: 24
180.178.149.0/24 maxlen: 24
180.178.150.0/24 maxlen: 24
180.178.160.0/24 maxlen: 24
180.178.161.0/24 maxlen: 24
180.178.162.0/24 maxlen: 24
180.178.163.0/24 maxlen: 24
180.178.164.0/24 maxlen: 24
180.178.165.0/24 maxlen: 24
180.178.166.0/24 maxlen: 24
180.178.167.0/24 maxlen: 24
180.178.168.0/24 maxlen: 24
180.178.169.0/24 maxlen: 24
180.178.170.0/24 maxlen: 24
180.178.171.0/24 maxlen: 24
180.178.176.0/22 maxlen: 22
180.178.180.0/24 maxlen: 24
180.178.181.0/24 maxlen: 24
180.178.182.0/24 maxlen: 24
180.178.183.0/24 maxlen: 24
180.178.184.0/22 maxlen: 22
180.178.185.0/24 maxlen: 24
180.178.186.0/24 maxlen: 24
180.178.187.0/24 maxlen: 24
180.178.188.0/24 maxlen: 24
180.178.190.0/24 maxlen: 24
180.178.191.0/24 maxlen: 24
202.92.26.0/24 maxlen: 24
223.29.225.0/24 maxlen: 24
223.29.226.0/24 maxlen: 24
223.29.228.0/24 maxlen: 24
223.29.229.0/24 maxlen: 24
223.29.230.0/24 maxlen: 24
223.29.231.0/24 maxlen: 24
223.29.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 01 May 2025 20:33:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9751 (0x2617)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Apr 24 05:47:22 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6809d06a-5772
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:80:73:b7:88:5d:9a:8f:b9:a7:b8:7a:d3:f6:
9b:38:6a:e1:ec:fe:68:7e:5e:14:fb:5b:93:0d:b5:
24:ee:b7:c6:4e:99:89:fd:da:f4:ba:fc:0b:2f:8f:
f0:4b:df:38:e0:1f:73:93:54:56:6a:39:59:c8:d5:
58:bd:e4:3e:42:5d:0f:e0:f8:ae:49:b0:f5:7a:dd:
57:91:0b:5f:41:c9:7b:31:d0:2e:64:06:99:9a:3e:
53:e0:a7:62:b1:53:0e:0e:02:fb:5f:52:bf:10:72:
e3:45:0c:84:29:06:fa:84:e2:5a:99:7c:db:b9:5b:
3a:c7:9b:1c:50:23:52:d2:e9:c0:de:be:da:25:1b:
25:22:b6:3f:77:ac:e6:35:12:0d:02:0c:ab:1e:2b:
c7:27:3c:5a:f1:3b:d1:b4:8d:44:ef:48:e2:42:40:
0c:6b:ad:6b:e2:3e:1e:a6:54:f8:3b:6d:5c:75:6e:
d8:33:57:94:00:d6:98:9e:c1:71:1d:fb:a6:24:2d:
44:dd:59:dc:0d:ea:f5:dc:a6:d6:11:c6:86:13:b1:
b1:33:b6:5a:53:d0:9b:a0:c2:0e:d0:fd:d5:29:0a:
8e:4a:e4:c7:a0:b4:bd:ee:85:91:7a:44:0c:94:24:
45:54:b3:53:56:4a:b6:46:02:32:ce:65:f3:3e:a0:
05:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:67:87:22:E4:8A:78:B6:CE:AE:86:22:33:92:F6:91:3C:A7:4C:8D
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/5238AE021E9B11F0A7D85443C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.63.0/24
103.151.26.0/24
113.203.208.0-113.203.220.255
113.203.222.0/23
113.203.225.0-113.203.231.255
113.203.233.0/24
113.203.241.0-113.203.246.255
113.203.248.0/24
113.203.252.0/22
115.167.61.0/24
115.167.64.0/24
115.167.101.0-115.167.103.255
115.167.112.0/22
115.167.117.0-115.167.119.255
115.167.124.0/23
175.110.64.0/22
175.110.82.0/24
175.110.90.0/23
175.110.97.0-175.110.99.255
175.110.101.0-175.110.111.255
180.178.142.0/24
180.178.144.0/24
180.178.146.0-180.178.150.255
180.178.160.0-180.178.171.255
180.178.176.0-180.178.188.255
180.178.190.0/23
202.92.26.0/24
223.29.225.0-223.29.226.255
223.29.228.0/22
223.29.236.0/24
Signature Algorithm: sha256WithRSAEncryption
24:49:0a:6e:c9:94:4b:b6:b1:65:59:f1:f4:6a:78:d3:62:13:
99:96:46:56:d0:53:2b:f9:48:d7:10:10:de:91:1d:81:04:7c:
60:cb:4b:08:7e:fe:16:2f:6b:77:29:bc:cf:7f:74:1b:60:16:
ad:b2:f6:51:6f:c7:ae:4d:a9:ff:3c:a0:e1:87:a3:42:0b:3d:
ab:c8:1a:db:91:ad:c3:f1:ef:c2:ba:d1:b0:3a:77:20:4a:a3:
28:18:00:57:73:96:23:ef:8a:64:e8:35:c3:0e:ff:89:82:ac:
9d:01:44:29:f9:37:1a:70:88:3e:4a:90:f4:11:bc:94:2d:fa:
be:a6:0b:5c:64:06:c1:7d:42:4c:be:2e:c2:fd:c0:14:52:21:
c9:f0:c4:09:c3:a1:5d:ea:08:a5:55:3e:da:c3:aa:06:fe:9d:
37:0f:11:50:6b:d6:45:ea:ce:49:6b:82:7a:33:58:32:0b:22:
eb:53:68:c6:83:9f:a0:d1:50:dd:98:4e:71:d0:0b:d9:47:b2:
32:3d:b6:56:5a:45:e9:8d:0a:bf:24:4d:20:db:cb:16:8d:1d:
9d:1c:dc:77:16:a6:20:8a:97:e7:50:79:ba:0d:6b:13:90:bb:
5a:d6:86:6d:04:42:32:3c:e1:15:ca:6f:81:1e:f0:0b:03:3e:
8c:c9:ac:be
-----BEGIN CERTIFICATE-----
MIIGgTCCBWmgAwIBAgICJhcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjUwNDI0MDU0NzIyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODA5ZDA2YS01NzcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApIBzt4hdmo+5p7h60/abOGrh7P5ofl4U+1uTDbUk7rfGTpmJ/dr0uvwLL4/w
S9844B9zk1RWajlZyNVYveQ+Ql0P4PiuSbD1et1XkQtfQcl7MdAuZAaZmj5T4Kdi
sVMODgL7X1K/EHLjRQyEKQb6hOJamXzbuVs6x5scUCNS0unA3r7aJRslIrY/d6zm
NRINAgyrHivHJzxa8TvRtI1E70jiQkAMa61r4j4eplT4O21cdW7YM1eUANaYnsFx
HfumJC1E3VncDer13KbWEcaGE7GxM7ZaU9CboMIO0P3VKQqOSuTHoLS97oWRekQM
lCRFVLNTVkq2RgIyzmXzPqAFgwIDAQABo4IDpTCCA6EwHQYDVR0OBBYEFIBnhyLk
ini2zq6GIjOS9pE8p0yNMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNTIzOEFFMDIx
RTlCMTFGMEE3RDg1NDQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEtBggrBgEFBQcBBwEB
/wSCARwwggEYMIIBFAQCAAEwggEMAwQAZws/AwQAZ5caMAwDBARxy9ADBABxy9wD
BAFxy94wDAMEAHHL4QMEA3HL4AMEAHHL6TAMAwQAccvxAwQAccv2AwQAccv4AwQC
ccv8AwQAc6c9AwQAc6dAMAwDBABzp2UDBANzp2ADBAJzp3AwDAMEAHOndQMEA3On
cAMEAXOnfAMEAq9uQAMEAK9uUgMEAa9uWjAMAwQAr25hAwQCr25gMAwDBACvbmUD
BASvbmADBAC0so4DBAC0spAwDAMEAbSykgMEALSyljAMAwQFtLKgAwQCtLKoMAwD
BAS0srADBAC0srwDBAG0sr4DBADKXBowDAMEAN8d4QMEAN8d4gMEAt8d5AMEAN8d
7DANBgkqhkiG9w0BAQsFAAOCAQEAJEkKbsmUS7axZVnx9Gp402ITmZZGVtBTK/lI
1xAQ3pEdgQR8YMtLCH7+Fi9rdym8z390G2AWrbL2UW/Hrk2p/zyg4YejQgs9q8ga
25Gtw/HvwrrRsDp3IEqjKBgAV3OWI++KZOg1ww7/iYKsnQFEKfk3GnCIPkqQ9BG8
lC36vqYLXGQGwX1CTL4uwv3AFFIhyfDECcOhXeoIpVU+2sOqBv6dNw8RUGvWRerO
SWuCejNYMgsi61NoxoOfoNFQ3ZhOcdAL2UeyMj22VlpF6Y0KvyRNINvLFo0dnRzc
dxamIIqX51B5ug1rE5C7WtaGbQRCMjzhFcpvgR7wCwM+jMmsvg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:04:26 2025 by rpki-client