Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/FEE4F664FC3511EC95130A10C4F9AE02.roa
File: FEE4F664FC3511EC95130A10C4F9AE02.roa (raw, json)
Hash identifier: p8BoBMngvDOMMMmKGlrHvwwqz86bCtS7e3nAk+zie6w=
Subject key identifier: 27:DF:FE:9F:DE:B1:9D:6B:4B:D0:BF:F4:4C:EA:D0:CB:AA:4A:46:14
Certificate issuer: /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
Certificate serial: 29CF
Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/FEE4F664FC3511EC95130A10C4F9AE02.roa
Signing time: Thu 27 Feb 2025 10:50:43 +0000
ROA not before: Thu 27 Feb 2025 10:50:43 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 45430
IP address blocks: 49.0.64.0/18 maxlen: 18
49.229.0.0/16 maxlen: 16
49.229.0.0/20 maxlen: 20
49.229.8.0/24 maxlen: 24
49.229.31.0/24 maxlen: 24
49.229.33.0/24 maxlen: 24
49.229.68.0/24 maxlen: 24
49.229.94.0/24 maxlen: 24
49.229.95.0/24 maxlen: 24
49.229.112.0/21 maxlen: 21
49.229.128.0/17 maxlen: 17
49.229.160.0/19 maxlen: 19
49.229.192.0/19 maxlen: 19
49.229.224.0/19 maxlen: 19
49.230.0.0/16 maxlen: 16
49.230.40.0/24 maxlen: 24
49.230.41.0/24 maxlen: 24
49.230.42.0/24 maxlen: 24
49.230.43.0/24 maxlen: 24
49.231.0.0/16 maxlen: 16
49.231.32.0/21 maxlen: 21
49.231.44.0/22 maxlen: 24
49.231.48.0/20 maxlen: 24
49.231.64.0/21 maxlen: 21
49.231.70.0/24 maxlen: 24
49.231.71.0/24 maxlen: 24
49.231.80.0/20 maxlen: 20
49.231.87.0/24 maxlen: 24
49.231.96.0/19 maxlen: 24
58.64.0.0/17 maxlen: 17
58.136.0.0/16 maxlen: 16
103.3.64.0/22 maxlen: 22
103.3.64.0/24 maxlen: 24
110.49.113.0/24 maxlen: 24
115.178.56.0/22 maxlen: 22
115.178.57.0/24 maxlen: 24
115.178.59.0/24 maxlen: 24
119.31.0.0/17 maxlen: 17
182.232.0.0/16 maxlen: 16
202.80.224.0/19 maxlen: 19
2001:df2:400::/48 maxlen: 48
2001:44c8::/32 maxlen: 32
2405:9800::/32 maxlen: 32
2405:9800:8::/48 maxlen: 48
2405:9800:c::/48 maxlen: 48
2405:9800:d::/48 maxlen: 48
2405:9800:10::/48 maxlen: 48
2405:9800:12::/48 maxlen: 48
2405:9800:13::/48 maxlen: 48
2405:9800:14::/48 maxlen: 48
2405:9800:16::/48 maxlen: 48
2405:9800:20::/48 maxlen: 48
2405:9800:21::/48 maxlen: 48
2405:9800:30::/44 maxlen: 48
2405:9800:40::/48 maxlen: 48
2405:9800:41::/48 maxlen: 48
2405:9800:42::/48 maxlen: 48
2405:9800:60::/44 maxlen: 44
2405:9800:9800::/48 maxlen: 48
2405:9800:9805::/48 maxlen: 48
2405:9800:9813::/48 maxlen: 48
2405:9800:b000::/36 maxlen: 36
2405:9800:c820::/44 maxlen: 44
2405:9800:c925::/48 maxlen: 48
2405:9800:c92e::/48 maxlen: 48
2405:9800:f00f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl
rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 15:46:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10703 (0x29cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911BD54
Validity
Not Before: Feb 27 10:50:43 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67c04383-5be3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ee:3d:c3:eb:e4:c8:b0:6e:73:81:d9:db:e9:
a3:1e:97:1d:3e:5e:88:67:61:08:2a:97:63:15:71:
56:c7:f4:dd:f3:94:50:67:f0:58:d2:10:95:88:9d:
e0:60:04:df:bf:1f:a1:26:10:aa:f7:8f:44:e1:31:
51:70:1d:fd:bb:82:29:f3:0b:43:e0:32:b2:eb:4a:
fb:21:40:64:d8:df:1f:85:d7:88:16:29:eb:f8:96:
37:f8:c5:cc:f1:7f:2c:ad:8b:a2:54:cb:ec:d2:32:
99:68:66:5d:6b:9a:8d:42:fd:c1:3f:41:e9:3a:6d:
d5:03:91:6b:a4:a5:c8:f9:bd:b0:b5:52:c6:76:b7:
f3:93:19:69:7f:67:af:b3:e5:31:8a:22:4d:76:c2:
3e:1e:ae:db:ed:41:22:84:f1:d0:fd:bf:fe:c9:57:
12:c7:d0:3a:6f:f4:fe:d4:a5:de:df:c5:ad:ab:d4:
cb:52:05:1e:19:ba:c9:0f:81:ea:08:ed:26:09:73:
9c:01:ba:87:17:c0:73:8d:80:76:2d:1e:ba:03:42:
0d:0c:78:1d:15:8f:7d:79:51:f8:0c:59:37:de:a1:
0d:22:94:97:e3:31:73:b0:11:41:59:11:1e:cd:4e:
ee:06:45:3c:f7:74:be:6c:05:5a:08:85:c0:62:78:
2c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:DF:FE:9F:DE:B1:9D:6B:4B:D0:BF:F4:4C:EA:D0:CB:AA:4A:46:14
X509v3 Authority Key Identifier:
keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/FEE4F664FC3511EC95130A10C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.0.64.0/18
49.229.0.0-49.231.255.255
58.64.0.0/17
58.136.0.0/16
103.3.64.0/22
110.49.113.0/24
115.178.56.0/22
119.31.0.0/17
182.232.0.0/16
202.80.224.0/19
IPv6:
2001:df2:400::/48
2001:44c8::/32
2405:9800::/32
Signature Algorithm: sha256WithRSAEncryption
6d:96:1d:18:7f:f5:df:95:69:00:93:96:56:f2:d4:1e:19:d4:
e2:33:c5:d2:91:3d:62:66:6c:1d:bf:81:3d:de:47:f7:f2:23:
5e:ab:77:e2:7a:4f:cc:ac:14:07:20:17:e5:a1:90:d6:41:42:
e7:13:f8:9e:90:c4:a5:9d:93:7f:03:6e:47:3a:06:22:39:c5:
03:7f:f2:44:2b:fb:24:65:e7:f1:c8:eb:cd:72:d8:37:54:7d:
58:d6:33:ba:fa:61:56:a8:07:da:72:dd:b0:21:7c:08:16:4d:
88:68:78:ce:70:b4:7e:eb:5f:df:d2:14:db:31:22:ea:c6:60:
43:ee:26:9f:23:1e:7e:f5:96:29:71:d0:28:5f:20:a4:77:64:
c7:23:b3:6d:97:7e:13:b7:b8:5c:91:2b:08:db:df:0a:df:d2:
12:d0:ae:7c:02:5b:62:42:3a:d2:34:60:20:e1:f3:2f:ff:7e:
20:b9:4f:27:66:ff:56:cf:a6:ff:fa:45:12:b4:fd:e3:9a:d8:
ae:96:51:ba:a8:ad:82:34:24:69:b4:d6:f1:b5:d0:32:bc:c6:
32:e8:d7:57:97:20:6e:76:5f:3b:4d:7c:a9:8f:84:d5:fb:4e:
0e:e2:b3:b5:98:5c:86:cd:d0:4d:9f:b6:56:7d:85:7b:08:5a:
54:05:8d:67
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgICKc8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2
QUYyMDcxNUMwHhcNMjUwMjI3MTA1MDQzWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2MwNDM4My01YmUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxu49w+vkyLBuc4HZ2+mjHpcdPl6IZ2EIKpdjFXFWx/Td85RQZ/BY0hCViJ3g
YATfvx+hJhCq949E4TFRcB39u4Ip8wtD4DKy60r7IUBk2N8fhdeIFinr+JY3+MXM
8X8srYuiVMvs0jKZaGZda5qNQv3BP0HpOm3VA5FrpKXI+b2wtVLGdrfzkxlpf2ev
s+UxiiJNdsI+Hq7b7UEihPHQ/b/+yVcSx9A6b/T+1KXe38Wtq9TLUgUeGbrJD4Hq
CO0mCXOcAbqHF8BzjYB2LR66A0INDHgdFY99eVH4DFk33qENIpSX4zFzsBFBWREe
zU7uBkU893S+bAVaCIXAYngsQwIDAQABo4IC7jCCAuowHQYDVR0OBBYEFCff/p/e
sZ1rS9C/9Ezq0MuqSkYUMB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw
NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj
VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvRkVFNEY2NjRG
QzM1MTFFQzk1MTMwQTEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwweAYIKwYBBQUHAQcBAf8E
aTBnMEYEAgABMEADBAYxAEAwCgMDADHlAwMDMeADBAc6QAADAwA6iAMEAmcDQAME
AG4xcQMEAnOyOAMEB3cfAAMDALboAwQFylDgMB0EAgACMBcDBwAgAQ3yBAADBQAg
AUTIAwUAJAWYADANBgkqhkiG9w0BAQsFAAOCAQEAbZYdGH/135VpAJOWVvLUHhnU
4jPF0pE9YmZsHb+BPd5H9/IjXqt34npPzKwUByAX5aGQ1kFC5xP4npDEpZ2TfwNu
RzoGIjnFA3/yRCv7JGXn8cjrzXLYN1R9WNYzuvphVqgH2nLdsCF8CBZNiGh4znC0
futf39IU2zEi6sZgQ+4mnyMefvWWKXHQKF8gpHdkxyOzbZd+E7e4XJErCNvfCt/S
EtCufAJbYkI60jRgIOHzL/9+ILlPJ2b/Vs+m//pFErT945rYrpZRuqitgjQkabTW
8bXQMrzGMujXV5cgbnZfO018qY+E1ftODuKztZhchs3QTZ+2Vn2FewhaVAWNZw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:07:43 2025 by rpki-client