Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/CBCB218CD86F11E9A6AF7518C4F9AE02.roa
File: CBCB218CD86F11E9A6AF7518C4F9AE02.roa (raw, json)
Hash identifier: xZQ7AvFQpyHIc5iZzn8qdDOf2F8HwInGPZPfyXC47O8=
Subject key identifier: EB:41:14:0C:2D:4C:60:7A:40:93:9B:8B:9B:CA:98:CA:80:55:40:5A
Certificate issuer: /CN=A914781A/serialNumber=4D723955243AE88D552439AF8E4E0A09C8F6590D
Certificate serial: 34E0
Authority key identifier: 4D:72:39:55:24:3A:E8:8D:55:24:39:AF:8E:4E:0A:09:C8:F6:59:0D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/CBCB218CD86F11E9A6AF7518C4F9AE02.roa
Signing time: Mon 31 Mar 2025 08:10:19 +0000
ROA not before: Mon 31 Mar 2025 08:10:19 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 55423
IP address blocks: 58.82.128.0/18 maxlen: 18
58.82.128.0/21 maxlen: 24
58.82.136.0/21 maxlen: 24
58.82.144.0/21 maxlen: 24
58.82.152.0/21 maxlen: 24
58.82.160.0/20 maxlen: 20
58.82.160.0/21 maxlen: 24
58.82.168.0/21 maxlen: 24
58.82.176.0/20 maxlen: 20
58.82.176.0/21 maxlen: 24
58.82.184.0/21 maxlen: 21
58.82.184.0/24 maxlen: 24
103.247.60.0/22 maxlen: 24
182.50.80.0/22 maxlen: 22
182.50.80.0/24 maxlen: 24
182.50.83.0/24 maxlen: 24
182.50.86.0/24 maxlen: 24
182.50.88.0/22 maxlen: 22
182.50.88.0/24 maxlen: 24
203.130.152.0/24 maxlen: 24
203.147.30.0/23 maxlen: 23
203.147.46.0/23 maxlen: 23
203.147.46.0/24 maxlen: 24
203.147.47.0/24 maxlen: 24
203.156.26.0/24 maxlen: 24
203.156.27.0/24 maxlen: 24
203.156.31.0/24 maxlen: 24
203.156.46.0/23 maxlen: 23
203.156.64.0/24 maxlen: 24
203.156.102.0/23 maxlen: 23
203.156.109.0/24 maxlen: 24
203.156.113.0/24 maxlen: 24
203.156.119.0/24 maxlen: 24
203.156.120.0/21 maxlen: 21
203.156.150.0/24 maxlen: 24
203.156.183.0/24 maxlen: 24
2404:4a00:1::/64 maxlen: 64
2404:4a00:2::/64 maxlen: 64
2404:4a00:3::/64 maxlen: 64
2404:4a00:4::/64 maxlen: 64
2404:4a00:1000::/48 maxlen: 48
2404:4a00:2094::/48 maxlen: 48
2404:4a00:5542::/48 maxlen: 48
2404:4a00:5542:3::/64 maxlen: 64
2404:4a00:5542:3a1::/64 maxlen: 64
2404:4a00:5542:3001::/64 maxlen: 64
2404:4a00:5542:3002::/64 maxlen: 64
2404:4a00:5542:3003::/64 maxlen: 64
2404:4a00:6000::/64 maxlen: 64
2404:4a00:6500::/64 maxlen: 64
2404:4a00:6501::/64 maxlen: 64
2404:4a00:6a00::/64 maxlen: 64
2404:4a00:7000::/64 maxlen: 64
2404:4a00:7500::/64 maxlen: 64
2404:4a00:7a00::/64 maxlen: 64
2404:4a00:8000::/64 maxlen: 64
2404:4a00:8500::/64 maxlen: 64
2404:4a00:8a00::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.crl
rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 14:59:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13536 (0x34e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914781A
Validity
Not Before: Mar 31 08:10:19 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67ea4deb-435b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:17:32:54:6e:58:43:27:9f:ba:80:48:69:53:
fd:df:0e:8c:5e:fb:f8:19:85:c8:e7:22:36:e9:2f:
49:1e:fe:de:14:e3:7e:b4:a7:23:2a:00:98:e3:47:
ae:66:95:38:a9:f5:d0:08:2e:94:bd:74:ca:05:5c:
3a:51:95:b5:5a:d4:3e:ff:5d:de:0b:2f:cd:26:8e:
be:b5:0e:65:2e:2d:dd:f0:01:68:99:28:3a:fb:a5:
80:78:9d:3d:0a:8b:c3:bf:5a:06:75:13:c8:05:ee:
21:ec:5e:9c:11:8e:18:1c:2b:8d:e2:2b:48:ea:c8:
d5:9f:eb:1f:cf:b7:f2:62:c2:30:88:21:8e:3d:94:
4e:5a:92:a6:e1:28:07:b9:98:ba:da:43:69:74:e3:
5d:72:59:74:45:90:80:3b:6c:41:f5:6e:30:00:4d:
e2:0f:73:e6:85:9d:df:b8:eb:b8:9a:9a:59:21:80:
6b:9f:7d:14:66:9b:00:95:b4:72:e8:6b:e1:7e:98:
9c:a3:ef:fa:53:ee:57:41:1c:0a:ee:09:b3:d3:11:
1d:04:f2:0c:ee:ab:42:cc:b3:67:8f:c8:3a:f8:55:
fa:da:31:28:d0:4f:54:9b:99:e2:9a:47:89:21:45:
fd:f6:2d:9a:6a:3b:c1:8a:60:bb:99:46:d0:b9:19:
12:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:41:14:0C:2D:4C:60:7A:40:93:9B:8B:9B:CA:98:CA:80:55:40:5A
X509v3 Authority Key Identifier:
keyid:4D:72:39:55:24:3A:E8:8D:55:24:39:AF:8E:4E:0A:09:C8:F6:59:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/CBCB218CD86F11E9A6AF7518C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.82.128.0/18
103.247.60.0/22
182.50.80.0/22
182.50.86.0/24
182.50.88.0/22
203.130.152.0/24
203.147.30.0/23
203.147.46.0/23
203.156.26.0/23
203.156.31.0/24
203.156.46.0/23
203.156.64.0/24
203.156.102.0/23
203.156.109.0/24
203.156.113.0/24
203.156.119.0-203.156.127.255
203.156.150.0/24
203.156.183.0/24
IPv6:
2404:4a00:1::/64
2404:4a00:2::/64
2404:4a00:3::/64
2404:4a00:4::/64
2404:4a00:1000::/48
2404:4a00:2094::/48
2404:4a00:5542::/48
2404:4a00:6000::/64
2404:4a00:6500::/64
2404:4a00:6501::/64
2404:4a00:6a00::/64
2404:4a00:7000::/64
2404:4a00:7500::/64
2404:4a00:7a00::/64
2404:4a00:8000::/64
2404:4a00:8500::/64
2404:4a00:8a00::/64
Signature Algorithm: sha256WithRSAEncryption
af:5d:b5:fd:fa:fc:e0:6b:7f:d1:9d:52:fb:ac:98:e8:ac:39:
44:cc:43:26:69:14:36:18:b1:d6:a4:57:16:66:4a:d2:97:df:
f1:5f:b9:01:6f:75:66:fe:f4:79:41:fd:90:a7:42:52:31:f6:
5d:d9:81:c1:c4:19:f8:ed:11:59:72:44:ed:a4:35:aa:63:43:
74:35:4e:8c:74:a2:4e:8a:29:0c:6f:90:2e:79:0d:f1:78:68:
82:62:bf:76:ad:69:d5:23:9d:b3:82:77:c1:a2:5d:ac:4c:3d:
38:de:72:5d:08:71:9b:0d:80:24:7c:3f:6a:b0:14:1f:07:00:
65:08:3e:b8:7a:53:a9:ff:ed:21:fe:47:f3:5a:5f:dd:b2:74:
5e:43:69:1e:5e:37:d6:04:73:61:53:da:64:99:46:2e:44:3f:
87:f7:16:ba:4b:ff:1d:a6:0d:c5:7c:c9:7a:f2:11:f0:59:20:
9d:17:c3:04:1e:51:48:92:4b:b7:e8:59:8d:e4:30:9f:e2:d9:
ed:9b:ef:26:39:dc:fa:d0:e5:08:d4:be:1b:68:43:ba:ed:cd:
2d:b9:78:90:6c:02:57:2b:94:e4:56:ca:38:7c:8b:1b:42:dc:
07:f5:02:56:9d:e0:e1:8b:d6:82:14:f4:c1:27:08:59:8d:ff:
9e:f9:b1:fa
-----BEGIN CERTIFICATE-----
MIIGpDCCBYygAwIBAgICNOAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDc4MUExMTAvBgNVBAUTKDRENzIzOTU1MjQzQUU4OEQ1NTI0MzlBRjhFNEUwQTA5
QzhGNjU5MEQwHhcNMjUwMzMxMDgxMDE5WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2VhNGRlYi00MzViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzxcyVG5YQyefuoBIaVP93w6MXvv4GYXI5yI26S9JHv7eFON+tKcjKgCY40eu
ZpU4qfXQCC6UvXTKBVw6UZW1WtQ+/13eCy/NJo6+tQ5lLi3d8AFomSg6+6WAeJ09
CovDv1oGdRPIBe4h7F6cEY4YHCuN4itI6sjVn+sfz7fyYsIwiCGOPZROWpKm4SgH
uZi62kNpdONdcll0RZCAO2xB9W4wAE3iD3PmhZ3fuOu4mppZIYBrn30UZpsAlbRy
6Gvhfpico+/6U+5XQRwK7gmz0xEdBPIM7qtCzLNnj8g6+FX62jEo0E9Um5nimkeJ
IUX99i2aajvBimC7mUbQuRkSnwIDAQABo4IDyDCCA8QwHQYDVR0OBBYEFOtBFAwt
TGB6QJObi5vKmMqAVUBaMB8GA1UdIwQYMBaAFE1yOVUkOuiNVSQ5r45OCgnI9lkN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzgxQS9ENTIxNDI3MDFE
OUIxMUUyQjgyMUZEODkwOEIwMkNEMi9UWEk1VlNRNjZJMVZKRG12ams0S0NjajJX
UTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RYSTVWU1E2NkkxVkpEbXZqazRLQ2NqMldRMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDc4MUEvRDUyMTQyNzAxRDlCMTFFMkI4MjFGRDg5MDhCMDJDRDIvQ0JDQjIxOENE
ODZGMTFFOUE2QUY3NTE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggFQBggrBgEFBQcBBwEB
/wSCAT8wggE7MHoEAgABMHQDBAY6UoADBAJn9zwDBAK2MlADBAC2MlYDBAK2MlgD
BADLgpgDBAHLkx4DBAHLky4DBAHLnBoDBADLnB8DBAHLnC4DBADLnEADBAHLnGYD
BADLnG0DBADLnHEwDAMEAMucdwMEB8ucAAMEAMuclgMEAMuctzCBvAQCAAIwgbUD
CQAkBEoAAAEAAAMJACQESgAAAgAAAwkAJARKAAADAAADCQAkBEoAAAQAAAMHACQE
SgAQAAMHACQESgAglAMHACQESgBVQgMJACQESgBgAAAAAwkAJARKAGUAAAADCQAk
BEoAZQEAAAMJACQESgBqAAAAAwkAJARKAHAAAAADCQAkBEoAdQAAAAMJACQESgB6
AAAAAwkAJARKAIAAAAADCQAkBEoAhQAAAAMJACQESgCKAAAAMA0GCSqGSIb3DQEB
CwUAA4IBAQCvXbX9+vzga3/RnVL7rJjorDlEzEMmaRQ2GLHWpFcWZkrSl9/xX7kB
b3Vm/vR5Qf2Qp0JSMfZd2YHBxBn47RFZckTtpDWqY0N0NU6MdKJOiikMb5AueQ3x
eGiCYr92rWnVI52zgnfBol2sTD043nJdCHGbDYAkfD9qsBQfBwBlCD64elOp/+0h
/kfzWl/dsnReQ2keXjfWBHNhU9pkmUYuRD+H9xa6S/8dpg3FfMl68hHwWSCdF8ME
HlFIkku36FmN5DCf4tntm+8mOdz60OUI1L4baEO67c0tuXiQbAJXK5TkVso4fIsb
QtwH9QJWneDhi9aCFPTBJwhZjf+e+bH6
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:55:01 2025 by rpki-client