Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914C3FB/701782160BA111F08EFED219C4F9AE02/426BCB780BA211F08457541BC4F9AE02.roa
File: 426BCB780BA211F08457541BC4F9AE02.roa (raw, json)
Hash identifier: u7O3FF9kpzwjobo755EoRFgx1pFaBs9MURnDVMTexT8=
Subject key identifier: 6D:3B:98:4E:68:BF:81:5E:2E:0B:4D:1C:92:83:06:1F:A7:28:64:29
Certificate issuer: /CN=A914C3FB/serialNumber=4F5F75A6C2988F58B603012A8DB445A1F37D5D72
Certificate serial: 0A
Authority key identifier: 4F:5F:75:A6:C2:98:8F:58:B6:03:01:2A:8D:B4:45:A1:F3:7D:5D:72
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T191psKYj1i2AwEqjbRFofN9XXI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914C3FB/701782160BA111F08EFED219C4F9AE02/426BCB780BA211F08457541BC4F9AE02.roa
Signing time: Fri 28 Mar 2025 07:05:13 +0000
ROA not before: Fri 28 Mar 2025 07:05:13 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 7540
IP address blocks: 117.18.106.0/24 maxlen: 24
117.18.107.0/24 maxlen: 24
117.18.108.0/24 maxlen: 24
117.18.109.0/24 maxlen: 24
117.18.112.0/24 maxlen: 24
117.18.113.0/24 maxlen: 24
117.18.114.0/24 maxlen: 24
117.18.115.0/24 maxlen: 24
117.18.119.0/24 maxlen: 24
117.18.120.0/24 maxlen: 24
117.18.121.0/24 maxlen: 24
117.18.122.0/24 maxlen: 24
202.181.154.0/24 maxlen: 24
202.181.155.0/24 maxlen: 24
202.181.160.0/24 maxlen: 24
202.181.161.0/24 maxlen: 24
202.181.162.0/24 maxlen: 24
202.181.163.0/24 maxlen: 24
202.181.170.0/24 maxlen: 24
202.181.171.0/24 maxlen: 24
202.181.172.0/24 maxlen: 24
202.181.173.0/24 maxlen: 24
202.181.178.0/24 maxlen: 24
202.181.179.0/24 maxlen: 24
202.181.180.0/24 maxlen: 24
202.181.181.0/24 maxlen: 24
202.181.182.0/24 maxlen: 24
202.181.183.0/24 maxlen: 24
202.181.184.0/24 maxlen: 24
202.181.185.0/24 maxlen: 24
202.181.186.0/24 maxlen: 24
202.181.187.0/24 maxlen: 24
202.181.216.0/24 maxlen: 24
202.181.217.0/24 maxlen: 24
202.181.218.0/24 maxlen: 24
202.181.220.0/24 maxlen: 24
202.181.221.0/24 maxlen: 24
202.181.222.0/24 maxlen: 24
202.181.223.0/24 maxlen: 24
202.181.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914C3FB/701782160BA111F08EFED219C4F9AE02/T191psKYj1i2AwEqjbRFofN9XXI.crl
rsync://rpki.apnic.net/member_repository/A914C3FB/701782160BA111F08EFED219C4F9AE02/T191psKYj1i2AwEqjbRFofN9XXI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T191psKYj1i2AwEqjbRFofN9XXI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 12 Apr 2025 07:28:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10 (0xa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914C3FB
Validity
Not Before: Mar 28 07:05:13 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67e64a29-111e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:9b:d7:30:7a:bf:12:8b:30:26:fd:61:61:4d:
b9:6d:bd:7e:0a:8a:13:e0:05:d8:cb:47:a3:4f:60:
cd:f4:23:af:f7:74:21:24:63:d0:da:50:29:c1:51:
e9:d0:b2:66:53:f2:09:f8:4e:85:1d:53:ce:72:35:
e7:db:00:19:d2:52:a1:36:ad:09:f7:82:b0:03:9e:
7e:56:26:f9:7f:be:61:aa:a2:e5:a9:e7:4f:12:57:
1d:95:ac:5b:cb:e4:02:83:53:74:54:85:50:72:b8:
5c:c7:6a:ea:b5:fb:4f:f8:99:5e:9d:87:c3:bf:bb:
41:84:49:71:a1:15:ec:1f:24:57:a0:22:1c:1b:a4:
c8:6e:2b:5c:bb:71:8e:f7:a9:23:4d:37:fc:d9:56:
99:4f:a1:f2:79:6b:36:1d:9d:e0:6a:f4:36:f0:3e:
b9:83:6f:e1:21:0d:3e:f1:19:70:2e:73:dd:42:ed:
b3:32:26:d2:09:3c:d1:c4:92:62:a0:e2:83:80:16:
2f:3c:b7:e3:e1:45:62:40:41:a4:2a:a7:20:cf:a7:
31:55:32:72:1a:1c:6e:6a:14:20:22:69:9b:37:d8:
3c:07:cb:20:db:64:f0:d6:3c:80:c9:11:47:4c:2d:
30:87:64:05:63:fd:9e:de:6f:7d:63:2f:fd:fb:d3:
fc:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:3B:98:4E:68:BF:81:5E:2E:0B:4D:1C:92:83:06:1F:A7:28:64:29
X509v3 Authority Key Identifier:
keyid:4F:5F:75:A6:C2:98:8F:58:B6:03:01:2A:8D:B4:45:A1:F3:7D:5D:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914C3FB/701782160BA111F08EFED219C4F9AE02/T191psKYj1i2AwEqjbRFofN9XXI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T191psKYj1i2AwEqjbRFofN9XXI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914C3FB/701782160BA111F08EFED219C4F9AE02/426BCB780BA211F08457541BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
117.18.106.0-117.18.109.255
117.18.112.0/22
117.18.119.0-117.18.122.255
202.181.154.0/23
202.181.160.0/22
202.181.170.0-202.181.173.255
202.181.178.0-202.181.187.255
202.181.216.0-202.181.218.255
202.181.220.0-202.181.224.255
Signature Algorithm: sha256WithRSAEncryption
6c:11:1c:e9:da:e0:f5:96:18:3b:bb:04:b0:82:54:77:f9:6e:
f4:8f:8c:be:bc:85:f2:dd:6d:b2:e3:bc:5d:ee:a0:0b:32:f3:
87:ec:b9:ef:ed:54:05:8f:11:89:1f:a2:3d:61:9a:d4:b3:3f:
03:59:41:06:ee:8f:bb:64:4e:76:fe:f7:47:8a:b1:be:66:c8:
2a:71:c6:44:1b:fd:a6:cd:ce:c9:db:21:a1:0f:5c:97:3b:f3:
f9:40:c9:4c:0f:ea:3a:2f:d0:5b:32:4a:60:4e:20:f1:c9:b3:
8e:86:54:be:e5:58:15:7d:e6:11:42:8b:34:24:32:36:48:96:
7c:f1:0b:d7:71:6d:23:f4:2f:c6:ec:48:ca:90:f7:8b:01:4d:
2f:c3:57:6e:3b:c0:c5:38:da:c9:99:86:a6:67:c0:d5:d5:5b:
ca:ce:92:a8:46:4c:26:d7:99:1d:2d:c7:88:3d:7d:65:4c:6f:
fa:aa:91:23:2b:87:79:ae:fe:d3:95:7f:08:31:ca:39:f6:ec:
c7:8e:11:2c:bf:29:c3:02:4a:68:5d:9a:c8:ee:09:a3:43:0a:
31:81:ae:8a:db:92:c4:e7:79:bb:f9:21:5a:d2:0c:68:55:a7:
e7:c1:29:1e:0a:f7:a7:52:e6:04:1e:14:5c:d4:dd:e9:d3:da:
07:63:26:e4
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgIBCjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
QzNGQjExMC8GA1UEBRMoNEY1Rjc1QTZDMjk4OEY1OEI2MDMwMTJBOERCNDQ1QTFG
MzdENUQ3MjAeFw0yNTAzMjgwNzA1MTNaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ZTY0YTI5LTExMWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDem9cwer8SizAm/WFhTbltvX4KihPgBdjLR6NPYM30I6/3dCEkY9DaUCnBUenQ
smZT8gn4ToUdU85yNefbABnSUqE2rQn3grADnn5WJvl/vmGqouWp508SVx2VrFvL
5AKDU3RUhVByuFzHauq1+0/4mV6dh8O/u0GESXGhFewfJFegIhwbpMhuK1y7cY73
qSNNN/zZVplPofJ5azYdneBq9DbwPrmDb+EhDT7xGXAuc91C7bMyJtIJPNHEkmKg
4oOAFi88t+PhRWJAQaQqpyDPpzFVMnIaHG5qFCAiaZs32DwHyyDbZPDWPIDJEUdM
LTCHZAVj/Z7eb31jL/370/xZAgMBAAGjggL1MIIC8TAdBgNVHQ4EFgQUbTuYTmi/
gV4uC00ckoMGH6coZCkwHwYDVR0jBBgwFoAUT191psKYj1i2AwEqjbRFofN9XXIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRDM0ZCLzcwMTc4MjE2MEJB
MTExRjA4RUZFRDIxOUM0RjlBRTAyL1QxOTFwc0tZajFpMkF3RXFqYlJGb2ZOOVhY
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVDE5MXBzS1lqMWkyQXdFcWpiUkZvZk45WFhJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
QzNGQi83MDE3ODIxNjBCQTExMUYwOEVGRUQyMTlDNEY5QUUwMi80MjZCQ0I3ODBC
QTIxMUYwODQ1NzU0MUJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDB/BggrBgEFBQcBBwEB/wRw
MG4wbAQCAAEwZjAMAwQBdRJqAwQBdRJsAwQCdRJwMAwDBAB1EncDBAB1EnoDBAHK
tZoDBALKtaAwDAMEAcq1qgMEAcq1rDAMAwQByrWyAwQCyrW4MAwDBAPKtdgDBADK
tdowDAMEAsq13AMEAMq14DANBgkqhkiG9w0BAQsFAAOCAQEAbBEc6drg9ZYYO7sE
sIJUd/lu9I+MvryF8t1tsuO8Xe6gCzLzh+y57+1UBY8RiR+iPWGa1LM/A1lBBu6P
u2ROdv73R4qxvmbIKnHGRBv9ps3OydshoQ9clzvz+UDJTA/qOi/QWzJKYE4g8cmz
joZUvuVYFX3mEUKLNCQyNkiWfPEL13FtI/QvxuxIypD3iwFNL8NXbjvAxTjayZmG
pmfA1dVbys6SqEZMJteZHS3HiD19ZUxv+qqRIyuHea7+05V/CDHKOfbsx44RLL8p
wwJKaF2ayO4Jo0MKMYGuituSxOd5u/khWtIMaFWn58EpHgr3p1LmBB4UXNTd6dPa
B2Mm5A==
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:13:32 2025 by rpki-client