Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/3240ED82D62D11EFB0442B5DC4F9AE02.roa
File: 3240ED82D62D11EFB0442B5DC4F9AE02.roa (raw, json)
Hash identifier: 4ezgedPR9KopOZYLyZFbtl63GBaLOL0AGy6NscKrMGE=
Subject key identifier: C5:CA:C1:31:B2:02:5B:F0:A3:86:A7:1C:21:E3:44:F2:A1:B8:16:5D
Certificate issuer: /CN=A9150384/serialNumber=B1BA33053C39BA5865537743112389E300C48807
Certificate serial: 0C40
Authority key identifier: B1:BA:33:05:3C:39:BA:58:65:53:77:43:11:23:89:E3:00:C4:88:07
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sbozBTw5ulhlU3dDESOJ4wDEiAc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/3240ED82D62D11EFB0442B5DC4F9AE02.roa
Signing time: Wed 22 Jan 2025 18:26:59 +0000
ROA not before: Wed 22 Jan 2025 18:26:59 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 134968
IP address blocks: 103.23.204.0/22 maxlen: 22
103.23.204.0/23 maxlen: 23
103.23.204.0/24 maxlen: 24
103.23.205.0/24 maxlen: 24
103.23.206.0/23 maxlen: 23
103.23.206.0/24 maxlen: 24
103.23.207.0/24 maxlen: 24
223.25.252.0/22 maxlen: 22
223.25.252.0/23 maxlen: 23
223.25.252.0/24 maxlen: 24
223.25.253.0/24 maxlen: 24
223.25.254.0/23 maxlen: 23
223.25.254.0/24 maxlen: 24
223.25.255.0/24 maxlen: 24
2401:52c0::/32 maxlen: 32
2401:52c0::/40 maxlen: 40
2401:52c0:7::/48 maxlen: 48
2401:52c0:100::/40 maxlen: 40
2401:52c0:100::/44 maxlen: 44
2401:52c0:110::/44 maxlen: 44
2401:52c0:120::/44 maxlen: 44
2401:52c0:130::/44 maxlen: 44
2401:52c0:140::/44 maxlen: 44
2401:52c0:150::/44 maxlen: 44
2401:52c0:160::/44 maxlen: 44
2401:52c0:170::/44 maxlen: 44
2401:52c0:180::/44 maxlen: 44
2401:52c0:190::/44 maxlen: 44
2401:52c0:1a0::/44 maxlen: 44
2401:52c0:1b0::/44 maxlen: 44
2401:52c0:1c0::/44 maxlen: 44
2401:52c0:1d0::/44 maxlen: 44
2401:52c0:1e0::/44 maxlen: 44
2401:52c0:1f0::/44 maxlen: 44
2401:52c0:200::/40 maxlen: 40
2401:52c0:300::/40 maxlen: 40
2401:52c0:400::/40 maxlen: 40
2401:52c0:500::/40 maxlen: 40
2401:52c0:600::/40 maxlen: 40
2401:52c0:700::/40 maxlen: 40
2401:52c0:800::/40 maxlen: 40
2401:52c0:900::/40 maxlen: 40
2401:52c0:a00::/40 maxlen: 40
2401:52c0:b00::/40 maxlen: 40
2401:52c0:c00::/40 maxlen: 40
2401:52c0:d00::/40 maxlen: 40
2401:52c0:e00::/40 maxlen: 40
2401:52c0:f00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/sbozBTw5ulhlU3dDESOJ4wDEiAc.crl
rsync://rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/sbozBTw5ulhlU3dDESOJ4wDEiAc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sbozBTw5ulhlU3dDESOJ4wDEiAc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 18:12:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3136 (0xc40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9150384, serialNumber=B1BA33053C39BA5865537743112389E300C48807
Validity
Not Before: Jan 22 18:26:59 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67913872-82fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:99:32:4d:65:fd:09:ac:14:46:84:3f:e8:94:
8f:5b:28:65:fc:c2:04:46:df:5f:95:c0:3f:3d:43:
53:55:87:63:1c:82:de:7f:bb:ae:08:7e:63:94:2a:
3b:67:a8:54:3f:6e:53:88:ec:c4:c9:3f:70:16:c3:
99:12:13:62:30:a1:ea:63:44:c5:be:88:f7:8f:56:
26:e2:5c:cd:3d:f9:7b:de:c3:52:96:08:fd:d2:0c:
db:97:a1:7d:47:55:20:07:9f:85:c2:4a:67:27:5b:
e0:9e:77:ed:90:b6:f8:da:fc:a2:dc:dc:d4:6b:ad:
fe:e9:99:b4:c0:66:37:01:04:87:e4:4d:fc:ac:04:
ef:53:76:8e:8f:bc:20:12:15:a8:09:1b:3e:b0:02:
71:08:e2:5a:33:d3:97:e6:04:98:5b:ed:3e:cf:09:
d1:ba:a8:f0:95:26:94:d6:b3:7d:7d:82:d3:f5:20:
c9:c0:7a:6c:7a:c1:6e:74:ff:b5:f5:0f:f1:e8:ff:
de:a8:9c:f6:7b:2c:f0:50:1c:fa:ad:e5:b1:e9:56:
f5:c9:34:0e:22:47:0b:cf:67:39:ba:d0:3e:8b:21:
5d:39:48:ce:b7:d6:ec:b1:36:ac:40:72:e9:34:73:
9b:de:08:ee:e4:77:1e:64:d6:84:e1:d5:d7:8a:f9:
e5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:CA:C1:31:B2:02:5B:F0:A3:86:A7:1C:21:E3:44:F2:A1:B8:16:5D
X509v3 Authority Key Identifier:
keyid:B1:BA:33:05:3C:39:BA:58:65:53:77:43:11:23:89:E3:00:C4:88:07
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/sbozBTw5ulhlU3dDESOJ4wDEiAc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sbozBTw5ulhlU3dDESOJ4wDEiAc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/3240ED82D62D11EFB0442B5DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.23.204.0/22
223.25.252.0/22
IPv6:
2401:52c0::/32
Signature Algorithm: sha256WithRSAEncryption
55:14:b3:34:fc:18:d0:8a:c8:b5:ce:5f:a7:06:aa:aa:03:e1:
26:64:27:0d:31:c6:15:9d:7c:1e:fc:3c:10:b3:9e:77:b4:62:
d5:c5:cd:71:d8:03:3e:7e:cc:fe:90:22:27:e1:0f:d0:15:56:
c2:33:0b:92:5d:1b:fc:3f:a6:92:e1:ad:47:62:00:84:17:e6:
21:55:18:e2:76:d6:a0:48:81:30:c6:01:08:dc:f7:78:5d:9a:
8e:6c:ca:69:d6:18:52:53:af:32:78:e2:04:39:32:b2:c9:c0:
5d:75:b8:83:0d:9a:3a:ed:77:95:e7:af:b3:99:00:3a:19:ba:
50:6f:51:b2:af:65:8d:cd:38:c4:42:b2:e8:e3:63:ca:f8:64:
f8:b8:44:59:09:09:26:c9:4e:e8:28:3f:c3:12:3b:0c:a5:53:
56:bd:e5:e9:91:50:49:05:a6:26:56:2d:7b:f3:56:82:dc:50:
b5:9c:27:4c:27:96:47:d6:53:c6:55:9b:cd:b6:da:51:5b:07:
7e:b8:bf:65:1f:a1:4a:ee:61:ed:49:c1:7d:3b:cb:17:56:f6:
e4:a0:b0:67:ac:52:2a:af:2d:af:fa:8b:e6:69:cd:09:bc:30:
83:22:49:ff:a9:8f:f7:ca:52:41:75:43:4d:28:b6:6b:0f:00:
21:77:3b:2f
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDEAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTAzODQxMTAvBgNVBAUTKEIxQkEzMzA1M0MzOUJBNTg2NTUzNzc0MzExMjM4OUUz
MDBDNDg4MDcwHhcNMjUwMTIyMTgyNjU5WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkxMzg3Mi04MmZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA85kyTWX9CawURoQ/6JSPWyhl/MIERt9flcA/PUNTVYdjHILef7uuCH5jlCo7
Z6hUP25TiOzEyT9wFsOZEhNiMKHqY0TFvoj3j1Ym4lzNPfl73sNSlgj90gzbl6F9
R1UgB5+FwkpnJ1vgnnftkLb42vyi3NzUa63+6Zm0wGY3AQSH5E38rATvU3aOj7wg
EhWoCRs+sAJxCOJaM9OX5gSYW+0+zwnRuqjwlSaU1rN9fYLT9SDJwHpsesFudP+1
9Q/x6P/eqJz2eyzwUBz6reWx6Vb1yTQOIkcLz2c5utA+iyFdOUjOt9bssTasQHLp
NHOb3gju5HceZNaE4dXXivnlaQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFMXKwTGy
Alvwo4anHCHjRPKhuBZdMB8GA1UdIwQYMBaAFLG6MwU8ObpYZVN3QxEjieMAxIgH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MDM4NC85MzdGMzcyRTAw
NUExMUVBQTA5NEJEMzFDNEY5QUUwMi9zYm96QlR3NXVsaGxVM2RERVNPSjR3REVp
QWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Nib3pCVHc1dWxobFUzZERFU09KNHdERWlBYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTAzODQvOTM3RjM3MkUwMDVBMTFFQUEwOTRCRDMxQzRGOUFFMDIvMzI0MEVEODJE
NjJEMTFFRkIwNDQyQjVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnF8wDBALfGfwwDQQCAAIwBwMFACQBUsAwDQYJKoZIhvcN
AQELBQADggEBAFUUszT8GNCKyLXOX6cGqqoD4SZkJw0xxhWdfB78PBCznne0YtXF
zXHYAz5+zP6QIifhD9AVVsIzC5JdG/w/ppLhrUdiAIQX5iFVGOJ21qBIgTDGAQjc
93hdmo5symnWGFJTrzJ44gQ5MrLJwF11uIMNmjrtd5Xnr7OZADoZulBvUbKvZY3N
OMRCsujjY8r4ZPi4RFkJCSbJTugoP8MSOwylU1a95emRUEkFpiZWLXvzVoLcULWc
J0wnlkfWU8ZVm8222lFbB364v2UfoUruYe1JwX07yxdW9uSgsGesUiqvLa/6i+Zp
zQm8MIMiSf+pj/fKUkF1Q00otmsPACF3Oy8=
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:29:34 2025 by rpki-client