Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/B35C646A52E211EAAF44AE23C4F9AE02.roa
File: B35C646A52E211EAAF44AE23C4F9AE02.roa (raw, json)
Hash identifier: mks3mjRf8YuTD15vdWrOVacIzdvtGICAN5+kmOADW4o=
Subject key identifier: 2D:FB:9F:F3:49:EA:87:1E:AF:8B:76:D9:A8:FC:98:65:87:E0:5D:9B
Certificate issuer: /CN=A9167B50/serialNumber=991B3F17084F76F12F9F0509D597F0FFECA04B4A
Certificate serial: 34CC
Authority key identifier: 99:1B:3F:17:08:4F:76:F1:2F:9F:05:09:D5:97:F0:FF:EC:A0:4B:4A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/B35C646A52E211EAAF44AE23C4F9AE02.roa
Signing time: Thu 06 Feb 2025 08:44:08 +0000
ROA not before: Thu 06 Feb 2025 08:44:08 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 7532
IP address blocks: 103.70.52.0/22 maxlen: 22
103.70.52.0/24 maxlen: 24
103.70.53.0/24 maxlen: 24
103.70.54.0/24 maxlen: 24
103.70.55.0/24 maxlen: 24
112.121.64.0/19 maxlen: 19
112.121.64.0/24 maxlen: 24
112.121.65.0/24 maxlen: 24
112.121.66.0/24 maxlen: 24
112.121.68.0/24 maxlen: 24
112.121.69.0/24 maxlen: 24
112.121.70.0/24 maxlen: 24
112.121.71.0/24 maxlen: 24
112.121.72.0/24 maxlen: 24
112.121.73.0/24 maxlen: 24
112.121.74.0/24 maxlen: 24
112.121.75.0/24 maxlen: 24
112.121.76.0/24 maxlen: 24
112.121.77.0/24 maxlen: 24
112.121.78.0/24 maxlen: 24
112.121.79.0/24 maxlen: 24
112.121.80.0/24 maxlen: 24
112.121.81.0/24 maxlen: 24
112.121.82.0/24 maxlen: 24
112.121.83.0/24 maxlen: 24
112.121.84.0/24 maxlen: 24
112.121.85.0/24 maxlen: 24
112.121.86.0/24 maxlen: 24
112.121.87.0/24 maxlen: 24
112.121.88.0/24 maxlen: 24
112.121.89.0/24 maxlen: 24
112.121.90.0/24 maxlen: 24
112.121.91.0/24 maxlen: 24
112.121.92.0/24 maxlen: 24
112.121.93.0/24 maxlen: 24
112.121.94.0/24 maxlen: 24
112.121.95.0/24 maxlen: 24
112.121.96.0/21 maxlen: 21
112.121.96.0/23 maxlen: 23
112.121.104.0/22 maxlen: 22
112.121.105.0/24 maxlen: 24
112.121.108.0/23 maxlen: 23
112.121.108.0/24 maxlen: 24
112.121.112.0/22 maxlen: 22
112.121.113.0/24 maxlen: 24
112.121.114.0/24 maxlen: 24
112.121.116.0/23 maxlen: 23
112.121.116.0/24 maxlen: 24
112.121.117.0/24 maxlen: 24
112.121.120.0/22 maxlen: 22
112.121.120.0/24 maxlen: 24
112.121.121.0/24 maxlen: 24
112.121.122.0/24 maxlen: 24
112.121.123.0/24 maxlen: 24
202.80.104.0/23 maxlen: 23
202.80.104.0/24 maxlen: 24
202.80.105.0/24 maxlen: 24
202.80.106.0/23 maxlen: 23
202.80.106.0/24 maxlen: 24
202.80.107.0/24 maxlen: 24
202.80.108.0/24 maxlen: 24
202.80.111.0/24 maxlen: 24
2402:b600::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.crl
rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 14:40:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13516 (0x34cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9167B50
Validity
Not Before: Feb 6 08:44:08 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67a47658-a8a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c0:3f:ee:17:df:6c:49:c2:70:6e:fd:b6:97:
8e:01:74:fd:ba:fb:a2:e4:8e:82:fc:ee:df:89:a1:
ed:1c:d2:97:40:8d:54:5d:74:85:a7:cb:ed:2c:31:
b4:e6:07:9b:fd:de:fe:7b:2a:c1:2f:16:e1:44:2c:
96:78:19:18:b7:c5:0a:8f:b2:82:23:bc:65:b2:47:
4b:ae:98:b8:91:dc:2e:d5:3c:f3:4d:08:19:01:da:
13:38:2e:9f:97:ea:4d:96:d6:cd:98:db:df:07:7b:
41:1c:44:cf:f6:4a:d2:2b:0a:40:13:8f:f3:ba:36:
af:ad:55:64:82:90:d4:bf:7c:43:56:5a:b6:e0:86:
28:8f:82:1b:58:1f:4d:0c:44:46:b8:dc:b7:7f:73:
98:4f:d8:d1:76:ba:5c:0f:ff:dc:13:2b:f4:6b:50:
ea:1d:3d:ae:52:f2:ad:3b:7b:ed:db:f1:28:57:4a:
3e:66:b6:b9:ce:2c:dc:c6:e1:4e:68:7a:29:74:0d:
bd:7e:70:96:90:be:63:17:8d:30:25:1f:34:d0:11:
ef:b6:71:f6:87:bb:ef:53:7f:37:79:1f:67:dc:27:
82:f7:78:0a:d2:df:a6:b1:03:9f:2d:70:e8:a1:de:
ce:4a:65:24:49:f7:df:1a:99:56:19:6b:36:79:4d:
5b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:FB:9F:F3:49:EA:87:1E:AF:8B:76:D9:A8:FC:98:65:87:E0:5D:9B
X509v3 Authority Key Identifier:
keyid:99:1B:3F:17:08:4F:76:F1:2F:9F:05:09:D5:97:F0:FF:EC:A0:4B:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/B35C646A52E211EAAF44AE23C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.70.52.0/22
112.121.64.0-112.121.109.255
112.121.112.0-112.121.117.255
112.121.120.0/22
202.80.104.0-202.80.108.255
202.80.111.0/24
IPv6:
2402:b600::/32
Signature Algorithm: sha256WithRSAEncryption
8a:0c:7c:af:36:62:02:9e:ca:87:ab:95:b7:2c:24:1c:07:7a:
7c:b1:b2:cc:71:99:bc:9d:4c:5d:fa:2f:f6:27:3e:ce:d4:fa:
9d:8c:4f:23:94:d7:aa:03:47:c9:e7:b6:ce:05:a2:f5:8d:fa:
a1:99:23:ad:18:d1:0c:d1:f7:a2:4e:f8:9b:aa:86:a7:6e:88:
08:71:a0:6a:4e:13:e1:3d:87:c9:ee:3e:b7:ea:4b:3e:2b:39:
46:ff:a0:4b:aa:3c:10:ac:43:a3:1c:e8:f8:79:70:30:e8:53:
5a:82:6c:4c:04:8a:32:2d:d6:2f:41:82:34:89:26:80:e8:e5:
aa:88:9c:8e:92:5a:18:17:fc:6a:ca:7e:77:23:b8:a8:13:86:
1e:5a:ae:3b:b7:71:79:95:77:5a:af:f6:33:14:7c:0c:15:80:
67:58:46:df:59:2f:53:11:67:f1:a6:7e:07:8a:85:92:d6:53:
e5:3d:cc:62:0a:2c:5d:f3:a4:60:f6:b8:01:97:e0:84:09:80:
f2:fe:cd:8a:66:42:3c:aa:8e:2a:96:42:d0:64:e5:9d:c8:10:
0d:47:86:48:00:3f:4f:af:48:b0:ab:c6:99:30:49:28:50:5d:
d2:36:e0:7e:f1:2b:34:38:12:21:05:5c:b4:21:d1:01:64:7e:
be:6d:e5:11
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgICNMwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjdCNTAxMTAvBgNVBAUTKDk5MUIzRjE3MDg0Rjc2RjEyRjlGMDUwOUQ1OTdGMEZG
RUNBMDRCNEEwHhcNMjUwMjA2MDg0NDA4WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E0NzY1OC1hOGExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAusA/7hffbEnCcG79tpeOAXT9uvui5I6C/O7fiaHtHNKXQI1UXXSFp8vtLDG0
5geb/d7+eyrBLxbhRCyWeBkYt8UKj7KCI7xlskdLrpi4kdwu1TzzTQgZAdoTOC6f
l+pNltbNmNvfB3tBHETP9krSKwpAE4/zujavrVVkgpDUv3xDVlq24IYoj4IbWB9N
DERGuNy3f3OYT9jRdrpcD//cEyv0a1DqHT2uUvKtO3vt2/EoV0o+Zra5zizcxuFO
aHopdA29fnCWkL5jF40wJR800BHvtnH2h7vvU383eR9n3CeC93gK0t+msQOfLXDo
od7OSmUkSfffGplWGWs2eU1bXQIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFC37n/NJ
6ocer4t22aj8mGWH4F2bMB8GA1UdIwQYMBaAFJkbPxcIT3bxL58FCdWX8P/soEtK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2N0I1MC85RDEzMDVDODFE
OEYxMUUyQTAyQkNERUUwOEIwMkNEMi9tUnNfRndoUGR2RXZud1VKMVpmd18teWdT
MG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21Sc19Gd2hQZHZFdm53VUoxWmZ3Xy15Z1Mwby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjdCNTAvOUQxMzA1QzgxRDhGMTFFMkEwMkJDREVFMDhCMDJDRDIvQjM1QzY0NkE1
MkUyMTFFQUFGNDRBRTIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZAYIKwYBBQUHAQcBAf8E
VTBTMEIEAgABMDwDBAJnRjQwDAMEBnB5QAMEAXB5bDAMAwQEcHlwAwQBcHl0AwQC
cHl4MAwDBAPKUGgDBADKUGwDBADKUG8wDQQCAAIwBwMFACQCtgAwDQYJKoZIhvcN
AQELBQADggEBAIoMfK82YgKeyoerlbcsJBwHenyxssxxmbydTF36L/YnPs7U+p2M
TyOU16oDR8nnts4FovWN+qGZI60Y0QzR96JO+JuqhqduiAhxoGpOE+E9h8nuPrfq
Sz4rOUb/oEuqPBCsQ6Mc6Ph5cDDoU1qCbEwEijIt1i9BgjSJJoDo5aqInI6SWhgX
/GrKfncjuKgThh5arju3cXmVd1qv9jMUfAwVgGdYRt9ZL1MRZ/GmfgeKhZLWU+U9
zGIKLF3zpGD2uAGX4IQJgPL+zYpmQjyqjiqWQtBk5Z3IEA1HhkgAP0+vSLCrxpkw
SShQXdI24H7xKzQ4EiEFXLQh0QFkfr5t5RE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:57:54 2025 by rpki-client