Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917D3A1/607AE9541D8611E299BA94DD08B02CD2/B3B5B50E117711EEA0E5E040C4F9AE02.roa
File: B3B5B50E117711EEA0E5E040C4F9AE02.roa (raw, json)
Hash identifier: /HE0+/UKz944jtczmVdL8xtwz3w/VhqI3+iHS/siDT4=
Subject key identifier: 9B:85:AB:E2:BC:8F:C0:11:F0:26:2C:A4:ED:9C:24:70:58:71:CB:A9
Certificate issuer: /CN=A917D3A1/serialNumber=0DE1679D21D39B61F02650A414EC9D0462C5E418
Certificate serial: 34CA
Authority key identifier: 0D:E1:67:9D:21:D3:9B:61:F0:26:50:A4:14:EC:9D:04:62:C5:E4:18
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DeFnnSHTm2HwJlCkFOydBGLF5Bg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917D3A1/607AE9541D8611E299BA94DD08B02CD2/B3B5B50E117711EEA0E5E040C4F9AE02.roa
Signing time: Tue 08 Apr 2025 14:50:30 +0000
ROA not before: Tue 08 Apr 2025 14:50:30 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 10030
IP address blocks: 103.3.20.0/22 maxlen: 22
183.171.0.0/16 maxlen: 16
183.171.7.0/24 maxlen: 24
183.171.16.0/24 maxlen: 24
183.171.17.0/24 maxlen: 24
183.171.18.0/24 maxlen: 24
183.171.19.0/24 maxlen: 24
183.171.20.0/24 maxlen: 24
183.171.21.0/24 maxlen: 24
183.171.22.0/24 maxlen: 24
183.171.23.0/24 maxlen: 24
183.171.24.0/24 maxlen: 24
183.171.25.0/24 maxlen: 24
183.171.26.0/24 maxlen: 24
183.171.27.0/24 maxlen: 24
183.171.28.0/24 maxlen: 24
183.171.29.0/24 maxlen: 24
183.171.30.0/24 maxlen: 24
183.171.31.0/24 maxlen: 24
183.171.40.0/24 maxlen: 24
183.171.49.0/24 maxlen: 24
183.171.50.0/24 maxlen: 24
183.171.51.0/24 maxlen: 24
183.171.52.0/24 maxlen: 24
183.171.53.0/24 maxlen: 24
183.171.54.0/24 maxlen: 24
183.171.55.0/24 maxlen: 24
183.171.56.0/24 maxlen: 24
183.171.57.0/24 maxlen: 24
183.171.64.0/24 maxlen: 24
183.171.65.0/24 maxlen: 24
183.171.66.0/24 maxlen: 24
183.171.67.0/24 maxlen: 24
183.171.68.0/24 maxlen: 24
183.171.69.0/24 maxlen: 24
183.171.70.0/24 maxlen: 24
183.171.71.0/24 maxlen: 24
183.171.72.0/24 maxlen: 24
183.171.73.0/24 maxlen: 24
183.171.74.0/24 maxlen: 24
183.171.75.0/24 maxlen: 24
183.171.76.0/24 maxlen: 24
183.171.77.0/24 maxlen: 24
183.171.78.0/24 maxlen: 24
183.171.79.0/24 maxlen: 24
183.171.80.0/24 maxlen: 24
183.171.81.0/24 maxlen: 24
183.171.82.0/24 maxlen: 24
183.171.83.0/24 maxlen: 24
183.171.84.0/24 maxlen: 24
183.171.85.0/24 maxlen: 24
183.171.86.0/24 maxlen: 24
183.171.87.0/24 maxlen: 24
183.171.88.0/24 maxlen: 24
183.171.89.0/24 maxlen: 24
183.171.90.0/24 maxlen: 24
183.171.91.0/24 maxlen: 24
183.171.92.0/24 maxlen: 24
183.171.93.0/24 maxlen: 24
183.171.94.0/24 maxlen: 24
183.171.95.0/24 maxlen: 24
183.171.96.0/24 maxlen: 24
183.171.97.0/24 maxlen: 24
183.171.98.0/24 maxlen: 24
183.171.99.0/24 maxlen: 24
183.171.100.0/24 maxlen: 24
183.171.101.0/24 maxlen: 24
183.171.102.0/24 maxlen: 24
183.171.103.0/24 maxlen: 24
183.171.104.0/24 maxlen: 24
183.171.105.0/24 maxlen: 24
183.171.106.0/24 maxlen: 24
183.171.107.0/24 maxlen: 24
183.171.108.0/24 maxlen: 24
183.171.109.0/24 maxlen: 24
183.171.110.0/24 maxlen: 24
183.171.111.0/24 maxlen: 24
183.171.112.0/24 maxlen: 24
183.171.113.0/24 maxlen: 24
183.171.114.0/24 maxlen: 24
183.171.115.0/24 maxlen: 24
183.171.116.0/24 maxlen: 24
183.171.117.0/24 maxlen: 24
183.171.118.0/24 maxlen: 24
183.171.119.0/24 maxlen: 24
183.171.120.0/24 maxlen: 24
183.171.121.0/24 maxlen: 24
183.171.122.0/24 maxlen: 24
183.171.123.0/24 maxlen: 24
183.171.124.0/24 maxlen: 24
183.171.125.0/24 maxlen: 24
183.171.126.0/24 maxlen: 24
183.171.127.0/24 maxlen: 24
183.171.128.0/24 maxlen: 24
183.171.129.0/24 maxlen: 24
183.171.130.0/24 maxlen: 24
183.171.131.0/24 maxlen: 24
183.171.132.0/24 maxlen: 24
183.171.133.0/24 maxlen: 24
183.171.134.0/24 maxlen: 24
183.171.135.0/24 maxlen: 24
183.171.136.0/24 maxlen: 24
183.171.137.0/24 maxlen: 24
183.171.138.0/24 maxlen: 24
183.171.139.0/24 maxlen: 24
183.171.140.0/24 maxlen: 24
183.171.141.0/24 maxlen: 24
183.171.142.0/24 maxlen: 24
183.171.143.0/24 maxlen: 24
183.171.156.0/24 maxlen: 24
183.171.158.0/24 maxlen: 24
183.171.160.0/24 maxlen: 24
183.171.161.0/24 maxlen: 24
183.171.162.0/24 maxlen: 24
183.171.163.0/24 maxlen: 24
183.171.164.0/24 maxlen: 24
183.171.165.0/24 maxlen: 24
183.171.166.0/24 maxlen: 24
183.171.167.0/24 maxlen: 24
183.171.168.0/24 maxlen: 24
183.171.169.0/24 maxlen: 24
183.171.170.0/24 maxlen: 24
183.171.171.0/24 maxlen: 24
183.171.172.0/24 maxlen: 24
183.171.173.0/24 maxlen: 24
183.171.174.0/24 maxlen: 24
183.171.175.0/24 maxlen: 24
183.171.176.0/24 maxlen: 24
183.171.177.0/24 maxlen: 24
183.171.183.0/24 maxlen: 24
183.171.184.0/24 maxlen: 24
183.171.186.0/24 maxlen: 24
183.171.187.0/24 maxlen: 24
183.171.188.0/23 maxlen: 23
183.171.190.0/24 maxlen: 24
183.171.191.0/24 maxlen: 24
183.171.192.0/24 maxlen: 24
183.171.193.0/24 maxlen: 24
183.171.194.0/24 maxlen: 24
183.171.195.0/24 maxlen: 24
183.171.196.0/24 maxlen: 24
183.171.197.0/24 maxlen: 24
183.171.198.0/24 maxlen: 24
183.171.199.0/24 maxlen: 24
183.171.200.0/24 maxlen: 24
183.171.201.0/24 maxlen: 24
183.171.202.0/24 maxlen: 24
183.171.204.0/24 maxlen: 24
183.171.205.0/24 maxlen: 24
183.171.207.0/24 maxlen: 24
183.171.208.0/21 maxlen: 21
183.171.223.0/24 maxlen: 24
183.171.224.0/24 maxlen: 24
183.171.225.0/24 maxlen: 24
183.171.226.0/24 maxlen: 24
183.171.227.0/24 maxlen: 24
183.171.228.0/24 maxlen: 24
183.171.229.0/24 maxlen: 24
183.171.232.0/21 maxlen: 21
183.171.233.0/24 maxlen: 24
183.171.234.0/24 maxlen: 24
183.171.235.0/24 maxlen: 24
183.171.236.0/24 maxlen: 24
183.171.240.0/20 maxlen: 20
183.171.240.0/24 maxlen: 24
183.171.241.0/24 maxlen: 24
183.171.242.0/24 maxlen: 24
183.171.243.0/24 maxlen: 24
183.171.244.0/23 maxlen: 23
183.171.248.0/24 maxlen: 24
183.171.249.0/24 maxlen: 24
183.171.255.0/24 maxlen: 24
203.82.64.0/19 maxlen: 19
203.82.66.0/24 maxlen: 24
203.82.67.0/24 maxlen: 24
203.82.70.0/23 maxlen: 23
203.82.70.0/24 maxlen: 24
203.82.71.0/24 maxlen: 24
203.82.75.0/24 maxlen: 24
203.82.76.0/24 maxlen: 24
203.82.77.0/24 maxlen: 24
203.82.82.0/24 maxlen: 24
203.82.86.0/24 maxlen: 24
203.82.91.0/24 maxlen: 24
203.82.93.0/24 maxlen: 24
203.82.94.0/24 maxlen: 24
203.82.95.0/24 maxlen: 24
2404:160::/32 maxlen: 32
2404:160:8000::/44 maxlen: 44
2404:160:8010::/44 maxlen: 44
2404:160:8020::/44 maxlen: 44
2404:160:8030::/44 maxlen: 44
2404:160:8040::/42 maxlen: 42
2404:160:8100::/42 maxlen: 42
2404:160:8140::/42 maxlen: 42
2404:160:a000::/42 maxlen: 42
2404:160:a400::/42 maxlen: 42
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917D3A1/607AE9541D8611E299BA94DD08B02CD2/DeFnnSHTm2HwJlCkFOydBGLF5Bg.crl
rsync://rpki.apnic.net/member_repository/A917D3A1/607AE9541D8611E299BA94DD08B02CD2/DeFnnSHTm2HwJlCkFOydBGLF5Bg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DeFnnSHTm2HwJlCkFOydBGLF5Bg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 23 Apr 2025 14:26:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13514 (0x34ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917D3A1, serialNumber=0DE1679D21D39B61F02650A414EC9D0462C5E418
Validity
Not Before: Apr 8 14:50:30 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67f537b6-114e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:07:4f:e9:c2:eb:5e:34:50:5d:92:e8:fe:e8:
2b:c1:d1:75:c0:11:ee:8b:16:64:c0:75:76:d1:3c:
5e:d2:82:87:95:a1:4f:50:2b:0b:79:65:ac:e7:99:
5e:6a:38:02:2c:97:49:2b:ae:98:33:c9:84:96:bd:
db:5e:80:f6:6e:40:cf:d8:5e:d3:dd:ed:4e:a1:9d:
40:12:7d:a5:f5:e0:dd:73:4d:30:a9:6b:22:4d:f6:
01:a2:ad:49:1b:73:23:cc:e5:7a:03:bb:63:f5:2d:
37:95:76:bf:15:f3:3b:0c:1b:9e:0a:9c:1b:2e:99:
75:d5:d8:6b:25:fd:98:5b:1f:6e:51:33:de:51:66:
88:3c:e2:62:3e:94:12:eb:e4:f2:3c:42:9a:2e:9c:
18:c7:15:2c:2c:90:12:f3:94:d7:83:d2:d0:ba:71:
fa:a2:19:ef:3c:c2:a2:47:5c:d9:0f:45:b3:ea:1d:
9f:a9:bb:a4:d1:c8:ca:1c:e8:0f:21:3e:a5:c0:77:
96:4a:08:07:b4:bc:b9:f9:7f:92:30:e7:46:d0:1b:
35:e9:ac:3f:4d:b5:5e:07:36:c8:9a:bc:e5:d6:9e:
1c:95:c7:0e:e5:22:6d:b3:c1:76:b7:97:5b:85:7c:
12:a0:ee:e5:f1:42:dd:c5:4e:48:fb:e4:d6:7e:d3:
56:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:85:AB:E2:BC:8F:C0:11:F0:26:2C:A4:ED:9C:24:70:58:71:CB:A9
X509v3 Authority Key Identifier:
keyid:0D:E1:67:9D:21:D3:9B:61:F0:26:50:A4:14:EC:9D:04:62:C5:E4:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917D3A1/607AE9541D8611E299BA94DD08B02CD2/DeFnnSHTm2HwJlCkFOydBGLF5Bg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DeFnnSHTm2HwJlCkFOydBGLF5Bg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D3A1/607AE9541D8611E299BA94DD08B02CD2/B3B5B50E117711EEA0E5E040C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.3.20.0/22
183.171.0.0/16
203.82.64.0/19
IPv6:
2404:160::/32
Signature Algorithm: sha256WithRSAEncryption
3f:ea:08:26:ef:c0:63:bd:f2:24:3b:4b:96:87:5b:70:c9:36:
6c:96:5c:06:01:8d:79:e2:29:95:16:1b:5c:99:2d:3a:f2:a6:
49:dc:41:e3:7e:c4:a6:48:27:ac:21:c6:a3:09:73:01:f2:e4:
fe:a1:89:f6:9f:92:e4:91:9e:55:87:43:54:09:39:1f:d8:45:
6b:fc:d1:d7:c7:f3:94:72:fc:aa:67:e6:65:c5:ef:9b:af:f5:
ce:a8:73:20:6f:1d:7a:8b:e4:ef:b4:73:ad:af:39:07:64:c8:
ae:c6:7e:98:b1:d7:ac:fa:b0:a1:71:e6:26:05:6c:1b:ed:d1:
2c:45:39:20:32:60:df:b1:b9:9d:a0:5f:f9:6a:d4:9e:02:59:
ef:af:c3:61:e4:04:66:96:2d:c2:98:c9:7a:b7:cc:86:67:f5:
3c:ee:c8:9d:66:2e:32:16:b1:a4:32:e3:7c:47:ce:0a:d8:7b:
98:94:5d:93:12:b5:41:37:6d:82:20:df:d7:7c:f7:f0:66:16:
2a:b9:dc:ed:f1:77:01:49:8d:c5:fd:1e:3f:1a:e7:a5:df:38:
ff:92:dc:46:c5:5b:91:24:dd:3f:00:e8:f4:b5:15:7d:cb:01:
32:65:bc:13:e7:e2:c8:d6:28:41:e6:9f:1b:5e:b9:4f:a6:36:
d7:82:7e:24
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICNMowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0QzQTExMTAvBgNVBAUTKDBERTE2NzlEMjFEMzlCNjFGMDI2NTBBNDE0RUM5RDA0
NjJDNUU0MTgwHhcNMjUwNDA4MTQ1MDMwWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Y1MzdiNi0xMTRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0gdP6cLrXjRQXZLo/ugrwdF1wBHuixZkwHV20Txe0oKHlaFPUCsLeWWs55le
ajgCLJdJK66YM8mElr3bXoD2bkDP2F7T3e1OoZ1AEn2l9eDdc00wqWsiTfYBoq1J
G3MjzOV6A7tj9S03lXa/FfM7DBueCpwbLpl11dhrJf2YWx9uUTPeUWaIPOJiPpQS
6+TyPEKaLpwYxxUsLJAS85TXg9LQunH6ohnvPMKiR1zZD0Wz6h2fqbuk0cjKHOgP
IT6lwHeWSggHtLy5+X+SMOdG0Bs16aw/TbVeBzbImrzl1p4clccO5SJts8F2t5db
hXwSoO7l8ULdxU5I++TWftNWkwIDAQABo4ICrzCCAqswHQYDVR0OBBYEFJuFq+K8
j8AR8CYspO2cJHBYccupMB8GA1UdIwQYMBaAFA3hZ50h05th8CZQpBTsnQRixeQY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDNBMS82MDdBRTk1NDFE
ODYxMUUyOTlCQTk0REQwOEIwMkNEMi9EZUZublNIVG0ySHdKbENrRk95ZEJHTEY1
QmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0RlRm5uU0hUbTJId0psQ2tGT3lkQkdMRjVCZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0QzQTEvNjA3QUU5NTQxRDg2MTFFMjk5QkE5NEREMDhCMDJDRDIvQjNCNUI1MEUx
MTc3MTFFRUEwRTVFMDQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMBcEAgABMBEDBAJnAxQDAwC3qwMEBctSQDANBAIAAjAHAwUAJAQBYDANBgkq
hkiG9w0BAQsFAAOCAQEAP+oIJu/AY73yJDtLlodbcMk2bJZcBgGNeeIplRYbXJkt
OvKmSdxB437EpkgnrCHGowlzAfLk/qGJ9p+S5JGeVYdDVAk5H9hFa/zR18fzlHL8
qmfmZcXvm6/1zqhzIG8deovk77Rzra85B2TIrsZ+mLHXrPqwoXHmJgVsG+3RLEU5
IDJg37G5naBf+WrUngJZ76/DYeQEZpYtwpjJerfMhmf1PO7InWYuMhaxpDLjfEfO
Cth7mJRdkxK1QTdtgiDf13z38GYWKrnc7fF3AUmNxf0ePxrnpd84/5LcRsVbkSTd
PwDo9LUVfcsBMmW8E+fiyNYoQeafG165T6Y214J+JA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:11:21 2025 by rpki-client