Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9181375/AED5831E1F0611EFA61ABA51C4F9AE02/A51B73A01F0711EFB7C30655C4F9AE02.roa
File: A51B73A01F0711EFB7C30655C4F9AE02.roa (raw, json)
Hash identifier: Ie9Y5pCGNtZspU9t66mnmp1QTKLtQUg0jtZnjasjHa4=
Subject key identifier: 0B:B0:11:C5:C2:FE:6C:03:A4:E9:39:81:A4:C5:1C:69:A4:7D:2A:2C
Certificate issuer: /CN=A9181375/serialNumber=8DCDE52B9B8B0522BE26713A41865670A61EE86D
Certificate serial: 9A
Authority key identifier: 8D:CD:E5:2B:9B:8B:05:22:BE:26:71:3A:41:86:56:70:A6:1E:E8:6D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jc3lK5uLBSK-JnE6QYZWcKYe6G0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9181375/AED5831E1F0611EFA61ABA51C4F9AE02/A51B73A01F0711EFB7C30655C4F9AE02.roa
Signing time: Wed 05 Mar 2025 21:39:35 +0000
ROA not before: Wed 05 Mar 2025 21:39:35 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 45701
IP address blocks: 43.224.168.0/24 maxlen: 24
43.224.169.0/24 maxlen: 24
43.224.170.0/24 maxlen: 24
43.224.171.0/24 maxlen: 24
59.153.128.0/24 maxlen: 24
59.153.129.0/24 maxlen: 24
59.153.130.0/24 maxlen: 24
59.153.131.0/24 maxlen: 24
103.89.76.0/24 maxlen: 24
103.89.77.0/24 maxlen: 24
103.89.78.0/24 maxlen: 24
103.89.79.0/24 maxlen: 24
103.225.148.0/24 maxlen: 24
103.225.149.0/24 maxlen: 24
103.225.150.0/24 maxlen: 24
103.225.151.0/24 maxlen: 24
202.58.192.0/24 maxlen: 24
202.58.193.0/24 maxlen: 24
202.58.194.0/24 maxlen: 24
202.58.195.0/24 maxlen: 24
202.58.196.0/24 maxlen: 24
202.58.197.0/24 maxlen: 24
202.58.198.0/24 maxlen: 24
202.58.199.0/24 maxlen: 24
202.58.200.0/24 maxlen: 24
202.58.201.0/24 maxlen: 24
202.58.203.0/24 maxlen: 24
202.58.204.0/24 maxlen: 24
202.58.205.0/24 maxlen: 24
202.58.206.0/24 maxlen: 24
202.58.207.0/24 maxlen: 24
203.28.216.0/24 maxlen: 24
203.28.217.0/24 maxlen: 24
203.28.218.0/24 maxlen: 24
203.28.219.0/24 maxlen: 24
2001:df0:a900::/48 maxlen: 48
2402:2900::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9181375/AED5831E1F0611EFA61ABA51C4F9AE02/jc3lK5uLBSK-JnE6QYZWcKYe6G0.crl
rsync://rpki.apnic.net/member_repository/A9181375/AED5831E1F0611EFA61ABA51C4F9AE02/jc3lK5uLBSK-JnE6QYZWcKYe6G0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jc3lK5uLBSK-JnE6QYZWcKYe6G0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 04:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154 (0x9a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9181375, serialNumber=8DCDE52B9B8B0522BE26713A41865670A61EE86D
Validity
Not Before: Mar 5 21:39:35 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=67c8c497-26cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:81:36:c2:34:ba:5e:fe:8e:75:ba:ce:d1:a0:
1e:70:f3:79:e3:ed:54:0a:98:ff:66:9a:d9:bd:bf:
2c:dc:4d:5a:bf:a4:74:6c:3d:fc:bb:7f:bd:38:86:
33:06:fa:5e:ef:3a:ff:0f:af:09:6b:91:33:69:48:
f2:3d:12:d0:7d:54:9b:ce:74:df:86:d9:03:e3:3e:
69:4d:8e:f7:4c:cd:b6:fd:92:a9:60:ed:57:a5:8d:
9b:12:ea:fc:36:1d:c5:bc:ca:f3:ea:80:3d:0b:69:
87:c1:6d:c3:0b:b9:23:33:07:c3:2a:36:5f:6e:45:
4c:3b:ea:2f:1f:11:a5:24:50:20:6f:07:2f:42:da:
ea:75:71:04:16:8e:92:cf:aa:88:28:7b:81:28:a1:
f2:ba:7c:31:40:2b:8d:47:ec:74:7d:52:aa:0d:89:
47:26:9d:d6:9e:3b:9e:06:bf:20:24:69:c6:8c:27:
04:28:e2:9b:1b:7f:4f:21:97:bb:aa:e8:5a:7e:ea:
74:80:d4:40:2c:63:0a:10:09:50:3e:1f:7c:1a:01:
dd:60:d0:cb:4b:c1:3f:4f:5e:d0:a5:e7:54:05:3e:
0d:ba:ce:e5:d8:8c:45:9e:88:4e:3a:28:72:f0:a3:
80:6d:d6:9a:53:5a:5d:73:4e:9a:a8:31:c1:5e:68:
71:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:B0:11:C5:C2:FE:6C:03:A4:E9:39:81:A4:C5:1C:69:A4:7D:2A:2C
X509v3 Authority Key Identifier:
keyid:8D:CD:E5:2B:9B:8B:05:22:BE:26:71:3A:41:86:56:70:A6:1E:E8:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9181375/AED5831E1F0611EFA61ABA51C4F9AE02/jc3lK5uLBSK-JnE6QYZWcKYe6G0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jc3lK5uLBSK-JnE6QYZWcKYe6G0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9181375/AED5831E1F0611EFA61ABA51C4F9AE02/A51B73A01F0711EFB7C30655C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.224.168.0/22
59.153.128.0/22
103.89.76.0/22
103.225.148.0/22
202.58.192.0-202.58.201.255
202.58.203.0-202.58.207.255
203.28.216.0/22
IPv6:
2001:df0:a900::/48
2402:2900::/32
Signature Algorithm: sha256WithRSAEncryption
09:81:2b:2d:80:5a:a6:db:92:0a:6c:60:85:61:07:f6:1c:35:
74:35:c8:30:22:8d:ef:9e:f2:66:85:a0:67:32:46:3e:de:1b:
73:21:03:73:cb:84:98:59:83:b5:46:5c:f8:6b:b8:10:66:b3:
78:5b:b4:e4:bf:1b:38:1b:6e:6b:0b:30:7c:ca:a4:ce:06:a0:
75:5c:04:93:35:86:09:5f:b0:53:db:15:91:1a:0a:95:f7:1d:
83:33:c3:45:b1:ab:4b:4c:b3:07:cb:fa:ec:a4:97:af:f4:f5:
97:78:0a:53:64:3b:10:23:e5:2c:1c:c6:c8:65:e5:91:6c:e1:
64:31:06:c6:cd:6a:f0:84:3b:fc:53:07:fc:91:53:91:de:f1:
c9:4f:b1:5e:53:dc:c6:dc:11:b1:5a:6e:00:b7:b6:5f:f1:12:
7b:99:4e:e2:d2:d7:fb:3c:5d:a6:39:bd:c4:ce:62:57:4e:8f:
ef:5a:46:41:90:01:fd:a6:f2:27:e8:d5:cc:b4:6b:00:c9:99:
02:bc:ad:ca:b3:18:2c:58:67:b8:cb:9b:40:98:f4:81:b1:68:
9a:48:09:cc:12:cc:dc:ae:fd:93:aa:52:e0:f2:9e:4f:7a:1f:
d5:80:d1:ac:a5:ad:88:01:dc:f3:db:83:f2:d6:0f:17:01:6f:
b6:95:34:36
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgICAJowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODEzNzUxMTAvBgNVBAUTKDhEQ0RFNTJCOUI4QjA1MjJCRTI2NzEzQTQxODY1Njcw
QTYxRUU4NkQwHhcNMjUwMzA1MjEzOTM1WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M4YzQ5Ny0yNmNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyYE2wjS6Xv6OdbrO0aAecPN54+1UCpj/ZprZvb8s3E1av6R0bD38u3+9OIYz
Bvpe7zr/D68Ja5EzaUjyPRLQfVSbznTfhtkD4z5pTY73TM22/ZKpYO1XpY2bEur8
Nh3FvMrz6oA9C2mHwW3DC7kjMwfDKjZfbkVMO+ovHxGlJFAgbwcvQtrqdXEEFo6S
z6qIKHuBKKHyunwxQCuNR+x0fVKqDYlHJp3WnjueBr8gJGnGjCcEKOKbG39PIZe7
quhafup0gNRALGMKEAlQPh98GgHdYNDLS8E/T17QpedUBT4Nus7l2IxFnohOOihy
8KOAbdaaU1pdc06aqDHBXmhxFwIDAQABo4IC4TCCAt0wHQYDVR0OBBYEFAuwEcXC
/mwDpOk5gaTFHGmkfSosMB8GA1UdIwQYMBaAFI3N5SubiwUiviZxOkGGVnCmHuht
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MTM3NS9BRUQ1ODMxRTFG
MDYxMUVGQTYxQUJBNTFDNEY5QUUwMi9qYzNsSzV1TEJTSy1KbkU2UVlaV2NLWWU2
RzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2pjM2xLNXVMQlNLLUpuRTZRWVpXY0tZZTZHMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODEzNzUvQUVENTgzMUUxRjA2MTFFRkE2MUFCQTUxQzRGOUFFMDIvQTUxQjczQTAx
RjA3MTFFRkI3QzMwNjU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwawYIKwYBBQUHAQcBAf8E
XDBaMEAEAgABMDoDBAIr4KgDBAI7mYADBAJnWUwDBAJn4ZQwDAMEBso6wAMEAco6
yDAMAwQAyjrLAwQEyjrAAwQCyxzYMBYEAgACMBADBwAgAQ3wqQADBQAkAikAMA0G
CSqGSIb3DQEBCwUAA4IBAQAJgSstgFqm25IKbGCFYQf2HDV0NcgwIo3vnvJmhaBn
MkY+3htzIQNzy4SYWYO1Rlz4a7gQZrN4W7Tkvxs4G25rCzB8yqTOBqB1XASTNYYJ
X7BT2xWRGgqV9x2DM8NFsatLTLMHy/rspJev9PWXeApTZDsQI+UsHMbIZeWRbOFk
MQbGzWrwhDv8Uwf8kVOR3vHJT7FeU9zG3BGxWm4At7Zf8RJ7mU7i0tf7PF2mOb3E
zmJXTo/vWkZBkAH9pvIn6NXMtGsAyZkCvK3KsxgsWGe4y5tAmPSBsWiaSAnMEszc
rv2TqlLg8p5Peh/VgNGspa2IAdzz24Py1g8XAW+2lTQ2
-----END CERTIFICATE-----
Generated at Mon Apr 14 12:52:47 2025 by rpki-client