Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1258A52C0F9511F08F612487C4F9AE02.roa
File: 1258A52C0F9511F08F612487C4F9AE02.roa (raw, json)
Hash identifier: 8JTAsywFxQEswFEyxpXuvXb+wHiETe42GLSXs+moBB4=
Subject key identifier: 08:D1:5E:C1:39:85:DF:FF:FA:39:C9:C6:2E:C9:14:53:95:60:38:2E
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: AD65
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1258A52C0F9511F08F612487C4F9AE02.roa
Signing time: Wed 02 Apr 2025 07:35:38 +0000
ROA not before: Wed 02 Apr 2025 07:35:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137085
IP address blocks: 27.123.240.0/23 maxlen: 24
43.225.248.0/22 maxlen: 24
43.228.164.0/23 maxlen: 24
103.37.98.0/23 maxlen: 24
103.68.21.0/24 maxlen: 24
103.68.140.0/23 maxlen: 24
103.69.239.0/24 maxlen: 24
103.72.196.0/24 maxlen: 24
103.88.59.0/24 maxlen: 24
103.91.72.0/24 maxlen: 24
103.91.73.0/24 maxlen: 24
103.91.74.0/24 maxlen: 24
103.91.75.0/24 maxlen: 24
103.91.76.0/22 maxlen: 24
103.92.107.0/24 maxlen: 24
103.93.39.0/24 maxlen: 24
103.101.112.0/22 maxlen: 24
103.113.110.0/23 maxlen: 24
103.120.108.0/24 maxlen: 24
103.120.152.0/24 maxlen: 24
103.120.153.0/24 maxlen: 24
103.124.174.0/24 maxlen: 24
103.138.9.0/24 maxlen: 24
103.139.143.0/24 maxlen: 24
103.148.119.0/24 maxlen: 24
103.154.8.0/23 maxlen: 24
103.154.56.0/23 maxlen: 24
103.155.237.0/24 maxlen: 24
103.156.121.0/24 maxlen: 24
103.157.188.0/23 maxlen: 24
103.158.41.0/24 maxlen: 24
103.159.104.0/23 maxlen: 24
103.160.25.0/24 maxlen: 24
103.160.222.0/24 maxlen: 24
103.164.140.0/24 maxlen: 24
103.165.88.0/23 maxlen: 24
103.167.154.0/23 maxlen: 24
103.167.182.0/23 maxlen: 24
103.167.224.0/23 maxlen: 24
103.167.238.0/23 maxlen: 24
103.168.60.0/23 maxlen: 24
103.169.242.0/23 maxlen: 24
103.170.0.0/24 maxlen: 24
103.170.36.0/23 maxlen: 24
103.170.38.0/23 maxlen: 24
103.170.48.0/23 maxlen: 24
103.170.84.0/23 maxlen: 24
103.174.28.0/24 maxlen: 24
103.174.29.0/24 maxlen: 24
103.178.24.0/23 maxlen: 24
103.178.117.0/24 maxlen: 24
103.179.50.0/23 maxlen: 24
103.181.66.0/24 maxlen: 24
103.181.119.0/24 maxlen: 24
103.184.41.0/24 maxlen: 24
103.184.205.0/24 maxlen: 24
103.191.202.0/23 maxlen: 24
103.204.70.0/24 maxlen: 24
103.206.51.0/24 maxlen: 24
103.206.96.0/23 maxlen: 24
103.216.141.0/24 maxlen: 24
103.232.232.0/22 maxlen: 24
202.4.169.0/24 maxlen: 24
2001:df0:47c0::/48 maxlen: 48
2001:df1:d240::/48 maxlen: 48
2001:df1:ed40::/48 maxlen: 48
2001:df2:3ac0::/48 maxlen: 48
2001:df2:3f40::/48 maxlen: 48
2001:df3:1340::/48 maxlen: 48
2400:d660::/32 maxlen: 32
2401:bba0::/32 maxlen: 32
2405:e100:a::/48 maxlen: 48
2405:e100:b::/48 maxlen: 48
2405:e100:c::/48 maxlen: 48
2405:e100:d::/48 maxlen: 48
2405:e100:e::/48 maxlen: 48
2405:e100:f::/48 maxlen: 48
2405:e100:1d::/48 maxlen: 48
2405:e100:1e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 07:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44389 (0xad65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Apr 2 07:35:38 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67ece8ca-0d94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:cf:2a:12:c7:ed:11:8d:3d:c5:af:e2:ea:7d:
d2:c6:ad:94:dd:68:9c:d6:6f:f9:e1:b5:59:bd:cb:
82:60:05:59:84:9b:dd:c1:92:c5:4a:c4:e4:db:3f:
27:a5:2d:88:91:df:64:bc:21:0b:89:bb:1f:ef:88:
f5:43:33:04:2c:ed:94:85:34:9f:06:f1:56:72:20:
2a:d0:41:29:fe:07:28:f6:f0:f8:34:3e:51:14:1b:
9a:a5:78:b6:92:31:0b:48:f6:6d:83:9f:83:ff:bc:
2e:9c:c2:81:10:a6:0d:ad:bc:3c:a7:56:75:b5:1d:
34:7f:86:dd:f1:21:29:90:57:72:79:3a:bb:1d:01:
ac:ba:3f:d5:4e:af:74:41:f2:e6:c0:06:a4:a8:d2:
ae:38:bd:fd:e7:e6:30:b7:99:75:cb:a5:18:db:b0:
72:11:51:1f:13:72:4b:3a:4e:0e:e9:d2:e0:22:ce:
bd:69:8e:a0:71:bd:68:6f:4e:12:b8:2d:34:72:93:
ec:19:4f:86:85:bc:da:f9:13:78:7c:fa:bc:aa:d8:
46:89:52:b7:4d:3e:30:c9:ee:36:f8:60:4f:7e:9e:
26:37:c8:80:bf:43:91:fb:84:1b:c5:94:c6:e2:d8:
4b:00:62:1e:42:76:a7:64:ba:6b:47:8c:d5:b7:90:
19:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:D1:5E:C1:39:85:DF:FF:FA:39:C9:C6:2E:C9:14:53:95:60:38:2E
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1258A52C0F9511F08F612487C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.123.240.0/23
43.225.248.0/22
43.228.164.0/23
103.37.98.0/23
103.68.21.0/24
103.68.140.0/23
103.69.239.0/24
103.72.196.0/24
103.88.59.0/24
103.91.72.0/21
103.92.107.0/24
103.93.39.0/24
103.101.112.0/22
103.113.110.0/23
103.120.108.0/24
103.120.152.0/23
103.124.174.0/24
103.138.9.0/24
103.139.143.0/24
103.148.119.0/24
103.154.8.0/23
103.154.56.0/23
103.155.237.0/24
103.156.121.0/24
103.157.188.0/23
103.158.41.0/24
103.159.104.0/23
103.160.25.0/24
103.160.222.0/24
103.164.140.0/24
103.165.88.0/23
103.167.154.0/23
103.167.182.0/23
103.167.224.0/23
103.167.238.0/23
103.168.60.0/23
103.169.242.0/23
103.170.0.0/24
103.170.36.0/22
103.170.48.0/23
103.170.84.0/23
103.174.28.0/23
103.178.24.0/23
103.178.117.0/24
103.179.50.0/23
103.181.66.0/24
103.181.119.0/24
103.184.41.0/24
103.184.205.0/24
103.191.202.0/23
103.204.70.0/24
103.206.51.0/24
103.206.96.0/23
103.216.141.0/24
103.232.232.0/22
202.4.169.0/24
IPv6:
2001:df0:47c0::/48
2001:df1:d240::/48
2001:df1:ed40::/48
2001:df2:3ac0::/48
2001:df2:3f40::/48
2001:df3:1340::/48
2400:d660::/32
2401:bba0::/32
2405:e100:a::-2405:e100:f:ffff:ffff:ffff:ffff:ffff
2405:e100:1d::-2405:e100:1e:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
80:db:6e:4d:87:d2:9f:59:6b:27:57:83:50:8b:a7:09:63:d8:
37:0f:29:ae:11:82:14:e4:bd:c0:fa:09:e2:53:24:98:2a:71:
d8:9e:d1:18:19:6a:8f:9b:d9:f0:46:75:54:3f:dc:fd:b1:f7:
20:e2:1d:80:78:7f:51:bf:9b:fd:c8:e9:35:3b:30:cd:73:f3:
67:a3:d3:d8:13:2d:df:38:23:bf:6f:3b:74:c8:88:ef:c0:51:
b2:9a:94:ad:14:6a:a0:0d:87:85:0b:30:d3:92:3e:4c:53:1e:
c5:69:7b:2a:6a:db:e7:89:e9:d9:81:43:dc:73:8f:34:51:33:
28:d4:00:a5:70:f9:e4:0f:8c:d7:c9:41:d2:91:1c:e9:74:82:
ee:82:cd:dc:f4:7b:74:76:de:3f:ed:e5:a6:c8:8f:af:74:b8:
84:1a:d5:ae:3a:cf:72:2c:40:56:0a:03:63:b3:79:08:f2:1d:
7d:32:eb:0d:58:9e:d1:99:c9:ee:b7:3d:74:27:26:e0:25:76:
9d:8f:07:48:4b:11:df:6c:f3:aa:00:ff:de:9d:07:b9:23:dc:
51:35:1c:0b:a2:6d:ae:c1:97:b6:c8:0b:ca:47:45:cc:88:34:
c7:7a:b4:1b:28:10:ae:da:ba:d0:20:30:b8:a8:4b:cd:9a:77:
85:41:31:71
-----BEGIN CERTIFICATE-----
MIIHOjCCBiKgAwIBAgIDAK1lMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDQwMjA3MzUzOFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdlY2U4Y2EtMGQ5NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPDPKhLH7RGNPcWv4up90satlN1onNZv+eG1Wb3LgmAFWYSb3cGSxUrE5Ns/
J6UtiJHfZLwhC4m7H++I9UMzBCztlIU0nwbxVnIgKtBBKf4HKPbw+DQ+URQbmqV4
tpIxC0j2bYOfg/+8LpzCgRCmDa28PKdWdbUdNH+G3fEhKZBXcnk6ux0BrLo/1U6v
dEHy5sAGpKjSrji9/efmMLeZdculGNuwchFRHxNySzpODunS4CLOvWmOoHG9aG9O
ErgtNHKT7BlPhoW82vkTeHz6vKrYRolSt00+MMnuNvhgT36eJjfIgL9DkfuEG8WU
xuLYSwBiHkJ2p2S6a0eM1beQGcECAwEAAaOCBF0wggRZMB0GA1UdDgQWBBQI0V7B
OYXf//o5ycYuyRRTlWA4LjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzEyNThBNTJD
MEY5NTExRjA4RjYxMjQ4N0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIB5QYIKwYBBQUHAQcB
Af8EggHUMIIB0DCCAVgEAgABMIIBUAMEARt78AMEAivh+AMEASvkpAMEAWclYgME
AGdEFQMEAWdEjAMEAGdF7wMEAGdIxAMEAGdYOwMEA2dbSAMEAGdcawMEAGddJwME
AmdlcAMEAWdxbgMEAGd4bAMEAWd4mAMEAGd8rgMEAGeKCQMEAGeLjwMEAGeUdwME
AWeaCAMEAWeaOAMEAGeb7QMEAGeceQMEAWedvAMEAGeeKQMEAWefaAMEAGegGQME
AGeg3gMEAGekjAMEAWelWAMEAWenmgMEAWentgMEAWen4AMEAWen7gMEAWeoPAME
AWep8gMEAGeqAAMEAmeqJAMEAWeqMAMEAWeqVAMEAWeuHAMEAWeyGAMEAGeydQME
AWezMgMEAGe1QgMEAGe1dwMEAGe4KQMEAGe4zQMEAWe/ygMEAGfMRgMEAGfOMwME
AWfOYAMEAGfYjQMEAmfo6AMEAMoEqTByBAIAAjBsAwcAIAEN8EfAAwcAIAEN8dJA
AwcAIAEN8e1AAwcAIAEN8jrAAwcAIAEN8j9AAwcAIAEN8xNAAwUAJADWYAMFACQB
u6AwEgMHASQF4QAACgMHBCQF4QAAADASAwcAJAXhAAAdAwcAJAXhAAAeMA0GCSqG
SIb3DQEBCwUAA4IBAQCA225Nh9KfWWsnV4NQi6cJY9g3DymuEYIU5L3A+gniUySY
KnHYntEYGWqPm9nwRnVUP9z9sfcg4h2AeH9Rv5v9yOk1OzDNc/Nno9PYEy3fOCO/
bzt0yIjvwFGympStFGqgDYeFCzDTkj5MUx7FaXsqatvnienZgUPcc480UTMo1ACl
cPnkD4zXyUHSkRzpdILugs3c9Ht0dt4/7eWmyI+vdLiEGtWuOs9yLEBWCgNjs3kI
8h19MusNWJ7Rmcnutz10JybgJXadjwdISxHfbPOqAP/enQe5I9xRNRwLom2uwZe2
yAvKR0XMiDTHerQbKBCu2rrQIDC4qEvNmneFQTFx
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:51:29 2025 by rpki-client