Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/25ECFE32BDE011EF85554E6FC4F9AE02.roa
File: 25ECFE32BDE011EF85554E6FC4F9AE02.roa (raw, json)
Hash identifier: BCujz4kcr7FX/HJo210KwmFr9hpbw9U3WqRLxXS8gdM=
Subject key identifier: EC:48:52:6F:2F:AE:76:62:FC:1D:ED:C2:43:D0:AE:DE:3F:E0:DC:42
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9F99
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/25ECFE32BDE011EF85554E6FC4F9AE02.roa
Signing time: Thu 19 Dec 2024 08:06:28 +0000
ROA not before: Thu 19 Dec 2024 08:06:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 132453
IP address blocks: 103.21.184.0/22 maxlen: 24
103.227.68.0/22 maxlen: 22
103.227.68.0/24 maxlen: 24
103.227.69.0/24 maxlen: 24
103.227.70.0/24 maxlen: 24
103.227.71.0/24 maxlen: 24
103.240.192.0/22 maxlen: 22
103.240.192.0/24 maxlen: 24
103.240.193.0/24 maxlen: 24
103.240.194.0/24 maxlen: 24
103.240.195.0/24 maxlen: 24
103.240.232.0/22 maxlen: 22
103.240.232.0/24 maxlen: 24
103.240.233.0/24 maxlen: 24
103.240.234.0/24 maxlen: 24
103.240.235.0/24 maxlen: 24
103.240.236.0/22 maxlen: 22
103.240.236.0/24 maxlen: 24
103.240.237.0/24 maxlen: 24
103.240.238.0/24 maxlen: 24
103.240.239.0/24 maxlen: 24
103.245.12.0/22 maxlen: 22
103.245.12.0/24 maxlen: 24
103.245.13.0/24 maxlen: 24
103.245.14.0/24 maxlen: 24
103.245.15.0/24 maxlen: 24
103.248.84.0/22 maxlen: 22
103.248.84.0/24 maxlen: 24
103.248.85.0/24 maxlen: 24
103.248.86.0/24 maxlen: 24
103.248.87.0/24 maxlen: 24
103.252.216.0/22 maxlen: 22
103.252.216.0/24 maxlen: 24
103.252.217.0/24 maxlen: 24
103.252.218.0/24 maxlen: 24
103.252.219.0/24 maxlen: 24
103.253.172.0/22 maxlen: 22
103.253.172.0/24 maxlen: 24
103.253.173.0/24 maxlen: 24
103.253.174.0/24 maxlen: 24
103.253.175.0/24 maxlen: 24
111.125.196.0/22 maxlen: 24
150.129.180.0/22 maxlen: 22
150.129.180.0/24 maxlen: 24
150.129.181.0/24 maxlen: 24
150.129.182.0/24 maxlen: 24
150.129.183.0/24 maxlen: 24
150.129.236.0/22 maxlen: 22
150.129.236.0/24 maxlen: 24
150.129.237.0/24 maxlen: 24
150.129.238.0/24 maxlen: 24
150.129.239.0/24 maxlen: 24
150.129.248.0/22 maxlen: 22
150.129.248.0/24 maxlen: 24
150.129.249.0/24 maxlen: 24
150.129.250.0/24 maxlen: 24
150.129.251.0/24 maxlen: 24
150.242.60.0/22 maxlen: 22
150.242.60.0/24 maxlen: 24
150.242.61.0/24 maxlen: 24
150.242.62.0/24 maxlen: 24
150.242.63.0/24 maxlen: 24
150.242.64.0/22 maxlen: 22
150.242.64.0/24 maxlen: 24
150.242.65.0/24 maxlen: 24
150.242.66.0/24 maxlen: 24
150.242.67.0/24 maxlen: 24
150.242.72.0/22 maxlen: 22
150.242.72.0/24 maxlen: 24
150.242.73.0/24 maxlen: 24
150.242.74.0/24 maxlen: 24
150.242.75.0/24 maxlen: 24
150.242.84.0/22 maxlen: 22
150.242.84.0/24 maxlen: 24
150.242.85.0/24 maxlen: 24
150.242.86.0/24 maxlen: 24
150.242.87.0/24 maxlen: 24
150.242.172.0/22 maxlen: 22
150.242.172.0/24 maxlen: 24
150.242.173.0/24 maxlen: 24
150.242.174.0/24 maxlen: 24
150.242.175.0/24 maxlen: 24
2400:80c0::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 07:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40857 (0x9f99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Dec 19 08:06:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6763d404-f92c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:10:42:64:62:17:49:5c:b1:78:f5:be:ec:03:
1f:a0:c7:6a:40:c8:a7:32:23:2c:e9:d3:85:32:03:
70:0e:9d:74:30:9d:2d:32:8d:c0:74:70:ff:0d:56:
c4:4a:ae:02:55:f0:fa:35:f7:d7:8e:01:dc:a8:1e:
d0:fd:ad:40:89:6d:ce:a1:23:c5:1c:d9:bb:2d:0f:
d8:69:e0:4e:9b:fb:7c:1c:3d:ab:b4:32:fb:db:e3:
5a:60:5b:7e:82:2e:b0:5c:e1:d9:4a:c5:40:10:ee:
46:f1:fc:80:08:89:51:7a:49:b3:9d:61:ab:c5:76:
a7:0d:6c:10:25:d7:c3:9b:89:e0:10:68:ae:06:9b:
f2:f3:82:8d:49:68:97:c0:aa:c0:39:1c:c3:d2:28:
fc:b7:f4:e1:c3:e8:f3:9c:74:de:5a:80:13:9b:31:
92:aa:c2:83:4e:8c:c6:ae:93:60:ca:63:dc:eb:cc:
d7:f3:00:f6:3a:64:3c:49:9a:07:93:31:64:0a:b7:
fc:6a:13:91:38:80:53:e2:15:96:fc:f0:4d:69:66:
77:eb:30:af:f0:e4:b0:57:96:99:d6:83:dc:5d:9f:
ae:41:8c:34:80:99:2b:8e:2b:f0:b1:e9:e5:21:70:
3f:94:ce:89:ef:5f:68:24:96:d0:59:64:b2:c5:1e:
ff:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:48:52:6F:2F:AE:76:62:FC:1D:ED:C2:43:D0:AE:DE:3F:E0:DC:42
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/25ECFE32BDE011EF85554E6FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.21.184.0/22
103.227.68.0/22
103.240.192.0/22
103.240.232.0/21
103.245.12.0/22
103.248.84.0/22
103.252.216.0/22
103.253.172.0/22
111.125.196.0/22
150.129.180.0/22
150.129.236.0/22
150.129.248.0/22
150.242.60.0-150.242.67.255
150.242.72.0/22
150.242.84.0/22
150.242.172.0/22
IPv6:
2400:80c0::/32
Signature Algorithm: sha256WithRSAEncryption
7a:d2:fd:ff:3f:b6:15:01:0a:10:38:fd:30:75:64:4d:dd:da:
47:3a:1d:cd:6e:9d:57:70:d2:4b:f0:d1:44:dc:6c:0c:75:e8:
94:de:b9:ad:ca:5f:2a:86:c5:26:2d:50:7a:22:f0:ca:4f:4a:
93:aa:1b:8e:2c:3b:1b:0a:1d:f2:e4:71:26:2c:b5:04:99:0f:
27:87:54:fd:2e:f4:46:25:00:87:92:05:5c:ac:30:38:e0:94:
03:89:af:6c:27:b7:90:78:66:b4:5d:72:ec:17:83:1e:8e:4c:
db:24:53:c0:a6:5d:a3:9d:4e:6b:ca:dd:2d:6c:db:63:31:97:
24:f6:12:a8:c6:41:ad:a3:5c:f9:a5:74:f3:97:f2:8b:26:18:
db:a9:dc:16:a1:56:19:81:d7:d0:94:0e:ca:1c:c8:41:d3:01:
5f:eb:aa:02:55:79:ff:64:1b:df:38:f6:70:70:ef:f0:93:b7:
b2:6f:ce:04:41:b5:f6:d6:fd:19:d0:9f:40:87:16:d5:4b:30:
2d:87:e4:66:2c:30:7b:63:fe:18:63:95:6f:9d:10:c4:f3:ee:
82:03:73:a9:00:16:35:de:59:8e:cd:ea:1d:69:3c:8a:e0:3f:
f1:15:d6:c7:5c:b0:ad:6c:fe:61:17:ea:a0:32:ae:c3:26:83:
65:34:5f:c6
-----BEGIN CERTIFICATE-----
MIIF5TCCBM2gAwIBAgIDAJ+ZMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTIxOTA4MDYyOFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc2M2Q0MDQtZjkyYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ0QQmRiF0lcsXj1vuwDH6DHakDIpzIjLOnThTIDcA6ddDCdLTKNwHRw/w1W
xEquAlXw+jX3144B3Kge0P2tQIltzqEjxRzZuy0P2GngTpv7fBw9q7Qy+9vjWmBb
foIusFzh2UrFQBDuRvH8gAiJUXpJs51hq8V2pw1sECXXw5uJ4BBorgab8vOCjUlo
l8CqwDkcw9Io/Lf04cPo85x03lqAE5sxkqrCg06Mxq6TYMpj3OvM1/MA9jpkPEma
B5MxZAq3/GoTkTiAU+IVlvzwTWlmd+swr/DksFeWmdaD3F2frkGMNICZK44r8LHp
5SFwP5TOie9faCSW0FlkssUe/ysCAwEAAaOCAwgwggMEMB0GA1UdDgQWBBTsSFJv
L652Yvwd7cJD0K7eP+DcQjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzI1RUNGRTMy
QkRFMDExRUY4NTU1NEU2RkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGRBggrBgEFBQcBBwEB
/wSBgTB/MG4EAgABMGgDBAJnFbgDBAJn40QDBAJn8MADBANn8OgDBAJn9QwDBAJn
+FQDBAJn/NgDBAJn/awDBAJvfcQDBAKWgbQDBAKWgewDBAKWgfgwDAMEApbyPAME
ApbyQAMEApbySAMEApbyVAMEApbyrDANBAIAAjAHAwUAJACAwDANBgkqhkiG9w0B
AQsFAAOCAQEAetL9/z+2FQEKEDj9MHVkTd3aRzodzW6dV3DSS/DRRNxsDHXolN65
rcpfKobFJi1QeiLwyk9Kk6objiw7Gwod8uRxJiy1BJkPJ4dU/S70RiUAh5IFXKww
OOCUA4mvbCe3kHhmtF1y7BeDHo5M2yRTwKZdo51Oa8rdLWzbYzGXJPYSqMZBraNc
+aV085fyiyYY26ncFqFWGYHX0JQOyhzIQdMBX+uqAlV5/2Qb3zj2cHDv8JO3sm/O
BEG19tb9GdCfQIcW1UswLYfkZiwwe2P+GGOVb50QxPPuggNzqQAWNd5Zjs3qHWk8
iuA/8RXWx1ywrWz+YRfqoDKuwyaDZTRfxg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:55:59 2025 by rpki-client