Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B099077AD18511EF8056A671C4F9AE02.roa
File: B099077AD18511EF8056A671C4F9AE02.roa (raw, json)
Hash identifier: 4izJNT3uRIH+D0uX6MJxtJTcJ5+ben6zyG+WRUn0q+E=
Subject key identifier: 67:27:99:D8:3D:67:B1:89:EC:DD:50:76:BD:DF:CA:AE:92:19:97:24
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A4A1
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B099077AD18511EF8056A671C4F9AE02.roa
Signing time: Tue 04 Feb 2025 09:20:27 +0000
ROA not before: Tue 04 Feb 2025 09:20:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 149240
IP address blocks: 36.50.118.0/23 maxlen: 24
103.3.234.0/23 maxlen: 24
103.61.242.0/23 maxlen: 24
103.88.56.0/24 maxlen: 24
103.88.57.0/24 maxlen: 24
103.139.191.0/24 maxlen: 24
103.148.119.0/24 maxlen: 24
103.152.158.0/24 maxlen: 24
103.157.112.0/23 maxlen: 24
103.159.99.0/24 maxlen: 24
103.162.196.0/23 maxlen: 24
103.163.166.0/23 maxlen: 24
103.167.172.0/24 maxlen: 24
103.170.1.0/24 maxlen: 24
103.174.108.0/23 maxlen: 24
103.178.176.0/23 maxlen: 24
103.184.40.0/24 maxlen: 24
103.184.236.0/23 maxlen: 24
103.191.203.0/24 maxlen: 24
2001:df0:3bc0::/48 maxlen: 48
2001:df0:8640::/48 maxlen: 48
2001:df0:9340::/48 maxlen: 48
2001:df1:9c40::/48 maxlen: 48
2001:df1:a240::/48 maxlen: 48
2001:df2:c3c0::/48 maxlen: 48
2001:df3:4940::/48 maxlen: 48
2001:df3:b6c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 07:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42145 (0xa4a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Feb 4 09:20:27 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67a1dbdb-8398
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2d:50:09:3a:9f:1e:1f:1f:ef:ac:d6:0e:84:
20:8e:63:03:9d:da:ab:1c:86:ea:bd:a0:a4:7f:e8:
8a:f7:ec:fe:48:04:b3:25:63:d6:68:38:ba:6e:ac:
84:51:61:d5:72:65:23:6e:ce:63:26:50:8f:73:82:
74:46:2a:31:80:88:4c:97:17:e8:75:9b:f5:28:1c:
1a:27:0e:72:24:ee:45:76:79:fc:56:23:9d:23:64:
b8:f1:d4:46:b4:e5:30:12:2f:b1:ba:51:42:68:c1:
56:c7:3a:79:d1:30:b2:4d:59:86:39:20:b4:37:45:
83:8a:6d:ef:50:c7:58:e5:2a:04:47:de:d2:41:b4:
13:2d:85:f3:f1:4d:09:75:58:a6:fb:1b:ec:38:03:
80:6c:66:06:59:39:a1:b8:a0:65:7b:b7:27:12:6c:
19:70:61:39:fa:06:1f:45:13:b0:d8:d8:1e:4f:2a:
37:63:2d:ec:26:03:36:55:f8:db:72:11:a5:1e:24:
da:f8:ca:31:f4:6e:7a:09:0a:21:6a:4f:25:35:99:
fe:b3:6c:93:33:6b:5b:42:91:63:43:95:bf:15:d2:
64:34:29:94:99:c8:98:13:75:1a:b0:65:73:10:1a:
1e:fa:a6:77:40:9a:85:0b:ac:37:ab:26:d0:12:e3:
0a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:27:99:D8:3D:67:B1:89:EC:DD:50:76:BD:DF:CA:AE:92:19:97:24
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B099077AD18511EF8056A671C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.118.0/23
103.3.234.0/23
103.61.242.0/23
103.88.56.0/23
103.139.191.0/24
103.148.119.0/24
103.152.158.0/24
103.157.112.0/23
103.159.99.0/24
103.162.196.0/23
103.163.166.0/23
103.167.172.0/24
103.170.1.0/24
103.174.108.0/23
103.178.176.0/23
103.184.40.0/24
103.184.236.0/23
103.191.203.0/24
IPv6:
2001:df0:3bc0::/48
2001:df0:8640::/48
2001:df0:9340::/48
2001:df1:9c40::/48
2001:df1:a240::/48
2001:df2:c3c0::/48
2001:df3:4940::/48
2001:df3:b6c0::/48
Signature Algorithm: sha256WithRSAEncryption
89:d5:df:4f:3e:b3:d1:00:d5:a9:2a:7a:fb:d0:a2:c3:f9:2c:
7f:56:07:c3:44:5e:ee:e3:5d:b9:b7:32:c7:65:42:96:12:0f:
ca:1a:c9:c4:39:33:df:22:7a:37:7e:ad:9a:93:c3:4d:9b:1f:
04:c5:38:70:2a:a7:91:e1:92:8d:aa:8e:4d:3d:67:37:b2:5b:
20:dd:33:ff:30:cf:10:41:1f:23:21:9f:ff:cb:96:ec:8b:2e:
8b:9d:7f:f6:8d:eb:a6:62:50:40:0c:07:54:46:6a:95:98:28:
47:fb:ab:e4:a0:b6:db:64:85:cd:35:5f:5b:7f:4d:68:f5:2e:
0c:1a:2c:9e:85:dd:8a:c2:12:34:5b:1c:04:42:c2:fa:da:25:
83:4e:fa:43:cc:60:4a:d4:c5:1d:bc:cb:8d:b5:4f:d0:c7:29:
3a:e1:7b:2a:0e:28:5b:17:a0:49:b2:06:6a:bb:05:67:ad:dc:
18:ee:09:96:be:11:41:78:ab:76:ea:6c:44:7f:70:89:41:7b:
5e:f5:1d:4d:6a:cd:2a:6c:5d:b0:27:49:59:4c:12:d7:af:c8:
06:ba:a4:22:66:bd:f7:85:ec:db:bb:66:02:6d:3b:14:59:b0:
6a:06:c1:cb:48:7d:af:61:1f:87:11:bd:32:df:0c:0c:a9:6f:
25:51:fb:20
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAKShMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDIwNDA5MjAyN1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdhMWRiZGItODM5ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALYtUAk6nx4fH++s1g6EII5jA53aqxyG6r2gpH/oivfs/kgEsyVj1mg4um6s
hFFh1XJlI27OYyZQj3OCdEYqMYCITJcX6HWb9SgcGicOciTuRXZ5/FYjnSNkuPHU
RrTlMBIvsbpRQmjBVsc6edEwsk1ZhjkgtDdFg4pt71DHWOUqBEfe0kG0Ey2F8/FN
CXVYpvsb7DgDgGxmBlk5obigZXu3JxJsGXBhOfoGH0UTsNjYHk8qN2Mt7CYDNlX4
23IRpR4k2vjKMfRuegkKIWpPJTWZ/rNskzNrW0KRY0OVvxXSZDQplJnImBN1GrBl
cxAaHvqmd0CahQusN6sm0BLjCscCAwEAAaOCA04wggNKMB0GA1UdDgQWBBRnJ5nY
PWexiezdUHa938qukhmXJDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0IwOTkwNzdB
RDE4NTExRUY4MDU2QTY3MUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIHXBggrBgEFBQcBBwEB
/wSBxzCBxDByBAIAATBsAwQBJDJ2AwQBZwPqAwQBZz3yAwQBZ1g4AwQAZ4u/AwQA
Z5R3AwQAZ5ieAwQBZ51wAwQAZ59jAwQBZ6LEAwQBZ6OmAwQAZ6esAwQAZ6oBAwQB
Z65sAwQBZ7KwAwQAZ7goAwQBZ7jsAwQAZ7/LME4EAgACMEgDBwAgAQ3wO8ADBwAg
AQ3whkADBwAgAQ3wk0ADBwAgAQ3xnEADBwAgAQ3xokADBwAgAQ3yw8ADBwAgAQ3z
SUADBwAgAQ3ztsAwDQYJKoZIhvcNAQELBQADggEBAInV308+s9EA1akqevvQosP5
LH9WB8NEXu7jXbm3MsdlQpYSD8oaycQ5M98iejd+rZqTw02bHwTFOHAqp5Hhko2q
jk09ZzeyWyDdM/8wzxBBHyMhn//LluyLLoudf/aN66ZiUEAMB1RGapWYKEf7q+Sg
tttkhc01X1t/TWj1LgwaLJ6F3YrCEjRbHARCwvraJYNO+kPMYErUxR28y421T9DH
KTrheyoOKFsXoEmyBmq7BWet3BjuCZa+EUF4q3bqbER/cIlBe171HU1qzSpsXbAn
SVlMEtevyAa6pCJmvfeF7Nu7ZgJtOxRZsGoGwctIfa9hH4cRvTLfDAypbyVR+yA=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:54:42 2025 by rpki-client