Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EBD48D1E0F8311F0AB75BC25C4F9AE02.roa
File: EBD48D1E0F8311F0AB75BC25C4F9AE02.roa (raw, json)
Hash identifier: pL5UDzQuYWOOZRBR+K6FdOl8xuZScKONkc8e2INf6xk=
Subject key identifier: DE:FF:14:8D:0C:82:9D:F4:97:3A:C0:98:2B:7D:12:BE:F2:FB:85:82
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: AD5A
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EBD48D1E0F8311F0AB75BC25C4F9AE02.roa
Signing time: Wed 02 Apr 2025 05:40:56 +0000
ROA not before: Wed 02 Apr 2025 05:40:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133594
IP address blocks: 14.102.1.0/24 maxlen: 24
14.102.2.0/23 maxlen: 24
14.102.3.0/24 maxlen: 24
14.102.22.0/23 maxlen: 24
14.102.24.0/22 maxlen: 24
14.102.32.0/22 maxlen: 24
14.102.36.0/23 maxlen: 24
14.102.38.0/24 maxlen: 24
14.102.40.0/22 maxlen: 24
14.102.43.0/24 maxlen: 24
14.102.44.0/24 maxlen: 24
14.102.45.0/24 maxlen: 24
14.102.48.0/24 maxlen: 24
14.102.50.0/24 maxlen: 24
14.102.56.0/23 maxlen: 24
14.102.57.0/24 maxlen: 24
14.102.59.0/24 maxlen: 24
14.102.64.0/22 maxlen: 24
14.102.66.0/24 maxlen: 24
14.102.68.0/22 maxlen: 24
14.102.72.0/22 maxlen: 24
14.102.76.0/23 maxlen: 24
14.102.78.0/24 maxlen: 24
14.102.80.0/23 maxlen: 24
14.102.82.0/24 maxlen: 24
14.102.88.0/24 maxlen: 24
14.102.92.0/23 maxlen: 24
14.102.95.0/24 maxlen: 24
14.102.96.0/23 maxlen: 24
14.102.100.0/23 maxlen: 24
14.102.103.0/24 maxlen: 24
14.102.104.0/22 maxlen: 24
14.102.108.0/22 maxlen: 24
14.102.112.0/22 maxlen: 24
14.102.116.0/22 maxlen: 24
14.102.120.0/22 maxlen: 24
14.102.123.0/24 maxlen: 24
14.102.125.0/24 maxlen: 24
14.102.126.0/23 maxlen: 24
110.172.136.0/24 maxlen: 24
110.172.150.0/24 maxlen: 24
110.172.168.0/24 maxlen: 24
111.235.64.0/22 maxlen: 24
118.91.176.0/24 maxlen: 24
202.89.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 07:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44378 (0xad5a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Apr 2 05:40:56 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67eccde8-fd0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:13:75:ef:b5:ff:61:db:23:13:04:37:f7:95:
cf:00:bb:ac:50:b5:c7:4b:42:69:25:2f:ec:11:69:
12:1e:df:c5:58:d8:1d:e2:f3:b3:56:3d:ce:62:a3:
51:fb:79:0a:f8:ce:59:2d:d1:a2:aa:3c:be:ea:b4:
4f:9b:32:7c:b4:fc:97:8a:28:72:9c:7d:10:69:a0:
0f:80:eb:62:e2:ff:2e:1a:8a:7e:4c:2f:0b:30:8d:
fa:81:61:08:e7:4b:bc:22:37:1f:36:cc:d0:03:bd:
bc:86:32:53:3b:63:f5:82:56:ff:53:57:bc:e7:d3:
62:a3:77:aa:c8:75:a3:ff:eb:fb:9e:bc:6b:03:fb:
ea:0d:2b:ce:6b:9e:66:8a:56:08:e0:44:fc:f1:97:
f1:7a:d3:eb:35:15:58:57:7d:d2:21:af:50:84:cd:
5d:5b:5a:6b:42:b4:66:f7:6c:78:fc:e5:03:20:db:
54:6c:db:0f:05:9c:5d:37:f2:83:f2:6a:8f:f2:5e:
0a:b0:bd:12:aa:20:12:9c:79:e0:9b:64:3d:1f:f5:
64:b5:d0:5d:ad:5c:16:36:37:70:7c:2b:d3:bb:d9:
93:10:8c:11:ed:d2:24:39:7d:dd:97:14:09:43:38:
91:9c:e7:19:6b:70:c7:a6:e2:d1:2b:47:d7:6e:27:
57:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:FF:14:8D:0C:82:9D:F4:97:3A:C0:98:2B:7D:12:BE:F2:FB:85:82
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EBD48D1E0F8311F0AB75BC25C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.102.1.0-14.102.3.255
14.102.22.0-14.102.27.255
14.102.32.0-14.102.38.255
14.102.40.0-14.102.45.255
14.102.48.0/24
14.102.50.0/24
14.102.56.0/23
14.102.59.0/24
14.102.64.0-14.102.78.255
14.102.80.0-14.102.82.255
14.102.88.0/24
14.102.92.0/23
14.102.95.0-14.102.97.255
14.102.100.0/23
14.102.103.0-14.102.123.255
14.102.125.0-14.102.127.255
110.172.136.0/24
110.172.150.0/24
110.172.168.0/24
111.235.64.0/22
118.91.176.0/24
202.89.70.0/24
Signature Algorithm: sha256WithRSAEncryption
10:ac:b9:01:9a:cf:a1:38:c8:ab:80:f2:4a:b3:9c:31:b5:37:
40:fc:2a:f7:48:0f:cf:1f:9e:7d:da:13:af:75:b0:1c:23:96:
9e:6a:36:a5:55:49:91:ad:33:67:51:a8:42:8d:c2:f1:37:26:
1a:7f:1a:3c:80:32:5a:dc:11:a2:24:7d:2f:e2:d4:14:7c:f8:
3d:25:be:b4:04:7d:31:ac:58:7a:81:83:aa:97:c2:e6:b3:8b:
ef:fe:98:8e:e9:b3:11:1b:90:5b:47:56:fc:5a:a1:ab:b6:41:
f0:2d:db:90:ab:c1:47:3e:cc:00:dc:db:a1:4f:ba:c4:e6:31:
9e:06:93:14:25:c0:bc:05:2e:1f:76:ad:71:ba:84:69:10:79:
6c:ba:52:8d:bd:84:83:48:b1:5e:08:35:ae:4f:57:b6:87:ec:
ab:80:9e:4c:b3:71:e0:00:ee:98:4a:1e:cf:5a:d8:da:fa:1e:
70:0a:7f:fb:6a:03:a6:c2:33:2c:79:bf:0f:74:9c:7c:9a:8f:
e3:13:7c:e2:65:8b:dc:c6:d5:42:d8:eb:af:64:a7:63:97:8f:
b9:8f:b7:d5:20:84:f2:26:f3:2e:2e:ad:38:9a:79:1e:5c:4d:
17:9d:d5:b5:cd:c2:8f:dc:9b:ac:1f:44:31:56:9a:bd:c5:a1:
4f:8b:d4:20
-----BEGIN CERTIFICATE-----
MIIGPTCCBSWgAwIBAgIDAK1aMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDQwMjA1NDA1NloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdlY2NkZTgtZmQwZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALMTde+1/2HbIxMEN/eVzwC7rFC1x0tCaSUv7BFpEh7fxVjYHeLzs1Y9zmKj
Uft5CvjOWS3Roqo8vuq0T5syfLT8l4oocpx9EGmgD4DrYuL/LhqKfkwvCzCN+oFh
COdLvCI3HzbM0AO9vIYyUztj9YJW/1NXvOfTYqN3qsh1o//r+568awP76g0rzmue
ZopWCOBE/PGX8XrT6zUVWFd90iGvUITNXVtaa0K0ZvdsePzlAyDbVGzbDwWcXTfy
g/Jqj/JeCrC9EqogEpx54JtkPR/1ZLXQXa1cFjY3cHwr07vZkxCMEe3SJDl93ZcU
CUM4kZznGWtwx6bi0StH124nV5ECAwEAAaOCA2AwggNcMB0GA1UdDgQWBBTe/xSN
DIKd9Jc6wJgrfRK+8vuFgjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0VCRDQ4RDFF
MEY4MzExRjBBQjc1QkMyNUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIHpBggrBgEFBQcBBwEB
/wSB2TCB1jCB0wQCAAEwgcwwDAMEAA5mAQMEAg5mADAMAwQBDmYWAwQCDmYYMAwD
BAUOZiADBAAOZiYwDAMEAw5mKAMEAQ5mLAMEAA5mMAMEAA5mMgMEAQ5mOAMEAA5m
OzAMAwQGDmZAAwQADmZOMAwDBAQOZlADBAAOZlIDBAAOZlgDBAEOZlwwDAMEAA5m
XwMEAQ5mYAMEAQ5mZDAMAwQADmZnAwQCDmZ4MAwDBAAOZn0DBAcOZgADBABurIgD
BABurJYDBABurKgDBAJv60ADBAB2W7ADBADKWUYwDQYJKoZIhvcNAQELBQADggEB
ABCsuQGaz6E4yKuA8kqznDG1N0D8KvdID88fnn3aE691sBwjlp5qNqVVSZGtM2dR
qEKNwvE3Jhp/GjyAMlrcEaIkfS/i1BR8+D0lvrQEfTGsWHqBg6qXwuazi+/+mI7p
sxEbkFtHVvxaoau2QfAt25CrwUc+zADc26FPusTmMZ4GkxQlwLwFLh92rXG6hGkQ
eWy6Uo29hINIsV4INa5PV7aH7KuAnkyzceAA7phKHs9a2Nr6HnAKf/tqA6bCMyx5
vw90nHyaj+MTfOJli9zG1ULY669kp2OXj7mPt9UghPIm8y4urTiaeR5cTRed1bXN
wo/cm6wfRDFWmr3FoU+L1CA=
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:12:02 2025 by rpki-client