Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FFD7765202FC11F0A888CF27C4F9AE02.roa
File: FFD7765202FC11F0A888CF27C4F9AE02.roa (raw, json)
Hash identifier: IvpkmRItGsQqWqNtMhhxljQ6a5tPIzVWeEUoUINTPMA=
Subject key identifier: 87:94:3D:E1:C8:ED:62:71:FD:70:DB:BE:F0:08:19:0E:18:5B:F1:6C
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: AB2C
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FFD7765202FC11F0A888CF27C4F9AE02.roa
Signing time: Mon 17 Mar 2025 06:56:49 +0000
ROA not before: Mon 17 Mar 2025 06:56:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24554
IP address blocks: 36.255.108.0/22 maxlen: 24
36.255.180.0/22 maxlen: 24
36.255.184.0/22 maxlen: 22
36.255.184.0/24 maxlen: 24
36.255.185.0/24 maxlen: 24
36.255.186.0/24 maxlen: 24
36.255.187.0/24 maxlen: 24
43.224.172.0/22 maxlen: 24
43.241.116.0/22 maxlen: 24
45.116.44.0/22 maxlen: 24
45.117.48.0/22 maxlen: 22
45.117.48.0/24 maxlen: 24
45.117.49.0/24 maxlen: 24
45.117.50.0/24 maxlen: 24
45.117.51.0/24 maxlen: 24
45.117.108.0/22 maxlen: 24
45.117.148.0/22 maxlen: 22
45.117.148.0/24 maxlen: 24
45.117.149.0/24 maxlen: 24
45.117.150.0/24 maxlen: 24
45.117.151.0/24 maxlen: 24
45.117.248.0/22 maxlen: 22
45.117.248.0/24 maxlen: 24
45.117.249.0/24 maxlen: 24
45.117.250.0/24 maxlen: 24
45.117.251.0/24 maxlen: 24
58.146.96.0/19 maxlen: 24
103.29.208.0/22 maxlen: 24
103.51.208.0/22 maxlen: 24
103.53.60.0/22 maxlen: 22
103.53.60.0/24 maxlen: 24
103.53.61.0/24 maxlen: 24
103.53.62.0/24 maxlen: 24
103.53.63.0/24 maxlen: 24
103.53.232.0/22 maxlen: 22
103.53.232.0/24 maxlen: 24
103.53.233.0/24 maxlen: 24
103.53.234.0/24 maxlen: 24
103.53.235.0/24 maxlen: 24
103.54.104.0/22 maxlen: 24
103.57.172.0/22 maxlen: 24
103.195.76.0/22 maxlen: 24
103.200.100.0/22 maxlen: 24
103.200.212.0/22 maxlen: 24
103.203.60.0/22 maxlen: 24
103.234.212.0/22 maxlen: 22
103.234.212.0/24 maxlen: 24
103.234.213.0/24 maxlen: 24
103.234.214.0/24 maxlen: 24
103.234.215.0/24 maxlen: 24
103.234.240.0/22 maxlen: 24
111.125.236.0/24 maxlen: 24
111.125.241.0/24 maxlen: 24
111.125.242.0/24 maxlen: 24
111.125.249.0/24 maxlen: 24
120.138.0.0/22 maxlen: 24
180.148.32.0/19 maxlen: 24
182.237.128.0/18 maxlen: 24
183.87.0.0/21 maxlen: 22
183.87.0.0/24 maxlen: 24
183.87.1.0/24 maxlen: 24
183.87.2.0/24 maxlen: 24
183.87.3.0/24 maxlen: 24
183.87.4.0/24 maxlen: 24
183.87.5.0/24 maxlen: 24
183.87.6.0/24 maxlen: 24
183.87.7.0/24 maxlen: 24
183.87.8.0/22 maxlen: 22
183.87.8.0/24 maxlen: 24
183.87.9.0/24 maxlen: 24
183.87.10.0/24 maxlen: 24
183.87.11.0/24 maxlen: 24
183.87.16.0/22 maxlen: 22
183.87.16.0/24 maxlen: 24
183.87.17.0/24 maxlen: 24
183.87.18.0/24 maxlen: 24
183.87.19.0/24 maxlen: 24
183.87.20.0/22 maxlen: 22
183.87.20.0/24 maxlen: 24
183.87.21.0/24 maxlen: 24
183.87.22.0/24 maxlen: 24
183.87.23.0/24 maxlen: 24
183.87.24.0/22 maxlen: 22
183.87.24.0/24 maxlen: 24
183.87.25.0/24 maxlen: 24
183.87.26.0/24 maxlen: 24
183.87.27.0/24 maxlen: 24
183.87.28.0/22 maxlen: 22
183.87.28.0/24 maxlen: 24
183.87.29.0/24 maxlen: 24
183.87.30.0/24 maxlen: 24
183.87.31.0/24 maxlen: 24
183.87.224.0/20 maxlen: 24
202.177.224.0/19 maxlen: 19
202.177.224.0/22 maxlen: 22
202.177.224.0/24 maxlen: 24
202.177.225.0/24 maxlen: 24
202.177.226.0/24 maxlen: 24
202.177.227.0/24 maxlen: 24
202.177.228.0/22 maxlen: 22
202.177.228.0/24 maxlen: 24
202.177.229.0/24 maxlen: 24
202.177.230.0/24 maxlen: 24
202.177.231.0/24 maxlen: 24
202.177.232.0/22 maxlen: 22
202.177.232.0/24 maxlen: 24
202.177.233.0/24 maxlen: 24
202.177.234.0/24 maxlen: 24
202.177.235.0/24 maxlen: 24
202.177.236.0/22 maxlen: 22
202.177.236.0/24 maxlen: 24
202.177.237.0/24 maxlen: 24
202.177.238.0/24 maxlen: 24
202.177.239.0/24 maxlen: 24
202.177.240.0/22 maxlen: 22
202.177.240.0/24 maxlen: 24
202.177.241.0/24 maxlen: 24
202.177.242.0/24 maxlen: 24
202.177.243.0/24 maxlen: 24
202.177.244.0/22 maxlen: 22
202.177.244.0/24 maxlen: 24
202.177.245.0/24 maxlen: 24
202.177.246.0/24 maxlen: 24
202.177.247.0/24 maxlen: 24
202.177.248.0/22 maxlen: 22
202.177.248.0/24 maxlen: 24
202.177.249.0/24 maxlen: 24
202.177.250.0/24 maxlen: 24
202.177.251.0/24 maxlen: 24
202.177.252.0/22 maxlen: 22
202.177.252.0/24 maxlen: 24
202.177.253.0/24 maxlen: 24
202.177.254.0/24 maxlen: 24
202.177.255.0/24 maxlen: 24
2402:b00::/32 maxlen: 32
2402:b00::/40 maxlen: 48
2402:b00:100::/40 maxlen: 48
2402:b00:200::/40 maxlen: 48
2402:b00:fffb::/48 maxlen: 48
2402:b00:fffc::/48 maxlen: 48
2402:b00:fffd::/48 maxlen: 48
2402:b00:fffe::/48 maxlen: 48
2402:b00:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 07:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43820 (0xab2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Mar 17 06:56:49 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67d7c7b1-d0c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:71:1f:fa:22:31:2c:b5:20:17:08:70:85:65:
5b:9e:d9:11:f7:a4:3b:fc:74:ad:97:62:51:2b:07:
f9:0e:de:65:8a:de:1c:4e:c8:cd:5b:87:a8:47:95:
68:60:2f:77:3d:3d:d9:cb:c8:2f:61:ab:1b:4f:8b:
de:fb:19:d3:04:db:30:a9:92:92:ad:f0:64:f4:d4:
dc:0a:02:a9:85:b3:c5:ae:d5:bb:5e:44:18:8c:88:
24:0e:8c:31:f8:3a:eb:5d:95:82:38:69:a4:1f:94:
e7:81:fa:43:10:ea:00:e5:2a:33:d2:7b:2e:78:66:
ac:4d:d1:41:d8:a5:d6:10:ca:5a:22:06:64:49:75:
f3:1f:74:f7:54:8b:5b:9b:10:1c:16:1c:9d:27:9b:
89:d6:16:6d:30:04:70:f1:38:51:c5:4e:48:91:c7:
5a:c5:e8:22:04:17:81:a8:9b:e6:06:85:ef:73:d6:
f0:9d:ce:16:ec:ab:1a:e4:aa:de:1b:6c:f5:0e:1b:
75:8c:da:17:03:d0:f5:11:8e:e1:03:04:a2:35:4c:
d7:23:c8:7f:f6:c6:c1:69:6f:6c:26:cb:1f:46:da:
2d:0f:75:4e:c6:cf:6e:15:33:e4:35:72:bd:5f:6b:
ee:4e:a4:48:65:33:8e:5d:97:83:f1:2e:6c:cb:ee:
3b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:94:3D:E1:C8:ED:62:71:FD:70:DB:BE:F0:08:19:0E:18:5B:F1:6C
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FFD7765202FC11F0A888CF27C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.108.0/22
36.255.180.0-36.255.187.255
43.224.172.0/22
43.241.116.0/22
45.116.44.0/22
45.117.48.0/22
45.117.108.0/22
45.117.148.0/22
45.117.248.0/22
58.146.96.0/19
103.29.208.0/22
103.51.208.0/22
103.53.60.0/22
103.53.232.0/22
103.54.104.0/22
103.57.172.0/22
103.195.76.0/22
103.200.100.0/22
103.200.212.0/22
103.203.60.0/22
103.234.212.0/22
103.234.240.0/22
111.125.236.0/24
111.125.241.0-111.125.242.255
111.125.249.0/24
120.138.0.0/22
180.148.32.0/19
182.237.128.0/18
183.87.0.0-183.87.11.255
183.87.16.0/20
183.87.224.0/20
202.177.224.0/19
IPv6:
2402:b00::/32
Signature Algorithm: sha256WithRSAEncryption
03:e5:1d:9b:66:35:f2:92:83:0f:17:29:d6:d3:18:44:0d:ae:
7b:82:66:41:e4:2d:a6:41:7f:6a:91:06:c1:a9:5d:f1:cb:d7:
1f:b4:8e:2d:50:29:3d:9a:91:55:52:18:ba:83:f8:e5:57:1b:
09:0f:45:1d:7c:3d:a7:04:be:85:cb:a7:ee:e0:28:31:99:0d:
59:63:40:84:2a:b1:da:68:39:82:48:39:13:d2:73:c3:4e:84:
b0:24:9f:8e:53:43:c7:9f:c2:2c:5a:e7:bd:c6:74:9a:31:74:
f1:e7:75:65:c8:77:3e:50:6b:b1:79:58:dc:d6:14:57:47:2d:
c5:00:45:06:c1:df:31:3d:02:c4:0f:32:b5:27:29:f9:fc:75:
ef:14:67:5e:7a:77:75:61:10:b3:0a:c8:fc:ae:f9:7f:ea:a3:
56:ef:08:fd:18:5d:01:4d:bb:16:aa:f4:44:b2:8d:b6:51:c9:
b7:ba:73:aa:3f:a6:66:1d:f9:e2:9f:5c:27:92:24:b3:93:5e:
2a:b5:f4:fa:e8:b9:b4:9b:f9:c4:75:d3:a2:30:21:95:2e:b7:
5f:3a:08:7a:ef:e0:d5:df:84:08:05:ff:00:68:10:66:35:2f:
a7:72:74:4e:27:c7:3c:23:d9:29:7f:06:7e:9e:9a:6a:13:18:
26:38:af:e7
-----BEGIN CERTIFICATE-----
MIIGWDCCBUCgAwIBAgIDAKssMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDMxNzA2NTY0OVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdkN2M3YjEtZDBjMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOVxH/oiMSy1IBcIcIVlW57ZEfekO/x0rZdiUSsH+Q7eZYreHE7IzVuHqEeV
aGAvdz092cvIL2GrG0+L3vsZ0wTbMKmSkq3wZPTU3AoCqYWzxa7Vu15EGIyIJA6M
Mfg6612VgjhppB+U54H6QxDqAOUqM9J7LnhmrE3RQdil1hDKWiIGZEl18x9091SL
W5sQHBYcnSebidYWbTAEcPE4UcVOSJHHWsXoIgQXgaib5gaF73PW8J3OFuyrGuSq
3hts9Q4bdYzaFwPQ9RGO4QMEojVM1yPIf/bGwWlvbCbLH0baLQ91TsbPbhUz5DVy
vV9r7k6kSGUzjl2Xg/EubMvuOz0CAwEAAaOCA3swggN3MB0GA1UdDgQWBBSHlD3h
yO1icf1w277wCBkOGFvxbDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0ZGRDc3NjUy
MDJGQzExRjBBODg4Q0YyN0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBAwYIKwYBBQUHAQcB
Af8EgfMwgfAwgd4EAgABMIHXAwQCJP9sMAwDBAIk/7QDBAIk/7gDBAIr4KwDBAIr
8XQDBAItdCwDBAItdTADBAItdWwDBAItdZQDBAItdfgDBAU6kmADBAJnHdADBAJn
M9ADBAJnNTwDBAJnNegDBAJnNmgDBAJnOawDBAJnw0wDBAJnyGQDBAJnyNQDBAJn
yzwDBAJn6tQDBAJn6vADBABvfewwDAMEAG998QMEAG998gMEAG99+QMEAniKAAME
BbSUIAMEBrbtgDALAwMAt1cDBAK3VwgDBAS3VxADBAS3V+ADBAXKseAwDQQCAAIw
BwMFACQCCwAwDQYJKoZIhvcNAQELBQADggEBAAPlHZtmNfKSgw8XKdbTGEQNrnuC
ZkHkLaZBf2qRBsGpXfHL1x+0ji1QKT2akVVSGLqD+OVXGwkPRR18PacEvoXLp+7g
KDGZDVljQIQqsdpoOYJIORPSc8NOhLAkn45TQ8efwixa573GdJoxdPHndWXIdz5Q
a7F5WNzWFFdHLcUARQbB3zE9AsQPMrUnKfn8de8UZ156d3VhELMKyPyu+X/qo1bv
CP0YXQFNuxaq9ESyjbZRybe6c6o/pmYd+eKfXCeSJLOTXiq19ProubSb+cR106Iw
IZUut186CHrv4NXfhAgF/wBoEGY1L6dydE4nxzwj2Sl/Bn6emmoTGCY4r+c=
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:20:15 2025 by rpki-client