Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/4B039F1CE42A11EF9FBFA034C4F9AE02.roa
File: 4B039F1CE42A11EF9FBFA034C4F9AE02.roa (raw, json)
Hash identifier: oirv1bbwSMOSwSIyw00zTI1CRab9zZLDsdyDJ8tidAQ=
Subject key identifier: CF:37:76:AB:B1:4F:C3:0E:68:A6:62:00:4D:82:D6:1C:EF:E9:08:CB
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4A32
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/4B039F1CE42A11EF9FBFA034C4F9AE02.roa
Signing time: Fri 21 Mar 2025 08:07:57 +0000
ROA not before: Fri 21 Mar 2025 08:07:57 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 135905
IP address blocks: 14.225.0.0/16 maxlen: 24
103.9.204.0/22 maxlen: 24
103.11.198.0/23 maxlen: 24
103.78.92.0/24 maxlen: 24
103.137.184.0/23 maxlen: 24
103.145.0.0/23 maxlen: 23
103.159.52.0/23 maxlen: 24
103.159.60.0/23 maxlen: 23
103.200.22.0/24 maxlen: 24
123.30.111.0/24 maxlen: 24
123.30.150.0/24 maxlen: 24
123.30.154.0/23 maxlen: 24
123.30.156.0/23 maxlen: 24
123.30.158.0/23 maxlen: 24
123.30.200.0/24 maxlen: 24
123.30.242.0/24 maxlen: 24
123.31.10.0/24 maxlen: 24
123.31.11.0/24 maxlen: 24
123.31.12.0/24 maxlen: 24
123.31.24.0/24 maxlen: 24
123.31.27.0/24 maxlen: 24
123.31.28.0/22 maxlen: 24
123.31.32.0/20 maxlen: 24
203.162.13.0/24 maxlen: 24
203.162.34.0/24 maxlen: 24
222.255.38.0/24 maxlen: 24
2001:df3:cbc0::/48 maxlen: 48
2001:df3:e640::/48 maxlen: 48
2001:df4:340::/48 maxlen: 48
2001:df4:2240::/48 maxlen: 48
2001:df4:7340::/48 maxlen: 48
2001:df4:80c0::/48 maxlen: 48
2001:df4:cf40::/48 maxlen: 48
2001:df5:ec0::/48 maxlen: 48
2001:ee0:300::/40 maxlen: 48
2400:1060::/48 maxlen: 48
2401:82e0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 14:33:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18994 (0x4a32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Mar 21 08:07:57 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67dd1e5d-32dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9a:b9:5b:bc:f5:19:03:ca:f1:fa:2d:62:d0:
d8:ba:37:29:14:8d:f4:81:49:43:2c:d3:10:8f:58:
83:65:c2:93:fd:98:e3:7d:1f:34:ab:cd:22:b0:a6:
00:1a:81:7a:ae:64:e8:48:7e:cd:08:24:64:e3:22:
89:79:db:f7:ee:95:31:24:f3:59:f2:11:d8:c0:b4:
b9:f8:c9:4b:ef:dc:cd:42:c6:18:7a:7e:68:83:b4:
5d:ff:83:78:44:2d:ed:7f:ba:63:d3:4f:3a:97:79:
b0:38:08:fe:c4:50:ea:c9:5a:9d:8d:68:62:4b:3c:
13:15:82:67:93:df:73:7e:31:02:eb:55:3e:bc:9b:
8b:2e:58:1a:0b:20:25:e2:c8:17:c7:45:5d:fc:f4:
f7:36:aa:1a:9f:3c:f6:a9:26:ec:71:a7:3f:96:78:
e4:12:5e:68:05:12:82:6b:e6:e6:2a:94:2a:62:43:
e8:c8:83:96:ee:dd:0d:61:bf:57:b0:f0:70:f8:71:
16:eb:61:ee:23:66:01:e3:2f:db:50:04:01:4b:04:
36:fe:4b:04:9c:bf:ca:6c:36:ca:d5:3d:0c:2f:83:
fc:a9:15:19:0f:8e:ff:d3:36:82:79:27:31:30:fa:
c9:28:af:f5:4f:5b:55:cc:97:de:59:41:3e:a7:32:
a3:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:37:76:AB:B1:4F:C3:0E:68:A6:62:00:4D:82:D6:1C:EF:E9:08:CB
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/4B039F1CE42A11EF9FBFA034C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.225.0.0/16
103.9.204.0/22
103.11.198.0/23
103.78.92.0/24
103.137.184.0/23
103.145.0.0/23
103.159.52.0/23
103.159.60.0/23
103.200.22.0/24
123.30.111.0/24
123.30.150.0/24
123.30.154.0-123.30.159.255
123.30.200.0/24
123.30.242.0/24
123.31.10.0-123.31.12.255
123.31.24.0/24
123.31.27.0-123.31.47.255
203.162.13.0/24
203.162.34.0/24
222.255.38.0/24
IPv6:
2001:df3:cbc0::/48
2001:df3:e640::/48
2001:df4:340::/48
2001:df4:2240::/48
2001:df4:7340::/48
2001:df4:80c0::/48
2001:df4:cf40::/48
2001:df5:ec0::/48
2001:ee0:300::/40
2400:1060::/48
2401:82e0::/48
Signature Algorithm: sha256WithRSAEncryption
30:f2:c4:35:c0:8d:ec:f9:e2:6b:ba:05:8d:23:24:4e:5c:54:
c2:ad:41:03:79:7e:78:cf:2e:5b:5c:27:ed:94:bd:e3:6c:ea:
96:14:63:7e:76:75:cb:84:0b:64:d8:b9:df:9d:9b:a0:da:9b:
0c:a6:36:f9:fa:28:c6:ac:16:3c:52:a0:bb:0b:f0:1a:92:a1:
21:c5:7c:d1:5c:10:84:ce:13:a8:fe:e6:21:9c:ae:12:38:1e:
11:ea:fc:58:31:e7:c1:45:8f:86:40:d7:91:62:13:51:f3:16:
3f:86:ea:2d:08:e7:41:bc:19:ce:99:27:39:86:ab:fc:aa:3a:
df:e7:bf:4b:31:6c:ad:cd:00:5d:f9:a3:5f:27:c0:d4:88:7e:
ba:c7:d0:45:e6:2f:27:e0:68:ed:4b:b9:78:ce:02:b8:4a:a3:
34:bb:26:de:1d:08:ac:fd:32:05:a3:0a:5c:ce:0c:a5:f3:bb:
db:45:58:cd:2b:38:e3:88:07:f6:23:5b:be:73:cb:9d:f2:e9:
4c:01:27:65:b3:98:a6:7c:92:4c:b4:9f:8a:d2:d7:ec:4a:d0:
b7:03:17:cf:ec:c9:1e:af:fe:8f:4d:8f:a5:53:08:6c:1b:03:
b1:63:96:8c:f2:eb:1d:81:b0:c7:37:7b:d3:26:e0:b9:37:38:
76:a7:3f:26
-----BEGIN CERTIFICATE-----
MIIGbDCCBVSgAwIBAgICSjIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjUwMzIxMDgwNzU3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RkMWU1ZC0zMmRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuJq5W7z1GQPK8fotYtDYujcpFI30gUlDLNMQj1iDZcKT/ZjjfR80q80isKYA
GoF6rmToSH7NCCRk4yKJedv37pUxJPNZ8hHYwLS5+MlL79zNQsYYen5og7Rd/4N4
RC3tf7pj0086l3mwOAj+xFDqyVqdjWhiSzwTFYJnk99zfjEC61U+vJuLLlgaCyAl
4sgXx0Vd/PT3Nqoanzz2qSbscac/lnjkEl5oBRKCa+bmKpQqYkPoyIOW7t0NYb9X
sPBw+HEW62HuI2YB4y/bUAQBSwQ2/ksEnL/KbDbK1T0ML4P8qRUZD47/0zaCeScx
MPrJKK/1T1tVzJfeWUE+pzKjVQIDAQABo4IDkDCCA4wwHQYDVR0OBBYEFM83dqux
T8MOaKZiAE2C1hzv6QjLMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvNEIwMzlGMUNF
NDJBMTFFRjlGQkZBMDM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEYBggrBgEFBQcBBwEB
/wSCAQcwggEDMIGWBAIAATCBjwMDAA7hAwQCZwnMAwQBZwvGAwQAZ05cAwQBZ4m4
AwQBZ5EAAwQBZ580AwQBZ588AwQAZ8gWAwQAex5vAwQAex6WMAwDBAF7HpoDBAV7
HoADBAB7HsgDBAB7HvIwDAMEAXsfCgMEAHsfDAMEAHsfGDAMAwQAex8bAwQEex8g
AwQAy6INAwQAy6IiAwQA3v8mMGgEAgACMGIDBwAgAQ3zy8ADBwAgAQ3z5kADBwAg
AQ30A0ADBwAgAQ30IkADBwAgAQ30c0ADBwAgAQ30gMADBwAgAQ30z0ADBwAgAQ31
DsADBgAgAQ7gAwMHACQAEGAAAAMHACQBguAAADANBgkqhkiG9w0BAQsFAAOCAQEA
MPLENcCN7Pnia7oFjSMkTlxUwq1BA3l+eM8uW1wn7ZS942zqlhRjfnZ1y4QLZNi5
352boNqbDKY2+fooxqwWPFKguwvwGpKhIcV80VwQhM4TqP7mIZyuEjgeEer8WDHn
wUWPhkDXkWITUfMWP4bqLQjnQbwZzpknOYar/Ko63+e/SzFsrc0AXfmjXyfA1Ih+
usfQReYvJ+Bo7Uu5eM4CuEqjNLsm3h0IrP0yBaMKXM4MpfO720VYzSs444gH9iNb
vnPLnfLpTAEnZbOYpnySTLSfitLX7ErQtwMXz+zJHq/+j02PpVMIbBsDsWOWjPLr
HYGwxzd70ybguTc4dqc/Jg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:38:10 2025 by rpki-client