Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/4AB8D38E178811EF95C8DF41C4F9AE02.roa
File: 4AB8D38E178811EF95C8DF41C4F9AE02.roa (raw, json)
Hash identifier: bRjvCEzkjDm3JJYu7t1zkHD97hp8O/fwotkC6wIv1RQ=
Subject key identifier: 48:56:1D:D1:6F:EA:DC:71:9F:9A:92:06:E1:3E:D7:48:BD:6D:53:D3
Certificate issuer: /CN=A91ADE0A/serialNumber=BE488B4E60AC6A73A656EFDBC5FA67A1A8DE812A
Certificate serial: 2260
Authority key identifier: BE:48:8B:4E:60:AC:6A:73:A6:56:EF:DB:C5:FA:67:A1:A8:DE:81:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vkiLTmCsanOmVu_bxfpnoajegSo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/4AB8D38E178811EF95C8DF41C4F9AE02.roa
Signing time: Mon 17 Mar 2025 14:04:10 +0000
ROA not before: Mon 17 Mar 2025 14:04:10 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 133334
IP address blocks: 45.124.56.0/22 maxlen: 22
45.124.56.0/24 maxlen: 24
45.124.57.0/24 maxlen: 24
45.124.58.0/24 maxlen: 24
45.124.59.0/24 maxlen: 24
103.31.72.0/22 maxlen: 22
103.31.72.0/24 maxlen: 24
103.31.73.0/24 maxlen: 24
103.31.74.0/24 maxlen: 24
103.31.75.0/24 maxlen: 24
103.61.220.0/22 maxlen: 22
103.61.220.0/24 maxlen: 24
103.61.221.0/24 maxlen: 24
103.61.222.0/24 maxlen: 24
103.61.223.0/24 maxlen: 24
103.197.84.0/22 maxlen: 22
103.197.84.0/24 maxlen: 24
103.197.85.0/24 maxlen: 24
103.197.86.0/24 maxlen: 24
103.197.87.0/24 maxlen: 24
103.200.32.0/22 maxlen: 22
103.200.32.0/24 maxlen: 24
103.200.33.0/24 maxlen: 24
103.200.34.0/24 maxlen: 24
103.200.35.0/24 maxlen: 24
103.203.52.0/22 maxlen: 22
103.203.52.0/24 maxlen: 24
103.203.53.0/24 maxlen: 24
103.203.54.0/24 maxlen: 24
103.203.55.0/24 maxlen: 24
103.225.136.0/22 maxlen: 22
103.225.136.0/24 maxlen: 24
103.225.137.0/24 maxlen: 24
103.225.138.0/24 maxlen: 24
103.225.139.0/24 maxlen: 24
2401:b80::/32 maxlen: 32
2401:b80:1000::/36 maxlen: 36
2401:b80:2000::/36 maxlen: 36
2401:b80:3000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/vkiLTmCsanOmVu_bxfpnoajegSo.crl
rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/vkiLTmCsanOmVu_bxfpnoajegSo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vkiLTmCsanOmVu_bxfpnoajegSo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 15:56:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8800 (0x2260)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ADE0A
Validity
Not Before: Mar 17 14:04:10 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67d82bd9-4746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a2:f1:8e:24:fe:b2:f1:a5:b4:7e:38:01:e5:
de:32:a3:f6:dd:af:a4:f6:38:c8:94:bf:af:ce:32:
95:a5:a5:b1:1f:04:07:43:41:3d:bb:9a:65:0f:a8:
f4:e0:7d:9b:bf:37:53:30:11:97:0e:45:0d:7e:4f:
38:dd:ae:e5:7b:2a:29:1f:e5:4c:3f:79:c0:df:67:
0a:20:3a:6e:4c:bc:2f:a2:3b:ff:9c:7c:80:d3:d8:
47:b0:9a:22:47:f9:23:b5:5c:2c:f4:73:98:85:6b:
9a:69:f6:3c:55:3e:93:15:06:b4:79:ca:1b:74:d5:
df:df:02:45:0d:22:7d:90:54:d2:54:0e:27:2d:22:
30:3e:f2:e1:bb:68:2d:39:64:0f:8c:4d:a2:70:fe:
c9:8e:e0:6b:7a:cd:39:27:0a:6b:3a:a9:ff:fe:2b:
77:c6:dd:f6:b7:a5:29:82:ef:aa:fa:4e:54:7a:0e:
cc:54:97:a7:72:52:12:bf:5d:68:63:27:f3:aa:a0:
da:93:75:2b:c4:08:ef:84:68:c1:02:e8:e9:e4:c7:
30:c5:8d:5a:6e:2a:4d:d3:95:fb:a8:26:6f:ea:6a:
68:8c:47:81:a0:de:e4:1f:b7:2d:5e:c3:39:c7:b0:
a4:24:cf:83:49:c8:00:c3:53:7c:bb:8c:b1:d3:ab:
50:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:56:1D:D1:6F:EA:DC:71:9F:9A:92:06:E1:3E:D7:48:BD:6D:53:D3
X509v3 Authority Key Identifier:
keyid:BE:48:8B:4E:60:AC:6A:73:A6:56:EF:DB:C5:FA:67:A1:A8:DE:81:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/vkiLTmCsanOmVu_bxfpnoajegSo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vkiLTmCsanOmVu_bxfpnoajegSo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/4AB8D38E178811EF95C8DF41C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.124.56.0/22
103.31.72.0/22
103.61.220.0/22
103.197.84.0/22
103.200.32.0/22
103.203.52.0/22
103.225.136.0/22
IPv6:
2401:b80::/32
Signature Algorithm: sha256WithRSAEncryption
69:8b:fd:f2:a2:a0:ca:3a:db:a5:bd:d8:a0:1d:4d:61:6d:5c:
03:d4:e0:64:44:26:b4:aa:4d:21:a3:a0:87:ce:96:c7:90:54:
08:55:d6:16:85:7c:19:6f:5b:98:ed:6a:04:34:88:91:53:d7:
03:20:1e:ee:b7:7b:b0:c3:94:92:a6:a2:f9:20:d7:a0:d3:fc:
c5:49:05:7c:24:70:3b:4b:0b:52:11:6f:27:cc:99:fe:e3:40:
43:a7:12:e3:9e:42:f7:a5:d4:19:d8:f7:91:36:a2:0a:37:83:
28:d6:93:34:66:d5:53:5c:ed:3c:47:7a:f3:68:77:6b:db:e1:
c3:3d:22:c9:d6:b0:4e:08:05:73:b7:a4:c9:02:48:4d:79:34:
d6:3a:8a:d7:06:a5:a4:5d:b6:1c:fb:91:44:87:65:c2:03:dc:
04:c1:b7:1e:f2:a8:72:b1:76:b9:6f:e1:80:66:8e:48:ac:e0:
ca:05:8f:45:49:de:96:0c:c1:84:f2:b9:c4:6b:e8:be:e9:8f:
25:8b:c9:37:f1:45:62:7b:69:c8:73:17:2a:3d:34:72:fe:7a:
72:4a:a4:d8:83:7b:ac:71:a4:23:4c:94:82:b5:10:2b:a1:0d:
70:45:ed:4e:94:83:ad:45:d3:6d:15:41:89:4f:41:7d:68:32:
bc:7c:9b:8c
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgICImAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QURFMEExMTAvBgNVBAUTKEJFNDg4QjRFNjBBQzZBNzNBNjU2RUZEQkM1RkE2N0Ex
QThERTgxMkEwHhcNMjUwMzE3MTQwNDEwWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Q4MmJkOS00NzQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArqLxjiT+svGltH44AeXeMqP23a+k9jjIlL+vzjKVpaWxHwQHQ0E9u5plD6j0
4H2bvzdTMBGXDkUNfk843a7leyopH+VMP3nA32cKIDpuTLwvojv/nHyA09hHsJoi
R/kjtVws9HOYhWuaafY8VT6TFQa0ecobdNXf3wJFDSJ9kFTSVA4nLSIwPvLhu2gt
OWQPjE2icP7JjuBres05JwprOqn//it3xt32t6Upgu+q+k5Ueg7MVJenclISv11o
YyfzqqDak3UrxAjvhGjBAujp5McwxY1abipN05X7qCZv6mpojEeBoN7kH7ctXsM5
x7CkJM+DScgAw1N8u4yx06tQ+QIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFEhWHdFv
6txxn5qSBuE+10i9bVPTMB8GA1UdIwQYMBaAFL5Ii05grGpzplbv28X6Z6Go3oEq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBREUwQS8zMEQ4MDEyNkMx
MTMxMUU1QjAxQTcyNjlDNEY5QUUwMi92a2lMVG1Dc2FuT21WdV9ieGZwbm9hamVn
U28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZraUxUbUNzYW5PbVZ1X2J4ZnBub2FqZWdTby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QURFMEEvMzBEODAxMjZDMTEzMTFFNUIwMUE3MjY5QzRGOUFFMDIvNEFCOEQzOEUx
Nzg4MTFFRjk1QzhERjQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E
QzBBMDAEAgABMCoDBAItfDgDBAJnH0gDBAJnPdwDBAJnxVQDBAJnyCADBAJnyzQD
BAJn4YgwDQQCAAIwBwMFACQBC4AwDQYJKoZIhvcNAQELBQADggEBAGmL/fKioMo6
26W92KAdTWFtXAPU4GREJrSqTSGjoIfOlseQVAhV1haFfBlvW5jtagQ0iJFT1wMg
Hu63e7DDlJKmovkg16DT/MVJBXwkcDtLC1IRbyfMmf7jQEOnEuOeQvel1BnY95E2
ogo3gyjWkzRm1VNc7TxHevNod2vb4cM9IsnWsE4IBXO3pMkCSE15NNY6itcGpaRd
thz7kUSHZcID3ATBtx7yqHKxdrlv4YBmjkis4MoFj0VJ3pYMwYTyucRr6L7pjyWL
yTfxRWJ7achzFyo9NHL+enJKpNiDe6xxpCNMlIK1ECuhDXBF7U6Ug61F020VQYlP
QX1oMrx8m4w=
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:23:02 2025 by rpki-client