Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/7AE827E23F7A11F0A578F07EC4F9AE02.roa
File: 7AE827E23F7A11F0A578F07EC4F9AE02.roa (raw, json)
Hash identifier: SyWJnh2tMCMuAi4XGLRYS5EljsEKsnsqLuGITsEdS7U=
Subject key identifier: B4:03:F8:2E:7C:A3:84:A9:0B:A0:5E:DA:67:0B:61:8F:8D:6A:95:6B
Certificate issuer: /CN=A91298DA/serialNumber=FCAA086226DF02AF8394FAB22D1FB96E0B7D65DD
Certificate serial: 0BEB
Authority key identifier: FC:AA:08:62:26:DF:02:AF:83:94:FA:B2:2D:1F:B9:6E:0B:7D:65:DD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/7AE827E23F7A11F0A578F07EC4F9AE02.roa
Signing time: Mon 02 Jun 2025 06:26:13 +0000
ROA not before: Mon 02 Jun 2025 06:26:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58895
IP address blocks: 36.255.100.0/22 maxlen: 22
36.255.100.0/24 maxlen: 24
36.255.101.0/24 maxlen: 24
36.255.102.0/24 maxlen: 24
36.255.103.0/24 maxlen: 24
43.229.164.0/22 maxlen: 22
43.229.164.0/24 maxlen: 24
43.229.165.0/24 maxlen: 24
43.229.166.0/24 maxlen: 24
43.229.167.0/24 maxlen: 24
43.230.92.0/22 maxlen: 22
43.230.92.0/24 maxlen: 24
43.230.93.0/24 maxlen: 24
43.230.94.0/24 maxlen: 24
43.230.95.0/24 maxlen: 24
43.231.60.0/22 maxlen: 22
43.231.60.0/24 maxlen: 24
43.231.61.0/24 maxlen: 24
43.231.62.0/24 maxlen: 24
43.231.63.0/24 maxlen: 24
43.248.12.0/22 maxlen: 22
43.248.12.0/24 maxlen: 24
43.248.13.0/24 maxlen: 24
43.248.14.0/24 maxlen: 24
43.248.15.0/24 maxlen: 24
45.113.124.0/22 maxlen: 22
45.113.124.0/24 maxlen: 24
45.113.125.0/24 maxlen: 24
45.113.126.0/24 maxlen: 24
45.113.127.0/24 maxlen: 24
45.117.105.0/24 maxlen: 24
45.117.106.0/24 maxlen: 24
45.117.107.0/24 maxlen: 24
103.24.96.0/22 maxlen: 24
103.35.212.0/22 maxlen: 22
103.35.212.0/24 maxlen: 24
103.35.213.0/24 maxlen: 24
103.35.214.0/24 maxlen: 24
103.35.215.0/24 maxlen: 24
103.39.80.0/22 maxlen: 22
103.39.80.0/24 maxlen: 24
103.39.81.0/24 maxlen: 24
103.39.82.0/24 maxlen: 24
103.39.83.0/24 maxlen: 24
103.49.136.0/24 maxlen: 24
103.49.137.0/24 maxlen: 24
103.49.138.0/24 maxlen: 24
103.49.139.0/24 maxlen: 24
103.50.156.0/22 maxlen: 22
103.50.156.0/24 maxlen: 24
103.50.157.0/24 maxlen: 24
103.50.158.0/24 maxlen: 24
103.50.159.0/24 maxlen: 24
103.53.44.0/22 maxlen: 22
103.53.44.0/24 maxlen: 24
103.53.45.0/24 maxlen: 24
103.53.46.0/24 maxlen: 24
103.53.47.0/24 maxlen: 24
103.57.168.0/22 maxlen: 22
103.57.168.0/24 maxlen: 24
103.57.169.0/24 maxlen: 24
103.57.170.0/24 maxlen: 24
103.57.171.0/24 maxlen: 24
103.70.84.0/24 maxlen: 24
103.70.85.0/24 maxlen: 24
103.200.196.0/24 maxlen: 24
103.200.197.0/24 maxlen: 24
103.200.198.0/24 maxlen: 24
103.200.199.0/24 maxlen: 24
103.209.84.0/22 maxlen: 22
103.209.84.0/24 maxlen: 24
103.209.85.0/24 maxlen: 24
103.209.86.0/24 maxlen: 24
103.209.87.0/24 maxlen: 24
117.53.40.0/22 maxlen: 22
117.53.40.0/24 maxlen: 24
117.53.41.0/24 maxlen: 24
117.53.42.0/24 maxlen: 24
117.53.43.0/24 maxlen: 24
150.129.4.0/22 maxlen: 22
150.129.4.0/24 maxlen: 24
150.129.5.0/24 maxlen: 24
150.129.6.0/24 maxlen: 24
150.129.7.0/24 maxlen: 24
2400:1680::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.crl
rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 11 Jun 2025 18:57:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3051 (0xbeb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91298DA, serialNumber=FCAA086226DF02AF8394FAB22D1FB96E0B7D65DD
Validity
Not Before: Jun 2 06:26:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=683d4405-06ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:80:7e:65:95:e3:c5:38:51:5d:05:f6:d6:33:
f5:82:c0:e0:81:eb:d5:b4:cd:9c:62:53:b1:55:3b:
b7:22:e8:cf:a3:b2:ac:20:39:47:51:e7:92:d6:3b:
a6:2e:3f:24:4f:52:c5:52:cd:e4:0a:46:99:fc:d6:
b4:a8:55:9c:a5:ee:15:d1:8f:3d:96:77:34:5c:37:
16:26:c8:30:03:e4:c7:ec:87:f9:b3:93:f4:7d:d7:
09:6c:f2:61:91:bd:c6:f2:60:bb:91:bf:54:d7:53:
07:73:14:ac:76:44:8d:1c:4b:a4:5c:7f:58:30:e5:
7e:ed:e3:7e:44:9d:e2:33:dd:3f:b4:76:33:46:3f:
b6:4f:d9:ee:37:38:d5:70:03:88:ee:12:a0:50:4c:
a5:bd:43:c9:22:69:bd:b8:64:21:92:c4:a7:44:a2:
53:54:9f:4a:0c:7f:ef:89:a2:05:54:83:ff:b6:f4:
66:8f:f4:06:30:5a:0b:77:83:18:bb:2a:b3:15:fa:
b4:eb:1c:74:16:50:df:95:be:e7:3f:fb:5d:20:ee:
1a:a6:f0:c0:8f:c1:c2:64:0b:90:fd:78:27:a8:ce:
45:7b:5d:8c:38:36:21:af:a6:8b:6b:93:91:f1:2b:
75:2b:05:e6:8e:67:20:29:a4:8e:c3:ba:b1:a4:58:
88:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:03:F8:2E:7C:A3:84:A9:0B:A0:5E:DA:67:0B:61:8F:8D:6A:95:6B
X509v3 Authority Key Identifier:
keyid:FC:AA:08:62:26:DF:02:AF:83:94:FA:B2:2D:1F:B9:6E:0B:7D:65:DD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/7AE827E23F7A11F0A578F07EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.100.0/22
43.229.164.0/22
43.230.92.0/22
43.231.60.0/22
43.248.12.0/22
45.113.124.0/22
45.117.105.0-45.117.107.255
103.24.96.0/22
103.35.212.0/22
103.39.80.0/22
103.49.136.0/22
103.50.156.0/22
103.53.44.0/22
103.57.168.0/22
103.70.84.0/23
103.200.196.0/22
103.209.84.0/22
117.53.40.0/22
150.129.4.0/22
IPv6:
2400:1680::/32
Signature Algorithm: sha256WithRSAEncryption
06:12:0d:a4:3e:fd:b0:a5:81:5d:63:3a:45:24:e1:14:32:5f:
e9:39:b9:79:73:7c:a7:d7:85:5a:f3:c6:e4:87:b1:b2:1e:b5:
ce:de:7e:bc:c5:c2:db:9e:3e:3b:a1:32:8b:14:df:a5:c5:7b:
66:9c:b5:2a:8f:c0:f5:aa:0a:8b:91:d6:89:ba:bd:ad:f0:52:
bb:cb:ac:ca:21:64:68:65:3f:fa:01:cb:6a:74:f2:a1:6a:ae:
dc:e0:9d:90:d0:d1:53:19:53:b3:03:13:d6:56:93:fc:fd:07:
7c:09:16:88:c0:ab:b1:9c:d0:e6:67:73:85:aa:27:f3:e1:1b:
5b:fb:f6:64:42:3f:fb:d2:ac:9e:83:b2:60:73:eb:39:5c:4f:
e9:01:d6:dc:89:1b:87:26:59:d4:e2:9a:b3:81:d2:b2:b2:91:
1c:90:0f:95:b1:68:5b:8d:3e:85:ed:a1:24:13:8a:28:01:f4:
67:60:be:36:e9:f1:80:2f:e3:18:d5:8e:f7:c5:89:f7:ad:91:
8f:30:4f:e7:87:78:d1:98:88:07:4d:8b:25:ac:a4:33:72:3c:
91:d9:59:e6:c5:a3:34:66:11:33:7f:22:62:77:1d:18:4e:56:
69:a5:4c:de:f8:7d:af:49:ea:6b:e9:9e:24:81:53:4d:ae:11:
fd:dd:0a:57
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgICC+swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjk4REExMTAvBgNVBAUTKEZDQUEwODYyMjZERjAyQUY4Mzk0RkFCMjJEMUZCOTZF
MEI3RDY1REQwHhcNMjUwNjAyMDYyNjEzWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODNkNDQwNS0wNmJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwIB+ZZXjxThRXQX21jP1gsDggevVtM2cYlOxVTu3IujPo7KsIDlHUeeS1jum
Lj8kT1LFUs3kCkaZ/Na0qFWcpe4V0Y89lnc0XDcWJsgwA+TH7If5s5P0fdcJbPJh
kb3G8mC7kb9U11MHcxSsdkSNHEukXH9YMOV+7eN+RJ3iM90/tHYzRj+2T9nuNzjV
cAOI7hKgUEylvUPJImm9uGQhksSnRKJTVJ9KDH/viaIFVIP/tvRmj/QGMFoLd4MY
uyqzFfq06xx0FlDflb7nP/tdIO4apvDAj8HCZAuQ/XgnqM5Fe12MODYhr6aLa5OR
8St1KwXmjmcgKaSOw7qxpFiIbQIDAQABo4IDHDCCAxgwHQYDVR0OBBYEFLQD+C58
o4SpC6Be2mcLYY+NapVrMB8GA1UdIwQYMBaAFPyqCGIm3wKvg5T6si0fuW4LfWXd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOThEQS8zNEYzNjEyRTI2
ODExMUVBOTAzRDcwNThDNEY5QUUwMi9fS29JWWliZkFxLURsUHF5TFItNWJndDla
ZDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19Lb0lZaWJmQXEtRGxQcXlMUi01Ymd0OVpkMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjk4REEvMzRGMzYxMkUyNjgxMTFFQTkwM0Q3MDU4QzRGOUFFMDIvN0FFODI3RTIz
RjdBMTFGMEE1NzhGMDdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaUGCCsGAQUFBwEHAQH/
BIGVMIGSMIGABAIAATB6AwQCJP9kAwQCK+WkAwQCK+ZcAwQCK+c8AwQCK/gMAwQC
LXF8MAwDBAAtdWkDBAItdWgDBAJnGGADBAJnI9QDBAJnJ1ADBAJnMYgDBAJnMpwD
BAJnNSwDBAJnOagDBAFnRlQDBAJnyMQDBAJn0VQDBAJ1NSgDBAKWgQQwDQQCAAIw
BwMFACQAFoAwDQYJKoZIhvcNAQELBQADggEBAAYSDaQ+/bClgV1jOkUk4RQyX+k5
uXlzfKfXhVrzxuSHsbIetc7efrzFwtuePjuhMosU36XFe2actSqPwPWqCouR1om6
va3wUrvLrMohZGhlP/oBy2p08qFqrtzgnZDQ0VMZU7MDE9ZWk/z9B3wJFojAq7Gc
0OZnc4WqJ/PhG1v79mRCP/vSrJ6DsmBz6zlcT+kB1tyJG4cmWdTimrOB0rKykRyQ
D5WxaFuNPoXtoSQTiigB9Gdgvjbp8YAv4xjVjvfFifetkY8wT+eHeNGYiAdNiyWs
pDNyPJHZWebFozRmETN/ImJ3HRhOVmmlTN74fa9J6mvpniSBU02uEf3dClc=
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:22:11 2025 by rpki-client