Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/CBCB218CD86F11E9A6AF7518C4F9AE02.roa
File: CBCB218CD86F11E9A6AF7518C4F9AE02.roa (raw, json)
Hash identifier: Cjspd4V4N7gagsLdfV+ocIxYxqn67hzo7d5AHdbayAQ=
Subject key identifier: 64:56:21:94:A3:D7:28:B4:A3:03:D5:48:86:F3:A5:98:5D:EB:3D:2B
Certificate issuer: /CN=A914781A/serialNumber=4D723955243AE88D552439AF8E4E0A09C8F6590D
Certificate serial: 3502
Authority key identifier: 4D:72:39:55:24:3A:E8:8D:55:24:39:AF:8E:4E:0A:09:C8:F6:59:0D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/CBCB218CD86F11E9A6AF7518C4F9AE02.roa
Signing time: Mon 19 May 2025 08:14:26 +0000
ROA not before: Mon 19 May 2025 08:14:26 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 55423
IP address blocks: 58.82.128.0/18 maxlen: 18
58.82.128.0/21 maxlen: 24
58.82.136.0/21 maxlen: 24
58.82.144.0/21 maxlen: 24
58.82.152.0/21 maxlen: 24
58.82.160.0/20 maxlen: 20
58.82.160.0/21 maxlen: 24
58.82.168.0/21 maxlen: 24
58.82.176.0/20 maxlen: 20
58.82.176.0/21 maxlen: 24
58.82.184.0/21 maxlen: 21
58.82.184.0/24 maxlen: 24
103.247.60.0/22 maxlen: 24
182.50.80.0/22 maxlen: 22
182.50.80.0/24 maxlen: 24
182.50.83.0/24 maxlen: 24
182.50.86.0/24 maxlen: 24
182.50.88.0/22 maxlen: 22
182.50.88.0/24 maxlen: 24
203.130.152.0/24 maxlen: 24
203.147.30.0/23 maxlen: 23
203.147.46.0/23 maxlen: 23
203.147.46.0/24 maxlen: 24
203.147.47.0/24 maxlen: 24
203.156.16.0/24 maxlen: 24
203.156.26.0/24 maxlen: 24
203.156.27.0/24 maxlen: 24
203.156.31.0/24 maxlen: 24
203.156.46.0/23 maxlen: 23
203.156.64.0/24 maxlen: 24
203.156.102.0/23 maxlen: 23
203.156.109.0/24 maxlen: 24
203.156.110.0/24 maxlen: 24
203.156.111.0/24 maxlen: 24
203.156.113.0/24 maxlen: 24
203.156.119.0/24 maxlen: 24
203.156.120.0/21 maxlen: 21
203.156.150.0/24 maxlen: 24
203.156.183.0/24 maxlen: 24
2404:4a00:1::/64 maxlen: 64
2404:4a00:2::/64 maxlen: 64
2404:4a00:3::/64 maxlen: 64
2404:4a00:4::/64 maxlen: 64
2404:4a00:1000::/48 maxlen: 48
2404:4a00:2094::/48 maxlen: 48
2404:4a00:5542::/48 maxlen: 48
2404:4a00:5542:3::/64 maxlen: 64
2404:4a00:5542:3a1::/64 maxlen: 64
2404:4a00:5542:3001::/64 maxlen: 64
2404:4a00:5542:3002::/64 maxlen: 64
2404:4a00:5542:3003::/64 maxlen: 64
2404:4a00:6000::/64 maxlen: 64
2404:4a00:6500::/64 maxlen: 64
2404:4a00:6501::/64 maxlen: 64
2404:4a00:6a00::/64 maxlen: 64
2404:4a00:7000::/64 maxlen: 64
2404:4a00:7500::/64 maxlen: 64
2404:4a00:7a00::/64 maxlen: 64
2404:4a00:8000::/64 maxlen: 64
2404:4a00:8500::/64 maxlen: 64
2404:4a00:8a00::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.crl
rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Jun 2025 14:59:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13570 (0x3502)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914781A, serialNumber=4D723955243AE88D552439AF8E4E0A09C8F6590D
Validity
Not Before: May 19 08:14:26 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=682ae862-d429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:19:c0:b7:e7:74:3b:14:31:eb:68:40:e6:09:
d5:78:4c:d6:c0:4f:21:27:da:89:83:86:19:40:ce:
99:1f:5a:bc:19:a7:b7:f3:01:81:6f:05:18:0e:bd:
81:0f:a6:5a:76:a4:1d:0a:9c:0a:65:f7:b4:53:1d:
e9:c4:0b:14:08:d6:65:47:15:a6:46:e0:86:a2:ba:
df:7e:ea:23:f7:47:12:6b:15:b9:51:b9:34:91:df:
62:dd:a9:a6:8b:2d:69:75:c1:23:1d:8b:ee:5f:d3:
d7:3d:ec:cb:26:39:75:af:6b:4a:19:60:7e:ef:66:
6f:52:70:d1:24:75:af:36:08:6b:b3:9f:ef:ab:7c:
59:e9:89:9d:f1:bb:f7:b7:a1:9a:fe:74:28:13:94:
f7:f4:2c:42:f1:e7:e3:5a:05:78:10:87:d7:03:f7:
4a:55:47:06:63:a6:2e:70:3f:d1:4d:6a:84:1d:f6:
13:07:ed:dd:ed:ea:67:06:9c:ac:3a:5c:28:26:a5:
41:c1:df:1f:a7:41:9b:0c:09:51:2c:30:66:a6:6d:
a1:9f:a9:c2:24:0a:11:72:b8:9d:ad:1f:8e:ec:e1:
a7:f7:87:5b:2b:f8:14:b5:50:1a:03:60:8c:57:09:
ae:64:0b:62:0d:03:1a:d1:dc:c1:04:d3:68:e9:3c:
b9:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:56:21:94:A3:D7:28:B4:A3:03:D5:48:86:F3:A5:98:5D:EB:3D:2B
X509v3 Authority Key Identifier:
keyid:4D:72:39:55:24:3A:E8:8D:55:24:39:AF:8E:4E:0A:09:C8:F6:59:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/CBCB218CD86F11E9A6AF7518C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.82.128.0/18
103.247.60.0/22
182.50.80.0/22
182.50.86.0/24
182.50.88.0/22
203.130.152.0/24
203.147.30.0/23
203.147.46.0/23
203.156.16.0/24
203.156.26.0/23
203.156.31.0/24
203.156.46.0/23
203.156.64.0/24
203.156.102.0/23
203.156.109.0-203.156.111.255
203.156.113.0/24
203.156.119.0-203.156.127.255
203.156.150.0/24
203.156.183.0/24
IPv6:
2404:4a00:1::/64
2404:4a00:2::/64
2404:4a00:3::/64
2404:4a00:4::/64
2404:4a00:1000::/48
2404:4a00:2094::/48
2404:4a00:5542::/48
2404:4a00:6000::/64
2404:4a00:6500::/64
2404:4a00:6501::/64
2404:4a00:6a00::/64
2404:4a00:7000::/64
2404:4a00:7500::/64
2404:4a00:7a00::/64
2404:4a00:8000::/64
2404:4a00:8500::/64
2404:4a00:8a00::/64
Signature Algorithm: sha256WithRSAEncryption
a3:a6:c3:df:df:cc:74:04:b8:9c:ac:f9:09:cc:a3:6c:4e:95:
d4:3a:9a:83:3f:bf:d0:07:65:04:2d:47:70:19:e2:fd:24:e1:
c0:9e:8a:d3:5e:da:a9:24:e0:e5:62:a6:13:f4:75:c1:54:d7:
c2:6b:43:44:46:ed:6c:c6:9c:d6:aa:57:2c:af:a1:1b:1d:83:
eb:8f:9a:e3:d0:9b:79:94:d3:b7:ed:c9:5d:52:16:4a:37:e9:
1c:c6:c6:64:65:4d:e0:62:17:12:ce:bb:8b:7d:05:cf:b5:71:
26:51:6e:e0:e7:34:f8:06:3b:d7:5c:ab:b8:ed:c5:fe:a5:ba:
9b:ef:b5:e9:55:97:61:14:51:21:38:b7:60:e2:e9:46:54:9d:
80:67:ff:a9:e2:be:ed:09:c9:fa:b4:11:8b:36:2c:80:46:36:
53:85:f0:97:17:c9:ed:09:4d:e3:aa:83:16:64:e7:39:d8:de:
64:54:99:14:4b:d9:b4:39:67:e4:ed:f7:e8:c5:88:ab:41:75:
ec:43:13:95:4b:25:54:85:3d:b1:9a:32:d0:a2:fa:44:c6:de:
2d:02:26:66:cf:a8:69:be:f5:b9:98:9a:ab:91:02:ea:ff:2a:
01:0a:59:9b:c3:38:fd:41:42:62:7c:f8:ef:52:77:2a:10:6f:
16:7f:9a:83
-----BEGIN CERTIFICATE-----
MIIGtDCCBZygAwIBAgICNQIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDc4MUExMTAvBgNVBAUTKDRENzIzOTU1MjQzQUU4OEQ1NTI0MzlBRjhFNEUwQTA5
QzhGNjU5MEQwHhcNMjUwNTE5MDgxNDI2WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODJhZTg2Mi1kNDI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+hnAt+d0OxQx62hA5gnVeEzWwE8hJ9qJg4YZQM6ZH1q8Gae38wGBbwUYDr2B
D6ZadqQdCpwKZfe0Ux3pxAsUCNZlRxWmRuCGorrffuoj90cSaxW5Ubk0kd9i3amm
iy1pdcEjHYvuX9PXPezLJjl1r2tKGWB+72ZvUnDRJHWvNghrs5/vq3xZ6Ymd8bv3
t6Ga/nQoE5T39CxC8efjWgV4EIfXA/dKVUcGY6YucD/RTWqEHfYTB+3d7epnBpys
OlwoJqVBwd8fp0GbDAlRLDBmpm2hn6nCJAoRcridrR+O7OGn94dbK/gUtVAaA2CM
VwmuZAtiDQMa0dzBBNNo6Ty56QIDAQABo4ID2DCCA9QwHQYDVR0OBBYEFGRWIZSj
1yi0owPVSIbzpZhd6z0rMB8GA1UdIwQYMBaAFE1yOVUkOuiNVSQ5r45OCgnI9lkN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzgxQS9ENTIxNDI3MDFE
OUIxMUUyQjgyMUZEODkwOEIwMkNEMi9UWEk1VlNRNjZJMVZKRG12ams0S0NjajJX
UTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RYSTVWU1E2NkkxVkpEbXZqazRLQ2NqMldRMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDc4MUEvRDUyMTQyNzAxRDlCMTFFMkI4MjFGRDg5MDhCMDJDRDIvQ0JDQjIxOENE
ODZGMTFFOUE2QUY3NTE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggFgBggrBgEFBQcBBwEB
/wSCAU8wggFLMIGJBAIAATCBggMEBjpSgAMEAmf3PAMEArYyUAMEALYyVgMEArYy
WAMEAMuCmAMEAcuTHgMEAcuTLgMEAMucEAMEAcucGgMEAMucHwMEAcucLgMEAMuc
QAMEAcucZjAMAwQAy5xtAwQEy5xgAwQAy5xxMAwDBADLnHcDBAfLnAADBADLnJYD
BADLnLcwgbwEAgACMIG1AwkAJARKAAABAAADCQAkBEoAAAIAAAMJACQESgAAAwAA
AwkAJARKAAAEAAADBwAkBEoAEAADBwAkBEoAIJQDBwAkBEoAVUIDCQAkBEoAYAAA
AAMJACQESgBlAAAAAwkAJARKAGUBAAADCQAkBEoAagAAAAMJACQESgBwAAAAAwkA
JARKAHUAAAADCQAkBEoAegAAAAMJACQESgCAAAAAAwkAJARKAIUAAAADCQAkBEoA
igAAADANBgkqhkiG9w0BAQsFAAOCAQEAo6bD39/MdAS4nKz5CcyjbE6V1Dqagz+/
0AdlBC1HcBni/SThwJ6K017aqSTg5WKmE/R1wVTXwmtDREbtbMac1qpXLK+hGx2D
64+a49CbeZTTt+3JXVIWSjfpHMbGZGVN4GIXEs67i30Fz7VxJlFu4Oc0+AY711yr
uO3F/qW6m++16VWXYRRRITi3YOLpRlSdgGf/qeK+7QnJ+rQRizYsgEY2U4XwlxfJ
7QlN46qDFmTnOdjeZFSZFEvZtDln5O336MWIq0F17EMTlUslVIU9sZoy0KL6RMbe
LQImZs+oab71uZiaq5EC6v8qAQpZm8M4/UFCYnz471J3KhBvFn+agw==
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:52:26 2025 by rpki-client