Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/4CBCEB321FBE11EF97E7974FC4F9AE02.roa
File: 4CBCEB321FBE11EF97E7974FC4F9AE02.roa (raw, json)
Hash identifier: OioKDe8sovBTK8N4PoWxTciTSnw1R28dZL2MSG1AP4E=
Subject key identifier: 7E:62:C3:B4:06:70:FB:F4:FC:CB:BE:AF:67:28:90:F8:51:50:20:7F
Certificate issuer: /CN=A9148D01/serialNumber=7E36AB1C044321B74CF678263E0524FD34179BBD
Certificate serial: 06C5
Authority key identifier: 7E:36:AB:1C:04:43:21:B7:4C:F6:78:26:3E:05:24:FD:34:17:9B:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjarHARDIbdM9ngmPgUk_TQXm70.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/4CBCEB321FBE11EF97E7974FC4F9AE02.roa
Signing time: Wed 14 May 2025 23:12:09 +0000
ROA not before: Wed 14 May 2025 23:12:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 134540
IP address blocks: 49.248.98.0/23 maxlen: 24
49.248.100.0/22 maxlen: 24
49.248.127.0/24 maxlen: 24
49.248.128.0/24 maxlen: 24
49.248.130.0/24 maxlen: 24
49.248.131.0/24 maxlen: 24
49.248.132.0/24 maxlen: 24
49.248.133.0/24 maxlen: 24
49.248.134.0/24 maxlen: 24
49.248.136.0/24 maxlen: 24
49.248.137.0/24 maxlen: 24
49.248.150.0/24 maxlen: 24
114.143.2.0/24 maxlen: 24
114.143.4.0/23 maxlen: 23
114.143.8.0/24 maxlen: 24
114.143.10.0/24 maxlen: 24
114.143.11.0/24 maxlen: 24
114.143.12.0/24 maxlen: 24
114.143.15.0/24 maxlen: 24
114.143.18.0/24 maxlen: 24
114.143.19.0/24 maxlen: 24
114.143.21.0/24 maxlen: 24
114.143.22.0/24 maxlen: 24
114.143.24.0/24 maxlen: 24
114.143.28.0/24 maxlen: 24
114.143.29.0/24 maxlen: 24
114.143.32.0/21 maxlen: 24
114.143.80.0/20 maxlen: 20
114.143.96.0/24 maxlen: 24
114.143.97.0/24 maxlen: 24
114.143.196.0/24 maxlen: 24
123.252.128.0/24 maxlen: 24
123.252.129.0/24 maxlen: 24
123.252.130.0/24 maxlen: 24
123.252.132.0/24 maxlen: 24
123.252.139.0/24 maxlen: 24
123.252.141.0/24 maxlen: 24
123.252.142.0/24 maxlen: 24
123.252.143.0/24 maxlen: 24
123.252.144.0/24 maxlen: 24
123.252.145.0/24 maxlen: 24
123.252.150.0/24 maxlen: 24
123.252.152.0/24 maxlen: 24
123.252.153.0/24 maxlen: 24
123.252.154.0/24 maxlen: 24
123.252.155.0/24 maxlen: 24
123.252.156.0/24 maxlen: 24
123.252.157.0/24 maxlen: 24
123.252.158.0/24 maxlen: 24
123.252.159.0/24 maxlen: 24
123.252.160.0/24 maxlen: 24
123.252.162.0/24 maxlen: 24
123.252.164.0/24 maxlen: 24
123.252.166.0/24 maxlen: 24
123.252.167.0/24 maxlen: 24
123.252.168.0/24 maxlen: 24
123.252.169.0/24 maxlen: 24
123.252.172.0/24 maxlen: 24
123.252.177.0/24 maxlen: 24
123.252.178.0/24 maxlen: 24
123.252.179.0/24 maxlen: 24
123.252.180.0/24 maxlen: 24
123.252.182.0/24 maxlen: 24
123.252.183.0/24 maxlen: 24
123.252.184.0/24 maxlen: 24
123.252.185.0/24 maxlen: 24
123.252.186.0/24 maxlen: 24
123.252.187.0/24 maxlen: 24
123.252.192.0/24 maxlen: 24
123.252.196.0/24 maxlen: 24
123.252.198.0/24 maxlen: 24
123.252.199.0/24 maxlen: 24
123.252.202.0/24 maxlen: 24
123.252.207.0/24 maxlen: 24
123.252.212.0/22 maxlen: 24
123.252.216.0/24 maxlen: 24
123.252.221.0/24 maxlen: 24
123.252.223.0/24 maxlen: 24
123.252.224.0/21 maxlen: 24
123.252.234.0/24 maxlen: 24
123.252.237.0/24 maxlen: 24
123.252.239.0/24 maxlen: 24
123.252.240.0/22 maxlen: 22
123.252.245.0/24 maxlen: 24
123.252.246.0/24 maxlen: 24
123.252.248.0/24 maxlen: 24
123.252.254.0/24 maxlen: 24
202.149.194.0/24 maxlen: 24
202.149.195.0/24 maxlen: 24
202.149.197.0/24 maxlen: 24
202.149.200.0/24 maxlen: 24
202.149.211.0/24 maxlen: 24
202.149.212.0/24 maxlen: 24
202.149.213.0/24 maxlen: 24
202.149.215.0/24 maxlen: 24
202.149.216.0/24 maxlen: 24
202.189.225.0/24 maxlen: 24
202.189.229.0/24 maxlen: 24
202.189.230.0/24 maxlen: 24
202.189.231.0/24 maxlen: 24
202.189.232.0/24 maxlen: 24
202.189.233.0/24 maxlen: 24
202.189.234.0/24 maxlen: 24
202.189.236.0/24 maxlen: 24
202.189.237.0/24 maxlen: 24
202.189.238.0/24 maxlen: 24
202.189.240.0/24 maxlen: 24
202.189.241.0/24 maxlen: 24
202.189.242.0/24 maxlen: 24
202.189.244.0/24 maxlen: 24
202.189.245.0/24 maxlen: 24
202.189.247.0/24 maxlen: 24
202.189.250.0/24 maxlen: 24
202.189.251.0/24 maxlen: 24
202.189.252.0/24 maxlen: 24
202.189.253.0/24 maxlen: 24
202.189.254.0/24 maxlen: 24
2402:d400:a1::/48 maxlen: 51
2402:d400:a2::/48 maxlen: 51
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/fjarHARDIbdM9ngmPgUk_TQXm70.crl
rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/fjarHARDIbdM9ngmPgUk_TQXm70.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjarHARDIbdM9ngmPgUk_TQXm70.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Jun 2025 23:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1733 (0x6c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9148D01, serialNumber=7E36AB1C044321B74CF678263E0524FD34179BBD
Validity
Not Before: May 14 23:12:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68252349-c810
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:20:52:5f:60:4b:52:6e:d3:88:02:2d:de:9c:
9e:cf:43:8a:25:a1:63:f9:6e:63:c2:f5:36:8f:f5:
ac:35:cc:40:ff:1f:6d:dd:3a:86:27:5d:e1:2f:c7:
46:71:8c:f2:f6:1f:c0:8f:8a:cf:30:84:1e:35:74:
63:9c:b8:0f:6b:52:65:1b:67:86:16:89:08:52:58:
34:da:ff:b5:57:c1:b7:9f:e7:f4:10:4b:91:af:8d:
99:15:f2:9c:cf:47:d8:e1:2c:d1:6e:98:49:85:2e:
a4:48:07:b7:d8:fd:b7:56:e3:62:06:ef:37:ee:bb:
f2:5b:0d:4f:1c:b2:72:cc:73:60:3f:34:b9:88:b5:
63:40:40:5b:5f:a9:72:45:90:f8:b2:25:ae:26:f6:
6e:dc:86:13:b0:fd:ca:dc:11:5b:a5:7a:b5:c9:85:
d6:73:bc:7a:d0:5a:ea:b9:81:9e:f3:70:57:25:06:
04:9d:b8:0c:c3:14:9f:a5:05:01:85:db:d4:7c:4a:
05:d6:0f:f9:7c:09:78:0e:62:c2:71:ee:c2:0e:cf:
0b:fa:2f:7e:16:51:2d:37:cc:1d:f3:24:ca:03:24:
c7:44:40:69:84:d8:59:8c:86:61:db:10:49:4d:57:
ce:9a:21:1f:44:41:c3:a0:a9:04:e2:6d:c6:2d:2c:
8b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:62:C3:B4:06:70:FB:F4:FC:CB:BE:AF:67:28:90:F8:51:50:20:7F
X509v3 Authority Key Identifier:
keyid:7E:36:AB:1C:04:43:21:B7:4C:F6:78:26:3E:05:24:FD:34:17:9B:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/fjarHARDIbdM9ngmPgUk_TQXm70.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjarHARDIbdM9ngmPgUk_TQXm70.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/4CBCEB321FBE11EF97E7974FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.248.98.0-49.248.103.255
49.248.127.0-49.248.128.255
49.248.130.0-49.248.134.255
49.248.136.0/23
49.248.150.0/24
114.143.2.0/24
114.143.4.0/23
114.143.8.0/24
114.143.10.0-114.143.12.255
114.143.15.0/24
114.143.18.0/23
114.143.21.0-114.143.22.255
114.143.24.0/24
114.143.28.0/23
114.143.32.0/21
114.143.80.0-114.143.97.255
114.143.196.0/24
123.252.128.0-123.252.130.255
123.252.132.0/24
123.252.139.0/24
123.252.141.0-123.252.145.255
123.252.150.0/24
123.252.152.0-123.252.160.255
123.252.162.0/24
123.252.164.0/24
123.252.166.0-123.252.169.255
123.252.172.0/24
123.252.177.0-123.252.180.255
123.252.182.0-123.252.187.255
123.252.192.0/24
123.252.196.0/24
123.252.198.0/23
123.252.202.0/24
123.252.207.0/24
123.252.212.0-123.252.216.255
123.252.221.0/24
123.252.223.0-123.252.231.255
123.252.234.0/24
123.252.237.0/24
123.252.239.0-123.252.243.255
123.252.245.0-123.252.246.255
123.252.248.0/24
123.252.254.0/24
202.149.194.0/23
202.149.197.0/24
202.149.200.0/24
202.149.211.0-202.149.213.255
202.149.215.0-202.149.216.255
202.189.225.0/24
202.189.229.0-202.189.234.255
202.189.236.0-202.189.238.255
202.189.240.0-202.189.242.255
202.189.244.0/23
202.189.247.0/24
202.189.250.0-202.189.254.255
IPv6:
2402:d400:a1::-2402:d400:a2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
d7:8f:8a:df:bd:87:07:0f:6c:6c:4e:5f:84:ae:21:b5:07:d0:
36:be:6a:79:a4:79:f9:eb:50:3a:49:25:91:26:b7:2a:cc:1c:
29:f5:96:36:38:3a:d2:2d:f6:bd:16:e8:e1:c0:d3:21:16:4d:
25:da:c5:c0:aa:ec:9c:c9:95:96:0a:4f:17:85:c5:93:f0:ef:
1a:8e:56:98:35:f9:79:dd:b2:f4:46:03:7c:a7:cd:3f:99:48:
60:07:f6:9e:cd:9f:a0:34:11:f4:17:d2:2d:2d:7a:f0:25:7f:
90:25:7e:c0:f6:d2:50:36:86:98:3f:74:43:94:8f:94:0c:5d:
ee:93:7a:b7:cf:ed:98:5d:58:16:28:50:d4:c3:73:12:6d:69:
4b:24:62:98:67:76:52:22:17:ae:71:15:55:88:bc:44:2b:39:
da:fa:67:34:89:dc:57:5a:a2:da:a7:be:a0:20:5e:1f:3e:d8:
32:85:26:56:f5:6e:c4:c9:2a:fd:86:1e:df:de:10:55:b3:cf:
98:69:09:b5:d1:9b:ed:27:da:29:87:a1:c3:b5:ac:71:27:a3:
ef:54:f0:92:24:22:db:60:df:9c:34:e2:54:b0:53:f7:79:b9:
6d:c8:8d:34:ea:6d:70:04:cf:12:c5:63:00:62:9a:47:c0:0c:
f9:38:a6:87
-----BEGIN CERTIFICATE-----
MIIHizCCBnOgAwIBAgICBsUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDhEMDExMTAvBgNVBAUTKDdFMzZBQjFDMDQ0MzIxQjc0Q0Y2NzgyNjNFMDUyNEZE
MzQxNzlCQkQwHhcNMjUwNTE0MjMxMjA5WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODI1MjM0OS1jODEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwiBSX2BLUm7TiAIt3pyez0OKJaFj+W5jwvU2j/WsNcxA/x9t3TqGJ13hL8dG
cYzy9h/Aj4rPMIQeNXRjnLgPa1JlG2eGFokIUlg02v+1V8G3n+f0EEuRr42ZFfKc
z0fY4SzRbphJhS6kSAe32P23VuNiBu837rvyWw1PHLJyzHNgPzS5iLVjQEBbX6ly
RZD4siWuJvZu3IYTsP3K3BFbpXq1yYXWc7x60FrquYGe83BXJQYEnbgMwxSfpQUB
hdvUfEoF1g/5fAl4DmLCce7CDs8L+i9+FlEtN8wd8yTKAyTHREBphNhZjIZh2xBJ
TVfOmiEfREHDoKkE4m3GLSyLsQIDAQABo4IErzCCBKswHQYDVR0OBBYEFH5iw7QG
cPv0/Mu+r2cokPhRUCB/MB8GA1UdIwQYMBaAFH42qxwEQyG3TPZ4Jj4FJP00F5u9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEQwMS9FOTI1MTlGQTk5
MEIxMUVCQTM1NUNCNTNDNEY5QUUwMi9mamFySEFSREliZE05bmdtUGdVa19UUVht
NzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZqYXJIQVJESWJkTTluZ21QZ1VrX1RRWG03MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDhEMDEvRTkyNTE5RkE5OTBCMTFFQkEzNTVDQjUzQzRGOUFFMDIvNENCQ0VCMzIx
RkJFMTFFRjk3RTc5NzRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggI3BggrBgEFBQcBBwEB
/wSCAiYwggIiMIICAgQCAAEwggH6MAwDBAEx+GIDBAMx+GAwDAMEADH4fwMEADH4
gDAMAwQBMfiCAwQAMfiGAwQBMfiIAwQAMfiWAwQAco8CAwQBco8EAwQAco8IMAwD
BAFyjwoDBAByjwwDBAByjw8DBAFyjxIwDAMEAHKPFQMEAHKPFgMEAHKPGAMEAXKP
HAMEA3KPIDAMAwQEco9QAwQBco9gAwQAco/EMAwDBAd7/IADBAB7/IIDBAB7/IQD
BAB7/IswDAMEAHv8jQMEAXv8kAMEAHv8ljAMAwQDe/yYAwQAe/ygAwQAe/yiAwQA
e/ykMAwDBAF7/KYDBAF7/KgDBAB7/KwwDAMEAHv8sQMEAHv8tDAMAwQBe/y2AwQC
e/y4AwQAe/zAAwQAe/zEAwQBe/zGAwQAe/zKAwQAe/zPMAwDBAJ7/NQDBAB7/NgD
BAB7/N0wDAMEAHv83wMEA3v84AMEAHv86gMEAHv87TAMAwQAe/zvAwQCe/zwMAwD
BAB7/PUDBAB7/PYDBAB7/PgDBAB7/P4DBAHKlcIDBADKlcUDBADKlcgwDAMEAMqV
0wMEAcqV1DAMAwQAypXXAwQAypXYAwQAyr3hMAwDBADKveUDBADKveowDAMEAsq9
7AMEAMq97jAMAwQEyr3wAwQAyr3yAwQByr30AwQAyr33MAwDBAHKvfoDBADKvf4w
GgQCAAIwFDASAwcAJALUAAChAwcAJALUAACiMA0GCSqGSIb3DQEBCwUAA4IBAQDX
j4rfvYcHD2xsTl+EriG1B9A2vmp5pHn561A6SSWRJrcqzBwp9ZY2ODrSLfa9Fujh
wNMhFk0l2sXAquycyZWWCk8XhcWT8O8ajlaYNfl53bL0RgN8p80/mUhgB/aezZ+g
NBH0F9ItLXrwJX+QJX7A9tJQNoaYP3RDlI+UDF3uk3q3z+2YXVgWKFDUw3MSbWlL
JGKYZ3ZSIheucRVViLxEKzna+mc0idxXWqLap76gIF4fPtgyhSZW9W7EySr9hh7f
3hBVs8+YaQm10ZvtJ9oph6HDtaxxJ6PvVPCSJCLbYN+cNOJUsFP3ebltyI006m1w
BM8SxWMAYppHwAz5OKaH
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:03:39 2025 by rpki-client