Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/75D2A3666E8011EF92BDE465C4F9AE02.roa
File: 75D2A3666E8011EF92BDE465C4F9AE02.roa (raw, json)
Hash identifier: ibfU8LeRFc29BiPbfaOtCj5JQq97ZqfQqw4BbP5mq+Q=
Subject key identifier: 0F:0D:CB:EF:1E:31:D4:8B:18:DE:C6:BA:9B:3F:96:A3:C3:53:54:EB
Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Certificate serial: 1D3A
Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/75D2A3666E8011EF92BDE465C4F9AE02.roa
Signing time: Thu 29 May 2025 14:01:40 +0000
ROA not before: Thu 29 May 2025 14:01:40 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 132165
IP address blocks: 43.245.128.0/24 maxlen: 24
43.245.129.0/24 maxlen: 24
43.245.130.0/24 maxlen: 24
43.245.131.0/24 maxlen: 24
103.12.120.0/24 maxlen: 24
103.12.121.0/24 maxlen: 24
103.12.122.0/24 maxlen: 24
103.12.123.0/24 maxlen: 24
111.119.160.0/24 maxlen: 24
111.119.161.0/24 maxlen: 24
111.119.162.0/24 maxlen: 24
111.119.163.0/24 maxlen: 24
111.119.164.0/24 maxlen: 24
111.119.165.0/24 maxlen: 24
111.119.166.0/24 maxlen: 24
111.119.167.0/24 maxlen: 24
113.203.192.0/24 maxlen: 24
113.203.193.0/24 maxlen: 24
113.203.195.0/24 maxlen: 24
113.203.200.0/24 maxlen: 24
113.203.201.0/24 maxlen: 24
113.203.202.0/24 maxlen: 24
113.203.203.0/24 maxlen: 24
113.203.204.0/24 maxlen: 24
113.203.205.0/24 maxlen: 24
113.203.207.0/24 maxlen: 24
115.42.64.0/24 maxlen: 24
115.42.65.0/24 maxlen: 24
115.42.66.0/24 maxlen: 24
115.42.67.0/24 maxlen: 24
115.42.68.0/24 maxlen: 24
115.42.69.0/24 maxlen: 24
115.42.70.0/24 maxlen: 24
115.42.71.0/24 maxlen: 24
118.103.226.0/24 maxlen: 24
118.103.227.0/24 maxlen: 24
118.103.228.0/24 maxlen: 24
118.103.229.0/24 maxlen: 24
118.103.230.0/24 maxlen: 24
118.103.231.0/24 maxlen: 24
118.103.232.0/24 maxlen: 24
118.103.233.0/24 maxlen: 24
118.103.234.0/24 maxlen: 24
118.103.235.0/24 maxlen: 24
118.103.236.0/24 maxlen: 24
118.103.237.0/24 maxlen: 24
118.103.238.0/24 maxlen: 24
118.103.239.0/24 maxlen: 24
2406:d00::/48 maxlen: 48
2406:d00:2222::/48 maxlen: 48
2406:d00:5555::/48 maxlen: 48
2406:d00:aaaa::/48 maxlen: 48
2406:d00:bbbb::/48 maxlen: 48
2406:d00:ccaa::/47 maxlen: 48
2406:d00:ccad::/48 maxlen: 48
2406:d00:ccc0::/46 maxlen: 48
2406:d00:cccc::/46 maxlen: 48
2406:d00:cce0::/48 maxlen: 48
2406:d00:ccea::/48 maxlen: 48
2406:d00:ddc1::/48 maxlen: 48
2406:d00:ddcc::/48 maxlen: 48
2406:d00:ddd1::/48 maxlen: 48
2406:d00:dddd::/48 maxlen: 48
2406:d00:ddf1::/48 maxlen: 48
2406:d00:ddff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 07 Jun 2025 16:09:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7482 (0x1d3a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917A84A, serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Validity
Not Before: May 29 14:01:40 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=683868c4-e88c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5a:6c:06:f9:ef:a8:ed:9f:e4:b9:48:af:4a:
dc:09:df:a2:7f:47:24:f2:03:84:eb:5d:f4:11:86:
c4:ec:a3:40:66:2f:62:ca:da:42:e2:37:d1:e3:f1:
fa:3a:f8:5b:83:10:8f:f7:51:58:8d:8b:05:cc:49:
ce:8f:b9:cb:d0:86:10:96:79:6e:36:c9:8e:22:f1:
a4:14:e8:df:ea:c7:98:c7:c4:cb:1e:56:74:d0:7f:
be:1a:a5:14:2d:c3:8b:fb:da:c4:93:bb:6c:64:f3:
0b:a0:fb:77:14:a0:5e:65:ba:e8:09:15:2a:cb:3e:
86:be:f1:b7:ca:93:25:2c:11:53:19:0e:90:49:0a:
73:3b:89:84:4d:e7:7e:19:d9:eb:52:40:0a:83:cc:
a5:ed:32:32:a8:1b:c8:5d:98:ba:e8:ef:33:51:f2:
0c:1d:7a:e7:4f:84:a4:d5:0d:1d:ff:40:12:ea:bf:
a1:fa:a6:4b:52:f8:9c:cc:29:8a:1a:ea:f4:24:1e:
55:0b:4e:9f:18:ad:1c:a4:ab:18:24:38:cf:3b:98:
f1:be:fb:e8:4f:c7:8b:1a:06:5b:d3:a6:3b:70:d1:
d9:e2:91:45:9d:b5:60:b9:73:89:1c:a0:3f:e6:94:
22:13:af:0d:07:07:6c:6e:29:12:e1:98:c0:51:60:
81:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:0D:CB:EF:1E:31:D4:8B:18:DE:C6:BA:9B:3F:96:A3:C3:53:54:EB
X509v3 Authority Key Identifier:
keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/75D2A3666E8011EF92BDE465C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.245.128.0/22
103.12.120.0/22
111.119.160.0/21
113.203.192.0/23
113.203.195.0/24
113.203.200.0-113.203.205.255
113.203.207.0/24
115.42.64.0/21
118.103.226.0-118.103.239.255
IPv6:
2406:d00::/48
2406:d00:2222::/48
2406:d00:5555::/48
2406:d00:aaaa::/48
2406:d00:bbbb::/48
2406:d00:ccaa::/47
2406:d00:ccad::/48
2406:d00:ccc0::/46
2406:d00:cccc::/46
2406:d00:cce0::/48
2406:d00:ccea::/48
2406:d00:ddc1::/48
2406:d00:ddcc::/48
2406:d00:ddd1::/48
2406:d00:dddd::/48
2406:d00:ddf1::/48
2406:d00:ddff::/48
Signature Algorithm: sha256WithRSAEncryption
56:d3:af:4e:85:c2:8f:84:95:35:68:57:e8:e3:59:f0:c6:da:
12:0b:7d:2e:01:88:ae:93:bb:9b:31:84:b9:61:a7:19:b1:a5:
b7:d7:55:0f:32:7d:6f:7a:36:84:26:50:79:c3:e6:0d:b4:72:
7f:9a:99:3c:f3:b9:74:ca:c8:5b:dd:5d:cb:75:b7:43:79:d2:
0b:22:c2:32:ce:27:20:46:00:2f:86:10:fe:b2:2c:4d:a2:85:
67:75:e3:48:ba:d8:6f:e4:e4:54:32:d5:27:f2:a7:89:76:58:
6d:e4:10:3b:a8:02:b9:1f:35:74:82:39:54:87:ce:d0:12:95:
7b:05:2b:e9:36:e8:15:00:1d:81:9e:7d:4a:d9:2f:7b:44:ee:
8e:9c:8f:6a:d5:ae:ed:94:64:82:20:75:f2:cd:7e:b1:ab:4d:
b3:d2:5f:bf:73:8f:13:68:b8:07:d0:c2:c7:68:2f:d1:1d:a4:
5b:d6:1d:00:4d:2a:27:e0:28:02:5e:40:4c:05:7a:9c:f4:96:
09:7d:50:26:19:81:c3:ea:3f:ad:38:b0:ff:c6:d9:c7:0e:b0:
11:25:82:42:ce:40:d7:e5:43:1e:8f:53:e8:a4:be:f4:3d:2c:
93:5e:ed:67:01:11:41:72:1c:e3:41:c9:4b:fe:5d:4d:62:de:
55:eb:75:70
-----BEGIN CERTIFICATE-----
MIIGWDCCBUCgAwIBAgICHTowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB
ODEzOTYwM0EwHhcNMjUwNTI5MTQwMTQwWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODM4NjhjNC1lODhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw1psBvnvqO2f5LlIr0rcCd+if0ck8gOE6130EYbE7KNAZi9iytpC4jfR4/H6
OvhbgxCP91FYjYsFzEnOj7nL0IYQlnluNsmOIvGkFOjf6seYx8TLHlZ00H++GqUU
LcOL+9rEk7tsZPMLoPt3FKBeZbroCRUqyz6GvvG3ypMlLBFTGQ6QSQpzO4mETed+
GdnrUkAKg8yl7TIyqBvIXZi66O8zUfIMHXrnT4Sk1Q0d/0AS6r+h+qZLUviczCmK
Gur0JB5VC06fGK0cpKsYJDjPO5jxvvvoT8eLGgZb06Y7cNHZ4pFFnbVguXOJHKA/
5pQiE68NBwdsbikS4ZjAUWCBAQIDAQABo4IDfDCCA3gwHQYDVR0OBBYEFA8Ny+8e
MdSLGN7Gups/lqPDU1TrMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx
RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ
RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0E4NEEvMTgwNTE5MUFFMUVGMTFFNjlEMzY1MDFCQzRGOUFFMDIvNzVEMkEzNjY2
RTgwMTFFRjkyQkRFNDY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEEBggrBgEFBQcBBwEB
/wSB9DCB8TBMBAIAATBGAwQCK/WAAwQCZwx4AwQDb3egAwQBccvAAwQAccvDMAwD
BANxy8gDBAFxy8wDBABxy88DBANzKkAwDAMEAXZn4gMEBHZn4DCBoAQCAAIwgZkD
BwAkBg0AAAADBwAkBg0AIiIDBwAkBg0AVVUDBwAkBg0AqqoDBwAkBg0Au7sDBwEk
Bg0AzKoDBwAkBg0AzK0DBwIkBg0AzMADBwIkBg0AzMwDBwAkBg0AzOADBwAkBg0A
zOoDBwAkBg0A3cEDBwAkBg0A3cwDBwAkBg0A3dEDBwAkBg0A3d0DBwAkBg0A3fED
BwAkBg0A3f8wDQYJKoZIhvcNAQELBQADggEBAFbTr06Fwo+ElTVoV+jjWfDG2hIL
fS4BiK6Tu5sxhLlhpxmxpbfXVQ8yfW96NoQmUHnD5g20cn+amTzzuXTKyFvdXct1
t0N50gsiwjLOJyBGAC+GEP6yLE2ihWd140i62G/k5FQy1Sfyp4l2WG3kEDuoArkf
NXSCOVSHztASlXsFK+k26BUAHYGefUrZL3tE7o6cj2rVru2UZIIgdfLNfrGrTbPS
X79zjxNouAfQwsdoL9EdpFvWHQBNKifgKAJeQEwFepz0lgl9UCYZgcPqP604sP/G
2ccOsBElgkLOQNflQx6PU+ikvvQ9LJNe7WcBEUFyHONByUv+XU1i3lXrdXA=
-----END CERTIFICATE-----
Generated at Mon Jun 2 07:19:40 2025 by rpki-client