Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/225BB4A634A611F0905BBC68C4F9AE02.roa
File: 225BB4A634A611F0905BBC68C4F9AE02.roa (raw, json)
Hash identifier: d/e8Y1wlIVQ3BPVFkM9QywoWj72X/SBdv2Xcv961/ks=
Subject key identifier: BA:B1:1C:47:3A:74:B2:FA:AB:4B:A6:6B:9C:97:44:17:C2:6B:93:1B
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: BB51
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/225BB4A634A611F0905BBC68C4F9AE02.roa
Signing time: Mon 19 May 2025 11:40:59 +0000
ROA not before: Mon 19 May 2025 11:40:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58762
IP address blocks: 45.117.180.0/24 maxlen: 24
45.117.181.0/24 maxlen: 24
45.117.182.0/24 maxlen: 24
45.117.183.0/24 maxlen: 24
103.18.72.0/24 maxlen: 24
103.18.73.0/24 maxlen: 24
103.18.74.0/24 maxlen: 24
103.18.75.0/24 maxlen: 24
103.69.12.0/22 maxlen: 24
103.88.0.0/22 maxlen: 24
103.138.8.0/24 maxlen: 24
103.138.9.0/24 maxlen: 24
103.147.0.0/24 maxlen: 24
103.147.1.0/24 maxlen: 24
103.153.12.0/24 maxlen: 24
103.157.4.0/23 maxlen: 24
103.157.10.0/23 maxlen: 24
103.164.46.0/23 maxlen: 24
103.165.28.0/23 maxlen: 24
103.225.56.0/22 maxlen: 22
103.225.56.0/24 maxlen: 24
103.225.57.0/24 maxlen: 24
103.225.58.0/24 maxlen: 24
103.225.59.0/24 maxlen: 24
150.129.44.0/24 maxlen: 24
150.129.45.0/24 maxlen: 24
150.129.46.0/24 maxlen: 24
150.129.47.0/24 maxlen: 24
2001:df0:8000::/48 maxlen: 56
2407:c140::/32 maxlen: 38
2407:c140::/36 maxlen: 40
2407:c140:1000::/37 maxlen: 40
2407:c140:1800::/38 maxlen: 40
2407:c140:1c00::/39 maxlen: 40
2407:c140:1e00::/40 maxlen: 40
2407:c140:1f00::/40 maxlen: 40
2407:c140:2000::/35 maxlen: 40
2407:c140:4000::/34 maxlen: 40
2407:c140:8000::/33 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 18 Jun 2025 10:42:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47953 (0xbb51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 19 11:40:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=682b18cb-d962
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a5:31:e4:43:17:d7:f2:e1:94:f5:b3:93:d8:
2e:e7:1d:e1:2a:6b:c3:b4:b9:be:cf:03:6c:f5:71:
8f:11:62:c6:4d:8f:3d:fa:a8:6c:ed:90:c0:47:81:
88:6f:1b:d1:71:30:e8:19:e7:8f:7a:a4:04:c5:66:
f2:b9:26:ad:f1:c0:99:65:c0:cd:8b:63:db:d2:86:
42:bc:3d:58:6f:e9:0b:43:a8:c4:71:7c:ba:cd:8d:
1c:5e:f5:7a:d7:4f:32:19:e6:66:ed:87:98:30:35:
f6:03:d2:53:b0:24:b3:45:f4:56:40:1c:7d:c9:9c:
75:53:88:2e:4f:ce:2d:60:86:59:25:3d:f2:5b:34:
25:c8:8d:56:da:ca:81:80:ec:9e:8c:dc:d0:c9:9d:
7d:0b:37:bd:5d:c0:d6:e6:2b:11:f6:19:7a:dc:e9:
56:e5:f0:fe:2e:14:52:42:37:1b:81:cf:de:e7:b8:
92:01:1b:45:37:56:96:59:38:aa:ea:8b:3a:bc:aa:
48:20:31:3f:dc:b5:0e:02:26:47:f3:ac:61:8e:f8:
3c:2c:12:bc:a5:43:68:40:38:8e:9c:35:03:d0:10:
33:d9:0e:c3:2e:e3:10:f7:41:a5:5b:b1:1c:59:f4:
5b:32:62:42:f7:50:d5:04:78:0e:ba:a7:31:fe:a3:
52:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:B1:1C:47:3A:74:B2:FA:AB:4B:A6:6B:9C:97:44:17:C2:6B:93:1B
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/225BB4A634A611F0905BBC68C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.117.180.0/22
103.18.72.0/22
103.69.12.0/22
103.88.0.0/22
103.138.8.0/23
103.147.0.0/23
103.153.12.0/24
103.157.4.0/23
103.157.10.0/23
103.164.46.0/23
103.165.28.0/23
103.225.56.0/22
150.129.44.0/22
IPv6:
2001:df0:8000::/48
2407:c140::/32
Signature Algorithm: sha256WithRSAEncryption
a7:09:51:d7:c5:0b:6c:72:aa:39:b9:a9:1e:1e:3f:71:0b:bf:
61:19:46:24:91:4f:64:b9:15:bc:ee:f0:95:b3:8f:2d:06:22:
27:fe:ef:f4:75:98:2b:68:ee:35:6a:ae:d5:03:86:7c:ce:22:
19:95:5e:32:ed:82:c2:d7:9a:90:cb:ca:86:ad:10:83:9c:d1:
98:08:48:cf:0a:24:29:dc:3c:db:a2:30:b6:62:bf:06:57:5f:
2e:ad:29:99:eb:b7:19:11:e8:a6:12:8e:24:56:ae:dc:74:d1:
f9:39:3c:7c:c2:8a:33:44:4e:a7:df:54:da:c7:0e:bb:e7:cf:
e8:b0:c9:19:3b:8a:60:10:3f:90:70:2d:20:f4:64:27:5a:03:
7e:d7:bb:d8:9a:ac:6f:70:00:23:49:b6:93:25:cf:fd:69:b3:
e0:aa:d0:8a:a4:64:88:4a:76:4e:65:12:ba:ce:85:a1:50:51:
3f:e9:8d:3f:5b:4d:6a:ed:40:cb:0e:eb:46:16:eb:e2:08:89:
69:ad:e9:55:30:54:e1:31:e7:62:b9:29:bc:a3:05:bf:e4:6c:
99:f6:b1:ff:54:20:1a:65:53:c0:59:96:da:7f:cf:b3:32:a0:
bf:25:7d:5e:e6:4f:82:1a:1f:9f:03:38:c5:7b:d4:41:fd:54:
96:ee:98:3c
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgIDALtRMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUxOTExNDA1OVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgyYjE4Y2ItZDk2MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMylMeRDF9fy4ZT1s5PYLucd4Sprw7S5vs8DbPVxjxFixk2PPfqobO2QwEeB
iG8b0XEw6Bnnj3qkBMVm8rkmrfHAmWXAzYtj29KGQrw9WG/pC0OoxHF8us2NHF71
etdPMhnmZu2HmDA19gPSU7Aks0X0VkAcfcmcdVOILk/OLWCGWSU98ls0JciNVtrK
gYDsnozc0MmdfQs3vV3A1uYrEfYZetzpVuXw/i4UUkI3G4HP3ue4kgEbRTdWllk4
quqLOryqSCAxP9y1DgImR/OsYY74PCwSvKVDaEA4jpw1A9AQM9kOwy7jEPdBpVux
HFn0WzJiQvdQ1QR4DrqnMf6jUgsCAwEAAaOCAvUwggLxMB0GA1UdDgQWBBS6sRxH
OnSy+qtLpmucl0QXwmuTGzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzIyNUJCNEE2
MzRBNjExRjA5MDVCQkM2OEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMH8GCCsGAQUFBwEHAQH/
BHAwbjBUBAIAATBOAwQCLXW0AwQCZxJIAwQCZ0UMAwQCZ1gAAwQBZ4oIAwQBZ5MA
AwQAZ5kMAwQBZ50EAwQBZ50KAwQBZ6QuAwQBZ6UcAwQCZ+E4AwQCloEsMBYEAgAC
MBADBwAgAQ3wgAADBQAkB8FAMA0GCSqGSIb3DQEBCwUAA4IBAQCnCVHXxQtscqo5
uakeHj9xC79hGUYkkU9kuRW87vCVs48tBiIn/u/0dZgraO41aq7VA4Z8ziIZlV4y
7YLC15qQy8qGrRCDnNGYCEjPCiQp3DzbojC2Yr8GV18urSmZ67cZEeimEo4kVq7c
dNH5OTx8woozRE6n31Taxw6758/osMkZO4pgED+QcC0g9GQnWgN+17vYmqxvcAAj
SbaTJc/9abPgqtCKpGSISnZOZRK6zoWhUFE/6Y0/W01q7UDLDutGFuviCIlprelV
MFThMediuSm8owW/5GyZ9rH/VCAaZVPAWZbaf8+zMqC/JX1e5k+CGh+fAzjFe9RB
/VSW7pg8
-----END CERTIFICATE-----
Generated at Wed Jun 11 23:52:11 2025 by rpki-client