Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/92E79D5C03DC11EBBC0DBC0BC4F9AE02.roa
File: 92E79D5C03DC11EBBC0DBC0BC4F9AE02.roa (raw, json)
Hash identifier: E5vRfEH5E/h66qLxvyj70quGBEGLdeUxGVeDBcXammI=
Subject key identifier: 8B:DC:3F:81:3E:84:6C:D8:AD:6F:9B:56:4D:6A:E5:DE:49:7E:12:C9
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: B12C
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/92E79D5C03DC11EBBC0DBC0BC4F9AE02.roa
Signing time: Thu 08 May 2025 15:56:08 +0000
ROA not before: Thu 08 May 2025 15:56:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 132137
IP address blocks: 45.112.0.0/22 maxlen: 24
45.123.92.0/22 maxlen: 24
45.252.68.0/22 maxlen: 24
103.1.48.0/23 maxlen: 24
103.36.44.0/22 maxlen: 24
103.51.72.0/22 maxlen: 24
103.74.196.0/22 maxlen: 24
103.75.28.0/22 maxlen: 24
103.135.200.0/24 maxlen: 24
103.135.201.0/24 maxlen: 24
103.135.202.0/24 maxlen: 24
103.135.203.0/24 maxlen: 24
103.162.162.0/23 maxlen: 24
103.221.68.0/22 maxlen: 24
103.246.240.0/22 maxlen: 24
110.44.100.0/22 maxlen: 24
111.125.244.0/24 maxlen: 24
113.30.216.0/22 maxlen: 24
183.87.192.0/24 maxlen: 24
183.87.240.0/21 maxlen: 24
183.87.248.0/23 maxlen: 24
2401:e500::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 16 Jun 2025 08:26:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45356 (0xb12c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 8 15:56:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=681cd417-016f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:4b:a1:59:9e:65:15:98:71:5c:c5:69:ea:98:
30:22:4a:3d:4b:6c:87:49:28:93:23:6a:02:2a:bc:
4d:1f:b0:be:3e:d8:29:0d:d2:82:99:aa:b5:3b:c3:
a8:0f:31:4b:38:30:ec:c5:8d:70:2c:6e:01:82:60:
a9:0c:d5:8a:f6:52:07:54:a7:1c:12:e5:88:35:13:
27:a1:a7:76:30:8f:65:2b:64:d3:97:2f:5c:6d:4b:
63:16:1b:0a:a4:88:5d:0a:34:73:ca:7f:64:e6:d6:
89:05:8d:c2:0f:e8:9a:46:a0:a1:b0:2d:e8:bd:be:
93:b3:e5:d3:68:fd:a8:b2:c5:1d:3b:e3:aa:be:69:
f5:4c:18:42:8a:1c:89:d5:da:99:2f:60:b7:ab:fd:
fe:a0:05:26:f9:01:bd:c9:8e:28:ec:a0:79:09:0e:
45:d3:e7:45:94:b8:59:48:31:07:c6:d0:d6:9b:7d:
19:87:b5:e7:53:9f:d0:9f:19:33:f8:8c:72:c4:d4:
05:2d:b1:1c:22:94:c6:f1:0e:32:d2:ed:08:30:9b:
48:d5:41:20:30:2b:13:8d:13:3e:3e:ce:b3:34:0c:
1b:d6:53:d8:9c:f6:3f:32:36:62:18:8e:8c:f3:6a:
c0:72:b2:f9:7b:0a:d6:15:df:d0:31:57:e4:2d:c5:
e6:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:DC:3F:81:3E:84:6C:D8:AD:6F:9B:56:4D:6A:E5:DE:49:7E:12:C9
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/92E79D5C03DC11EBBC0DBC0BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.112.0.0/22
45.123.92.0/22
45.252.68.0/22
103.1.48.0/23
103.36.44.0/22
103.51.72.0/22
103.74.196.0/22
103.75.28.0/22
103.135.200.0/22
103.162.162.0/23
103.221.68.0/22
103.246.240.0/22
110.44.100.0/22
111.125.244.0/24
113.30.216.0/22
183.87.192.0/24
183.87.240.0-183.87.249.255
IPv6:
2401:e500::/32
Signature Algorithm: sha256WithRSAEncryption
4b:f6:fe:e8:bd:d7:09:6a:4a:a4:c0:c0:33:ee:cb:71:cb:ea:
77:9f:f8:5d:54:7e:72:12:a0:b9:49:d4:dd:a2:8c:d2:97:0c:
65:52:86:c4:20:54:63:47:ed:88:00:d4:20:b6:f0:4a:c8:ee:
2f:b3:9b:b4:86:95:22:d8:67:67:02:00:04:9d:1e:9a:aa:1f:
53:3d:0f:d5:2c:a7:f6:7f:66:c0:3d:8e:c6:72:01:10:d8:dd:
26:2f:96:be:9b:62:7a:4f:1d:b5:51:08:00:f2:b8:0c:ee:7a:
a1:da:02:4d:38:53:86:34:e4:9f:78:50:10:eb:a3:51:3d:c0:
d3:30:60:69:7a:af:1e:59:ee:85:70:26:22:20:89:c3:b3:81:
76:71:20:31:fc:77:6a:97:45:3a:66:7e:64:47:55:90:25:b1:
8f:6e:bb:2a:d7:09:03:d9:b4:ce:21:33:1e:14:c9:bc:b6:9e:
63:f1:71:1c:f6:61:1a:2a:a7:66:e4:9f:a5:ce:b8:ae:2c:93:
57:20:3a:50:cb:cd:f1:9a:1e:d6:fb:6e:94:a2:8c:db:3c:15:
7b:cf:ba:7b:f8:91:38:73:12:01:be:d0:eb:53:2a:9e:d6:b4:
64:ca:0e:f3:49:a6:12:cd:57:9c:64:d0:67:16:43:29:89:8f:
df:b2:1f:d9
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgIDALEsMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUwODE1NTYwOFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgxY2Q0MTctMDE2ZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM9LoVmeZRWYcVzFaeqYMCJKPUtsh0kokyNqAiq8TR+wvj7YKQ3SgpmqtTvD
qA8xSzgw7MWNcCxuAYJgqQzVivZSB1SnHBLliDUTJ6GndjCPZStk05cvXG1LYxYb
CqSIXQo0c8p/ZObWiQWNwg/omkagobAt6L2+k7Pl02j9qLLFHTvjqr5p9UwYQooc
idXamS9gt6v9/qAFJvkBvcmOKOygeQkORdPnRZS4WUgxB8bQ1pt9GYe151Of0J8Z
M/iMcsTUBS2xHCKUxvEOMtLtCDCbSNVBIDArE40TPj7OszQMG9ZT2Jz2PzI2YhiO
jPNqwHKy+XsK1hXf0DFX5C3F5kUCAwEAAaOCAw8wggMLMB0GA1UdDgQWBBSL3D+B
PoRs2K1vm1ZNauXeSX4SyTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzkyRTc5RDVD
MDNEQzExRUJCQzBEQkMwQkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGYBggrBgEFBQcBBwEB
/wSBiDCBhTB0BAIAATBuAwQCLXAAAwQCLXtcAwQCLfxEAwQBZwEwAwQCZyQsAwQC
ZzNIAwQCZ0rEAwQCZ0scAwQCZ4fIAwQBZ6KiAwQCZ91EAwQCZ/bwAwQCbixkAwQA
b330AwQCcR7YAwQAt1fAMAwDBAS3V/ADBAG3V/gwDQQCAAIwBwMFACQB5QAwDQYJ
KoZIhvcNAQELBQADggEBAEv2/ui91wlqSqTAwDPuy3HL6nef+F1UfnISoLlJ1N2i
jNKXDGVShsQgVGNH7YgA1CC28ErI7i+zm7SGlSLYZ2cCAASdHpqqH1M9D9Usp/Z/
ZsA9jsZyARDY3SYvlr6bYnpPHbVRCADyuAzueqHaAk04U4Y05J94UBDro1E9wNMw
YGl6rx5Z7oVwJiIgicOzgXZxIDH8d2qXRTpmfmRHVZAlsY9uuyrXCQPZtM4hMx4U
yby2nmPxcRz2YRoqp2bkn6XOuK4sk1cgOlDLzfGaHtb7bpSijNs8FXvPunv4kThz
EgG+0OtTKp7WtGTKDvNJphLNV5xk0GcWQymJj9+yH9k=
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:22:14 2025 by rpki-client