Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E9DBE7221E8411F0A85F5565C4F9AE02.roa
File: E9DBE7221E8411F0A85F5565C4F9AE02.roa (raw, json)
Hash identifier: HxKN8q+gjdrWxyKfXeFUBpzyhO8I6ZXjUhuNfDcaSHs=
Subject key identifier: 05:E8:D8:F4:EB:99:3E:70:B9:D2:7C:DC:05:25:FB:67:21:8B:EA:F0
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: BC4E
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E9DBE7221E8411F0A85F5565C4F9AE02.roa
Signing time: Wed 28 May 2025 07:54:54 +0000
ROA not before: Wed 28 May 2025 07:54:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 132770
IP address blocks: 43.227.20.0/22 maxlen: 24
43.228.72.0/22 maxlen: 24
43.241.24.0/22 maxlen: 24
45.119.57.0/24 maxlen: 24
45.119.58.0/24 maxlen: 24
45.119.59.0/24 maxlen: 24
45.252.72.0/22 maxlen: 24
103.59.104.0/24 maxlen: 24
103.81.36.0/22 maxlen: 24
103.93.240.0/24 maxlen: 24
103.93.241.0/24 maxlen: 24
103.93.242.0/24 maxlen: 24
103.93.243.0/24 maxlen: 24
103.94.56.0/22 maxlen: 23
103.94.57.0/24 maxlen: 24
103.94.59.0/24 maxlen: 24
103.126.68.0/22 maxlen: 24
103.178.206.0/23 maxlen: 24
103.184.86.0/24 maxlen: 24
103.184.87.0/24 maxlen: 24
103.204.36.0/22 maxlen: 24
103.211.60.0/24 maxlen: 24
103.211.61.0/24 maxlen: 24
103.211.62.0/24 maxlen: 24
103.211.63.0/24 maxlen: 24
103.221.72.0/22 maxlen: 24
103.239.84.0/22 maxlen: 24
103.241.80.0/22 maxlen: 24
103.243.112.0/22 maxlen: 24
103.249.240.0/22 maxlen: 24
103.251.208.0/22 maxlen: 24
103.254.52.0/22 maxlen: 24
150.129.128.0/22 maxlen: 24
150.129.156.0/22 maxlen: 24
163.53.200.0/22 maxlen: 24
202.136.68.0/22 maxlen: 24
2404:4980::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 12 Jun 2025 12:12:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48206 (0xbc4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 28 07:54:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6836c14e-a5a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d0:66:e0:d0:2b:2d:15:8f:6c:3a:6d:2f:8c:
3b:93:c1:79:3c:f0:39:25:89:25:19:64:56:e4:97:
12:eb:4f:6f:53:a0:6f:b1:bb:64:28:d4:14:c3:be:
43:aa:75:2b:8b:80:24:b9:d0:64:56:22:af:a4:59:
f4:d5:9a:1c:1a:2f:04:ae:d1:3b:83:93:2d:a1:cd:
ea:9c:40:aa:fb:e5:0e:3f:6b:9c:78:32:06:3c:ac:
48:2b:60:4a:5a:ad:af:2a:45:6e:87:67:b0:69:10:
04:c1:7c:19:50:a6:c1:6b:47:75:93:16:8e:6e:e8:
b7:0d:1d:ac:8d:97:98:81:1e:1b:4d:09:e4:12:e6:
43:98:17:d8:80:4b:3c:46:79:cd:98:1f:fb:6e:28:
d8:b1:78:6b:da:be:61:0a:5d:05:ae:c7:3e:a9:40:
0e:8b:e3:f3:6c:67:76:1a:07:76:d4:89:4a:19:cc:
d4:52:ef:c8:1c:8f:5e:71:d9:6c:60:fe:23:f0:fb:
88:f0:b5:3d:04:60:ed:9f:fb:3e:3d:7c:4d:17:35:
72:12:a9:23:9b:b7:d1:19:9b:35:22:8c:c7:f2:7b:
c6:68:9d:e0:87:e6:78:7d:59:6b:6a:55:fc:ec:35:
42:e9:01:c4:71:c6:7b:9d:fe:ac:15:8d:40:e6:d1:
bd:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:E8:D8:F4:EB:99:3E:70:B9:D2:7C:DC:05:25:FB:67:21:8B:EA:F0
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E9DBE7221E8411F0A85F5565C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.227.20.0/22
43.228.72.0/22
43.241.24.0/22
45.119.57.0-45.119.59.255
45.252.72.0/22
103.59.104.0/24
103.81.36.0/22
103.93.240.0/22
103.94.56.0/22
103.126.68.0/22
103.178.206.0/23
103.184.86.0/23
103.204.36.0/22
103.211.60.0/22
103.221.72.0/22
103.239.84.0/22
103.241.80.0/22
103.243.112.0/22
103.249.240.0/22
103.251.208.0/22
103.254.52.0/22
150.129.128.0/22
150.129.156.0/22
163.53.200.0/22
202.136.68.0/22
IPv6:
2404:4980::/32
Signature Algorithm: sha256WithRSAEncryption
9d:56:bd:38:ea:68:f9:e5:50:a2:bc:d8:33:d1:7a:bf:1e:42:
d1:f7:54:61:04:0a:4c:e1:04:6d:4f:7e:b5:14:f5:0d:49:8f:
95:1b:00:ff:e4:d8:8f:35:d7:d9:f7:fd:8f:96:4e:59:40:16:
79:f8:fc:46:b1:9f:87:08:06:5a:0d:14:1c:bf:b4:ad:b9:21:
df:ae:72:c4:00:df:e5:ad:ea:f0:76:f0:a9:2c:4f:69:01:18:
bc:a5:bf:3e:c4:96:28:ea:3b:05:44:22:ca:b1:b2:2f:24:98:
8e:25:7c:c4:fe:7d:9c:93:e8:e2:cf:c6:d3:18:64:e2:19:fa:
19:ae:02:1c:d1:12:c1:50:84:51:76:48:3e:8d:2f:4f:a8:b1:
53:05:0f:c3:80:74:d2:fa:01:28:47:e9:be:6c:f6:98:6b:7c:
b1:30:c7:3e:51:eb:91:b5:36:4e:6f:20:df:2c:0d:8c:19:97:
21:3a:74:0a:49:cb:d3:a3:bc:ea:e1:df:16:30:eb:57:aa:7d:
0a:34:24:cf:99:28:4b:50:65:0e:87:f3:6b:57:c7:03:ed:65:
9f:12:9b:79:a8:9b:81:ba:63:08:1b:be:ca:d0:ff:95:87:5c:
10:f2:5f:b3:ab:c2:f1:e3:a3:68:d1:24:82:6c:e6:f4:2a:12:
77:95:d3:76
-----BEGIN CERTIFICATE-----
MIIGHjCCBQagAwIBAgIDALxOMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUyODA3NTQ1NFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgzNmMxNGUtYTVhOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALTQZuDQKy0Vj2w6bS+MO5PBeTzwOSWJJRlkVuSXEutPb1Ogb7G7ZCjUFMO+
Q6p1K4uAJLnQZFYir6RZ9NWaHBovBK7RO4OTLaHN6pxAqvvlDj9rnHgyBjysSCtg
SlqtrypFbodnsGkQBMF8GVCmwWtHdZMWjm7otw0drI2XmIEeG00J5BLmQ5gX2IBL
PEZ5zZgf+24o2LF4a9q+YQpdBa7HPqlADovj82xndhoHdtSJShnM1FLvyByPXnHZ
bGD+I/D7iPC1PQRg7Z/7Pj18TRc1chKpI5u30RmbNSKMx/J7xmid4IfmeH1Za2pV
/Ow1QukBxHHGe53+rBWNQObRvXECAwEAAaOCA0EwggM9MB0GA1UdDgQWBBQF6Nj0
65k+cLnSfNwFJftnIYvq8DAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0U5REJFNzIy
MUU4NDExRjBBODVGNTU2NUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIHKBggrBgEFBQcBBwEB
/wSBujCBtzCBpQQCAAEwgZ4DBAIr4xQDBAIr5EgDBAIr8RgwDAMEAC13OQMEAi13
OAMEAi38SAMEAGc7aAMEAmdRJAMEAmdd8AMEAmdeOAMEAmd+RAMEAWeyzgMEAWe4
VgMEAmfMJAMEAmfTPAMEAmfdSAMEAmfvVAMEAmfxUAMEAmfzcAMEAmf58AMEAmf7
0AMEAmf+NAMEApaBgAMEApaBnAMEAqM1yAMEAsqIRDANBAIAAjAHAwUAJARJgDAN
BgkqhkiG9w0BAQsFAAOCAQEAnVa9OOpo+eVQorzYM9F6vx5C0fdUYQQKTOEEbU9+
tRT1DUmPlRsA/+TYjzXX2ff9j5ZOWUAWefj8RrGfhwgGWg0UHL+0rbkh365yxADf
5a3q8HbwqSxPaQEYvKW/PsSWKOo7BUQiyrGyLySYjiV8xP59nJPo4s/G0xhk4hn6
Ga4CHNESwVCEUXZIPo0vT6ixUwUPw4B00voBKEfpvmz2mGt8sTDHPlHrkbU2Tm8g
3ywNjBmXITp0CknL06O86uHfFjDrV6p9CjQkz5koS1BlDofza1fHA+1lnxKbeaib
gbpjCBu+ytD/lYdcEPJfs6vC8eOjaNEkgmzm9CoSd5XTdg==
-----END CERTIFICATE-----
Generated at Fri Jun 6 06:56:05 2025 by rpki-client