Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EAD78FE6258C11F0B0F9FC23C4F9AE02.roa
File: EAD78FE6258C11F0B0F9FC23C4F9AE02.roa (raw, json)
Hash identifier: PKDaAjEpEIgkD+kVNAkdoiWoZIvudw+9a2w2LzAPv98=
Subject key identifier: C9:4A:BD:19:04:6B:68:33:92:CB:5B:3B:A2:59:8F:56:A0:19:73:A3
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: BA54
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EAD78FE6258C11F0B0F9FC23C4F9AE02.roa
Signing time: Thu 08 May 2025 16:31:55 +0000
ROA not before: Thu 08 May 2025 16:31:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58898
IP address blocks: 45.116.112.0/22 maxlen: 24
103.25.44.0/22 maxlen: 24
103.69.8.0/22 maxlen: 24
103.93.104.0/22 maxlen: 24
103.127.170.0/24 maxlen: 24
103.137.148.0/24 maxlen: 24
103.143.214.0/24 maxlen: 24
103.148.134.0/23 maxlen: 24
103.151.114.0/24 maxlen: 24
103.153.22.0/24 maxlen: 24
103.157.228.0/23 maxlen: 24
103.159.136.0/24 maxlen: 24
103.159.180.0/24 maxlen: 24
103.160.171.0/24 maxlen: 24
103.170.160.0/24 maxlen: 24
103.175.108.0/23 maxlen: 24
103.176.124.0/23 maxlen: 24
103.225.124.0/22 maxlen: 24
163.53.204.0/22 maxlen: 24
2001:df2:a640::/48 maxlen: 48
2403:f680::/40 maxlen: 48
2403:f680:102::/48 maxlen: 48
2403:f680:103::/48 maxlen: 48
2403:f680:104::/48 maxlen: 48
2403:f680:105::/48 maxlen: 48
2403:f680:106::/48 maxlen: 48
2403:f680:107::/48 maxlen: 48
2403:f680:108::/48 maxlen: 48
2403:f680:112::/48 maxlen: 48
2403:f680:113::/48 maxlen: 48
2403:f680:114::/48 maxlen: 48
2403:f680:115::/48 maxlen: 48
2403:f680:116::/48 maxlen: 48
2403:f680:117::/48 maxlen: 48
2403:f680:118::/48 maxlen: 48
2403:f680:119::/48 maxlen: 48
2403:f680:120::/48 maxlen: 48
2403:f680:121::/48 maxlen: 48
2403:f680:122::/48 maxlen: 48
2403:f680:123::/48 maxlen: 48
2403:f680:124::/48 maxlen: 48
2403:f680:125::/48 maxlen: 48
2403:f680:126::/48 maxlen: 48
2403:f680:127::/48 maxlen: 48
2403:f680:128::/48 maxlen: 48
2403:f680:129::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 12 Jun 2025 12:12:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47700 (0xba54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 8 16:31:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=681cdc7b-60d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:00:26:52:14:54:40:65:c7:d2:06:f6:4a:7e:
14:c1:35:76:7c:c6:60:a4:e1:10:58:20:bb:33:86:
02:9c:7b:55:c3:4b:28:06:2a:42:4d:05:b3:dd:aa:
45:b2:62:e8:4f:1a:a3:ce:55:9e:19:35:88:4e:cb:
65:01:6e:15:6b:fe:7f:83:47:c8:77:33:11:44:8a:
2e:da:1a:4e:5a:19:5a:39:a2:f6:99:14:ae:44:fd:
8d:81:c6:d3:e5:c7:1b:89:00:1d:f3:22:cd:90:a7:
91:be:fa:15:a6:97:d6:31:20:26:ea:d8:be:d3:35:
11:26:df:de:4d:95:22:3d:23:e5:66:df:75:d0:03:
0f:26:72:84:b3:30:1e:4e:18:66:99:d1:01:c1:6a:
3a:59:78:f1:51:87:16:99:8c:a9:95:8b:06:08:99:
27:4a:f1:e6:cc:08:89:53:f2:ea:fb:15:e6:49:8b:
64:3c:0d:4c:86:43:90:60:ff:e8:2e:8f:93:32:be:
cd:4b:5d:93:1f:50:38:0e:dc:f6:48:36:eb:6a:b8:
20:0c:c4:c2:d9:87:48:1d:20:cf:06:8d:e5:6f:f5:
84:86:67:b1:b8:d8:7e:c1:64:95:c3:4b:f2:7b:00:
5e:e9:1c:6b:ac:a1:64:31:50:b4:09:14:5e:42:8d:
29:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:4A:BD:19:04:6B:68:33:92:CB:5B:3B:A2:59:8F:56:A0:19:73:A3
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EAD78FE6258C11F0B0F9FC23C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.116.112.0/22
103.25.44.0/22
103.69.8.0/22
103.93.104.0/22
103.127.170.0/24
103.137.148.0/24
103.143.214.0/24
103.148.134.0/23
103.151.114.0/24
103.153.22.0/24
103.157.228.0/23
103.159.136.0/24
103.159.180.0/24
103.160.171.0/24
103.170.160.0/24
103.175.108.0/23
103.176.124.0/23
103.225.124.0/22
163.53.204.0/22
IPv6:
2001:df2:a640::/48
2403:f680::/40
2403:f680:102::-2403:f680:108:ffff:ffff:ffff:ffff:ffff
2403:f680:112::-2403:f680:119:ffff:ffff:ffff:ffff:ffff
2403:f680:120::-2403:f680:129:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3a:dd:d2:ec:5e:03:a6:61:2c:37:c0:2b:4d:49:75:6a:24:be:
6e:55:66:ad:fc:ab:e2:af:5a:fc:20:00:63:5e:9a:02:94:0c:
d4:e7:90:3e:e9:61:8d:b7:07:e4:28:60:4b:70:ce:e4:b3:91:
6a:22:83:c0:41:0f:32:39:6c:c8:b3:72:17:63:30:2b:65:13:
90:86:0f:9b:ff:96:c7:d2:95:c1:fd:c9:58:e5:80:f8:bb:8e:
de:e6:ae:3e:98:de:24:aa:33:a1:2c:3f:7a:c3:d7:9b:54:c3:
c8:e5:68:e1:9f:8d:2b:94:98:bc:33:36:16:02:b4:f4:5b:61:
60:d5:4f:70:71:3b:d6:03:37:52:cb:62:a5:37:6c:99:ef:ad:
70:6a:c4:b1:36:a9:5d:a1:4d:95:98:f4:cb:76:d4:d0:30:e4:
1c:3a:e6:e7:57:00:99:87:ba:bc:08:50:df:6d:15:37:fb:80:
2a:37:26:3f:a6:eb:5b:4b:a4:10:c9:b7:76:f7:3d:9f:88:f5:
ed:3c:2b:5c:58:ad:1e:99:05:0c:af:8d:66:d5:4a:43:c7:a7:
79:c9:0e:c8:3b:fb:f5:11:68:4c:77:16:d4:ff:7c:46:1e:ec:
49:43:f6:e7:13:7e:f3:25:ec:ca:ac:5a:c1:65:af:f2:01:ae:
80:78:42:ed
-----BEGIN CERTIFICATE-----
MIIGNjCCBR6gAwIBAgIDALpUMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUwODE2MzE1NVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgxY2RjN2ItNjBkNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMgAJlIUVEBlx9IG9kp+FME1dnzGYKThEFgguzOGApx7VcNLKAYqQk0Fs92q
RbJi6E8ao85Vnhk1iE7LZQFuFWv+f4NHyHczEUSKLtoaTloZWjmi9pkUrkT9jYHG
0+XHG4kAHfMizZCnkb76FaaX1jEgJurYvtM1ESbf3k2VIj0j5WbfddADDyZyhLMw
Hk4YZpnRAcFqOll48VGHFpmMqZWLBgiZJ0rx5swIiVPy6vsV5kmLZDwNTIZDkGD/
6C6PkzK+zUtdkx9QOA7c9kg262q4IAzEwtmHSB0gzwaN5W/1hIZnsbjYfsFklcNL
8nsAXukca6yhZDFQtAkUXkKNKfkCAwEAAaOCA1kwggNVMB0GA1UdDgQWBBTJSr0Z
BGtoM5LLWzuiWY9WoBlzozAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0VBRDc4RkU2
MjU4QzExRjBCMEY5RkMyM0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIHiBggrBgEFBQcBBwEB
/wSB0jCBzzB4BAIAATByAwQCLXRwAwQCZxksAwQCZ0UIAwQCZ11oAwQAZ3+qAwQA
Z4mUAwQAZ4/WAwQBZ5SGAwQAZ5dyAwQAZ5kWAwQBZ53kAwQAZ5+IAwQAZ5+0AwQA
Z6CrAwQAZ6qgAwQBZ69sAwQBZ7B8AwQCZ+F8AwQCozXMMFMEAgACME0DBwAgAQ3y
pkADBgAkA/aAADASAwcBJAP2gAECAwcAJAP2gAEIMBIDBwEkA/aAARIDBwEkA/aA
ARgwEgMHBSQD9oABIAMHASQD9oABKDANBgkqhkiG9w0BAQsFAAOCAQEAOt3S7F4D
pmEsN8ArTUl1aiS+blVmrfyr4q9a/CAAY16aApQM1OeQPulhjbcH5ChgS3DO5LOR
aiKDwEEPMjlsyLNyF2MwK2UTkIYPm/+Wx9KVwf3JWOWA+LuO3uauPpjeJKozoSw/
esPXm1TDyOVo4Z+NK5SYvDM2FgK09FthYNVPcHE71gM3UstipTdsme+tcGrEsTap
XaFNlZj0y3bU0DDkHDrm51cAmYe6vAhQ320VN/uAKjcmP6brW0ukEMm3dvc9n4j1
7TwrXFitHpkFDK+NZtVKQ8eneckOyDv79RFoTHcW1P98Rh7sSUP25xN+8yXsyqxa
wWWv8gGugHhC7Q==
-----END CERTIFICATE-----
Generated at Fri Jun 6 06:56:15 2025 by rpki-client