Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/ED1FED22872D11F0BE26026EC4F9AE02.roa
File: ED1FED22872D11F0BE26026EC4F9AE02.roa (raw, json)
Hash identifier: 1Jj7YmJZGT2IpCCY6W2MyYLfasE6fdDtGGPJd9N3JWQ=
Subject key identifier: 17:61:B3:DE:EA:1E:54:43:82:6D:A5:D0:DD:29:83:9B:FA:CD:9B:AA
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: C3D0
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/ED1FED22872D11F0BE26026EC4F9AE02.roa
Signing time: Mon 01 Sep 2025 12:19:37 +0000
ROA not before: Mon 01 Sep 2025 12:19:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 133647
IP address blocks: 43.229.162.0/24 maxlen: 24
43.230.156.0/22 maxlen: 24
45.115.252.0/22 maxlen: 24
45.116.68.0/22 maxlen: 24
103.38.70.0/24 maxlen: 24
103.43.4.0/22 maxlen: 24
103.49.56.0/22 maxlen: 24
103.50.4.0/22 maxlen: 24
103.55.6.0/23 maxlen: 24
103.61.102.0/23 maxlen: 24
103.69.216.0/22 maxlen: 24
103.70.144.0/22 maxlen: 24
103.70.176.0/23 maxlen: 24
103.79.112.0/22 maxlen: 24
103.93.176.0/22 maxlen: 24
103.109.72.0/23 maxlen: 24
103.122.84.0/24 maxlen: 24
103.122.85.0/24 maxlen: 24
103.129.194.0/24 maxlen: 24
103.129.195.0/24 maxlen: 24
103.144.37.0/24 maxlen: 24
103.156.168.0/23 maxlen: 24
103.157.160.0/23 maxlen: 24
103.159.154.0/23 maxlen: 24
103.161.230.0/23 maxlen: 24
103.161.232.0/24 maxlen: 24
103.161.233.0/24 maxlen: 24
103.174.105.0/24 maxlen: 24
103.175.76.0/24 maxlen: 24
103.175.77.0/24 maxlen: 24
103.176.71.0/24 maxlen: 24
103.214.97.0/24 maxlen: 24
103.220.28.0/24 maxlen: 24
103.220.29.0/24 maxlen: 24
103.220.30.0/24 maxlen: 24
103.220.31.0/24 maxlen: 24
103.237.172.0/24 maxlen: 24
103.237.173.0/24 maxlen: 24
103.237.174.0/24 maxlen: 24
103.237.175.0/24 maxlen: 24
175.111.180.0/24 maxlen: 24
175.111.182.0/24 maxlen: 24
175.111.183.0/24 maxlen: 24
2001:df0:dc80::/48 maxlen: 48
2001:df1:b280::/48 maxlen: 48
2001:df1:f440::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 11 Sep 2025 15:26:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50128 (0xc3d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Sep 1 12:19:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68b58f59-b3ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7e:a6:cf:28:2a:53:08:d8:17:f8:e3:4e:65:
57:f2:f8:c3:a2:f4:d2:f6:b3:41:23:b2:b4:53:70:
b8:5b:a5:6b:71:f0:ca:d0:46:fa:03:d1:ac:79:bc:
13:93:95:cf:f6:19:a2:72:4c:18:f5:0e:7f:1a:c5:
78:46:ce:02:47:01:ff:0c:96:aa:01:77:0d:c0:cb:
53:a1:a6:1f:d8:7d:aa:f5:a3:66:55:61:55:eb:a2:
2b:13:a1:eb:65:13:33:69:79:72:60:ce:7c:ad:4a:
17:ec:4f:86:1e:a8:58:62:53:ef:5f:f0:c6:2e:87:
ad:db:d5:3d:34:d8:ed:99:61:63:be:62:0e:66:d0:
f6:65:e0:53:50:06:5b:4d:04:2b:0e:c7:26:ab:cc:
97:d3:0b:27:18:c2:9c:be:33:85:1f:4f:8f:e1:80:
a2:bd:26:08:28:7d:95:de:b7:eb:2d:75:5d:1d:22:
5e:b9:bd:1e:ee:d9:80:2b:7d:f7:54:95:78:3f:a5:
d2:b3:d3:e3:94:f9:ce:bb:f8:50:b5:1b:0d:99:a8:
04:fb:40:3f:4c:d7:f6:17:a8:c5:e5:9f:5b:de:6d:
84:33:0d:8d:ca:b9:ba:aa:ba:06:18:01:97:a0:b7:
da:47:0d:cb:fb:cf:2a:01:bb:08:dd:66:a5:e1:b8:
61:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:61:B3:DE:EA:1E:54:43:82:6D:A5:D0:DD:29:83:9B:FA:CD:9B:AA
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/ED1FED22872D11F0BE26026EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.162.0/24
43.230.156.0/22
45.115.252.0/22
45.116.68.0/22
103.38.70.0/24
103.43.4.0/22
103.49.56.0/22
103.50.4.0/22
103.55.6.0/23
103.61.102.0/23
103.69.216.0/22
103.70.144.0/22
103.70.176.0/23
103.79.112.0/22
103.93.176.0/22
103.109.72.0/23
103.122.84.0/23
103.129.194.0/23
103.144.37.0/24
103.156.168.0/23
103.157.160.0/23
103.159.154.0/23
103.161.230.0-103.161.233.255
103.174.105.0/24
103.175.76.0/23
103.176.71.0/24
103.214.97.0/24
103.220.28.0/22
103.237.172.0/22
175.111.180.0/24
175.111.182.0/23
IPv6:
2001:df0:dc80::/48
2001:df1:b280::/48
2001:df1:f440::/48
Signature Algorithm: sha256WithRSAEncryption
5d:87:55:e4:a6:58:1a:9b:0e:16:57:37:e0:fb:fc:95:c3:8f:
23:16:9c:09:05:8a:b6:1b:7f:e9:29:01:11:68:49:ec:2b:ec:
95:8a:94:35:bb:52:ce:64:4b:d8:51:db:ad:0e:fd:65:fe:8f:
ac:4a:d1:f4:96:4d:b6:94:5f:d0:c2:82:e0:a5:17:92:59:d4:
a4:aa:8e:68:69:05:49:ff:56:34:e5:eb:a6:f7:d0:f4:77:56:
d4:dc:c6:b9:47:d5:47:07:c9:c1:08:bf:40:e4:f0:0d:e5:d2:
e6:74:d0:bd:72:89:b4:f7:54:11:d2:19:76:ca:4f:81:04:76:
91:11:8d:d9:4e:aa:93:2e:02:3d:16:da:00:bb:d7:38:4d:4d:
e1:7e:a8:d3:01:b1:28:40:f7:92:99:64:f8:5e:af:f1:fb:b6:
de:ea:03:ec:c8:49:58:74:81:2b:6a:c4:36:66:6b:1a:2c:10:
3e:9c:c4:80:ad:6f:ec:16:df:37:b8:8c:10:b8:4f:65:d3:74:
07:bb:ed:22:42:d7:9e:f9:ac:28:ed:69:96:27:2f:d4:7e:ad:
cc:e0:9c:42:6c:14:eb:5b:1d:75:36:b9:18:18:db:75:70:4e:
01:69:ca:4b:c8:c0:6d:f6:fc:20:1c:49:7b:93:87:8e:28:7b:
d3:3a:6f:e2
-----BEGIN CERTIFICATE-----
MIIGVzCCBT+gAwIBAgIDAMPQMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDkwMTEyMTkzN1oXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjhiNThmNTktYjNlZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALt+ps8oKlMI2Bf4405lV/L4w6L00vazQSOytFNwuFula3HwytBG+gPRrHm8
E5OVz/YZonJMGPUOfxrFeEbOAkcB/wyWqgF3DcDLU6GmH9h9qvWjZlVhVeuiKxOh
62UTM2l5cmDOfK1KF+xPhh6oWGJT71/wxi6HrdvVPTTY7ZlhY75iDmbQ9mXgU1AG
W00EKw7HJqvMl9MLJxjCnL4zhR9Pj+GAor0mCCh9ld636y11XR0iXrm9Hu7ZgCt9
91SVeD+l0rPT45T5zrv4ULUbDZmoBPtAP0zX9heoxeWfW95thDMNjcq5uqq6BhgB
l6C32kcNy/vPKgG7CN1mpeG4YfkCAwEAAaOCA3owggN2MB0GA1UdDgQWBBQXYbPe
6h5UQ4JtpdDdKYOb+s2bqjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0VEMUZFRDIy
ODcyRDExRjBCRTI2MDI2RUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBAgYIKwYBBQUHAQcB
Af8EgfIwge8wgckEAgABMIHCAwQAK+WiAwQCK+acAwQCLXP8AwQCLXREAwQAZyZG
AwQCZysEAwQCZzE4AwQCZzIEAwQBZzcGAwQBZz1mAwQCZ0XYAwQCZ0aQAwQBZ0aw
AwQCZ09wAwQCZ12wAwQBZ21IAwQBZ3pUAwQBZ4HCAwQAZ5AlAwQBZ5yoAwQBZ52g
AwQBZ5+aMAwDBAFnoeYDBAFnoegDBABnrmkDBAFnr0wDBABnsEcDBABn1mEDBAJn
3BwDBAJn7awDBACvb7QDBAGvb7YwIQQCAAIwGwMHACABDfDcgAMHACABDfGygAMH
ACABDfH0QDANBgkqhkiG9w0BAQsFAAOCAQEAXYdV5KZYGpsOFlc34Pv8lcOPIxac
CQWKtht/6SkBEWhJ7CvslYqUNbtSzmRL2FHbrQ79Zf6PrErR9JZNtpRf0MKC4KUX
klnUpKqOaGkFSf9WNOXrpvfQ9HdW1NzGuUfVRwfJwQi/QOTwDeXS5nTQvXKJtPdU
EdIZdspPgQR2kRGN2U6qky4CPRbaALvXOE1N4X6o0wGxKED3kplk+F6v8fu23uoD
7MhJWHSBK2rENmZrGiwQPpzEgK1v7BbfN7iMELhPZdN0B7vtIkLXnvmsKO1plicv
1H6tzOCcQmwU61sddTa5GBjbdXBOAWnKS8jAbfb8IBxJe5OHjih70zpv4g==
-----END CERTIFICATE-----
Generated at Sat Sep 6 13:47:08 2025 by rpki-client