Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9182F75/3C8CF63EFCBD11E688D3125EC4F9AE02/A3B7573EF01A11EE935E4329C4F9AE02.roa
File: A3B7573EF01A11EE935E4329C4F9AE02.roa (raw, json)
Hash identifier: 3Fv5pT2XLktCrAEzJ7qYpsBgXpFiEdMr09ecsEjPwls=
Subject key identifier: E6:8A:FF:7A:DF:F3:E7:F6:29:F0:6A:0C:4F:F7:7A:39:EE:C4:6E:0C
Certificate issuer: /CN=A9182F75/serialNumber=420D8C2EC3D2479C5423ABFF74782B8A8A4B7DEA
Certificate serial: 1BE4
Authority key identifier: 42:0D:8C:2E:C3:D2:47:9C:54:23:AB:FF:74:78:2B:8A:8A:4B:7D:EA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qg2MLsPSR5xUI6v_dHgriopLfeo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9182F75/3C8CF63EFCBD11E688D3125EC4F9AE02/A3B7573EF01A11EE935E4329C4F9AE02.roa
Signing time: Sat 26 Apr 2025 16:24:04 +0000
ROA not before: Sat 26 Apr 2025 16:24:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 132220
IP address blocks: 45.125.152.0/22 maxlen: 22
45.125.152.0/24 maxlen: 24
45.125.153.0/24 maxlen: 24
45.125.154.0/24 maxlen: 24
45.125.155.0/24 maxlen: 24
45.250.232.0/22 maxlen: 22
45.250.232.0/24 maxlen: 24
45.250.233.0/24 maxlen: 24
45.250.234.0/24 maxlen: 24
45.250.235.0/24 maxlen: 24
103.7.148.0/22 maxlen: 22
103.7.148.0/24 maxlen: 24
103.7.149.0/24 maxlen: 24
103.7.150.0/24 maxlen: 24
103.7.151.0/24 maxlen: 24
103.216.52.0/22 maxlen: 22
103.216.52.0/24 maxlen: 24
103.216.53.0/24 maxlen: 24
103.216.54.0/24 maxlen: 24
103.216.55.0/24 maxlen: 24
157.119.176.0/22 maxlen: 22
157.119.177.0/24 maxlen: 24
157.119.179.0/24 maxlen: 24
183.87.160.0/19 maxlen: 19
183.87.160.0/20 maxlen: 20
183.87.160.0/24 maxlen: 24
183.87.161.0/24 maxlen: 24
183.87.162.0/24 maxlen: 24
183.87.163.0/24 maxlen: 24
183.87.164.0/24 maxlen: 24
183.87.165.0/24 maxlen: 24
183.87.166.0/24 maxlen: 24
183.87.167.0/24 maxlen: 24
183.87.168.0/24 maxlen: 24
183.87.169.0/24 maxlen: 24
183.87.170.0/24 maxlen: 24
183.87.171.0/24 maxlen: 24
183.87.172.0/24 maxlen: 24
183.87.173.0/24 maxlen: 24
183.87.174.0/24 maxlen: 24
183.87.175.0/24 maxlen: 24
183.87.176.0/24 maxlen: 24
183.87.177.0/24 maxlen: 24
183.87.178.0/24 maxlen: 24
183.87.179.0/24 maxlen: 24
183.87.180.0/24 maxlen: 24
183.87.181.0/24 maxlen: 24
183.87.182.0/24 maxlen: 24
183.87.183.0/24 maxlen: 24
183.87.184.0/24 maxlen: 24
183.87.185.0/24 maxlen: 24
183.87.186.0/24 maxlen: 24
183.87.187.0/24 maxlen: 24
183.87.188.0/24 maxlen: 24
183.87.189.0/24 maxlen: 24
183.87.190.0/24 maxlen: 24
183.87.191.0/24 maxlen: 24
183.87.193.0/24 maxlen: 24
183.87.194.0/23 maxlen: 24
183.87.196.0/22 maxlen: 22
183.87.196.0/24 maxlen: 24
183.87.197.0/24 maxlen: 24
183.87.198.0/24 maxlen: 24
183.87.199.0/24 maxlen: 24
183.87.200.0/21 maxlen: 21
183.87.200.0/24 maxlen: 24
183.87.201.0/24 maxlen: 24
183.87.202.0/24 maxlen: 24
183.87.203.0/24 maxlen: 24
183.87.204.0/24 maxlen: 24
183.87.205.0/24 maxlen: 24
183.87.206.0/24 maxlen: 24
183.87.207.0/24 maxlen: 24
183.87.208.0/24 maxlen: 24
2403:7100::/32 maxlen: 32
2403:7100::/48 maxlen: 48
2403:7100:1::/48 maxlen: 48
2403:7100:2::/48 maxlen: 48
2403:7100:3::/48 maxlen: 48
2403:7100:4::/48 maxlen: 48
2403:7100:5::/48 maxlen: 48
2403:7100:6::/48 maxlen: 48
2403:7100:7::/48 maxlen: 48
2403:7100:8::/48 maxlen: 48
2403:7100:9::/48 maxlen: 48
2403:7100:a::/48 maxlen: 48
2403:7100:b::/48 maxlen: 48
2403:7100:10::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9182F75/3C8CF63EFCBD11E688D3125EC4F9AE02/Qg2MLsPSR5xUI6v_dHgriopLfeo.crl
rsync://rpki.apnic.net/member_repository/A9182F75/3C8CF63EFCBD11E688D3125EC4F9AE02/Qg2MLsPSR5xUI6v_dHgriopLfeo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qg2MLsPSR5xUI6v_dHgriopLfeo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 05 May 2025 16:21:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7140 (0x1be4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9182F75, serialNumber=420D8C2EC3D2479C5423ABFF74782B8A8A4B7DEA
Validity
Not Before: Apr 26 16:24:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=680d08a4-b3bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:70:f2:17:78:fb:a0:08:0a:ba:f0:69:d8:0a:
96:2f:41:09:3b:0d:cb:c0:7a:d9:c0:1c:82:ca:d1:
81:b5:d2:65:c6:fd:88:a1:89:8b:30:3f:f0:79:e6:
5d:b0:a8:8d:f1:4d:b8:2a:30:72:dc:0f:18:5b:f2:
d2:45:3c:22:fd:a7:08:ac:15:e3:85:f3:b0:20:d9:
0f:84:29:df:e0:f8:60:f0:81:e7:94:c8:2f:9f:ff:
02:4b:7d:bc:ee:3a:61:fe:e5:a6:48:8d:ef:29:79:
1d:77:05:d8:42:54:df:8c:c8:44:ef:76:14:09:e3:
46:a2:2b:76:95:a0:5e:9c:20:15:59:d6:f5:fd:02:
d8:b8:92:c7:10:67:9e:5a:93:9b:5a:63:70:a7:56:
8a:56:11:b2:db:17:01:88:99:0d:37:65:09:c2:7f:
52:22:f0:73:7a:92:ad:2b:3c:2f:c5:3a:57:ec:fc:
36:f6:97:f8:df:37:94:07:45:12:eb:62:80:b0:b7:
55:18:ef:c2:92:32:d1:5a:8f:eb:18:10:bd:61:59:
8e:be:04:83:ee:92:0f:fd:d0:bf:89:42:13:0d:d6:
b1:36:f7:95:9b:bb:23:e1:43:41:51:2e:fd:69:91:
2f:c1:12:8d:b8:d9:30:07:44:74:83:12:41:41:a2:
bc:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:8A:FF:7A:DF:F3:E7:F6:29:F0:6A:0C:4F:F7:7A:39:EE:C4:6E:0C
X509v3 Authority Key Identifier:
keyid:42:0D:8C:2E:C3:D2:47:9C:54:23:AB:FF:74:78:2B:8A:8A:4B:7D:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9182F75/3C8CF63EFCBD11E688D3125EC4F9AE02/Qg2MLsPSR5xUI6v_dHgriopLfeo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qg2MLsPSR5xUI6v_dHgriopLfeo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9182F75/3C8CF63EFCBD11E688D3125EC4F9AE02/A3B7573EF01A11EE935E4329C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.125.152.0/22
45.250.232.0/22
103.7.148.0/22
103.216.52.0/22
157.119.176.0/22
183.87.160.0/19
183.87.193.0-183.87.208.255
IPv6:
2403:7100::/32
Signature Algorithm: sha256WithRSAEncryption
b8:80:18:c8:94:fb:8b:4a:51:fe:9c:0f:f4:08:03:02:67:0b:
1a:52:ec:50:bf:32:ec:1f:f2:a5:50:3b:ee:16:67:01:dc:84:
6a:11:2a:7e:68:3f:4a:ff:a7:4d:e8:f3:ea:00:42:03:35:f3:
15:c7:77:b2:48:53:c6:04:94:39:a9:92:c9:92:5a:a3:e9:5e:
46:f8:5e:ad:37:34:32:3d:95:7c:fe:df:1d:87:7c:bc:7b:10:
9b:18:83:15:4d:84:7b:04:c5:2c:1e:3d:69:54:3d:14:5b:76:
02:f5:31:ca:7f:11:02:fc:c6:ea:26:47:1e:51:6c:43:e9:2a:
3a:94:28:fc:b0:51:52:a0:20:90:ea:b6:5c:e7:5c:37:e3:91:
ba:c8:d7:60:13:a6:1c:76:55:d5:3b:61:e1:cd:e7:5d:95:a6:
76:90:45:44:8f:e8:97:19:e9:11:e2:8e:ad:7c:4f:ce:54:53:
e1:ce:f1:98:b9:ec:69:7a:11:8e:f1:5c:28:f1:4f:17:cb:eb:
3a:d9:a4:ee:ec:14:8b:fe:74:20:c3:dc:6f:b3:4d:22:a4:43:
c9:ad:3b:e1:1c:4a:27:18:b9:a8:73:83:e2:cd:2d:a6:8f:95:
50:52:54:02:86:63:62:73:86:60:07:13:be:12:fa:ee:91:74:
de:c0:49:5c
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgICG+QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODJGNzUxMTAvBgNVBAUTKDQyMEQ4QzJFQzNEMjQ3OUM1NDIzQUJGRjc0NzgyQjhB
OEE0QjdERUEwHhcNMjUwNDI2MTYyNDA0WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODBkMDhhNC1iM2JjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyXDyF3j7oAgKuvBp2AqWL0EJOw3LwHrZwByCytGBtdJlxv2IoYmLMD/weeZd
sKiN8U24KjBy3A8YW/LSRTwi/acIrBXjhfOwINkPhCnf4Phg8IHnlMgvn/8CS328
7jph/uWmSI3vKXkddwXYQlTfjMhE73YUCeNGoit2laBenCAVWdb1/QLYuJLHEGee
WpObWmNwp1aKVhGy2xcBiJkNN2UJwn9SIvBzepKtKzwvxTpX7Pw29pf43zeUB0US
62KAsLdVGO/CkjLRWo/rGBC9YVmOvgSD7pIP/dC/iUITDdaxNveVm7sj4UNBUS79
aZEvwRKNuNkwB0R0gxJBQaK8LwIDAQABo4IC0DCCAswwHQYDVR0OBBYEFOaK/3rf
8+f2KfBqDE/3ejnuxG4MMB8GA1UdIwQYMBaAFEINjC7D0kecVCOr/3R4K4qKS33q
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MkY3NS8zQzhDRjYzRUZD
QkQxMUU2ODhEMzEyNUVDNEY5QUUwMi9RZzJNTHNQU1I1eFVJNnZfZEhncmlvcExm
ZW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FnMk1Mc1BTUjV4VUk2dl9kSGdyaW9wTGZlby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODJGNzUvM0M4Q0Y2M0VGQ0JEMTFFNjg4RDMxMjVFQzRGOUFFMDIvQTNCNzU3M0VG
MDFBMTFFRTkzNUU0MzI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWgYIKwYBBQUHAQcBAf8E
SzBJMDgEAgABMDIDBAItfZgDBAIt+ugDBAJnB5QDBAJn2DQDBAKdd7ADBAW3V6Aw
DAMEALdXwQMEALdX0DANBAIAAjAHAwUAJANxADANBgkqhkiG9w0BAQsFAAOCAQEA
uIAYyJT7i0pR/pwP9AgDAmcLGlLsUL8y7B/ypVA77hZnAdyEahEqfmg/Sv+nTejz
6gBCAzXzFcd3skhTxgSUOamSyZJao+leRvherTc0Mj2VfP7fHYd8vHsQmxiDFU2E
ewTFLB49aVQ9FFt2AvUxyn8RAvzG6iZHHlFsQ+kqOpQo/LBRUqAgkOq2XOdcN+OR
usjXYBOmHHZV1Tth4c3nXZWmdpBFRI/olxnpEeKOrXxPzlRT4c7xmLnsaXoRjvFc
KPFPF8vrOtmk7uwUi/50IMPcb7NNIqRDya074RxKJxi5qHOD4s0tpo+VUFJUAoZj
YnOGYAcTvhL67pF03sBJXA==
-----END CERTIFICATE-----
Generated at Mon Apr 28 20:10:45 2025 by rpki-client on console.sobornost.net