Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F6973CAC265711F08B890022C4F9AE02.roa
File: F6973CAC265711F08B890022C4F9AE02.roa (raw, json)
Hash identifier: r+k/ajM52PZfgFD5jImIa9dmPLCgKekp/otZsurAxDw=
Subject key identifier: DC:CF:5D:E8:46:B1:1E:FD:4F:94:C1:AD:BC:FC:53:0F:AE:DF:CB:92
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: B03A
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F6973CAC265711F08B890022C4F9AE02.roa
Signing time: Thu 01 May 2025 06:46:09 +0000
ROA not before: Thu 01 May 2025 06:46:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 135872
IP address blocks: 45.251.68.0/22 maxlen: 24
103.59.88.0/24 maxlen: 24
103.60.219.0/24 maxlen: 24
103.135.228.0/23 maxlen: 24
103.151.156.0/23 maxlen: 24
103.165.114.0/23 maxlen: 24
103.171.246.0/23 maxlen: 24
103.175.62.0/23 maxlen: 24
103.175.139.0/24 maxlen: 24
103.175.168.0/23 maxlen: 24
103.177.156.0/23 maxlen: 24
103.179.16.0/23 maxlen: 24
103.186.36.0/23 maxlen: 24
103.188.162.0/23 maxlen: 24
103.205.163.0/24 maxlen: 24
103.211.20.0/22 maxlen: 24
103.211.132.0/22 maxlen: 24
103.234.93.0/24 maxlen: 24
139.5.140.0/24 maxlen: 24
139.5.141.0/24 maxlen: 24
139.5.142.0/24 maxlen: 24
139.5.143.0/24 maxlen: 24
146.196.44.0/22 maxlen: 24
160.238.92.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 13 May 2025 15:24:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45114 (0xb03a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 1 06:46:09 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=681318b1-5080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:99:69:1d:e9:4a:63:1d:cc:eb:a2:01:4f:44:
72:fb:4e:36:2f:58:a0:33:4c:35:31:62:2b:14:e3:
55:6c:28:eb:32:43:fc:61:52:76:c7:4f:cc:7d:76:
a0:47:e8:9e:b1:e3:7f:9f:e2:1c:35:50:af:ce:df:
e2:49:87:58:f3:bc:06:8b:24:2e:6d:79:c7:22:3d:
41:9b:c9:fd:06:da:92:23:d8:38:3a:04:7a:7d:59:
fa:9d:46:9a:3a:7f:20:8f:f3:89:eb:db:02:99:d7:
63:de:19:97:e7:69:84:14:b5:62:a1:68:96:05:6d:
d8:f7:b1:9b:22:60:c3:7b:f7:b1:dc:86:3a:8f:7c:
44:9e:da:3e:08:30:cd:f7:20:45:ef:83:c8:4a:f5:
a0:1b:ca:a6:c1:6f:0d:56:0b:84:fe:ca:2c:39:9b:
98:e6:50:4f:37:e7:54:d0:ab:ac:86:b1:b7:4e:8e:
03:85:1a:3e:7a:35:a7:36:76:df:d3:86:43:70:65:
e4:5a:19:04:73:47:c1:4e:c6:9a:ce:15:fe:11:d8:
e7:67:cb:d9:03:45:25:0d:db:24:16:4e:bb:8a:fc:
25:aa:43:74:6e:dc:02:bd:da:cc:2f:6b:c9:53:a9:
95:6b:81:4b:f2:6e:72:1f:b5:51:e9:f8:89:f3:4c:
e4:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:CF:5D:E8:46:B1:1E:FD:4F:94:C1:AD:BC:FC:53:0F:AE:DF:CB:92
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F6973CAC265711F08B890022C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.251.68.0/22
103.59.88.0/24
103.60.219.0/24
103.135.228.0/23
103.151.156.0/23
103.165.114.0/23
103.171.246.0/23
103.175.62.0/23
103.175.139.0/24
103.175.168.0/23
103.177.156.0/23
103.179.16.0/23
103.186.36.0/23
103.188.162.0/23
103.205.163.0/24
103.211.20.0/22
103.211.132.0/22
103.234.93.0/24
139.5.140.0/22
146.196.44.0/22
160.238.92.0/22
Signature Algorithm: sha256WithRSAEncryption
78:ac:5c:21:68:9e:ca:e9:37:f8:15:27:28:52:31:d0:ea:45:
66:54:2b:00:f3:b0:8b:70:4c:48:18:a9:41:10:73:14:7c:30:
30:54:ff:c4:3c:ec:a2:80:7a:3c:31:34:f2:8b:68:20:83:43:
06:36:0c:c3:7a:51:03:80:d2:50:db:44:a0:9d:18:55:f5:87:
f1:08:75:9a:4d:ae:cc:2f:5d:95:19:49:c7:fe:90:1f:e4:68:
4e:a6:ac:fd:af:cf:a3:bb:7b:32:c8:f4:95:45:96:1d:55:90:
50:4d:5c:1c:9f:4e:74:9f:99:c4:c7:98:8b:9c:a8:58:33:41:
b6:b2:d9:97:cf:6d:52:0b:8d:0f:80:7d:dc:46:32:ce:7b:14:
90:4d:e3:24:8a:bb:5c:b8:54:b3:f1:0d:f1:84:77:be:72:1f:
30:b1:7e:88:03:7d:fa:ad:a9:25:b8:85:13:3e:bf:04:b8:73:
fd:39:f0:1f:dc:65:d3:91:09:61:1c:6d:9c:44:0d:ff:0f:ce:
67:06:96:c4:22:af:a2:90:db:3a:89:fe:0e:a2:d2:fc:b0:2a:
bd:1a:7f:61:56:e8:f2:b8:f3:1b:bc:e1:f2:46:31:9b:f5:0c:
a8:e6:f0:50:92:6b:d3:75:2a:93:13:a3:36:bd:e3:62:7a:6d:
ff:fa:77:53
-----BEGIN CERTIFICATE-----
MIIF7jCCBNagAwIBAgIDALA6MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUwMTA2NDYwOVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgxMzE4YjEtNTA4MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOmZaR3pSmMdzOuiAU9EcvtONi9YoDNMNTFiKxTjVWwo6zJD/GFSdsdPzH12
oEfonrHjf5/iHDVQr87f4kmHWPO8BoskLm15xyI9QZvJ/QbakiPYODoEen1Z+p1G
mjp/II/zievbApnXY94Zl+dphBS1YqFolgVt2PexmyJgw3v3sdyGOo98RJ7aPggw
zfcgRe+DyEr1oBvKpsFvDVYLhP7KLDmbmOZQTzfnVNCrrIaxt06OA4UaPno1pzZ2
39OGQ3Bl5FoZBHNHwU7Gms4V/hHY52fL2QNFJQ3bJBZOu4r8JapDdG7cAr3azC9r
yVOplWuBS/Juch+1Uen4ifNM5C8CAwEAAaOCAxEwggMNMB0GA1UdDgQWBBTcz13o
RrEe/U+Uwa28/FMPrt/LkjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0Y2OTczQ0FD
MjY1NzExRjA4Qjg5MDAyMkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGaBggrBgEFBQcBBwEB
/wSBijCBhzCBhAQCAAEwfgMEAi37RAMEAGc7WAMEAGc82wMEAWeH5AMEAWeXnAME
AWelcgMEAWer9gMEAWevPgMEAGeviwMEAWevqAMEAWexnAMEAWezEAMEAWe6JAME
AWe8ogMEAGfNowMEAmfTFAMEAmfThAMEAGfqXQMEAosFjAMEApLELAMEAqDuXDAN
BgkqhkiG9w0BAQsFAAOCAQEAeKxcIWieyuk3+BUnKFIx0OpFZlQrAPOwi3BMSBip
QRBzFHwwMFT/xDzsooB6PDE08otoIINDBjYMw3pRA4DSUNtEoJ0YVfWH8Qh1mk2u
zC9dlRlJx/6QH+RoTqas/a/Po7t7Msj0lUWWHVWQUE1cHJ9OdJ+ZxMeYi5yoWDNB
trLZl89tUguND4B93EYyznsUkE3jJIq7XLhUs/EN8YR3vnIfMLF+iAN9+q2pJbiF
Ez6/BLhz/TnwH9xl05EJYRxtnEQN/w/OZwaWxCKvopDbOon+DqLS/LAqvRp/YVbo
8rjzG7zh8kYxm/UMqObwUJJr03UqkxOjNr3jYnpt//p3Uw==
-----END CERTIFICATE-----
Generated at Tue May 6 17:47:10 2025 by rpki-client on console.sobornost.net