Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/F0C8DB1CA54E11EF8592FD66C4F9AE02.roa
File: F0C8DB1CA54E11EF8592FD66C4F9AE02.roa (raw, json)
Hash identifier: 76K1YbroX8X8W0IqnMICi5xKvh2ELCOHzwZ1tdiFlUg=
Subject key identifier: 0C:61:6B:D9:E6:B7:80:33:63:0C:BD:D9:AD:5C:91:DC:BE:C4:CE:59
Certificate issuer: /CN=A911D848/serialNumber=1DD1B8687886924C4613116050EE90E9D494269E
Certificate serial: 91
Authority key identifier: 1D:D1:B8:68:78:86:92:4C:46:13:11:60:50:EE:90:E9:D4:94:26:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdG4aHiGkkxGExFgUO6Q6dSUJp4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/F0C8DB1CA54E11EF8592FD66C4F9AE02.roa
Signing time: Fri 11 Jul 2025 07:13:59 +0000
ROA not before: Fri 11 Jul 2025 07:13:59 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 9266
IP address blocks: 103.36.152.0/22 maxlen: 22
103.65.216.0/22 maxlen: 22
103.225.108.0/22 maxlen: 22
202.1.116.0/22 maxlen: 22
202.1.116.0/24 maxlen: 24
202.1.117.0/24 maxlen: 24
202.1.118.0/24 maxlen: 24
202.1.119.0/24 maxlen: 24
203.5.244.0/24 maxlen: 24
203.10.124.0/24 maxlen: 24
203.12.116.0/24 maxlen: 24
203.14.106.0/24 maxlen: 24
203.14.193.0/24 maxlen: 24
203.18.151.0/24 maxlen: 24
203.19.52.0/24 maxlen: 24
203.19.220.0/24 maxlen: 24
203.20.110.0/24 maxlen: 24
203.20.111.0/24 maxlen: 24
203.21.22.0/24 maxlen: 24
203.22.169.0/24 maxlen: 24
203.23.50.0/24 maxlen: 24
203.23.71.0/24 maxlen: 24
203.24.174.0/23 maxlen: 24
203.25.68.0/22 maxlen: 22
203.25.69.0/24 maxlen: 24
203.25.70.0/24 maxlen: 24
203.25.71.0/24 maxlen: 24
203.25.123.0/24 maxlen: 24
203.25.158.0/24 maxlen: 24
203.26.171.0/24 maxlen: 24
203.26.226.0/23 maxlen: 23
203.29.21.0/24 maxlen: 24
203.29.127.0/24 maxlen: 24
203.30.78.0/24 maxlen: 24
203.31.214.0/24 maxlen: 24
203.32.44.0/23 maxlen: 24
203.32.47.0/24 maxlen: 24
203.33.28.0/24 maxlen: 24
203.33.58.0/23 maxlen: 24
203.33.108.0/23 maxlen: 24
203.34.167.0/24 maxlen: 24
203.55.194.0/23 maxlen: 24
203.62.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.crl
rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdG4aHiGkkxGExFgUO6Q6dSUJp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 26 Jul 2025 06:50:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145 (0x91)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D848, serialNumber=1DD1B8687886924C4613116050EE90E9D494269E
Validity
Not Before: Jul 11 07:13:59 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6870b9b7-828b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:79:77:28:98:c2:80:b6:d8:5d:d5:c2:72:11:
bb:e6:a1:53:7a:c3:e0:c0:57:78:a0:b5:6c:84:34:
ce:fd:df:10:bb:b3:04:09:b8:79:2a:5b:ce:7f:bf:
42:e5:27:f3:03:50:00:e7:ed:79:12:06:50:a8:16:
89:2b:71:eb:2c:91:7e:5f:3f:ad:9c:a1:68:73:e3:
fc:0a:4d:69:5e:57:7a:88:67:d2:5d:11:2b:f4:0d:
72:06:f6:59:74:34:ec:07:58:73:37:a2:fb:19:87:
ec:3f:ed:6b:f7:81:2e:28:b2:d4:12:54:39:c4:59:
fd:75:17:6d:f9:45:0b:2b:e5:6b:3c:f3:d3:5f:bb:
fc:22:70:29:c2:4e:63:70:ef:f5:59:b1:22:09:9c:
11:f7:94:48:f6:22:61:27:48:ef:59:65:b9:d7:7c:
c4:aa:b3:af:10:66:91:5f:20:60:b7:3a:c6:74:89:
89:1d:8b:b6:d9:be:f1:fc:b8:4c:b0:df:2c:09:c2:
65:5a:eb:48:3f:82:66:10:cf:ea:70:6a:26:e2:1c:
be:9e:65:b7:73:9c:3b:57:9d:e4:2b:75:98:79:48:
a2:81:3b:43:2a:b1:07:3b:dd:dc:0a:91:53:0a:ff:
3c:5f:90:5a:f3:c0:e5:83:00:22:be:31:af:f3:cb:
0b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:61:6B:D9:E6:B7:80:33:63:0C:BD:D9:AD:5C:91:DC:BE:C4:CE:59
X509v3 Authority Key Identifier:
keyid:1D:D1:B8:68:78:86:92:4C:46:13:11:60:50:EE:90:E9:D4:94:26:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdG4aHiGkkxGExFgUO6Q6dSUJp4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/F0C8DB1CA54E11EF8592FD66C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.36.152.0/22
103.65.216.0/22
103.225.108.0/22
202.1.116.0/22
203.5.244.0/24
203.10.124.0/24
203.12.116.0/24
203.14.106.0/24
203.14.193.0/24
203.18.151.0/24
203.19.52.0/24
203.19.220.0/24
203.20.110.0/23
203.21.22.0/24
203.22.169.0/24
203.23.50.0/24
203.23.71.0/24
203.24.174.0/23
203.25.68.0/22
203.25.123.0/24
203.25.158.0/24
203.26.171.0/24
203.26.226.0/23
203.29.21.0/24
203.29.127.0/24
203.30.78.0/24
203.31.214.0/24
203.32.44.0/23
203.32.47.0/24
203.33.28.0/24
203.33.58.0/23
203.33.108.0/23
203.34.167.0/24
203.55.194.0/23
203.62.147.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:d3:4f:e9:54:13:61:17:4f:65:97:be:ab:e6:7d:c9:7c:26:
f0:76:1f:1f:07:ac:19:7a:48:4b:a8:cf:f1:38:d7:5e:a9:5a:
ae:0a:56:d0:28:e6:f6:be:83:83:db:73:12:9f:f4:ec:7d:40:
5e:66:4f:2d:cf:0a:9b:ef:d2:a9:fe:f1:37:2a:bd:14:a0:6f:
72:e9:d3:3d:61:ca:9d:b0:52:66:8e:6d:43:90:70:b5:b1:a9:
7a:0b:2b:e0:a0:8f:a0:cd:40:1f:47:e2:a3:90:89:c9:1a:5d:
81:a8:5e:53:f1:e5:8c:b7:f1:83:04:89:fb:d8:41:b3:b3:b7:
7d:f3:91:2a:a6:7b:f1:b6:96:22:9c:55:8e:88:77:d1:82:ef:
15:f7:07:3c:9b:1b:04:fa:8d:a4:c1:e0:e2:9d:96:cf:95:3e:
77:ab:cd:ad:52:e8:ec:e6:16:e2:3b:5f:f4:54:e4:cc:ec:fb:
e5:be:be:26:5d:c8:43:b9:f7:68:ed:7c:6f:3f:13:fd:50:87:
2a:d7:b9:ea:74:fe:7c:76:49:76:c6:16:1b:01:b6:21:a7:e4:
1e:59:b8:82:72:a2:38:a2:9c:8f:12:5c:fc:c2:57:05:26:89:
1c:be:0d:1a:63:2b:28:55:a6:79:57:97:fb:a9:06:b7:66:6d:
76:20:39:9f
-----BEGIN CERTIFICATE-----
MIIGQjCCBSqgAwIBAgICAJEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQ4NDgxMTAvBgNVBAUTKDFERDFCODY4Nzg4NjkyNEM0NjEzMTE2MDUwRUU5MEU5
RDQ5NDI2OUUwHhcNMjUwNzExMDcxMzU5WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODcwYjliNy04MjhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnHl3KJjCgLbYXdXCchG75qFTesPgwFd4oLVshDTO/d8Qu7MECbh5KlvOf79C
5SfzA1AA5+15EgZQqBaJK3HrLJF+Xz+tnKFoc+P8Ck1pXld6iGfSXREr9A1yBvZZ
dDTsB1hzN6L7GYfsP+1r94EuKLLUElQ5xFn9dRdt+UULK+VrPPPTX7v8InApwk5j
cO/1WbEiCZwR95RI9iJhJ0jvWWW513zEqrOvEGaRXyBgtzrGdImJHYu22b7x/LhM
sN8sCcJlWutIP4JmEM/qcGom4hy+nmW3c5w7V53kK3WYeUiigTtDKrEHO93cCpFT
Cv88X5Ba88DlgwAivjGv88sLYQIDAQABo4IDZjCCA2IwHQYDVR0OBBYEFAxha9nm
t4AzYwy92a1ckdy+xM5ZMB8GA1UdIwQYMBaAFB3RuGh4hpJMRhMRYFDukOnUlCae
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDg0OC9DMjUxQjVCMjlC
MTAxMUVGQTcyQkEwMjBDNEY5QUUwMi9IZEc0YUhpR2treEdFeEZnVU82UTZkU1VK
cDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hkRzRhSGlHa2t4R0V4RmdVTzZRNmRTVUpwNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQ4NDgvQzI1MUI1QjI5QjEwMTFFRkE3MkJBMDIwQzRGOUFFMDIvRjBDOERCMUNB
NTRFMTFFRjg1OTJGRDY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwge8GCCsGAQUFBwEHAQH/
BIHfMIHcMIHZBAIAATCB0gMEAmckmAMEAmdB2AMEAmfhbAMEAsoBdAMEAMsF9AME
AMsKfAMEAMsMdAMEAMsOagMEAMsOwQMEAMsSlwMEAMsTNAMEAMsT3AMEAcsUbgME
AMsVFgMEAMsWqQMEAMsXMgMEAMsXRwMEAcsYrgMEAssZRAMEAMsZewMEAMsZngME
AMsaqwMEAcsa4gMEAMsdFQMEAMsdfwMEAMseTgMEAMsf1gMEAcsgLAMEAMsgLwME
AMshHAMEAcshOgMEAcshbAMEAMsipwMEAcs3wgMEAMs+kzANBgkqhkiG9w0BAQsF
AAOCAQEAnNNP6VQTYRdPZZe+q+Z9yXwm8HYfHwesGXpIS6jP8TjXXqlargpW0Cjm
9r6Dg9tzEp/07H1AXmZPLc8Km+/Sqf7xNyq9FKBvcunTPWHKnbBSZo5tQ5BwtbGp
egsr4KCPoM1AH0fio5CJyRpdgaheU/HljLfxgwSJ+9hBs7O3ffORKqZ78baWIpxV
joh30YLvFfcHPJsbBPqNpMHg4p2Wz5U+d6vNrVLo7OYW4jtf9FTkzOz75b6+Jl3I
Q7n3aO18bz8T/VCHKte56nT+fHZJdsYWGwG2IafkHlm4gnKiOKKcjxJc/MJXBSaJ
HL4NGmMrKFWmeVeX+6kGt2ZtdiA5nw==
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:35:55 2025 by rpki-client