Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9159967/0BBF257815A911E6912D423BC4F9AE02/F79267D61E4011E6945BEB0DC4F9AE02.roa
File: F79267D61E4011E6945BEB0DC4F9AE02.roa (raw, json)
Hash identifier: ebbHAc3H1xs8yb83KOxdepldMzKZEG2KB/oj0PgrPl0=
Subject key identifier: 54:6A:0F:41:84:65:2F:F4:9B:DA:EA:98:69:F9:D3:AC:52:60:A8:01
Certificate issuer: /CN=A9159967/serialNumber=5330EEEEB0D0A9535FAC8505E735843AF6CE60AF
Certificate serial: 20A1
Authority key identifier: 53:30:EE:EE:B0:D0:A9:53:5F:AC:85:05:E7:35:84:3A:F6:CE:60:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UzDu7rDQqVNfrIUF5zWEOvbOYK8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9159967/0BBF257815A911E6912D423BC4F9AE02/F79267D61E4011E6945BEB0DC4F9AE02.roa
Signing time: Thu 10 Jul 2025 08:22:09 +0000
ROA not before: Thu 10 Jul 2025 08:22:09 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 135310
IP address blocks: 103.213.236.0/22 maxlen: 22
103.213.236.0/23 maxlen: 23
103.213.236.0/24 maxlen: 24
103.213.237.0/24 maxlen: 24
103.213.238.0/23 maxlen: 23
103.213.238.0/24 maxlen: 24
103.213.239.0/24 maxlen: 24
192.140.252.0/22 maxlen: 22
192.140.252.0/23 maxlen: 23
192.140.252.0/24 maxlen: 24
192.140.253.0/24 maxlen: 24
192.140.254.0/23 maxlen: 23
192.140.254.0/24 maxlen: 24
192.140.255.0/24 maxlen: 24
2404:b180::/32 maxlen: 32
2404:b180::/48 maxlen: 48
2404:b180:1::/48 maxlen: 48
2404:b180:2::/48 maxlen: 48
2404:b180:1000::/48 maxlen: 48
2404:b180:1001::/48 maxlen: 48
2404:b180:1002::/48 maxlen: 48
2404:b180:1003::/48 maxlen: 48
2404:b180:1004::/48 maxlen: 48
2404:b180:1005::/48 maxlen: 48
2404:b180:1006::/48 maxlen: 48
2404:b180:1007::/48 maxlen: 48
2404:b180:1008::/48 maxlen: 48
2404:b180:1009::/48 maxlen: 48
2404:b180:100a::/48 maxlen: 48
2404:b180:100b::/48 maxlen: 48
2404:b180:100c::/48 maxlen: 48
2404:b180:100d::/48 maxlen: 48
2404:b180:100e::/48 maxlen: 48
2404:b180:100f::/48 maxlen: 48
2404:b180:1200::/44 maxlen: 44
2404:b180:1210::/44 maxlen: 44
2404:b180:1220::/44 maxlen: 44
2404:b180:1230::/44 maxlen: 44
2404:b180:1240::/44 maxlen: 44
2404:b180:1260::/44 maxlen: 44
2404:b180:1270::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9159967/0BBF257815A911E6912D423BC4F9AE02/UzDu7rDQqVNfrIUF5zWEOvbOYK8.crl
rsync://rpki.apnic.net/member_repository/A9159967/0BBF257815A911E6912D423BC4F9AE02/UzDu7rDQqVNfrIUF5zWEOvbOYK8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UzDu7rDQqVNfrIUF5zWEOvbOYK8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 27 Jul 2025 14:50:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8353 (0x20a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9159967, serialNumber=5330EEEEB0D0A9535FAC8505E735843AF6CE60AF
Validity
Not Before: Jul 10 08:22:09 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=686f7830-5b60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ad:8c:90:d3:9b:73:75:75:0b:77:86:05:cb:
70:36:04:aa:c9:c4:38:4b:c0:3b:45:95:2e:63:da:
09:00:89:3b:67:1d:ec:5c:00:f3:69:c3:28:02:02:
f4:22:a6:6e:ae:26:84:88:d8:62:ee:2f:ff:1b:f1:
3a:e2:5c:81:6f:93:2a:5d:95:e6:d7:b9:0d:00:3a:
c7:b7:70:d8:03:83:45:2e:27:8f:1d:c1:0f:c3:30:
59:cc:8c:78:a4:a0:b7:c2:a8:dc:63:9a:68:10:8a:
f9:4d:d3:ac:9a:25:50:30:fc:d3:27:15:3b:66:b2:
b4:8b:59:9d:f1:85:26:25:86:04:e9:f9:cc:74:6e:
90:bb:40:75:31:6f:63:c2:f1:44:9c:94:95:d9:1a:
90:04:0e:8a:66:56:e7:36:4e:7b:c1:16:02:c8:6b:
0d:66:a2:2b:f7:72:1c:ef:76:a1:4d:1f:05:fe:bd:
9c:60:64:41:fb:4e:22:5e:d7:87:be:93:a9:77:69:
26:5d:39:73:40:55:4a:9c:da:72:9b:0d:36:32:59:
0a:bd:ac:da:8c:be:71:26:ff:c7:94:69:dc:13:30:
9a:2d:bb:43:23:b9:52:84:c6:a0:b3:4f:73:12:ca:
bc:45:e4:0f:1c:4d:1a:a1:ce:aa:4f:33:26:33:f2:
bd:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:6A:0F:41:84:65:2F:F4:9B:DA:EA:98:69:F9:D3:AC:52:60:A8:01
X509v3 Authority Key Identifier:
keyid:53:30:EE:EE:B0:D0:A9:53:5F:AC:85:05:E7:35:84:3A:F6:CE:60:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9159967/0BBF257815A911E6912D423BC4F9AE02/UzDu7rDQqVNfrIUF5zWEOvbOYK8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UzDu7rDQqVNfrIUF5zWEOvbOYK8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9159967/0BBF257815A911E6912D423BC4F9AE02/F79267D61E4011E6945BEB0DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.213.236.0/22
192.140.252.0/22
IPv6:
2404:b180::/32
Signature Algorithm: sha256WithRSAEncryption
d3:75:ef:3d:fb:84:d3:9b:3d:23:4a:47:77:1d:04:d3:e9:19:
7a:2b:1c:d5:4e:2a:fd:37:e0:1b:ad:22:51:2e:47:6a:4a:3d:
ec:35:27:37:ef:95:36:3a:e0:c3:f1:78:93:e9:62:b1:bc:16:
d5:ee:cf:49:bc:8e:7e:d0:92:d5:51:61:86:7c:3b:a4:0e:ef:
fe:3e:1c:f3:e4:f2:27:57:8e:c5:84:37:65:7f:95:0b:3a:22:
5d:e9:dc:01:c8:88:e0:c7:cc:4c:b1:3e:3e:8a:3a:be:09:5f:
15:d2:5e:19:93:11:2e:07:ad:d7:56:18:d3:8c:89:6e:f9:db:
2c:68:0a:01:b1:bf:3c:9d:ad:7c:cb:93:68:f7:1d:e2:57:3b:
b5:31:19:bf:99:6a:21:29:9d:9f:39:bb:76:24:3d:bb:66:d5:
6c:4f:45:c3:fc:69:54:77:b7:3e:90:86:c4:43:62:19:30:f5:
4d:82:ce:61:63:50:48:f0:6b:e9:d3:74:05:79:92:9a:28:10:
3f:a3:2c:61:9f:8f:a2:0d:f4:a2:5e:49:b2:df:2e:ed:2c:bc:
b9:2e:33:ec:b8:34:f4:81:92:01:93:fb:45:5a:cb:83:75:a0:
64:4b:60:ae:1f:70:5a:76:30:ff:f4:89:f4:74:72:27:81:72:
41:fd:d5:f5
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICIKEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTk5NjcxMTAvBgNVBAUTKDUzMzBFRUVFQjBEMEE5NTM1RkFDODUwNUU3MzU4NDNB
RjZDRTYwQUYwHhcNMjUwNzEwMDgyMjA5WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODZmNzgzMC01YjYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsq2MkNObc3V1C3eGBctwNgSqycQ4S8A7RZUuY9oJAIk7Zx3sXADzacMoAgL0
IqZuriaEiNhi7i//G/E64lyBb5MqXZXm17kNADrHt3DYA4NFLiePHcEPwzBZzIx4
pKC3wqjcY5poEIr5TdOsmiVQMPzTJxU7ZrK0i1md8YUmJYYE6fnMdG6Qu0B1MW9j
wvFEnJSV2RqQBA6KZlbnNk57wRYCyGsNZqIr93Ic73ahTR8F/r2cYGRB+04iXteH
vpOpd2kmXTlzQFVKnNpymw02MlkKvazajL5xJv/HlGncEzCaLbtDI7lShMags09z
Esq8ReQPHE0aoc6qTzMmM/K9sQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFFRqD0GE
ZS/0m9rqmGn506xSYKgBMB8GA1UdIwQYMBaAFFMw7u6w0KlTX6yFBec1hDr2zmCv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OTk2Ny8wQkJGMjU3ODE1
QTkxMUU2OTEyRDQyM0JDNEY5QUUwMi9VekR1N3JEUXFWTmZySVVGNXpXRU92Yk9Z
SzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1V6RHU3ckRRcVZOZnJJVUY1eldFT3ZiT1lLOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTk5NjcvMEJCRjI1NzgxNUE5MTFFNjkxMkQ0MjNCQzRGOUFFMDIvRjc5MjY3RDYx
RTQwMTFFNjk0NUJFQjBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJn1ewDBALAjPwwDQQCAAIwBwMFACQEsYAwDQYJKoZIhvcN
AQELBQADggEBANN17z37hNObPSNKR3cdBNPpGXorHNVOKv034ButIlEuR2pKPew1
JzfvlTY64MPxeJPpYrG8FtXuz0m8jn7QktVRYYZ8O6QO7/4+HPPk8idXjsWEN2V/
lQs6Il3p3AHIiODHzEyxPj6KOr4JXxXSXhmTES4HrddWGNOMiW752yxoCgGxvzyd
rXzLk2j3HeJXO7UxGb+ZaiEpnZ85u3YkPbtm1WxPRcP8aVR3tz6QhsRDYhkw9U2C
zmFjUEjwa+nTdAV5kpooED+jLGGfj6IN9KJeSbLfLu0svLkuM+y4NPSBkgGT+0Va
y4N1oGRLYK4fcFp2MP/0ifR0cieBckH91fU=
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:02:11 2025 by rpki-client