Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A46B0/32E9873CBFC811EBB9E4EB6EC4F9AE02/7D58FFA4085511EFA3E44E39C4F9AE02.roa
File: 7D58FFA4085511EFA3E44E39C4F9AE02.roa (raw, json)
Hash identifier: tL4FpVgmNNY7jS9BQs7PmDKkC0MYf8VYGM2whKI+KMQ=
Subject key identifier: 2C:E3:7B:54:83:1F:1E:72:68:00:D5:2F:4C:DC:F5:78:52:0D:D4:FB
Certificate issuer: /CN=A91A46B0/serialNumber=FF682DF8D44864B341D9CB7B6C0659BFFAACC9C7
Certificate serial: 064B
Authority key identifier: FF:68:2D:F8:D4:48:64:B3:41:D9:CB:7B:6C:06:59:BF:FA:AC:C9:C7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_2gt-NRIZLNB2ct7bAZZv_qsycc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A46B0/32E9873CBFC811EBB9E4EB6EC4F9AE02/7D58FFA4085511EFA3E44E39C4F9AE02.roa
Signing time: Mon 14 Jul 2025 00:16:29 +0000
ROA not before: Mon 14 Jul 2025 00:16:29 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 58955
IP address blocks: 43.239.251.0/24 maxlen: 24
43.249.35.0/24 maxlen: 24
45.64.184.0/24 maxlen: 24
45.64.185.0/24 maxlen: 24
45.64.186.0/24 maxlen: 24
45.64.187.0/24 maxlen: 24
103.27.200.0/24 maxlen: 24
103.27.201.0/24 maxlen: 24
103.27.202.0/24 maxlen: 24
103.27.203.0/24 maxlen: 24
103.40.116.0/24 maxlen: 24
103.40.117.0/24 maxlen: 24
103.70.4.0/24 maxlen: 24
103.70.5.0/24 maxlen: 24
103.70.7.0/24 maxlen: 24
103.86.48.0/24 maxlen: 24
103.86.49.0/24 maxlen: 24
103.86.50.0/24 maxlen: 24
103.86.51.0/24 maxlen: 24
103.132.0.0/24 maxlen: 24
103.132.1.0/24 maxlen: 24
103.132.2.0/24 maxlen: 24
103.132.3.0/24 maxlen: 24
103.230.120.0/24 maxlen: 24
103.230.121.0/24 maxlen: 24
103.230.122.0/24 maxlen: 24
103.230.123.0/24 maxlen: 24
103.234.236.0/22 maxlen: 22
103.234.236.0/24 maxlen: 24
103.234.237.0/24 maxlen: 24
103.234.238.0/24 maxlen: 24
103.234.239.0/24 maxlen: 24
103.245.165.0/24 maxlen: 24
103.245.166.0/24 maxlen: 24
103.249.212.0/24 maxlen: 24
103.249.213.0/24 maxlen: 24
103.249.214.0/24 maxlen: 24
103.249.215.0/24 maxlen: 24
116.204.180.0/24 maxlen: 24
116.204.181.0/24 maxlen: 24
116.204.182.0/24 maxlen: 24
116.204.183.0/24 maxlen: 24
2407:7900:1000::/40 maxlen: 40
2407:7900:2000::/40 maxlen: 40
2407:7900:9999::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A46B0/32E9873CBFC811EBB9E4EB6EC4F9AE02/_2gt-NRIZLNB2ct7bAZZv_qsycc.crl
rsync://rpki.apnic.net/member_repository/A91A46B0/32E9873CBFC811EBB9E4EB6EC4F9AE02/_2gt-NRIZLNB2ct7bAZZv_qsycc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_2gt-NRIZLNB2ct7bAZZv_qsycc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 27 Jul 2025 23:10:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1611 (0x64b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A46B0, serialNumber=FF682DF8D44864B341D9CB7B6C0659BFFAACC9C7
Validity
Not Before: Jul 14 00:16:29 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=68744c5c-5fba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:42:64:53:bc:b6:1f:8d:40:23:83:84:bf:6e:
c7:3c:3e:0e:21:ad:47:90:bb:c1:64:32:ab:0f:18:
b8:8d:89:7c:85:30:d7:0a:2d:7a:fb:f4:67:47:bd:
28:2c:b7:6b:88:51:c3:58:cd:a3:dc:2c:8e:b5:21:
a7:19:d6:f4:1f:18:cd:f9:60:6f:29:df:63:32:2a:
ff:8b:15:5f:3e:7d:cd:4f:f4:5b:67:f6:34:78:b7:
b8:73:c4:d8:48:0a:9c:56:81:25:8d:1c:84:b0:bb:
e8:b7:e5:a4:7b:22:6e:e4:78:19:4e:f5:68:9a:1e:
1f:fa:1a:5f:32:ba:c7:f7:4b:22:80:56:ad:2d:53:
72:89:c3:b9:35:2f:e7:d5:06:4a:19:5a:cf:d2:c5:
84:ad:8a:b8:38:2d:ee:d0:20:e3:0b:8e:31:a5:09:
37:da:0f:80:53:45:f5:c0:16:a2:a4:55:96:51:16:
f9:f9:21:56:33:5e:90:80:c7:7a:99:49:a6:97:01:
1a:00:ac:bc:5e:e0:6c:0a:79:62:1b:22:6c:ad:c0:
91:14:5c:3f:99:65:75:49:c9:d0:0c:08:3b:3a:ce:
f0:01:96:41:af:af:a9:6f:35:92:4a:94:bd:6d:69:
2a:f8:fe:4c:9b:4d:c0:58:fd:76:db:d3:2b:5f:20:
94:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:E3:7B:54:83:1F:1E:72:68:00:D5:2F:4C:DC:F5:78:52:0D:D4:FB
X509v3 Authority Key Identifier:
keyid:FF:68:2D:F8:D4:48:64:B3:41:D9:CB:7B:6C:06:59:BF:FA:AC:C9:C7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A46B0/32E9873CBFC811EBB9E4EB6EC4F9AE02/_2gt-NRIZLNB2ct7bAZZv_qsycc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_2gt-NRIZLNB2ct7bAZZv_qsycc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A46B0/32E9873CBFC811EBB9E4EB6EC4F9AE02/7D58FFA4085511EFA3E44E39C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.251.0/24
43.249.35.0/24
45.64.184.0/22
103.27.200.0/22
103.40.116.0/23
103.70.4.0/23
103.70.7.0/24
103.86.48.0/22
103.132.0.0/22
103.230.120.0/22
103.234.236.0/22
103.245.165.0-103.245.166.255
103.249.212.0/22
116.204.180.0/22
IPv6:
2407:7900:1000::/40
2407:7900:2000::/40
2407:7900:9999::/48
Signature Algorithm: sha256WithRSAEncryption
2d:57:a3:4a:ee:3f:3b:11:6a:98:cf:4b:ce:71:f4:85:60:d6:
39:0d:f9:1a:4d:5d:35:63:2c:e4:71:03:43:e6:32:8d:76:2d:
3c:cf:8c:ac:bd:2a:ce:dc:0d:99:dd:00:93:4e:27:41:cf:ed:
9d:fe:2d:80:a0:66:b3:d2:97:a8:98:47:bd:53:25:ed:18:5c:
94:16:66:9e:04:3c:16:2f:02:5a:4d:23:11:ee:7f:e1:29:13:
8f:0b:e5:01:61:92:e0:3a:95:2c:3c:3c:f2:39:a7:df:04:b8:
fc:cb:96:ba:03:fa:e1:66:cf:e0:33:f7:1d:f9:41:1d:10:b6:
63:23:64:c3:2a:79:1d:f3:da:6d:b0:a9:c5:4e:81:88:fe:75:
da:38:6b:eb:c5:5a:7f:38:b7:4c:5e:36:6c:99:92:d6:94:5b:
2f:7e:dc:d5:09:0a:06:f8:d7:aa:02:46:b0:9e:10:78:8c:8a:
8b:4e:b0:7b:b8:eb:73:c5:4a:29:b6:ff:d3:2d:9a:1a:84:f8:
63:96:b3:6e:70:8d:b1:21:4d:fe:f7:04:b7:3a:2e:74:22:7c:
10:10:53:1f:87:93:42:40:43:9f:25:6d:a5:fa:9f:f6:f1:55:
24:d5:24:df:ae:2f:51:76:92:be:dc:99:43:82:39:d2:fe:d1:
08:e0:4e:bc
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgICBkswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTQ2QjAxMTAvBgNVBAUTKEZGNjgyREY4RDQ0ODY0QjM0MUQ5Q0I3QjZDMDY1OUJG
RkFBQ0M5QzcwHhcNMjUwNzE0MDAxNjI5WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODc0NGM1Yy01ZmJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1EJkU7y2H41AI4OEv27HPD4OIa1HkLvBZDKrDxi4jYl8hTDXCi16+/RnR70o
LLdriFHDWM2j3CyOtSGnGdb0HxjN+WBvKd9jMir/ixVfPn3NT/RbZ/Y0eLe4c8TY
SAqcVoEljRyEsLvot+WkeyJu5HgZTvVomh4f+hpfMrrH90sigFatLVNyicO5NS/n
1QZKGVrP0sWErYq4OC3u0CDjC44xpQk32g+AU0X1wBaipFWWURb5+SFWM16QgMd6
mUmmlwEaAKy8XuBsCnliGyJsrcCRFFw/mWV1ScnQDAg7Os7wAZZBr6+pbzWSSpS9
bWkq+P5Mm03AWP1229MrXyCUSQIDAQABo4IDDzCCAwswHQYDVR0OBBYEFCzje1SD
Hx5yaADVL0zc9XhSDdT7MB8GA1UdIwQYMBaAFP9oLfjUSGSzQdnLe2wGWb/6rMnH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDZCMC8zMkU5ODczQ0JG
QzgxMUVCQjlFNEVCNkVDNEY5QUUwMi9fMmd0LU5SSVpMTkIyY3Q3YkFaWnZfcXN5
Y2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL18yZ3QtTlJJWkxOQjJjdDdiQVpadl9xc3ljYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTQ2QjAvMzJFOTg3M0NCRkM4MTFFQkI5RTRFQjZFQzRGOUFFMDIvN0Q1OEZGQTQw
ODU1MTFFRkEzRTQ0RTM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZgGCCsGAQUFBwEHAQH/
BIGIMIGFMGIEAgABMFwDBAAr7/sDBAAr+SMDBAItQLgDBAJnG8gDBAFnKHQDBAFn
RgQDBABnRgcDBAJnVjADBAJnhAADBAJn5ngDBAJn6uwwDAMEAGf1pQMEAGf1pgME
Amf51AMEAnTMtDAfBAIAAjAZAwYAJAd5ABADBgAkB3kAIAMHACQHeQCZmTANBgkq
hkiG9w0BAQsFAAOCAQEALVejSu4/OxFqmM9LznH0hWDWOQ35Gk1dNWMs5HEDQ+Yy
jXYtPM+MrL0qztwNmd0Ak04nQc/tnf4tgKBms9KXqJhHvVMl7RhclBZmngQ8Fi8C
Wk0jEe5/4SkTjwvlAWGS4DqVLDw88jmn3wS4/MuWugP64WbP4DP3HflBHRC2YyNk
wyp5HfPabbCpxU6BiP512jhr68Vafzi3TF42bJmS1pRbL37c1QkKBvjXqgJGsJ4Q
eIyKi06we7jrc8VKKbb/0y2aGoT4Y5azbnCNsSFN/vcEtzoudCJ8EBBTH4eTQkBD
nyVtpfqf9vFVJNUk364vUXaSvtyZQ4I50v7RCOBOvA==
-----END CERTIFICATE-----
Generated at Mon Jul 21 07:23:46 2025 by rpki-client