Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/A508D320BBC711ED8DF23C40C4F9AE02.roa
File: A508D320BBC711ED8DF23C40C4F9AE02.roa (raw, json)
Hash identifier: 24aYs+tgnBgct35NNNvM/3lDLKFzetvAVzRTJtmad/4=
Subject key identifier: 23:7B:E0:30:B9:83:AB:9E:62:A0:44:CA:2C:A2:BE:96:A9:D3:45:C2
Certificate issuer: /CN=A91A57F8/serialNumber=9F64FE50992537FB0B40E52F9CFAC310CA271918
Certificate serial: 01F7
Authority key identifier: 9F:64:FE:50:99:25:37:FB:0B:40:E5:2F:9C:FA:C3:10:CA:27:19:18
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n2T-UJklN_sLQOUvnPrDEMonGRg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/A508D320BBC711ED8DF23C40C4F9AE02.roa
Signing time: Wed 16 Jul 2025 00:25:44 +0000
ROA not before: Wed 16 Jul 2025 00:25:44 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 136000
IP address blocks: 103.117.166.0/23 maxlen: 23
103.117.228.0/22 maxlen: 22
103.134.20.0/22 maxlen: 22
103.196.240.0/22 maxlen: 22
103.209.12.0/22 maxlen: 22
118.91.179.0/24 maxlen: 24
118.91.188.0/24 maxlen: 24
202.14.177.0/24 maxlen: 24
202.62.240.0/22 maxlen: 22
202.73.30.0/23 maxlen: 23
203.14.201.0/24 maxlen: 24
203.18.242.0/23 maxlen: 23
203.22.206.0/24 maxlen: 24
203.23.53.0/24 maxlen: 24
203.24.148.0/23 maxlen: 23
203.28.160.0/24 maxlen: 24
203.29.91.0/24 maxlen: 24
203.32.98.0/23 maxlen: 23
203.33.103.0/24 maxlen: 24
203.55.150.0/24 maxlen: 24
203.56.119.0/24 maxlen: 24
203.57.252.0/24 maxlen: 24
203.168.216.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/n2T-UJklN_sLQOUvnPrDEMonGRg.crl
rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/n2T-UJklN_sLQOUvnPrDEMonGRg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n2T-UJklN_sLQOUvnPrDEMonGRg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 26 Jul 2025 03:11:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 503 (0x1f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A57F8, serialNumber=9F64FE50992537FB0B40E52F9CFAC310CA271918
Validity
Not Before: Jul 16 00:25:44 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=6876f187-1c06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:82:6b:ff:be:56:73:48:2a:6b:4c:c2:e5:3a:
82:76:68:30:30:8a:f8:22:cf:28:43:02:51:5f:82:
e1:4d:e6:5f:dd:e3:86:e3:99:55:94:07:de:27:21:
e1:61:ac:1f:97:53:2e:97:39:86:5a:a9:3b:c5:9b:
be:30:67:b7:c5:b2:0f:35:b4:5f:85:a1:ff:3c:3b:
5e:7c:90:f0:9e:cc:7d:c8:5e:eb:01:6d:bc:7b:57:
8b:69:63:0f:f1:5d:b4:58:24:cf:5b:ea:90:52:15:
c3:85:b1:3a:32:57:93:94:1c:fc:be:d8:5e:65:27:
7a:b7:e4:54:53:da:00:41:ca:84:56:e3:5d:df:45:
91:02:86:0b:2f:e2:58:28:0c:80:63:28:c0:e3:e1:
8a:14:72:52:52:11:a6:f3:d9:44:99:b0:b0:ee:f7:
94:f6:da:a6:af:3f:4e:f0:4e:90:84:11:13:8b:35:
8d:51:59:7a:57:5c:1a:3c:39:0a:5e:f8:fc:be:2f:
4b:83:6a:e8:09:9c:dd:4d:0b:17:d4:bc:e5:43:89:
f4:c2:1d:46:c2:26:3d:2b:21:3c:23:f5:5c:ba:70:
3f:de:ef:07:00:f6:a5:8f:7a:7b:dd:ed:36:4a:84:
52:c0:c5:f7:8a:53:26:da:ab:d5:f7:b7:dd:a0:91:
8c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:7B:E0:30:B9:83:AB:9E:62:A0:44:CA:2C:A2:BE:96:A9:D3:45:C2
X509v3 Authority Key Identifier:
keyid:9F:64:FE:50:99:25:37:FB:0B:40:E5:2F:9C:FA:C3:10:CA:27:19:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/n2T-UJklN_sLQOUvnPrDEMonGRg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n2T-UJklN_sLQOUvnPrDEMonGRg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/A508D320BBC711ED8DF23C40C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.117.166.0/23
103.117.228.0/22
103.134.20.0/22
103.196.240.0/22
103.209.12.0/22
118.91.179.0/24
118.91.188.0/24
202.14.177.0/24
202.62.240.0/22
202.73.30.0/23
203.14.201.0/24
203.18.242.0/23
203.22.206.0/24
203.23.53.0/24
203.24.148.0/23
203.28.160.0/24
203.29.91.0/24
203.32.98.0/23
203.33.103.0/24
203.55.150.0/24
203.56.119.0/24
203.57.252.0/24
203.168.216.0/22
Signature Algorithm: sha256WithRSAEncryption
63:dc:17:d4:10:82:2e:02:d5:91:09:83:0a:5c:c5:ef:b2:77:
2b:bf:1c:1f:3e:4f:71:3e:b6:d9:00:a6:cd:b9:8c:58:30:6b:
37:60:8f:f0:83:d9:f9:3e:9a:f4:5f:00:2b:8a:4a:8a:2c:75:
eb:99:eb:73:e2:a5:ee:af:8a:78:af:8e:ab:d6:b4:8b:83:f0:
de:c2:37:05:58:61:c9:94:40:f7:0e:0d:29:6f:5f:73:c6:d1:
27:fa:e1:bb:76:76:e6:d1:a7:49:d9:90:a3:c7:8a:62:a2:14:
1d:6e:a0:e2:ae:cb:6b:9e:37:52:1e:f9:84:5d:d8:b9:9f:8b:
85:bf:df:d3:ac:2b:90:c0:c3:2e:ba:81:b8:53:04:b2:7a:80:
b7:5d:df:c0:44:d2:2f:58:86:32:e8:7a:d0:ab:0a:3b:3b:67:
33:d4:77:9f:07:f5:55:9f:87:6c:85:1e:a2:e1:fd:69:1c:ce:
6c:2f:f9:da:26:ba:8e:8a:c4:cf:c9:81:fb:98:fc:0a:b0:87:
ef:03:9e:6b:09:5c:8b:3e:5c:18:98:13:bc:06:a5:64:1e:f5:
68:01:5b:5a:f5:e9:15:dc:12:e1:1e:0a:e7:5f:17:02:dc:5a:
ec:c1:31:e8:16:22:80:55:e8:a4:4f:e1:d9:2e:4e:40:93:d2:
72:8c:d3:8b
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgICAfcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU3RjgxMTAvBgNVBAUTKDlGNjRGRTUwOTkyNTM3RkIwQjQwRTUyRjlDRkFDMzEw
Q0EyNzE5MTgwHhcNMjUwNzE2MDAyNTQ0WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02ODc2ZjE4Ny0xYzA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAkYJr/75Wc0gqa0zC5TqCdmgwMIr4Is8oQwJRX4LhTeZf3eOG45lVlAfeJyHh
Yawfl1MulzmGWqk7xZu+MGe3xbIPNbRfhaH/PDtefJDwnsx9yF7rAW28e1eLaWMP
8V20WCTPW+qQUhXDhbE6MleTlBz8vtheZSd6t+RUU9oAQcqEVuNd30WRAoYLL+JY
KAyAYyjA4+GKFHJSUhGm89lEmbCw7veU9tqmrz9O8E6QhBETizWNUVl6V1waPDkK
Xvj8vi9Lg2roCZzdTQsX1LzlQ4n0wh1GwiY9KyE8I/VcunA/3u8HAPalj3p73e02
SoRSwMX3ilMm2qvV97fdoJGM9wIDAQABo4IDHjCCAxowHQYDVR0OBBYEFCN74DC5
g6ueYqBEyiyivpap00XCMB8GA1UdIwQYMBaAFJ9k/lCZJTf7C0DlL5z6wxDKJxkY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTdGOC8zNDUwOTQwMEI5
NzUxMUVEODA0MERFMjJDNEY5QUUwMi9uMlQtVUprbE5fc0xRT1V2blByREVNb25H
UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL24yVC1VSmtsTl9zTFFPVXZuUHJERU1vbkdSZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU3RjgvMzQ1MDk0MDBCOTc1MTFFRDgwNDBERTIyQzRGOUFFMDIvQTUwOEQzMjBC
QkM3MTFFRDhERjIzQzQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgacGCCsGAQUFBwEHAQH/
BIGXMIGUMIGRBAIAATCBigMEAWd1pgMEAmd15AMEAmeGFAMEAmfE8AMEAmfRDAME
AHZbswMEAHZbvAMEAMoOsQMEAso+8AMEAcpJHgMEAMsOyQMEAcsS8gMEAMsWzgME
AMsXNQMEAcsYlAMEAMscoAMEAMsdWwMEAcsgYgMEAMshZwMEAMs3lgMEAMs4dwME
AMs5/AMEAsuo2DANBgkqhkiG9w0BAQsFAAOCAQEAY9wX1BCCLgLVkQmDClzF77J3
K78cHz5PcT622QCmzbmMWDBrN2CP8IPZ+T6a9F8AK4pKiix165nrc+Kl7q+KeK+O
q9a0i4Pw3sI3BVhhyZRA9w4NKW9fc8bRJ/rhu3Z25tGnSdmQo8eKYqIUHW6g4q7L
a543Uh75hF3YuZ+Lhb/f06wrkMDDLrqBuFMEsnqAt13fwETSL1iGMuh60KsKOztn
M9R3nwf1VZ+HbIUeouH9aRzObC/52ia6jorEz8mB+5j8CrCH7wOeawlciz5cGJgT
vAalZB71aAFbWvXpFdwS4R4K518XAtxa7MEx6BYigFXopE/h2S5OQJPScozTiw==
-----END CERTIFICATE-----
Generated at Sun Jul 20 07:38:34 2025 by rpki-client