Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A654C/51A9EACC416011EB90874450C4F9AE02/0940732E0E6311EDB98DEA0DC4F9AE02.roa
File: 0940732E0E6311EDB98DEA0DC4F9AE02.roa (raw, json)
Hash identifier: EtYv33VoONviB5DogmNb9f2t5IayVZNNzvoHIml90Q8=
Subject key identifier: 0E:D4:B5:5A:71:89:DE:4E:ED:07:9B:C2:6B:BF:5B:D8:DB:BF:AB:62
Certificate issuer: /CN=A91A654C/serialNumber=5EA11C8A3A29E06973C1F121611D5A5C2A1B069D
Certificate serial: 0756
Authority key identifier: 5E:A1:1C:8A:3A:29:E0:69:73:C1:F1:21:61:1D:5A:5C:2A:1B:06:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XqEcijop4GlzwfEhYR1aXCobBp0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A654C/51A9EACC416011EB90874450C4F9AE02/0940732E0E6311EDB98DEA0DC4F9AE02.roa
Signing time: Fri 18 Jul 2025 06:36:50 +0000
ROA not before: Fri 18 Jul 2025 06:36:50 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 136969
IP address blocks: 103.12.196.0/24 maxlen: 24
103.12.197.0/24 maxlen: 24
103.12.198.0/24 maxlen: 24
103.12.199.0/24 maxlen: 24
103.73.100.0/24 maxlen: 24
103.73.101.0/24 maxlen: 24
103.73.102.0/24 maxlen: 24
103.73.103.0/24 maxlen: 24
103.125.176.0/24 maxlen: 24
103.125.177.0/24 maxlen: 24
103.125.178.0/24 maxlen: 24
103.125.179.0/24 maxlen: 24
103.150.208.0/23 maxlen: 23
103.150.208.0/24 maxlen: 24
103.150.209.0/24 maxlen: 24
103.151.236.0/24 maxlen: 24
103.151.237.0/24 maxlen: 24
2406:f480::/32 maxlen: 32
2406:f480::/64 maxlen: 64
2406:f480:0:1::/64 maxlen: 64
2406:f480:0:2::/64 maxlen: 64
2406:f480:0:3::/64 maxlen: 64
2406:f480:800::/38 maxlen: 38
2406:f480:2000::/35 maxlen: 35
2406:f480:8000::/35 maxlen: 35
2406:f480:8000::/64 maxlen: 64
2406:f480:8000:40::/64 maxlen: 64
2406:f480:8000:41::/64 maxlen: 64
2406:f480:8000:42::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A654C/51A9EACC416011EB90874450C4F9AE02/XqEcijop4GlzwfEhYR1aXCobBp0.crl
rsync://rpki.apnic.net/member_repository/A91A654C/51A9EACC416011EB90874450C4F9AE02/XqEcijop4GlzwfEhYR1aXCobBp0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XqEcijop4GlzwfEhYR1aXCobBp0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 25 Jul 2025 22:06:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1878 (0x756)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A654C, serialNumber=5EA11C8A3A29E06973C1F121611D5A5C2A1B069D
Validity
Not Before: Jul 18 06:36:50 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=6879eb81-3641
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:a6:24:7c:89:e8:0e:b1:31:d1:1e:d0:e4:f0:
4c:b0:29:3c:cf:66:b3:b5:dc:b7:ca:1e:0c:d9:ec:
86:6f:fa:cd:dc:16:8d:94:4b:c8:46:99:82:da:8d:
a6:cd:ec:7b:79:f3:e7:55:64:5d:49:6b:32:6f:52:
46:50:cb:95:9c:b6:08:bd:7e:2d:a2:a2:f4:ca:9c:
9b:23:cf:76:25:09:cf:a0:23:9a:46:2f:f9:7a:3a:
fe:65:63:1b:52:ad:22:04:c1:14:07:1a:ee:fe:9e:
b6:e5:6c:c5:f1:f8:b8:a5:75:fb:e2:ca:3b:97:89:
cd:c8:da:90:4f:45:30:a9:7f:df:fe:da:64:50:6d:
c1:75:76:b3:02:02:22:14:7f:6f:09:dc:83:e9:b3:
bb:54:48:ad:72:b7:b3:27:09:02:b4:73:91:ed:fa:
b4:32:dd:4e:1a:bd:07:13:1f:d9:59:1b:1f:5a:5f:
a3:bb:59:c6:74:32:7a:11:43:96:ae:d4:a2:af:74:
27:cb:77:21:ec:ff:98:59:d4:3a:90:e3:3e:01:b1:
ba:64:59:c6:03:9c:64:1d:97:b6:e7:0c:6f:89:95:
5e:64:83:5d:40:aa:2f:c2:38:28:2f:fc:1c:8e:9f:
87:07:80:89:ff:e1:b7:5c:62:6e:76:ef:14:4c:24:
85:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:D4:B5:5A:71:89:DE:4E:ED:07:9B:C2:6B:BF:5B:D8:DB:BF:AB:62
X509v3 Authority Key Identifier:
keyid:5E:A1:1C:8A:3A:29:E0:69:73:C1:F1:21:61:1D:5A:5C:2A:1B:06:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A654C/51A9EACC416011EB90874450C4F9AE02/XqEcijop4GlzwfEhYR1aXCobBp0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XqEcijop4GlzwfEhYR1aXCobBp0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A654C/51A9EACC416011EB90874450C4F9AE02/0940732E0E6311EDB98DEA0DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.12.196.0/22
103.73.100.0/22
103.125.176.0/22
103.150.208.0/23
103.151.236.0/23
IPv6:
2406:f480::/32
Signature Algorithm: sha256WithRSAEncryption
01:8a:71:92:86:dd:ae:df:42:42:5c:dd:94:2d:a6:ba:b4:d7:
89:8c:96:9b:84:7a:03:b5:af:91:7a:ba:ed:99:21:bc:c7:0d:
c7:14:62:63:b9:cd:cf:54:ff:b3:03:c2:f7:72:50:9c:4d:70:
2f:7c:57:cc:f7:02:19:e1:86:b9:09:45:c7:8a:27:5d:dc:f1:
ea:44:2b:68:b1:80:48:fe:69:55:5f:ac:1f:e8:1e:fe:3b:fb:
77:03:66:cb:70:19:38:a1:a1:2c:f8:67:28:72:18:80:03:ce:
59:bc:d1:a0:63:0c:d8:cb:ba:e7:c7:e8:e3:f3:04:d2:b2:3e:
93:5a:9e:8b:12:a0:15:86:f5:7e:96:c5:8a:01:c3:1d:1a:6d:
9c:f7:d0:0b:51:ca:19:99:c5:18:e7:66:1e:2c:5e:77:ce:9f:
9e:3b:5c:c4:0d:4c:12:82:57:3c:8c:a4:a2:80:4e:b3:db:9b:
49:44:8a:97:01:8f:f4:40:fd:80:3e:af:06:ca:a1:e0:00:43:
ac:17:c7:1d:c8:01:c0:26:fd:a6:9d:2f:21:dc:bf:e6:ec:34:
5a:1a:e8:ad:2e:c4:34:45:92:f2:64:29:5b:a6:0a:d9:58:64:
5f:a6:d1:d2:ee:f0:9e:e6:f9:ab:84:77:6d:de:4e:42:67:be:
f4:d9:79:34
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICB1YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTY1NEMxMTAvBgNVBAUTKDVFQTExQzhBM0EyOUUwNjk3M0MxRjEyMTYxMUQ1QTVD
MkExQjA2OUQwHhcNMjUwNzE4MDYzNjUwWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODc5ZWI4MS0zNjQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5qYkfInoDrEx0R7Q5PBMsCk8z2aztdy3yh4M2eyGb/rN3BaNlEvIRpmC2o2m
zex7efPnVWRdSWsyb1JGUMuVnLYIvX4toqL0ypybI892JQnPoCOaRi/5ejr+ZWMb
Uq0iBMEUBxru/p625WzF8fi4pXX74so7l4nNyNqQT0UwqX/f/tpkUG3BdXazAgIi
FH9vCdyD6bO7VEitcrezJwkCtHOR7fq0Mt1OGr0HEx/ZWRsfWl+ju1nGdDJ6EUOW
rtSir3Qny3ch7P+YWdQ6kOM+AbG6ZFnGA5xkHZe25wxviZVeZINdQKovwjgoL/wc
jp+HB4CJ/+G3XGJudu8UTCSF1QIDAQABo4ICvDCCArgwHQYDVR0OBBYEFA7UtVpx
id5O7Qebwmu/W9jbv6tiMB8GA1UdIwQYMBaAFF6hHIo6KeBpc8HxIWEdWlwqGwad
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNjU0Qy81MUE5RUFDQzQx
NjAxMUVCOTA4NzQ0NTBDNEY5QUUwMi9YcUVjaWpvcDRHbHp3ZkVoWVIxYVhDb2JC
cDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hxRWNpam9wNEdsendmRWhZUjFhWENvYkJwMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTY1NEMvNTFBOUVBQ0M0MTYwMTFFQjkwODc0NDUwQzRGOUFFMDIvMDk0MDczMkUw
RTYzMTFFREI5OERFQTBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAJnDMQDBAJnSWQDBAJnfbADBAFnltADBAFnl+wwDQQCAAIw
BwMFACQG9IAwDQYJKoZIhvcNAQELBQADggEBAAGKcZKG3a7fQkJc3ZQtprq014mM
lpuEegO1r5F6uu2ZIbzHDccUYmO5zc9U/7MDwvdyUJxNcC98V8z3AhnhhrkJRceK
J13c8epEK2ixgEj+aVVfrB/oHv47+3cDZstwGTihoSz4ZyhyGIADzlm80aBjDNjL
uufH6OPzBNKyPpNanosSoBWG9X6WxYoBwx0abZz30AtRyhmZxRjnZh4sXnfOn547
XMQNTBKCVzyMpKKATrPbm0lEipcBj/RA/YA+rwbKoeAAQ6wXxx3IAcAm/aadLyHc
v+bsNFoa6K0uxDRFkvJkKVumCtlYZF+m0dLu8J7m+auEd23eTkJnvvTZeTQ=
-----END CERTIFICATE-----
Generated at Sun Jul 20 16:35:58 2025 by rpki-client