Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA2D5/5F861EE6B89A11E3B4AC7E785911EA32/DE61D0DC2A7311F08DDC6D17C4F9AE02.roa
File: DE61D0DC2A7311F08DDC6D17C4F9AE02.roa (raw, json)
Hash identifier: EH3KOVhO+p9xGSMvIHUrJUleuaQ1FPNW3sUdbyMtTPc=
Subject key identifier: D4:00:87:F0:A4:49:C6:A1:AD:A3:7B:13:AC:FD:4A:02:55:7E:FF:37
Certificate issuer: /CN=A91DA2D5/serialNumber=3C1C877347EE82729636AF0F3A375D391090F921
Certificate serial: 2CF1
Authority key identifier: 3C:1C:87:73:47:EE:82:72:96:36:AF:0F:3A:37:5D:39:10:90:F9:21
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PByHc0fugnKWNq8POjddORCQ-SE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DA2D5/5F861EE6B89A11E3B4AC7E785911EA32/DE61D0DC2A7311F08DDC6D17C4F9AE02.roa
Signing time: Mon 07 Jul 2025 10:03:33 +0000
ROA not before: Mon 07 Jul 2025 10:03:33 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 58717
IP address blocks: 43.245.140.0/22 maxlen: 22
43.245.140.0/22 maxlen: 24
43.245.140.0/23 maxlen: 23
43.245.140.0/24 maxlen: 24
43.245.141.0/24 maxlen: 24
43.245.142.0/23 maxlen: 23
43.245.142.0/24 maxlen: 24
43.245.143.0/24 maxlen: 24
103.15.244.0/22 maxlen: 24
103.15.246.64/26 maxlen: 26
103.75.238.0/23 maxlen: 24
103.96.68.0/23 maxlen: 24
103.96.70.0/23 maxlen: 24
103.108.144.0/22 maxlen: 24
103.199.84.0/22 maxlen: 24
103.242.216.0/24 maxlen: 24
103.242.217.0/24 maxlen: 24
103.242.218.0/23 maxlen: 24
144.48.148.0/23 maxlen: 23
144.48.148.0/24 maxlen: 24
144.48.149.0/24 maxlen: 24
2405:1500::/30 maxlen: 31
2405:1500::/32 maxlen: 32
2405:1500::/32 maxlen: 48
2405:1500::/48 maxlen: 48
2405:1500:11::/48 maxlen: 48
2405:1500:12::/48 maxlen: 48
2405:1500:13::/48 maxlen: 48
2405:1500:30::/48 maxlen: 48
2405:1500:37::/48 maxlen: 48
2405:1500:40::/48 maxlen: 48
2405:1500:41::/48 maxlen: 48
2405:1500:42::/48 maxlen: 48
2405:1500:45::/48 maxlen: 48
2405:1500:50::/48 maxlen: 48
2405:1500:52::/48 maxlen: 48
2405:1500:55::/48 maxlen: 48
2405:1500:56::/48 maxlen: 48
2405:1500:60::/48 maxlen: 48
2405:1500:70::/48 maxlen: 48
2405:1500:80::/48 maxlen: 48
2405:1500:82::/48 maxlen: 48
2405:1500:90::/48 maxlen: 48
2405:1500:92::/48 maxlen: 48
2405:1500:94::/48 maxlen: 48
2405:1500:97::/48 maxlen: 48
2405:1500:a1::/48 maxlen: 48
2405:1500:b0::/48 maxlen: 48
2405:1500:b1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91DA2D5/5F861EE6B89A11E3B4AC7E785911EA32/PByHc0fugnKWNq8POjddORCQ-SE.crl
rsync://rpki.apnic.net/member_repository/A91DA2D5/5F861EE6B89A11E3B4AC7E785911EA32/PByHc0fugnKWNq8POjddORCQ-SE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PByHc0fugnKWNq8POjddORCQ-SE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 02 Aug 2025 15:33:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11505 (0x2cf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DA2D5, serialNumber=3C1C877347EE82729636AF0F3A375D391090F921
Validity
Not Before: Jul 7 10:03:33 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=686b9b75-7e3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:de:92:48:9a:f8:20:9e:33:d2:bf:95:7b:20:
5b:c0:eb:4f:61:0b:c7:66:25:28:2f:de:6b:2c:fd:
d3:34:c8:a4:58:9a:dd:3c:eb:e5:91:81:eb:ae:5f:
66:aa:ca:52:9b:6c:19:6b:69:70:d3:f7:6a:20:83:
b8:38:2b:72:99:df:30:a6:c9:44:25:aa:31:11:4a:
13:8a:9c:85:6c:c3:f8:16:55:a3:da:5a:da:89:00:
37:6c:b3:79:53:6d:da:8c:01:0f:20:fc:3b:12:35:
03:17:14:6c:9d:a0:2e:ff:88:50:21:a1:3f:f2:f1:
36:a2:f4:55:15:27:e3:de:ac:59:eb:11:c4:a1:cf:
86:a3:0c:43:f5:0b:e4:43:61:e6:1e:dd:8c:ec:b6:
de:99:37:86:7d:ef:46:05:76:80:74:de:dd:14:d0:
33:4b:fd:7a:d9:a3:0f:a5:f0:91:30:65:3d:56:48:
c7:a3:59:a4:61:fb:cb:13:02:0c:be:40:d9:f3:ab:
e9:7d:a2:0b:3e:36:ba:70:05:0d:96:18:72:35:93:
96:c1:77:49:ea:5a:2e:e6:02:b2:84:1e:98:19:e5:
3a:a0:ce:1e:2b:13:72:b4:27:6d:bd:65:7e:25:77:
71:50:f0:42:11:8d:c1:8d:6f:a1:84:c0:a3:c6:be:
fe:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:00:87:F0:A4:49:C6:A1:AD:A3:7B:13:AC:FD:4A:02:55:7E:FF:37
X509v3 Authority Key Identifier:
keyid:3C:1C:87:73:47:EE:82:72:96:36:AF:0F:3A:37:5D:39:10:90:F9:21
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DA2D5/5F861EE6B89A11E3B4AC7E785911EA32/PByHc0fugnKWNq8POjddORCQ-SE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PByHc0fugnKWNq8POjddORCQ-SE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA2D5/5F861EE6B89A11E3B4AC7E785911EA32/DE61D0DC2A7311F08DDC6D17C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.245.140.0/22
103.15.244.0/22
103.75.238.0/23
103.96.68.0/22
103.108.144.0/22
103.199.84.0/22
103.242.216.0/22
144.48.148.0/23
IPv6:
2405:1500::/30
Signature Algorithm: sha256WithRSAEncryption
9f:04:e3:17:5d:10:f5:1a:51:d8:c9:e3:2f:e5:79:03:71:6d:
b5:6f:19:f2:b6:fa:22:12:16:4d:d6:d1:30:2a:63:32:09:8d:
3d:a3:74:bf:ed:c3:b0:31:b2:78:ff:d5:48:96:ff:38:64:d1:
d0:3f:25:8e:65:a6:21:29:0d:65:de:c1:13:ad:18:96:ef:f6:
e6:19:7b:f0:f1:a0:29:77:54:70:7c:bf:6e:ef:24:43:b4:00:
fc:2b:7c:e2:d5:54:a0:7a:2b:6f:5c:b5:40:62:82:ac:c2:bd:
d3:ae:5e:2f:ba:b0:49:4e:87:5b:79:4a:f9:33:4f:e4:b1:fd:
5e:ba:59:08:5c:df:16:18:20:a2:46:bc:ad:bd:dd:55:ff:b0:
eb:cc:65:3f:e7:79:80:25:71:a4:a9:75:93:af:4b:5f:fc:0f:
ef:ec:1b:51:b7:b6:ab:b4:30:75:26:ff:b8:29:29:01:d8:ba:
d6:ce:cd:59:71:01:c0:60:09:f7:29:d8:37:d3:ac:5b:00:51:
d1:af:c8:a9:8a:74:89:3d:7a:a0:46:a6:85:50:2b:b2:8f:30:
57:6d:9c:c8:75:63:64:56:3d:54:e1:dd:1d:94:1c:96:e7:56:
50:65:e6:8a:79:5b:70:56:24:35:95:32:12:b6:ca:18:36:75:
2b:93:3c:09
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgICLPEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REEyRDUxMTAvBgNVBAUTKDNDMUM4NzczNDdFRTgyNzI5NjM2QUYwRjNBMzc1RDM5
MTA5MEY5MjEwHhcNMjUwNzA3MTAwMzMzWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODZiOWI3NS03ZTNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1t6SSJr4IJ4z0r+VeyBbwOtPYQvHZiUoL95rLP3TNMikWJrdPOvlkYHrrl9m
qspSm2wZa2lw0/dqIIO4OCtymd8wpslEJaoxEUoTipyFbMP4FlWj2lraiQA3bLN5
U23ajAEPIPw7EjUDFxRsnaAu/4hQIaE/8vE2ovRVFSfj3qxZ6xHEoc+GowxD9Qvk
Q2HmHt2M7LbemTeGfe9GBXaAdN7dFNAzS/162aMPpfCRMGU9VkjHo1mkYfvLEwIM
vkDZ86vpfaILPja6cAUNlhhyNZOWwXdJ6lou5gKyhB6YGeU6oM4eKxNytCdtvWV+
JXdxUPBCEY3BjW+hhMCjxr7+SQIDAQABo4ICzjCCAsowHQYDVR0OBBYEFNQAh/Ck
ScahraN7E6z9SgJVfv83MB8GA1UdIwQYMBaAFDwch3NH7oJyljavDzo3XTkQkPkh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTJENS81Rjg2MUVFNkI4
OUExMUUzQjRBQzdFNzg1OTExRUEzMi9QQnlIYzBmdWduS1dOcThQT2pkZE9SQ1Et
U0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BCeUhjMGZ1Z25LV05xOFBPamRkT1JDUS1TRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REEyRDUvNUY4NjFFRTZCODlBMTFFM0I0QUM3RTc4NTkxMUVBMzIvREU2MUQwREMy
QTczMTFGMDhEREM2RDE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWAYIKwYBBQUHAQcBAf8E
STBHMDYEAgABMDADBAIr9YwDBAJnD/QDBAFnS+4DBAJnYEQDBAJnbJADBAJnx1QD
BAJn8tgDBAGQMJQwDQQCAAIwBwMFAiQFFQAwDQYJKoZIhvcNAQELBQADggEBAJ8E
4xddEPUaUdjJ4y/leQNxbbVvGfK2+iISFk3W0TAqYzIJjT2jdL/tw7Axsnj/1UiW
/zhk0dA/JY5lpiEpDWXewROtGJbv9uYZe/DxoCl3VHB8v27vJEO0APwrfOLVVKB6
K29ctUBigqzCvdOuXi+6sElOh1t5SvkzT+Sx/V66WQhc3xYYIKJGvK293VX/sOvM
ZT/neYAlcaSpdZOvS1/8D+/sG1G3tqu0MHUm/7gpKQHYutbOzVlxAcBgCfcp2DfT
rFsAUdGvyKmKdIk9eqBGpoVQK7KPMFdtnMh1Y2RWPVTh3R2UHJbnVlBl5op5W3BW
JDWVMhK2yhg2dSuTPAk=
-----END CERTIFICATE-----
Generated at Sat Jul 26 19:51:48 2025 by rpki-client