Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/6EBD0E788EAA11EFA6C1D33AC4F9AE02.roa
File: 6EBD0E788EAA11EFA6C1D33AC4F9AE02.roa (raw, json)
Hash identifier: 2e+RyL+pYo7TPuAf13kfBjO78vN1YXd9Y/Om8d7N4Uc=
Subject key identifier: 99:96:F2:59:61:87:25:2F:E4:20:38:8A:CC:06:D0:60:0D:A1:8C:DF
Certificate issuer: /CN=A91E4463/serialNumber=771230A82EDBC27716AB3DC6A82FC5AEC45EEF67
Certificate serial: 0C68
Authority key identifier: 77:12:30:A8:2E:DB:C2:77:16:AB:3D:C6:A8:2F:C5:AE:C4:5E:EF:67
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dxIwqC7bwncWqz3GqC_FrsRe72c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/6EBD0E788EAA11EFA6C1D33AC4F9AE02.roa
Signing time: Sat 19 Jul 2025 07:16:56 +0000
ROA not before: Sat 19 Jul 2025 07:16:56 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 136224
IP address blocks: 103.84.36.0/22 maxlen: 22
103.84.36.0/23 maxlen: 23
103.84.36.0/24 maxlen: 24
103.84.37.0/24 maxlen: 24
103.84.38.0/23 maxlen: 23
103.84.38.0/24 maxlen: 24
103.84.39.0/24 maxlen: 24
113.212.108.0/22 maxlen: 22
113.212.108.0/23 maxlen: 23
113.212.108.0/24 maxlen: 24
113.212.109.0/24 maxlen: 24
113.212.110.0/23 maxlen: 23
113.212.110.0/24 maxlen: 24
113.212.111.0/24 maxlen: 24
2400:9940:5::/48 maxlen: 48
2400:9940:1000::/36 maxlen: 40
2400:9940:1000::/48 maxlen: 48
2400:9940:1001::/48 maxlen: 48
2400:9940:1002::/48 maxlen: 48
2400:9940:1003::/48 maxlen: 48
2400:9940:1004::/48 maxlen: 48
2400:9940:1100::/48 maxlen: 48
2400:9940:1101::/48 maxlen: 48
2400:9940:1102::/48 maxlen: 48
2400:9940:1103::/48 maxlen: 48
2400:9940:1104::/48 maxlen: 48
2400:9940:1200::/48 maxlen: 48
2400:9940:1201::/48 maxlen: 48
2400:9940:1202::/48 maxlen: 48
2400:9940:1203::/48 maxlen: 48
2400:9940:1204::/48 maxlen: 48
2400:9940:1300::/48 maxlen: 48
2400:9940:1301::/48 maxlen: 48
2400:9940:1302::/48 maxlen: 48
2400:9940:1303::/48 maxlen: 48
2400:9940:1304::/48 maxlen: 48
2400:9940:1400::/48 maxlen: 48
2400:9940:1401::/48 maxlen: 48
2400:9940:1402::/48 maxlen: 48
2400:9940:1403::/48 maxlen: 48
2400:9940:1404::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/dxIwqC7bwncWqz3GqC_FrsRe72c.crl
rsync://rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/dxIwqC7bwncWqz3GqC_FrsRe72c.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dxIwqC7bwncWqz3GqC_FrsRe72c.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 26 Jul 2025 07:28:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3176 (0xc68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4463, serialNumber=771230A82EDBC27716AB3DC6A82FC5AEC45EEF67
Validity
Not Before: Jul 19 07:16:56 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=687b4667-fe61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a3:dd:11:da:8a:a8:08:2f:15:fb:69:de:c6:
d1:39:52:2b:25:0d:33:c0:6c:93:c3:dc:d9:0a:a7:
4d:e9:64:2e:11:de:bd:d4:af:48:f7:f9:01:74:e6:
d4:4a:91:be:e3:cc:99:df:73:14:00:1d:2b:5b:08:
ed:eb:b8:02:e0:4c:ab:47:73:d2:b9:32:9e:51:6d:
75:08:50:94:a6:49:fa:4e:9f:fd:04:dd:6c:e8:ce:
76:c3:c4:05:7e:99:81:7c:cf:a4:27:65:06:c0:6c:
a2:97:43:4e:b5:8b:8e:85:b2:27:50:e7:52:ff:b5:
22:ee:1d:5b:fa:f4:2d:fd:1f:06:db:cd:30:f7:98:
f1:9f:f2:5b:f9:02:f7:a6:30:6b:bb:73:96:cc:92:
3d:fd:fc:41:ec:0c:e4:a6:d9:ff:05:8f:51:7f:14:
7c:02:79:1d:52:f1:0f:8e:fa:c8:2b:b6:66:f3:36:
ad:fd:47:97:3f:25:ca:1f:f4:ac:a3:90:2d:35:89:
21:db:41:fc:21:25:80:3b:15:27:11:6f:35:6c:c0:
34:1c:94:56:69:8c:49:e4:ac:49:12:48:ac:ac:3d:
0b:67:a6:97:15:ec:32:09:60:5d:ed:6e:03:9f:91:
54:82:97:c1:b7:2e:97:04:db:de:ae:b0:aa:2b:3d:
25:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:96:F2:59:61:87:25:2F:E4:20:38:8A:CC:06:D0:60:0D:A1:8C:DF
X509v3 Authority Key Identifier:
keyid:77:12:30:A8:2E:DB:C2:77:16:AB:3D:C6:A8:2F:C5:AE:C4:5E:EF:67
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/dxIwqC7bwncWqz3GqC_FrsRe72c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dxIwqC7bwncWqz3GqC_FrsRe72c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/6EBD0E788EAA11EFA6C1D33AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.84.36.0/22
113.212.108.0/22
IPv6:
2400:9940:5::/48
2400:9940:1000::/36
Signature Algorithm: sha256WithRSAEncryption
0d:fd:cd:3d:6f:db:ef:0c:fc:c4:da:e9:78:9f:3b:8d:36:e6:
54:f2:83:91:fb:a1:ec:4f:6a:92:bc:13:19:a1:a9:58:de:86:
e4:0b:e1:d5:3f:6d:19:b9:6b:b6:94:ae:3b:94:59:51:2e:3c:
2e:b1:84:5a:92:9e:1e:68:af:ed:78:fe:47:a5:f5:47:d1:6b:
c3:a2:99:67:73:b0:11:b2:04:8d:c7:e6:74:9c:36:4e:bf:d5:
f3:91:7c:8b:99:75:11:cf:01:44:98:f5:1a:35:61:a6:29:e7:
48:85:4d:d5:20:cc:9e:13:3a:b8:f1:15:b8:fe:38:26:25:3e:
96:b3:9f:34:63:e1:27:25:dd:5a:be:99:d0:bc:57:65:f8:49:
48:a3:82:8b:1d:ba:f6:ca:0c:49:4f:45:bc:a3:bf:43:b6:5f:
8e:02:8a:e7:02:61:40:f7:74:1b:90:86:a9:ad:70:39:cd:74:
81:5a:17:5c:c8:7b:1a:c0:03:0a:f1:64:cb:47:f7:b8:38:20:
6e:0e:54:e0:44:5a:fc:0b:5d:fb:4e:f1:de:dc:45:d0:d2:6f:
81:9a:97:23:e2:ba:bd:0a:3a:2c:95:52:d4:fa:05:76:b7:af:
46:e6:ac:3d:18:82:aa:c8:4b:8c:d9:37:43:f4:b8:33:94:f8:
6e:f3:75:b3
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgICDGgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTQ0NjMxMTAvBgNVBAUTKDc3MTIzMEE4MkVEQkMyNzcxNkFCM0RDNkE4MkZDNUFF
QzQ1RUVGNjcwHhcNMjUwNzE5MDcxNjU2WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODdiNDY2Ny1mZTYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApqPdEdqKqAgvFftp3sbROVIrJQ0zwGyTw9zZCqdN6WQuEd691K9I9/kBdObU
SpG+48yZ33MUAB0rWwjt67gC4EyrR3PSuTKeUW11CFCUpkn6Tp/9BN1s6M52w8QF
fpmBfM+kJ2UGwGyil0NOtYuOhbInUOdS/7Ui7h1b+vQt/R8G280w95jxn/Jb+QL3
pjBru3OWzJI9/fxB7Azkptn/BY9RfxR8AnkdUvEPjvrIK7Zm8zat/UeXPyXKH/Ss
o5AtNYkh20H8ISWAOxUnEW81bMA0HJRWaYxJ5KxJEkisrD0LZ6aXFewyCWBd7W4D
n5FUgpfBty6XBNverrCqKz0l6wIDAQABo4ICtDCCArAwHQYDVR0OBBYEFJmW8llh
hyUv5CA4iswG0GANoYzfMB8GA1UdIwQYMBaAFHcSMKgu28J3Fqs9xqgvxa7EXu9n
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNDQ2My9BNEQ0NDAwQzEz
OUYxMUVBQTY1ODI4NjBDNEY5QUUwMi9keEl3cUM3YnduY1dxejNHcUNfRnJzUmU3
MmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2R4SXdxQzdid25jV3F6M0dxQ19GcnNSZTcyYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTQ0NjMvQTRENDQwMEMxMzlGMTFFQUE2NTgyODYwQzRGOUFFMDIvNkVCRDBFNzg4
RUFBMTFFRkE2QzFEMzNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPgYIKwYBBQUHAQcBAf8E
LzAtMBIEAgABMAwDBAJnVCQDBAJx1GwwFwQCAAIwEQMHACQAmUAABQMGBCQAmUAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAN/c09b9vvDPzE2ul4nzuNNuZU8oOR+6HsT2qS
vBMZoalY3obkC+HVP20ZuWu2lK47lFlRLjwusYRakp4eaK/teP5HpfVH0WvDopln
c7ARsgSNx+Z0nDZOv9XzkXyLmXURzwFEmPUaNWGmKedIhU3VIMyeEzq48RW4/jgm
JT6Ws580Y+EnJd1avpnQvFdl+ElIo4KLHbr2ygxJT0W8o79Dtl+OAornAmFA93Qb
kIaprXA5zXSBWhdcyHsawAMK8WTLR/e4OCBuDlTgRFr8C137TvHe3EXQ0m+Bmpcj
4rq9CjoslVLU+gV2t69G5qw9GIKqyEuM2TdD9LgzlPhu83Wz
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:07:29 2025 by rpki-client