Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/93933F8EB8E311EF94962C19C4F9AE02.roa
File: 93933F8EB8E311EF94962C19C4F9AE02.roa (raw, json)
Hash identifier: 79gBJkdJcqVlhvGhOBMwK3PQXe8dmykFHNHUWExFzEw=
Subject key identifier: B0:C3:7E:AD:8E:CF:76:A2:0F:88:98:08:E5:5E:6D:DA:CF:62:AA:13
Certificate issuer: /CN=A913900D/serialNumber=C603786D55A904124E7592EED2899EF578921100
Certificate serial: 7DAD
Authority key identifier: C6:03:78:6D:55:A9:04:12:4E:75:92:EE:D2:89:9E:F5:78:92:11:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xgN4bVWpBBJOdZLu0ome9XiSEQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/93933F8EB8E311EF94962C19C4F9AE02.roa
Signing time: Tue 02 Sep 2025 17:36:24 +0000
ROA not before: Tue 02 Sep 2025 17:36:24 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 3949
IP address blocks: 103.13.83.144/29 maxlen: 29
103.13.83.152/29 maxlen: 29
103.13.83.160/29 maxlen: 29
103.13.83.161/32 maxlen: 32
202.68.66.76/30 maxlen: 30
202.68.67.48/29 maxlen: 29
202.68.68.0/26 maxlen: 26
202.68.68.96/27 maxlen: 27
202.68.68.96/28 maxlen: 28
202.68.68.112/28 maxlen: 28
202.68.68.192/26 maxlen: 26
202.68.68.192/27 maxlen: 27
202.68.68.224/27 maxlen: 27
202.68.69.0/27 maxlen: 27
202.68.69.32/29 maxlen: 29
202.68.69.48/28 maxlen: 28
202.68.69.64/27 maxlen: 28
202.68.69.68/30 maxlen: 30
202.68.69.96/28 maxlen: 28
202.68.69.128/25 maxlen: 25
202.68.72.0/24 maxlen: 24
202.68.73.88/29 maxlen: 29
202.68.73.192/27 maxlen: 27
202.68.74.32/29 maxlen: 29
202.68.74.96/28 maxlen: 28
202.68.74.112/28 maxlen: 28
202.68.74.156/30 maxlen: 30
202.68.74.208/28 maxlen: 28
202.68.75.64/28 maxlen: 28
202.68.75.80/28 maxlen: 28
202.68.75.240/28 maxlen: 28
202.68.79.0/24 maxlen: 24
202.68.79.0/25 maxlen: 25
202.68.79.128/25 maxlen: 25
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/xgN4bVWpBBJOdZLu0ome9XiSEQA.crl
rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/xgN4bVWpBBJOdZLu0ome9XiSEQA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xgN4bVWpBBJOdZLu0ome9XiSEQA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 18 Sep 2025 22:49:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32173 (0x7dad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913900D, serialNumber=C603786D55A904124E7592EED2899EF578921100
Validity
Not Before: Sep 2 17:36:24 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=68b72b17-f7ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:15:77:c8:4f:39:2f:10:1a:0a:1a:f9:be:a5:
91:7e:ce:f9:d0:89:f6:79:e4:2b:a2:a3:26:04:73:
db:a3:2a:bd:28:b1:be:de:76:6d:89:0f:3c:08:52:
26:25:75:07:97:57:8a:c3:8c:d3:7f:84:54:71:1d:
6b:99:f4:d1:92:2b:a3:13:54:23:54:d7:d5:a9:f1:
f3:70:9d:a9:77:e2:cc:7e:30:4a:48:0e:63:19:e7:
03:65:26:d9:07:49:7e:b2:7e:af:77:82:aa:1e:25:
df:13:1d:7f:34:a0:02:7b:ed:34:d2:92:6c:9a:06:
c4:2b:bd:d4:a6:c6:b6:fc:70:24:95:c7:f7:cc:0b:
78:9a:30:8d:80:68:4c:be:e4:60:51:93:30:13:0a:
55:28:a2:b0:25:9f:77:81:a5:48:3e:7a:a2:36:97:
22:24:94:a3:3c:0d:c5:0e:90:34:8b:a8:5d:10:c9:
f2:01:3e:f3:7b:44:0d:f4:ce:aa:0d:fa:47:fa:89:
c6:2c:49:52:31:9f:96:37:46:2b:27:df:76:0f:b4:
53:6e:27:43:13:4f:8a:8f:f5:f6:35:33:82:b5:5d:
96:52:f4:52:81:91:bf:92:66:3e:3f:24:f2:82:1e:
b5:24:b6:5c:3c:44:22:49:17:ea:0b:5d:d2:87:1e:
f5:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:C3:7E:AD:8E:CF:76:A2:0F:88:98:08:E5:5E:6D:DA:CF:62:AA:13
X509v3 Authority Key Identifier:
keyid:C6:03:78:6D:55:A9:04:12:4E:75:92:EE:D2:89:9E:F5:78:92:11:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/xgN4bVWpBBJOdZLu0ome9XiSEQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xgN4bVWpBBJOdZLu0ome9XiSEQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/93933F8EB8E311EF94962C19C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.13.83.144-103.13.83.167
202.68.66.76/30
202.68.67.48/29
202.68.68.0/26
202.68.68.96/27
202.68.68.192-202.68.69.39
202.68.69.48-202.68.69.111
202.68.69.128/25
202.68.72.0/24
202.68.73.88/29
202.68.73.192/27
202.68.74.32/29
202.68.74.96/27
202.68.74.156/30
202.68.74.208/28
202.68.75.64/27
202.68.75.240/28
202.68.79.0/24
Signature Algorithm: sha256WithRSAEncryption
85:56:30:4a:a4:e6:c2:f5:e0:89:d0:d4:02:d3:34:1b:e7:ea:
f7:91:e7:b1:c2:d3:73:7e:2a:8b:c6:75:e1:ff:85:8f:b5:2b:
d2:b7:8f:df:a9:2e:72:df:b6:e7:bb:00:52:bd:5e:36:bd:f9:
02:6c:d1:35:15:45:47:23:97:bf:e0:d7:ee:17:64:2c:22:86:
98:e8:98:7f:39:69:f6:b8:9a:74:e7:01:e9:e3:83:6a:8e:26:
ee:26:7e:cc:ec:dc:03:74:ee:42:0b:4c:c1:8f:e6:29:ad:1f:
f1:dd:bb:58:7f:6e:a1:7a:91:f3:70:b8:51:ee:c4:08:b8:84:
ce:b6:62:2f:eb:c7:48:44:38:74:51:f3:69:2e:c8:a4:60:1f:
b5:9d:d0:44:53:14:bb:2d:3c:49:d8:72:de:26:9a:3b:b5:11:
11:65:55:6a:2b:6f:78:53:50:c8:d0:90:0c:b7:4b:55:e6:cd:
d8:b4:f8:22:09:60:aa:0d:c1:4c:6f:ec:35:84:3d:fa:1e:4c:
27:88:63:fb:3e:72:16:60:71:e8:82:59:99:58:3c:25:be:53:
a0:42:ec:68:33:3a:ba:71:2f:7e:ea:69:90:70:77:81:91:be:
c0:e7:55:84:ad:20:6b:34:4e:09:71:2d:4a:1f:53:2f:2c:c5:
a3:f8:3a:17
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgICfa0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkwMEQxMTAvBgNVBAUTKEM2MDM3ODZENTVBOTA0MTI0RTc1OTJFRUQyODk5RUY1
Nzg5MjExMDAwHhcNMjUwOTAyMTczNjI0WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGI3MmIxNy1mN2VmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0BV3yE85LxAaChr5vqWRfs750In2eeQroqMmBHPboyq9KLG+3nZtiQ88CFIm
JXUHl1eKw4zTf4RUcR1rmfTRkiujE1QjVNfVqfHzcJ2pd+LMfjBKSA5jGecDZSbZ
B0l+sn6vd4KqHiXfEx1/NKACe+000pJsmgbEK73Upsa2/HAklcf3zAt4mjCNgGhM
vuRgUZMwEwpVKKKwJZ93gaVIPnqiNpciJJSjPA3FDpA0i6hdEMnyAT7ze0QN9M6q
DfpH+onGLElSMZ+WN0YrJ992D7RTbidDE0+Kj/X2NTOCtV2WUvRSgZG/kmY+PyTy
gh61JLZcPEQiSRfqC13Shx71wQIDAQABo4IDKzCCAycwHQYDVR0OBBYEFLDDfq2O
z3aiD4iYCOVebdrPYqoTMB8GA1UdIwQYMBaAFMYDeG1VqQQSTnWS7tKJnvV4khEA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTAwRC9GQ0RDRDNBMEFD
OUQxMUU4OTJDREFEMERDNEY5QUUwMi94Z040YlZXcEJCSk9kWkx1MG9tZTlYaVNF
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hnTjRiVldwQkJKT2RaTHUwb21lOVhpU0VRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkwMEQvRkNEQ0QzQTBBQzlEMTFFODkyQ0RBRDBEQzRGOUFFMDIvOTM5MzNGOEVC
OEUzMTFFRjk0OTYyQzE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbQGCCsGAQUFBwEHAQH/
BIGkMIGhMIGeBAIAATCBlzAOAwUEZw1TkAMFA2cNU6ADBQLKREJMAwUDykRDMAMF
BspERAADBQXKRERgMA4DBQbKRETAAwUDykRFIDAOAwUEykRFMAMFBMpERWADBQfK
REWAAwQAykRIAwUDykRJWAMFBcpEScADBQPKREogAwUFykRKYAMFAspESpwDBQTK
RErQAwUFykRLQAMFBMpES/ADBADKRE8wDQYJKoZIhvcNAQELBQADggEBAIVWMEqk
5sL14InQ1ALTNBvn6veR57HC03N+KovGdeH/hY+1K9K3j9+pLnLftue7AFK9Xja9
+QJs0TUVRUcjl7/g1+4XZCwihpjomH85afa4mnTnAenjg2qOJu4mfszs3AN07kIL
TMGP5imtH/Hdu1h/bqF6kfNwuFHuxAi4hM62Yi/rx0hEOHRR82kuyKRgH7Wd0ERT
FLstPEnYct4mmju1ERFlVWorb3hTUMjQkAy3S1Xmzdi0+CIJYKoNwUxv7DWEPfoe
TCeIY/s+chZgceiCWZlYPCW+U6BC7GgzOrpxL37qaZBwd4GRvsDnVYStIGs0Tglx
LUofUy8sxaP4Ohc=
-----END CERTIFICATE-----
Generated at Sun Sep 14 01:00:58 2025 by rpki-client