Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/8F75257455E911E9AE112D6CC4F9AE02.roa
File: 8F75257455E911E9AE112D6CC4F9AE02.roa (raw, json)
Hash identifier: thEUPRHmxogbvRJ6Y3FkP32LyqLTW2o8NNUuKxB2tbk=
Subject key identifier: B4:68:8D:66:6B:A1:93:C6:CA:35:31:F7:33:59:91:EC:8E:44:99:9A
Certificate issuer: /CN=A914BE96/serialNumber=FE4B2E54F180C809AF1EC99E9A7C7E2732D9DDA6
Certificate serial: 0FD6
Authority key identifier: FE:4B:2E:54:F1:80:C8:09:AF:1E:C9:9E:9A:7C:7E:27:32:D9:DD:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_ksuVPGAyAmvHsmemnx-JzLZ3aY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/8F75257455E911E9AE112D6CC4F9AE02.roa
Signing time: Mon 26 May 2025 17:49:13 +0000
ROA not before: Mon 26 May 2025 17:49:13 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 136531
IP address blocks: 103.91.228.0/22 maxlen: 22
103.91.228.0/24 maxlen: 24
103.91.229.0/24 maxlen: 24
103.91.230.0/24 maxlen: 24
103.91.231.0/24 maxlen: 24
2401:14c0::/32 maxlen: 32
2401:14c0:1::/48 maxlen: 48
2401:14c0:2::/48 maxlen: 48
2401:14c0:3::/48 maxlen: 48
2401:14c0:4::/48 maxlen: 48
2401:14c0:5::/48 maxlen: 48
2401:14c0:6::/48 maxlen: 48
2401:14c0:7::/48 maxlen: 48
2401:14c0:8::/48 maxlen: 48
2401:14c0:9::/48 maxlen: 48
2401:14c0:a::/48 maxlen: 48
2401:14c0:b::/48 maxlen: 48
2401:14c0:c::/48 maxlen: 48
2401:14c0:d::/48 maxlen: 48
2401:14c0:e::/48 maxlen: 48
2401:14c0:f::/48 maxlen: 48
2401:14c0:10::/48 maxlen: 48
2401:14c0:11::/48 maxlen: 48
2401:14c0:12::/48 maxlen: 48
2401:14c0:13::/48 maxlen: 48
2401:14c0:14::/48 maxlen: 48
2401:14c0:15::/48 maxlen: 48
2401:14c0:16::/48 maxlen: 48
2401:14c0:21::/48 maxlen: 48
2401:14c0:2a::/48 maxlen: 48
2401:14c0:2c::/48 maxlen: 48
2401:14c0:2d::/48 maxlen: 48
2401:14c0:4a::/48 maxlen: 48
2401:14c0:8a::/48 maxlen: 48
2401:14c0:8b::/48 maxlen: 48
2401:14c0:8c::/48 maxlen: 48
2401:14c0:8d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/_ksuVPGAyAmvHsmemnx-JzLZ3aY.crl
rsync://rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/_ksuVPGAyAmvHsmemnx-JzLZ3aY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_ksuVPGAyAmvHsmemnx-JzLZ3aY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Jun 2025 17:41:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4054 (0xfd6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914BE96, serialNumber=FE4B2E54F180C809AF1EC99E9A7C7E2732D9DDA6
Validity
Not Before: May 26 17:49:13 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=6834a999-4c0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:6e:5f:40:d5:8d:98:ea:da:74:c1:ea:26:32:
4b:6a:fe:fb:39:29:ea:a1:9c:0b:d7:aa:e0:cb:1f:
6e:90:05:17:0f:b1:ef:ca:5d:95:ec:a5:f8:66:c2:
6e:7b:99:c1:b2:47:73:95:0d:c5:78:92:b8:4a:70:
6d:8e:d0:3b:05:0d:3d:cc:5a:59:d2:75:a8:0e:30:
3a:b7:5a:8b:d6:26:49:e0:09:dd:eb:95:d7:92:6b:
92:0d:c0:38:6f:0a:a0:9d:6a:50:e2:93:ba:90:ad:
f5:82:d9:7b:c7:3d:ea:7d:bd:49:5b:cc:15:45:f8:
b8:10:17:cd:49:e6:45:59:a9:77:35:74:49:73:ca:
c0:16:58:97:a5:53:77:e6:94:2f:ff:68:dd:25:c2:
b9:53:19:df:50:fd:8a:21:42:26:f4:50:d8:fc:ec:
69:4f:57:1d:50:c2:dc:b9:0d:48:d3:55:e4:fe:df:
bb:6d:25:d3:9f:71:26:72:6d:2e:06:ec:d8:fe:41:
6b:c0:4e:6e:ff:a2:af:80:45:b3:c2:0a:14:cc:ec:
a6:1b:e1:eb:b4:75:b4:38:76:00:8c:b1:5e:0d:e9:
bf:5d:86:65:9a:38:04:69:59:4f:b3:e9:54:e9:d7:
ba:ff:91:7f:32:af:a4:8d:89:a9:7d:d8:8a:89:fa:
7d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:68:8D:66:6B:A1:93:C6:CA:35:31:F7:33:59:91:EC:8E:44:99:9A
X509v3 Authority Key Identifier:
keyid:FE:4B:2E:54:F1:80:C8:09:AF:1E:C9:9E:9A:7C:7E:27:32:D9:DD:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/_ksuVPGAyAmvHsmemnx-JzLZ3aY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_ksuVPGAyAmvHsmemnx-JzLZ3aY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/8F75257455E911E9AE112D6CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.91.228.0/22
IPv6:
2401:14c0::/32
Signature Algorithm: sha256WithRSAEncryption
51:71:5f:39:27:aa:bb:63:3c:69:61:24:24:9f:4e:ac:30:51:
6d:0c:40:2f:7d:02:7a:c4:93:01:c0:5c:a4:37:5d:f8:dd:81:
6d:00:90:f3:ab:3e:17:b7:90:df:91:59:60:ce:7f:be:c2:20:
46:f7:e8:d7:da:40:58:e2:5d:63:a5:1b:83:12:7f:24:e0:42:
f4:b7:1c:34:ca:03:6c:dc:3f:17:a0:3e:57:44:14:25:cf:32:
e6:98:99:6c:94:3c:7e:5e:82:3a:3f:d9:d4:7b:b1:13:82:44:
6c:d2:20:96:38:e1:04:67:c9:d9:7a:59:e1:49:02:0e:77:d4:
e0:7c:7a:13:a8:8a:70:9d:e8:91:c9:bc:1a:47:3b:47:50:2d:
a6:8e:30:f0:88:10:fb:ae:24:6f:0c:17:09:af:6e:f6:22:ca:
2b:6e:37:f3:dd:5c:75:44:fc:0e:ce:98:5d:e3:f4:8d:b5:31:
01:16:5e:4b:1e:87:61:70:f2:25:36:b8:a7:85:78:c4:fd:f6:
49:6e:d0:f5:2d:95:42:e3:1a:de:4f:30:2a:be:04:34:c8:8f:
ec:91:d1:b2:32:25:93:f8:c1:04:6c:15:47:d7:41:1f:d7:74:
b3:36:91:fc:3d:db:28:6b:81:8d:b8:04:46:83:5e:a4:3d:fa:
40:22:77:45
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICD9YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEJFOTYxMTAvBgNVBAUTKEZFNEIyRTU0RjE4MEM4MDlBRjFFQzk5RTlBN0M3RTI3
MzJEOUREQTYwHhcNMjUwNTI2MTc0OTEzWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODM0YTk5OS00YzBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1m5fQNWNmOradMHqJjJLav77OSnqoZwL16rgyx9ukAUXD7Hvyl2V7KX4ZsJu
e5nBskdzlQ3FeJK4SnBtjtA7BQ09zFpZ0nWoDjA6t1qL1iZJ4And65XXkmuSDcA4
bwqgnWpQ4pO6kK31gtl7xz3qfb1JW8wVRfi4EBfNSeZFWal3NXRJc8rAFliXpVN3
5pQv/2jdJcK5UxnfUP2KIUIm9FDY/OxpT1cdUMLcuQ1I01Xk/t+7bSXTn3Emcm0u
BuzY/kFrwE5u/6KvgEWzwgoUzOymG+HrtHW0OHYAjLFeDem/XYZlmjgEaVlPs+lU
6de6/5F/Mq+kjYmpfdiKifp9/QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFLRojWZr
oZPGyjUx9zNZkeyORJmaMB8GA1UdIwQYMBaAFP5LLlTxgMgJrx7Jnpp8ficy2d2m
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QkU5Ni9FREE2NUFDNDU1
RTgxMUU5QjMwNTM3NkJDNEY5QUUwMi9fa3N1VlBHQXlBbXZIc21lbW54LUp6TFoz
YVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19rc3VWUEdBeUFtdkhzbWVtbngtSnpMWjNhWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEJFOTYvRURBNjVBQzQ1NUU4MTFFOUIzMDUzNzZCQzRGOUFFMDIvOEY3NTI1NzQ1
NUU5MTFFOUFFMTEyRDZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnW+QwDQQCAAIwBwMFACQBFMAwDQYJKoZIhvcNAQELBQAD
ggEBAFFxXzknqrtjPGlhJCSfTqwwUW0MQC99AnrEkwHAXKQ3XfjdgW0AkPOrPhe3
kN+RWWDOf77CIEb36NfaQFjiXWOlG4MSfyTgQvS3HDTKA2zcPxegPldEFCXPMuaY
mWyUPH5egjo/2dR7sROCRGzSIJY44QRnydl6WeFJAg531OB8ehOoinCd6JHJvBpH
O0dQLaaOMPCIEPuuJG8MFwmvbvYiyituN/PdXHVE/A7OmF3j9I21MQEWXkseh2Fw
8iU2uKeFeMT99klu0PUtlULjGt5PMCq+BDTIj+yR0bIyJZP4wQRsFUfXQR/XdLM2
kfw92yhrgY24BEaDXqQ9+kAid0U=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:14:14 2025 by rpki-client