Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A5DCD78E83E711F0B9A9DF11C4F9AE02.roa
File: A5DCD78E83E711F0B9A9DF11C4F9AE02.roa (raw, json)
Hash identifier: ZBTdaFZhT/rZQciFEQ9FZqqKv6XflkmcpMk+i2rYehQ=
Subject key identifier: 56:F6:F6:6E:25:05:D0:12:92:0A:64:7A:BF:13:28:1A:78:A6:0E:B6
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: C379
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A5DCD78E83E711F0B9A9DF11C4F9AE02.roa
Signing time: Thu 28 Aug 2025 11:10:58 +0000
ROA not before: Thu 28 Aug 2025 11:10:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 138311
IP address blocks: 103.84.80.0/24 maxlen: 24
103.84.81.0/24 maxlen: 24
103.84.82.0/24 maxlen: 24
103.84.83.0/24 maxlen: 24
103.96.40.0/24 maxlen: 24
103.96.41.0/24 maxlen: 24
103.96.42.0/24 maxlen: 24
103.132.244.0/23 maxlen: 24
103.133.158.0/23 maxlen: 24
103.139.170.0/24 maxlen: 24
103.139.171.0/24 maxlen: 24
103.157.122.0/23 maxlen: 24
103.160.174.0/23 maxlen: 24
103.163.90.0/24 maxlen: 24
103.163.91.0/24 maxlen: 24
103.169.240.0/23 maxlen: 24
103.171.132.0/24 maxlen: 24
103.171.133.0/24 maxlen: 24
103.175.170.0/23 maxlen: 24
103.176.186.0/24 maxlen: 24
103.176.187.0/24 maxlen: 24
103.195.82.0/23 maxlen: 24
103.196.184.0/23 maxlen: 24
103.207.11.0/24 maxlen: 24
103.212.152.0/23 maxlen: 24
103.212.154.0/23 maxlen: 24
103.239.174.0/24 maxlen: 24
103.239.175.0/24 maxlen: 24
210.16.92.0/24 maxlen: 24
210.16.93.0/24 maxlen: 24
2405:3440::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 11 Sep 2025 15:26:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50041 (0xc379)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 28 11:10:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68b03941-5976
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:80:a2:86:b8:3f:f0:7d:2c:60:31:17:76:4e:
5f:d1:5a:ed:09:72:56:01:81:05:79:d1:07:b1:1b:
31:e7:3b:f0:14:dc:0c:15:8e:b3:c0:fa:21:c0:d0:
6b:64:40:50:2b:dd:9c:c7:9e:29:44:52:92:2e:c8:
06:93:07:fd:2a:8b:80:14:07:44:a6:b0:1e:c4:53:
58:87:c4:ec:97:7f:33:10:3e:a0:ba:aa:fd:f8:e2:
64:62:e5:e2:e1:c2:8b:41:b2:7b:25:46:93:36:0f:
7c:0b:2e:5b:c4:6e:7c:2a:54:c1:1c:9a:cb:02:a9:
19:ba:71:41:18:54:bf:96:71:5c:9d:eb:93:2a:c6:
4f:c7:8e:11:f9:22:f5:fa:9f:26:7a:2e:fe:56:e4:
95:08:6a:c3:4c:dd:1f:8b:df:f3:b8:69:4f:a0:3f:
aa:f9:07:3a:26:62:bd:8d:91:15:4a:dc:b7:e0:9c:
9b:73:ff:bb:3c:8d:5b:23:49:7f:31:b3:14:28:94:
25:97:65:71:ee:02:e6:40:4c:04:b7:ad:9f:1d:cd:
b8:6b:28:26:2e:2f:6f:3c:c5:d9:06:fc:8b:38:3c:
87:f9:57:75:2f:4d:24:66:59:5c:b0:04:49:18:d9:
78:17:08:4b:52:8f:00:96:08:fe:08:23:67:b6:51:
c9:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:F6:F6:6E:25:05:D0:12:92:0A:64:7A:BF:13:28:1A:78:A6:0E:B6
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A5DCD78E83E711F0B9A9DF11C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.84.80.0/22
103.96.40.0-103.96.42.255
103.132.244.0/23
103.133.158.0/23
103.139.170.0/23
103.157.122.0/23
103.160.174.0/23
103.163.90.0/23
103.169.240.0/23
103.171.132.0/23
103.175.170.0/23
103.176.186.0/23
103.195.82.0/23
103.196.184.0/23
103.207.11.0/24
103.212.152.0/22
103.239.174.0/23
210.16.92.0/23
IPv6:
2405:3440::/32
Signature Algorithm: sha256WithRSAEncryption
03:f1:61:c4:50:42:6e:86:e6:bc:e5:4d:29:01:b3:46:2f:f3:
4b:5c:f0:25:8f:f3:ee:c0:8b:bf:a8:7c:58:4e:c5:bf:e7:9c:
5b:2d:16:20:40:67:c0:67:59:a1:0e:cd:9a:69:f5:91:8a:f9:
81:f5:fc:35:f7:d6:26:76:f6:8d:0f:f8:68:78:27:12:93:d5:
cd:d6:64:8b:9d:bd:8a:55:b1:1e:a9:1e:ac:9b:c4:bb:43:9b:
e6:09:36:f0:6f:90:c5:ba:81:da:08:35:8a:2e:5d:dc:1a:92:
0c:03:b1:ce:8a:4a:28:f6:a7:a2:c5:00:f1:f2:c6:a1:33:90:
43:c8:26:c7:84:be:02:21:88:af:13:6f:60:c4:c8:f1:0f:60:
66:be:6c:58:15:2a:f2:8c:3c:4e:8a:ca:35:b9:43:e7:0a:ad:
bc:e0:f1:17:88:4f:c6:e9:c5:a0:f2:6f:35:dc:87:98:80:ed:
43:9c:fc:5d:47:bb:fe:ee:f3:71:7e:03:d0:19:d5:92:1c:e1:
08:a7:9d:67:f1:12:44:4e:bc:55:72:a6:61:18:44:cb:2f:f9:
9d:c6:a4:9c:ca:f0:e9:be:cf:72:b0:72:26:8b:4e:f8:87:f2:
63:f8:d9:82:70:0e:70:96:c9:7d:57:d3:fa:97:85:43:60:ab:
76:eb:9e:41
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgIDAMN5MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDgyODExMTA1OFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjhiMDM5NDEtNTk3NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGAooa4P/B9LGAxF3ZOX9Fa7QlyVgGBBXnRB7EbMec78BTcDBWOs8D6IcDQ
a2RAUCvdnMeeKURSki7IBpMH/SqLgBQHRKawHsRTWIfE7Jd/MxA+oLqq/fjiZGLl
4uHCi0GyeyVGkzYPfAsuW8RufCpUwRyaywKpGbpxQRhUv5ZxXJ3rkyrGT8eOEfki
9fqfJnou/lbklQhqw0zdH4vf87hpT6A/qvkHOiZivY2RFUrct+Ccm3P/uzyNWyNJ
fzGzFCiUJZdlce4C5kBMBLetnx3NuGsoJi4vbzzF2Qb8izg8h/lXdS9NJGZZXLAE
SRjZeBcIS1KPAJYI/ggjZ7ZRyWECAwEAAaOCAxUwggMRMB0GA1UdDgQWBBRW9vZu
JQXQEpIKZHq/EygaeKYOtjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0E1RENENzhF
ODNFNzExRjBCOUE5REYxMUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGeBggrBgEFBQcBBwEB
/wSBjjCBizB6BAIAATB0AwQCZ1RQMAwDBANnYCgDBABnYCoDBAFnhPQDBAFnhZ4D
BAFni6oDBAFnnXoDBAFnoK4DBAFno1oDBAFnqfADBAFnq4QDBAFnr6oDBAFnsLoD
BAFnw1IDBAFnxLgDBABnzwsDBAJn1JgDBAFn764DBAHSEFwwDQQCAAIwBwMFACQF
NEAwDQYJKoZIhvcNAQELBQADggEBAAPxYcRQQm6G5rzlTSkBs0Yv80tc8CWP8+7A
i7+ofFhOxb/nnFstFiBAZ8BnWaEOzZpp9ZGK+YH1/DX31iZ29o0P+Gh4JxKT1c3W
ZIudvYpVsR6pHqybxLtDm+YJNvBvkMW6gdoINYouXdwakgwDsc6KSij2p6LFAPHy
xqEzkEPIJseEvgIhiK8Tb2DEyPEPYGa+bFgVKvKMPE6KyjW5Q+cKrbzg8ReIT8bp
xaDybzXch5iA7UOc/F1Hu/7u83F+A9AZ1ZIc4QinnWfxEkROvFVypmEYRMsv+Z3G
pJzK8Om+z3KwciaLTviH8mP42YJwDnCWyX1X0/qXhUNgq3brnkE=
-----END CERTIFICATE-----
Generated at Sat Sep 6 13:47:45 2025 by rpki-client