Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/B43088B457F311F099129754C4F9AE02.roa
File: B43088B457F311F099129754C4F9AE02.roa (raw, json)
Hash identifier: cn/Vi2Rebv8wBXfKN3evI7K1WrsszUiyN5vcIbUfZyM=
Subject key identifier: 6D:CC:31:C7:00:D5:9A:B9:60:B2:E2:33:C5:C8:78:C9:14:3E:07:1E
Certificate issuer: /CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
Certificate serial: 0C4E
Authority key identifier: B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/B43088B457F311F099129754C4F9AE02.roa
Signing time: Tue 26 Aug 2025 00:52:39 +0000
ROA not before: Tue 26 Aug 2025 00:52:39 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 5065
IP address blocks: 43.230.52.0/24 maxlen: 24
43.230.53.0/24 maxlen: 24
43.246.198.0/24 maxlen: 24
43.249.240.0/24 maxlen: 24
43.249.242.0/24 maxlen: 24
43.249.243.0/24 maxlen: 24
43.251.184.0/24 maxlen: 24
43.251.186.0/24 maxlen: 24
45.115.33.0/24 maxlen: 24
45.115.35.0/24 maxlen: 24
45.124.63.0/24 maxlen: 24
103.7.117.0/24 maxlen: 24
103.7.118.0/24 maxlen: 24
103.7.119.0/24 maxlen: 24
103.13.19.0/24 maxlen: 24
103.15.32.0/24 maxlen: 24
103.15.33.0/24 maxlen: 24
103.15.34.0/24 maxlen: 24
103.15.35.0/24 maxlen: 24
103.248.150.0/24 maxlen: 24
103.248.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl
rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 11 Sep 2025 19:19:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3150 (0xc4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4402, serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
Validity
Not Before: Aug 26 00:52:39 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=68ad0556-e162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:c8:73:61:e4:80:36:d9:ce:5d:70:85:8e:1e:
41:e7:58:86:2f:d2:d9:05:c2:2c:f8:e5:76:c3:5e:
24:ab:f8:8f:4e:b5:2f:c1:50:4f:98:ed:9b:ef:1a:
52:e8:07:0c:8f:0d:66:1b:cd:b7:53:7b:36:bc:de:
13:9a:dc:f7:31:e0:47:14:fa:aa:67:92:2d:0a:e2:
6d:d2:1e:14:48:87:97:2d:68:66:59:32:bb:de:64:
a6:ec:62:4d:6a:b8:1e:7c:c7:9e:f1:07:e2:41:e5:
bd:2a:2e:67:07:f9:6f:6a:a6:b7:7c:2d:c7:99:63:
54:14:9a:af:84:b7:f0:cc:06:fd:7f:c2:39:49:81:
94:73:53:fd:a9:00:99:1f:9e:75:a9:63:ba:a0:23:
d5:a6:5d:0e:84:21:2c:d0:22:61:95:f2:4a:40:66:
2a:85:df:43:cc:77:57:14:ad:bb:56:5a:34:b2:3d:
77:33:16:d3:44:cb:76:a0:97:1a:f6:64:f7:85:96:
9c:8f:15:bf:e9:e2:4b:ed:36:ec:f4:ad:c6:1f:30:
1c:f6:20:37:8f:da:0c:8f:5f:43:e0:a1:82:17:1d:
bf:44:48:a1:8a:88:2c:08:06:03:cd:79:4a:e7:59:
5c:c0:16:58:be:a7:b0:57:92:14:d1:e9:40:54:f8:
a5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:CC:31:C7:00:D5:9A:B9:60:B2:E2:33:C5:C8:78:C9:14:3E:07:1E
X509v3 Authority Key Identifier:
keyid:B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/B43088B457F311F099129754C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.52.0/23
43.246.198.0/24
43.249.240.0/24
43.249.242.0/23
43.251.184.0/24
43.251.186.0/24
45.115.33.0/24
45.115.35.0/24
45.124.63.0/24
103.7.117.0-103.7.119.255
103.13.19.0/24
103.15.32.0/22
103.248.150.0/23
Signature Algorithm: sha256WithRSAEncryption
63:bc:90:64:2a:48:fd:8a:aa:cf:28:d6:eb:9a:32:82:63:30:
b2:bc:cf:5a:71:63:ff:ef:ed:97:0c:91:d0:ce:7d:47:fe:91:
77:44:d6:db:02:e6:23:44:f1:48:76:80:9b:0a:f0:cf:81:5e:
b8:b8:98:90:b4:0d:38:d8:33:4d:57:69:a2:ed:51:78:63:23:
51:11:2a:f6:74:da:9b:74:92:a0:6a:95:cb:77:d2:2d:1c:1b:
4f:a4:e4:ce:3a:4b:d9:e7:cf:95:64:20:18:83:30:0b:5f:c8:
c3:55:90:01:26:d4:9f:df:ef:6d:82:5a:3f:c2:98:46:ed:4d:
dd:87:78:8c:c9:d3:62:fa:d5:25:90:6a:a0:fc:86:7d:ce:13:
bb:a3:79:99:2b:42:83:83:73:ac:67:1d:e7:38:63:60:f9:94:
3a:17:61:8e:13:35:d2:d4:55:68:dc:82:44:b7:83:3c:fb:ca:
c2:66:dd:a7:b4:50:6b:bc:d5:59:b5:ff:9d:32:da:53:86:1d:
ee:5c:cd:9e:61:88:ef:15:48:7f:8e:b5:fc:a9:41:9b:ec:66:
d9:02:11:ce:b6:40:b6:20:cf:f4:78:45:80:23:89:85:8f:e9:
cd:0a:bf:07:01:0b:ee:b5:70:06:8e:84:9b:c3:7e:1b:6f:0b:
78:38:0c:8b
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgICDE4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTQ0MDIxMTAvBgNVBAUTKEI0MTE2QThFNkRBOTkxRkRDRjcxNjI2RTdCRUExMUZG
NjlDQkE4NDYwHhcNMjUwODI2MDA1MjM5WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OGFkMDU1Ni1lMTYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5chzYeSANtnOXXCFjh5B51iGL9LZBcIs+OV2w14kq/iPTrUvwVBPmO2b7xpS
6AcMjw1mG823U3s2vN4Tmtz3MeBHFPqqZ5ItCuJt0h4USIeXLWhmWTK73mSm7GJN
argefMee8QfiQeW9Ki5nB/lvaqa3fC3HmWNUFJqvhLfwzAb9f8I5SYGUc1P9qQCZ
H551qWO6oCPVpl0OhCEs0CJhlfJKQGYqhd9DzHdXFK27Vlo0sj13MxbTRMt2oJca
9mT3hZacjxW/6eJL7Tbs9K3GHzAc9iA3j9oMj19D4KGCFx2/REihiogsCAYDzXlK
51lcwBZYvqewV5IU0elAVPil5wIDAQABo4IC5TCCAuEwHQYDVR0OBBYEFG3MMccA
1Zq5YLLiM8XIeMkUPgceMB8GA1UdIwQYMBaAFLQRao5tqZH9z3FibnvqEf9py6hG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDQwMi9GREJGRDAyMDNE
OTYxMUVBOEVBMDcwMkZDNEY5QUUwMi90QkZxam0ycGtmM1BjV0p1ZS1vUl8ybkxx
RVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RCRnFqbTJwa2YzUGNXSnVlLW9SXzJuTHFFWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTQ0MDIvRkRCRkQwMjAzRDk2MTFFQThFQTA3MDJGQzRGOUFFMDIvQjQzMDg4QjQ1
N0YzMTFGMDk5MTI5NzU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbwYIKwYBBQUHAQcBAf8E
YDBeMFwEAgABMFYDBAEr5jQDBAAr9sYDBAAr+fADBAEr+fIDBAAr+7gDBAAr+7oD
BAAtcyEDBAAtcyMDBAAtfD8wDAMEAGcHdQMEA2cHcAMEAGcNEwMEAmcPIAMEAWf4
ljANBgkqhkiG9w0BAQsFAAOCAQEAY7yQZCpI/YqqzyjW65oygmMwsrzPWnFj/+/t
lwyR0M59R/6Rd0TW2wLmI0TxSHaAmwrwz4FeuLiYkLQNONgzTVdpou1ReGMjUREq
9nTam3SSoGqVy3fSLRwbT6TkzjpL2efPlWQgGIMwC1/Iw1WQASbUn9/vbYJaP8KY
Ru1N3Yd4jMnTYvrVJZBqoPyGfc4Tu6N5mStCg4NzrGcd5zhjYPmUOhdhjhM10tRV
aNyCRLeDPPvKwmbdp7RQa7zVWbX/nTLaU4Yd7lzNnmGI7xVIf461/KlBm+xm2QIR
zrZAtiDP9HhFgCOJhY/pzQq/BwEL7rVwBo6Em8N+G28LeDgMiw==
-----END CERTIFICATE-----
Generated at Sat Sep 6 16:51:04 2025 by rpki-client