Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/5E6FEE4E10F211F099F0EB23C4F9AE02.roa
File: 5E6FEE4E10F211F099F0EB23C4F9AE02.roa (raw, json)
Hash identifier: ur8j9D8kdglhhNt0G74zKrsn6B+PGWhNGP/ufS+SeV4=
Subject key identifier: 21:3A:DB:79:1C:29:55:5E:58:82:39:49:C5:86:98:C8:9F:84:3F:AF
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4B5E
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/5E6FEE4E10F211F099F0EB23C4F9AE02.roa
Signing time: Tue 27 May 2025 03:17:22 +0000
ROA not before: Tue 27 May 2025 03:17:22 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 135951
IP address blocks: 101.101.96.0/23 maxlen: 24
103.130.216.0/22 maxlen: 23
103.142.24.0/23 maxlen: 24
103.142.26.0/23 maxlen: 24
103.155.162.0/23 maxlen: 24
103.161.178.0/23 maxlen: 23
103.162.14.0/23 maxlen: 24
103.162.20.0/23 maxlen: 24
103.162.22.0/23 maxlen: 23
103.164.154.0/23 maxlen: 24
103.177.110.0/23 maxlen: 24
103.179.184.0/23 maxlen: 24
116.118.44.0/22 maxlen: 24
180.93.136.0/22 maxlen: 24
2400:4de0::/48 maxlen: 48
2401:45e0::/48 maxlen: 48
2405:2840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Jun 2025 14:35:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19294 (0x4b5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: May 27 03:17:22 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=68352ec1-1820
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:74:d8:b5:54:7f:9a:68:ac:1e:4a:1c:87:e2:
8b:0b:b4:fe:19:4b:5e:8a:6a:b0:f4:04:21:ea:84:
13:72:7d:7d:7a:8a:6f:a1:a9:a4:54:17:88:38:87:
e7:9a:99:74:df:31:d8:a3:10:59:b7:3e:fa:d2:79:
88:d2:7b:c9:ee:c5:34:a7:c3:13:1f:aa:a0:6a:57:
9c:ef:fd:fb:16:21:a4:8d:1c:95:c1:52:63:c1:3d:
2e:67:5b:7c:7f:c8:e5:67:5a:27:c2:1f:98:c7:99:
1c:b9:4b:e4:5b:f4:55:de:c1:c5:b7:fa:8f:1d:45:
a2:1f:32:7f:bb:51:60:64:9f:3c:e9:62:c1:72:ae:
ab:88:d5:38:e7:82:70:31:4b:10:e7:d6:f1:8c:89:
a8:06:89:59:8e:ea:d0:d1:73:75:99:d9:d7:09:ff:
89:84:67:5d:85:29:81:d9:3d:1f:f3:6c:5f:d2:4a:
94:76:4b:53:cb:8a:30:ab:2b:91:f7:20:24:df:e5:
6f:2d:d1:c9:e7:39:18:4a:c0:5c:b8:49:2d:b7:85:
d4:9a:9c:eb:0c:64:b4:f7:c5:4e:35:53:08:59:de:
2d:d2:fe:96:06:de:a6:6e:c0:fa:b9:94:da:9e:b3:
05:09:ee:3f:52:4e:56:08:cf:ba:72:1c:1b:b0:d0:
29:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:3A:DB:79:1C:29:55:5E:58:82:39:49:C5:86:98:C8:9F:84:3F:AF
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/5E6FEE4E10F211F099F0EB23C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.101.96.0/23
103.130.216.0/22
103.142.24.0/22
103.155.162.0/23
103.161.178.0/23
103.162.14.0/23
103.162.20.0/22
103.164.154.0/23
103.177.110.0/23
103.179.184.0/23
116.118.44.0/22
180.93.136.0/22
IPv6:
2400:4de0::/48
2401:45e0::/48
2405:2840::/48
Signature Algorithm: sha256WithRSAEncryption
8e:91:65:6d:66:ff:63:e0:d1:7d:dc:19:6d:3b:df:25:40:1d:
e7:05:60:1d:18:ec:80:75:fe:a7:a6:45:82:80:71:c4:d3:6f:
7c:f4:dc:ed:1c:fa:da:59:0f:39:c9:70:86:28:83:ba:8d:d1:
27:27:29:f1:12:db:05:5e:c2:ca:42:cb:c8:ed:f9:f3:f8:8d:
4a:74:5a:fc:9f:2c:01:10:df:d2:ea:6e:0b:6f:51:13:98:08:
d7:3d:ff:77:68:d4:3b:4f:83:1a:cf:56:dd:56:37:70:3f:56:
d5:ed:37:3b:de:7f:28:60:69:83:85:b1:30:a3:ca:2e:91:ea:
44:38:c3:be:4a:36:c6:7f:d7:b7:07:42:0b:b1:dd:55:f8:19:
cc:3a:47:4e:e5:60:bf:6e:4c:80:cb:0c:a0:e9:a3:2f:7b:48:
5c:0f:89:db:4f:c3:ab:2d:24:a9:0c:1f:f2:e0:35:48:a5:8e:
60:b8:65:05:36:01:c4:55:f1:23:d4:a1:17:12:1e:f6:dd:0c:
9f:85:a3:4b:11:02:aa:e8:1f:75:0a:ab:81:9b:5c:a7:23:59:
af:e0:ed:df:8d:cc:7c:33:02:a1:bf:36:24:7b:f8:4e:8b:8b:
ba:f3:2d:e4:a4:c4:d7:74:81:4c:85:e7:26:41:fe:9c:a5:30:
4a:6e:0b:0f
-----BEGIN CERTIFICATE-----
MIIF1zCCBL+gAwIBAgICS14wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjUwNTI3MDMxNzIyWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODM1MmVjMS0xODIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmnTYtVR/mmisHkoch+KLC7T+GUteimqw9AQh6oQTcn19eopvoamkVBeIOIfn
mpl03zHYoxBZtz760nmI0nvJ7sU0p8MTH6qgalec7/37FiGkjRyVwVJjwT0uZ1t8
f8jlZ1onwh+Yx5kcuUvkW/RV3sHFt/qPHUWiHzJ/u1FgZJ886WLBcq6riNU454Jw
MUsQ59bxjImoBolZjurQ0XN1mdnXCf+JhGddhSmB2T0f82xf0kqUdktTy4owqyuR
9yAk3+VvLdHJ5zkYSsBcuEktt4XUmpzrDGS098VONVMIWd4t0v6WBt6mbsD6uZTa
nrMFCe4/Uk5WCM+6chwbsNApMQIDAQABo4IC+zCCAvcwHQYDVR0OBBYEFCE623kc
KVVeWII5ScWGmMifhD+vMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvNUU2RkVFNEUx
MEYyMTFGMDk5RjBFQjIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYQGCCsGAQUFBwEHAQH/
BHUwczBOBAIAATBIAwQBZWVgAwQCZ4LYAwQCZ44YAwQBZ5uiAwQBZ6GyAwQBZ6IO
AwQCZ6IUAwQBZ6SaAwQBZ7FuAwQBZ7O4AwQCdHYsAwQCtF2IMCEEAgACMBsDBwAk
AE3gAAADBwAkAUXgAAADBwAkBShAAAAwDQYJKoZIhvcNAQELBQADggEBAI6RZW1m
/2Pg0X3cGW073yVAHecFYB0Y7IB1/qemRYKAccTTb3z03O0c+tpZDznJcIYog7qN
0ScnKfES2wVewspCy8jt+fP4jUp0WvyfLAEQ39LqbgtvUROYCNc9/3do1DtPgxrP
Vt1WN3A/VtXtNzvefyhgaYOFsTCjyi6R6kQ4w75KNsZ/17cHQgux3VX4Gcw6R07l
YL9uTIDLDKDpoy97SFwPidtPw6stJKkMH/LgNUiljmC4ZQU2AcRV8SPUoRcSHvbd
DJ+Fo0sRAqroH3UKq4GbXKcjWa/g7d+NzHwzAqG/NiR7+E6Li7rzLeSkxNd0gUyF
5yZB/pylMEpuCw8=
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:14:50 2025 by rpki-client