![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/A8816BEAFE6611EBB771CF1BC4F9AE02.roa
File: A8816BEAFE6611EBB771CF1BC4F9AE02.roa (raw, json)
Hash identifier: UIJAjIV9I8fTY1LEA/1cn3bJjXt9dDhj11O89Q/8Hb0=
Subject key identifier: F2:EE:3C:70:0D:C4:B5:B3:DE:76:7B:DE:D4:11:A9:64:F5:D7:3C:9B
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 43D8
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/A8816BEAFE6611EBB771CF1BC4F9AE02.roa
Signing time: Fri 21 Jun 2024 01:22:32 +0000
ROA not before: Fri 21 Jun 2024 01:22:32 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 140815
IP address blocks: 103.6.248.0/23 maxlen: 24
103.10.68.0/23 maxlen: 24
103.16.160.0/23 maxlen: 24
103.16.214.0/23 maxlen: 24
103.16.224.0/23 maxlen: 24
103.29.0.0/23 maxlen: 24
103.29.2.0/23 maxlen: 24
103.131.56.0/23 maxlen: 24
103.170.120.0/23 maxlen: 24
103.180.132.0/23 maxlen: 24
103.180.134.0/23 maxlen: 24
103.182.16.0/23 maxlen: 24
103.184.96.0/23 maxlen: 24
103.186.148.0/23 maxlen: 24
103.189.202.0/23 maxlen: 24
103.190.36.0/23 maxlen: 24
103.190.106.0/23 maxlen: 24
103.196.144.0/23 maxlen: 24
103.250.78.0/23 maxlen: 24
103.253.16.0/23 maxlen: 24
113.192.8.0/23 maxlen: 24
203.145.44.0/23 maxlen: 24
2001:df0:5b40::/48 maxlen: 48
2001:df0:5bc0::/48 maxlen: 48
2001:df0:aac0::/48 maxlen: 48
2001:df0:d9c0::/48 maxlen: 48
2001:df0:e3c0::/48 maxlen: 48
2001:df0:eac0::/48 maxlen: 48
2001:df3:41c0::/48 maxlen: 48
2001:df3:b640::/48 maxlen: 48
2001:df3:edc0::/48 maxlen: 48
2401:4b20::/48 maxlen: 48
2401:4ba0::/48 maxlen: 48
2401:50e0::/48 maxlen: 48
2401:7420::/48 maxlen: 48
2401:7560::/48 maxlen: 48
2401:7620::/48 maxlen: 48
2401:8aa0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 05 Jul 2024 14:35:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17368 (0x43d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Jun 21 01:22:32 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=6674d5d8-fac4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f4:c5:b9:15:c6:46:9b:ef:dc:fc:14:7e:a7:
ac:41:fd:6c:6c:96:ee:c3:28:d4:30:60:5d:24:72:
de:36:ef:a1:50:51:d8:ef:38:cb:6e:c1:14:82:5e:
7b:94:5e:21:67:ea:96:f8:7e:12:5b:65:53:5f:3c:
60:8a:f4:e5:00:1c:2d:fd:b6:70:2a:79:c3:4c:ba:
ca:ca:6c:e2:a9:94:c5:cb:7e:99:14:69:2e:2f:f5:
b0:5f:ff:51:88:2d:95:0a:49:b5:58:bc:ac:80:dc:
a7:75:4d:e7:3f:a7:ba:e3:ce:6f:c8:52:66:34:6d:
65:84:6b:51:0a:52:e0:ab:e7:94:d8:8b:d1:f9:24:
c8:1f:1d:c5:0b:6a:9b:06:9f:70:d0:6d:7d:4c:e6:
37:b7:c8:0e:a6:d6:36:0c:73:55:fd:4e:60:a6:f5:
f0:c1:64:51:c9:9e:d4:2d:ca:5b:6b:1a:a8:f2:26:
62:95:ee:76:58:05:33:a9:d4:aa:ec:b6:c6:d3:ef:
63:61:96:1f:07:40:d6:1b:f2:ba:08:13:5c:01:52:
bf:e6:e5:5f:aa:91:9c:e9:19:e1:d2:dd:2d:2e:8a:
6d:67:ca:5b:0e:f3:72:28:63:6e:7f:f3:2b:cb:f2:
53:42:39:d0:44:a3:95:b3:db:c9:bb:bd:de:72:2e:
68:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:EE:3C:70:0D:C4:B5:B3:DE:76:7B:DE:D4:11:A9:64:F5:D7:3C:9B
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/A8816BEAFE6611EBB771CF1BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.6.248.0/23
103.10.68.0/23
103.16.160.0/23
103.16.214.0/23
103.16.224.0/23
103.29.0.0/22
103.131.56.0/23
103.170.120.0/23
103.180.132.0/22
103.182.16.0/23
103.184.96.0/23
103.186.148.0/23
103.189.202.0/23
103.190.36.0/23
103.190.106.0/23
103.196.144.0/23
103.250.78.0/23
103.253.16.0/23
113.192.8.0/23
203.145.44.0/23
IPv6:
2001:df0:5b40::/48
2001:df0:5bc0::/48
2001:df0:aac0::/48
2001:df0:d9c0::/48
2001:df0:e3c0::/48
2001:df0:eac0::/48
2001:df3:41c0::/48
2001:df3:b640::/48
2001:df3:edc0::/48
2401:4b20::/48
2401:4ba0::/48
2401:50e0::/48
2401:7420::/48
2401:7560::/48
2401:7620::/48
2401:8aa0::/48
Signature Algorithm: sha256WithRSAEncryption
3c:21:04:75:8c:b2:cc:ab:6f:03:89:ae:8b:41:2b:65:70:38:
61:aa:c9:22:e2:d2:88:b4:73:ae:34:e1:f8:33:1f:d2:84:3c:
5b:30:64:ff:58:3b:2c:7e:b0:d3:cf:a2:c3:e2:71:65:29:ed:
b6:2a:24:d6:d2:00:13:de:d2:bd:ca:42:10:e0:9f:65:c3:49:
0c:8f:d5:36:59:3c:b3:57:dc:6b:41:34:ae:b5:c0:de:e9:41:
57:22:a2:dd:32:81:da:9e:97:c8:7f:17:cf:40:01:29:6d:50:
63:89:60:a4:08:4c:b7:d3:75:aa:22:2d:7c:0f:8d:28:91:72:
98:60:06:a9:c7:68:fb:af:f9:55:0c:3c:f2:d2:60:37:8a:df:
f2:65:cd:43:be:d3:f7:e1:47:bd:e9:3e:15:ab:88:a1:2f:0e:
33:f0:10:1f:56:e2:84:c7:56:3d:66:9e:16:0d:46:b1:b6:34:
71:62:99:86:34:46:2c:17:be:35:6b:83:1a:fd:2d:9a:79:a3:
7c:25:42:f9:ff:f7:0a:80:55:6b:60:f8:88:31:0c:93:59:eb:
73:ff:b2:c5:f6:ba:6b:4b:ab:a1:77:37:e8:e2:0c:67:97:7e:
71:67:8e:25:7f:f8:39:ed:f3:ff:a3:fe:32:9b:08:0c:6d:9f:
49:6b:57:bf
-----BEGIN CERTIFICATE-----
MIIGgzCCBWugAwIBAgICQ9gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwNjIxMDEyMjMyWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njc0ZDVkOC1mYWM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnvTFuRXGRpvv3PwUfqesQf1sbJbuwyjUMGBdJHLeNu+hUFHY7zjLbsEUgl57
lF4hZ+qW+H4SW2VTXzxgivTlABwt/bZwKnnDTLrKymziqZTFy36ZFGkuL/WwX/9R
iC2VCkm1WLysgNyndU3nP6e6485vyFJmNG1lhGtRClLgq+eU2IvR+STIHx3FC2qb
Bp9w0G19TOY3t8gOptY2DHNV/U5gpvXwwWRRyZ7ULcpbaxqo8iZile52WAUzqdSq
7LbG0+9jYZYfB0DWG/K6CBNcAVK/5uVfqpGc6Rnh0t0tLoptZ8pbDvNyKGNuf/Mr
y/JTQjnQRKOVs9vJu73eci5omwIDAQABo4IDpzCCA6MwHQYDVR0OBBYEFPLuPHAN
xLWz3nZ73tQRqWT11zybMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvQTg4MTZCRUFG
RTY2MTFFQkI3NzFDRjFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEvBggrBgEFBQcBBwEB
/wSCAR4wggEaMH4EAgABMHgDBAFnBvgDBAFnCkQDBAFnEKADBAFnENYDBAFnEOAD
BAJnHQADBAFngzgDBAFnqngDBAJntIQDBAFnthADBAFnuGADBAFnupQDBAFnvcoD
BAFnviQDBAFnvmoDBAFnxJADBAFn+k4DBAFn/RADBAFxwAgDBAHLkSwwgZcEAgAC
MIGQAwcAIAEN8FtAAwcAIAEN8FvAAwcAIAEN8KrAAwcAIAEN8NnAAwcAIAEN8OPA
AwcAIAEN8OrAAwcAIAEN80HAAwcAIAEN87ZAAwcAIAEN8+3AAwcAJAFLIAAAAwcA
JAFLoAAAAwcAJAFQ4AAAAwcAJAF0IAAAAwcAJAF1YAAAAwcAJAF2IAAAAwcAJAGK
oAAAMA0GCSqGSIb3DQEBCwUAA4IBAQA8IQR1jLLMq28Dia6LQStlcDhhqski4tKI
tHOuNOH4Mx/ShDxbMGT/WDssfrDTz6LD4nFlKe22KiTW0gAT3tK9ykIQ4J9lw0kM
j9U2WTyzV9xrQTSutcDe6UFXIqLdMoHanpfIfxfPQAEpbVBjiWCkCEy303WqIi18
D40okXKYYAapx2j7r/lVDDzy0mA3it/yZc1DvtP34Ue96T4Vq4ihLw4z8BAfVuKE
x1Y9Zp4WDUaxtjRxYpmGNEYsF741a4Ma/S2aeaN8JUL5//cKgFVrYPiIMQyTWetz
/7LF9rprS6uhdzfo4gxnl35xZ44lf/g57fP/o/4ymwgMbZ9Ja1e/
-----END CERTIFICATE-----
Generated at Fri Jun 28 15:45:09 2024 by rpki-client on console-fra.rpki-client.org