Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/E491927E2A6611F0A02D3886C4F9AE02.roa
File: E491927E2A6611F0A02D3886C4F9AE02.roa (raw, json)
Hash identifier: XfeNdny8a3AiG1R9l+X3dLlxYmOMOfKjwHCf4D1MmWw=
Subject key identifier: 53:A2:E0:D3:FC:57:C0:F7:DB:18:D8:C4:F3:12:63:87:AB:C4:CF:16
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4DFB
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/E491927E2A6611F0A02D3886C4F9AE02.roa
Signing time: Thu 28 Aug 2025 14:56:52 +0000
ROA not before: Thu 28 Aug 2025 14:56:52 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 24088
IP address blocks: 14.0.16.0/20 maxlen: 24
103.19.220.0/22 maxlen: 24
103.71.104.0/23 maxlen: 24
103.88.112.0/22 maxlen: 24
103.88.116.0/22 maxlen: 24
103.130.208.0/22 maxlen: 24
103.235.212.0/22 maxlen: 24
103.238.68.0/22 maxlen: 24
103.238.72.0/22 maxlen: 24
103.244.136.0/22 maxlen: 24
116.118.56.0/22 maxlen: 24
202.60.104.0/21 maxlen: 24
202.93.156.0/22 maxlen: 24
203.128.240.0/21 maxlen: 24
203.209.180.0/22 maxlen: 24
2001:df4:acc0::/48 maxlen: 48
2001:df5:aac0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 14 Sep 2025 16:20:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19963 (0x4dfb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Aug 28 14:56:52 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=68b06e34-aa3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f8:39:1f:25:51:42:dd:1a:8e:63:39:12:15:
57:81:ed:85:c0:14:34:b0:62:eb:52:d2:b2:da:eb:
1d:c2:f8:d3:03:af:8f:ba:63:f8:3d:59:ba:48:a2:
30:cf:12:51:38:c9:14:8c:a1:16:be:7a:9d:b1:96:
58:5e:ee:bd:22:65:b0:0c:d8:2f:57:f8:2f:b2:eb:
e7:32:6f:31:b8:5f:fb:79:3f:ad:ab:46:94:d2:07:
88:09:16:5d:7c:56:9c:a9:27:8b:8b:f5:55:22:e9:
ac:98:17:6a:3d:2b:96:11:f2:1c:98:b1:83:4c:67:
1c:fa:1b:f2:ca:42:fc:a5:5a:e4:9b:96:24:c3:3a:
0d:21:34:6d:cd:71:48:5f:bd:93:57:49:9f:50:c0:
04:b0:9c:5f:bf:8e:94:c0:3b:86:75:2f:17:21:fa:
cf:2d:d5:d6:96:33:2f:5b:fe:ff:19:7c:d6:5d:e4:
1c:f9:52:0c:92:92:ce:39:ca:45:3f:39:af:e1:34:
6a:27:29:0a:ef:ca:d5:76:3a:6d:87:15:77:7f:94:
ed:98:95:af:c8:a4:28:02:fc:15:42:3b:54:3d:4c:
a2:5b:00:e7:51:b4:5f:80:22:5b:2e:67:5d:4a:0a:
66:3b:b5:13:a1:44:1a:1e:a2:bc:84:fb:a8:58:82:
b7:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:A2:E0:D3:FC:57:C0:F7:DB:18:D8:C4:F3:12:63:87:AB:C4:CF:16
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/E491927E2A6611F0A02D3886C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.0.16.0/20
103.19.220.0/22
103.71.104.0/23
103.88.112.0/21
103.130.208.0/22
103.235.212.0/22
103.238.68.0-103.238.75.255
103.244.136.0/22
116.118.56.0/22
202.60.104.0/21
202.93.156.0/22
203.128.240.0/21
203.209.180.0/22
IPv6:
2001:df4:acc0::/48
2001:df5:aac0::/48
Signature Algorithm: sha256WithRSAEncryption
9d:ea:00:23:64:45:9e:03:f9:a6:0e:b6:04:36:03:91:06:fe:
b5:35:57:2d:51:a0:5f:6c:0a:fc:07:1e:e0:0b:82:9c:14:69:
c0:d9:56:ed:ad:22:af:26:b5:5f:f6:3e:75:75:b1:9a:dc:f3:
74:81:0a:09:f2:cf:8b:8d:f0:a5:20:0e:90:15:b7:4d:4c:d2:
b3:3c:24:44:17:80:40:67:2b:a6:de:89:f0:0b:5e:e7:39:5b:
50:7a:75:d9:c9:57:19:18:e4:f3:5a:5d:5a:9a:a4:bc:17:ac:
cf:87:0e:0f:3b:34:46:5b:64:25:8d:a0:38:76:8e:8a:75:38:
00:72:69:05:f8:7f:75:44:03:84:8f:52:06:9a:5b:77:77:57:
87:fb:2f:79:94:a6:12:0d:c6:01:11:04:45:f5:5a:03:ae:33:
6f:0e:f1:49:48:cc:8d:fc:a8:14:2e:4e:46:ef:5f:db:c7:f1:
7d:ea:47:63:7f:7c:8e:71:20:a9:4f:f3:df:51:45:f4:ca:73:
d1:d1:89:b3:63:ae:48:ee:6d:63:cf:f7:88:19:ef:25:bd:cf:
b9:f2:c6:c5:8c:49:71:59:f3:c4:c8:7c:2f:c1:f3:b8:5f:ea:
33:b2:6a:d9:78:01:2d:6a:3d:d5:84:7d:cc:06:1d:b2:c7:a4:
3f:e7:9d:68
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgICTfswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjUwODI4MTQ1NjUyWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGIwNmUzNC1hYTNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzvg5HyVRQt0ajmM5EhVXge2FwBQ0sGLrUtKy2usdwvjTA6+PumP4PVm6SKIw
zxJROMkUjKEWvnqdsZZYXu69ImWwDNgvV/gvsuvnMm8xuF/7eT+tq0aU0geICRZd
fFacqSeLi/VVIumsmBdqPSuWEfIcmLGDTGcc+hvyykL8pVrkm5YkwzoNITRtzXFI
X72TV0mfUMAEsJxfv46UwDuGdS8XIfrPLdXWljMvW/7/GXzWXeQc+VIMkpLOOcpF
Pzmv4TRqJykK78rVdjpthxV3f5TtmJWvyKQoAvwVQjtUPUyiWwDnUbRfgCJbLmdd
SgpmO7UToUQaHqK8hPuoWIK3YQIDAQABo4IDADCCAvwwHQYDVR0OBBYEFFOi4NP8
V8D32xjYxPMSY4erxM8WMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvRTQ5MTkyN0Uy
QTY2MTFGMEEwMkQzODg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYkGCCsGAQUFBwEHAQH/
BHoweDBcBAIAATBWAwQEDgAQAwQCZxPcAwQBZ0doAwQDZ1hwAwQCZ4LQAwQCZ+vU
MAwDBAJn7kQDBAJn7kgDBAJn9IgDBAJ0djgDBAPKPGgDBALKXZwDBAPLgPADBALL
0bQwGAQCAAIwEgMHACABDfSswAMHACABDfWqwDANBgkqhkiG9w0BAQsFAAOCAQEA
neoAI2RFngP5pg62BDYDkQb+tTVXLVGgX2wK/Ace4AuCnBRpwNlW7a0irya1X/Y+
dXWxmtzzdIEKCfLPi43wpSAOkBW3TUzSszwkRBeAQGcrpt6J8Ate5zlbUHp12clX
GRjk81pdWpqkvBesz4cODzs0RltkJY2gOHaOinU4AHJpBfh/dUQDhI9SBppbd3dX
h/sveZSmEg3GAREERfVaA64zbw7xSUjMjfyoFC5ORu9f28fxfepHY398jnEgqU/z
31FF9Mpz0dGJs2OuSO5tY8/3iBnvJb3PufLGxYxJcVnzxMh8L8HzuF/qM7Jq2XgB
LWo91YR9zAYdssekP+edaA==
-----END CERTIFICATE-----
Generated at Mon Sep 8 05:43:26 2025 by rpki-client