Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/6EBD0E788EAA11EFA6C1D33AC4F9AE02.roa
File: 6EBD0E788EAA11EFA6C1D33AC4F9AE02.roa (raw, json)
Hash identifier: LNdWkLd2IDiSdiZI4pxNrSry7BehKLe4yoSOBk6yxng=
Subject key identifier: 7A:56:91:45:05:88:B1:9B:B5:5A:55:D5:E8:52:9E:82:1A:75:BC:FD
Certificate issuer: /CN=A91E4463/serialNumber=771230A82EDBC27716AB3DC6A82FC5AEC45EEF67
Certificate serial: 0C87
Authority key identifier: 77:12:30:A8:2E:DB:C2:77:16:AB:3D:C6:A8:2F:C5:AE:C4:5E:EF:67
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dxIwqC7bwncWqz3GqC_FrsRe72c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/6EBD0E788EAA11EFA6C1D33AC4F9AE02.roa
Signing time: Tue 09 Sep 2025 09:39:56 +0000
ROA not before: Tue 09 Sep 2025 09:39:56 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 136224
IP address blocks: 103.84.36.0/22 maxlen: 22
103.84.36.0/23 maxlen: 23
103.84.36.0/24 maxlen: 24
103.84.37.0/24 maxlen: 24
103.84.38.0/23 maxlen: 23
103.84.38.0/24 maxlen: 24
103.84.39.0/24 maxlen: 24
113.212.108.0/22 maxlen: 22
113.212.108.0/23 maxlen: 23
113.212.108.0/24 maxlen: 24
113.212.109.0/24 maxlen: 24
113.212.110.0/23 maxlen: 23
113.212.110.0/24 maxlen: 24
113.212.111.0/24 maxlen: 24
2400:9940:5::/48 maxlen: 48
2400:9940:1000::/36 maxlen: 40
2400:9940:1000::/48 maxlen: 48
2400:9940:1001::/48 maxlen: 48
2400:9940:1002::/48 maxlen: 48
2400:9940:1003::/48 maxlen: 48
2400:9940:1004::/48 maxlen: 48
2400:9940:1100::/48 maxlen: 48
2400:9940:1101::/48 maxlen: 48
2400:9940:1102::/48 maxlen: 48
2400:9940:1103::/48 maxlen: 48
2400:9940:1104::/48 maxlen: 48
2400:9940:1137::/48 maxlen: 48
2400:9940:1138::/48 maxlen: 48
2400:9940:1139::/48 maxlen: 48
2400:9940:1200::/48 maxlen: 48
2400:9940:1201::/48 maxlen: 48
2400:9940:1202::/48 maxlen: 48
2400:9940:1203::/48 maxlen: 48
2400:9940:1204::/48 maxlen: 48
2400:9940:1300::/48 maxlen: 48
2400:9940:1301::/48 maxlen: 48
2400:9940:1302::/48 maxlen: 48
2400:9940:1303::/48 maxlen: 48
2400:9940:1304::/48 maxlen: 48
2400:9940:1400::/48 maxlen: 48
2400:9940:1401::/48 maxlen: 48
2400:9940:1402::/48 maxlen: 48
2400:9940:1403::/48 maxlen: 48
2400:9940:1404::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/dxIwqC7bwncWqz3GqC_FrsRe72c.crl
rsync://rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/dxIwqC7bwncWqz3GqC_FrsRe72c.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dxIwqC7bwncWqz3GqC_FrsRe72c.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 25 Sep 2025 18:50:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3207 (0xc87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4463, serialNumber=771230A82EDBC27716AB3DC6A82FC5AEC45EEF67
Validity
Not Before: Sep 9 09:39:56 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=68bff5ec-8d66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:15:29:97:a8:ed:b2:66:2b:53:a5:47:e9:62:
9e:b9:dc:73:0b:47:72:c9:f9:26:3f:04:d1:9b:20:
fd:6f:aa:6d:55:48:b8:03:b5:96:cd:58:8f:4c:7d:
56:07:34:46:4e:34:8d:fe:f1:a9:07:ac:47:99:a1:
b2:0f:4a:20:87:32:89:cc:13:2f:f0:5a:78:0a:21:
ce:dc:56:56:72:ed:eb:5b:9c:1a:f7:10:5f:99:df:
3e:ee:0c:9e:e7:2b:65:ea:73:0a:d6:4b:f7:1b:a3:
f5:b4:e4:4c:d8:79:47:ff:a9:fe:06:16:31:c0:19:
71:64:04:5a:7d:0b:59:53:7b:97:7b:30:d9:a4:fd:
b3:37:de:8c:0d:12:d7:19:2f:a7:3c:39:d4:c3:1b:
8c:0c:53:44:4c:95:ff:23:48:f8:16:5e:5f:97:83:
75:70:ee:79:4f:59:5c:08:3e:52:ef:8d:5d:1f:87:
ad:a1:e2:1a:7b:34:21:4b:a1:9e:54:f3:3b:24:fe:
8e:06:34:28:f4:37:fc:d1:ce:19:15:9f:cd:42:a6:
fa:c1:5d:9f:e8:df:9b:c0:ae:cf:52:b2:c5:1c:c2:
b2:c4:34:73:e7:57:0b:fa:8d:c2:60:6a:1d:08:c3:
43:cd:77:fc:e3:08:3c:88:3a:c7:25:36:99:f2:52:
42:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:56:91:45:05:88:B1:9B:B5:5A:55:D5:E8:52:9E:82:1A:75:BC:FD
X509v3 Authority Key Identifier:
keyid:77:12:30:A8:2E:DB:C2:77:16:AB:3D:C6:A8:2F:C5:AE:C4:5E:EF:67
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/dxIwqC7bwncWqz3GqC_FrsRe72c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dxIwqC7bwncWqz3GqC_FrsRe72c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/6EBD0E788EAA11EFA6C1D33AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.84.36.0/22
113.212.108.0/22
IPv6:
2400:9940:5::/48
2400:9940:1000::/36
Signature Algorithm: sha256WithRSAEncryption
30:94:32:ed:4c:71:04:7c:70:4b:34:d1:34:84:12:94:32:ce:
3b:01:9c:7c:3e:20:ea:b1:20:cd:1e:e1:2f:f7:d0:9d:19:0e:
d6:1c:65:e1:21:4a:cd:4b:25:9c:af:5e:28:d2:92:57:d8:84:
2a:fa:8f:45:5f:56:f9:bd:e4:22:c7:b6:26:5c:c5:9e:97:da:
87:36:f8:46:0b:cd:cd:67:13:6f:1e:3f:31:f9:55:f0:75:9d:
33:20:9d:41:e6:99:a1:c2:b4:54:5e:b9:91:2b:85:78:d7:e4:
54:4c:36:33:7b:99:66:86:2d:54:48:5c:2e:0a:88:ed:23:57:
2e:41:5a:8e:f2:92:e9:8e:1e:20:12:ea:bb:aa:da:ab:65:28:
79:26:79:6c:1e:71:6c:fb:bf:f1:3a:55:8e:8b:69:27:f6:bd:
85:77:12:cb:7a:cd:23:e6:1a:3c:ac:14:e1:4f:92:ba:91:ca:
65:70:fb:6e:1f:33:7a:58:bf:0a:ac:a5:40:d1:2e:72:0f:0b:
21:ea:ff:0a:de:bf:1b:08:62:20:ab:c4:d7:df:9e:a8:c8:64:
55:c7:a0:dc:00:af:2c:1e:6a:9a:de:50:22:28:df:c1:c6:7a:
9f:4c:ae:8c:5f:ea:5c:53:4a:3f:cc:9a:d5:c9:94:47:82:de:
ff:f6:37:69
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgICDIcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTQ0NjMxMTAvBgNVBAUTKDc3MTIzMEE4MkVEQkMyNzcxNkFCM0RDNkE4MkZDNUFF
QzQ1RUVGNjcwHhcNMjUwOTA5MDkzOTU2WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGJmZjVlYy04ZDY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAphUpl6jtsmYrU6VH6WKeudxzC0dyyfkmPwTRmyD9b6ptVUi4A7WWzViPTH1W
BzRGTjSN/vGpB6xHmaGyD0oghzKJzBMv8Fp4CiHO3FZWcu3rW5wa9xBfmd8+7gye
5ytl6nMK1kv3G6P1tORM2HlH/6n+BhYxwBlxZARafQtZU3uXezDZpP2zN96MDRLX
GS+nPDnUwxuMDFNETJX/I0j4Fl5fl4N1cO55T1lcCD5S741dH4etoeIaezQhS6Ge
VPM7JP6OBjQo9Df80c4ZFZ/NQqb6wV2f6N+bwK7PUrLFHMKyxDRz51cL+o3CYGod
CMNDzXf84wg8iDrHJTaZ8lJCBwIDAQABo4ICtDCCArAwHQYDVR0OBBYEFHpWkUUF
iLGbtVpV1ehSnoIadbz9MB8GA1UdIwQYMBaAFHcSMKgu28J3Fqs9xqgvxa7EXu9n
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNDQ2My9BNEQ0NDAwQzEz
OUYxMUVBQTY1ODI4NjBDNEY5QUUwMi9keEl3cUM3YnduY1dxejNHcUNfRnJzUmU3
MmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2R4SXdxQzdid25jV3F6M0dxQ19GcnNSZTcyYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTQ0NjMvQTRENDQwMEMxMzlGMTFFQUE2NTgyODYwQzRGOUFFMDIvNkVCRDBFNzg4
RUFBMTFFRkE2QzFEMzNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPgYIKwYBBQUHAQcBAf8E
LzAtMBIEAgABMAwDBAJnVCQDBAJx1GwwFwQCAAIwEQMHACQAmUAABQMGBCQAmUAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAwlDLtTHEEfHBLNNE0hBKUMs47AZx8PiDqsSDN
HuEv99CdGQ7WHGXhIUrNSyWcr14o0pJX2IQq+o9FX1b5veQix7YmXMWel9qHNvhG
C83NZxNvHj8x+VXwdZ0zIJ1B5pmhwrRUXrmRK4V41+RUTDYze5lmhi1USFwuCojt
I1cuQVqO8pLpjh4gEuq7qtqrZSh5JnlsHnFs+7/xOlWOi2kn9r2FdxLLes0j5ho8
rBThT5K6kcplcPtuHzN6WL8KrKVA0S5yDwsh6v8K3r8bCGIgq8TX356oyGRVx6Dc
AK8sHmqa3lAiKN/BxnqfTK6MX+pcU0o/zJrVyZRHgt7/9jdp
-----END CERTIFICATE-----
Generated at Thu Sep 18 23:50:58 2025 by rpki-client