Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/38564246ABFB11EFAC5AA210C4F9AE02.roa
File: 38564246ABFB11EFAC5AA210C4F9AE02.roa (raw, json)
Hash identifier: 5qCbqD/kGnXRbRY3JI84rpy4sqIm7tuboDSoPvIwa6I=
Subject key identifier: 05:35:6B:42:BE:49:C9:D0:D5:19:09:0C:06:7E:A1:EC:BF:92:31:23
Certificate issuer: /CN=A91EB2B8/serialNumber=A69700E78D0C812AD2E2C114C82C655A0ACD447F
Certificate serial: 02C9
Authority key identifier: A6:97:00:E7:8D:0C:81:2A:D2:E2:C1:14:C8:2C:65:5A:0A:CD:44:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ppcA540MgSrS4sEUyCxlWgrNRH8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/38564246ABFB11EFAC5AA210C4F9AE02.roa
Signing time: Thu 26 Jun 2025 10:33:19 +0000
ROA not before: Thu 26 Jun 2025 10:33:19 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 139057
IP address blocks: 103.137.168.0/24 maxlen: 24
103.137.169.0/24 maxlen: 24
103.137.170.0/24 maxlen: 24
103.137.171.0/24 maxlen: 24
103.138.247.0/24 maxlen: 24
103.189.255.0/24 maxlen: 24
103.243.92.0/24 maxlen: 24
103.243.93.0/24 maxlen: 24
103.243.94.0/24 maxlen: 24
103.243.95.0/24 maxlen: 24
123.108.72.0/24 maxlen: 24
123.108.73.0/24 maxlen: 24
2407:2440:1::/48 maxlen: 48
2407:2440:2::/48 maxlen: 48
2407:2440:3::/48 maxlen: 48
2407:2440:4::/48 maxlen: 48
2407:2440:5::/48 maxlen: 48
2407:2440:6::/48 maxlen: 48
2407:2440:7::/48 maxlen: 48
2407:2440:8::/48 maxlen: 48
2407:2440:9::/48 maxlen: 48
2407:2440:a::/48 maxlen: 48
2407:2440:b::/48 maxlen: 48
2407:2440:c::/48 maxlen: 48
2407:2440:d::/48 maxlen: 48
2407:2440:e::/48 maxlen: 48
2407:2440:f::/48 maxlen: 48
2407:2440:10::/48 maxlen: 48
2407:2440:11::/48 maxlen: 48
2407:2440:12::/48 maxlen: 48
2407:2440:13::/48 maxlen: 48
2407:2440:14::/48 maxlen: 48
2407:2440:15::/48 maxlen: 48
2407:2440:16::/48 maxlen: 48
2407:2440:17::/48 maxlen: 48
2407:2440:18::/48 maxlen: 48
2407:2440:19::/48 maxlen: 48
2407:2440:1e::/48 maxlen: 48
2407:2440:1f::/48 maxlen: 48
2407:2440:20::/48 maxlen: 48
2407:2440:22::/48 maxlen: 48
2407:2440:23::/48 maxlen: 48
2407:2440:25::/48 maxlen: 48
2407:2440:28::/48 maxlen: 48
2407:2440:2a::/48 maxlen: 48
2407:2440:2b::/48 maxlen: 48
2407:2440:2c::/48 maxlen: 48
2407:2440:2d::/48 maxlen: 48
2407:2440:a001::/48 maxlen: 48
2407:2440:a002::/48 maxlen: 48
2407:2440:a003::/48 maxlen: 48
2407:2440:b001::/48 maxlen: 48
2407:2440:b002::/48 maxlen: 48
2407:2440:e001::/48 maxlen: 48
2407:2440:e002::/48 maxlen: 48
2407:2440:e003::/48 maxlen: 48
2407:2440:e004::/48 maxlen: 48
2407:2440:e008::/48 maxlen: 48
2407:2440:f001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/ppcA540MgSrS4sEUyCxlWgrNRH8.crl
rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/ppcA540MgSrS4sEUyCxlWgrNRH8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ppcA540MgSrS4sEUyCxlWgrNRH8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 06 Jul 2025 01:26:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 713 (0x2c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EB2B8, serialNumber=A69700E78D0C812AD2E2C114C82C655A0ACD447F
Validity
Not Before: Jun 26 10:33:19 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=685d21ef-3002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:02:dd:58:91:f1:84:d5:b9:45:61:05:bd:11:
27:fa:7e:ea:f9:02:5c:8d:dd:a7:2d:67:08:29:cd:
99:cd:f4:1a:6a:ad:33:a7:fe:37:8a:96:b0:18:af:
97:99:bd:58:d3:c8:cd:e1:a5:72:ef:14:d1:2b:13:
4f:ad:57:85:8b:f8:aa:a7:69:60:d0:09:2c:f4:7c:
62:3d:ad:59:10:1f:5f:8f:b3:27:60:0d:94:73:2a:
83:ad:8e:8b:46:e6:34:6d:d4:be:99:d9:c5:17:73:
64:6f:a6:d6:d1:d9:1d:f4:0e:ad:8d:d2:4c:0a:d9:
fa:2b:91:62:52:1b:22:9c:23:eb:2f:99:a6:12:95:
ce:2f:20:25:46:4e:92:bb:05:83:7d:ed:5f:da:6b:
7c:3c:57:c6:08:41:f4:24:47:7a:28:6c:56:bb:01:
5d:ef:f1:1b:da:8e:24:ee:16:fd:ff:b3:93:6d:bf:
05:ae:92:a3:5e:7e:85:11:57:7c:a6:80:36:3b:ff:
a1:85:d3:7b:6d:e8:a1:67:7e:9c:14:17:b3:0f:0a:
84:3f:b7:d8:fd:86:4f:44:f5:22:11:9c:24:77:23:
ef:f7:3a:58:23:a4:2b:e5:a4:03:a1:8b:e8:37:91:
9c:d8:7c:e6:aa:2f:67:da:99:e8:d7:47:53:ea:cf:
4b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:35:6B:42:BE:49:C9:D0:D5:19:09:0C:06:7E:A1:EC:BF:92:31:23
X509v3 Authority Key Identifier:
keyid:A6:97:00:E7:8D:0C:81:2A:D2:E2:C1:14:C8:2C:65:5A:0A:CD:44:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/ppcA540MgSrS4sEUyCxlWgrNRH8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ppcA540MgSrS4sEUyCxlWgrNRH8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/38564246ABFB11EFAC5AA210C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.137.168.0/22
103.138.247.0/24
103.189.255.0/24
103.243.92.0/22
123.108.72.0/23
IPv6:
2407:2440:1::-2407:2440:19:ffff:ffff:ffff:ffff:ffff
2407:2440:1e::-2407:2440:20:ffff:ffff:ffff:ffff:ffff
2407:2440:22::/47
2407:2440:25::/48
2407:2440:28::/48
2407:2440:2a::-2407:2440:2d:ffff:ffff:ffff:ffff:ffff
2407:2440:a001::-2407:2440:a003:ffff:ffff:ffff:ffff:ffff
2407:2440:b001::-2407:2440:b002:ffff:ffff:ffff:ffff:ffff
2407:2440:e001::-2407:2440:e004:ffff:ffff:ffff:ffff:ffff
2407:2440:e008::/48
2407:2440:f001::/48
Signature Algorithm: sha256WithRSAEncryption
3d:5c:c5:a7:ad:f6:c4:47:e8:aa:f4:64:8e:4d:87:c8:a1:bd:
ed:59:96:2f:70:66:e7:f3:76:de:a0:19:7f:62:c8:02:d6:1d:
1c:71:f1:34:ff:eb:60:04:25:ae:fb:38:c9:d1:30:f3:c9:7b:
39:19:e0:61:3b:ab:90:4d:20:6b:00:19:4e:ab:98:7d:c5:79:
ea:69:9d:c0:4c:1d:41:5d:6a:43:f7:73:e3:4a:58:c7:f8:e8:
e9:75:9a:da:25:a2:9b:35:c5:6d:b2:e3:6b:8a:e7:84:db:6b:
42:98:00:31:73:2a:ed:7d:08:de:3e:c2:da:b3:e8:e7:89:91:
0c:be:8e:b9:2d:23:20:e7:2a:d1:46:a6:98:28:8e:7f:24:87:
63:75:63:24:d5:04:e3:09:13:e8:5c:8d:c3:3e:bc:ac:eb:b2:
a3:9d:cd:08:fe:e5:8d:03:98:39:a5:d8:91:23:7a:78:10:5b:
19:03:18:9e:43:ec:5e:56:7d:5a:b9:b0:ee:f9:19:24:4e:24:
66:0f:48:fb:9d:80:20:bd:b9:ad:d4:46:02:f5:61:d7:b6:2e:
b7:5c:9e:ed:7f:39:e2:cd:db:95:8a:b6:15:6e:49:3c:82:f9:
36:b5:bc:8c:d8:de:98:44:f7:1f:58:b2:42:68:6e:a5:1c:62:
1b:ab:cf:01
-----BEGIN CERTIFICATE-----
MIIGOzCCBSOgAwIBAgICAskwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUIyQjgxMTAvBgNVBAUTKEE2OTcwMEU3OEQwQzgxMkFEMkUyQzExNEM4MkM2NTVB
MEFDRDQ0N0YwHhcNMjUwNjI2MTAzMzE5WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODVkMjFlZi0zMDAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtALdWJHxhNW5RWEFvREn+n7q+QJcjd2nLWcIKc2ZzfQaaq0zp/43ipawGK+X
mb1Y08jN4aVy7xTRKxNPrVeFi/iqp2lg0Aks9HxiPa1ZEB9fj7MnYA2UcyqDrY6L
RuY0bdS+mdnFF3Nkb6bW0dkd9A6tjdJMCtn6K5FiUhsinCPrL5mmEpXOLyAlRk6S
uwWDfe1f2mt8PFfGCEH0JEd6KGxWuwFd7/Eb2o4k7hb9/7OTbb8FrpKjXn6FEVd8
poA2O/+hhdN7beihZ36cFBezDwqEP7fY/YZPRPUiEZwkdyPv9zpYI6Qr5aQDoYvo
N5Gc2Hzmqi9n2pno10dT6s9LpQIDAQABo4IDXzCCA1swHQYDVR0OBBYEFAU1a0K+
ScnQ1RkJDAZ+oey/kjEjMB8GA1UdIwQYMBaAFKaXAOeNDIEq0uLBFMgsZVoKzUR/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjJCOC8zRjQ0Q0JBRTJG
NEQxMUVEOEY1QTZBNjRDNEY5QUUwMi9wcGNBNTQwTWdTclM0c0VVeUN4bFdnck5S
SDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BwY0E1NDBNZ1NyUzRzRVV5Q3hsV2dyTlJIOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUIyQjgvM0Y0NENCQUUyRjREMTFFRDhGNUE2QTY0QzRGOUFFMDIvMzg1NjQyNDZB
QkZCMTFFRkFDNUFBMjEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgegGCCsGAQUFBwEHAQH/
BIHYMIHVMCQEAgABMB4DBAJniagDBABnivcDBABnvf8DBAJn81wDBAF7bEgwgawE
AgACMIGlMBIDBwAkByRAAAEDBwEkByRAABgwEgMHASQHJEAAHgMHACQHJEAAIAMH
ASQHJEAAIgMHACQHJEAAJQMHACQHJEAAKDASAwcBJAckQAAqAwcBJAckQAAsMBID
BwAkByRAoAEDBwIkByRAoAAwEgMHACQHJECwAQMHACQHJECwAjASAwcAJAckQOAB
AwcAJAckQOAEAwcAJAckQOAIAwcAJAckQPABMA0GCSqGSIb3DQEBCwUAA4IBAQA9
XMWnrfbER+iq9GSOTYfIob3tWZYvcGbn83beoBl/YsgC1h0ccfE0/+tgBCWu+zjJ
0TDzyXs5GeBhO6uQTSBrABlOq5h9xXnqaZ3ATB1BXWpD93PjSljH+OjpdZraJaKb
NcVtsuNriueE22tCmAAxcyrtfQjePsLas+jniZEMvo65LSMg5yrRRqaYKI5/JIdj
dWMk1QTjCRPoXI3DPrys67Kjnc0I/uWNA5g5pdiRI3p4EFsZAxieQ+xeVn1aubDu
+RkkTiRmD0j7nYAgvbmt1EYC9WHXti63XJ7tfznizduVirYVbkk8gvk2tbyM2N6Y
RPcfWLJCaG6lHGIbq88B
-----END CERTIFICATE-----
Generated at Tue Jul 1 02:14:07 2025 by rpki-client