Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/38564246ABFB11EFAC5AA210C4F9AE02.roa
File: 38564246ABFB11EFAC5AA210C4F9AE02.roa (raw, json)
Hash identifier: 7rZfViKS+ZS1AUV/te0G1cRy/MUZLaIjn7SCs+kRiH8=
Subject key identifier: 79:DA:AF:42:D7:DA:44:E8:23:E9:6A:17:55:F2:1B:FC:BF:8C:01:A9
Certificate issuer: /CN=A91EB2B8/serialNumber=A69700E78D0C812AD2E2C114C82C655A0ACD447F
Certificate serial: 02A7
Authority key identifier: A6:97:00:E7:8D:0C:81:2A:D2:E2:C1:14:C8:2C:65:5A:0A:CD:44:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ppcA540MgSrS4sEUyCxlWgrNRH8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/38564246ABFB11EFAC5AA210C4F9AE02.roa
Signing time: Sat 31 May 2025 11:50:09 +0000
ROA not before: Sat 31 May 2025 11:50:09 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 139057
IP address blocks: 103.137.168.0/24 maxlen: 24
103.138.247.0/24 maxlen: 24
103.189.255.0/24 maxlen: 24
103.243.92.0/24 maxlen: 24
103.243.93.0/24 maxlen: 24
103.243.94.0/24 maxlen: 24
103.243.95.0/24 maxlen: 24
123.108.72.0/24 maxlen: 24
123.108.73.0/24 maxlen: 24
2407:2440:1::/48 maxlen: 48
2407:2440:2::/48 maxlen: 48
2407:2440:3::/48 maxlen: 48
2407:2440:4::/48 maxlen: 48
2407:2440:5::/48 maxlen: 48
2407:2440:6::/48 maxlen: 48
2407:2440:7::/48 maxlen: 48
2407:2440:8::/48 maxlen: 48
2407:2440:9::/48 maxlen: 48
2407:2440:a::/48 maxlen: 48
2407:2440:b::/48 maxlen: 48
2407:2440:c::/48 maxlen: 48
2407:2440:d::/48 maxlen: 48
2407:2440:e::/48 maxlen: 48
2407:2440:f::/48 maxlen: 48
2407:2440:10::/48 maxlen: 48
2407:2440:11::/48 maxlen: 48
2407:2440:12::/48 maxlen: 48
2407:2440:13::/48 maxlen: 48
2407:2440:14::/48 maxlen: 48
2407:2440:15::/48 maxlen: 48
2407:2440:16::/48 maxlen: 48
2407:2440:17::/48 maxlen: 48
2407:2440:18::/48 maxlen: 48
2407:2440:19::/48 maxlen: 48
2407:2440:1e::/48 maxlen: 48
2407:2440:1f::/48 maxlen: 48
2407:2440:20::/48 maxlen: 48
2407:2440:22::/48 maxlen: 48
2407:2440:23::/48 maxlen: 48
2407:2440:25::/48 maxlen: 48
2407:2440:28::/48 maxlen: 48
2407:2440:2a::/48 maxlen: 48
2407:2440:2b::/48 maxlen: 48
2407:2440:2c::/48 maxlen: 48
2407:2440:2d::/48 maxlen: 48
2407:2440:a001::/48 maxlen: 48
2407:2440:a002::/48 maxlen: 48
2407:2440:a003::/48 maxlen: 48
2407:2440:b001::/48 maxlen: 48
2407:2440:b002::/48 maxlen: 48
2407:2440:e001::/48 maxlen: 48
2407:2440:e002::/48 maxlen: 48
2407:2440:e003::/48 maxlen: 48
2407:2440:e004::/48 maxlen: 48
2407:2440:f001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/ppcA540MgSrS4sEUyCxlWgrNRH8.crl
rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/ppcA540MgSrS4sEUyCxlWgrNRH8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ppcA540MgSrS4sEUyCxlWgrNRH8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 10 Jun 2025 02:12:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 679 (0x2a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EB2B8, serialNumber=A69700E78D0C812AD2E2C114C82C655A0ACD447F
Validity
Not Before: May 31 11:50:09 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=683aecf0-c616
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:cc:0d:ad:d5:1f:a1:16:6c:af:cf:9c:fc:e3:
3d:d8:85:b0:f7:1e:0d:5a:11:f0:26:ec:54:a4:3d:
7c:92:67:16:63:fb:96:55:71:d1:11:e8:1d:86:19:
06:b2:88:c1:30:b0:ea:82:7a:ef:5f:b1:ec:b0:ab:
83:e3:77:5d:1c:4d:ed:7e:a7:02:ee:2e:a6:1f:60:
53:3d:3a:5b:a6:f9:be:3b:dc:2a:49:3c:1d:03:f3:
71:db:db:dd:2b:be:f4:ad:01:98:da:e8:89:4c:d1:
2f:91:91:e1:c4:25:e7:fc:c1:0e:92:83:c5:fc:1a:
65:ab:21:9b:f8:6d:68:20:5a:e8:65:d7:34:a4:48:
6e:85:af:8c:a6:6e:ab:f9:ed:f0:c8:4a:78:de:16:
13:20:20:60:96:9f:a9:be:82:85:62:a2:4a:3c:ad:
c2:54:d3:e4:10:53:9e:79:1b:44:fb:7b:e8:eb:97:
a9:45:91:2b:d7:f4:3e:b2:7c:64:85:df:10:47:3c:
84:d1:17:ec:42:35:a9:af:ef:15:69:f0:5e:95:56:
5c:f6:cd:ae:ad:a6:d5:51:3d:14:11:be:d3:99:1a:
74:67:5a:9f:3d:23:c2:e2:e7:e1:e9:7d:b1:af:11:
b9:b7:ef:95:19:44:29:a5:5c:f1:5f:16:b7:42:64:
80:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:DA:AF:42:D7:DA:44:E8:23:E9:6A:17:55:F2:1B:FC:BF:8C:01:A9
X509v3 Authority Key Identifier:
keyid:A6:97:00:E7:8D:0C:81:2A:D2:E2:C1:14:C8:2C:65:5A:0A:CD:44:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/ppcA540MgSrS4sEUyCxlWgrNRH8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ppcA540MgSrS4sEUyCxlWgrNRH8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/38564246ABFB11EFAC5AA210C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.137.168.0/24
103.138.247.0/24
103.189.255.0/24
103.243.92.0/22
123.108.72.0/23
IPv6:
2407:2440:1::-2407:2440:19:ffff:ffff:ffff:ffff:ffff
2407:2440:1e::-2407:2440:20:ffff:ffff:ffff:ffff:ffff
2407:2440:22::/47
2407:2440:25::/48
2407:2440:28::/48
2407:2440:2a::-2407:2440:2d:ffff:ffff:ffff:ffff:ffff
2407:2440:a001::-2407:2440:a003:ffff:ffff:ffff:ffff:ffff
2407:2440:b001::-2407:2440:b002:ffff:ffff:ffff:ffff:ffff
2407:2440:e001::-2407:2440:e004:ffff:ffff:ffff:ffff:ffff
2407:2440:f001::/48
Signature Algorithm: sha256WithRSAEncryption
a9:67:eb:d8:16:c6:92:18:6f:10:62:81:65:64:05:3a:1c:cb:
d5:21:e5:a3:a4:99:4d:d7:e6:68:49:fa:74:0d:ca:9e:96:41:
82:05:0d:cf:67:63:f8:d7:50:39:9e:83:c9:71:88:5e:66:3c:
26:8c:fe:7d:a0:f7:19:65:6c:14:92:89:0a:90:9a:6d:66:d0:
d1:f4:15:c5:58:68:78:96:f5:f8:7e:7d:56:2d:cc:25:97:71:
b0:81:5c:93:8d:a5:85:6e:d3:dd:66:a4:a3:49:e1:7b:d5:9d:
e2:3d:b3:74:38:f5:94:2d:27:12:c8:c0:59:2d:14:c7:74:7f:
ef:40:9c:4c:93:7b:bc:96:6d:2f:c5:17:a6:a8:45:ae:db:a9:
45:71:f1:bd:01:02:b2:b9:2b:8b:a5:e1:73:bf:a8:93:0e:a4:
23:02:72:98:6f:45:5f:28:45:fc:8f:54:17:34:99:79:cc:94:
40:42:9f:64:66:5c:df:31:bb:87:2b:31:79:5f:fb:05:3a:73:
4e:e7:f7:87:35:c4:f2:af:30:ae:7c:d8:c9:3c:87:ca:ac:1a:
30:be:74:cc:3e:37:9a:3d:0a:a9:29:a0:0c:f2:c9:70:b8:71:
ec:15:25:12:4c:7e:0a:7a:0b:76:25:43:43:2c:f6:28:68:d8:
f5:00:a8:85
-----BEGIN CERTIFICATE-----
MIIGMjCCBRqgAwIBAgICAqcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUIyQjgxMTAvBgNVBAUTKEE2OTcwMEU3OEQwQzgxMkFEMkUyQzExNEM4MkM2NTVB
MEFDRDQ0N0YwHhcNMjUwNTMxMTE1MDA5WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODNhZWNmMC1jNjE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4swNrdUfoRZsr8+c/OM92IWw9x4NWhHwJuxUpD18kmcWY/uWVXHREegdhhkG
sojBMLDqgnrvX7HssKuD43ddHE3tfqcC7i6mH2BTPTpbpvm+O9wqSTwdA/Nx29vd
K770rQGY2uiJTNEvkZHhxCXn/MEOkoPF/BplqyGb+G1oIFroZdc0pEhuha+Mpm6r
+e3wyEp43hYTICBglp+pvoKFYqJKPK3CVNPkEFOeeRtE+3vo65epRZEr1/Q+snxk
hd8QRzyE0RfsQjWpr+8VafBelVZc9s2urabVUT0UEb7TmRp0Z1qfPSPC4ufh6X2x
rxG5t++VGUQppVzxXxa3QmSAtwIDAQABo4IDVjCCA1IwHQYDVR0OBBYEFHnar0LX
2kToI+lqF1XyG/y/jAGpMB8GA1UdIwQYMBaAFKaXAOeNDIEq0uLBFMgsZVoKzUR/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjJCOC8zRjQ0Q0JBRTJG
NEQxMUVEOEY1QTZBNjRDNEY5QUUwMi9wcGNBNTQwTWdTclM0c0VVeUN4bFdnck5S
SDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BwY0E1NDBNZ1NyUzRzRVV5Q3hsV2dyTlJIOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUIyQjgvM0Y0NENCQUUyRjREMTFFRDhGNUE2QTY0QzRGOUFFMDIvMzg1NjQyNDZB
QkZCMTFFRkFDNUFBMjEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgd8GCCsGAQUFBwEHAQH/
BIHPMIHMMCQEAgABMB4DBABniagDBABnivcDBABnvf8DBAJn81wDBAF7bEgwgaME
AgACMIGcMBIDBwAkByRAAAEDBwEkByRAABgwEgMHASQHJEAAHgMHACQHJEAAIAMH
ASQHJEAAIgMHACQHJEAAJQMHACQHJEAAKDASAwcBJAckQAAqAwcBJAckQAAsMBID
BwAkByRAoAEDBwIkByRAoAAwEgMHACQHJECwAQMHACQHJECwAjASAwcAJAckQOAB
AwcAJAckQOAEAwcAJAckQPABMA0GCSqGSIb3DQEBCwUAA4IBAQCpZ+vYFsaSGG8Q
YoFlZAU6HMvVIeWjpJlN1+ZoSfp0DcqelkGCBQ3PZ2P411A5noPJcYheZjwmjP59
oPcZZWwUkokKkJptZtDR9BXFWGh4lvX4fn1WLcwll3GwgVyTjaWFbtPdZqSjSeF7
1Z3iPbN0OPWULScSyMBZLRTHdH/vQJxMk3u8lm0vxRemqEWu26lFcfG9AQKyuSuL
peFzv6iTDqQjAnKYb0VfKEX8j1QXNJl5zJRAQp9kZlzfMbuHKzF5X/sFOnNO5/eH
NcTyrzCufNjJPIfKrBowvnTMPjeaPQqpKaAM8slwuHHsFSUSTH4Kegt2JUNDLPYo
aNj1AKiF
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:44:18 2025 by rpki-client