Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/E02160F2792611F0BA686F55C4F9AE02.roa
File: E02160F2792611F0BA686F55C4F9AE02.roa (raw, json)
Hash identifier: fRp0JkpXb4hKUdkhBU2cMVsufNCggHj+Hk/4uOQHIYg=
Subject key identifier: 9A:AD:BB:43:BD:41:F5:0E:FA:F7:56:F8:B5:37:C1:5A:DF:1D:B6:B3
Certificate issuer: /CN=A911D75C/serialNumber=1A1A40AD93A4A4307ED7264D47D252CAF62DEFFD
Certificate serial: 0D01
Authority key identifier: 1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/E02160F2792611F0BA686F55C4F9AE02.roa
Signing time: Thu 14 Aug 2025 15:53:53 +0000
ROA not before: Thu 14 Aug 2025 15:53:53 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 134371
IP address blocks: 103.62.140.0/22 maxlen: 24
202.136.88.0/22 maxlen: 24
2400:3dc0::/32 maxlen: 32
2400:3dc0::/36 maxlen: 36
2400:3dc0::/44 maxlen: 48
2400:3dc0:10::/44 maxlen: 48
2400:3dc0:2e::/48 maxlen: 48
2400:3dc0:2f::/48 maxlen: 48
2400:3dc0:3e::/48 maxlen: 48
2400:3dc0:3f::/48 maxlen: 48
2400:3dc0:40::/44 maxlen: 47
2400:3dc0:40::/48 maxlen: 48
2400:3dc0:43::/48 maxlen: 48
2400:3dc0:45::/48 maxlen: 48
2400:3dc0:46::/48 maxlen: 48
2400:3dc0:49::/48 maxlen: 48
2400:3dc0:4a::/47 maxlen: 48
2400:3dc0:4c::/48 maxlen: 48
2400:3dc0:50::/44 maxlen: 47
2400:3dc0:52::/48 maxlen: 48
2400:3dc0:56::/47 maxlen: 48
2400:3dc0:58::/48 maxlen: 48
2400:3dc0:5a::/47 maxlen: 48
2400:3dc0:5e::/48 maxlen: 48
2400:3dc0:60::/44 maxlen: 47
2400:3dc0:60::/47 maxlen: 48
2400:3dc0:62::/48 maxlen: 48
2400:3dc0:64::/48 maxlen: 48
2400:3dc0:68::/47 maxlen: 48
2400:3dc0:6a::/48 maxlen: 48
2400:3dc0:6c::/48 maxlen: 48
2400:3dc0:6e::/47 maxlen: 48
2400:3dc0:89::/48 maxlen: 48
2400:3dc0:100::/48 maxlen: 48
2400:3dc0:101::/48 maxlen: 48
2400:3dc0:140::/48 maxlen: 48
2400:3dc0:200::/48 maxlen: 48
2400:3dc0:201::/48 maxlen: 48
2400:3dc0:300::/48 maxlen: 48
2400:3dc0:400::/48 maxlen: 48
2400:3dc0:500::/48 maxlen: 48
2400:3dc0:600::/48 maxlen: 48
2400:3dc0:700::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.crl
rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 18:32:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3329 (0xd01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D75C, serialNumber=1A1A40AD93A4A4307ED7264D47D252CAF62DEFFD
Validity
Not Before: Aug 14 15:53:53 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=689e0690-d2c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d9:78:a0:ed:4b:a5:af:79:25:38:a7:a5:ac:
dc:8f:ee:17:17:bf:8d:a7:7a:48:3e:5c:1f:6e:0b:
39:50:26:9d:fc:40:16:92:b9:af:da:db:10:3c:11:
aa:56:f8:26:37:ee:2c:91:e6:13:ac:6c:21:48:9d:
a0:3f:0d:6c:72:b6:0a:25:bb:66:1b:2c:8a:df:b2:
3d:78:7e:b6:ff:3e:b8:b1:55:b6:bc:9f:ac:0f:1a:
37:32:77:de:b5:c8:1a:be:a7:ed:82:1c:14:42:a5:
b8:96:82:49:3a:dd:4c:e9:45:b2:68:ad:9c:70:27:
fb:29:3f:99:85:5c:36:3b:c7:d9:a3:9b:dd:26:03:
74:fb:df:d2:5e:34:f0:27:42:4c:77:0b:e4:45:ea:
3d:87:b9:26:83:20:18:9c:a7:35:31:5c:c2:59:0d:
18:ec:11:85:42:ef:29:00:cd:77:53:48:bf:10:ba:
5e:f4:09:9f:80:38:af:fe:bf:9a:bc:62:52:41:73:
81:b7:38:7d:c6:97:49:f8:76:7f:bb:69:7f:b9:00:
2a:9f:f9:76:a6:c2:f7:e6:06:5d:c8:c5:97:03:32:
98:ca:91:58:ce:3a:fb:5f:47:8d:f2:9c:42:dd:ea:
f5:7f:d1:a5:54:95:b0:30:1b:cd:3d:e3:ad:a1:66:
a8:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:AD:BB:43:BD:41:F5:0E:FA:F7:56:F8:B5:37:C1:5A:DF:1D:B6:B3
X509v3 Authority Key Identifier:
keyid:1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/E02160F2792611F0BA686F55C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.62.140.0/22
202.136.88.0/22
IPv6:
2400:3dc0::/32
Signature Algorithm: sha256WithRSAEncryption
8c:99:d6:07:8a:5d:0a:26:28:88:d2:33:4e:59:aa:56:8f:17:
7b:b2:d7:ad:22:cb:df:39:fb:51:91:2e:13:ef:c5:a2:d1:0a:
ad:77:4e:e4:1b:25:c2:ff:df:e2:29:2c:23:c6:1f:cc:8c:f6:
16:d9:e7:1b:9b:ab:de:5e:27:2b:97:ba:c6:6f:21:a6:12:e8:
01:8f:c7:bf:a5:06:d8:b1:22:60:9a:21:d7:01:5a:34:e8:e6:
05:d6:15:34:c9:ec:6e:bd:21:0d:94:33:7d:38:ad:bf:27:0d:
98:47:cf:e6:61:3f:14:5e:d1:15:bb:fc:96:01:4a:b2:56:c2:
6a:4b:4c:96:4f:0c:ce:68:bb:02:f3:d8:66:f3:d9:ba:d8:ab:
73:62:54:25:0e:14:46:dc:15:11:80:4d:43:53:ae:43:ec:40:
39:96:96:44:09:22:23:e3:a6:57:b7:48:5f:10:84:13:52:64:
e7:9a:ac:e3:4e:60:a2:15:7a:c6:7a:92:8c:42:82:85:71:da:
53:cf:33:f4:42:73:d3:df:8e:e2:e4:9f:86:55:2e:c7:c4:c3:
f7:f5:0e:53:1d:7b:9c:d6:55:cb:9d:91:57:15:72:cd:20:6d:
ca:d5:9c:f6:7a:bd:2b:c7:88:b4:27:10:08:dc:5f:48:1b:e6:
cb:51:ac:da
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDQEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQ3NUMxMTAvBgNVBAUTKDFBMUE0MEFEOTNBNEE0MzA3RUQ3MjY0RDQ3RDI1MkNB
RjYyREVGRkQwHhcNMjUwODE0MTU1MzUzWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODllMDY5MC1kMmMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAztl4oO1Lpa95JTinpazcj+4XF7+Np3pIPlwfbgs5UCad/EAWkrmv2tsQPBGq
VvgmN+4skeYTrGwhSJ2gPw1scrYKJbtmGyyK37I9eH62/z64sVW2vJ+sDxo3Mnfe
tcgavqftghwUQqW4loJJOt1M6UWyaK2ccCf7KT+ZhVw2O8fZo5vdJgN0+9/SXjTw
J0JMdwvkReo9h7kmgyAYnKc1MVzCWQ0Y7BGFQu8pAM13U0i/ELpe9AmfgDiv/r+a
vGJSQXOBtzh9xpdJ+HZ/u2l/uQAqn/l2psL35gZdyMWXAzKYypFYzjr7X0eN8pxC
3er1f9GlVJWwMBvNPeOtoWaoUwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFJqtu0O9
QfUO+vdW+LU3wVrfHbazMB8GA1UdIwQYMBaAFBoaQK2TpKQwftcmTUfSUsr2Le/9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDc1Qy8yQkM1RkQ0MDA2
QzAxMUVBQkM0M0I3MDlDNEY5QUUwMi9HaHBBclpPa3BEQi0xeVpOUjlKU3l2WXQ3
XzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0docEFyWk9rcERCLTF5Wk5SOUpTeXZZdDdfMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQ3NUMvMkJDNUZENDAwNkMwMTFFQUJDNDNCNzA5QzRGOUFFMDIvRTAyMTYwRjI3
OTI2MTFGMEJBNjg2RjU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnPowDBALKiFgwDQQCAAIwBwMFACQAPcAwDQYJKoZIhvcN
AQELBQADggEBAIyZ1geKXQomKIjSM05ZqlaPF3uy160iy985+1GRLhPvxaLRCq13
TuQbJcL/3+IpLCPGH8yM9hbZ5xubq95eJyuXusZvIaYS6AGPx7+lBtixImCaIdcB
WjTo5gXWFTTJ7G69IQ2UM304rb8nDZhHz+ZhPxRe0RW7/JYBSrJWwmpLTJZPDM5o
uwLz2Gbz2brYq3NiVCUOFEbcFRGATUNTrkPsQDmWlkQJIiPjple3SF8QhBNSZOea
rONOYKIVesZ6koxCgoVx2lPPM/RCc9PfjuLkn4ZVLsfEw/f1DlMde5zWVcudkVcV
cs0gbcrVnPZ6vSvHiLQnEAjcX0gb5stRrNo=
-----END CERTIFICATE-----
Generated at Sun Aug 24 03:09:52 2025 by rpki-client