Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9130F9C/29CB020EFA0B11E9978B0A32C4F9AE02/41CBB5B87F7611ECAD50FA4EC4F9AE02.roa
File: 41CBB5B87F7611ECAD50FA4EC4F9AE02.roa (raw, json)
Hash identifier: MNOygbTot5myB8zLL0b0K9rlqzZgH3f6swb91fFZk2k=
Subject key identifier: EF:F2:81:72:1B:19:A3:FC:DB:42:C6:99:74:E8:9B:4C:D4:3D:17:4E
Certificate issuer: /CN=A9130F9C/serialNumber=138CD10A4778DE0E35911E9C9C944F4B21C4DB09
Certificate serial: 0CE0
Authority key identifier: 13:8C:D1:0A:47:78:DE:0E:35:91:1E:9C:9C:94:4F:4B:21:C4:DB:09
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E4zRCkd43g41kR6cnJRPSyHE2wk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9130F9C/29CB020EFA0B11E9978B0A32C4F9AE02/41CBB5B87F7611ECAD50FA4EC4F9AE02.roa
Signing time: Wed 17 Sep 2025 07:50:57 +0000
ROA not before: Wed 17 Sep 2025 07:50:57 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 134146
IP address blocks: 103.55.144.0/22 maxlen: 24
103.206.231.0/24 maxlen: 24
202.83.124.0/24 maxlen: 24
202.83.126.0/23 maxlen: 23
202.83.126.0/24 maxlen: 24
202.83.127.0/24 maxlen: 24
2400:4fc0::/32 maxlen: 32
2400:4fc0:1::/48 maxlen: 48
2400:4fc0:2::/48 maxlen: 48
2400:4fc0:3::/48 maxlen: 48
2400:4fc0:4::/48 maxlen: 48
2400:4fc0:5::/48 maxlen: 48
2400:4fc0:6::/48 maxlen: 48
2400:4fc0:7::/48 maxlen: 48
2400:4fc0:8::/48 maxlen: 48
2400:4fc0:9::/48 maxlen: 48
2400:4fc0:a::/48 maxlen: 48
2400:4fc0:b::/48 maxlen: 48
2400:4fc0:c::/48 maxlen: 48
2400:4fc0:d::/48 maxlen: 48
2400:4fc0:e::/48 maxlen: 48
2400:4fc0:f::/48 maxlen: 48
2400:4fc0:10::/48 maxlen: 48
2400:4fc0:11::/48 maxlen: 48
2400:4fc0:12::/48 maxlen: 48
2400:4fc0:13::/48 maxlen: 48
2400:4fc0:14::/48 maxlen: 48
2400:4fc0:15::/48 maxlen: 48
2400:4fc0:16::/48 maxlen: 48
2400:4fc0:17::/48 maxlen: 48
2400:4fc0:18::/48 maxlen: 48
2400:4fc0:19::/48 maxlen: 48
2400:4fc0:1a::/48 maxlen: 48
2400:4fc0:1b::/48 maxlen: 48
2400:4fc0:1c::/48 maxlen: 48
2400:4fc0:1d::/48 maxlen: 48
2400:4fc0:1e::/48 maxlen: 48
2400:4fc0:1f::/48 maxlen: 48
2400:4fc0:20::/48 maxlen: 48
2400:4fc0:21::/48 maxlen: 48
2400:4fc0:22::/48 maxlen: 48
2400:4fc0:23::/48 maxlen: 48
2400:4fc0:24::/48 maxlen: 48
2400:4fc0:25::/48 maxlen: 48
2400:4fc0:26::/48 maxlen: 48
2400:4fc0:27::/48 maxlen: 48
2400:4fc0:28::/48 maxlen: 48
2400:4fc0:29::/48 maxlen: 48
2400:4fc0:2a::/48 maxlen: 48
2400:4fc0:2b::/48 maxlen: 48
2400:4fc0:2c::/48 maxlen: 48
2400:4fc0:2d::/48 maxlen: 48
2400:4fc0:2e::/48 maxlen: 48
2400:4fc0:2f::/48 maxlen: 48
2400:4fc0:30::/48 maxlen: 48
2400:4fc0:31::/48 maxlen: 48
2400:4fc0:32::/48 maxlen: 48
2400:4fc0:33::/48 maxlen: 48
2400:4fc0:34::/48 maxlen: 48
2400:4fc0:35::/48 maxlen: 48
2400:4fc0:36::/48 maxlen: 48
2400:4fc0:37::/48 maxlen: 48
2400:4fc0:38::/48 maxlen: 48
2400:4fc0:39::/48 maxlen: 48
2400:4fc0:3a::/48 maxlen: 48
2400:4fc0:3b::/48 maxlen: 48
2400:4fc0:3c::/48 maxlen: 48
2400:4fc0:3d::/48 maxlen: 48
2400:4fc0:3e::/48 maxlen: 48
2400:4fc0:3f::/48 maxlen: 48
2400:4fc0:40::/48 maxlen: 48
2400:4fc0:41::/48 maxlen: 48
2400:4fc0:42::/48 maxlen: 48
2400:4fc0:43::/48 maxlen: 48
2400:4fc0:44::/48 maxlen: 48
2400:4fc0:45::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9130F9C/29CB020EFA0B11E9978B0A32C4F9AE02/E4zRCkd43g41kR6cnJRPSyHE2wk.crl
rsync://rpki.apnic.net/member_repository/A9130F9C/29CB020EFA0B11E9978B0A32C4F9AE02/E4zRCkd43g41kR6cnJRPSyHE2wk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E4zRCkd43g41kR6cnJRPSyHE2wk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 18:52:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3296 (0xce0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9130F9C, serialNumber=138CD10A4778DE0E35911E9C9C944F4B21C4DB09
Validity
Not Before: Sep 17 07:50:57 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=68ca6861-c5b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:38:e5:59:b5:9b:48:23:69:3f:0d:f8:10:6a:
72:33:e1:0b:c8:c7:fa:5e:76:36:be:fc:a2:c1:62:
7a:18:23:fa:b7:09:85:68:31:2b:66:2e:e0:d4:a4:
3e:4a:e1:1d:9e:4d:ae:e8:ff:39:05:f6:85:91:34:
af:12:09:85:0b:cc:40:8c:8b:86:29:ea:69:0c:62:
b2:98:cd:c5:88:bd:a4:1c:79:ec:5f:e0:ca:82:2f:
73:18:8b:e8:8a:74:d2:2e:ac:43:15:b9:13:d0:6c:
6f:69:be:88:44:59:de:63:41:de:3d:fc:bf:69:68:
a2:c1:9c:20:9d:f0:99:86:d9:23:8c:01:b3:f6:5a:
63:ed:59:da:c3:24:ae:53:73:bc:e6:30:d7:ee:d4:
cc:13:f8:ab:46:de:51:69:83:e3:ae:92:db:89:71:
fa:83:fe:16:33:83:2d:9e:31:92:8d:80:94:5a:4c:
77:0d:74:a2:fd:3b:e8:1a:67:26:20:2f:c4:e5:01:
6d:bf:a6:5e:e6:c3:08:b6:12:ad:5e:fb:d0:26:bb:
ea:c6:b7:22:d3:cf:01:05:21:3a:1b:aa:4f:d4:38:
16:ae:df:09:e7:fc:09:2c:0c:eb:da:62:40:06:00:
43:5c:cf:1a:d7:0f:ce:8c:17:67:44:0b:ff:1b:ec:
2d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:F2:81:72:1B:19:A3:FC:DB:42:C6:99:74:E8:9B:4C:D4:3D:17:4E
X509v3 Authority Key Identifier:
keyid:13:8C:D1:0A:47:78:DE:0E:35:91:1E:9C:9C:94:4F:4B:21:C4:DB:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9130F9C/29CB020EFA0B11E9978B0A32C4F9AE02/E4zRCkd43g41kR6cnJRPSyHE2wk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E4zRCkd43g41kR6cnJRPSyHE2wk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9130F9C/29CB020EFA0B11E9978B0A32C4F9AE02/41CBB5B87F7611ECAD50FA4EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.55.144.0/22
103.206.231.0/24
202.83.124.0/24
202.83.126.0/23
IPv6:
2400:4fc0::/32
Signature Algorithm: sha256WithRSAEncryption
b6:c7:a4:5a:e6:0a:26:19:39:4e:21:30:c4:75:f3:50:c9:f4:
3f:61:73:75:21:c7:96:31:dc:4c:85:de:4d:24:0f:71:f5:e1:
dc:63:e3:65:12:d7:25:91:95:fb:dd:96:9f:dc:f4:9b:0b:f0:
8b:2b:6f:93:86:1d:bd:68:cc:c9:dc:2f:f3:89:06:05:36:d8:
1f:9b:90:29:02:49:6d:b9:f3:d3:36:13:c9:aa:d1:30:8f:d2:
7c:bb:d5:a6:2e:d5:20:30:ab:ec:76:4e:3a:bd:3d:3c:c2:d8:
42:60:09:a9:f4:d3:c4:e5:73:80:fe:f6:e1:13:3a:1e:0d:c3:
4e:e8:bb:0d:0b:72:7e:cb:a1:93:3c:52:0b:67:a5:b4:b7:6b:
1d:19:61:1a:ce:ea:51:bc:66:09:eb:3f:78:09:a6:84:c1:37:
e0:58:65:85:8e:7c:bf:79:19:0e:04:40:e9:4a:53:99:30:d7:
7b:f1:f7:64:13:28:c5:d9:7f:02:df:ec:b3:1d:76:32:13:12:
db:dd:43:30:4e:99:03:fc:18:c3:ba:90:6d:35:b1:e1:12:5b:
5a:0b:fd:63:13:52:3e:b3:61:9b:d1:52:ce:3f:1c:9b:6c:62:
33:f6:09:e0:e9:27:24:58:42:8b:70:18:aa:ba:33:88:db:bd:
e8:a0:1b:f1
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICDOAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzBGOUMxMTAvBgNVBAUTKDEzOENEMTBBNDc3OERFMEUzNTkxMUU5QzlDOTQ0RjRC
MjFDNERCMDkwHhcNMjUwOTE3MDc1MDU3WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGNhNjg2MS1jNWI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxjjlWbWbSCNpPw34EGpyM+ELyMf6XnY2vvyiwWJ6GCP6twmFaDErZi7g1KQ+
SuEdnk2u6P85BfaFkTSvEgmFC8xAjIuGKeppDGKymM3FiL2kHHnsX+DKgi9zGIvo
inTSLqxDFbkT0Gxvab6IRFneY0HePfy/aWiiwZwgnfCZhtkjjAGz9lpj7VnawySu
U3O85jDX7tTME/irRt5RaYPjrpLbiXH6g/4WM4MtnjGSjYCUWkx3DXSi/TvoGmcm
IC/E5QFtv6Ze5sMIthKtXvvQJrvqxrci088BBSE6G6pP1DgWrt8J5/wJLAzr2mJA
BgBDXM8a1w/OjBdnRAv/G+wtGwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFO/ygXIb
GaP820LGmXTom0zUPRdOMB8GA1UdIwQYMBaAFBOM0QpHeN4ONZEenJyUT0shxNsJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMEY5Qy8yOUNCMDIwRUZB
MEIxMUU5OTc4QjBBMzJDNEY5QUUwMi9FNHpSQ2tkNDNnNDFrUjZjbkpSUFN5SEUy
d2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0U0elJDa2Q0M2c0MWtSNmNuSlJQU3lIRTJ3ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzBGOUMvMjlDQjAyMEVGQTBCMTFFOTk3OEIwQTMyQzRGOUFFMDIvNDFDQkI1Qjg3
Rjc2MTFFQ0FENTBGQTRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAJnN5ADBABnzucDBADKU3wDBAHKU34wDQQCAAIwBwMFACQA
T8AwDQYJKoZIhvcNAQELBQADggEBALbHpFrmCiYZOU4hMMR181DJ9D9hc3Uhx5Yx
3EyF3k0kD3H14dxj42US1yWRlfvdlp/c9JsL8Isrb5OGHb1ozMncL/OJBgU22B+b
kCkCSW2589M2E8mq0TCP0ny71aYu1SAwq+x2Tjq9PTzC2EJgCan008Tlc4D+9uET
Oh4Nw07ouw0Lcn7LoZM8UgtnpbS3ax0ZYRrO6lG8ZgnrP3gJpoTBN+BYZYWOfL95
GQ4EQOlKU5kw13vx92QTKMXZfwLf7LMddjITEtvdQzBOmQP8GMO6kG01seESW1oL
/WMTUj6zYZvRUs4/HJtsYjP2CeDpJyRYQotwGKq6M4jbveigG/E=
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:25:51 2025 by rpki-client