Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9130F9C/29CB020EFA0B11E9978B0A32C4F9AE02/41CBB5B87F7611ECAD50FA4EC4F9AE02.roa
File: 41CBB5B87F7611ECAD50FA4EC4F9AE02.roa (raw, json)
Hash identifier: kkKkasO600i7l8SPa9lAdAB/Gj/5tXgHGwIFLqEqACQ=
Subject key identifier: 3F:00:D2:1B:5C:17:E3:C4:30:2D:DB:53:D0:5A:A2:E9:AA:0F:E7:84
Certificate issuer: /CN=A9130F9C/serialNumber=138CD10A4778DE0E35911E9C9C944F4B21C4DB09
Certificate serial: 0CCA
Authority key identifier: 13:8C:D1:0A:47:78:DE:0E:35:91:1E:9C:9C:94:4F:4B:21:C4:DB:09
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E4zRCkd43g41kR6cnJRPSyHE2wk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9130F9C/29CB020EFA0B11E9978B0A32C4F9AE02/41CBB5B87F7611ECAD50FA4EC4F9AE02.roa
Signing time: Tue 12 Aug 2025 14:49:45 +0000
ROA not before: Tue 12 Aug 2025 14:49:45 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 134146
IP address blocks: 103.55.144.0/22 maxlen: 24
103.206.231.0/24 maxlen: 24
202.83.124.0/24 maxlen: 24
202.83.126.0/23 maxlen: 23
202.83.126.0/24 maxlen: 24
202.83.127.0/24 maxlen: 24
2400:4fc0::/32 maxlen: 32
2400:4fc0:1::/48 maxlen: 48
2400:4fc0:2::/48 maxlen: 48
2400:4fc0:3::/48 maxlen: 48
2400:4fc0:4::/48 maxlen: 48
2400:4fc0:5::/48 maxlen: 48
2400:4fc0:6::/48 maxlen: 48
2400:4fc0:7::/48 maxlen: 48
2400:4fc0:8::/48 maxlen: 48
2400:4fc0:9::/48 maxlen: 48
2400:4fc0:a::/48 maxlen: 48
2400:4fc0:b::/48 maxlen: 48
2400:4fc0:c::/48 maxlen: 48
2400:4fc0:d::/48 maxlen: 48
2400:4fc0:e::/48 maxlen: 48
2400:4fc0:f::/48 maxlen: 48
2400:4fc0:10::/48 maxlen: 48
2400:4fc0:11::/48 maxlen: 48
2400:4fc0:12::/48 maxlen: 48
2400:4fc0:13::/48 maxlen: 48
2400:4fc0:14::/48 maxlen: 48
2400:4fc0:15::/48 maxlen: 48
2400:4fc0:16::/48 maxlen: 48
2400:4fc0:17::/48 maxlen: 48
2400:4fc0:18::/48 maxlen: 48
2400:4fc0:19::/48 maxlen: 48
2400:4fc0:1a::/48 maxlen: 48
2400:4fc0:1b::/48 maxlen: 48
2400:4fc0:1c::/48 maxlen: 48
2400:4fc0:1d::/48 maxlen: 48
2400:4fc0:1e::/48 maxlen: 48
2400:4fc0:1f::/48 maxlen: 48
2400:4fc0:20::/48 maxlen: 48
2400:4fc0:21::/48 maxlen: 48
2400:4fc0:22::/48 maxlen: 48
2400:4fc0:23::/48 maxlen: 48
2400:4fc0:24::/48 maxlen: 48
2400:4fc0:25::/48 maxlen: 48
2400:4fc0:26::/48 maxlen: 48
2400:4fc0:27::/48 maxlen: 48
2400:4fc0:28::/48 maxlen: 48
2400:4fc0:29::/48 maxlen: 48
2400:4fc0:2a::/48 maxlen: 48
2400:4fc0:2b::/48 maxlen: 48
2400:4fc0:2c::/48 maxlen: 48
2400:4fc0:2d::/48 maxlen: 48
2400:4fc0:2e::/48 maxlen: 48
2400:4fc0:2f::/48 maxlen: 48
2400:4fc0:30::/48 maxlen: 48
2400:4fc0:31::/48 maxlen: 48
2400:4fc0:32::/48 maxlen: 48
2400:4fc0:33::/48 maxlen: 48
2400:4fc0:34::/48 maxlen: 48
2400:4fc0:35::/48 maxlen: 48
2400:4fc0:36::/48 maxlen: 48
2400:4fc0:37::/48 maxlen: 48
2400:4fc0:38::/48 maxlen: 48
2400:4fc0:39::/48 maxlen: 48
2400:4fc0:40::/48 maxlen: 48
2400:4fc0:41::/48 maxlen: 48
2400:4fc0:42::/48 maxlen: 48
2400:4fc0:43::/48 maxlen: 48
2400:4fc0:44::/48 maxlen: 48
2400:4fc0:45::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9130F9C/29CB020EFA0B11E9978B0A32C4F9AE02/E4zRCkd43g41kR6cnJRPSyHE2wk.crl
rsync://rpki.apnic.net/member_repository/A9130F9C/29CB020EFA0B11E9978B0A32C4F9AE02/E4zRCkd43g41kR6cnJRPSyHE2wk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E4zRCkd43g41kR6cnJRPSyHE2wk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 18:19:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3274 (0xcca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9130F9C, serialNumber=138CD10A4778DE0E35911E9C9C944F4B21C4DB09
Validity
Not Before: Aug 12 14:49:45 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=689b5489-f710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8d:fa:85:74:89:57:d2:2d:34:5b:17:cf:21:
1f:69:b9:b5:62:36:8e:71:b7:10:8f:dc:8f:8a:05:
c0:9b:96:9b:a7:e7:03:66:5c:d2:a8:40:e1:e6:1a:
a2:6d:57:eb:9d:db:3c:3d:d2:d0:8e:89:bf:91:c5:
50:ae:71:49:86:ca:13:65:ea:44:8e:62:dd:e4:36:
99:a3:b2:7a:31:ea:b3:c1:28:7d:af:bf:52:e1:c1:
43:81:09:7e:34:4c:fa:75:8d:e1:d1:bc:f0:e6:d4:
12:12:82:18:ad:7a:5f:d5:e8:96:fd:42:a0:76:95:
e3:20:38:ed:85:9f:77:0c:02:4e:09:fa:f4:8e:52:
f9:7a:88:cd:9c:ea:48:82:9b:86:15:da:b5:57:e5:
8a:09:ca:48:4b:18:34:b4:a3:c4:5c:78:78:7f:19:
4e:68:10:d7:f1:e6:d0:af:0d:48:2e:ce:62:c9:8b:
34:8c:3e:c6:15:ea:02:4d:a0:e4:02:2a:87:9e:e1:
ad:17:7b:c9:10:17:cb:a7:9c:37:2d:f0:ec:b6:58:
b0:14:76:1c:35:67:d2:41:9c:8c:0c:ab:37:a1:29:
63:f5:2e:0d:f8:65:9c:74:89:51:0d:d5:cb:a0:c7:
b6:22:1c:bc:66:ee:08:dc:27:e0:2a:17:84:fa:fc:
f7:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:00:D2:1B:5C:17:E3:C4:30:2D:DB:53:D0:5A:A2:E9:AA:0F:E7:84
X509v3 Authority Key Identifier:
keyid:13:8C:D1:0A:47:78:DE:0E:35:91:1E:9C:9C:94:4F:4B:21:C4:DB:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9130F9C/29CB020EFA0B11E9978B0A32C4F9AE02/E4zRCkd43g41kR6cnJRPSyHE2wk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E4zRCkd43g41kR6cnJRPSyHE2wk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9130F9C/29CB020EFA0B11E9978B0A32C4F9AE02/41CBB5B87F7611ECAD50FA4EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.55.144.0/22
103.206.231.0/24
202.83.124.0/24
202.83.126.0/23
IPv6:
2400:4fc0::/32
Signature Algorithm: sha256WithRSAEncryption
be:3b:5e:b0:85:10:4c:4a:04:09:ba:78:b4:92:3d:94:4b:cd:
bb:67:95:9d:e9:8f:0c:a8:b0:f7:85:68:93:68:cf:2a:a6:3b:
b7:41:4a:00:43:4d:82:66:c8:74:44:5c:e4:7d:c1:df:26:d0:
29:d0:f1:07:b8:a9:c9:f5:5f:29:58:2e:f1:ce:d5:80:86:e1:
c7:3e:cb:8b:96:6e:f4:2f:80:bf:23:87:ad:f8:d1:f4:cd:71:
74:cb:17:38:61:7c:1b:fa:46:ac:87:eb:9a:e1:a8:85:36:64:
a9:b7:65:9b:6c:0a:71:f6:34:f0:ba:a5:6f:ab:30:69:77:ec:
3f:89:02:f5:96:d8:74:1c:d6:51:d8:40:68:cb:0d:b5:10:98:
df:da:e5:5c:29:09:e1:d0:5e:40:4a:6f:77:e3:22:a6:f0:53:
0c:25:f0:b0:ea:76:a5:b2:e8:87:1d:31:61:6a:45:8c:67:ce:
62:70:9d:60:23:5b:53:de:c3:c0:33:1b:7f:32:22:ef:e9:73:
85:00:b5:60:0b:9e:1b:2c:b4:dd:0b:05:b9:51:b4:b7:ac:c4:
ba:58:95:ce:f4:15:e6:9e:15:23:e3:2c:df:06:b5:b8:72:c3:
6a:6a:bd:6b:9b:09:f9:7b:69:29:01:16:b5:33:13:57:ac:46:
8f:7d:ac:6c
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICDMowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzBGOUMxMTAvBgNVBAUTKDEzOENEMTBBNDc3OERFMEUzNTkxMUU5QzlDOTQ0RjRC
MjFDNERCMDkwHhcNMjUwODEyMTQ0OTQ1WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODliNTQ4OS1mNzEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqI36hXSJV9ItNFsXzyEfabm1YjaOcbcQj9yPigXAm5abp+cDZlzSqEDh5hqi
bVfrnds8PdLQjom/kcVQrnFJhsoTZepEjmLd5DaZo7J6MeqzwSh9r79S4cFDgQl+
NEz6dY3h0bzw5tQSEoIYrXpf1eiW/UKgdpXjIDjthZ93DAJOCfr0jlL5eojNnOpI
gpuGFdq1V+WKCcpISxg0tKPEXHh4fxlOaBDX8ebQrw1ILs5iyYs0jD7GFeoCTaDk
AiqHnuGtF3vJEBfLp5w3LfDstliwFHYcNWfSQZyMDKs3oSlj9S4N+GWcdIlRDdXL
oMe2Ihy8Zu4I3CfgKheE+vz3LQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFD8A0htc
F+PEMC3bU9BaoumqD+eEMB8GA1UdIwQYMBaAFBOM0QpHeN4ONZEenJyUT0shxNsJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMEY5Qy8yOUNCMDIwRUZB
MEIxMUU5OTc4QjBBMzJDNEY5QUUwMi9FNHpSQ2tkNDNnNDFrUjZjbkpSUFN5SEUy
d2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0U0elJDa2Q0M2c0MWtSNmNuSlJQU3lIRTJ3ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzBGOUMvMjlDQjAyMEVGQTBCMTFFOTk3OEIwQTMyQzRGOUFFMDIvNDFDQkI1Qjg3
Rjc2MTFFQ0FENTBGQTRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAJnN5ADBABnzucDBADKU3wDBAHKU34wDQQCAAIwBwMFACQA
T8AwDQYJKoZIhvcNAQELBQADggEBAL47XrCFEExKBAm6eLSSPZRLzbtnlZ3pjwyo
sPeFaJNozyqmO7dBSgBDTYJmyHREXOR9wd8m0CnQ8Qe4qcn1XylYLvHO1YCG4cc+
y4uWbvQvgL8jh6340fTNcXTLFzhhfBv6RqyH65rhqIU2ZKm3ZZtsCnH2NPC6pW+r
MGl37D+JAvWW2HQc1lHYQGjLDbUQmN/a5VwpCeHQXkBKb3fjIqbwUwwl8LDqdqWy
6IcdMWFqRYxnzmJwnWAjW1Pew8AzG38yIu/pc4UAtWALnhsstN0LBblRtLesxLpY
lc70FeaeFSPjLN8Gtbhyw2pqvWubCfl7aSkBFrUzE1esRo99rGw=
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:59:18 2025 by rpki-client