Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/A2120E06FD7F11EFA8C89755C4F9AE02.roa
File: A2120E06FD7F11EFA8C89755C4F9AE02.roa (raw, json)
Hash identifier: 2Hvw21rvCVCh8S0/7oApM9oB0Qgb7ulGPIHYlQU89cU=
Subject key identifier: DF:04:20:7E:0A:B9:F5:68:D3:09:F5:B0:10:F7:09:4E:7F:53:47:22
Certificate issuer: /CN=A9146944/serialNumber=ED1F958CB604B576E82214B4CF3CC0FE620EF9F4
Certificate serial: 0A0A
Authority key identifier: ED:1F:95:8C:B6:04:B5:76:E8:22:14:B4:CF:3C:C0:FE:62:0E:F9:F4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7R-VjLYEtXboIhS0zzzA_mIO-fQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/A2120E06FD7F11EFA8C89755C4F9AE02.roa
Signing time: Mon 30 Jun 2025 20:35:53 +0000
ROA not before: Mon 30 Jun 2025 20:35:53 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 134180
IP address blocks: 45.250.228.0/24 maxlen: 24
45.250.229.0/24 maxlen: 24
45.250.230.0/24 maxlen: 24
45.250.231.0/24 maxlen: 24
103.202.220.0/22 maxlen: 22
103.202.220.0/24 maxlen: 24
103.202.221.0/24 maxlen: 24
103.202.222.0/23 maxlen: 23
103.202.223.0/24 maxlen: 24
103.209.196.0/24 maxlen: 24
103.209.197.0/24 maxlen: 24
103.209.199.0/24 maxlen: 24
2403:6940::/32 maxlen: 32
2403:6940::/36 maxlen: 36
2403:6940:f::/48 maxlen: 48
2403:6940:1000::/36 maxlen: 36
2403:6940:1000::/48 maxlen: 48
2403:6940:1001::/48 maxlen: 48
2403:6940:1002::/48 maxlen: 48
2403:6940:1003::/48 maxlen: 48
2403:6940:1004::/48 maxlen: 48
2403:6940:1005::/48 maxlen: 48
2403:6940:1006::/48 maxlen: 48
2403:6940:1007::/48 maxlen: 48
2403:6940:1008::/48 maxlen: 48
2403:6940:1009::/48 maxlen: 48
2403:6940:100a::/48 maxlen: 48
2403:6940:100b::/48 maxlen: 48
2403:6940:100c::/48 maxlen: 48
2403:6940:2000::/36 maxlen: 36
2403:6940:2000::/48 maxlen: 48
2403:6940:2001::/48 maxlen: 48
2403:6940:2002::/48 maxlen: 48
2403:6940:2003::/48 maxlen: 48
2403:6940:2004::/48 maxlen: 48
2403:6940:2005::/48 maxlen: 48
2403:6940:2006::/48 maxlen: 48
2403:6940:2007::/48 maxlen: 48
2403:6940:3000::/36 maxlen: 36
2403:6940:4000::/36 maxlen: 36
2403:6940:5000::/36 maxlen: 36
2403:6940:6000::/36 maxlen: 36
2403:6940:7000::/36 maxlen: 36
2403:6940:8000::/36 maxlen: 36
2403:6940:9000::/36 maxlen: 36
2403:6940:a000::/36 maxlen: 36
2403:6940:b000::/36 maxlen: 36
2403:6940:c000::/36 maxlen: 36
2403:6940:d000::/36 maxlen: 36
2403:6940:e000::/36 maxlen: 36
2403:6940:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/7R-VjLYEtXboIhS0zzzA_mIO-fQ.crl
rsync://rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/7R-VjLYEtXboIhS0zzzA_mIO-fQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7R-VjLYEtXboIhS0zzzA_mIO-fQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 09 Jul 2025 20:19:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2570 (0xa0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9146944, serialNumber=ED1F958CB604B576E82214B4CF3CC0FE620EF9F4
Validity
Not Before: Jun 30 20:35:53 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=6862f528-ed23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:31:71:7a:39:28:ad:e6:c1:23:52:a8:57:10:
e0:40:77:23:1f:7b:19:c3:df:75:83:69:63:08:7f:
1a:12:18:32:45:f8:27:74:e5:a4:fd:0e:d1:71:11:
e9:ef:da:6d:f0:e0:b8:41:fe:f1:5e:62:ec:23:eb:
fa:24:0f:24:3e:2b:9c:b8:af:8b:f6:4c:a7:92:b7:
27:ad:1d:5b:07:64:08:81:6d:26:2c:c2:15:b1:d5:
96:b0:8d:ca:f7:68:6f:2d:09:34:c4:b8:31:58:8c:
cb:0b:5b:d6:62:91:54:fd:73:c5:be:c3:32:2c:83:
b2:14:58:30:7f:8c:48:00:45:3c:13:7a:2e:04:5f:
24:11:20:0f:41:96:75:3c:31:27:5d:ec:64:1b:39:
23:ca:05:b7:b2:fd:2f:81:e3:f2:74:25:1d:63:34:
cd:11:5c:5f:25:b0:e4:a0:82:f5:cf:70:16:7d:e6:
5a:7f:2f:bf:98:e8:72:d9:d4:70:0b:2d:18:67:02:
b3:4c:a0:fb:21:5a:fb:8c:75:b2:b9:89:1c:18:cf:
6b:8f:4b:9a:40:3f:7e:89:63:2f:72:3d:26:2d:14:
46:83:10:84:7e:79:70:9d:65:91:2d:fe:90:3e:1d:
f0:62:eb:c3:e7:5b:4a:86:02:51:c2:ee:3e:c8:b4:
d6:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:04:20:7E:0A:B9:F5:68:D3:09:F5:B0:10:F7:09:4E:7F:53:47:22
X509v3 Authority Key Identifier:
keyid:ED:1F:95:8C:B6:04:B5:76:E8:22:14:B4:CF:3C:C0:FE:62:0E:F9:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/7R-VjLYEtXboIhS0zzzA_mIO-fQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7R-VjLYEtXboIhS0zzzA_mIO-fQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/A2120E06FD7F11EFA8C89755C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.250.228.0/22
103.202.220.0/22
103.209.196.0/23
103.209.199.0/24
IPv6:
2403:6940::/32
Signature Algorithm: sha256WithRSAEncryption
07:d6:f0:93:54:d2:fb:80:3c:d8:8e:ce:33:6f:71:6f:49:13:
63:5d:08:6c:bb:19:90:7e:3f:ea:0c:e6:76:78:e6:b5:55:5b:
08:0d:60:f9:82:3d:84:89:b2:27:f0:2e:e8:71:e0:40:7b:a2:
cb:45:6f:74:a7:13:29:e1:ca:0a:ee:8c:7b:eb:65:f9:4c:91:
89:80:6f:8e:03:7f:88:bb:34:f5:55:f9:66:b5:9f:fb:61:04:
d8:8b:ff:17:71:f6:f6:b3:ce:af:1d:71:c8:be:82:9c:11:12:
d4:79:89:b8:fd:51:c1:17:97:76:5b:ec:ae:ff:b9:ef:d1:1b:
38:19:59:13:98:85:0d:4d:8d:d4:2a:2a:f3:09:ca:cd:ef:da:
21:1b:11:39:9f:62:f9:72:a3:6b:d0:ec:57:a5:a7:7d:4e:8a:
15:88:9f:06:dd:72:65:e7:6f:83:85:63:4d:cc:a4:63:38:3f:
c5:4a:d4:ae:47:1a:e2:42:6a:7c:a9:b9:a8:9a:b1:0c:80:de:
eb:f3:24:28:4d:a4:06:91:23:8d:ba:1a:64:c4:42:d7:98:25:
1f:44:d7:e9:24:d0:c3:ba:0c:4b:41:16:96:1e:05:84:9a:32:
48:e9:35:68:b3:cb:5d:13:33:81:b0:91:bc:7e:28:bc:b8:ce:
3e:79:b1:76
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICCgowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDY5NDQxMTAvBgNVBAUTKEVEMUY5NThDQjYwNEI1NzZFODIyMTRCNENGM0NDMEZF
NjIwRUY5RjQwHhcNMjUwNjMwMjAzNTUzWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODYyZjUyOC1lZDIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsDFxejkorebBI1KoVxDgQHcjH3sZw991g2ljCH8aEhgyRfgndOWk/Q7RcRHp
79pt8OC4Qf7xXmLsI+v6JA8kPiucuK+L9kynkrcnrR1bB2QIgW0mLMIVsdWWsI3K
92hvLQk0xLgxWIzLC1vWYpFU/XPFvsMyLIOyFFgwf4xIAEU8E3ouBF8kESAPQZZ1
PDEnXexkGzkjygW3sv0vgePydCUdYzTNEVxfJbDkoIL1z3AWfeZafy+/mOhy2dRw
Cy0YZwKzTKD7IVr7jHWyuYkcGM9rj0uaQD9+iWMvcj0mLRRGgxCEfnlwnWWRLf6Q
Ph3wYuvD51tKhgJRwu4+yLTWHQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFN8EIH4K
ufVo0wn1sBD3CU5/U0ciMB8GA1UdIwQYMBaAFO0flYy2BLV26CIUtM88wP5iDvn0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Njk0NC80M0JEMUM2RThF
OTUxMUVBQTlENzNBMkVDNEY5QUUwMi83Ui1WakxZRXRYYm9JaFMwenp6QV9tSU8t
ZlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdSLVZqTFlFdFhib0loUzB6enpBX21JTy1mUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDY5NDQvNDNCRDFDNkU4RTk1MTFFQUE5RDczQTJFQzRGOUFFMDIvQTIxMjBFMDZG
RDdGMTFFRkE4Qzg5NzU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAIt+uQDBAJnytwDBAFn0cQDBABn0ccwDQQCAAIwBwMFACQD
aUAwDQYJKoZIhvcNAQELBQADggEBAAfW8JNU0vuAPNiOzjNvcW9JE2NdCGy7GZB+
P+oM5nZ45rVVWwgNYPmCPYSJsifwLuhx4EB7ostFb3SnEynhygrujHvrZflMkYmA
b44Df4i7NPVV+Wa1n/thBNiL/xdx9vazzq8dcci+gpwREtR5ibj9UcEXl3Zb7K7/
ue/RGzgZWROYhQ1NjdQqKvMJys3v2iEbETmfYvlyo2vQ7Felp31OihWInwbdcmXn
b4OFY03MpGM4P8VK1K5HGuJCanypuaiasQyA3uvzJChNpAaRI426GmTEQteYJR9E
1+kk0MO6DEtBFpYeBYSaMkjpNWizy10TM4Gwkbx+KLy4zj55sXY=
-----END CERTIFICATE-----
Generated at Fri Jul 4 08:22:59 2025 by rpki-client