Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914C725/31844C36809F11E7BD6A6B2EC4F9AE02/B4DF66BA809F11E7B741FD2EC4F9AE02.roa
File: B4DF66BA809F11E7B741FD2EC4F9AE02.roa (raw, json)
Hash identifier: Sg59bb6TS945kizZVcpiIEs7ksqDtH0V0nZ6fh7OSKo=
Subject key identifier: 03:D1:84:1E:83:C5:EC:98:05:C1:C1:4C:69:13:C6:9D:D4:24:CE:68
Certificate issuer: /CN=A914C725/serialNumber=ED17D1BE3D5711C6C98C8CCC59AAF737E865C384
Certificate serial: 1950
Authority key identifier: ED:17:D1:BE:3D:57:11:C6:C9:8C:8C:CC:59:AA:F7:37:E8:65:C3:84
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7RfRvj1XEcbJjIzMWar3N-hlw4Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914C725/31844C36809F11E7BD6A6B2EC4F9AE02/B4DF66BA809F11E7B741FD2EC4F9AE02.roa
Signing time: Thu 26 Jun 2025 16:36:52 +0000
ROA not before: Thu 26 Jun 2025 16:36:52 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 56286
IP address blocks: 103.29.56.0/22 maxlen: 22
103.29.56.0/24 maxlen: 24
103.29.57.0/24 maxlen: 24
103.29.58.0/24 maxlen: 24
103.29.59.0/24 maxlen: 24
103.106.166.0/23 maxlen: 23
103.106.166.0/24 maxlen: 24
103.106.167.0/24 maxlen: 24
2403:1300::/32 maxlen: 32
2403:1300::/36 maxlen: 36
2403:1300:100::/40 maxlen: 40
2403:1300:100::/48 maxlen: 48
2403:1300:101::/48 maxlen: 48
2403:1300:102::/48 maxlen: 48
2403:1300:111::/48 maxlen: 48
2403:1300:113::/48 maxlen: 48
2403:1300:121::/48 maxlen: 48
2403:1300:122::/48 maxlen: 48
2403:1300:123::/48 maxlen: 48
2403:1300:131::/48 maxlen: 48
2403:1300:200::/40 maxlen: 40
2403:1300:201::/48 maxlen: 48
2403:1300:202::/48 maxlen: 48
2403:1300:211::/48 maxlen: 48
2403:1300:221::/48 maxlen: 48
2403:1300:222::/48 maxlen: 48
2403:1300:223::/48 maxlen: 48
2403:1300:231::/48 maxlen: 48
2403:1300:300::/40 maxlen: 40
2403:1300:301::/48 maxlen: 48
2403:1300:302::/48 maxlen: 48
2403:1300:311::/48 maxlen: 48
2403:1300:1000::/36 maxlen: 36
2403:1300:2000::/36 maxlen: 36
2403:1300:3000::/36 maxlen: 36
2403:1300:8000::/36 maxlen: 36
2403:1300:8000::/40 maxlen: 40
2403:1300:8001::/48 maxlen: 48
2403:1300:8002::/48 maxlen: 48
2403:1300:beef::/48 maxlen: 48
2403:1300:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914C725/31844C36809F11E7BD6A6B2EC4F9AE02/7RfRvj1XEcbJjIzMWar3N-hlw4Q.crl
rsync://rpki.apnic.net/member_repository/A914C725/31844C36809F11E7BD6A6B2EC4F9AE02/7RfRvj1XEcbJjIzMWar3N-hlw4Q.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7RfRvj1XEcbJjIzMWar3N-hlw4Q.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 09 Jul 2025 16:33:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6480 (0x1950)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914C725, serialNumber=ED17D1BE3D5711C6C98C8CCC59AAF737E865C384
Validity
Not Before: Jun 26 16:36:52 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=685d7724-b181
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7e:d0:3e:bf:fe:23:10:2c:fa:af:5a:96:22:
60:79:10:7b:4c:3d:8f:06:86:79:45:c6:f0:aa:4e:
e6:69:d3:4b:77:6a:49:f1:ee:bc:6c:56:f6:a2:86:
ba:a3:c2:52:79:00:41:e8:34:f5:5b:ce:b9:bc:e0:
1d:54:d4:65:e9:af:7a:16:c1:7f:54:2a:d4:73:cf:
f2:9e:85:fe:34:e9:8a:25:87:9f:5d:b8:b6:d6:b2:
98:ba:30:25:cd:f3:90:6a:ef:0f:8c:8c:c0:ab:fd:
25:fc:73:f6:43:b1:c3:89:90:67:12:6c:6f:07:a0:
3a:ff:a3:f1:58:75:92:a2:02:1c:ef:ed:0c:3b:80:
01:20:70:04:d4:dc:0a:a1:bc:dd:74:25:c1:ee:ef:
a4:cc:1f:6b:a7:e6:4e:37:6c:d8:ea:93:e9:c4:38:
e4:6b:35:0b:2f:50:4f:e0:7f:24:93:ac:5e:23:12:
af:4b:2f:32:1d:b2:73:de:ed:39:d6:d1:ae:fb:af:
75:0f:d8:11:68:0d:23:f3:0f:e0:e9:96:8e:26:d5:
ba:28:28:bd:cd:be:c1:43:e4:a8:c9:a4:e7:e8:7b:
f6:44:b5:26:b6:22:8c:f3:02:4c:ea:4b:a5:e5:f9:
01:62:0a:51:be:5f:07:2b:6b:4b:9e:3f:39:14:19:
36:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:D1:84:1E:83:C5:EC:98:05:C1:C1:4C:69:13:C6:9D:D4:24:CE:68
X509v3 Authority Key Identifier:
keyid:ED:17:D1:BE:3D:57:11:C6:C9:8C:8C:CC:59:AA:F7:37:E8:65:C3:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914C725/31844C36809F11E7BD6A6B2EC4F9AE02/7RfRvj1XEcbJjIzMWar3N-hlw4Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7RfRvj1XEcbJjIzMWar3N-hlw4Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914C725/31844C36809F11E7BD6A6B2EC4F9AE02/B4DF66BA809F11E7B741FD2EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.29.56.0/22
103.106.166.0/23
IPv6:
2403:1300::/32
Signature Algorithm: sha256WithRSAEncryption
2d:e8:e5:28:a7:d6:0d:93:af:3f:c4:a4:cb:4c:0b:08:22:5e:
de:59:91:40:76:ae:07:69:98:86:60:a6:2f:03:9a:ce:cb:e3:
37:d3:5d:80:e8:be:db:31:9e:54:ac:90:f7:2f:17:fb:46:f4:
24:8a:9f:a7:39:1a:df:65:22:dc:3e:d8:78:01:85:97:4d:ce:
ad:0d:62:7a:2a:7a:35:0e:bc:11:63:c5:66:2b:be:b6:a3:32:
c6:e0:f3:4f:1f:00:e5:c5:c8:6b:9f:22:f0:86:f2:c4:11:d6:
fd:a8:fd:32:a0:bb:ac:e3:9b:2a:f5:6d:03:f0:79:c5:28:3a:
30:57:17:0b:da:c7:cf:da:af:0d:74:52:87:52:68:b9:01:84:
fc:08:dc:c3:b8:80:e7:dd:5c:08:1e:34:11:61:18:10:23:ee:
53:6e:3a:51:be:a8:b2:8c:72:66:68:4e:1b:fc:2c:06:6c:60:
05:d7:f9:da:ff:60:6c:35:f1:e4:17:fc:a7:f3:bf:13:d6:fa:
23:05:b5:ac:08:40:b3:69:97:eb:37:d7:e0:b3:3b:05:2d:f4:
a0:c9:3a:d3:34:ce:12:8f:b9:63:08:1a:a6:56:58:85:93:b6:
86:b1:e9:59:55:88:c8:2b:56:d2:8b:52:76:9a:67:56:db:fa:
82:89:42:50
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICGVAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEM3MjUxMTAvBgNVBAUTKEVEMTdEMUJFM0Q1NzExQzZDOThDOENDQzU5QUFGNzM3
RTg2NUMzODQwHhcNMjUwNjI2MTYzNjUyWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODVkNzcyNC1iMTgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuH7QPr/+IxAs+q9aliJgeRB7TD2PBoZ5Rcbwqk7madNLd2pJ8e68bFb2ooa6
o8JSeQBB6DT1W865vOAdVNRl6a96FsF/VCrUc8/ynoX+NOmKJYefXbi21rKYujAl
zfOQau8PjIzAq/0l/HP2Q7HDiZBnEmxvB6A6/6PxWHWSogIc7+0MO4ABIHAE1NwK
obzddCXB7u+kzB9rp+ZON2zY6pPpxDjkazULL1BP4H8kk6xeIxKvSy8yHbJz3u05
1tGu+691D9gRaA0j8w/g6ZaOJtW6KCi9zb7BQ+SoyaTn6Hv2RLUmtiKM8wJM6kul
5fkBYgpRvl8HK2tLnj85FBk2OQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFAPRhB6D
xeyYBcHBTGkTxp3UJM5oMB8GA1UdIwQYMBaAFO0X0b49VxHGyYyMzFmq9zfoZcOE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QzcyNS8zMTg0NEMzNjgw
OUYxMUU3QkQ2QTZCMkVDNEY5QUUwMi83UmZSdmoxWEVjYkpqSXpNV2FyM04taGx3
NFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdSZlJ2ajFYRWNiSmpJek1XYXIzTi1obHc0US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEM3MjUvMzE4NDRDMzY4MDlGMTFFN0JENkE2QjJFQzRGOUFFMDIvQjRERjY2QkE4
MDlGMTFFN0I3NDFGRDJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnHTgDBAFnaqYwDQQCAAIwBwMFACQDEwAwDQYJKoZIhvcN
AQELBQADggEBAC3o5Sin1g2Trz/EpMtMCwgiXt5ZkUB2rgdpmIZgpi8Dms7L4zfT
XYDovtsxnlSskPcvF/tG9CSKn6c5Gt9lItw+2HgBhZdNzq0NYnoqejUOvBFjxWYr
vrajMsbg808fAOXFyGufIvCG8sQR1v2o/TKgu6zjmyr1bQPwecUoOjBXFwvax8/a
rw10UodSaLkBhPwI3MO4gOfdXAgeNBFhGBAj7lNuOlG+qLKMcmZoThv8LAZsYAXX
+dr/YGw18eQX/KfzvxPW+iMFtawIQLNpl+s31+CzOwUt9KDJOtM0zhKPuWMIGqZW
WIWTtoax6VlViMgrVtKLUnaaZ1bb+oKJQlA=
-----END CERTIFICATE-----
Generated at Fri Jul 4 17:40:23 2025 by rpki-client