Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914C725/31844C36809F11E7BD6A6B2EC4F9AE02/B4DF66BA809F11E7B741FD2EC4F9AE02.roa
File: B4DF66BA809F11E7B741FD2EC4F9AE02.roa (raw, json)
Hash identifier: KaPPxJGKEv/zZM9wb84aOdkpe/TGoMFG363mkjcQVQs=
Subject key identifier: 1B:55:C5:5D:43:25:4A:9B:1E:AF:B4:01:19:69:01:1A:9E:E8:09:A0
Certificate issuer: /CN=A914C725/serialNumber=ED17D1BE3D5711C6C98C8CCC59AAF737E865C384
Certificate serial: 1965
Authority key identifier: ED:17:D1:BE:3D:57:11:C6:C9:8C:8C:CC:59:AA:F7:37:E8:65:C3:84
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7RfRvj1XEcbJjIzMWar3N-hlw4Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914C725/31844C36809F11E7BD6A6B2EC4F9AE02/B4DF66BA809F11E7B741FD2EC4F9AE02.roa
Signing time: Mon 04 Aug 2025 02:40:48 +0000
ROA not before: Mon 04 Aug 2025 02:40:48 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 56286
IP address blocks: 103.29.56.0/22 maxlen: 22
103.29.56.0/24 maxlen: 24
103.29.57.0/24 maxlen: 24
103.29.58.0/24 maxlen: 24
103.29.59.0/24 maxlen: 24
103.106.166.0/23 maxlen: 23
103.106.166.0/24 maxlen: 24
103.106.167.0/24 maxlen: 24
2403:1300::/32 maxlen: 32
2403:1300::/36 maxlen: 36
2403:1300:100::/40 maxlen: 40
2403:1300:100::/48 maxlen: 48
2403:1300:101::/48 maxlen: 48
2403:1300:102::/48 maxlen: 48
2403:1300:111::/48 maxlen: 48
2403:1300:113::/48 maxlen: 48
2403:1300:121::/48 maxlen: 48
2403:1300:122::/48 maxlen: 48
2403:1300:123::/48 maxlen: 48
2403:1300:131::/48 maxlen: 48
2403:1300:200::/40 maxlen: 40
2403:1300:201::/48 maxlen: 48
2403:1300:202::/48 maxlen: 48
2403:1300:211::/48 maxlen: 48
2403:1300:221::/48 maxlen: 48
2403:1300:222::/48 maxlen: 48
2403:1300:223::/48 maxlen: 48
2403:1300:231::/48 maxlen: 48
2403:1300:300::/40 maxlen: 40
2403:1300:301::/48 maxlen: 48
2403:1300:302::/48 maxlen: 48
2403:1300:311::/48 maxlen: 48
2403:1300:321::/48 maxlen: 48
2403:1300:331::/48 maxlen: 48
2403:1300:1000::/36 maxlen: 36
2403:1300:2000::/36 maxlen: 36
2403:1300:3000::/36 maxlen: 36
2403:1300:8000::/36 maxlen: 36
2403:1300:8000::/40 maxlen: 40
2403:1300:8001::/48 maxlen: 48
2403:1300:8002::/48 maxlen: 48
2403:1300:beef::/48 maxlen: 48
2403:1300:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914C725/31844C36809F11E7BD6A6B2EC4F9AE02/7RfRvj1XEcbJjIzMWar3N-hlw4Q.crl
rsync://rpki.apnic.net/member_repository/A914C725/31844C36809F11E7BD6A6B2EC4F9AE02/7RfRvj1XEcbJjIzMWar3N-hlw4Q.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7RfRvj1XEcbJjIzMWar3N-hlw4Q.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 16:30:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6501 (0x1965)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914C725, serialNumber=ED17D1BE3D5711C6C98C8CCC59AAF737E865C384
Validity
Not Before: Aug 4 02:40:48 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=68901daf-a63d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f9:64:25:9a:50:9c:bc:2f:b9:78:4f:3a:67:
b4:71:16:0d:21:8c:a3:cc:57:6d:d9:24:67:9e:26:
c3:bb:41:fe:4b:d5:10:de:41:1c:f4:49:b2:37:c6:
ec:48:ab:05:82:5f:69:4c:7d:ad:bc:56:20:cc:7d:
49:c4:eb:e8:59:a3:fd:68:65:32:4f:ba:1c:9e:f7:
ec:a9:1f:75:e9:cb:d7:58:ca:51:fe:3a:e2:7a:3e:
c2:1d:a8:8a:c7:c3:50:21:d0:13:92:c0:dc:2e:e4:
71:db:82:0c:65:92:f4:11:f9:bc:19:89:a6:ff:8e:
07:23:a6:a0:f2:ec:57:0b:2b:19:8e:52:7d:e4:72:
71:a1:fe:16:28:ae:60:8a:9b:41:5b:03:8e:8e:dc:
dc:e1:43:ab:41:b8:4b:b2:10:25:b0:49:16:b5:3d:
49:ad:ef:ad:a1:e1:e8:8c:8c:97:04:19:95:4d:62:
00:8c:37:1c:18:a8:de:61:22:5c:0d:e6:b9:2b:4d:
5b:28:aa:b7:b3:6c:69:e0:eb:64:33:bb:29:7a:8f:
23:75:b8:fa:3d:d5:53:a1:70:60:69:bb:06:74:2e:
91:c8:de:f7:84:dd:5f:ca:90:b8:1e:af:60:fa:9d:
c7:0a:10:20:93:f2:27:4f:33:22:5a:c3:da:67:42:
83:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:55:C5:5D:43:25:4A:9B:1E:AF:B4:01:19:69:01:1A:9E:E8:09:A0
X509v3 Authority Key Identifier:
keyid:ED:17:D1:BE:3D:57:11:C6:C9:8C:8C:CC:59:AA:F7:37:E8:65:C3:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914C725/31844C36809F11E7BD6A6B2EC4F9AE02/7RfRvj1XEcbJjIzMWar3N-hlw4Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7RfRvj1XEcbJjIzMWar3N-hlw4Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914C725/31844C36809F11E7BD6A6B2EC4F9AE02/B4DF66BA809F11E7B741FD2EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.29.56.0/22
103.106.166.0/23
IPv6:
2403:1300::/32
Signature Algorithm: sha256WithRSAEncryption
a5:f3:16:d3:b5:1b:cd:b9:a3:57:71:8a:2c:78:67:90:f0:81:
8b:62:6a:73:b7:1d:89:ab:29:00:96:ba:fc:1e:e6:d9:58:c3:
8e:21:75:63:38:9e:6a:bf:1c:c0:fd:14:f8:d8:c3:28:b2:67:
74:c6:d7:09:60:64:dc:d5:a7:5d:87:60:24:98:58:55:ce:96:
54:83:52:9b:cf:d4:c7:77:a2:a6:c9:4b:80:f2:60:fe:2d:30:
97:cc:cf:a7:21:d5:fb:26:a0:70:c7:41:f8:41:28:c6:b2:70:
1b:55:e9:fd:64:96:40:8c:e5:bc:04:87:b1:44:9a:14:69:b9:
60:e5:82:cc:31:8f:f4:0f:f5:d3:a3:69:fe:9f:82:90:05:63:
86:4e:7c:b2:18:56:5f:48:f8:da:d5:fa:87:c8:1b:3a:3c:43:
9f:d0:c9:da:0f:68:85:b1:9b:5f:f7:63:a4:b7:18:c1:70:17:
3a:8f:51:07:fa:5a:98:f3:fe:73:77:5a:b5:9d:8b:50:54:80:
65:5e:08:f2:f7:b0:fe:3b:08:c1:74:72:3b:a4:ec:07:65:33:
3b:e8:46:f4:5b:cd:36:f3:c6:b4:54:2e:1e:69:54:69:3a:b3:
da:38:ff:78:dd:7b:07:49:90:2b:d7:80:6e:91:47:b5:4d:14:
35:c7:2a:ec
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICGWUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEM3MjUxMTAvBgNVBAUTKEVEMTdEMUJFM0Q1NzExQzZDOThDOENDQzU5QUFGNzM3
RTg2NUMzODQwHhcNMjUwODA0MDI0MDQ4WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODkwMWRhZi1hNjNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuPlkJZpQnLwvuXhPOme0cRYNIYyjzFdt2SRnnibDu0H+S9UQ3kEc9EmyN8bs
SKsFgl9pTH2tvFYgzH1JxOvoWaP9aGUyT7ocnvfsqR916cvXWMpR/jriej7CHaiK
x8NQIdATksDcLuRx24IMZZL0Efm8GYmm/44HI6ag8uxXCysZjlJ95HJxof4WKK5g
iptBWwOOjtzc4UOrQbhLshAlsEkWtT1Jre+toeHojIyXBBmVTWIAjDccGKjeYSJc
Dea5K01bKKq3s2xp4OtkM7speo8jdbj6PdVToXBgabsGdC6RyN73hN1fypC4Hq9g
+p3HChAgk/InTzMiWsPaZ0KDQQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFBtVxV1D
JUqbHq+0ARlpARqe6AmgMB8GA1UdIwQYMBaAFO0X0b49VxHGyYyMzFmq9zfoZcOE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QzcyNS8zMTg0NEMzNjgw
OUYxMUU3QkQ2QTZCMkVDNEY5QUUwMi83UmZSdmoxWEVjYkpqSXpNV2FyM04taGx3
NFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdSZlJ2ajFYRWNiSmpJek1XYXIzTi1obHc0US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEM3MjUvMzE4NDRDMzY4MDlGMTFFN0JENkE2QjJFQzRGOUFFMDIvQjRERjY2QkE4
MDlGMTFFN0I3NDFGRDJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnHTgDBAFnaqYwDQQCAAIwBwMFACQDEwAwDQYJKoZIhvcN
AQELBQADggEBAKXzFtO1G825o1dxiix4Z5DwgYtianO3HYmrKQCWuvwe5tlYw44h
dWM4nmq/HMD9FPjYwyiyZ3TG1wlgZNzVp12HYCSYWFXOllSDUpvP1Md3oqbJS4Dy
YP4tMJfMz6ch1fsmoHDHQfhBKMaycBtV6f1klkCM5bwEh7FEmhRpuWDlgswxj/QP
9dOjaf6fgpAFY4ZOfLIYVl9I+NrV+ofIGzo8Q5/QydoPaIWxm1/3Y6S3GMFwFzqP
UQf6Wpjz/nN3WrWdi1BUgGVeCPL3sP47CMF0cjuk7AdlMzvoRvRbzTbzxrRULh5p
VGk6s9o4/3jdewdJkCvXgG6RR7VNFDXHKuw=
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:36:49 2025 by rpki-client