Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/3240ED82D62D11EFB0442B5DC4F9AE02.roa
File: 3240ED82D62D11EFB0442B5DC4F9AE02.roa (raw, json)
Hash identifier: TMu5hEbfrLw2YdTkxYULJSdYTtAL2nPXUFAhyo3Mq1Y=
Subject key identifier: FD:1E:A7:13:53:DC:B4:90:47:E8:EF:56:08:7F:DC:8C:9D:29:F9:43
Certificate issuer: /CN=A9150384/serialNumber=B1BA33053C39BA5865537743112389E300C48807
Certificate serial: 0CC1
Authority key identifier: B1:BA:33:05:3C:39:BA:58:65:53:77:43:11:23:89:E3:00:C4:88:07
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sbozBTw5ulhlU3dDESOJ4wDEiAc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/3240ED82D62D11EFB0442B5DC4F9AE02.roa
Signing time: Tue 16 Sep 2025 05:28:58 +0000
ROA not before: Tue 16 Sep 2025 05:28:58 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 134968
IP address blocks: 103.23.204.0/22 maxlen: 22
103.23.204.0/23 maxlen: 23
103.23.204.0/24 maxlen: 24
103.23.205.0/24 maxlen: 24
103.23.206.0/23 maxlen: 23
103.23.206.0/24 maxlen: 24
103.23.207.0/24 maxlen: 24
223.25.252.0/22 maxlen: 22
223.25.252.0/23 maxlen: 23
223.25.252.0/24 maxlen: 24
223.25.253.0/24 maxlen: 24
223.25.254.0/23 maxlen: 23
223.25.254.0/24 maxlen: 24
223.25.255.0/24 maxlen: 24
2401:52c0::/32 maxlen: 32
2401:52c0::/40 maxlen: 40
2401:52c0:7::/48 maxlen: 48
2401:52c0:9::/48 maxlen: 48
2401:52c0:100::/40 maxlen: 40
2401:52c0:100::/44 maxlen: 44
2401:52c0:110::/44 maxlen: 44
2401:52c0:120::/44 maxlen: 44
2401:52c0:130::/44 maxlen: 44
2401:52c0:140::/44 maxlen: 44
2401:52c0:150::/44 maxlen: 44
2401:52c0:160::/44 maxlen: 44
2401:52c0:170::/44 maxlen: 44
2401:52c0:180::/44 maxlen: 44
2401:52c0:190::/44 maxlen: 44
2401:52c0:1a0::/44 maxlen: 44
2401:52c0:1b0::/44 maxlen: 44
2401:52c0:1c0::/44 maxlen: 44
2401:52c0:1d0::/44 maxlen: 44
2401:52c0:1e0::/44 maxlen: 44
2401:52c0:1f0::/44 maxlen: 44
2401:52c0:200::/40 maxlen: 40
2401:52c0:300::/40 maxlen: 40
2401:52c0:400::/40 maxlen: 40
2401:52c0:500::/40 maxlen: 40
2401:52c0:600::/40 maxlen: 40
2401:52c0:700::/40 maxlen: 40
2401:52c0:800::/40 maxlen: 40
2401:52c0:900::/40 maxlen: 40
2401:52c0:a00::/40 maxlen: 40
2401:52c0:b00::/40 maxlen: 40
2401:52c0:c00::/40 maxlen: 40
2401:52c0:d00::/40 maxlen: 40
2401:52c0:e00::/40 maxlen: 40
2401:52c0:f00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/sbozBTw5ulhlU3dDESOJ4wDEiAc.crl
rsync://rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/sbozBTw5ulhlU3dDESOJ4wDEiAc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sbozBTw5ulhlU3dDESOJ4wDEiAc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 18:57:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3265 (0xcc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9150384, serialNumber=B1BA33053C39BA5865537743112389E300C48807
Validity
Not Before: Sep 16 05:28:58 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=68c8f59a-79dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:9d:6c:d4:38:25:2a:90:69:84:24:45:b8:c2:
7f:48:33:a2:47:36:72:a0:32:8c:d1:a6:c6:12:36:
3d:17:13:f0:3b:f8:07:fb:2a:8a:32:38:aa:71:02:
5b:63:12:5c:72:c8:a2:de:34:b4:05:e6:e5:47:a5:
79:a3:fb:ef:91:cd:17:d1:25:01:c5:d9:ff:1c:a4:
86:07:74:b8:13:6f:40:b5:a6:3f:ba:b1:c4:4e:87:
3f:f1:1e:f0:50:20:81:e8:b2:f2:0d:d1:06:f5:10:
ba:bf:7e:c3:43:ae:68:0c:d3:1b:e9:ba:09:74:b3:
42:d4:ba:9b:55:bd:4e:53:85:77:c8:f5:11:9c:c3:
f9:29:67:33:3e:20:d6:0d:3a:8d:ea:62:b5:4c:e5:
bc:54:45:d3:50:a3:8c:08:47:ce:29:3a:db:3b:ab:
8b:be:bc:d9:b3:41:a3:49:28:97:0b:a3:f1:11:de:
ab:a0:c4:c9:37:14:05:bd:39:a4:2f:88:e9:1d:e3:
6f:99:7d:2d:91:de:36:1f:20:53:a5:0c:d1:8b:76:
6c:f0:f5:e8:47:fa:bc:b8:89:d1:3d:af:c6:9b:de:
c8:3a:f7:07:1e:3e:3b:c9:0f:e1:f7:7c:85:62:9b:
52:10:e2:a8:a2:61:c5:a2:5b:18:de:2d:a2:dc:53:
98:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:1E:A7:13:53:DC:B4:90:47:E8:EF:56:08:7F:DC:8C:9D:29:F9:43
X509v3 Authority Key Identifier:
keyid:B1:BA:33:05:3C:39:BA:58:65:53:77:43:11:23:89:E3:00:C4:88:07
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/sbozBTw5ulhlU3dDESOJ4wDEiAc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sbozBTw5ulhlU3dDESOJ4wDEiAc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/3240ED82D62D11EFB0442B5DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.23.204.0/22
223.25.252.0/22
IPv6:
2401:52c0::/32
Signature Algorithm: sha256WithRSAEncryption
a7:8d:9b:7c:1a:93:2f:c5:39:ba:86:8f:bc:38:a8:ca:fb:85:
00:5d:41:1b:45:e6:73:19:af:b2:e7:74:0e:0a:46:14:27:45:
e7:ca:28:60:97:65:ff:a1:f5:ea:fe:ab:5c:fc:f2:e3:70:13:
98:b2:f5:a9:e8:66:89:c7:8d:da:8d:5c:b9:76:06:8c:50:57:
8c:f2:55:8d:60:15:d9:0e:d7:e3:b1:a5:49:88:b6:9c:f1:65:
1e:a8:21:4c:6c:d6:15:76:be:d8:0d:8b:66:03:62:55:44:be:
f6:69:d0:ac:13:b4:8d:32:43:8f:01:e3:aa:22:8b:86:1b:70:
46:45:31:fa:e5:c7:bf:35:a3:a8:66:30:75:50:b8:ac:82:24:
32:5a:d0:ab:86:aa:e5:bd:0f:f9:9e:cb:96:58:8c:86:b0:0a:
95:6a:37:86:e7:5d:71:0f:93:e6:99:00:da:bc:ba:1b:c9:9c:
9f:5d:73:0f:0e:4e:8c:f1:15:ed:aa:d6:71:22:2f:7c:71:aa:
58:4f:f2:96:a1:18:c8:8e:fb:1a:47:20:fb:d4:f2:85:a5:f9:
82:28:83:c0:97:26:37:82:81:51:9c:34:6a:b0:f0:84:5e:1d:
4c:f6:a4:6a:65:64:56:da:31:45:f1:88:bf:00:5c:8b:ad:07:
f4:b1:e8:98
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDMEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTAzODQxMTAvBgNVBAUTKEIxQkEzMzA1M0MzOUJBNTg2NTUzNzc0MzExMjM4OUUz
MDBDNDg4MDcwHhcNMjUwOTE2MDUyODU4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGM4ZjU5YS03OWRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArZ1s1DglKpBphCRFuMJ/SDOiRzZyoDKM0abGEjY9FxPwO/gH+yqKMjiqcQJb
YxJccsii3jS0BeblR6V5o/vvkc0X0SUBxdn/HKSGB3S4E29AtaY/urHEToc/8R7w
UCCB6LLyDdEG9RC6v37DQ65oDNMb6boJdLNC1LqbVb1OU4V3yPURnMP5KWczPiDW
DTqN6mK1TOW8VEXTUKOMCEfOKTrbO6uLvrzZs0GjSSiXC6PxEd6roMTJNxQFvTmk
L4jpHeNvmX0tkd42HyBTpQzRi3Zs8PXoR/q8uInRPa/Gm97IOvcHHj47yQ/h93yF
YptSEOKoomHFolsY3i2i3FOYfwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFP0epxNT
3LSQR+jvVgh/3IydKflDMB8GA1UdIwQYMBaAFLG6MwU8ObpYZVN3QxEjieMAxIgH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MDM4NC85MzdGMzcyRTAw
NUExMUVBQTA5NEJEMzFDNEY5QUUwMi9zYm96QlR3NXVsaGxVM2RERVNPSjR3REVp
QWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Nib3pCVHc1dWxobFUzZERFU09KNHdERWlBYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTAzODQvOTM3RjM3MkUwMDVBMTFFQUEwOTRCRDMxQzRGOUFFMDIvMzI0MEVEODJE
NjJEMTFFRkIwNDQyQjVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnF8wDBALfGfwwDQQCAAIwBwMFACQBUsAwDQYJKoZIhvcN
AQELBQADggEBAKeNm3waky/FObqGj7w4qMr7hQBdQRtF5nMZr7LndA4KRhQnRefK
KGCXZf+h9er+q1z88uNwE5iy9anoZonHjdqNXLl2BoxQV4zyVY1gFdkO1+OxpUmI
tpzxZR6oIUxs1hV2vtgNi2YDYlVEvvZp0KwTtI0yQ48B46oii4YbcEZFMfrlx781
o6hmMHVQuKyCJDJa0KuGquW9D/mey5ZYjIawCpVqN4bnXXEPk+aZANq8uhvJnJ9d
cw8OTozxFe2q1nEiL3xxqlhP8pahGMiO+xpHIPvU8oWl+YIog8CXJjeCgVGcNGqw
8IReHUz2pGplZFbaMUXxiL8AXIutB/Sx6Jg=
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:36:12 2025 by rpki-client