Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917B9CB/6F6EDC601D8E11E2885CDFEC08B02CD2/036356DC573611F08FD0E718C4F9AE02.roa
File: 036356DC573611F08FD0E718C4F9AE02.roa (raw, json)
Hash identifier: dAcM+WPTq+lpF6zBrb9QFub64ROSS+oF3Dzc2JF12yY=
Subject key identifier: D1:90:23:34:3C:8E:0A:94:84:CB:D9:8E:E4:86:82:0B:08:64:3B:CF
Certificate issuer: /CN=A917B9CB/serialNumber=33A7AEAFA5526DCDC56CF0876BBD41133E3D2479
Certificate serial: 34D8
Authority key identifier: 33:A7:AE:AF:A5:52:6D:CD:C5:6C:F0:87:6B:BD:41:13:3E:3D:24:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M6eur6VSbc3FbPCHa71BEz49JHk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917B9CB/6F6EDC601D8E11E2885CDFEC08B02CD2/036356DC573611F08FD0E718C4F9AE02.roa
Signing time: Tue 26 Aug 2025 08:29:59 +0000
ROA not before: Tue 26 Aug 2025 08:29:59 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 132789
IP address blocks: 203.105.192.0/24 maxlen: 24
203.105.193.0/24 maxlen: 24
203.105.194.0/24 maxlen: 24
203.105.195.0/24 maxlen: 24
203.105.196.0/24 maxlen: 24
203.105.197.0/24 maxlen: 24
203.105.198.0/24 maxlen: 24
203.105.199.0/24 maxlen: 24
203.105.201.0/24 maxlen: 24
203.105.202.0/24 maxlen: 24
203.105.205.0/24 maxlen: 24
203.105.206.0/24 maxlen: 24
203.105.207.0/24 maxlen: 24
203.105.208.0/24 maxlen: 24
203.105.209.0/24 maxlen: 24
203.105.212.0/24 maxlen: 24
203.105.213.0/24 maxlen: 24
203.105.214.0/24 maxlen: 24
203.105.215.0/24 maxlen: 24
203.105.216.0/24 maxlen: 24
203.105.217.0/24 maxlen: 24
203.105.218.0/24 maxlen: 24
203.105.219.0/24 maxlen: 24
203.105.220.0/24 maxlen: 24
203.105.221.0/24 maxlen: 24
203.105.222.0/24 maxlen: 24
203.105.223.0/24 maxlen: 24
2402:3780::/48 maxlen: 48
2402:3780:2::/48 maxlen: 48
2402:3780:1000::/48 maxlen: 48
2402:3780:f001::/48 maxlen: 48
2402:3780:f002::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917B9CB/6F6EDC601D8E11E2885CDFEC08B02CD2/M6eur6VSbc3FbPCHa71BEz49JHk.crl
rsync://rpki.apnic.net/member_repository/A917B9CB/6F6EDC601D8E11E2885CDFEC08B02CD2/M6eur6VSbc3FbPCHa71BEz49JHk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M6eur6VSbc3FbPCHa71BEz49JHk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 14:42:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13528 (0x34d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917B9CB, serialNumber=33A7AEAFA5526DCDC56CF0876BBD41133E3D2479
Validity
Not Before: Aug 26 08:29:59 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=68ad7086-e64f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:0c:62:85:f6:96:48:b2:df:aa:63:da:28:96:
94:3a:ea:60:32:c5:8a:02:1f:06:17:88:aa:c3:3d:
c4:09:de:82:4d:0c:ae:d6:6b:bb:1e:63:64:b0:17:
7c:6f:cd:26:0f:ef:3f:e3:62:43:bc:db:bd:c1:35:
51:2c:d4:e1:f5:2f:fb:a9:11:87:07:77:2d:71:94:
81:fb:85:7e:55:1d:14:f5:4d:a3:ed:e0:14:d0:38:
0d:0c:0f:4b:88:8e:39:c8:32:82:fa:fd:5d:7e:8a:
41:75:a9:b0:57:ff:8e:0d:9a:be:5f:1a:e8:aa:8a:
f7:d1:6b:b0:23:d0:be:94:5b:a8:5b:f0:50:43:be:
3f:a0:a4:fa:14:a7:b0:3a:ca:bd:1a:f3:2a:ac:8c:
b4:b1:50:1e:a7:a6:d8:29:00:47:b9:21:c3:ca:90:
99:f6:42:bf:00:e3:39:63:0f:5f:a7:7b:5b:84:b0:
08:9c:2f:35:55:b1:b8:ee:63:5c:39:79:c4:02:80:
79:c6:ef:54:da:0e:01:ff:0c:f6:a0:09:d2:d9:21:
b8:2b:d2:d1:fc:ab:8f:f4:70:5d:a6:de:bc:83:62:
ce:f8:d4:76:4f:13:4c:05:c0:19:9d:8b:ad:bd:70:
38:09:3e:00:ed:d2:74:e0:fa:a4:65:dd:15:88:f6:
09:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:90:23:34:3C:8E:0A:94:84:CB:D9:8E:E4:86:82:0B:08:64:3B:CF
X509v3 Authority Key Identifier:
keyid:33:A7:AE:AF:A5:52:6D:CD:C5:6C:F0:87:6B:BD:41:13:3E:3D:24:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917B9CB/6F6EDC601D8E11E2885CDFEC08B02CD2/M6eur6VSbc3FbPCHa71BEz49JHk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M6eur6VSbc3FbPCHa71BEz49JHk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B9CB/6F6EDC601D8E11E2885CDFEC08B02CD2/036356DC573611F08FD0E718C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.105.192.0/21
203.105.201.0-203.105.202.255
203.105.205.0-203.105.209.255
203.105.212.0-203.105.223.255
IPv6:
2402:3780::/48
2402:3780:2::/48
2402:3780:1000::/48
2402:3780:f001::-2402:3780:f002:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
60:19:15:58:7c:4a:b8:d5:36:21:34:a5:e4:cc:6e:24:cd:01:
09:a2:7e:05:0c:2c:11:97:89:ba:9f:07:83:80:09:ef:9f:f0:
77:30:2c:25:be:10:13:28:11:5c:c3:b7:47:3f:4f:5b:7c:93:
49:c1:d0:20:88:5c:5b:d1:cf:8e:fc:5c:66:a0:28:40:02:9c:
50:97:87:1d:5b:d9:e7:68:22:5d:d2:81:58:03:a6:ca:6a:18:
1b:8a:b0:64:2b:72:75:de:fe:9d:7e:81:8c:58:54:2e:78:46:
26:eb:d0:82:f0:c8:26:34:ee:2f:54:b3:63:49:f3:b4:be:0b:
d0:93:ce:46:2d:72:ea:6b:c1:a0:7e:6f:a9:2c:96:70:da:1a:
78:2c:4d:94:e1:a7:23:42:2c:99:bc:6c:53:c0:f4:e6:be:09:
e6:35:8f:68:c4:1e:da:a9:15:6a:e3:33:ae:37:b3:f7:12:89:
e9:35:a6:9c:3b:ab:06:cc:93:d1:1d:bf:1e:43:9e:c5:46:52:
e2:01:c0:18:1f:58:f4:24:8b:df:e8:d9:c7:92:f5:f5:88:d6:
6d:3d:fe:22:c1:81:c3:15:02:83:d5:57:76:d2:54:05:1a:06:
3e:f2:09:52:c3:4d:1f:27:8b:1c:b3:ff:a5:8d:9d:75:3b:3a:
9c:8c:89:78
-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgICNNgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0I5Q0IxMTAvBgNVBAUTKDMzQTdBRUFGQTU1MjZEQ0RDNTZDRjA4NzZCQkQ0MTEz
M0UzRDI0NzkwHhcNMjUwODI2MDgyOTU5WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OGFkNzA4Ni1lNjRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvQxihfaWSLLfqmPaKJaUOupgMsWKAh8GF4iqwz3ECd6CTQyu1mu7HmNksBd8
b80mD+8/42JDvNu9wTVRLNTh9S/7qRGHB3ctcZSB+4V+VR0U9U2j7eAU0DgNDA9L
iI45yDKC+v1dfopBdamwV/+ODZq+Xxroqor30WuwI9C+lFuoW/BQQ74/oKT6FKew
Osq9GvMqrIy0sVAep6bYKQBHuSHDypCZ9kK/AOM5Yw9fp3tbhLAInC81VbG47mNc
OXnEAoB5xu9U2g4B/wz2oAnS2SG4K9LR/KuP9HBdpt68g2LO+NR2TxNMBcAZnYut
vXA4CT4A7dJ04PqkZd0ViPYJ7QIDAQABo4IC9zCCAvMwHQYDVR0OBBYEFNGQIzQ8
jgqUhMvZjuSGggsIZDvPMB8GA1UdIwQYMBaAFDOnrq+lUm3NxWzwh2u9QRM+PSR5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjlDQi82RjZFREM2MDFE
OEUxMUUyODg1Q0RGRUMwOEIwMkNEMi9NNmV1cjZWU2JjM0ZiUENIYTcxQkV6NDlK
SGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL002ZXVyNlZTYmMzRmJQQ0hhNzFCRXo0OUpIay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0I5Q0IvNkY2RURDNjAxRDhFMTFFMjg4NUNERkVDMDhCMDJDRDIvMDM2MzU2REM1
NzM2MTFGMDhGRDBFNzE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYAGCCsGAQUFBwEHAQH/
BHEwbzA2BAIAATAwAwQDy2nAMAwDBADLackDBADLacowDAMEAMtpzQMEActp0DAM
AwQCy2nUAwQFy2nAMDUEAgACMC8DBwAkAjeAAAADBwAkAjeAAAIDBwAkAjeAEAAw
EgMHACQCN4DwAQMHACQCN4DwAjANBgkqhkiG9w0BAQsFAAOCAQEAYBkVWHxKuNU2
ITSl5MxuJM0BCaJ+BQwsEZeJup8Hg4AJ75/wdzAsJb4QEygRXMO3Rz9PW3yTScHQ
IIhcW9HPjvxcZqAoQAKcUJeHHVvZ52giXdKBWAOmymoYG4qwZCtydd7+nX6BjFhU
LnhGJuvQgvDIJjTuL1SzY0nztL4L0JPORi1y6mvBoH5vqSyWcNoaeCxNlOGnI0Is
mbxsU8D05r4J5jWPaMQe2qkVauMzrjez9xKJ6TWmnDurBsyT0R2/HkOexUZS4gHA
GB9Y9CSL3+jZx5L19YjWbT3+IsGBwxUCg9VXdtJUBRoGPvIJUsNNHyeLHLP/pY2d
dTs6nIyJeA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 11:35:38 2025 by rpki-client