Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918232F/3345C4C6664C11E8B71AFE46C4F9AE02/530FB34C664D11E89967A549C4F9AE02.roa
File: 530FB34C664D11E89967A549C4F9AE02.roa (raw, json)
Hash identifier: trf33MfZmwst14ncdp+0lftlqiI1atOh67rv0E0k0p4=
Subject key identifier: 04:5E:10:49:F1:D8:A4:94:58:9C:57:4C:D8:53:28:8B:CE:6C:73:80
Certificate issuer: /CN=A918232F/serialNumber=A727F59B24B114A251FDF77F53BFA0EC691E25A5
Certificate serial: 14E5
Authority key identifier: A7:27:F5:9B:24:B1:14:A2:51:FD:F7:7F:53:BF:A0:EC:69:1E:25:A5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pyf1mySxFKJR_fd_U7-g7GkeJaU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918232F/3345C4C6664C11E8B71AFE46C4F9AE02/530FB34C664D11E89967A549C4F9AE02.roa
Signing time: Sat 11 Oct 2025 12:20:49 +0000
ROA not before: Sat 11 Oct 2025 12:20:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 135139
IP address blocks: 103.114.208.0/22 maxlen: 22
103.114.208.0/23 maxlen: 23
103.114.208.0/24 maxlen: 24
103.114.209.0/24 maxlen: 24
103.114.210.0/23 maxlen: 23
103.114.210.0/24 maxlen: 24
103.114.211.0/24 maxlen: 24
2402:d540::/32 maxlen: 32
2402:d540::/36 maxlen: 44
2402:d540:1::/48 maxlen: 48
2402:d540:2::/48 maxlen: 48
2402:d540:3::/48 maxlen: 48
2402:d540:4::/48 maxlen: 48
2402:d540:5::/48 maxlen: 48
2402:d540:6::/48 maxlen: 48
2402:d540:7::/48 maxlen: 48
2402:d540:8::/48 maxlen: 48
2402:d540:9::/48 maxlen: 48
2402:d540:a::/48 maxlen: 48
2402:d540:b::/48 maxlen: 48
2402:d540:c::/48 maxlen: 48
2402:d540:d::/48 maxlen: 48
2402:d540:e::/48 maxlen: 48
2402:d540:f::/48 maxlen: 48
2402:d540:10::/48 maxlen: 48
2402:d540:11::/48 maxlen: 48
2402:d540:12::/48 maxlen: 48
2402:d540:13::/48 maxlen: 48
2402:d540:14::/48 maxlen: 48
2402:d540:15::/48 maxlen: 48
2402:d540:16::/48 maxlen: 48
2402:d540:17::/48 maxlen: 48
2402:d540:18::/48 maxlen: 48
2402:d540:19::/48 maxlen: 48
2402:d540:1a::/48 maxlen: 48
2402:d540:1b::/48 maxlen: 48
2402:d540:3ff::/48 maxlen: 56
2402:d540:1000::/36 maxlen: 36
2402:d540:2000::/36 maxlen: 44
2402:d540:3000::/36 maxlen: 44
2402:d540:4000::/36 maxlen: 44
2402:d540:5000::/36 maxlen: 44
2402:d540:6000::/36 maxlen: 44
2402:d540:7000::/36 maxlen: 44
2402:d540:8000::/36 maxlen: 44
2402:d540:9000::/36 maxlen: 44
2402:d540:a000::/36 maxlen: 44
2402:d540:b000::/36 maxlen: 44
2402:d540:c000::/36 maxlen: 44
2402:d540:d000::/36 maxlen: 44
2402:d540:e000::/36 maxlen: 44
2402:d540:f000::/36 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918232F/3345C4C6664C11E8B71AFE46C4F9AE02/pyf1mySxFKJR_fd_U7-g7GkeJaU.crl
rsync://rpki.apnic.net/member_repository/A918232F/3345C4C6664C11E8B71AFE46C4F9AE02/pyf1mySxFKJR_fd_U7-g7GkeJaU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pyf1mySxFKJR_fd_U7-g7GkeJaU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 27 Oct 2025 17:14:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5349 (0x14e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918232F, serialNumber=A727F59B24B114A251FDF77F53BFA0EC691E25A5
Validity
Not Before: Oct 11 12:20:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68ea4ba1-89c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:74:53:a9:56:8e:91:7c:05:da:ca:f2:80:62:
23:bb:65:79:16:61:c9:89:53:c1:9c:a5:23:83:77:
e5:d2:6d:4b:db:e9:c2:63:93:fe:46:aa:44:a4:3f:
e7:3e:d3:69:f5:1d:89:7b:fd:2f:de:39:03:59:42:
68:14:92:88:ea:2e:0b:90:27:66:8c:98:6e:00:62:
4b:26:4b:d9:21:1e:dc:02:56:15:81:45:73:97:76:
1e:e4:aa:7a:60:3a:f2:60:68:20:1d:e1:9f:78:67:
4b:94:a1:02:6d:4e:a5:70:5a:36:0e:95:a6:ea:2e:
f0:ef:68:b8:60:08:5b:fc:34:55:b1:52:13:5e:38:
e4:c5:0b:85:7e:a0:0a:d9:7c:23:6e:67:09:ce:e5:
01:21:79:42:bb:d3:2b:89:6c:36:ac:19:2a:04:1b:
ab:f3:ae:73:bd:21:99:61:af:30:57:98:bd:41:0a:
ef:43:a0:ff:5d:6b:a9:a1:dd:19:59:fd:d2:4a:ba:
05:22:47:3a:4c:b8:a7:cd:f7:59:3f:f6:66:2a:d3:
d6:4d:dc:41:1a:8b:45:0a:7c:07:87:c6:68:3f:a8:
c9:e3:36:3b:6b:84:f2:1d:a3:77:03:12:ea:7d:86:
51:a7:6f:0a:8e:34:35:4d:39:3a:0e:19:e9:c7:c5:
d0:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:5E:10:49:F1:D8:A4:94:58:9C:57:4C:D8:53:28:8B:CE:6C:73:80
X509v3 Authority Key Identifier:
keyid:A7:27:F5:9B:24:B1:14:A2:51:FD:F7:7F:53:BF:A0:EC:69:1E:25:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918232F/3345C4C6664C11E8B71AFE46C4F9AE02/pyf1mySxFKJR_fd_U7-g7GkeJaU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pyf1mySxFKJR_fd_U7-g7GkeJaU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918232F/3345C4C6664C11E8B71AFE46C4F9AE02/530FB34C664D11E89967A549C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.114.208.0/22
IPv6:
2402:d540::/32
Signature Algorithm: sha256WithRSAEncryption
80:fb:b0:d0:5d:2b:42:92:23:7a:4c:c9:e1:bb:34:5c:3e:7b:
fb:ac:ca:ad:e9:81:75:65:58:e2:db:24:dd:9e:e9:8b:37:f8:
54:24:95:e4:d4:39:4a:49:38:2c:7a:8f:8b:1b:8e:f7:f9:b4:
46:76:b4:12:b2:b6:9f:c3:50:a6:77:e0:3a:f9:94:03:36:4e:
27:da:dd:c6:b5:b8:61:09:8a:a6:ee:89:fc:e6:3f:a3:33:27:
21:8a:2f:b5:8d:9f:37:d8:a5:c4:8d:52:03:2d:79:e0:76:58:
55:e2:ec:b1:87:92:a7:59:85:4f:0b:e1:4c:2a:20:e8:c1:15:
01:a7:1e:a7:eb:e9:6b:02:3d:c2:fd:89:7d:e2:bb:87:26:22:
77:83:4e:98:88:b5:0f:8f:1e:a9:87:ed:34:3f:1b:ce:45:a3:
0e:11:f9:cd:dc:7c:7e:ad:07:f3:da:3f:1b:d9:04:69:81:bb:
f8:91:7d:37:6c:34:3d:9c:17:67:ad:7e:e6:81:7a:12:eb:17:
78:6d:28:04:71:24:6c:f6:9e:13:6a:19:c7:aa:db:e1:a3:c9:
f8:3f:cd:07:3c:52:c9:27:0c:9e:9f:a6:3d:69:2e:d1:78:66:
a5:95:74:ee:76:a3:87:58:95:07:f7:a4:f9:88:fe:9f:c0:ac:
91:0b:cc:46
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICFOUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODIzMkYxMTAvBgNVBAUTKEE3MjdGNTlCMjRCMTE0QTI1MUZERjc3RjUzQkZBMEVD
NjkxRTI1QTUwHhcNMjUxMDExMTIyMDQ5WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGVhNGJhMS04OWM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlHRTqVaOkXwF2srygGIju2V5FmHJiVPBnKUjg3fl0m1L2+nCY5P+RqpEpD/n
PtNp9R2Je/0v3jkDWUJoFJKI6i4LkCdmjJhuAGJLJkvZIR7cAlYVgUVzl3Ye5Kp6
YDryYGggHeGfeGdLlKECbU6lcFo2DpWm6i7w72i4YAhb/DRVsVITXjjkxQuFfqAK
2XwjbmcJzuUBIXlCu9MriWw2rBkqBBur865zvSGZYa8wV5i9QQrvQ6D/XWupod0Z
Wf3SSroFIkc6TLinzfdZP/ZmKtPWTdxBGotFCnwHh8ZoP6jJ4zY7a4TyHaN3AxLq
fYZRp28KjjQ1TTk6Dhnpx8XQNwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFAReEEnx
2KSUWJxXTNhTKIvObHOAMB8GA1UdIwQYMBaAFKcn9ZsksRSiUf33f1O/oOxpHiWl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MjMyRi8zMzQ1QzRDNjY2
NEMxMUU4QjcxQUZFNDZDNEY5QUUwMi9weWYxbXlTeEZLSlJfZmRfVTctZzdHa2VK
YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3B5ZjFteVN4RktKUl9mZF9VNy1nN0drZUphVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODIzMkYvMzM0NUM0QzY2NjRDMTFFOEI3MUFGRTQ2QzRGOUFFMDIvNTMwRkIzNEM2
NjREMTFFODk5NjdBNTQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnctAwDQQCAAIwBwMFACQC1UAwDQYJKoZIhvcNAQELBQAD
ggEBAID7sNBdK0KSI3pMyeG7NFw+e/usyq3pgXVlWOLbJN2e6Ys3+FQkleTUOUpJ
OCx6j4sbjvf5tEZ2tBKytp/DUKZ34Dr5lAM2Tifa3ca1uGEJiqbuifzmP6MzJyGK
L7WNnzfYpcSNUgMteeB2WFXi7LGHkqdZhU8L4UwqIOjBFQGnHqfr6WsCPcL9iX3i
u4cmIneDTpiItQ+PHqmH7TQ/G85Fow4R+c3cfH6tB/PaPxvZBGmBu/iRfTdsND2c
F2etfuaBehLrF3htKARxJGz2nhNqGceq2+Gjyfg/zQc8UsknDJ6fpj1pLtF4ZqWV
dO52o4dYlQf3pPmI/p/ArJELzEY=
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:29:45 2025 by rpki-client