Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2A309C02FD8611EFB0589357C4F9AE02.roa
File: 2A309C02FD8611EFB0589357C4F9AE02.roa (raw, json)
Hash identifier: krJftnId4f1bESYYOXsjkAWz5c6qiwB33RvkOD2vV2Y=
Subject key identifier: 28:A7:11:C9:11:13:87:19:92:06:56:C4:29:B9:8E:D8:43:2A:10:91
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: BEEF
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2A309C02FD8611EFB0589357C4F9AE02.roa
Signing time: Thu 26 Jun 2025 07:45:10 +0000
ROA not before: Thu 26 Jun 2025 07:45:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 151690
IP address blocks: 43.228.166.0/23 maxlen: 24
103.96.15.0/24 maxlen: 24
103.109.220.0/22 maxlen: 24
103.115.128.0/22 maxlen: 24
103.147.93.0/24 maxlen: 24
103.157.162.0/23 maxlen: 24
103.162.74.0/24 maxlen: 24
103.162.75.0/24 maxlen: 24
103.172.56.0/24 maxlen: 24
103.185.100.0/24 maxlen: 24
103.216.99.0/24 maxlen: 24
103.225.70.0/24 maxlen: 24
103.239.12.0/23 maxlen: 24
2001:df2:23c0::/48 maxlen: 48
2001:df2:9640::/48 maxlen: 48
2001:df3:29c0::/48 maxlen: 48
2001:df4:88c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 09 Jul 2025 15:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48879 (0xbeef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jun 26 07:45:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=685cfa86-cf06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1c:ca:62:5b:ff:42:e9:c0:d9:13:0e:dc:98:
87:ce:92:07:62:87:d4:29:cd:dd:a3:a5:e5:01:12:
48:90:70:48:08:7d:64:af:f5:bc:15:26:87:86:ac:
67:27:76:f6:df:e2:c5:18:a3:40:3a:63:fe:bf:2f:
1e:1e:2c:3f:36:b8:8d:ba:c9:68:15:7d:b5:a6:29:
90:15:5c:6a:cb:03:59:63:a7:7f:9a:53:b0:c1:08:
b5:26:89:dd:76:ca:c4:c2:88:df:03:50:49:ea:78:
10:fe:36:9f:ac:0a:0f:6c:19:ba:84:96:6a:cb:50:
e6:24:9e:f2:7c:a4:90:de:38:ce:c6:4a:28:90:d3:
14:58:6e:1c:d2:21:f7:d3:d3:26:dc:68:45:16:8c:
88:bc:bb:8d:18:45:4f:06:5d:d4:d4:71:0f:14:de:
ce:bb:3d:07:b0:7a:58:57:5e:57:5a:60:aa:f4:cf:
27:c8:dc:bf:28:60:7b:0b:3b:37:04:03:16:bc:21:
ec:3b:ba:fc:59:79:7d:64:79:c2:61:92:d9:72:d0:
59:57:a1:5f:88:ae:b5:4b:04:42:43:6b:b8:ff:dc:
31:1f:68:9c:ad:15:aa:6a:ba:b2:81:71:34:9d:c2:
1f:ba:81:95:52:02:5d:bb:a0:a1:d9:3b:78:e2:d3:
79:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:A7:11:C9:11:13:87:19:92:06:56:C4:29:B9:8E:D8:43:2A:10:91
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2A309C02FD8611EFB0589357C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.228.166.0/23
103.96.15.0/24
103.109.220.0/22
103.115.128.0/22
103.147.93.0/24
103.157.162.0/23
103.162.74.0/23
103.172.56.0/24
103.185.100.0/24
103.216.99.0/24
103.225.70.0/24
103.239.12.0/23
IPv6:
2001:df2:23c0::/48
2001:df2:9640::/48
2001:df3:29c0::/48
2001:df4:88c0::/48
Signature Algorithm: sha256WithRSAEncryption
22:46:40:24:21:62:8a:f7:d5:1b:7a:ee:d6:3b:b7:3f:d0:81:
52:10:48:75:46:72:14:cf:fb:de:03:09:18:e7:95:f1:25:8b:
50:9e:eb:c5:93:16:8f:01:31:c4:86:0b:93:ed:44:b1:34:10:
00:2b:97:a6:49:86:a8:0a:d9:dc:a1:d1:5f:6f:09:5e:73:e8:
14:62:8e:09:46:3d:ec:25:73:ce:ba:cb:35:10:f7:0f:99:35:
a1:82:69:a3:6f:38:98:80:ef:16:d0:65:3a:d5:17:22:8c:12:
05:d8:c8:57:14:4d:b2:31:f7:04:e6:a1:5f:d0:48:73:6c:1e:
34:a3:2b:a6:c1:f9:b6:fe:4e:ac:ff:4b:d5:16:16:b2:5e:0c:
12:d9:66:e6:11:9a:58:af:34:c3:42:9b:f9:b5:91:cd:10:0a:
12:1a:9a:66:bf:33:29:f7:2d:f4:b0:55:fd:9c:e3:66:28:1f:
b9:f1:91:2c:a8:25:d4:66:5d:2e:ab:36:20:f7:58:11:b5:31:
24:27:77:9f:f0:9c:96:3d:68:63:f5:e9:2c:fe:07:8e:77:96:
96:a5:62:41:1e:c0:2a:33:a9:c9:66:0c:25:a0:8c:8d:12:f4:
f1:2c:19:8a:e3:6a:b2:03:aa:a6:55:4a:6c:40:f1:65:71:66:
de:61:ec:f2
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgIDAL7vMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDYyNjA3NDUxMFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjg1Y2ZhODYtY2YwNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMgcymJb/0LpwNkTDtyYh86SB2KH1CnN3aOl5QESSJBwSAh9ZK/1vBUmh4as
Zyd29t/ixRijQDpj/r8vHh4sPza4jbrJaBV9taYpkBVcassDWWOnf5pTsMEItSaJ
3XbKxMKI3wNQSep4EP42n6wKD2wZuoSWastQ5iSe8nykkN44zsZKKJDTFFhuHNIh
99PTJtxoRRaMiLy7jRhFTwZd1NRxDxTezrs9B7B6WFdeV1pgqvTPJ8jcvyhgews7
NwQDFrwh7Du6/Fl5fWR5wmGS2XLQWVehX4iutUsEQkNruP/cMR9onK0Vqmq6soFx
NJ3CH7qBlVICXbugodk7eOLTec0CAwEAAaOCAwQwggMAMB0GA1UdDgQWBBQopxHJ
EROHGZIGVsQpuY7YQyoQkTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzJBMzA5QzAy
RkQ4NjExRUZCMDU4OTM1N0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGNBggrBgEFBQcBBwEB
/wR+MHwwTgQCAAEwSAMEASvkpgMEAGdgDwMEAmdt3AMEAmdzgAMEAGeTXQMEAWed
ogMEAWeiSgMEAGesOAMEAGe5ZAMEAGfYYwMEAGfhRgMEAWfvDDAqBAIAAjAkAwcA
IAEN8iPAAwcAIAEN8pZAAwcAIAEN8ynAAwcAIAEN9IjAMA0GCSqGSIb3DQEBCwUA
A4IBAQAiRkAkIWKK99Ubeu7WO7c/0IFSEEh1RnIUz/veAwkY55XxJYtQnuvFkxaP
ATHEhguT7USxNBAAK5emSYaoCtncodFfbwlec+gUYo4JRj3sJXPOuss1EPcPmTWh
gmmjbziYgO8W0GU61RcijBIF2MhXFE2yMfcE5qFf0EhzbB40oyumwfm2/k6s/0vV
FhayXgwS2WbmEZpYrzTDQpv5tZHNEAoSGppmvzMp9y30sFX9nONmKB+58ZEsqCXU
Zl0uqzYg91gRtTEkJ3ef8JyWPWhj9eks/geOd5aWpWJBHsAqM6nJZgwloIyNEvTx
LBmK42qyA6qmVUpsQPFlcWbeYezy
-----END CERTIFICATE-----
Generated at Thu Jul 3 03:45:00 2025 by rpki-client