Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9874C54A271F11F0A6A6E371C4F9AE02.roa
File: 9874C54A271F11F0A6A6E371C4F9AE02.roa (raw, json)
Hash identifier: z7kBx2/HqZpAhZcEx7X8NZQWhcEhhD60hsBMWdbvYa8=
Subject key identifier: 02:65:81:C5:2E:B1:29:00:11:B3:E4:6D:AA:7B:25:11:27:26:83:5E
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: C2F1
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9874C54A271F11F0A6A6E371C4F9AE02.roa
Signing time: Wed 20 Aug 2025 10:19:02 +0000
ROA not before: Wed 20 Aug 2025 10:19:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 138311
IP address blocks: 103.84.80.0/24 maxlen: 24
103.84.81.0/24 maxlen: 24
103.84.82.0/24 maxlen: 24
103.84.83.0/24 maxlen: 24
103.96.40.0/24 maxlen: 24
103.96.41.0/24 maxlen: 24
103.96.42.0/24 maxlen: 24
103.132.244.0/23 maxlen: 24
103.133.158.0/23 maxlen: 24
103.139.170.0/24 maxlen: 24
103.139.171.0/24 maxlen: 24
103.157.122.0/23 maxlen: 24
103.160.174.0/23 maxlen: 24
103.163.90.0/24 maxlen: 24
103.163.91.0/24 maxlen: 24
103.169.240.0/23 maxlen: 24
103.171.132.0/24 maxlen: 24
103.171.133.0/24 maxlen: 24
103.175.170.0/23 maxlen: 24
103.176.186.0/24 maxlen: 24
103.176.187.0/24 maxlen: 24
103.195.82.0/23 maxlen: 24
103.196.184.0/23 maxlen: 24
103.207.11.0/24 maxlen: 24
103.212.152.0/23 maxlen: 24
103.212.154.0/23 maxlen: 24
103.239.174.0/24 maxlen: 24
103.239.175.0/24 maxlen: 24
210.16.92.0/24 maxlen: 24
210.16.93.0/24 maxlen: 24
2405:3440::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 15:25:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49905 (0xc2f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 20 10:19:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68a5a116-708f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:31:c8:8a:4e:a0:17:81:11:43:39:d7:a6:52:
2c:0e:2b:29:75:e6:10:12:60:c8:a3:0b:5a:1b:95:
a9:47:ae:ec:ac:01:bf:86:a9:89:b4:ad:ab:67:94:
00:e0:8f:93:07:ea:c4:63:c8:f2:7b:d3:db:e1:e6:
2e:8e:19:21:77:da:b2:8c:b7:21:7f:21:88:8e:8b:
3f:1e:d8:09:d4:86:3b:b3:35:00:fd:a6:eb:81:68:
b2:3d:f0:7f:64:fa:97:c2:c2:cb:4b:4b:52:de:07:
b0:3f:0f:2e:26:72:b4:f8:02:f9:44:6a:b4:2a:8f:
ca:c0:ce:32:d6:81:c1:83:90:b8:31:8f:ff:9a:8b:
fc:70:f5:dd:d6:63:c3:32:b8:b6:44:67:7e:70:cb:
b2:9e:c6:8b:e2:86:f8:5e:7e:eb:72:22:3a:39:e6:
04:49:c6:fb:0b:49:56:04:42:2c:6d:4f:09:c6:5a:
22:44:19:49:7d:43:8c:b5:d7:c8:96:14:73:76:0d:
59:5d:01:91:65:14:0e:70:b2:19:71:11:3b:3b:8e:
f4:43:2b:30:88:d6:33:a3:f8:c2:5b:f1:5a:ec:c8:
13:7d:94:1d:21:df:4d:92:59:3c:fc:e2:78:62:4b:
f2:c6:42:ab:b1:32:4e:af:86:9c:1e:46:55:a8:d2:
96:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:65:81:C5:2E:B1:29:00:11:B3:E4:6D:AA:7B:25:11:27:26:83:5E
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9874C54A271F11F0A6A6E371C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.84.80.0/22
103.96.40.0-103.96.42.255
103.132.244.0/23
103.133.158.0/23
103.139.170.0/23
103.157.122.0/23
103.160.174.0/23
103.163.90.0/23
103.169.240.0/23
103.171.132.0/23
103.175.170.0/23
103.176.186.0/23
103.195.82.0/23
103.196.184.0/23
103.207.11.0/24
103.212.152.0/22
103.239.174.0/23
210.16.92.0/23
IPv6:
2405:3440::/32
Signature Algorithm: sha256WithRSAEncryption
6c:86:b4:3f:87:fa:5a:d4:90:bf:6f:b4:d1:b3:d1:c7:60:26:
a4:64:9e:b6:85:fb:29:2b:7e:50:48:af:14:1a:17:45:99:88:
5f:1f:53:2b:2b:33:5b:10:00:82:a6:6c:8c:d3:61:14:5b:d2:
f8:2e:0b:1e:d2:bd:6e:a0:bb:46:df:46:f1:48:9a:03:f9:9c:
14:15:a0:2b:b4:30:0c:8a:41:99:fb:a0:f8:15:a1:1d:a6:9c:
6e:e4:8d:6e:30:6e:8e:db:87:1f:53:f3:6c:05:86:f9:3e:aa:
b2:31:28:1e:58:c1:aa:fd:3e:5f:3b:77:b8:e8:6b:6d:95:35:
95:d6:ee:60:4c:37:3e:ea:84:00:7c:c3:65:82:ca:cb:d5:53:
d5:7f:c6:8b:44:94:c0:22:94:ad:12:a1:a9:4f:de:98:09:a0:
ef:0f:fe:d2:51:8b:06:1d:60:93:0e:34:9f:fc:a0:a7:42:9d:
3a:3d:8e:e6:60:d6:c6:85:3d:19:5e:73:53:05:00:c7:4e:17:
92:c5:c6:73:9e:0f:14:e8:be:94:7a:fe:08:0a:21:6e:2a:d6:
d0:c9:c6:34:a6:ee:d0:83:9d:cf:ee:4f:09:1d:a0:2e:62:4c:
b6:59:e1:0d:98:89:7d:7b:89:04:be:ce:aa:aa:fe:ca:f0:a7:
66:a0:3e:9d
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgIDAMLxMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDgyMDEwMTkwMloXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjhhNWExMTYtNzA4ZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANIxyIpOoBeBEUM516ZSLA4rKXXmEBJgyKMLWhuVqUeu7KwBv4apibStq2eU
AOCPkwfqxGPI8nvT2+HmLo4ZIXfasoy3IX8hiI6LPx7YCdSGO7M1AP2m64Fosj3w
f2T6l8LCy0tLUt4HsD8PLiZytPgC+URqtCqPysDOMtaBwYOQuDGP/5qL/HD13dZj
wzK4tkRnfnDLsp7Gi+KG+F5+63IiOjnmBEnG+wtJVgRCLG1PCcZaIkQZSX1DjLXX
yJYUc3YNWV0BkWUUDnCyGXEROzuO9EMrMIjWM6P4wlvxWuzIE32UHSHfTZJZPPzi
eGJL8sZCq7EyTq+GnB5GVajSloECAwEAAaOCAxUwggMRMB0GA1UdDgQWBBQCZYHF
LrEpABGz5G2qeyURJyaDXjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzk4NzRDNTRB
MjcxRjExRjBBNkE2RTM3MUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGeBggrBgEFBQcBBwEB
/wSBjjCBizB6BAIAATB0AwQCZ1RQMAwDBANnYCgDBABnYCoDBAFnhPQDBAFnhZ4D
BAFni6oDBAFnnXoDBAFnoK4DBAFno1oDBAFnqfADBAFnq4QDBAFnr6oDBAFnsLoD
BAFnw1IDBAFnxLgDBABnzwsDBAJn1JgDBAFn764DBAHSEFwwDQQCAAIwBwMFACQF
NEAwDQYJKoZIhvcNAQELBQADggEBAGyGtD+H+lrUkL9vtNGz0cdgJqRknraF+ykr
flBIrxQaF0WZiF8fUysrM1sQAIKmbIzTYRRb0vguCx7SvW6gu0bfRvFImgP5nBQV
oCu0MAyKQZn7oPgVoR2mnG7kjW4wbo7bhx9T82wFhvk+qrIxKB5Ywar9Pl87d7jo
a22VNZXW7mBMNz7qhAB8w2WCysvVU9V/xotElMAilK0SoalP3pgJoO8P/tJRiwYd
YJMONJ/8oKdCnTo9juZg1saFPRlec1MFAMdOF5LFxnOeDxTovpR6/ggKIW4q1tDJ
xjSm7tCDnc/uTwkdoC5iTLZZ4Q2YiX17iQS+zqqq/srwp2agPp0=
-----END CERTIFICATE-----
Generated at Sun Aug 24 02:33:08 2025 by rpki-client