Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/B43088B457F311F099129754C4F9AE02.roa
File: B43088B457F311F099129754C4F9AE02.roa (raw, json)
Hash identifier: G/js9Bvm1ldv3EUjoboyUhcQNgg/29Bat68H2Q8xFls=
Subject key identifier: 40:E3:15:BB:D8:EA:1D:DD:71:88:88:BA:3D:F0:B6:E2:77:B9:B8:E1
Certificate issuer: /CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
Certificate serial: 0C7E
Authority key identifier: B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/B43088B457F311F099129754C4F9AE02.roa
Signing time: Thu 16 Oct 2025 07:18:24 +0000
ROA not before: Thu 16 Oct 2025 07:18:24 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 5065
IP address blocks: 43.230.52.0/24 maxlen: 24
43.230.53.0/24 maxlen: 24
43.246.198.0/24 maxlen: 24
43.249.240.0/24 maxlen: 24
43.249.242.0/24 maxlen: 24
43.249.243.0/24 maxlen: 24
43.250.89.0/24 maxlen: 24
43.250.90.0/24 maxlen: 24
43.250.91.0/24 maxlen: 24
43.251.184.0/24 maxlen: 24
43.251.186.0/24 maxlen: 24
45.115.33.0/24 maxlen: 24
45.115.35.0/24 maxlen: 24
45.124.63.0/24 maxlen: 24
103.7.117.0/24 maxlen: 24
103.7.118.0/24 maxlen: 24
103.7.119.0/24 maxlen: 24
103.13.19.0/24 maxlen: 24
103.15.32.0/24 maxlen: 24
103.15.33.0/24 maxlen: 24
103.15.34.0/24 maxlen: 24
103.15.35.0/24 maxlen: 24
103.248.150.0/24 maxlen: 24
103.248.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl
rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 19:57:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3198 (0xc7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4402, serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
Validity
Not Before: Oct 16 07:18:24 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=68f09c3f-59f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f4:2c:fc:b2:30:da:51:1a:45:a6:1c:9b:c4:
42:6c:bd:7c:d7:03:a4:5a:a8:19:51:3c:52:3f:25:
94:e8:96:30:a9:c6:5c:e0:d8:cb:79:a5:92:e9:38:
13:b8:04:63:4d:b6:6f:93:e8:ce:be:ac:b8:f2:5b:
06:a2:96:8e:17:4b:58:70:4b:c9:0f:30:42:75:f5:
fe:cc:93:fe:67:42:b0:c2:a9:52:0c:d8:d3:27:56:
84:d7:2a:2d:af:1d:00:42:6b:35:7e:b1:92:65:97:
af:9f:ea:18:ac:58:1d:61:f3:ef:0a:5f:e0:01:fe:
9e:ca:e9:bd:cb:25:11:bf:fc:9d:28:b8:df:80:d4:
ef:dc:d4:b6:33:45:9f:98:cb:41:3b:b6:dd:30:39:
ca:38:66:f3:26:53:b6:6c:1d:94:16:1c:cf:d0:66:
ca:23:b3:8e:34:4e:7a:22:6e:9e:33:69:06:e2:6e:
ac:1c:9a:59:15:6c:31:9b:59:5f:4c:31:55:c4:ec:
fd:12:31:75:05:b7:01:09:4f:a2:41:81:ec:f6:3d:
df:f1:32:50:9d:0a:3c:0f:b7:1b:2d:60:26:a3:f4:
a2:1f:6b:b4:59:02:c6:3f:71:a0:03:53:59:cf:85:
2e:a9:cf:14:46:4b:f0:c3:c9:36:8f:17:9e:90:88:
98:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E3:15:BB:D8:EA:1D:DD:71:88:88:BA:3D:F0:B6:E2:77:B9:B8:E1
X509v3 Authority Key Identifier:
keyid:B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/B43088B457F311F099129754C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.52.0/23
43.246.198.0/24
43.249.240.0/24
43.249.242.0/23
43.250.89.0-43.250.91.255
43.251.184.0/24
43.251.186.0/24
45.115.33.0/24
45.115.35.0/24
45.124.63.0/24
103.7.117.0-103.7.119.255
103.13.19.0/24
103.15.32.0/22
103.248.150.0/23
Signature Algorithm: sha256WithRSAEncryption
e2:ca:d4:a1:77:df:0f:a1:92:37:0b:33:09:89:05:31:2f:25:
c3:46:f0:59:93:5d:84:1b:27:94:9b:cf:78:4b:b3:de:ee:7a:
fb:93:16:dc:6f:9b:38:5b:84:00:0e:c0:dd:c1:bc:7d:0d:33:
67:29:2c:15:47:02:b9:f3:d7:84:f5:91:84:51:58:e3:70:6d:
04:87:93:f9:40:83:7c:7e:4a:a2:60:32:6b:54:6f:61:fa:5f:
0d:11:92:7d:71:5d:9b:9e:0d:56:fb:04:0c:1f:6d:d5:e7:bf:
aa:df:b0:03:04:85:23:3a:eb:30:00:88:01:d2:5b:2b:5b:24:
7f:1c:3c:e5:8c:9b:30:08:af:45:a6:3c:e8:a9:2e:b2:89:1b:
a9:12:c5:bd:ed:56:18:0b:3f:b7:af:8e:19:d0:75:31:13:4d:
af:ba:c0:ac:8e:bc:3a:9a:f1:20:dc:c6:88:91:10:5c:59:b1:
80:05:69:b1:25:c1:58:1c:3b:05:f6:09:4e:db:62:27:be:6e:
84:37:f1:81:1f:dd:d5:79:0a:bc:0f:b2:d1:59:b5:22:e0:9f:
3a:f5:60:1c:45:75:95:03:6e:52:67:2b:b5:20:23:ab:e6:30:
1c:d6:b7:de:c4:87:b2:01:d9:64:fc:4b:ff:0b:2b:dc:61:96:
ce:fc:6a:a2
-----BEGIN CERTIFICATE-----
MIIFzzCCBLegAwIBAgICDH4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTQ0MDIxMTAvBgNVBAUTKEI0MTE2QThFNkRBOTkxRkRDRjcxNjI2RTdCRUExMUZG
NjlDQkE4NDYwHhcNMjUxMDE2MDcxODI0WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OGYwOWMzZi01OWY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyfQs/LIw2lEaRaYcm8RCbL181wOkWqgZUTxSPyWU6JYwqcZc4NjLeaWS6TgT
uARjTbZvk+jOvqy48lsGopaOF0tYcEvJDzBCdfX+zJP+Z0KwwqlSDNjTJ1aE1yot
rx0AQms1frGSZZevn+oYrFgdYfPvCl/gAf6eyum9yyURv/ydKLjfgNTv3NS2M0Wf
mMtBO7bdMDnKOGbzJlO2bB2UFhzP0GbKI7OONE56Im6eM2kG4m6sHJpZFWwxm1lf
TDFVxOz9EjF1BbcBCU+iQYHs9j3f8TJQnQo8D7cbLWAmo/SiH2u0WQLGP3GgA1NZ
z4Uuqc8URkvww8k2jxeekIiYawIDAQABo4IC8zCCAu8wHQYDVR0OBBYEFEDjFbvY
6h3dcYiIuj3wtuJ3ubjhMB8GA1UdIwQYMBaAFLQRao5tqZH9z3FibnvqEf9py6hG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDQwMi9GREJGRDAyMDNE
OTYxMUVBOEVBMDcwMkZDNEY5QUUwMi90QkZxam0ycGtmM1BjV0p1ZS1vUl8ybkxx
RVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RCRnFqbTJwa2YzUGNXSnVlLW9SXzJuTHFFWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTQ0MDIvRkRCRkQwMjAzRDk2MTFFQThFQTA3MDJGQzRGOUFFMDIvQjQzMDg4QjQ1
N0YzMTFGMDk5MTI5NzU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfQYIKwYBBQUHAQcBAf8E
bjBsMGoEAgABMGQDBAEr5jQDBAAr9sYDBAAr+fADBAEr+fIwDAMEACv6WQMEAiv6
WAMEACv7uAMEACv7ugMEAC1zIQMEAC1zIwMEAC18PzAMAwQAZwd1AwQDZwdwAwQA
Zw0TAwQCZw8gAwQBZ/iWMA0GCSqGSIb3DQEBCwUAA4IBAQDiytShd98PoZI3CzMJ
iQUxLyXDRvBZk12EGyeUm894S7Pe7nr7kxbcb5s4W4QADsDdwbx9DTNnKSwVRwK5
89eE9ZGEUVjjcG0Eh5P5QIN8fkqiYDJrVG9h+l8NEZJ9cV2bng1W+wQMH23V57+q
37ADBIUjOuswAIgB0lsrWyR/HDzljJswCK9FpjzoqS6yiRupEsW97VYYCz+3r44Z
0HUxE02vusCsjrw6mvEg3MaIkRBcWbGABWmxJcFYHDsF9glO22Invm6EN/GBH93V
eQq8D7LRWbUi4J869WAcRXWVA25SZyu1ICOr5jAc1rfexIeyAdlk/Ev/CyvcYZbO
/Gqi
-----END CERTIFICATE-----
Generated at Mon Oct 20 11:36:42 2025 by rpki-client