Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/DD5934D2205011F0B603CD60C4F9AE02.roa
File: DD5934D2205011F0B603CD60C4F9AE02.roa (raw, json)
Hash identifier: i7s0pC3ZEAQHLS05SHTJeD/M7YND+Xfk5wPtB8ZZZxA=
Subject key identifier: B3:59:E7:17:ED:E0:C9:9F:19:39:EA:9E:AD:9B:D6:B4:D4:66:5E:4D
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4D6E
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/DD5934D2205011F0B603CD60C4F9AE02.roa
Signing time: Thu 28 Aug 2025 14:54:56 +0000
ROA not before: Thu 28 Aug 2025 14:54:56 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 149147
IP address blocks: 103.37.60.0/23 maxlen: 24
103.78.4.0/23 maxlen: 23
103.166.176.0/23 maxlen: 23
103.168.36.0/23 maxlen: 23
103.186.24.0/23 maxlen: 23
103.213.8.0/23 maxlen: 23
103.213.12.0/23 maxlen: 23
103.213.216.0/23 maxlen: 23
103.248.230.0/23 maxlen: 23
113.192.18.0/23 maxlen: 23
163.227.116.0/23 maxlen: 23
2001:df4:cfc0::/48 maxlen: 48
2001:df5:6640::/48 maxlen: 48
2401:2160::/48 maxlen: 48
2401:3820::/48 maxlen: 48
2401:3e20::/48 maxlen: 48
2401:3e60::/48 maxlen: 48
2401:3ee0::/48 maxlen: 48
2401:5820::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 14:36:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19822 (0x4d6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Aug 28 14:54:56 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=68b06dc0-8a21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:99:fd:4a:6f:f1:be:57:c1:e9:bb:58:f3:97:
2d:bf:b3:91:f1:43:5e:1e:62:30:d6:68:74:38:20:
ac:62:6f:85:f0:ac:7a:d2:6a:d8:ed:a3:7e:39:04:
7a:ff:3c:91:8a:6b:d0:5e:91:57:6a:cd:70:29:77:
31:91:ae:62:a8:94:13:d4:7e:c7:ca:ed:48:e5:3c:
22:a0:2e:8b:49:d1:38:08:a7:8d:d5:a7:69:7a:e5:
bc:db:5f:d2:c5:01:dc:bb:cf:08:ff:7c:b3:a3:51:
65:0c:96:8f:b4:65:7f:25:94:72:14:4e:78:ed:2b:
f3:41:79:14:ff:d7:3f:b5:81:62:15:40:6a:22:a7:
35:c3:30:e9:55:d5:9c:af:0a:22:7d:5d:9e:a3:cd:
09:61:04:24:cf:b0:75:5c:63:5c:97:54:54:31:a1:
c5:a1:ae:a7:1a:c3:21:f4:71:ed:dd:6c:f4:04:b8:
85:58:8f:22:35:b7:1e:f8:b7:d0:df:29:00:51:05:
3c:65:8a:a6:34:76:b2:46:ce:3b:b4:dd:65:78:38:
36:77:97:25:72:fc:64:e7:d1:c4:bf:7f:8e:69:ba:
16:23:df:1d:5c:57:c5:d6:5c:86:10:ce:45:b5:51:
fc:96:66:57:63:5f:1b:7a:07:f5:aa:06:77:da:93:
3d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:59:E7:17:ED:E0:C9:9F:19:39:EA:9E:AD:9B:D6:B4:D4:66:5E:4D
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/DD5934D2205011F0B603CD60C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.37.60.0/23
103.78.4.0/23
103.166.176.0/23
103.168.36.0/23
103.186.24.0/23
103.213.8.0/23
103.213.12.0/23
103.213.216.0/23
103.248.230.0/23
113.192.18.0/23
163.227.116.0/23
IPv6:
2001:df4:cfc0::/48
2001:df5:6640::/48
2401:2160::/48
2401:3820::/48
2401:3e20::/48
2401:3e60::/48
2401:3ee0::/48
2401:5820::/48
Signature Algorithm: sha256WithRSAEncryption
11:32:0b:cc:6d:59:f1:a1:dc:ae:3e:3d:29:1f:d4:65:78:4f:
24:81:54:76:a1:ec:b0:16:06:22:06:f6:02:2f:aa:d5:97:af:
0f:a0:e6:29:ba:db:81:67:09:84:60:00:ce:5f:16:6d:42:a0:
ce:3e:16:09:c6:a9:6b:ce:26:59:f2:24:9c:0c:34:a1:f6:c3:
03:6a:c9:29:e7:22:cd:1a:9a:aa:94:3c:08:ec:5e:29:ef:19:
2e:60:6c:74:1d:de:ac:98:92:76:2f:43:eb:87:ca:47:bf:58:
63:26:04:5f:7b:7d:4a:ca:85:ec:cc:2d:d0:60:98:a9:25:e8:
80:c2:ff:78:7e:3b:af:2a:b2:95:29:9e:cc:64:39:7f:5c:d5:
43:46:b2:e3:6d:9c:d8:42:95:3e:c4:43:4a:3a:11:84:60:89:
cd:b7:e0:9e:91:4e:3d:b1:ea:e1:51:53:f2:4c:23:af:f7:6e:
c4:0e:75:f5:1a:8b:be:75:40:58:f8:3a:cd:87:c1:41:fd:b3:
3f:38:f4:d2:05:9a:b7:5a:b7:2d:b5:9f:d2:85:14:73:06:48:
9f:6f:1a:0a:71:36:87:01:58:2d:c2:92:4e:3b:d6:50:60:a6:
43:de:18:13:7b:8b:b8:47:5e:3a:00:02:c8:88:a3:43:50:56:
b5:cf:62:e6
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgICTW4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjUwODI4MTQ1NDU2WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGIwNmRjMC04YTIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5pn9Sm/xvlfB6btY85ctv7OR8UNeHmIw1mh0OCCsYm+F8Kx60mrY7aN+OQR6
/zyRimvQXpFXas1wKXcxka5iqJQT1H7Hyu1I5TwioC6LSdE4CKeN1adpeuW821/S
xQHcu88I/3yzo1FlDJaPtGV/JZRyFE547SvzQXkU/9c/tYFiFUBqIqc1wzDpVdWc
rwoifV2eo80JYQQkz7B1XGNcl1RUMaHFoa6nGsMh9HHt3Wz0BLiFWI8iNbce+LfQ
3ykAUQU8ZYqmNHayRs47tN1leDg2d5clcvxk59HEv3+OaboWI98dXFfF1lyGEM5F
tVH8lmZXY18begf1qgZ32pM9sQIDAQABo4IDJDCCAyAwHQYDVR0OBBYEFLNZ5xft
4MmfGTnqnq2b1rTUZl5NMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvREQ1OTM0RDIy
MDUwMTFGMEI2MDNDRDYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwga0GCCsGAQUFBwEHAQH/
BIGdMIGaMEgEAgABMEIDBAFnJTwDBAFnTgQDBAFnprADBAFnqCQDBAFnuhgDBAFn
1QgDBAFn1QwDBAFn1dgDBAFn+OYDBAFxwBIDBAGj43QwTgQCAAIwSAMHACABDfTP
wAMHACABDfVmQAMHACQBIWAAAAMHACQBOCAAAAMHACQBPiAAAAMHACQBPmAAAAMH
ACQBPuAAAAMHACQBWCAAADANBgkqhkiG9w0BAQsFAAOCAQEAETILzG1Z8aHcrj49
KR/UZXhPJIFUdqHssBYGIgb2Ai+q1ZevD6DmKbrbgWcJhGAAzl8WbUKgzj4WCcap
a84mWfIknAw0ofbDA2rJKecizRqaqpQ8COxeKe8ZLmBsdB3erJiSdi9D64fKR79Y
YyYEX3t9SsqF7Mwt0GCYqSXogML/eH47ryqylSmezGQ5f1zVQ0ay422c2EKVPsRD
SjoRhGCJzbfgnpFOPbHq4VFT8kwjr/duxA519RqLvnVAWPg6zYfBQf2zPzj00gWa
t1q3LbWf0oUUcwZIn28aCnE2hwFYLcKSTjvWUGCmQ94YE3uLuEdeOgACyIijQ1BW
tc9i5g==
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:20:40 2025 by rpki-client