Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/0B7CEEB07CC911F08411627BC4F9AE02.roa
File: 0B7CEEB07CC911F08411627BC4F9AE02.roa (raw, json)
Hash identifier: 6jds39GpIYDWTUvVrxm863ItczOC5PjSQTRWLznhaMU=
Subject key identifier: DD:9C:A5:E1:6A:6C:B6:E1:02:96:67:C1:4B:44:FF:8F:29:33:2A:2D
Certificate issuer: /CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638
Certificate serial: 03D5
Authority key identifier: 2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/0B7CEEB07CC911F08411627BC4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:13:40 +0000
ROA not before: Wed 03 Sep 2025 03:20:12 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 203020
IP address blocks: 45.125.245.0/24 maxlen: 24
103.3.224.0/22 maxlen: 22
103.66.178.0/23 maxlen: 23
103.77.102.0/24 maxlen: 24
103.77.103.0/24 maxlen: 24
103.77.255.0/24 maxlen: 24
103.84.254.0/23 maxlen: 23
103.85.228.0/22 maxlen: 22
103.102.246.0/23 maxlen: 23
103.104.92.0/22 maxlen: 22
103.104.128.0/23 maxlen: 24
103.110.104.0/22 maxlen: 22
103.114.58.0/23 maxlen: 24
103.117.92.0/22 maxlen: 22
103.117.214.0/23 maxlen: 23
103.120.6.0/24 maxlen: 24
103.138.124.0/24 maxlen: 24
103.139.178.0/24 maxlen: 24
103.141.60.0/24 maxlen: 24
103.142.70.0/23 maxlen: 23
103.148.214.0/23 maxlen: 23
103.149.97.0/24 maxlen: 24
103.151.58.0/23 maxlen: 23
103.221.232.0/24 maxlen: 24
103.221.234.0/24 maxlen: 24
103.221.235.0/24 maxlen: 24
103.225.52.0/22 maxlen: 24
103.228.132.0/24 maxlen: 24
103.241.52.0/22 maxlen: 22
103.252.108.0/24 maxlen: 24
103.252.111.0/24 maxlen: 24
150.107.224.0/23 maxlen: 23
150.107.227.0/24 maxlen: 24
202.94.174.0/24 maxlen: 24
202.155.186.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl
rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 01 Apr 2026 01:40:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 981 (0x3d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B6587, serialNumber=2D634077CC847B59D4048D43E04B3309698FE638
Validity
Not Before: Sep 3 03:20:12 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=69a481d4-5f79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:93:df:f2:f8:ae:6c:a2:1d:56:39:06:87:94:
32:aa:99:d5:30:8e:7e:d8:4f:29:87:80:05:1f:b5:
06:6e:df:54:7f:d1:56:c1:73:5c:d0:9b:57:88:db:
03:37:cb:54:0c:b4:46:a2:5b:c2:04:01:f5:73:11:
ae:34:fd:c7:f2:fd:87:d6:ba:56:fc:c5:7e:03:01:
a5:96:c2:af:1a:18:3d:fd:5b:3b:ae:e6:e8:89:4b:
c5:83:a0:3e:a5:40:61:6d:32:13:73:af:39:02:a7:
89:9a:68:ab:8c:c3:2f:89:8f:c4:1e:30:bd:86:14:
19:ee:a4:78:da:0f:19:ee:65:fa:4a:4a:fb:56:4a:
af:c6:45:86:72:92:e8:8c:7d:5a:5e:97:8f:d3:e2:
dd:7e:6e:1e:1d:80:3f:7a:95:7d:75:ee:83:8d:8d:
19:5b:df:d0:97:f1:51:65:af:54:53:9a:5b:93:a8:
ab:26:4b:7f:5a:b1:6b:a8:e8:92:36:44:ef:33:4e:
01:21:e7:19:12:3d:ae:10:67:22:df:1c:1b:70:08:
20:06:cf:08:db:6f:14:65:0a:44:8a:ff:16:d7:85:
56:1b:13:93:b5:c3:92:60:a5:8a:9c:71:48:4b:22:
43:5c:4d:92:0e:8f:a8:60:c9:96:1b:8f:f7:ec:9d:
48:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:9C:A5:E1:6A:6C:B6:E1:02:96:67:C1:4B:44:FF:8F:29:33:2A:2D
X509v3 Authority Key Identifier:
keyid:2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/0B7CEEB07CC911F08411627BC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.125.245.0/24
103.3.224.0/22
103.66.178.0/23
103.77.102.0/23
103.77.255.0/24
103.84.254.0/23
103.85.228.0/22
103.102.246.0/23
103.104.92.0/22
103.104.128.0/23
103.110.104.0/22
103.114.58.0/23
103.117.92.0/22
103.117.214.0/23
103.120.6.0/24
103.138.124.0/24
103.139.178.0/24
103.141.60.0/24
103.142.70.0/23
103.148.214.0/23
103.149.97.0/24
103.151.58.0/23
103.221.232.0/24
103.221.234.0/23
103.225.52.0/22
103.228.132.0/24
103.241.52.0/22
103.252.108.0/24
103.252.111.0/24
150.107.224.0/23
150.107.227.0/24
202.94.174.0/24
202.155.186.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:a1:e7:c4:80:63:87:53:fe:ba:6a:4f:a3:f4:75:8d:6e:9e:
b5:65:4b:55:4d:fc:2b:03:80:f3:f9:0e:e2:70:79:dd:d4:2f:
9d:0e:19:c1:74:93:bb:7b:0d:7c:72:d2:e2:be:de:a3:96:8a:
5a:ad:2a:13:72:fd:78:4d:ae:85:fb:cc:05:1a:39:d9:35:42:
4d:18:ff:85:8f:83:d6:e6:70:23:dc:2b:45:1c:84:26:1e:ee:
6a:c4:05:95:44:66:32:d9:7b:af:e8:ec:ef:40:13:2c:10:56:
21:62:db:d9:45:23:ad:be:30:68:6a:5c:e1:61:5f:39:8f:40:
7c:16:3b:eb:a8:01:f5:11:a8:46:8b:3c:95:0d:24:12:13:e1:
12:55:e7:ad:cd:7b:76:6f:df:4c:b6:99:bf:2d:46:f4:4c:5f:
40:6a:89:03:ca:53:cb:c1:4d:16:64:85:ad:f3:f0:18:7e:14:
3c:cd:94:15:13:98:6e:16:77:f9:f4:36:4f:e3:bb:5f:ca:e1:
a2:7e:7c:d5:72:7f:63:9b:1e:63:82:11:c4:f3:09:7c:29:5a:
a1:3d:28:d5:0f:34:42:0c:0c:86:8c:53:9b:2f:86:e4:bb:8b:
3b:89:e3:0a:70:25:95:7c:d7:89:ec:04:4a:4c:2c:1d:c0:84:
36:93:df:45
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgICA9UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjY1ODcxMTAvBgNVBAUTKDJENjM0MDc3Q0M4NDdCNTlENDA0OEQ0M0UwNEIzMzA5
Njk4RkU2MzgwHhcNMjUwOTAzMDMyMDEyWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODFkNC01Zjc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyJPf8viubKIdVjkGh5QyqpnVMI5+2E8ph4AFH7UGbt9Uf9FWwXNc0JtXiNsD
N8tUDLRGolvCBAH1cxGuNP3H8v2H1rpW/MV+AwGllsKvGhg9/Vs7ruboiUvFg6A+
pUBhbTITc685AqeJmmirjMMviY/EHjC9hhQZ7qR42g8Z7mX6Skr7VkqvxkWGcpLo
jH1aXpeP0+Ldfm4eHYA/epV9de6DjY0ZW9/Ql/FRZa9UU5pbk6irJkt/WrFrqOiS
NkTvM04BIecZEj2uEGci3xwbcAggBs8I228UZQpEiv8W14VWGxOTtcOSYKWKnHFI
SyJDXE2SDo+oYMmWG4/37J1IhwIDAQABo4IDJTCCAyEwHQYDVR0OBBYEFN2cpeFq
bLbhApZnwUtE/48pMyotMB8GA1UdIwQYMBaAFC1jQHfMhHtZ1ASNQ+BLMwlpj+Y4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjU4Ny80MTdENzFCNDkx
ODYxMUVEQTg0QTEyNERDNEY5QUUwMi9MV05BZDh5RWUxblVCSTFENEVzekNXbVA1
amcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xXTkFkOHlFZTFuVUJJMUQ0RXN6Q1dtUDVqZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjY1ODcvNDE3RDcxQjQ5MTg2MTFFREE4NEExMjREQzRGOUFFMDIvMEI3Q0VFQjA3
Q0M5MTFGMDg0MTE2MjdCQzRGOUFFMDIucm9hMIHjBggrBgEFBQcBBwEB/wSB0zCB
0DCBzQQCAAEwgcYDBAAtffUDBAJnA+ADBAFnQrIDBAFnTWYDBABnTf8DBAFnVP4D
BAJnVeQDBAFnZvYDBAJnaFwDBAFnaIADBAJnbmgDBAFncjoDBAJndVwDBAFnddYD
BABneAYDBABninwDBABni7IDBABnjTwDBAFnjkYDBAFnlNYDBABnlWEDBAFnlzoD
BABn3egDBAFn3eoDBAJn4TQDBABn5IQDBAJn8TQDBABn/GwDBABn/G8DBAGWa+AD
BACWa+MDBADKXq4DBAHKm7owDQYJKoZIhvcNAQELBQADggEBAIyh58SAY4dT/rpq
T6P0dY1unrVlS1VN/CsDgPP5DuJwed3UL50OGcF0k7t7DXxy0uK+3qOWilqtKhNy
/XhNroX7zAUaOdk1Qk0Y/4WPg9bmcCPcK0UchCYe7mrEBZVEZjLZe6/o7O9AEywQ
ViFi29lFI62+MGhqXOFhXzmPQHwWO+uoAfURqEaLPJUNJBIT4RJV563Ne3Zv30y2
mb8tRvRMX0BqiQPKU8vBTRZkha3z8Bh+FDzNlBUTmG4Wd/n0Nk/ju1/K4aJ+fNVy
f2ObHmOCEcTzCXwpWqE9KNUPNEIMDIaMU5svhuS7izuJ4wpwJZV814nsBEpMLB3A
hDaT30U=
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:54:19 2026 by rpki-client