Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BBA80/B98E81D605B911EA8208996EC4F9AE02/22E63812221211EF9624DB0CC4F9AE02.roa
File: 22E63812221211EF9624DB0CC4F9AE02.roa (raw, json)
Hash identifier: tEtTFQOPTziC3M/Up8UOSv6VFGJx+4dP/cUQCVWj4l4=
Subject key identifier: 9F:56:86:9E:6E:71:4D:E9:D5:94:93:DB:32:48:A3:B5:28:FA:F4:7E
Certificate issuer: /CN=A91BBA80/serialNumber=060F7E77C00ACBE0868DC0B8FCA23D4A5F07D77A
Certificate serial: 0C9D
Authority key identifier: 06:0F:7E:77:C0:0A:CB:E0:86:8D:C0:B8:FC:A2:3D:4A:5F:07:D7:7A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Bg9-d8AKy-CGjcC4_KI9Sl8H13o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BBA80/B98E81D605B911EA8208996EC4F9AE02/22E63812221211EF9624DB0CC4F9AE02.roa
Signing time: Wed 30 Apr 2025 18:28:13 +0000
ROA not before: Wed 30 Apr 2025 18:28:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 10214
IP address blocks: 103.6.208.0/22 maxlen: 23
103.6.208.0/24 maxlen: 24
103.6.210.0/24 maxlen: 24
103.46.212.0/22 maxlen: 22
103.46.212.0/24 maxlen: 24
103.46.213.0/24 maxlen: 24
103.46.214.0/24 maxlen: 24
103.46.215.0/24 maxlen: 24
103.89.80.0/22 maxlen: 24
103.225.228.0/22 maxlen: 24
113.30.224.0/22 maxlen: 24
121.200.32.0/20 maxlen: 20
121.200.32.0/21 maxlen: 24
121.200.40.0/22 maxlen: 24
121.200.44.0/24 maxlen: 24
121.200.46.0/23 maxlen: 24
160.20.72.0/22 maxlen: 24
163.47.56.0/22 maxlen: 22
163.47.56.0/24 maxlen: 24
163.47.57.0/24 maxlen: 24
163.47.58.0/24 maxlen: 24
163.47.59.0/24 maxlen: 24
203.57.126.0/23 maxlen: 24
2001:df1:b400::/48 maxlen: 48
2400:ec40::/32 maxlen: 32
2400:ec40::/36 maxlen: 36
2400:ec40:1000::/36 maxlen: 36
2400:ec40:2000::/36 maxlen: 36
2400:ec40:3000::/36 maxlen: 36
2400:ec40:4000::/36 maxlen: 36
2400:ec40:4000::/40 maxlen: 40
2400:ec40:5000::/36 maxlen: 36
2400:ec40:5100::/40 maxlen: 40
2400:ec40:5200::/40 maxlen: 40
2400:ec40:6000::/36 maxlen: 36
2400:ec40:7000::/36 maxlen: 36
2400:ec40:8000::/36 maxlen: 36
2400:ec40:9000::/36 maxlen: 36
2400:ec40:a000::/36 maxlen: 36
2400:ec40:b000::/36 maxlen: 36
2400:ec40:c000::/36 maxlen: 36
2400:ec40:d000::/36 maxlen: 36
2400:ec40:e000::/36 maxlen: 36
2400:ec40:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91BBA80/B98E81D605B911EA8208996EC4F9AE02/Bg9-d8AKy-CGjcC4_KI9Sl8H13o.crl
rsync://rpki.apnic.net/member_repository/A91BBA80/B98E81D605B911EA8208996EC4F9AE02/Bg9-d8AKy-CGjcC4_KI9Sl8H13o.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Bg9-d8AKy-CGjcC4_KI9Sl8H13o.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 19 May 2025 18:20:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3229 (0xc9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BBA80, serialNumber=060F7E77C00ACBE0868DC0B8FCA23D4A5F07D77A
Validity
Not Before: Apr 30 18:28:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68126bbd-6417
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:24:27:bd:b3:38:c3:6e:8e:67:fd:a2:ce:ff:
3b:16:cf:1f:c2:7c:5a:99:39:f2:ab:33:96:b0:e9:
0e:2f:96:ed:41:79:33:b2:e7:0d:73:aa:a5:0c:cc:
ea:54:7a:af:6f:0b:af:19:b5:e0:9b:8b:0e:a9:75:
10:b8:73:68:46:50:30:ab:31:15:cb:4e:0f:4a:09:
2a:31:d4:7e:6f:14:d9:72:b0:c0:9c:d6:5d:fc:5f:
d0:4a:33:8b:63:8e:aa:88:68:08:e6:74:d1:71:7f:
8a:d4:3c:2b:b4:d7:72:97:09:6a:36:59:20:fa:13:
f1:3d:7a:a0:9f:9e:e0:91:70:51:f0:9c:b4:a7:d6:
9f:55:5d:36:11:9e:97:3c:eb:ee:46:a0:93:42:85:
6d:84:a2:c8:c6:bc:0e:a6:94:8e:27:07:28:97:57:
09:84:7b:73:c9:05:8b:a1:91:07:88:f1:ea:b4:31:
90:47:96:53:f2:d8:35:1c:43:3a:32:7f:43:2e:91:
73:c4:7b:84:e7:a6:ff:0e:12:43:bd:17:e2:81:20:
81:a7:d2:57:8a:e9:dc:e5:b3:cf:9f:2c:7b:d5:3e:
e7:92:a7:8a:24:59:e2:c1:54:31:dc:4f:6f:aa:10:
e3:56:3a:f5:eb:de:15:4c:4b:cf:03:a1:f5:e7:29:
05:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:56:86:9E:6E:71:4D:E9:D5:94:93:DB:32:48:A3:B5:28:FA:F4:7E
X509v3 Authority Key Identifier:
keyid:06:0F:7E:77:C0:0A:CB:E0:86:8D:C0:B8:FC:A2:3D:4A:5F:07:D7:7A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BBA80/B98E81D605B911EA8208996EC4F9AE02/Bg9-d8AKy-CGjcC4_KI9Sl8H13o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Bg9-d8AKy-CGjcC4_KI9Sl8H13o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BBA80/B98E81D605B911EA8208996EC4F9AE02/22E63812221211EF9624DB0CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.6.208.0/22
103.46.212.0/22
103.89.80.0/22
103.225.228.0/22
113.30.224.0/22
121.200.32.0/20
160.20.72.0/22
163.47.56.0/22
203.57.126.0/23
IPv6:
2001:df1:b400::/48
2400:ec40::/32
Signature Algorithm: sha256WithRSAEncryption
9d:54:15:81:9d:f3:0f:a2:61:0b:71:bb:5e:c1:1a:f1:1a:68:
b3:3d:92:de:7a:9b:1a:e9:23:9e:ab:78:1b:37:6b:de:80:99:
ba:32:f5:d3:76:e8:43:f3:13:79:6a:74:6d:e2:c5:0d:c4:3c:
dd:90:b7:4b:02:da:ed:0a:e8:04:28:39:ae:c0:f7:57:34:30:
be:47:00:8e:49:3f:85:f7:a7:de:87:a1:ca:a9:69:ac:0f:1b:
00:b9:5b:7d:f3:2a:08:8d:25:bc:9c:40:17:ce:80:ee:47:65:
e0:5f:f0:81:37:81:fb:f4:13:e2:51:0e:52:f5:07:c8:c8:0e:
70:00:27:8c:76:6a:6e:1c:6c:46:42:0a:cf:14:fb:8b:3c:23:
f0:f1:dc:a3:c2:54:5d:dc:e5:5a:d3:e6:d8:c2:de:5b:17:bc:
ca:b5:ae:eb:76:4f:a1:e9:50:72:f5:9d:c8:6c:63:3d:34:30:
5a:fe:1e:48:0d:fe:b6:b9:38:6f:2f:6e:a3:09:97:ee:df:24:
b9:e7:19:5b:b0:99:23:db:cb:92:2d:19:1d:4a:97:0c:9f:ed:
e0:12:6d:af:63:79:c3:ba:18:79:98:0e:70:aa:d7:36:17:ec:
c8:b5:47:ed:e2:08:b3:c6:95:b2:44:79:44:93:88:e9:0b:59:
e4:c9:95:63
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgICDJ0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkJBODAxMTAvBgNVBAUTKDA2MEY3RTc3QzAwQUNCRTA4NjhEQzBCOEZDQTIzRDRB
NUYwN0Q3N0EwHhcNMjUwNDMwMTgyODEzWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODEyNmJiZC02NDE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuiQnvbM4w26OZ/2izv87Fs8fwnxamTnyqzOWsOkOL5btQXkzsucNc6qlDMzq
VHqvbwuvGbXgm4sOqXUQuHNoRlAwqzEVy04PSgkqMdR+bxTZcrDAnNZd/F/QSjOL
Y46qiGgI5nTRcX+K1DwrtNdylwlqNlkg+hPxPXqgn57gkXBR8Jy0p9afVV02EZ6X
POvuRqCTQoVthKLIxrwOppSOJwcol1cJhHtzyQWLoZEHiPHqtDGQR5ZT8tg1HEM6
Mn9DLpFzxHuE56b/DhJDvRfigSCBp9JXiunc5bPPnyx71T7nkqeKJFniwVQx3E9v
qhDjVjr1694VTEvPA6H15ykFmwIDAQABo4IC3TCCAtkwHQYDVR0OBBYEFJ9Whp5u
cU3p1ZST2zJIo7Uo+vR+MB8GA1UdIwQYMBaAFAYPfnfACsvgho3AuPyiPUpfB9d6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQkE4MC9COThFODFENjA1
QjkxMUVBODIwODk5NkVDNEY5QUUwMi9CZzktZDhBS3ktQ0dqY0M0X0tJOVNsOEgx
M28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0JnOS1kOEFLeS1DR2pjQzRfS0k5U2w4SDEzby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkJBODAvQjk4RTgxRDYwNUI5MTFFQTgyMDg5OTZFQzRGOUFFMDIvMjJFNjM4MTIy
MjEyMTFFRjk2MjREQjBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZwYIKwYBBQUHAQcBAf8E
WDBWMDwEAgABMDYDBAJnBtADBAJnLtQDBAJnWVADBAJn4eQDBAJxHuADBAR5yCAD
BAKgFEgDBAKjLzgDBAHLOX4wFgQCAAIwEAMHACABDfG0AAMFACQA7EAwDQYJKoZI
hvcNAQELBQADggEBAJ1UFYGd8w+iYQtxu17BGvEaaLM9kt56mxrpI56reBs3a96A
mboy9dN26EPzE3lqdG3ixQ3EPN2Qt0sC2u0K6AQoOa7A91c0ML5HAI5JP4X3p96H
ocqpaawPGwC5W33zKgiNJbycQBfOgO5HZeBf8IE3gfv0E+JRDlL1B8jIDnAAJ4x2
am4cbEZCCs8U+4s8I/Dx3KPCVF3c5VrT5tjC3lsXvMq1rut2T6HpUHL1nchsYz00
MFr+HkgN/ra5OG8vbqMJl+7fJLnnGVuwmSPby5ItGR1Klwyf7eASba9jecO6GHmY
DnCq1zYX7Mi1R+3iCLPGlbJEeUSTiOkLWeTJlWM=
-----END CERTIFICATE-----
Generated at Tue May 13 05:49:45 2025 by rpki-client