Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/B2A71CE2334111EF9770A542C4F9AE02.roa
File: B2A71CE2334111EF9770A542C4F9AE02.roa (raw, json)
Hash identifier: 05k3Et6L9d2nE0FPEy+35+jv6KXbsZR/t8jrPFetuWc=
Subject key identifier: F2:01:50:3F:B9:C7:13:79:A5:F6:8D:95:4B:7B:CF:03:E5:E7:98:85
Certificate issuer: /CN=A91C2CC7/serialNumber=77486B610D333AEBDA8F255C501411B01F18FF49
Certificate serial: 101F
Authority key identifier: 77:48:6B:61:0D:33:3A:EB:DA:8F:25:5C:50:14:11:B0:1F:18:FF:49
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/B2A71CE2334111EF9770A542C4F9AE02.roa
Signing time: Fri 03 Oct 2025 11:52:25 +0000
ROA not before: Fri 03 Oct 2025 11:52:24 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 203
IP address blocks: 103.30.186.0/23 maxlen: 23
202.53.197.0/24 maxlen: 24
202.53.204.0/23 maxlen: 23
202.53.206.0/23 maxlen: 23
2401:df00:1::/48 maxlen: 48
2401:df00:2::/48 maxlen: 48
2401:df00:7::/48 maxlen: 48
2401:df00:11::/48 maxlen: 48
2401:df00:12::/48 maxlen: 48
2401:df00:21::/48 maxlen: 48
2401:df00:22::/48 maxlen: 48
2401:df00:27::/48 maxlen: 48
2401:df00:31::/48 maxlen: 48
2401:df00:32::/48 maxlen: 48
2401:df00:41::/48 maxlen: 48
2401:df00:42::/48 maxlen: 48
2401:df00:47::/48 maxlen: 48
2401:df00:51::/48 maxlen: 48
2401:df00:52::/48 maxlen: 48
2401:df00:57::/48 maxlen: 48
2401:df00:61::/48 maxlen: 48
2401:df00:62::/48 maxlen: 48
2401:df00:181::/48 maxlen: 48
2401:df00:182::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.crl
rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 18:11:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4127 (0x101f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C2CC7, serialNumber=77486B610D333AEBDA8F255C501411B01F18FF49
Validity
Not Before: Oct 3 11:52:24 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=68dfb8f8-ced7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:83:2a:04:7a:58:69:40:4f:e3:8a:87:5c:7d:
ba:7d:bd:9d:9f:1a:11:5e:0b:53:ee:50:7f:a1:58:
4e:c6:83:12:37:e9:26:bf:c0:bc:b1:41:f9:59:ba:
6d:c5:86:b1:55:b2:64:ac:79:dc:05:e4:d2:95:00:
6c:c8:93:a5:9a:90:42:ea:78:e6:ca:60:ef:4a:6b:
b9:c9:79:00:8b:95:5e:38:19:52:94:d3:00:85:65:
d1:e0:b6:9d:32:77:9e:32:06:ab:7a:29:74:ca:44:
94:8b:02:96:a5:d8:6e:6a:40:42:98:d8:1b:4d:a9:
c5:ff:62:b9:57:bc:d5:26:50:ee:48:d5:12:83:1b:
05:f7:2c:0a:c6:94:00:13:0a:21:1f:b3:77:c1:a4:
cd:2a:c3:92:e1:05:75:a0:ac:4e:14:b8:b8:ac:b3:
61:27:d9:84:e3:a8:a4:64:c1:2a:38:fc:bd:67:d3:
01:2f:50:c9:77:89:ba:a2:f0:b0:ff:e8:c2:aa:6f:
9f:b7:8d:fa:bc:b8:3d:00:b5:1e:c4:ac:b7:d5:e0:
ee:e7:17:89:cb:c5:77:3e:65:17:70:16:b9:ad:49:
97:72:12:2c:83:97:75:db:95:8f:d7:e0:fe:80:69:
67:49:9c:9a:25:bd:b9:e1:36:4a:d5:70:3b:2a:3e:
a4:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:01:50:3F:B9:C7:13:79:A5:F6:8D:95:4B:7B:CF:03:E5:E7:98:85
X509v3 Authority Key Identifier:
keyid:77:48:6B:61:0D:33:3A:EB:DA:8F:25:5C:50:14:11:B0:1F:18:FF:49
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/B2A71CE2334111EF9770A542C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.30.186.0/23
202.53.197.0/24
202.53.204.0/22
IPv6:
2401:df00:1::-2401:df00:2:ffff:ffff:ffff:ffff:ffff
2401:df00:7::/48
2401:df00:11::-2401:df00:12:ffff:ffff:ffff:ffff:ffff
2401:df00:21::-2401:df00:22:ffff:ffff:ffff:ffff:ffff
2401:df00:27::/48
2401:df00:31::-2401:df00:32:ffff:ffff:ffff:ffff:ffff
2401:df00:41::-2401:df00:42:ffff:ffff:ffff:ffff:ffff
2401:df00:47::/48
2401:df00:51::-2401:df00:52:ffff:ffff:ffff:ffff:ffff
2401:df00:57::/48
2401:df00:61::-2401:df00:62:ffff:ffff:ffff:ffff:ffff
2401:df00:181::-2401:df00:182:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
37:c6:fc:5b:7f:59:ec:91:6b:0e:5f:a8:27:f9:69:cd:0c:23:
4d:cd:74:89:ee:e1:ca:27:96:cc:4d:45:e2:ff:22:df:90:23:
55:00:38:52:9e:e2:78:45:e8:31:cd:1e:30:64:2d:27:51:cb:
d1:f6:47:7b:bd:a6:cf:91:5e:c6:78:c4:0b:84:ae:e9:92:fd:
8c:2e:e5:6f:63:4b:53:2b:a5:c2:2d:40:1f:04:da:dc:d0:df:
24:90:f6:de:65:93:56:dc:99:ff:88:e5:2b:03:cf:81:10:49:
88:57:67:62:3c:7c:07:0e:a0:04:e4:33:40:d1:d2:d3:e4:f0:
e6:b7:54:9c:ff:86:5c:2a:3f:55:50:72:a7:c8:fa:b4:3e:60:
bc:ed:a2:59:6c:63:d2:98:18:98:2d:0a:bf:70:73:d7:5a:3e:
d3:e8:b5:12:38:4d:fe:24:2d:0a:14:99:20:18:01:33:35:bb:
9f:d5:59:b6:2e:c8:6d:72:6b:97:87:a9:d0:44:48:e9:56:6c:
7f:32:8e:98:bb:04:34:e5:d8:8a:9d:b5:45:b2:0e:c3:38:5c:
ec:5a:44:db:6c:91:8e:ec:2a:ff:cd:53:c2:37:a7:c4:e5:f4:
3a:5f:2d:e3:58:b8:da:3a:a3:7c:9e:54:f7:6b:9e:af:50:ea:
ca:f4:dd:f2
-----BEGIN CERTIFICATE-----
MIIGTjCCBTagAwIBAgICEB8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzJDQzcxMTAvBgNVBAUTKDc3NDg2QjYxMEQzMzNBRUJEQThGMjU1QzUwMTQxMUIw
MUYxOEZGNDkwHhcNMjUxMDAzMTE1MjI0WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OGRmYjhmOC1jZWQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9IMqBHpYaUBP44qHXH26fb2dnxoRXgtT7lB/oVhOxoMSN+kmv8C8sUH5Wbpt
xYaxVbJkrHncBeTSlQBsyJOlmpBC6njmymDvSmu5yXkAi5VeOBlSlNMAhWXR4Lad
MneeMgareil0ykSUiwKWpdhuakBCmNgbTanF/2K5V7zVJlDuSNUSgxsF9ywKxpQA
EwohH7N3waTNKsOS4QV1oKxOFLi4rLNhJ9mE46ikZMEqOPy9Z9MBL1DJd4m6ovCw
/+jCqm+ft436vLg9ALUexKy31eDu5xeJy8V3PmUXcBa5rUmXchIsg5d125WP1+D+
gGlnSZyaJb254TZK1XA7Kj6kYQIDAQABo4IDcjCCA24wHQYDVR0OBBYEFPIBUD+5
xxN5pfaNlUt7zwPl55iFMB8GA1UdIwQYMBaAFHdIa2ENMzrr2o8lXFAUEbAfGP9J
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMkNDNy83OTFDNkEzNDdC
MzgxMUU5QkMwRDNCMzJDNEY5QUUwMi9kMGhyWVEwek91dmFqeVZjVUJRUnNCOFlf
MGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2QwaHJZUTB6T3V2YWp5VmNVQlFSc0I4WV8way5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzJDQzcvNzkxQzZBMzQ3QjM4MTFFOUJDMEQzQjMyQzRGOUFFMDIvQjJBNzFDRTIz
MzQxMTFFRjk3NzBBNTQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgfsGCCsGAQUFBwEHAQH/
BIHrMIHoMBgEAgABMBIDBAFnHroDBADKNcUDBALKNcwwgcsEAgACMIHEMBIDBwAk
Ad8AAAEDBwAkAd8AAAIDBwAkAd8AAAcwEgMHACQB3wAAEQMHACQB3wAAEjASAwcA
JAHfAAAhAwcAJAHfAAAiAwcAJAHfAAAnMBIDBwAkAd8AADEDBwAkAd8AADIwEgMH
ACQB3wAAQQMHACQB3wAAQgMHACQB3wAARzASAwcAJAHfAABRAwcAJAHfAABSAwcA
JAHfAABXMBIDBwAkAd8AAGEDBwAkAd8AAGIwEgMHACQB3wABgQMHACQB3wABgjAN
BgkqhkiG9w0BAQsFAAOCAQEAN8b8W39Z7JFrDl+oJ/lpzQwjTc10ie7hyieWzE1F
4v8i35AjVQA4Up7ieEXoMc0eMGQtJ1HL0fZHe72mz5FexnjEC4Su6ZL9jC7lb2NL
Uyulwi1AHwTa3NDfJJD23mWTVtyZ/4jlKwPPgRBJiFdnYjx8Bw6gBOQzQNHS0+Tw
5rdUnP+GXCo/VVByp8j6tD5gvO2iWWxj0pgYmC0Kv3Bz11o+0+i1EjhN/iQtChSZ
IBgBMzW7n9VZti7IbXJrl4ep0ERI6VZsfzKOmLsENOXYip21RbIOwzhc7FpE22yR
juwq/81TwjenxOX0Ol8t41i42jqjfJ5U92uer1DqyvTd8g==
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:21:56 2025 by rpki-client