Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/B2A71CE2334111EF9770A542C4F9AE02.roa
File: B2A71CE2334111EF9770A542C4F9AE02.roa (raw, json)
Hash identifier: 2Ywvb7sewrJUK65Z9m1HnVKU4OlGnMWcWy/A4SYw1WY=
Subject key identifier: 20:89:34:2A:C2:C3:C5:92:89:89:98:9F:3C:A6:0E:DD:CE:C8:BA:23
Certificate issuer: /CN=A91C2CC7/serialNumber=77486B610D333AEBDA8F255C501411B01F18FF49
Certificate serial: 1002
Authority key identifier: 77:48:6B:61:0D:33:3A:EB:DA:8F:25:5C:50:14:11:B0:1F:18:FF:49
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/B2A71CE2334111EF9770A542C4F9AE02.roa
Signing time: Mon 18 Aug 2025 06:11:30 +0000
ROA not before: Mon 18 Aug 2025 06:11:30 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 203
IP address blocks: 103.30.186.0/23 maxlen: 23
202.53.197.0/24 maxlen: 24
202.53.204.0/23 maxlen: 23
202.53.206.0/23 maxlen: 23
2401:df00:1::/48 maxlen: 48
2401:df00:2::/48 maxlen: 48
2401:df00:11::/48 maxlen: 48
2401:df00:12::/48 maxlen: 48
2401:df00:21::/48 maxlen: 48
2401:df00:22::/48 maxlen: 48
2401:df00:31::/48 maxlen: 48
2401:df00:32::/48 maxlen: 48
2401:df00:41::/48 maxlen: 48
2401:df00:42::/48 maxlen: 48
2401:df00:51::/48 maxlen: 48
2401:df00:52::/48 maxlen: 48
2401:df00:61::/48 maxlen: 48
2401:df00:62::/48 maxlen: 48
2401:df00:181::/48 maxlen: 48
2401:df00:182::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.crl
rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 17:43:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4098 (0x1002)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C2CC7, serialNumber=77486B610D333AEBDA8F255C501411B01F18FF49
Validity
Not Before: Aug 18 06:11:30 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=68a2c412-0d8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:49:2d:2f:dc:b7:f5:df:cb:aa:1d:36:4f:7f:
0e:f1:cc:b4:03:6c:44:b2:26:22:14:da:8c:d9:9d:
cf:16:2d:57:dd:8c:7e:52:f7:c4:c5:a7:0f:c7:e2:
49:55:05:3a:32:c3:1d:02:70:a5:26:c6:ad:05:2a:
c1:59:10:e6:25:d7:eb:95:ff:21:a4:48:8f:4a:4f:
81:5c:5e:3c:66:55:75:72:09:3e:65:50:a1:2e:a1:
39:ed:9d:c6:bb:a5:91:1e:6f:25:f5:15:8a:1b:2f:
17:29:91:a9:65:c7:b6:ca:20:23:ab:3a:5d:3b:d5:
c2:c7:a7:30:4e:fb:7f:04:2e:12:1e:47:0e:6e:0a:
e0:a4:67:76:92:e8:0b:e5:dc:17:4a:a8:01:bf:cd:
b8:b6:0f:a8:12:91:ca:20:4c:83:9c:63:6c:76:82:
21:c8:5e:60:5d:7e:95:53:e6:f9:96:2a:df:fe:11:
fd:ed:17:eb:fd:7a:6e:db:8b:1e:16:41:58:d3:ab:
8a:1f:23:a8:59:d1:bd:ff:b2:aa:65:96:ca:cc:df:
36:f7:6c:38:6c:fe:50:b2:1c:ae:6c:c3:06:67:c9:
aa:61:13:12:36:32:79:b7:d3:20:b5:e3:e6:f3:5e:
4e:47:7e:a6:74:6c:d1:f4:14:e3:2d:c3:66:01:8e:
fd:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:89:34:2A:C2:C3:C5:92:89:89:98:9F:3C:A6:0E:DD:CE:C8:BA:23
X509v3 Authority Key Identifier:
keyid:77:48:6B:61:0D:33:3A:EB:DA:8F:25:5C:50:14:11:B0:1F:18:FF:49
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/B2A71CE2334111EF9770A542C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.30.186.0/23
202.53.197.0/24
202.53.204.0/22
IPv6:
2401:df00:1::-2401:df00:2:ffff:ffff:ffff:ffff:ffff
2401:df00:11::-2401:df00:12:ffff:ffff:ffff:ffff:ffff
2401:df00:21::-2401:df00:22:ffff:ffff:ffff:ffff:ffff
2401:df00:31::-2401:df00:32:ffff:ffff:ffff:ffff:ffff
2401:df00:41::-2401:df00:42:ffff:ffff:ffff:ffff:ffff
2401:df00:51::-2401:df00:52:ffff:ffff:ffff:ffff:ffff
2401:df00:61::-2401:df00:62:ffff:ffff:ffff:ffff:ffff
2401:df00:181::-2401:df00:182:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5c:c0:c8:dc:fa:64:a4:f2:ae:37:bb:06:e5:0d:c3:df:9b:a7:
0e:25:1c:28:60:1b:7c:2c:6e:16:6e:eb:08:8e:a2:1a:50:1c:
67:b4:3c:07:02:70:a0:2e:56:ce:d5:ee:19:e7:58:fd:09:59:
b2:d6:85:99:cd:50:55:23:d9:22:aa:70:b8:a9:f2:52:72:58:
11:89:99:7f:0f:32:58:0b:b5:1d:0a:37:f2:ce:81:cc:97:4f:
47:91:df:45:4d:5a:21:da:bb:db:ee:9f:12:de:d2:9b:5a:86:
ee:e7:b8:55:1e:13:35:20:ba:25:45:43:30:21:0a:fb:41:e6:
8d:e9:13:01:3f:a4:ac:10:5e:f7:4b:a6:02:71:e7:2b:d1:2f:
62:f1:fc:0d:74:89:73:89:73:ef:ad:67:5b:18:65:17:d2:2a:
21:c5:94:8a:ed:6f:14:78:fe:34:51:50:ce:2c:97:4a:15:20:
e3:b6:07:ff:98:65:8b:7b:1d:b5:b1:6e:63:be:03:a1:9a:f6:
fc:20:60:79:49:50:58:2c:c9:48:45:a2:7b:6d:4e:ee:40:9f:
86:16:b3:c2:93:59:b8:0d:4e:d2:a8:68:e6:fc:52:3c:2f:c1:
34:01:80:d0:6a:bf:b4:96:d0:19:f5:01:20:12:24:4b:8e:f2:
5d:e6:db:cd
-----BEGIN CERTIFICATE-----
MIIGKjCCBRKgAwIBAgICEAIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzJDQzcxMTAvBgNVBAUTKDc3NDg2QjYxMEQzMzNBRUJEQThGMjU1QzUwMTQxMUIw
MUYxOEZGNDkwHhcNMjUwODE4MDYxMTMwWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OGEyYzQxMi0wZDhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3UktL9y39d/Lqh02T38O8cy0A2xEsiYiFNqM2Z3PFi1X3Yx+UvfExacPx+JJ
VQU6MsMdAnClJsatBSrBWRDmJdfrlf8hpEiPSk+BXF48ZlV1cgk+ZVChLqE57Z3G
u6WRHm8l9RWKGy8XKZGpZce2yiAjqzpdO9XCx6cwTvt/BC4SHkcObgrgpGd2kugL
5dwXSqgBv824tg+oEpHKIEyDnGNsdoIhyF5gXX6VU+b5lirf/hH97Rfr/Xpu24se
FkFY06uKHyOoWdG9/7KqZZbKzN8292w4bP5QshyubMMGZ8mqYRMSNjJ5t9MgtePm
815OR36mdGzR9BTjLcNmAY795QIDAQABo4IDTjCCA0owHQYDVR0OBBYEFCCJNCrC
w8WSiYmYnzymDt3OyLojMB8GA1UdIwQYMBaAFHdIa2ENMzrr2o8lXFAUEbAfGP9J
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMkNDNy83OTFDNkEzNDdC
MzgxMUU5QkMwRDNCMzJDNEY5QUUwMi9kMGhyWVEwek91dmFqeVZjVUJRUnNCOFlf
MGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2QwaHJZUTB6T3V2YWp5VmNVQlFSc0I4WV8way5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzJDQzcvNzkxQzZBMzQ3QjM4MTFFOUJDMEQzQjMyQzRGOUFFMDIvQjJBNzFDRTIz
MzQxMTFFRjk3NzBBNTQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgdcGCCsGAQUFBwEHAQH/
BIHHMIHEMBgEAgABMBIDBAFnHroDBADKNcUDBALKNcwwgacEAgACMIGgMBIDBwAk
Ad8AAAEDBwAkAd8AAAIwEgMHACQB3wAAEQMHACQB3wAAEjASAwcAJAHfAAAhAwcA
JAHfAAAiMBIDBwAkAd8AADEDBwAkAd8AADIwEgMHACQB3wAAQQMHACQB3wAAQjAS
AwcAJAHfAABRAwcAJAHfAABSMBIDBwAkAd8AAGEDBwAkAd8AAGIwEgMHACQB3wAB
gQMHACQB3wABgjANBgkqhkiG9w0BAQsFAAOCAQEAXMDI3PpkpPKuN7sG5Q3D35un
DiUcKGAbfCxuFm7rCI6iGlAcZ7Q8BwJwoC5WztXuGedY/QlZstaFmc1QVSPZIqpw
uKnyUnJYEYmZfw8yWAu1HQo38s6BzJdPR5HfRU1aIdq72+6fEt7Sm1qG7ue4VR4T
NSC6JUVDMCEK+0HmjekTAT+krBBe90umAnHnK9EvYvH8DXSJc4lz761nWxhlF9Iq
IcWUiu1vFHj+NFFQziyXShUg47YH/5hli3sdtbFuY74DoZr2/CBgeUlQWCzJSEWi
e21O7kCfhhazwpNZuA1O0qho5vxSPC/BNAGA0Gq/tJbQGfUBIBIkS47yXebbzQ==
-----END CERTIFICATE-----
Generated at Sun Aug 24 11:04:43 2025 by rpki-client