Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/5A318E06F6A111EBB6318B7EC4F9AE02.roa
File: 5A318E06F6A111EBB6318B7EC4F9AE02.roa (raw, json)
Hash identifier: g01plAkOdieV4NPIP7/omEljoKEhVOT/UK1CPH/JcfQ=
Subject key identifier: 73:A9:BE:8A:1F:64:6F:0F:38:57:50:D3:EC:74:EE:6C:A0:CA:F8:CC
Certificate issuer: /CN=A91C4F06/serialNumber=3AAF80EA97E99B9525B33BC1335BB095C2D278A7
Certificate serial: 35A7
Authority key identifier: 3A:AF:80:EA:97:E9:9B:95:25:B3:3B:C1:33:5B:B0:95:C2:D2:78:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/5A318E06F6A111EBB6318B7EC4F9AE02.roa
Signing time: Thu 02 Oct 2025 15:10:57 +0000
ROA not before: Thu 02 Oct 2025 15:10:57 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 23955
IP address blocks: 43.241.136.0/22 maxlen: 23
43.241.136.0/23 maxlen: 24
43.241.138.0/24 maxlen: 24
103.29.224.0/22 maxlen: 24
103.71.40.0/22 maxlen: 24
118.103.136.0/21 maxlen: 23
118.103.136.0/23 maxlen: 24
118.103.139.0/24 maxlen: 24
118.103.140.0/22 maxlen: 24
2405:ec00::/32 maxlen: 32
2405:ec00:2::/48 maxlen: 48
2405:ec00:3::/48 maxlen: 48
2405:ec00:4::/48 maxlen: 48
2405:ec00:5::/48 maxlen: 48
2405:ec00:6::/48 maxlen: 48
2405:ec00:10a::/48 maxlen: 48
2405:ec00:10b::/48 maxlen: 48
2405:ec00:10c::/48 maxlen: 48
2405:ec00:10d::/48 maxlen: 48
2405:ec00:10e::/48 maxlen: 48
2405:ec00:10f::/48 maxlen: 48
2405:ec00:110::/48 maxlen: 48
2405:ec00:1000::/48 maxlen: 48
2405:ec00:1001::/48 maxlen: 48
2405:ec00:1002::/48 maxlen: 48
2405:ec00:1003::/48 maxlen: 48
2405:ec00:1004::/48 maxlen: 48
2405:ec00:1005::/48 maxlen: 48
2405:ec00:1100::/48 maxlen: 48
2405:ec00:1101::/48 maxlen: 48
2405:ec00:1201::/48 maxlen: 48
2405:ec00:1202::/48 maxlen: 48
2405:ec00:1203::/48 maxlen: 48
2405:ec00:1204::/48 maxlen: 48
2405:ec00:1205::/48 maxlen: 48
2405:ec00:1206::/48 maxlen: 48
2405:ec00:1208::/48 maxlen: 48
2405:ec00:1209::/48 maxlen: 48
2405:ec00:1210::/48 maxlen: 48
2405:ec00:1300::/48 maxlen: 48
2405:ec00:1301::/48 maxlen: 48
2405:ec00:7000::/40 maxlen: 40
2405:ec00:7100::/40 maxlen: 40
2405:ec00:9011::/48 maxlen: 48
2405:ec00:9012::/48 maxlen: 48
2405:ec00:9013::/48 maxlen: 48
2405:ec00:9014::/48 maxlen: 48
2405:ec00:9015::/48 maxlen: 48
2405:ec00:9016::/48 maxlen: 48
2405:ec00:9017::/48 maxlen: 48
2405:ec00:9018::/48 maxlen: 48
2405:ec00:9019::/48 maxlen: 48
2405:ec00:901a::/48 maxlen: 48
2405:ec00:901b::/48 maxlen: 48
2405:ec00:9021::/48 maxlen: 48
2405:ec00:9022::/48 maxlen: 48
2405:ec00:9023::/48 maxlen: 48
2405:ec00:9024::/48 maxlen: 48
2405:ec00:9025::/48 maxlen: 48
2405:ec00:9051::/48 maxlen: 48
2405:ec00:9052::/48 maxlen: 48
2405:ec00:9053::/48 maxlen: 48
2405:ec00:9054::/48 maxlen: 48
2405:ec00:9055::/48 maxlen: 48
2405:ec00:9071::/48 maxlen: 48
2405:ec00:9072::/48 maxlen: 48
2405:ec00:9073::/48 maxlen: 48
2405:ec00:9074::/48 maxlen: 48
2405:ec00:9075::/48 maxlen: 48
2405:ec00:9081::/48 maxlen: 48
2405:ec00:9082::/48 maxlen: 48
2405:ec00:9083::/48 maxlen: 48
2405:ec00:9100::/48 maxlen: 48
2405:ec00:9101::/48 maxlen: 48
2405:ec00:a1ca::/48 maxlen: 48
2405:ec00:f000::/36 maxlen: 36
2405:ec00:fa00::/48 maxlen: 48
2405:ec00:face::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.crl
rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 14:54:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13735 (0x35a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C4F06, serialNumber=3AAF80EA97E99B9525B33BC1335BB095C2D278A7
Validity
Not Before: Oct 2 15:10:57 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=68de9600-1da4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:5a:6a:27:26:a2:f3:1e:b6:7b:a6:c0:5b:83:
ca:d1:bd:c0:b1:6c:7c:d8:f3:21:90:99:15:62:74:
a0:96:f1:15:1d:8e:ff:38:84:c7:bd:ee:2d:59:24:
57:ca:fa:a4:44:5a:01:40:c9:c7:55:9f:57:ff:ec:
25:43:cc:bf:7d:28:c2:9c:44:20:24:2d:1e:78:c3:
1f:96:e1:ea:fb:6f:e5:a3:d4:27:46:42:70:22:f9:
3e:85:6e:89:b7:c3:85:10:45:08:3d:2d:a3:dc:67:
ec:f2:b8:70:d8:dd:7b:dd:0c:65:10:64:f2:ab:74:
86:10:fb:c7:72:15:73:37:97:dd:4a:be:6c:c1:48:
b4:b4:76:46:d7:ff:89:c0:cd:e4:49:c2:88:61:46:
6e:e7:56:85:78:d0:41:e0:bb:94:17:d4:fd:93:f2:
71:c4:20:0b:09:55:9d:ed:d3:58:f7:6a:74:08:e7:
82:dc:be:47:91:eb:6c:c3:5c:c4:6c:ff:7b:55:ed:
2f:da:11:18:1e:c7:56:0a:1f:41:eb:54:79:78:59:
de:73:0f:2f:31:a5:29:43:cc:67:cb:6d:12:b6:38:
4e:47:53:66:ca:49:38:4d:1e:83:1b:06:3e:09:3f:
88:ea:75:9c:ac:86:b2:63:0b:19:8a:a8:4b:73:42:
a0:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:A9:BE:8A:1F:64:6F:0F:38:57:50:D3:EC:74:EE:6C:A0:CA:F8:CC
X509v3 Authority Key Identifier:
keyid:3A:AF:80:EA:97:E9:9B:95:25:B3:3B:C1:33:5B:B0:95:C2:D2:78:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/5A318E06F6A111EBB6318B7EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.136.0/22
103.29.224.0/22
103.71.40.0/22
118.103.136.0/21
IPv6:
2405:ec00::/32
Signature Algorithm: sha256WithRSAEncryption
2c:e5:2a:3c:75:c9:ad:db:f9:f8:8e:47:6e:26:b8:a1:65:5e:
8a:33:20:e5:f4:c9:60:e7:a0:85:6a:a2:32:26:ab:e6:87:43:
49:54:fc:37:61:03:a1:c3:ff:3c:e8:5f:cd:95:a6:03:b4:f8:
42:7c:1c:2a:64:5b:95:6e:c8:e2:65:5c:74:dd:7e:30:7c:71:
4f:28:ff:b7:e1:c3:02:49:b8:5d:ca:60:18:4a:cf:a7:a1:15:
9d:59:17:c2:24:b6:63:64:a0:b2:13:1c:ff:42:f4:3e:c5:b0:
6e:bf:41:3f:c6:58:df:cb:ec:1a:0a:32:35:ec:f2:00:4e:7c:
0b:8f:d2:4a:9e:df:06:58:52:62:01:e1:96:ce:9a:20:15:41:
e5:c7:92:12:cf:03:6f:d7:f1:d9:8e:99:aa:b0:61:ad:73:8a:
4d:fb:69:83:f4:21:d8:ed:67:db:ed:07:64:ab:ae:cb:de:e4:
3c:ee:df:77:dd:96:e0:48:a6:29:2a:ac:46:09:f9:c8:c5:0b:
28:86:c8:04:57:be:2f:44:cf:c1:23:20:65:21:91:61:af:cc:
87:9b:08:d7:9e:67:ec:01:02:6c:c4:d4:c1:c4:59:bb:77:6e:
12:cb:bf:71:d4:7f:43:55:17:e8:c8:34:c5:7e:58:7f:ee:43:
b6:c5:fb:c4
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICNacwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzRGMDYxMTAvBgNVBAUTKDNBQUY4MEVBOTdFOTlCOTUyNUIzM0JDMTMzNUJCMDk1
QzJEMjc4QTcwHhcNMjUxMDAyMTUxMDU3WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGRlOTYwMC0xZGE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5FpqJyai8x62e6bAW4PK0b3AsWx82PMhkJkVYnSglvEVHY7/OITHve4tWSRX
yvqkRFoBQMnHVZ9X/+wlQ8y/fSjCnEQgJC0eeMMfluHq+2/lo9QnRkJwIvk+hW6J
t8OFEEUIPS2j3Gfs8rhw2N173QxlEGTyq3SGEPvHchVzN5fdSr5swUi0tHZG1/+J
wM3kScKIYUZu51aFeNBB4LuUF9T9k/JxxCALCVWd7dNY92p0COeC3L5Hketsw1zE
bP97Ve0v2hEYHsdWCh9B61R5eFnecw8vMaUpQ8xny20StjhOR1Nmykk4TR6DGwY+
CT+I6nWcrIayYwsZiqhLc0Kg4wIDAQABo4ICtjCCArIwHQYDVR0OBBYEFHOpvoof
ZG8POFdQ0+x07mygyvjMMB8GA1UdIwQYMBaAFDqvgOqX6ZuVJbM7wTNbsJXC0nin
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNEYwNi83NkUxQzQ3RTFE
OTUxMUUyQkU1OTVFN0QwOEIwMkNEMi9PcS1BNnBmcG01VWxzenZCTTF1d2xjTFNl
S2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09xLUE2cGZwbTVVbHN6dkJNMXV3bGNMU2VLYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzRGMDYvNzZFMUM0N0UxRDk1MTFFMkJFNTk1RTdEMDhCMDJDRDIvNUEzMThFMDZG
NkExMTFFQkI2MzE4QjdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAIr8YgDBAJnHeADBAJnRygDBAN2Z4gwDQQCAAIwBwMFACQF
7AAwDQYJKoZIhvcNAQELBQADggEBACzlKjx1ya3b+fiOR24muKFlXoozIOX0yWDn
oIVqojImq+aHQ0lU/DdhA6HD/zzoX82VpgO0+EJ8HCpkW5VuyOJlXHTdfjB8cU8o
/7fhwwJJuF3KYBhKz6ehFZ1ZF8IktmNkoLITHP9C9D7FsG6/QT/GWN/L7BoKMjXs
8gBOfAuP0kqe3wZYUmIB4ZbOmiAVQeXHkhLPA2/X8dmOmaqwYa1zik37aYP0Idjt
Z9vtB2Srrsve5Dzu33fdluBIpikqrEYJ+cjFCyiGyARXvi9Ez8EjIGUhkWGvzIeb
CNeeZ+wBAmzE1MHEWbt3bhLLv3HUf0NVF+jINMV+WH/uQ7bF+8Q=
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:51:35 2025 by rpki-client