Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD4DB/3A315DCECD0211E7B0442D28C4F9AE02/9BAC2C9C32D911F09D7CBD0AC4F9AE02.roa
File: 9BAC2C9C32D911F09D7CBD0AC4F9AE02.roa (raw, json)
Hash identifier: WA77dp8CFAMTuFtYEp44sxYc2n+DFG5Sigw0CHNE2Bg=
Subject key identifier: A7:87:F1:8E:99:7B:C5:1C:5F:A2:4F:45:E2:92:3B:79:D0:96:C7:58
Certificate issuer: /CN=A91CD4DB/serialNumber=3FB7855EF330BA77D9F3B72DFFDEC20712AC1407
Certificate serial: 17E9
Authority key identifier: 3F:B7:85:5E:F3:30:BA:77:D9:F3:B7:2D:FF:DE:C2:07:12:AC:14:07
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P7eFXvMwunfZ87ct_97CBxKsFAc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CD4DB/3A315DCECD0211E7B0442D28C4F9AE02/9BAC2C9C32D911F09D7CBD0AC4F9AE02.roa
Signing time: Thu 14 Aug 2025 16:55:12 +0000
ROA not before: Thu 14 Aug 2025 16:55:12 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 38614
IP address blocks: 103.158.39.0/24 maxlen: 24
117.103.80.0/24 maxlen: 24
117.103.81.0/24 maxlen: 24
117.103.82.0/24 maxlen: 24
117.103.83.0/24 maxlen: 24
117.103.84.0/24 maxlen: 24
117.103.85.0/24 maxlen: 24
117.103.86.0/24 maxlen: 24
117.103.87.0/24 maxlen: 24
2404:f380::/32 maxlen: 32
2404:f380::/36 maxlen: 36
2404:f380::/48 maxlen: 48
2404:f380:1::/48 maxlen: 48
2404:f380:2::/48 maxlen: 48
2404:f380:3::/48 maxlen: 48
2404:f380:4::/48 maxlen: 48
2404:f380:5::/48 maxlen: 48
2404:f380:6::/48 maxlen: 48
2404:f380:7::/48 maxlen: 48
2404:f380:8::/48 maxlen: 48
2404:f380:9::/48 maxlen: 48
2404:f380:a::/48 maxlen: 48
2404:f380:b::/48 maxlen: 48
2404:f380:c::/48 maxlen: 48
2404:f380:d::/48 maxlen: 48
2404:f380:e::/48 maxlen: 48
2404:f380:f::/48 maxlen: 48
2404:f380:1000::/36 maxlen: 36
2404:f380:2000::/36 maxlen: 36
2404:f380:3000::/36 maxlen: 36
2404:f380:4000::/36 maxlen: 36
2404:f380:5000::/36 maxlen: 36
2404:f380:6000::/36 maxlen: 36
2404:f380:7000::/36 maxlen: 36
2404:f380:8000::/36 maxlen: 36
2404:f380:9000::/36 maxlen: 36
2404:f380:a000::/36 maxlen: 36
2404:f380:b000::/36 maxlen: 36
2404:f380:c000::/36 maxlen: 36
2404:f380:d000::/36 maxlen: 36
2404:f380:e000::/36 maxlen: 36
2404:f380:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91CD4DB/3A315DCECD0211E7B0442D28C4F9AE02/P7eFXvMwunfZ87ct_97CBxKsFAc.crl
rsync://rpki.apnic.net/member_repository/A91CD4DB/3A315DCECD0211E7B0442D28C4F9AE02/P7eFXvMwunfZ87ct_97CBxKsFAc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P7eFXvMwunfZ87ct_97CBxKsFAc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 16:40:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6121 (0x17e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD4DB, serialNumber=3FB7855EF330BA77D9F3B72DFFDEC20712AC1407
Validity
Not Before: Aug 14 16:55:12 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=689e14f0-22cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:02:41:cb:bd:71:5f:e4:4b:b0:94:84:18:56:
01:bc:06:8b:b1:06:07:fc:8b:bd:44:2d:2c:d9:e9:
99:80:7f:6b:9a:23:b0:17:ce:2c:da:88:e1:b3:41:
d4:37:64:93:64:1f:c7:be:18:df:5e:90:5e:db:2e:
80:71:54:35:af:ca:2b:c0:ec:0b:4e:11:06:91:b3:
1c:3f:ce:bb:d3:64:1a:92:4c:88:54:2b:9c:80:f5:
76:bb:3a:2f:86:69:48:dd:3c:ef:7d:c1:87:df:68:
25:29:91:a0:48:e1:cb:92:11:a7:60:8e:c2:a0:8b:
90:13:b9:c7:a9:0b:49:f7:d3:27:0c:6f:44:91:25:
f9:cb:f7:05:0f:74:99:a3:19:6d:e7:0c:3b:82:ff:
85:b8:64:f3:9f:f4:d6:90:09:c4:5d:c2:76:2c:64:
91:ec:48:84:9c:54:fa:ed:48:e6:70:ed:74:96:c6:
da:0e:5e:f4:09:b9:02:14:34:26:e8:38:97:c4:b9:
c1:69:9d:9c:33:ad:19:65:c8:b6:eb:81:f4:b9:2e:
6a:e3:d4:39:af:fe:84:08:ed:cf:5f:03:79:61:07:
da:b4:3a:f5:98:ff:2d:1a:e5:7a:1d:7b:6a:81:8a:
7d:8c:70:d9:68:7a:75:a7:49:8a:27:03:19:66:9c:
25:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:87:F1:8E:99:7B:C5:1C:5F:A2:4F:45:E2:92:3B:79:D0:96:C7:58
X509v3 Authority Key Identifier:
keyid:3F:B7:85:5E:F3:30:BA:77:D9:F3:B7:2D:FF:DE:C2:07:12:AC:14:07
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CD4DB/3A315DCECD0211E7B0442D28C4F9AE02/P7eFXvMwunfZ87ct_97CBxKsFAc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P7eFXvMwunfZ87ct_97CBxKsFAc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD4DB/3A315DCECD0211E7B0442D28C4F9AE02/9BAC2C9C32D911F09D7CBD0AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.158.39.0/24
117.103.80.0/21
IPv6:
2404:f380::/32
Signature Algorithm: sha256WithRSAEncryption
ae:64:71:d2:0e:2f:e7:77:89:b6:1c:f6:ac:7b:f3:e3:5c:35:
9d:cb:71:66:3c:e4:12:eb:80:bc:2c:ae:d9:2f:37:41:6a:e7:
82:e0:5c:ea:ba:e1:b7:c2:6b:ae:ed:b3:57:57:fd:eb:2f:10:
45:09:39:2e:75:41:68:da:88:61:ee:11:ab:23:0f:64:62:5b:
a4:89:e1:4e:6f:df:d2:69:cf:5e:55:d5:ff:f2:15:69:a9:60:
84:9a:27:9d:a8:4c:bd:4d:83:56:93:5d:64:e7:c4:21:9d:0e:
90:b1:e7:8a:0a:ae:21:14:15:2b:b0:69:d9:54:63:b8:6f:17:
6b:5b:ef:20:97:65:17:b9:ba:b0:b8:76:18:d2:4d:25:97:ba:
da:99:59:f9:7f:cb:bb:e9:fe:54:43:cc:fe:3c:17:f2:7e:c1:
0c:93:fc:a2:c0:6c:4e:90:e0:96:96:58:57:6e:db:c4:90:be:
2f:1c:7f:df:4b:09:0e:a6:05:40:e7:d9:36:f2:fa:ee:73:f6:
9d:13:60:1c:98:01:4a:be:8c:df:09:c2:a3:4d:73:60:8e:b1:
5f:5b:25:21:6a:fc:37:00:2a:43:27:da:d1:cb:ba:9a:bc:c3:
ff:81:be:3f:c3:77:fd:d3:d6:93:a3:ba:b7:73:eb:d0:e9:54:
01:68:19:a0
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICF+kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0Q0REIxMTAvBgNVBAUTKDNGQjc4NTVFRjMzMEJBNzdEOUYzQjcyREZGREVDMjA3
MTJBQzE0MDcwHhcNMjUwODE0MTY1NTEyWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODllMTRmMC0yMmNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6gJBy71xX+RLsJSEGFYBvAaLsQYH/Iu9RC0s2emZgH9rmiOwF84s2ojhs0HU
N2STZB/HvhjfXpBe2y6AcVQ1r8orwOwLThEGkbMcP86702QakkyIVCucgPV2uzov
hmlI3TzvfcGH32glKZGgSOHLkhGnYI7CoIuQE7nHqQtJ99MnDG9EkSX5y/cFD3SZ
oxlt5ww7gv+FuGTzn/TWkAnEXcJ2LGSR7EiEnFT67UjmcO10lsbaDl70CbkCFDQm
6DiXxLnBaZ2cM60ZZci264H0uS5q49Q5r/6ECO3PXwN5YQfatDr1mP8tGuV6HXtq
gYp9jHDZaHp1p0mKJwMZZpwlrwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFKeH8Y6Z
e8UcX6JPReKSO3nQlsdYMB8GA1UdIwQYMBaAFD+3hV7zMLp32fO3Lf/ewgcSrBQH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRDREQi8zQTMxNURDRUNE
MDIxMUU3QjA0NDJEMjhDNEY5QUUwMi9QN2VGWHZNd3VuZlo4N2N0Xzk3Q0J4S3NG
QWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1A3ZUZYdk13dW5mWjg3Y3RfOTdDQnhLc0ZBYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0Q0REIvM0EzMTVEQ0VDRDAyMTFFN0IwNDQyRDI4QzRGOUFFMDIvOUJBQzJDOUMz
MkQ5MTFGMDlEN0NCRDBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBABnnicDBAN1Z1AwDQQCAAIwBwMFACQE84AwDQYJKoZIhvcN
AQELBQADggEBAK5kcdIOL+d3ibYc9qx78+NcNZ3LcWY85BLrgLwsrtkvN0Fq54Lg
XOq64bfCa67ts1dX/esvEEUJOS51QWjaiGHuEasjD2RiW6SJ4U5v39Jpz15V1f/y
FWmpYISaJ52oTL1Ng1aTXWTnxCGdDpCx54oKriEUFSuwadlUY7hvF2tb7yCXZRe5
urC4dhjSTSWXutqZWfl/y7vp/lRDzP48F/J+wQyT/KLAbE6Q4JaWWFdu28SQvi8c
f99LCQ6mBUDn2Tby+u5z9p0TYByYAUq+jN8JwqNNc2COsV9bJSFq/DcAKkMn2tHL
upq8w/+Bvj/Dd/3T1pOjurdz69DpVAFoGaA=
-----END CERTIFICATE-----
Generated at Sun Aug 24 03:08:39 2025 by rpki-client