Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D90B9/D1EA8CF4B58711ECBEDB9229C4F9AE02/CC5A0854D0DD11EFB1C6656DC4F9AE02.roa
File: CC5A0854D0DD11EFB1C6656DC4F9AE02.roa (raw, json)
Hash identifier: uBqvI5dq8qNrDbHw4p02iYakpWTkn0S51P6ziID2+EI=
Subject key identifier: B0:BF:D8:A2:9C:0B:4F:66:2E:ED:DE:AD:F7:AE:E9:91:ED:D8:4E:75
Certificate issuer: /CN=A91D90B9/serialNumber=5A183B1E0FFCA6DADD796F6BB4AAAF93692F0DC9
Certificate serial: 03A8
Authority key identifier: 5A:18:3B:1E:0F:FC:A6:DA:DD:79:6F:6B:B4:AA:AF:93:69:2F:0D:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Whg7Hg_8ptrdeW9rtKqvk2kvDck.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D90B9/D1EA8CF4B58711ECBEDB9229C4F9AE02/CC5A0854D0DD11EFB1C6656DC4F9AE02.roa
Signing time: Tue 19 Aug 2025 01:38:41 +0000
ROA not before: Tue 19 Aug 2025 01:38:41 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 58945
IP address blocks: 103.26.112.0/22 maxlen: 24
103.35.157.0/24 maxlen: 24
103.35.159.0/24 maxlen: 24
106.0.52.0/22 maxlen: 24
2401:4440::/32 maxlen: 32
2401:4440::/36 maxlen: 36
2401:4440::/48 maxlen: 48
2401:4440:1000::/36 maxlen: 36
2401:4440:2000::/36 maxlen: 36
2401:4440:3000::/36 maxlen: 36
2401:4440:4000::/36 maxlen: 36
2401:4440:5000::/36 maxlen: 36
2401:4440:6000::/36 maxlen: 36
2401:4440:7000::/36 maxlen: 36
2401:4440:8000::/36 maxlen: 36
2401:4440:9000::/36 maxlen: 36
2401:4440:a000::/36 maxlen: 36
2401:4440:a001::/48 maxlen: 48
2401:4440:a002::/48 maxlen: 48
2401:4440:b000::/36 maxlen: 36
2401:4440:c000::/36 maxlen: 36
2401:4440:d000::/36 maxlen: 36
2401:4440:e000::/36 maxlen: 36
2401:4440:f000::/36 maxlen: 36
2401:4440:fb00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D90B9/D1EA8CF4B58711ECBEDB9229C4F9AE02/Whg7Hg_8ptrdeW9rtKqvk2kvDck.crl
rsync://rpki.apnic.net/member_repository/A91D90B9/D1EA8CF4B58711ECBEDB9229C4F9AE02/Whg7Hg_8ptrdeW9rtKqvk2kvDck.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Whg7Hg_8ptrdeW9rtKqvk2kvDck.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Aug 2025 01:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 936 (0x3a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D90B9, serialNumber=5A183B1E0FFCA6DADD796F6BB4AAAF93692F0DC9
Validity
Not Before: Aug 19 01:38:41 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=68a3d5a1-50fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:67:1c:67:a9:36:d3:e6:26:04:75:69:03:80:
35:4e:56:0f:76:f2:14:59:63:13:a6:09:5e:d2:bf:
ff:3d:a2:df:d3:ba:57:f6:96:85:50:19:41:ca:58:
e2:74:e6:bc:82:86:5f:2b:e1:ff:88:28:06:28:f1:
d9:c0:be:fe:3c:7f:5b:f5:4b:29:ff:39:ee:9f:89:
90:5b:07:60:8c:6f:9e:23:f6:de:9a:77:a9:17:a9:
f0:d0:5f:62:a9:d8:d8:0f:72:16:7e:f9:84:e8:7b:
e9:db:d9:f2:ca:a3:8a:e1:b0:91:1a:83:4f:04:5c:
58:f3:95:59:58:81:8c:05:84:54:4d:fd:2f:fc:dd:
db:ff:75:f9:37:53:c6:9b:16:1e:31:cc:3d:f5:13:
f6:34:dd:e5:64:ab:2a:4b:6d:95:38:a9:f4:25:10:
38:df:6c:28:82:c8:02:6b:96:97:5b:8d:d8:42:a3:
e2:6e:0c:c8:7b:8a:3f:8f:b5:2a:a2:66:81:d6:f0:
01:0a:5d:50:9f:f3:60:af:04:00:b4:ce:3d:41:1a:
c8:44:6e:5e:22:fd:ef:fa:b2:7d:09:d9:9f:51:b3:
8d:f0:d0:3e:86:22:30:ba:f3:ab:8a:fd:d5:ed:0c:
a0:65:7f:2f:0d:df:5d:0e:e9:6c:37:eb:aa:11:72:
56:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:BF:D8:A2:9C:0B:4F:66:2E:ED:DE:AD:F7:AE:E9:91:ED:D8:4E:75
X509v3 Authority Key Identifier:
keyid:5A:18:3B:1E:0F:FC:A6:DA:DD:79:6F:6B:B4:AA:AF:93:69:2F:0D:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D90B9/D1EA8CF4B58711ECBEDB9229C4F9AE02/Whg7Hg_8ptrdeW9rtKqvk2kvDck.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Whg7Hg_8ptrdeW9rtKqvk2kvDck.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D90B9/D1EA8CF4B58711ECBEDB9229C4F9AE02/CC5A0854D0DD11EFB1C6656DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.26.112.0/22
103.35.157.0/24
103.35.159.0/24
106.0.52.0/22
IPv6:
2401:4440::/32
Signature Algorithm: sha256WithRSAEncryption
64:8a:c8:13:15:0c:0a:07:b4:b9:df:bb:93:5c:19:8e:90:a0:
38:7b:9e:da:69:6b:a1:72:d5:a8:d2:d5:0c:c2:5d:b0:0c:ce:
44:d0:dc:b3:da:2c:9c:76:38:c2:6b:81:f7:f5:a0:f8:f3:9a:
4e:f7:89:e5:70:3f:db:7a:dd:92:e8:91:8f:e7:86:f3:1d:ba:
5e:ee:02:75:dd:e4:64:4e:28:4a:2e:ae:70:d1:a3:67:be:2c:
e6:6d:a9:1c:65:7c:a4:f9:6f:23:32:c6:c4:69:df:77:f4:e3:
82:b8:89:70:2d:5f:da:84:d5:56:2e:b1:5a:e7:c3:cb:4f:8d:
17:1d:b6:1a:9c:eb:f8:09:a3:b2:e9:23:45:e5:3d:34:86:9c:
5c:c8:e1:21:61:0c:f9:28:dc:76:a5:9f:e6:6e:b4:71:62:69:
8f:01:2f:cd:28:6b:39:b1:be:4d:e4:4d:59:98:7f:b3:c2:83:
e1:ab:b1:f4:51:68:da:e1:20:2b:1a:7e:53:93:63:78:62:62:
ba:e6:92:ad:d2:c3:b3:04:a0:13:e2:2d:60:8d:03:a6:05:35:
cd:f2:4c:61:f4:9f:be:8f:6d:02:ad:87:d0:5c:34:28:c7:d1:
db:49:4e:0c:5a:00:0c:f8:4b:f7:54:77:b3:d6:bb:c6:05:00:
7b:bf:e9:bc
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICA6gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDkwQjkxMTAvBgNVBAUTKDVBMTgzQjFFMEZGQ0E2REFERDc5NkY2QkI0QUFBRjkz
NjkyRjBEQzkwHhcNMjUwODE5MDEzODQxWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGEzZDVhMS01MGZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2mccZ6k20+YmBHVpA4A1TlYPdvIUWWMTpgle0r//PaLf07pX9paFUBlBylji
dOa8goZfK+H/iCgGKPHZwL7+PH9b9Usp/znun4mQWwdgjG+eI/bemnepF6nw0F9i
qdjYD3IWfvmE6Hvp29nyyqOK4bCRGoNPBFxY85VZWIGMBYRUTf0v/N3b/3X5N1PG
mxYeMcw99RP2NN3lZKsqS22VOKn0JRA432wogsgCa5aXW43YQqPibgzIe4o/j7Uq
omaB1vABCl1Qn/NgrwQAtM49QRrIRG5eIv3v+rJ9CdmfUbON8NA+hiIwuvOriv3V
7QygZX8vDd9dDulsN+uqEXJWzwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFLC/2KKc
C09mLu3erfeu6ZHt2E51MB8GA1UdIwQYMBaAFFoYOx4P/Kba3Xlva7Sqr5NpLw3J
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOTBCOS9EMUVBOENGNEI1
ODcxMUVDQkVEQjkyMjlDNEY5QUUwMi9XaGc3SGdfOHB0cmRlVzlydEtxdmsya3ZE
Y2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1doZzdIZ184cHRyZGVXOXJ0S3F2azJrdkRjay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDkwQjkvRDFFQThDRjRCNTg3MTFFQ0JFREI5MjI5QzRGOUFFMDIvQ0M1QTA4NTRE
MEREMTFFRkIxQzY2NTZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAJnGnADBABnI50DBABnI58DBAJqADQwDQQCAAIwBwMFACQB
REAwDQYJKoZIhvcNAQELBQADggEBAGSKyBMVDAoHtLnfu5NcGY6QoDh7ntppa6Fy
1ajS1QzCXbAMzkTQ3LPaLJx2OMJrgff1oPjzmk73ieVwP9t63ZLokY/nhvMdul7u
AnXd5GROKEournDRo2e+LOZtqRxlfKT5byMyxsRp33f044K4iXAtX9qE1VYusVrn
w8tPjRcdthqc6/gJo7LpI0XlPTSGnFzI4SFhDPko3Haln+ZutHFiaY8BL80oazmx
vk3kTVmYf7PCg+GrsfRRaNrhICsaflOTY3hiYrrmkq3Sw7MEoBPiLWCNA6YFNc3y
TGH0n76PbQKth9BcNCjH0dtJTgxaAAz4S/dUd7PWu8YFAHu/6bw=
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:13:35 2025 by rpki-client