
Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/3003C4BA7C7711EEB9E0BE15C4F9AE02.roa
File: 3003C4BA7C7711EEB9E0BE15C4F9AE02.roa (raw, json)
Hash identifier: vtLAm7IVt53zIg8Nc5apkEjvAOJhd3yNQjgM+aQMRxs=
Subject key identifier: 4F:0C:44:23:2A:93:73:E8:D0:CD:C1:C8:54:FE:FA:2D:9D:F0:C9:7D
Certificate issuer: /CN=A91E4D3D/serialNumber=C8070FD061A851FF8AEDE0DE0C3607EEB98FF701
Certificate serial: 05CF
Authority key identifier: C8:07:0F:D0:61:A8:51:FF:8A:ED:E0:DE:0C:36:07:EE:B9:8F:F7:01
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/3003C4BA7C7711EEB9E0BE15C4F9AE02.roa
Signing time: Wed 18 Jun 2025 18:54:52 +0000
ROA not before: Wed 18 Jun 2025 18:54:52 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 13150
IP address blocks: 103.203.220.0/24 maxlen: 24
103.203.221.0/24 maxlen: 24
103.203.222.0/24 maxlen: 24
103.203.223.0/24 maxlen: 24
113.30.128.0/24 maxlen: 24
123.253.152.0/24 maxlen: 24
123.253.153.0/24 maxlen: 24
123.253.154.0/24 maxlen: 24
123.253.155.0/24 maxlen: 24
150.195.208.0/24 maxlen: 24
150.195.209.0/24 maxlen: 24
150.195.210.0/24 maxlen: 24
150.195.211.0/24 maxlen: 24
150.195.212.0/24 maxlen: 24
150.195.214.0/24 maxlen: 24
150.195.217.0/24 maxlen: 24
150.195.218.0/24 maxlen: 24
150.195.219.0/24 maxlen: 24
150.195.220.0/24 maxlen: 24
150.195.221.0/24 maxlen: 24
150.195.222.0/24 maxlen: 24
150.195.223.0/24 maxlen: 24
202.75.242.0/24 maxlen: 24
202.75.243.0/24 maxlen: 24
202.75.244.0/24 maxlen: 24
202.75.246.0/24 maxlen: 24
202.75.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.crl
rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 09 Jul 2025 23:30:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1487 (0x5cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4D3D, serialNumber=C8070FD061A851FF8AEDE0DE0C3607EEB98FF701
Validity
Not Before: Jun 18 18:54:52 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=68530b7c-5310
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:78:cc:04:8b:65:65:a6:11:e1:8a:5c:8b:51:
7b:1c:ea:6a:d5:4d:9e:3d:77:26:a0:94:72:31:38:
8d:93:2e:f9:e4:22:68:76:96:4e:65:d7:58:7a:3f:
f5:f9:9e:50:a5:58:d4:97:c0:c5:0c:5c:ca:d3:f7:
4d:ec:cf:76:24:7a:dc:b7:28:68:de:2d:ca:88:73:
81:1b:6e:33:09:33:45:1f:f2:e3:21:08:90:4b:2b:
05:87:67:4c:fa:0e:f1:3a:06:0b:4c:f2:93:f4:86:
03:ad:28:6a:7f:e5:df:5c:66:17:8d:d9:5f:8a:32:
11:04:55:77:fd:64:e6:37:e8:a0:33:b9:7c:26:eb:
65:67:8c:82:35:b5:80:72:61:6b:70:7e:47:48:c7:
ed:21:84:6a:94:b8:06:c8:a4:36:cc:27:0c:88:a2:
0f:27:06:22:02:e8:6f:47:8d:b9:bc:87:02:8b:e4:
3b:1a:68:92:72:ff:06:ec:d3:1b:2c:1c:f6:d7:7a:
5a:37:ea:f1:92:03:87:58:e2:d1:d5:80:3e:e6:20:
ff:9f:dc:e7:98:ff:23:4d:26:9f:44:89:0d:91:fb:
77:ec:e4:ba:2f:0e:f9:fd:38:77:c2:36:6d:18:e5:
11:c3:2d:ae:73:3f:b3:bb:81:93:13:4d:ad:6c:f7:
8f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:0C:44:23:2A:93:73:E8:D0:CD:C1:C8:54:FE:FA:2D:9D:F0:C9:7D
X509v3 Authority Key Identifier:
keyid:C8:07:0F:D0:61:A8:51:FF:8A:ED:E0:DE:0C:36:07:EE:B9:8F:F7:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/3003C4BA7C7711EEB9E0BE15C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.203.220.0/22
113.30.128.0/24
123.253.152.0/22
150.195.208.0-150.195.212.255
150.195.214.0/24
150.195.217.0-150.195.223.255
202.75.242.0-202.75.244.255
202.75.246.0/23
Signature Algorithm: sha256WithRSAEncryption
52:08:e8:de:7f:26:52:ea:5f:4d:d7:3c:df:1d:8a:ba:fe:0b:
78:c7:3e:e6:73:f7:a7:7e:2a:a0:cb:b9:41:9e:43:46:16:ca:
0b:ff:41:40:48:c9:46:d3:db:5d:86:a8:13:d8:aa:15:ed:53:
1b:78:aa:ec:3a:13:c0:93:f5:86:4e:a7:0b:1a:d3:c9:94:0d:
c1:7b:f5:2b:c8:78:be:c7:4e:2a:2f:ee:49:3f:0f:40:1a:88:
c4:5d:c6:42:0b:ce:d8:0a:d8:b1:2c:a4:ec:0f:ef:36:7c:d0:
72:17:f8:1d:ed:f0:c4:f2:21:3f:ef:33:cc:83:5a:a6:b1:ad:
29:62:b1:cb:d5:55:5f:21:43:74:66:74:19:8e:f6:04:e1:ac:
1f:87:72:c8:77:ab:2f:f7:f3:0e:cb:27:7c:f1:70:16:9e:87:
06:cc:f5:04:29:e6:55:7e:10:98:4c:59:fa:d4:a6:81:0e:46:
16:04:72:f0:6b:1f:13:95:b9:04:a2:57:0f:b0:90:50:9c:0c:
4a:34:aa:1a:cc:d4:a6:ca:6d:7b:95:04:c4:b2:13:41:2b:df:
a5:e8:5d:a2:91:26:62:03:ba:35:ec:37:98:53:50:99:53:27:
f1:0c:55:ef:26:10:a4:ec:36:6d:a8:59:ca:1e:47:4a:3d:5d:
22:db:fd:15
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgICBc8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTREM0QxMTAvBgNVBAUTKEM4MDcwRkQwNjFBODUxRkY4QUVERTBERTBDMzYwN0VF
Qjk4RkY3MDEwHhcNMjUwNjE4MTg1NDUyWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODUzMGI3Yy01MzEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuHjMBItlZaYR4Ypci1F7HOpq1U2ePXcmoJRyMTiNky755CJodpZOZddYej/1
+Z5QpVjUl8DFDFzK0/dN7M92JHrctyho3i3KiHOBG24zCTNFH/LjIQiQSysFh2dM
+g7xOgYLTPKT9IYDrShqf+XfXGYXjdlfijIRBFV3/WTmN+igM7l8JutlZ4yCNbWA
cmFrcH5HSMftIYRqlLgGyKQ2zCcMiKIPJwYiAuhvR425vIcCi+Q7GmiScv8G7NMb
LBz213paN+rxkgOHWOLR1YA+5iD/n9znmP8jTSafRIkNkft37OS6Lw75/Th3wjZt
GOURwy2ucz+zu4GTE02tbPePPQIDAQABo4IC1zCCAtMwHQYDVR0OBBYEFE8MRCMq
k3Po0M3ByFT++i2d8Ml9MB8GA1UdIwQYMBaAFMgHD9BhqFH/iu3g3gw2B+65j/cB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEQzRC9CMDIwMkQzMkQ4
QjkxMUVCQUJDMUY0ODVDNEY5QUUwMi95QWNQMEdHb1VmLUs3ZURlRERZSDdybVA5
d0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lBY1AwR0dvVWYtSzdlRGVERFlIN3JtUDl3RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTREM0QvQjAyMDJEMzJEOEI5MTFFQkFCQzFGNDg1QzRGOUFFMDIvMzAwM0M0QkE3
Qzc3MTFFRUI5RTBCRTE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYQYIKwYBBQUHAQcBAf8E
UjBQME4EAgABMEgDBAJny9wDBABxHoADBAJ7/ZgwDAMEBJbD0AMEAJbD1AMEAJbD
1jAMAwQAlsPZAwQFlsPAMAwDBAHKS/IDBADKS/QDBAHKS/YwDQYJKoZIhvcNAQEL
BQADggEBAFII6N5/JlLqX03XPN8dirr+C3jHPuZz96d+KqDLuUGeQ0YWygv/QUBI
yUbT212GqBPYqhXtUxt4quw6E8CT9YZOpwsa08mUDcF79SvIeL7HTiov7kk/D0Aa
iMRdxkILztgK2LEspOwP7zZ80HIX+B3t8MTyIT/vM8yDWqaxrSliscvVVV8hQ3Rm
dBmO9gThrB+Hcsh3qy/38w7LJ3zxcBaehwbM9QQp5lV+EJhMWfrUpoEORhYEcvBr
HxOVuQSiVw+wkFCcDEo0qhrM1KbKbXuVBMSyE0Er36XoXaKRJmIDujXsN5hTUJlT
J/EMVe8mEKTsNm2oWcoeR0o9XSLb/RU=
-----END CERTIFICATE-----
Generated at Thu Jul 3 07:57:15 2025 by rpki-client