Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/824DA5B0AD8B11EFBBEBED75C4F9AE02.roa
File: 824DA5B0AD8B11EFBBEBED75C4F9AE02.roa (raw, json)
Hash identifier: RWsizMbS5Xtej0mphDkVOGjt4DbI2VfB0uX1HIvdzXI=
Subject key identifier: B5:A0:CF:83:2C:03:EF:A6:7E:05:A4:07:DA:82:2A:2F:FA:97:04:31
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 2970
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/824DA5B0AD8B11EFBBEBED75C4F9AE02.roa
Signing time: Tue 12 Aug 2025 07:12:36 +0000
ROA not before: Tue 12 Aug 2025 07:12:36 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 9387
IP address blocks: 103.11.60.0/24 maxlen: 24
103.151.27.0/24 maxlen: 24
113.203.234.0/24 maxlen: 24
113.203.235.0/24 maxlen: 24
113.203.236.0/24 maxlen: 24
113.203.237.0/24 maxlen: 24
113.203.238.0/24 maxlen: 24
113.203.239.0/24 maxlen: 24
113.203.240.0/24 maxlen: 24
180.178.128.0/24 maxlen: 24
180.178.129.0/24 maxlen: 24
180.178.132.0/24 maxlen: 24
180.178.133.0/24 maxlen: 24
180.178.134.0/24 maxlen: 24
180.178.135.0/24 maxlen: 24
180.178.136.0/24 maxlen: 24
180.178.137.0/24 maxlen: 24
180.178.138.0/24 maxlen: 24
180.178.139.0/24 maxlen: 24
180.178.172.0/24 maxlen: 24
180.178.174.0/24 maxlen: 24
180.178.175.0/24 maxlen: 24
202.92.18.0/24 maxlen: 24
202.92.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 20:40:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10608 (0x2970)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Aug 12 07:12:36 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=689ae963-ca70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9d:0d:94:8b:0a:fc:f1:a6:40:ab:85:d7:f6:
8a:ce:b0:39:fb:92:1b:1d:43:30:70:cb:82:4d:22:
e7:fc:a7:ea:13:db:7b:47:3c:88:e7:c4:e7:1b:7c:
45:aa:02:06:90:8c:6d:c6:1c:29:6e:e7:21:3e:e4:
89:cb:e2:b3:01:de:19:21:b4:e3:16:f4:1f:ee:54:
38:58:ff:0f:d9:01:be:58:71:4c:48:f4:f0:4d:3e:
34:eb:0c:d4:90:2e:ca:fc:62:63:98:3f:29:df:2f:
5e:8c:f0:0f:af:e4:24:31:23:c5:6f:83:06:e9:98:
3c:2f:3a:ed:c1:e7:1c:76:5f:25:19:4c:ed:e2:e9:
ef:32:12:fa:79:34:27:12:0a:a9:ae:65:2a:83:86:
f3:79:e2:2d:42:54:04:eb:67:59:cb:6b:20:89:c7:
92:9b:1b:7d:bb:07:5e:ae:d0:1a:55:e6:e3:53:09:
18:89:29:2e:b9:3e:c0:ea:06:66:16:ba:44:6e:48:
a5:33:32:84:32:5f:ac:6e:26:20:01:5d:45:6f:44:
57:9e:a7:cb:3b:44:cd:a9:a6:6d:9c:df:98:45:b1:
1b:45:7c:c9:4d:9d:ce:c0:8a:8d:f2:80:2e:9a:07:
43:f9:73:e5:70:75:0e:1f:b5:f7:11:5e:dc:3a:4e:
c6:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:A0:CF:83:2C:03:EF:A6:7E:05:A4:07:DA:82:2A:2F:FA:97:04:31
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/824DA5B0AD8B11EFBBEBED75C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.60.0/24
103.151.27.0/24
113.203.234.0-113.203.240.255
180.178.128.0/23
180.178.132.0-180.178.139.255
180.178.172.0/24
180.178.174.0/23
202.92.18.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:78:b9:1d:20:94:c8:4b:de:c5:86:66:65:a4:5b:b6:46:d9:
87:76:35:b1:cb:e0:21:c8:ec:ef:29:ea:a8:30:50:fc:a5:f5:
cf:6e:25:70:91:3b:bc:b2:8f:3b:2a:b3:00:12:b0:68:b0:ee:
7d:3a:b6:e6:25:e1:9b:01:41:7c:4e:a7:15:7a:e0:1b:d0:9f:
9a:0f:6f:3b:cd:6e:f6:7d:cc:6f:85:f6:a2:7a:db:9e:fa:4e:
c2:d3:77:18:5b:57:06:b6:13:66:98:66:f9:9a:45:14:4a:06:
ce:68:8d:39:f4:8f:ac:70:ba:c7:ff:89:f4:2e:bd:8d:0b:5b:
46:ab:60:a0:62:83:02:bf:d0:04:06:12:cb:bd:95:4f:68:ec:
98:08:4b:f9:3a:de:4c:21:48:5a:36:34:09:2f:43:35:fd:01:
8a:ec:39:2d:38:c9:44:3c:4a:f8:07:a2:8e:92:9d:d6:43:26:
dd:2c:dd:40:76:7c:e1:f0:b1:28:d5:9f:96:9d:af:92:48:20:
48:f8:b9:fc:d9:f1:b7:ba:e8:b2:29:b9:ed:87:6d:4f:22:72:
43:50:b6:86:f5:4a:86:54:91:49:59:34:f6:b1:c1:72:81:ea:
74:da:10:fc:88:5f:57:32:3b:b8:05:20:6d:e5:89:a5:3e:95:
08:c6:0d:07
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgICKXAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjUwODEyMDcxMjM2WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODlhZTk2My1jYTcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAup0NlIsK/PGmQKuF1/aKzrA5+5IbHUMwcMuCTSLn/KfqE9t7RzyI58TnG3xF
qgIGkIxtxhwpbuchPuSJy+KzAd4ZIbTjFvQf7lQ4WP8P2QG+WHFMSPTwTT406wzU
kC7K/GJjmD8p3y9ejPAPr+QkMSPFb4MG6Zg8Lzrtweccdl8lGUzt4unvMhL6eTQn
EgqprmUqg4bzeeItQlQE62dZy2sgiceSmxt9uwdertAaVebjUwkYiSkuuT7A6gZm
FrpEbkilMzKEMl+sbiYgAV1Fb0RXnqfLO0TNqaZtnN+YRbEbRXzJTZ3OwIqN8oAu
mgdD+XPlcHUOH7X3EV7cOk7GBwIDAQABo4ICzzCCAsswHQYDVR0OBBYEFLWgz4Ms
A++mfgWkB9qCKi/6lwQxMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvODI0REE1QjBB
RDhCMTFFRkJCRUJFRDc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWQYIKwYBBQUHAQcBAf8E
SjBIMEYEAgABMEADBABnCzwDBABnlxswDAMEAXHL6gMEAHHL8AMEAbSygDAMAwQC
tLKEAwQCtLKIAwQAtLKsAwQBtLKuAwQBylwSMA0GCSqGSIb3DQEBCwUAA4IBAQA9
eLkdIJTIS97FhmZlpFu2RtmHdjWxy+AhyOzvKeqoMFD8pfXPbiVwkTu8so87KrMA
ErBosO59OrbmJeGbAUF8TqcVeuAb0J+aD287zW72fcxvhfaietue+k7C03cYW1cG
thNmmGb5mkUUSgbOaI059I+scLrH/4n0Lr2NC1tGq2CgYoMCv9AEBhLLvZVPaOyY
CEv5Ot5MIUhaNjQJL0M1/QGK7DktOMlEPEr4B6KOkp3WQybdLN1Adnzh8LEo1Z+W
na+SSCBI+Ln82fG3uuiyKbnth21PInJDULaG9UqGVJFJWTT2scFygep02hD8iF9X
Mju4BSBt5YmlPpUIxg0H
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:22:17 2025 by rpki-client