Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/824DA5B0AD8B11EFBBEBED75C4F9AE02.roa
File: 824DA5B0AD8B11EFBBEBED75C4F9AE02.roa (raw, json)
Hash identifier: FlzU2NfW7y4rOZlHdgScu1xUa1eHoqDo75MketYBk9U=
Subject key identifier: 07:DC:95:86:A7:5F:72:03:2B:D4:3C:76:90:D0:28:A7:55:40:96:94
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 29C8
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/824DA5B0AD8B11EFBBEBED75C4F9AE02.roa
Signing time: Wed 17 Sep 2025 14:07:58 +0000
ROA not before: Wed 17 Sep 2025 14:07:58 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 9387
IP address blocks: 103.11.60.0/24 maxlen: 24
103.151.27.0/24 maxlen: 24
113.203.234.0/24 maxlen: 24
113.203.235.0/24 maxlen: 24
113.203.236.0/24 maxlen: 24
113.203.237.0/24 maxlen: 24
113.203.238.0/24 maxlen: 24
113.203.239.0/24 maxlen: 24
113.203.240.0/24 maxlen: 24
115.167.72.0/24 maxlen: 24
115.167.74.0/24 maxlen: 24
115.167.75.0/24 maxlen: 24
180.178.128.0/24 maxlen: 24
180.178.129.0/24 maxlen: 24
180.178.132.0/24 maxlen: 24
180.178.133.0/24 maxlen: 24
180.178.134.0/24 maxlen: 24
180.178.135.0/24 maxlen: 24
180.178.136.0/24 maxlen: 24
180.178.137.0/24 maxlen: 24
180.178.138.0/24 maxlen: 24
180.178.139.0/24 maxlen: 24
180.178.172.0/24 maxlen: 24
180.178.174.0/24 maxlen: 24
180.178.175.0/24 maxlen: 24
202.92.18.0/24 maxlen: 24
202.92.19.0/24 maxlen: 24
202.92.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 21:36:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10696 (0x29c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134, serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Sep 17 14:07:58 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=68cac0be-6576
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:8b:35:7f:46:60:07:c1:35:e8:0e:93:7f:da:
db:77:9f:e0:ed:cd:e5:16:6c:8d:7d:47:13:12:70:
3c:5f:8e:68:39:a2:82:11:c7:f3:71:4f:74:f3:73:
fc:1d:6a:93:f5:a6:e2:fd:63:e9:62:65:37:09:87:
81:27:d6:15:25:55:e0:c2:e6:0d:0a:44:02:9d:19:
51:9c:f9:ba:b6:bb:01:7f:75:f0:19:9f:5f:01:95:
cb:78:83:9c:4d:05:29:4e:1c:9a:a8:2d:2b:d9:65:
61:84:cf:16:11:a7:06:e9:85:ff:0f:a2:d5:14:5a:
82:ab:75:f2:3a:cd:62:fb:54:1d:cf:4d:04:78:80:
9d:0a:98:b2:b5:41:1e:4f:d5:ea:6d:9d:40:dc:4e:
3c:40:71:72:b3:dc:cc:22:da:a9:85:ee:b9:90:b4:
f9:81:e3:da:0d:36:30:79:58:a9:40:c8:3e:cb:26:
ee:48:90:aa:11:de:d6:2a:51:96:c5:55:21:39:1a:
24:e9:89:2d:b8:81:38:6a:3f:ec:dd:19:17:ce:f3:
e2:92:66:17:87:6b:2c:67:7f:ba:7c:04:86:74:d7:
a9:7c:f2:7e:2a:9f:4b:11:27:93:4b:a6:25:ed:49:
27:90:02:4c:29:2e:dd:e2:58:4f:2e:58:2f:c2:40:
01:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:DC:95:86:A7:5F:72:03:2B:D4:3C:76:90:D0:28:A7:55:40:96:94
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/824DA5B0AD8B11EFBBEBED75C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.60.0/24
103.151.27.0/24
113.203.234.0-113.203.240.255
115.167.72.0/24
115.167.74.0/23
180.178.128.0/23
180.178.132.0-180.178.139.255
180.178.172.0/24
180.178.174.0/23
202.92.18.0/23
202.92.27.0/24
Signature Algorithm: sha256WithRSAEncryption
af:e5:63:50:d3:66:1d:e8:1f:d5:ac:93:9d:65:32:b4:f5:19:
8c:b7:58:fd:45:54:65:bc:7e:65:29:2f:40:85:cc:6e:0b:b3:
7d:fa:e6:92:a4:0a:b8:8e:df:5c:ca:fd:fd:2e:bb:f3:27:f1:
05:e8:6c:c2:81:83:a5:aa:be:f9:e1:45:9d:a2:a9:08:46:b7:
32:bf:9b:25:d3:ca:2e:ea:51:85:54:c8:fb:e1:2a:9f:0d:1c:
4d:4f:4e:b2:8b:78:59:a0:57:a8:04:1b:f9:b8:b3:94:20:06:
18:47:f1:09:94:40:a2:b4:b6:32:65:cd:39:b5:0f:8f:8d:41:
64:99:82:81:0a:d1:4d:45:04:49:42:49:12:64:2e:56:7a:05:
95:ac:2b:62:50:58:98:75:6f:6d:6c:87:3e:be:b9:db:2f:99:
12:ad:ae:d6:ec:69:d8:97:57:e5:31:e9:bb:b0:ab:c0:24:3b:
39:ca:2d:fa:c6:ca:7f:37:1d:52:99:e2:68:98:d8:5f:36:22:
e2:9f:81:5f:69:60:63:7e:c7:97:0c:d2:0c:cb:fe:7d:eb:ce:
1a:6d:61:ae:03:30:56:0e:20:e0:38:4f:2d:4d:90:8c:19:ec:
88:9e:44:83:3c:97:33:ef:34:2d:c3:07:1f:83:8a:31:77:50:
a6:cd:ba:c9
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgICKcgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjUwOTE3MTQwNzU4WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGNhYzBiZS02NTc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzos1f0ZgB8E16A6Tf9rbd5/g7c3lFmyNfUcTEnA8X45oOaKCEcfzcU9083P8
HWqT9abi/WPpYmU3CYeBJ9YVJVXgwuYNCkQCnRlRnPm6trsBf3XwGZ9fAZXLeIOc
TQUpThyaqC0r2WVhhM8WEacG6YX/D6LVFFqCq3XyOs1i+1Qdz00EeICdCpiytUEe
T9XqbZ1A3E48QHFys9zMItqphe65kLT5gePaDTYweVipQMg+yybuSJCqEd7WKlGW
xVUhORok6YktuIE4aj/s3RkXzvPikmYXh2ssZ3+6fASGdNepfPJ+Kp9LESeTS6Yl
7UknkAJMKS7d4lhPLlgvwkABgQIDAQABo4IC4TCCAt0wHQYDVR0OBBYEFAfclYan
X3IDK9Q8dpDQKKdVQJaUMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvODI0REE1QjBB
RDhCMTFFRkJCRUJFRDc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwawYIKwYBBQUHAQcBAf8E
XDBaMFgEAgABMFIDBABnCzwDBABnlxswDAMEAXHL6gMEAHHL8AMEAHOnSAMEAXOn
SgMEAbSygDAMAwQCtLKEAwQCtLKIAwQAtLKsAwQBtLKuAwQBylwSAwQAylwbMA0G
CSqGSIb3DQEBCwUAA4IBAQCv5WNQ02Yd6B/VrJOdZTK09RmMt1j9RVRlvH5lKS9A
hcxuC7N9+uaSpAq4jt9cyv39LrvzJ/EF6GzCgYOlqr754UWdoqkIRrcyv5sl08ou
6lGFVMj74SqfDRxNT06yi3hZoFeoBBv5uLOUIAYYR/EJlECitLYyZc05tQ+PjUFk
mYKBCtFNRQRJQkkSZC5WegWVrCtiUFiYdW9tbIc+vrnbL5kSra7W7GnYl1flMem7
sKvAJDs5yi36xsp/Nx1SmeJomNhfNiLin4FfaWBjfseXDNIMy/59684abWGuAzBW
DiDgOE8tTZCMGeyInkSDPJcz7zQtwwcfg4oxd1CmzbrJ
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:49:14 2025 by rpki-client