Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE60/F1996712C7CF11E4B13BE121C4F9AE02/BBF567AEB0F011E5A08A224DC4F9AE02.roa
File: BBF567AEB0F011E5A08A224DC4F9AE02.roa (raw, json)
Hash identifier: E4bRuOYL0PbWjvuEwOPUx/0a/V7xxHGCiOOjV2Kufg0=
Subject key identifier: 32:CC:B4:E4:8C:E0:C6:03:4B:0F:39:7E:B8:AD:45:5A:47:0F:0D:92
Certificate issuer: /CN=A91EAE60/serialNumber=20083D4DFA844C5727558C4C756DB20DF807CD81
Certificate serial: 278B
Authority key identifier: 20:08:3D:4D:FA:84:4C:57:27:55:8C:4C:75:6D:B2:0D:F8:07:CD:81
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAg9TfqETFcnVYxMdW2yDfgHzYE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE60/F1996712C7CF11E4B13BE121C4F9AE02/BBF567AEB0F011E5A08A224DC4F9AE02.roa
Signing time: Mon 23 Jun 2025 05:09:20 +0000
ROA not before: Mon 23 Jun 2025 05:09:20 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 17887
IP address blocks: 43.247.56.0/22 maxlen: 22
43.247.56.0/24 maxlen: 24
43.247.57.0/24 maxlen: 24
103.11.12.0/22 maxlen: 22
103.106.8.0/22 maxlen: 22
103.106.8.0/24 maxlen: 24
103.213.204.0/22 maxlen: 22
103.213.204.0/24 maxlen: 24
103.213.205.0/24 maxlen: 24
202.60.192.0/20 maxlen: 20
202.60.192.0/21 maxlen: 21
202.60.192.0/22 maxlen: 22
202.60.195.0/24 maxlen: 24
202.60.196.0/22 maxlen: 22
202.60.198.0/24 maxlen: 24
202.60.199.0/24 maxlen: 24
202.60.200.0/21 maxlen: 21
202.60.200.0/22 maxlen: 22
202.60.200.0/24 maxlen: 24
202.60.203.0/24 maxlen: 24
202.60.204.0/22 maxlen: 22
202.60.204.0/24 maxlen: 24
202.60.205.0/24 maxlen: 24
202.60.207.0/24 maxlen: 24
203.159.72.0/22 maxlen: 22
203.159.72.0/24 maxlen: 24
203.159.73.0/24 maxlen: 24
203.159.74.0/24 maxlen: 24
203.159.75.0/24 maxlen: 24
203.159.96.0/19 maxlen: 19
203.159.96.0/24 maxlen: 24
203.159.100.0/24 maxlen: 24
203.159.101.0/24 maxlen: 24
203.159.103.0/24 maxlen: 24
203.159.104.0/24 maxlen: 24
203.159.107.0/24 maxlen: 24
203.159.108.0/24 maxlen: 24
203.159.111.0/24 maxlen: 24
203.159.120.0/24 maxlen: 24
203.159.124.0/24 maxlen: 24
203.159.125.0/24 maxlen: 24
203.159.126.0/24 maxlen: 24
203.159.127.0/24 maxlen: 24
2405:6d00::/32 maxlen: 32
2405:6d00:100::/48 maxlen: 48
2405:6d00:101::/48 maxlen: 48
2405:6d00:104::/48 maxlen: 48
2405:6d00:105::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EAE60/F1996712C7CF11E4B13BE121C4F9AE02/IAg9TfqETFcnVYxMdW2yDfgHzYE.crl
rsync://rpki.apnic.net/member_repository/A91EAE60/F1996712C7CF11E4B13BE121C4F9AE02/IAg9TfqETFcnVYxMdW2yDfgHzYE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAg9TfqETFcnVYxMdW2yDfgHzYE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 09 Jul 2025 15:46:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10123 (0x278b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE60, serialNumber=20083D4DFA844C5727558C4C756DB20DF807CD81
Validity
Not Before: Jun 23 05:09:20 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6858e17f-6f40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:5a:9e:49:f0:59:5b:6d:cb:8b:0d:96:3a:9f:
75:da:37:e1:5b:7f:df:02:f9:e2:01:b8:ec:dc:2f:
1a:71:06:4a:34:20:ed:c3:70:a1:aa:0d:f9:ef:0e:
65:74:78:37:09:a7:06:76:c4:4a:d9:3c:91:b5:f9:
19:02:28:bc:5e:95:6d:42:6d:72:b1:ec:4f:91:d0:
a9:91:d4:6e:ba:01:18:53:52:08:1c:87:ef:22:9f:
c3:a9:ab:22:2b:a0:02:4c:a4:03:88:53:42:90:82:
1b:d0:90:4a:d9:f1:43:af:80:6e:29:a3:32:c2:b0:
92:28:cd:13:69:40:fa:9c:8e:0e:7e:2c:86:48:21:
42:12:04:fd:43:ff:cd:8b:15:c3:6c:ad:b7:29:84:
c3:88:a9:e7:57:e0:d2:a3:df:5a:a2:34:54:38:ea:
b0:80:b3:5c:6d:52:3a:6d:27:4a:80:5d:40:89:02:
45:12:c9:05:08:6f:2c:d3:36:62:ca:87:d0:de:1b:
b4:81:7a:ca:e8:c3:60:bc:08:0b:8c:6e:35:66:45:
2d:d9:bc:9a:39:74:21:48:a8:d1:2e:85:d4:0c:29:
ed:f4:1a:0c:70:82:ad:73:6e:9f:8c:d7:38:c2:8d:
2c:0d:2d:1a:8f:58:79:ca:ed:74:af:be:e2:9a:15:
2d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:CC:B4:E4:8C:E0:C6:03:4B:0F:39:7E:B8:AD:45:5A:47:0F:0D:92
X509v3 Authority Key Identifier:
keyid:20:08:3D:4D:FA:84:4C:57:27:55:8C:4C:75:6D:B2:0D:F8:07:CD:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE60/F1996712C7CF11E4B13BE121C4F9AE02/IAg9TfqETFcnVYxMdW2yDfgHzYE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAg9TfqETFcnVYxMdW2yDfgHzYE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE60/F1996712C7CF11E4B13BE121C4F9AE02/BBF567AEB0F011E5A08A224DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.247.56.0/22
103.11.12.0/22
103.106.8.0/22
103.213.204.0/22
202.60.192.0/20
203.159.72.0/22
203.159.96.0/19
IPv6:
2405:6d00::/32
Signature Algorithm: sha256WithRSAEncryption
12:c6:d0:76:40:c3:ec:35:6a:8f:0c:29:5f:c5:b6:8d:3c:6e:
0f:8c:2d:75:7d:d6:64:52:24:92:3e:85:fa:5c:37:3d:d8:53:
bb:0e:4c:59:d9:63:9a:08:b3:dc:16:f9:98:ba:76:f2:ca:11:
40:85:fe:df:e4:b7:cf:52:fe:cd:f0:ec:40:47:18:e6:5b:34:
7a:0f:36:00:0b:3e:20:13:d7:35:ba:80:e1:08:b8:9e:ac:cc:
75:9f:d7:2a:fe:c4:50:fd:e9:fd:11:69:ec:bf:75:76:8a:b7:
a3:6c:82:dd:c8:58:7c:80:89:81:90:11:9d:4b:9e:0f:c5:bb:
e2:2e:c9:01:da:75:96:9f:7d:2d:2b:29:8b:31:d6:fb:a4:48:
81:0b:7f:4d:76:1f:d3:a3:33:76:ee:2d:a0:e8:4d:15:da:01:
1a:83:6e:4c:cc:79:02:e5:d3:e7:e6:f3:90:68:8b:25:c3:8e:
66:8d:0d:39:c1:80:8d:90:90:5d:87:fd:f1:f8:f5:7c:77:b5:
8f:21:d0:87:b1:53:b3:c5:f6:88:fe:51:54:e2:44:ca:46:ee:
2a:6e:1f:44:c4:b0:a3:79:fc:13:9d:5d:b0:6a:1d:fb:f1:5e:
15:3f:27:c1:4c:cd:57:1a:83:8d:0c:d0:b3:20:96:30:a0:e0:
2e:1f:b6:b5
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgICJ4swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFNjAxMTAvBgNVBAUTKDIwMDgzRDRERkE4NDRDNTcyNzU1OEM0Qzc1NkRCMjBE
RjgwN0NEODEwHhcNMjUwNjIzMDUwOTIwWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODU4ZTE3Zi02ZjQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnVqeSfBZW23Liw2WOp912jfhW3/fAvniAbjs3C8acQZKNCDtw3Chqg357w5l
dHg3CacGdsRK2TyRtfkZAii8XpVtQm1ysexPkdCpkdRuugEYU1IIHIfvIp/Dqasi
K6ACTKQDiFNCkIIb0JBK2fFDr4BuKaMywrCSKM0TaUD6nI4OfiyGSCFCEgT9Q//N
ixXDbK23KYTDiKnnV+DSo99aojRUOOqwgLNcbVI6bSdKgF1AiQJFEskFCG8s0zZi
yofQ3hu0gXrK6MNgvAgLjG41ZkUt2byaOXQhSKjRLoXUDCnt9BoMcIKtc26fjNc4
wo0sDS0aj1h5yu10r77imhUtbQIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFDLMtOSM
4MYDSw85fritRVpHDw2SMB8GA1UdIwQYMBaAFCAIPU36hExXJ1WMTHVtsg34B82B
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUU2MC9GMTk5NjcxMkM3
Q0YxMUU0QjEzQkUxMjFDNEY5QUUwMi9JQWc5VGZxRVRGY25WWXhNZFcyeURmZ0h6
WUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lBZzlUZnFFVEZjblZZeE1kVzJ5RGZnSHpZRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFNjAvRjE5OTY3MTJDN0NGMTFFNEIxM0JFMTIxQzRGOUFFMDIvQkJGNTY3QUVC
MEYwMTFFNUEwOEEyMjREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E
QzBBMDAEAgABMCoDBAIr9zgDBAJnCwwDBAJnaggDBAJn1cwDBATKPMADBALLn0gD
BAXLn2AwDQQCAAIwBwMFACQFbQAwDQYJKoZIhvcNAQELBQADggEBABLG0HZAw+w1
ao8MKV/Fto08bg+MLXV91mRSJJI+hfpcNz3YU7sOTFnZY5oIs9wW+Zi6dvLKEUCF
/t/kt89S/s3w7EBHGOZbNHoPNgALPiAT1zW6gOEIuJ6szHWf1yr+xFD96f0Raey/
dXaKt6Nsgt3IWHyAiYGQEZ1Lng/Fu+IuyQHadZaffS0rKYsx1vukSIELf012H9Oj
M3buLaDoTRXaARqDbkzMeQLl0+fm85BoiyXDjmaNDTnBgI2QkF2H/fH49Xx3tY8h
0IexU7PF9oj+UVTiRMpG7ipuH0TEsKN5/BOdXbBqHfvxXhU/J8FMzVcag40M0LMg
ljCg4C4ftrU=
-----END CERTIFICATE-----
Generated at Fri Jul 4 07:40:04 2025 by rpki-client