Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/38564246ABFB11EFAC5AA210C4F9AE02.roa
File: 38564246ABFB11EFAC5AA210C4F9AE02.roa (raw, json)
Hash identifier: w2lZ7FytQcTAriG+j2mMgJaY2jBUtn1pjsoCkrIXW7g=
Subject key identifier: 1F:37:FA:AB:F8:CE:E6:81:07:DA:F6:40:C1:B4:5B:26:7E:22:A4:DB
Certificate issuer: /CN=A91EB2B8/serialNumber=A69700E78D0C812AD2E2C114C82C655A0ACD447F
Certificate serial: 0285
Authority key identifier: A6:97:00:E7:8D:0C:81:2A:D2:E2:C1:14:C8:2C:65:5A:0A:CD:44:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ppcA540MgSrS4sEUyCxlWgrNRH8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/38564246ABFB11EFAC5AA210C4F9AE02.roa
Signing time: Tue 29 Apr 2025 07:58:40 +0000
ROA not before: Tue 29 Apr 2025 07:58:40 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 139057
IP address blocks: 103.138.247.0/24 maxlen: 24
103.243.92.0/24 maxlen: 24
103.243.93.0/24 maxlen: 24
103.243.94.0/24 maxlen: 24
103.243.95.0/24 maxlen: 24
123.108.72.0/24 maxlen: 24
123.108.73.0/24 maxlen: 24
2407:2440:1::/48 maxlen: 48
2407:2440:2::/48 maxlen: 48
2407:2440:3::/48 maxlen: 48
2407:2440:4::/48 maxlen: 48
2407:2440:5::/48 maxlen: 48
2407:2440:6::/48 maxlen: 48
2407:2440:7::/48 maxlen: 48
2407:2440:8::/48 maxlen: 48
2407:2440:9::/48 maxlen: 48
2407:2440:a::/48 maxlen: 48
2407:2440:b::/48 maxlen: 48
2407:2440:c::/48 maxlen: 48
2407:2440:d::/48 maxlen: 48
2407:2440:e::/48 maxlen: 48
2407:2440:f::/48 maxlen: 48
2407:2440:10::/48 maxlen: 48
2407:2440:11::/48 maxlen: 48
2407:2440:12::/48 maxlen: 48
2407:2440:13::/48 maxlen: 48
2407:2440:14::/48 maxlen: 48
2407:2440:15::/48 maxlen: 48
2407:2440:16::/48 maxlen: 48
2407:2440:17::/48 maxlen: 48
2407:2440:18::/48 maxlen: 48
2407:2440:19::/48 maxlen: 48
2407:2440:1e::/48 maxlen: 48
2407:2440:1f::/48 maxlen: 48
2407:2440:20::/48 maxlen: 48
2407:2440:22::/48 maxlen: 48
2407:2440:23::/48 maxlen: 48
2407:2440:25::/48 maxlen: 48
2407:2440:28::/48 maxlen: 48
2407:2440:2a::/48 maxlen: 48
2407:2440:2b::/48 maxlen: 48
2407:2440:2c::/48 maxlen: 48
2407:2440:2d::/48 maxlen: 48
2407:2440:a001::/48 maxlen: 48
2407:2440:a002::/48 maxlen: 48
2407:2440:a003::/48 maxlen: 48
2407:2440:e001::/48 maxlen: 48
2407:2440:e002::/48 maxlen: 48
2407:2440:e003::/48 maxlen: 48
2407:2440:f001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/ppcA540MgSrS4sEUyCxlWgrNRH8.crl
rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/ppcA540MgSrS4sEUyCxlWgrNRH8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ppcA540MgSrS4sEUyCxlWgrNRH8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 18 May 2025 01:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 645 (0x285)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EB2B8, serialNumber=A69700E78D0C812AD2E2C114C82C655A0ACD447F
Validity
Not Before: Apr 29 07:58:40 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=681086b0-98da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:51:7b:1b:93:0c:f7:f9:d3:80:d4:66:5d:4f:
06:a1:af:7f:6c:d1:25:32:2f:1e:2b:3e:b0:06:e7:
e6:e1:b0:4e:73:e6:5b:76:e0:87:f7:92:0a:a2:fb:
9d:d8:b2:3a:8e:77:ed:68:f3:11:b4:d4:5a:7c:09:
63:29:11:cc:52:e5:15:8a:87:e6:a5:f3:2b:0a:08:
0c:e8:6e:52:76:60:62:d4:77:36:74:97:6e:31:b3:
7a:b7:f9:16:c3:d6:62:05:f6:2c:10:e1:87:9a:e5:
c4:dc:1d:2c:bb:b0:7e:ca:e3:68:56:c3:6f:7b:3f:
3c:78:2c:8c:fc:68:84:34:a5:a5:30:d4:29:ab:c8:
62:d6:97:69:57:c5:11:62:3a:9a:4c:fd:09:84:6f:
b6:f2:41:f3:14:bb:41:56:90:48:cc:e3:c0:7f:fd:
f8:0c:3f:f8:80:f9:e1:4e:e5:22:d1:b6:cc:dd:07:
50:6b:e8:a0:4c:4c:b9:32:73:fe:4d:09:7c:02:fa:
69:35:8b:03:10:e7:40:7d:88:d9:ab:8e:01:93:f4:
d0:fa:17:f0:a1:da:25:32:c0:0d:03:b9:c5:db:6e:
7a:8b:f6:4b:9f:eb:ce:2f:01:bf:5e:a7:60:0a:0a:
fc:8e:4e:57:7b:36:9c:78:49:2d:aa:11:5f:63:89:
b1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:37:FA:AB:F8:CE:E6:81:07:DA:F6:40:C1:B4:5B:26:7E:22:A4:DB
X509v3 Authority Key Identifier:
keyid:A6:97:00:E7:8D:0C:81:2A:D2:E2:C1:14:C8:2C:65:5A:0A:CD:44:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/ppcA540MgSrS4sEUyCxlWgrNRH8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ppcA540MgSrS4sEUyCxlWgrNRH8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/38564246ABFB11EFAC5AA210C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.247.0/24
103.243.92.0/22
123.108.72.0/23
IPv6:
2407:2440:1::-2407:2440:19:ffff:ffff:ffff:ffff:ffff
2407:2440:1e::-2407:2440:20:ffff:ffff:ffff:ffff:ffff
2407:2440:22::/47
2407:2440:25::/48
2407:2440:28::/48
2407:2440:2a::-2407:2440:2d:ffff:ffff:ffff:ffff:ffff
2407:2440:a001::-2407:2440:a003:ffff:ffff:ffff:ffff:ffff
2407:2440:e001::-2407:2440:e003:ffff:ffff:ffff:ffff:ffff
2407:2440:f001::/48
Signature Algorithm: sha256WithRSAEncryption
30:95:9b:70:9c:ab:d6:31:db:9d:f0:55:9a:36:78:3d:3f:7f:
73:18:eb:52:bf:b3:fb:25:f1:7a:38:fc:b0:0f:04:6f:db:2b:
e0:32:0b:a1:59:65:f6:92:35:7e:96:48:2e:f9:8b:09:44:6d:
4d:95:fd:86:bc:c1:41:1e:2a:db:37:e6:0d:b2:25:b5:69:8f:
12:29:49:fc:75:65:c8:f6:b1:8c:3e:3d:04:d9:66:20:f1:0b:
29:ca:aa:16:34:eb:82:01:53:f1:c2:64:c4:61:76:75:7b:4d:
15:3e:f2:9f:f2:b1:54:3d:1f:d1:dc:4a:00:53:90:6a:c6:7b:
00:6b:ea:c1:0e:2e:a9:52:bd:c8:5a:25:2c:5e:a1:2f:d7:e3:
78:ea:8c:de:ca:02:d8:69:9d:38:88:68:fc:86:a7:90:aa:e6:
41:04:f3:31:69:fd:1c:19:60:a0:41:4f:f2:ad:80:43:31:d7:
f6:81:68:18:51:76:56:af:cb:b4:42:61:dc:a1:35:5c:39:76:
ca:bc:cf:30:1a:15:9c:18:8e:41:b0:1c:86:47:b8:c8:d0:6e:
f3:b9:4b:be:ff:92:5d:a7:28:df:da:06:69:7e:8b:0d:94:c2:
a6:34:cd:e8:0a:16:45:70:ab:4a:f0:3f:c1:78:a6:4f:16:11:
15:09:c7:21
-----BEGIN CERTIFICATE-----
MIIGEjCCBPqgAwIBAgICAoUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUIyQjgxMTAvBgNVBAUTKEE2OTcwMEU3OEQwQzgxMkFEMkUyQzExNEM4MkM2NTVB
MEFDRDQ0N0YwHhcNMjUwNDI5MDc1ODQwWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODEwODZiMC05OGRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArlF7G5MM9/nTgNRmXU8Goa9/bNElMi8eKz6wBufm4bBOc+ZbduCH95IKovud
2LI6jnftaPMRtNRafAljKRHMUuUViofmpfMrCggM6G5SdmBi1Hc2dJduMbN6t/kW
w9ZiBfYsEOGHmuXE3B0su7B+yuNoVsNvez88eCyM/GiENKWlMNQpq8hi1pdpV8UR
YjqaTP0JhG+28kHzFLtBVpBIzOPAf/34DD/4gPnhTuUi0bbM3QdQa+igTEy5MnP+
TQl8AvppNYsDEOdAfYjZq44Bk/TQ+hfwodolMsANA7nF2256i/ZLn+vOLwG/Xqdg
Cgr8jk5XezaceEktqhFfY4mxSQIDAQABo4IDNjCCAzIwHQYDVR0OBBYEFB83+qv4
zuaBB9r2QMG0WyZ+IqTbMB8GA1UdIwQYMBaAFKaXAOeNDIEq0uLBFMgsZVoKzUR/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjJCOC8zRjQ0Q0JBRTJG
NEQxMUVEOEY1QTZBNjRDNEY5QUUwMi9wcGNBNTQwTWdTclM0c0VVeUN4bFdnck5S
SDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BwY0E1NDBNZ1NyUzRzRVV5Q3hsV2dyTlJIOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUIyQjgvM0Y0NENCQUUyRjREMTFFRDhGNUE2QTY0QzRGOUFFMDIvMzg1NjQyNDZB
QkZCMTFFRkFDNUFBMjEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgb8GCCsGAQUFBwEHAQH/
BIGvMIGsMBgEAgABMBIDBABnivcDBAJn81wDBAF7bEgwgY8EAgACMIGIMBIDBwAk
ByRAAAEDBwEkByRAABgwEgMHASQHJEAAHgMHACQHJEAAIAMHASQHJEAAIgMHACQH
JEAAJQMHACQHJEAAKDASAwcBJAckQAAqAwcBJAckQAAsMBIDBwAkByRAoAEDBwIk
ByRAoAAwEgMHACQHJEDgAQMHAiQHJEDgAAMHACQHJEDwATANBgkqhkiG9w0BAQsF
AAOCAQEAMJWbcJyr1jHbnfBVmjZ4PT9/cxjrUr+z+yXxejj8sA8Eb9sr4DILoVll
9pI1fpZILvmLCURtTZX9hrzBQR4q2zfmDbIltWmPEilJ/HVlyPaxjD49BNlmIPEL
KcqqFjTrggFT8cJkxGF2dXtNFT7yn/KxVD0f0dxKAFOQasZ7AGvqwQ4uqVK9yFol
LF6hL9fjeOqM3soC2GmdOIho/IankKrmQQTzMWn9HBlgoEFP8q2AQzHX9oFoGFF2
Vq/LtEJh3KE1XDl2yrzPMBoVnBiOQbAchke4yNBu87lLvv+SXaco39oGaX6LDZTC
pjTN6AoWRXCrSvA/wXimTxYRFQnHIQ==
-----END CERTIFICATE-----
Generated at Sun May 11 15:18:36 2025 by rpki-client