Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/CB304C36307111EDB0CBD946C4F9AE02.roa
File: CB304C36307111EDB0CBD946C4F9AE02.roa (raw, json)
Hash identifier: hq9Cmc+FMjaTTTyQea1uvJO7rYKBgVJ1Xbylz3DiiHI=
Subject key identifier: D1:D9:B2:66:29:90:3D:88:1F:FF:FC:0E:C5:EE:78:A1:2B:60:FC:30
Certificate issuer: /CN=A911CA82/serialNumber=D2A0871BCD8376C11A8F049A39855AFCDB183064
Certificate serial: 063D
Authority key identifier: D2:A0:87:1B:CD:83:76:C1:1A:8F:04:9A:39:85:5A:FC:DB:18:30:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0qCHG82DdsEajwSaOYVa_NsYMGQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/CB304C36307111EDB0CBD946C4F9AE02.roa
Signing time: Fri 25 Jul 2025 15:43:42 +0000
ROA not before: Fri 25 Jul 2025 15:43:42 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 139628
IP address blocks: 43.255.114.0/23 maxlen: 24
103.20.80.0/22 maxlen: 22
103.20.80.0/24 maxlen: 24
103.20.81.0/24 maxlen: 24
103.20.82.0/24 maxlen: 24
103.20.83.0/24 maxlen: 24
103.106.204.0/22 maxlen: 22
103.106.204.0/24 maxlen: 24
103.106.205.0/24 maxlen: 24
103.106.206.0/24 maxlen: 24
103.106.207.0/24 maxlen: 24
103.119.96.0/22 maxlen: 22
103.119.96.0/24 maxlen: 24
103.119.97.0/24 maxlen: 24
103.119.98.0/24 maxlen: 24
103.119.99.0/24 maxlen: 24
103.136.176.0/22 maxlen: 22
103.136.176.0/24 maxlen: 24
103.136.177.0/24 maxlen: 24
103.136.178.0/24 maxlen: 24
103.136.179.0/24 maxlen: 24
103.142.208.0/23 maxlen: 23
103.142.208.0/24 maxlen: 24
103.142.209.0/24 maxlen: 24
103.147.234.0/23 maxlen: 24
103.152.194.0/23 maxlen: 24
111.67.96.0/22 maxlen: 22
111.67.96.0/24 maxlen: 24
111.67.97.0/24 maxlen: 24
111.67.98.0/24 maxlen: 24
111.67.99.0/24 maxlen: 24
111.67.100.0/22 maxlen: 22
111.67.100.0/24 maxlen: 24
111.67.101.0/24 maxlen: 24
111.67.102.0/24 maxlen: 24
111.67.103.0/24 maxlen: 24
115.178.24.0/23 maxlen: 23
115.178.24.0/24 maxlen: 24
115.178.25.0/24 maxlen: 24
124.108.4.0/22 maxlen: 22
124.108.4.0/24 maxlen: 24
124.108.5.0/24 maxlen: 24
124.108.6.0/24 maxlen: 24
124.108.7.0/24 maxlen: 24
150.129.20.0/22 maxlen: 22
150.129.20.0/24 maxlen: 24
150.129.21.0/24 maxlen: 24
150.129.22.0/24 maxlen: 24
150.129.23.0/24 maxlen: 24
202.58.16.0/23 maxlen: 23
202.58.16.0/24 maxlen: 24
202.58.17.0/24 maxlen: 24
202.58.18.0/23 maxlen: 23
202.58.18.0/24 maxlen: 24
202.58.19.0/24 maxlen: 24
203.80.170.0/23 maxlen: 23
203.80.170.0/24 maxlen: 24
203.80.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/0qCHG82DdsEajwSaOYVa_NsYMGQ.crl
rsync://rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/0qCHG82DdsEajwSaOYVa_NsYMGQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0qCHG82DdsEajwSaOYVa_NsYMGQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1597 (0x63d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911CA82, serialNumber=D2A0871BCD8376C11A8F049A39855AFCDB183064
Validity
Not Before: Jul 25 15:43:42 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=6883a62e-b7d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:72:3d:4d:07:43:58:e6:13:85:62:f3:12:25:
09:e9:a9:0f:7b:cc:73:d2:9e:9f:8a:45:69:da:43:
95:3d:81:3f:54:c3:b8:94:43:f1:bf:eb:2d:27:85:
54:f0:cd:48:d0:54:7b:82:b0:91:46:53:09:6f:2c:
0e:62:c5:cd:2f:aa:da:d9:ea:19:40:3c:8b:97:aa:
08:33:a9:7d:fb:b9:3d:b4:f4:a4:2e:11:a5:12:ad:
c1:1e:8d:d3:7e:28:45:ff:76:8b:9a:1a:10:65:50:
0d:09:60:55:38:2d:22:8e:0d:5d:7d:8e:ad:59:f7:
8f:4f:2b:84:41:cd:db:72:eb:09:7c:43:b2:70:a4:
41:35:16:6f:82:9a:68:91:86:cb:cd:fb:e0:c7:be:
2f:f6:9c:99:0d:d9:ca:78:ff:df:22:9c:09:67:85:
cf:57:5d:e3:69:28:84:19:21:c7:e9:77:0a:1a:cd:
f6:f9:3d:40:89:22:a0:07:f3:44:c0:ba:d2:01:d6:
4a:95:31:ca:15:9f:7c:b5:cb:c9:33:2a:55:68:4d:
79:7e:44:b1:7e:11:3f:3b:18:bb:b0:50:7b:da:d7:
84:2c:37:ee:f8:56:e7:af:cd:31:6b:21:f2:bd:3a:
2b:fc:5c:78:62:11:f2:6e:da:5e:80:ca:b1:f9:2a:
e6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:D9:B2:66:29:90:3D:88:1F:FF:FC:0E:C5:EE:78:A1:2B:60:FC:30
X509v3 Authority Key Identifier:
keyid:D2:A0:87:1B:CD:83:76:C1:1A:8F:04:9A:39:85:5A:FC:DB:18:30:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/0qCHG82DdsEajwSaOYVa_NsYMGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0qCHG82DdsEajwSaOYVa_NsYMGQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/CB304C36307111EDB0CBD946C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.114.0/23
103.20.80.0/22
103.106.204.0/22
103.119.96.0/22
103.136.176.0/22
103.142.208.0/23
103.147.234.0/23
103.152.194.0/23
111.67.96.0/21
115.178.24.0/23
124.108.4.0/22
150.129.20.0/22
202.58.16.0/22
203.80.170.0/23
Signature Algorithm: sha256WithRSAEncryption
79:46:47:9c:0d:74:84:6f:d7:be:e1:f3:e3:76:18:b0:b7:9c:
44:78:a5:ee:b8:24:2d:7e:69:2c:7c:53:3d:01:c9:e2:8b:4d:
c1:b3:87:f9:31:c3:2a:48:9b:75:f2:e4:be:e6:74:fb:ed:0b:
45:e3:03:40:e0:f2:7d:f4:87:34:a5:ff:4d:dc:71:56:cf:fe:
43:54:5f:09:ea:fa:64:14:6c:bc:88:67:91:b1:22:be:13:cb:
61:59:81:2e:44:87:53:19:75:56:46:3c:c5:eb:c7:5a:bc:cd:
c1:17:77:07:ce:7c:3c:af:87:95:6d:30:6a:33:d5:f1:6d:a0:
48:06:e8:12:5f:95:43:ac:b6:6d:51:52:4a:e8:6d:13:c2:74:
9b:75:b3:70:ed:f3:54:02:19:92:26:39:f1:1a:e6:23:a7:42:
4e:0d:38:d9:07:34:b9:b8:75:9b:a5:d4:32:bd:1c:84:4c:5f:
9e:ba:5b:cb:43:c9:e6:9f:c8:b6:52:99:b2:70:e0:33:2a:b1:
a6:91:d2:94:9f:61:72:2d:62:09:a5:e6:63:f3:15:e8:ed:47:
43:37:25:46:cc:b1:8c:2f:d1:a2:99:3b:31:be:ad:a5:7a:1d:
0d:52:93:48:26:c6:ec:74:d2:c5:48:9f:1b:b2:04:5d:7d:f6:
c1:74:92:98
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgICBj0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUNBODIxMTAvBgNVBAUTKEQyQTA4NzFCQ0Q4Mzc2QzExQThGMDQ5QTM5ODU1QUZD
REIxODMwNjQwHhcNMjUwNzI1MTU0MzQyWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODgzYTYyZS1iN2Q4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmXI9TQdDWOYThWLzEiUJ6akPe8xz0p6fikVp2kOVPYE/VMO4lEPxv+stJ4VU
8M1I0FR7grCRRlMJbywOYsXNL6ra2eoZQDyLl6oIM6l9+7k9tPSkLhGlEq3BHo3T
fihF/3aLmhoQZVANCWBVOC0ijg1dfY6tWfePTyuEQc3bcusJfEOycKRBNRZvgppo
kYbLzfvgx74v9pyZDdnKeP/fIpwJZ4XPV13jaSiEGSHH6XcKGs32+T1AiSKgB/NE
wLrSAdZKlTHKFZ98tcvJMypVaE15fkSxfhE/Oxi7sFB72teELDfu+Fbnr80xayHy
vTor/Fx4YhHybtpegMqx+SrmgQIDAQABo4IC4zCCAt8wHQYDVR0OBBYEFNHZsmYp
kD2IH//8DsXueKErYPwwMB8GA1UdIwQYMBaAFNKghxvNg3bBGo8EmjmFWvzbGDBk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0E4Mi8wQkVCMzc1QUJF
NDQxMUVCQUUzRDQzNDhDNEY5QUUwMi8wcUNIRzgyRGRzRWFqd1NhT1lWYV9Oc1lN
R1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBxQ0hHODJEZHNFYWp3U2FPWVZhX05zWU1HUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUNBODIvMEJFQjM3NUFCRTQ0MTFFQkFFM0Q0MzQ4QzRGOUFFMDIvQ0IzMDRDMzYz
MDcxMTFFREIwQ0JEOTQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbQYIKwYBBQUHAQcBAf8E
XjBcMFoEAgABMFQDBAEr/3IDBAJnFFADBAJnaswDBAJnd2ADBAJniLADBAFnjtAD
BAFnk+oDBAFnmMIDBANvQ2ADBAFzshgDBAJ8bAQDBAKWgRQDBALKOhADBAHLUKow
DQYJKoZIhvcNAQELBQADggEBAHlGR5wNdIRv177h8+N2GLC3nER4pe64JC1+aSx8
Uz0ByeKLTcGzh/kxwypIm3Xy5L7mdPvtC0XjA0Dg8n30hzSl/03ccVbP/kNUXwnq
+mQUbLyIZ5GxIr4Ty2FZgS5Eh1MZdVZGPMXrx1q8zcEXdwfOfDyvh5VtMGoz1fFt
oEgG6BJflUOstm1RUkrobRPCdJt1s3Dt81QCGZImOfEa5iOnQk4NONkHNLm4dZul
1DK9HIRMX566W8tDyeafyLZSmbJw4DMqsaaR0pSfYXItYgml5mPzFejtR0M3JUbM
sYwv0aKZOzG+raV6HQ1Sk0gmxux00sVInxuyBF199sF0kpg=
-----END CERTIFICATE-----
Generated at Mon Aug 11 11:33:56 2025 by rpki-client