Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D834/DFBA50B81D8D11E2824DEDEB08B02CD2/F62323DEB97911F0A728D041C4F9AE02.roa
File: F62323DEB97911F0A728D041C4F9AE02.roa (raw, json)
Hash identifier: J36yaV9S5VSb6XXTUej0Xefxo/5tW+QQLbzTSN8/VLo=
Subject key identifier: 23:7E:06:78:AB:10:9D:93:9F:66:F1:BE:A4:11:50:F5:B5:05:5C:DB
Certificate issuer: /CN=A911D834/serialNumber=FDB2754D950630EB11DF84E2855CAAB7D1626F80
Certificate serial: 3539
Authority key identifier: FD:B2:75:4D:95:06:30:EB:11:DF:84:E2:85:5C:AA:B7:D1:62:6F:80
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_bJ1TZUGMOsR34TihVyqt9Fib4A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D834/DFBA50B81D8D11E2824DEDEB08B02CD2/F62323DEB97911F0A728D041C4F9AE02.roa
Signing time: Tue 04 Nov 2025 12:29:52 +0000
ROA not before: Tue 04 Nov 2025 12:29:52 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 4007
IP address blocks: 103.232.152.0/22 maxlen: 24
103.235.196.0/22 maxlen: 24
110.34.0.0/19 maxlen: 24
116.66.192.0/21 maxlen: 24
163.47.148.0/22 maxlen: 22
163.47.148.0/24 maxlen: 24
163.47.149.0/24 maxlen: 24
163.47.150.0/24 maxlen: 24
163.47.151.0/24 maxlen: 24
163.53.24.0/23 maxlen: 23
163.53.24.0/24 maxlen: 24
163.53.25.0/24 maxlen: 24
182.93.64.0/19 maxlen: 24
202.51.80.0/24 maxlen: 24
202.51.88.0/23 maxlen: 24
202.51.92.0/24 maxlen: 24
202.51.93.0/24 maxlen: 24
202.63.240.0/21 maxlen: 24
2403:3800::/32 maxlen: 40
2403:3800:8::/48 maxlen: 48
2403:3800:600::/48 maxlen: 48
2403:3800:700::/48 maxlen: 48
2403:3800:820::/48 maxlen: 48
2403:3800:1200::/44 maxlen: 44
2403:3800:1210::/44 maxlen: 44
2403:3800:1220::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911D834/DFBA50B81D8D11E2824DEDEB08B02CD2/_bJ1TZUGMOsR34TihVyqt9Fib4A.crl
rsync://rpki.apnic.net/member_repository/A911D834/DFBA50B81D8D11E2824DEDEB08B02CD2/_bJ1TZUGMOsR34TihVyqt9Fib4A.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_bJ1TZUGMOsR34TihVyqt9Fib4A.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 11 Nov 2025 14:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13625 (0x3539)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D834, serialNumber=FDB2754D950630EB11DF84E2855CAAB7D1626F80
Validity
Not Before: Nov 4 12:29:52 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=6909f1c0-70d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:b0:06:21:44:16:b3:8e:26:81:d0:ce:44:eb:
32:08:7e:69:f3:22:89:50:b0:ae:f5:c9:ee:f2:a4:
dd:33:ae:06:f2:5d:ed:62:f2:7f:40:5f:00:7e:8b:
bd:97:43:41:4b:20:1c:73:69:de:09:be:11:5c:fa:
fa:aa:31:43:21:8f:7d:38:ff:1a:40:a2:d8:30:02:
d4:a1:35:08:a4:26:ae:d7:0a:4f:89:43:54:a2:af:
c5:a3:e5:32:04:31:b0:0a:00:a1:92:21:8b:ba:f1:
bc:90:25:c1:89:60:9e:03:d0:6e:0a:58:cc:b0:e1:
a4:dd:98:89:aa:b8:75:ac:d0:b8:d1:ec:12:60:64:
ef:cd:e3:39:b7:22:d2:69:37:96:7b:37:96:65:dc:
94:29:24:d5:f2:73:8a:2c:3f:c3:e0:a9:22:e7:3c:
14:af:bb:3b:ae:52:86:e2:06:bd:e7:9e:98:58:50:
a7:92:08:8c:39:80:e2:04:37:ae:6e:cc:21:e2:c7:
de:5e:f2:66:31:b1:63:7b:51:78:38:76:52:64:92:
02:8d:79:9d:63:77:b6:2d:43:01:ba:48:5a:0e:7a:
d0:80:cf:11:f6:d8:e0:2d:a2:a5:71:26:32:93:a5:
3d:76:68:17:a4:b7:61:a9:bd:b8:81:de:7e:aa:cb:
fa:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:7E:06:78:AB:10:9D:93:9F:66:F1:BE:A4:11:50:F5:B5:05:5C:DB
X509v3 Authority Key Identifier:
keyid:FD:B2:75:4D:95:06:30:EB:11:DF:84:E2:85:5C:AA:B7:D1:62:6F:80
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D834/DFBA50B81D8D11E2824DEDEB08B02CD2/_bJ1TZUGMOsR34TihVyqt9Fib4A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_bJ1TZUGMOsR34TihVyqt9Fib4A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D834/DFBA50B81D8D11E2824DEDEB08B02CD2/F62323DEB97911F0A728D041C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.232.152.0/22
103.235.196.0/22
110.34.0.0/19
116.66.192.0/21
163.47.148.0/22
163.53.24.0/23
182.93.64.0/19
202.51.80.0/24
202.51.88.0/23
202.51.92.0/23
202.63.240.0/21
IPv6:
2403:3800::/32
Signature Algorithm: sha256WithRSAEncryption
61:e5:17:5d:b0:3f:66:d7:5f:bd:ad:06:c1:69:59:a2:c6:98:
3f:99:6e:27:6b:8b:54:e1:39:19:f6:24:d4:ef:4d:d9:48:00:
28:91:15:5e:b7:16:ec:0e:be:09:c0:da:2a:48:c4:dc:20:db:
7d:28:ed:68:69:25:b0:c9:65:0d:76:5f:77:a7:6c:4e:37:cf:
15:8c:ae:82:8e:72:54:b6:fb:bc:67:4d:30:92:bd:e3:94:67:
34:05:a8:4c:f3:45:47:eb:10:48:35:cd:4d:97:06:7d:fa:63:
0a:d7:83:5e:3d:68:5e:5f:e9:e4:bb:6f:52:17:ff:4f:06:95:
2d:be:96:34:7d:f4:82:67:cc:8b:e4:dc:d9:2a:f5:d0:9b:19:
1a:24:d7:2c:43:1c:64:42:1b:54:4c:f6:72:ff:fd:5e:c9:52:
06:15:1e:77:ac:2e:b8:f5:5f:0c:a9:d4:5a:1c:d4:36:c2:8e:
10:33:fd:a1:55:40:f2:fb:fe:cb:94:8f:7d:6a:c5:de:4c:0c:
ad:6e:27:ea:e1:be:5a:d4:47:1d:72:01:ea:5a:34:1a:8d:0d:
4d:d2:31:e3:f2:59:12:f0:74:16:ad:25:43:42:12:aa:18:c3:
24:9d:c2:19:42:9c:ba:85:d6:3c:5f:d0:ab:ce:3e:bd:28:44:
7e:68:a8:2a
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgICNTkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQ4MzQxMTAvBgNVBAUTKEZEQjI3NTREOTUwNjMwRUIxMURGODRFMjg1NUNBQUI3
RDE2MjZGODAwHhcNMjUxMTA0MTIyOTUyWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OTA5ZjFjMC03MGQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4bAGIUQWs44mgdDOROsyCH5p8yKJULCu9cnu8qTdM64G8l3tYvJ/QF8Afou9
l0NBSyAcc2neCb4RXPr6qjFDIY99OP8aQKLYMALUoTUIpCau1wpPiUNUoq/Fo+Uy
BDGwCgChkiGLuvG8kCXBiWCeA9BuCljMsOGk3ZiJqrh1rNC40ewSYGTvzeM5tyLS
aTeWezeWZdyUKSTV8nOKLD/D4Kki5zwUr7s7rlKG4ga9556YWFCnkgiMOYDiBDeu
bswh4sfeXvJmMbFje1F4OHZSZJICjXmdY3e2LUMBukhaDnrQgM8R9tjgLaKlcSYy
k6U9dmgXpLdhqb24gd5+qsv64QIDAQABo4IC4DCCAtwwHQYDVR0OBBYEFCN+Bnir
EJ2Tn2bxvqQRUPW1BVzbMB8GA1UdIwQYMBaAFP2ydU2VBjDrEd+E4oVcqrfRYm+A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDgzNC9ERkJBNTBCODFE
OEQxMUUyODI0REVERUIwOEIwMkNEMi9fYkoxVFpVR01Pc1IzNFRpaFZ5cXQ5Rmli
NEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19iSjFUWlVHTU9zUjM0VGloVnlxdDlGaWI0QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQ4MzQvREZCQTUwQjgxRDhEMTFFMjgyNERFREVCMDhCMDJDRDIvRjYyMzIzREVC
OTc5MTFGMEE3MjhEMDQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwagYIKwYBBQUHAQcBAf8E
WzBZMEgEAgABMEIDBAJn6JgDBAJn68QDBAVuIgADBAN0QsADBAKjL5QDBAGjNRgD
BAW2XUADBADKM1ADBAHKM1gDBAHKM1wDBAPKP/AwDQQCAAIwBwMFACQDOAAwDQYJ
KoZIhvcNAQELBQADggEBAGHlF12wP2bXX72tBsFpWaLGmD+Zbidri1ThORn2JNTv
TdlIACiRFV63FuwOvgnA2ipIxNwg230o7WhpJbDJZQ12X3enbE43zxWMroKOclS2
+7xnTTCSveOUZzQFqEzzRUfrEEg1zU2XBn36YwrXg149aF5f6eS7b1IX/08GlS2+
ljR99IJnzIvk3Nkq9dCbGRok1yxDHGRCG1RM9nL//V7JUgYVHnesLrj1Xwyp1Foc
1DbCjhAz/aFVQPL7/suUj31qxd5MDK1uJ+rhvlrURx1yAepaNBqNDU3SMePyWRLw
dBatJUNCEqoYwySdwhlCnLqF1jxf0KvOPr0oRH5oqCo=
-----END CERTIFICATE-----
Generated at Thu Nov 6 01:46:42 2025 by rpki-client