Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/96E3EB58B2B711EEAE882255C4F9AE02.roa
File: 96E3EB58B2B711EEAE882255C4F9AE02.roa (raw, json)
Hash identifier: V45gxxPbP3gB5dgB3aRdYWLo9/HOqXLXWjCDGDuIpeg=
Subject key identifier: BD:84:12:93:4A:E5:99:74:ED:40:A0:95:A3:19:37:14:78:62:D6:5F
Certificate issuer: /CN=A914CCD1/serialNumber=A3D5CF43DE5B3D8B9C343ED449C1690EBE34170E
Certificate serial: 05FA
Authority key identifier: A3:D5:CF:43:DE:5B:3D:8B:9C:34:3E:D4:49:C1:69:0E:BE:34:17:0E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9XPQ95bPYucND7UScFpDr40Fw4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/96E3EB58B2B711EEAE882255C4F9AE02.roa
Signing time: Tue 10 Jun 2025 12:06:32 +0000
ROA not before: Tue 10 Jun 2025 12:06:32 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 139922
IP address blocks: 103.147.62.0/23 maxlen: 24
2405:acc0::/32 maxlen: 32
2405:acc0::/48 maxlen: 48
2405:acc0:1::/48 maxlen: 48
2405:acc0:4::/48 maxlen: 48
2405:acc0:6::/48 maxlen: 48
2405:acc0:8::/48 maxlen: 48
2405:acc0:169::/48 maxlen: 48
2405:acc0:1000::/40 maxlen: 40
2405:acc0:1100::/40 maxlen: 40
2405:acc0:1200::/48 maxlen: 48
2405:acc0:1204::/48 maxlen: 48
2405:acc0:1205::/48 maxlen: 48
2405:acc0:1206::/48 maxlen: 48
2405:acc0:1207::/48 maxlen: 48
2405:acc0:1210::/48 maxlen: 48
2405:acc0:1300::/48 maxlen: 48
2405:acc0:1304::/48 maxlen: 48
2405:acc0:1305::/48 maxlen: 48
2405:acc0:1306::/48 maxlen: 48
2405:acc0:1307::/48 maxlen: 48
2405:acc0:1310::/48 maxlen: 48
2405:acc0:1400::/48 maxlen: 48
2405:acc0:1410::/48 maxlen: 48
2405:acc0:1504::/48 maxlen: 48
2405:acc0:1505::/48 maxlen: 48
2405:acc0:1510::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/o9XPQ95bPYucND7UScFpDr40Fw4.crl
rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/o9XPQ95bPYucND7UScFpDr40Fw4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9XPQ95bPYucND7UScFpDr40Fw4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 25 Jun 2025 22:59:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1530 (0x5fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914CCD1, serialNumber=A3D5CF43DE5B3D8B9C343ED449C1690EBE34170E
Validity
Not Before: Jun 10 12:06:32 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=68481fc8-4ee7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a5:86:3b:8f:82:b0:9e:31:76:aa:94:ba:07:
91:b2:d0:5d:eb:e6:ef:1d:7c:f8:e7:b6:82:19:4f:
de:6a:18:98:61:2c:2a:f3:4c:4a:13:15:06:d3:e2:
b8:4e:d7:19:cc:0c:d1:4f:f4:50:da:1c:d3:4d:b4:
b7:b0:31:87:75:ed:b4:cd:80:41:e4:2a:8e:60:e6:
8f:38:66:e0:52:d1:fa:de:47:b3:e6:e6:66:6a:11:
cc:42:9d:35:07:c7:8f:2a:de:e9:bf:ab:fb:c0:88:
5e:64:20:a2:d8:e6:fd:06:7d:a8:f6:a8:62:9e:d0:
3f:5e:6b:aa:af:c2:6c:cf:e6:41:88:4d:ae:f9:d7:
8e:08:5e:c3:f1:f2:0f:1f:22:a4:8b:83:88:de:48:
19:71:ce:20:74:8d:65:2a:94:55:40:80:d6:23:2c:
c3:0c:d9:f8:81:55:1d:35:6f:e1:75:92:78:4c:e5:
aa:2b:24:ab:1b:50:f7:8f:08:fa:c3:c9:18:9a:2f:
95:d2:c0:67:0f:fe:d1:2a:79:3e:d2:66:98:f8:2e:
92:6e:4a:de:3b:8a:ee:91:31:f8:9e:2b:a3:5c:19:
49:5d:ff:c2:36:0a:40:a6:f9:9d:71:43:67:ec:c5:
6e:ec:68:74:83:24:0e:26:c0:4c:76:dc:0f:8d:b9:
76:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:84:12:93:4A:E5:99:74:ED:40:A0:95:A3:19:37:14:78:62:D6:5F
X509v3 Authority Key Identifier:
keyid:A3:D5:CF:43:DE:5B:3D:8B:9C:34:3E:D4:49:C1:69:0E:BE:34:17:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/o9XPQ95bPYucND7UScFpDr40Fw4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9XPQ95bPYucND7UScFpDr40Fw4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/96E3EB58B2B711EEAE882255C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.147.62.0/23
IPv6:
2405:acc0::/32
Signature Algorithm: sha256WithRSAEncryption
ac:27:77:4c:cd:01:66:f5:67:e2:d6:3d:89:c2:6b:46:61:f3:
94:15:86:9d:47:c5:09:db:24:e9:fc:3c:dd:b4:85:31:ea:bd:
a4:88:4d:99:1c:79:29:53:fe:26:c7:95:74:42:a0:b2:41:66:
13:08:ad:06:a6:d9:da:4e:45:10:0d:1e:3e:64:a0:07:e5:5e:
1c:ab:e6:5e:bf:14:64:7a:96:a1:a4:bb:ba:2d:d9:bb:f9:65:
ec:64:c5:99:c3:ac:25:4f:7d:fe:03:ae:1c:f9:13:23:c5:92:
23:bc:91:9e:98:da:e4:50:33:33:88:6e:7b:53:ea:65:6c:50:
34:09:6e:39:c6:12:93:9b:98:37:78:81:ae:24:fb:41:6d:78:
77:e7:6a:47:22:6d:c5:e7:9a:c2:76:42:a0:28:fe:30:08:aa:
a8:70:55:f4:e7:f8:bc:66:c3:76:9f:82:fa:a2:ee:f6:ff:87:
8f:9d:62:22:82:90:e3:8f:d3:09:ae:bf:2f:51:e7:08:7b:6d:
86:32:82:8d:12:cf:24:83:8b:c7:ac:79:8e:cb:45:7d:6c:5e:
15:b4:b7:93:ba:12:61:7a:fb:18:3d:80:c2:ec:a0:77:c4:7b:
9a:ab:e0:8b:99:58:5c:bf:22:d6:6a:c5:27:d0:21:ed:44:71:
b7:95:6f:33
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBfowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NENDRDExMTAvBgNVBAUTKEEzRDVDRjQzREU1QjNEOEI5QzM0M0VENDQ5QzE2OTBF
QkUzNDE3MEUwHhcNMjUwNjEwMTIwNjMyWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODQ4MWZjOC00ZWU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqaWGO4+CsJ4xdqqUugeRstBd6+bvHXz457aCGU/eahiYYSwq80xKExUG0+K4
TtcZzAzRT/RQ2hzTTbS3sDGHde20zYBB5CqOYOaPOGbgUtH63kez5uZmahHMQp01
B8ePKt7pv6v7wIheZCCi2Ob9Bn2o9qhintA/Xmuqr8Jsz+ZBiE2u+deOCF7D8fIP
HyKki4OI3kgZcc4gdI1lKpRVQIDWIyzDDNn4gVUdNW/hdZJ4TOWqKySrG1D3jwj6
w8kYmi+V0sBnD/7RKnk+0maY+C6SbkreO4rukTH4niujXBlJXf/CNgpApvmdcUNn
7MVu7Gh0gyQOJsBMdtwPjbl2QwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFL2EEpNK
5Zl07UCglaMZNxR4YtZfMB8GA1UdIwQYMBaAFKPVz0PeWz2LnDQ+1EnBaQ6+NBcO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Q0NEMS9BRDdGNDVBNENE
QzQxMUVCQjVGNDgzNTVDNEY5QUUwMi9vOVhQUTk1YlBZdWNORDdVU2NGcERyNDBG
dzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL285WFBROTViUFl1Y05EN1VTY0ZwRHI0MEZ3NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NENDRDEvQUQ3RjQ1QTRDREM0MTFFQkI1RjQ4MzU1QzRGOUFFMDIvOTZFM0VCNThC
MkI3MTFFRUFFODgyMjU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnkz4wDQQCAAIwBwMFACQFrMAwDQYJKoZIhvcNAQELBQAD
ggEBAKwnd0zNAWb1Z+LWPYnCa0Zh85QVhp1HxQnbJOn8PN20hTHqvaSITZkceSlT
/ibHlXRCoLJBZhMIrQam2dpORRANHj5koAflXhyr5l6/FGR6lqGku7ot2bv5Zexk
xZnDrCVPff4Drhz5EyPFkiO8kZ6Y2uRQMzOIbntT6mVsUDQJbjnGEpObmDd4ga4k
+0FteHfnakcibcXnmsJ2QqAo/jAIqqhwVfTn+Lxmw3afgvqi7vb/h4+dYiKCkOOP
0wmuvy9R5wh7bYYygo0SzySDi8eseY7LRX1sXhW0t5O6EmF6+xg9gMLsoHfEe5qr
4IuZWFy/ItZqxSfQIe1EcbeVbzM=
-----END CERTIFICATE-----
Generated at Fri Jun 20 07:13:47 2025 by rpki-client