Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915BF4F/C5E2D71E041911ED91576528C4F9AE02/41F88F22042111ED888BB024C4F9AE02.roa
File: 41F88F22042111ED888BB024C4F9AE02.roa (raw, json)
Hash identifier: bOo49vshLt+uwGwclaQ/vUkNjrTzsnBMVbUbDnocL6Q=
Subject key identifier: DD:4A:77:9A:79:BC:FD:CB:C8:52:8D:7C:D9:79:5B:1B:24:04:1D:2D
Certificate issuer: /CN=A915BF4F/serialNumber=A0DE572A46CF324BAE08C3E930BCAFE739A015D1
Certificate serial: 02B0
Authority key identifier: A0:DE:57:2A:46:CF:32:4B:AE:08:C3:E9:30:BC:AF:E7:39:A0:15:D1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oN5XKkbPMkuuCMPpMLyv5zmgFdE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915BF4F/C5E2D71E041911ED91576528C4F9AE02/41F88F22042111ED888BB024C4F9AE02.roa
Signing time: Thu 03 Jul 2025 02:06:32 +0000
ROA not before: Thu 03 Jul 2025 02:06:32 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 132730
IP address blocks: 103.240.112.0/22 maxlen: 22
103.240.112.0/24 maxlen: 24
103.240.113.0/24 maxlen: 24
103.240.114.0/24 maxlen: 24
103.240.115.0/24 maxlen: 24
120.136.24.0/21 maxlen: 21
120.136.24.0/24 maxlen: 24
120.136.25.0/24 maxlen: 24
120.136.26.0/24 maxlen: 24
120.136.27.0/24 maxlen: 24
120.136.28.0/24 maxlen: 24
120.136.29.0/24 maxlen: 24
120.136.30.0/24 maxlen: 24
120.136.31.0/24 maxlen: 24
124.108.48.0/21 maxlen: 21
124.108.48.0/24 maxlen: 24
124.108.49.0/24 maxlen: 24
124.108.50.0/24 maxlen: 24
124.108.51.0/24 maxlen: 24
124.108.52.0/23 maxlen: 24
124.108.54.0/24 maxlen: 24
124.108.55.0/24 maxlen: 24
183.81.184.0/21 maxlen: 21
183.81.184.0/24 maxlen: 24
183.81.185.0/24 maxlen: 24
183.81.186.0/24 maxlen: 24
183.81.187.0/24 maxlen: 24
183.81.188.0/24 maxlen: 24
183.81.189.0/24 maxlen: 24
183.81.190.0/24 maxlen: 24
183.81.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915BF4F/C5E2D71E041911ED91576528C4F9AE02/oN5XKkbPMkuuCMPpMLyv5zmgFdE.crl
rsync://rpki.apnic.net/member_repository/A915BF4F/C5E2D71E041911ED91576528C4F9AE02/oN5XKkbPMkuuCMPpMLyv5zmgFdE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oN5XKkbPMkuuCMPpMLyv5zmgFdE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 688 (0x2b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915BF4F, serialNumber=A0DE572A46CF324BAE08C3E930BCAFE739A015D1
Validity
Not Before: Jul 3 02:06:32 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=6865e5a8-a207
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e6:43:63:ee:4c:9a:6e:0f:8d:fa:de:54:46:
ed:24:36:9b:bf:e6:6b:ac:d0:41:08:30:25:88:d3:
95:aa:6b:42:dc:90:db:5a:ff:9a:4a:3e:32:0c:bb:
eb:88:90:b3:48:e7:3b:61:b5:a9:4e:d4:56:60:42:
72:5b:59:70:9c:83:86:00:b1:c9:97:64:bb:92:31:
b7:b4:aa:13:1b:9e:f3:60:fc:8e:7c:99:6f:41:f4:
41:5c:58:49:17:3c:05:86:97:f2:df:68:a7:82:76:
b7:e6:5d:6e:ed:26:9b:91:07:dd:e9:e9:23:d9:90:
86:bd:c7:ef:4a:7e:89:ac:14:70:db:58:5a:1d:da:
f5:1e:4c:fb:6d:e3:4e:15:44:94:fb:ca:1b:c9:a7:
3b:11:66:09:f9:0c:3d:6d:12:2e:00:32:ac:c0:0f:
d1:ad:07:2d:78:ce:d7:29:b8:83:c5:1d:f7:53:1d:
19:ef:bf:d8:a7:ff:2d:3c:0f:54:c4:45:04:27:7d:
66:9a:2a:43:2d:87:2d:fa:93:75:50:cb:be:4d:f0:
e8:d5:65:7b:4f:a1:a6:c9:b8:e3:00:2d:34:97:74:
ea:d8:df:12:13:3e:af:ee:d7:a2:fb:52:cb:6e:b2:
64:dc:f6:fc:29:e6:ae:3e:81:84:22:e0:c3:d7:62:
2c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:4A:77:9A:79:BC:FD:CB:C8:52:8D:7C:D9:79:5B:1B:24:04:1D:2D
X509v3 Authority Key Identifier:
keyid:A0:DE:57:2A:46:CF:32:4B:AE:08:C3:E9:30:BC:AF:E7:39:A0:15:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915BF4F/C5E2D71E041911ED91576528C4F9AE02/oN5XKkbPMkuuCMPpMLyv5zmgFdE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oN5XKkbPMkuuCMPpMLyv5zmgFdE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915BF4F/C5E2D71E041911ED91576528C4F9AE02/41F88F22042111ED888BB024C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.240.112.0/22
120.136.24.0/21
124.108.48.0/21
183.81.184.0/21
Signature Algorithm: sha256WithRSAEncryption
13:b2:59:7a:57:b7:ee:89:c6:94:56:77:38:48:62:66:75:0f:
ba:67:41:a0:9d:bd:1a:9e:7d:89:8d:ed:59:0c:b6:bd:6c:6d:
e0:cc:cc:fd:d4:43:9a:1e:93:0d:db:74:09:cb:e3:06:c5:f5:
d5:56:4e:c3:07:df:60:7f:5b:ad:e5:65:bd:e9:d7:11:6c:98:
26:d2:08:31:08:d7:9b:2c:4c:66:ec:1b:e8:41:6c:27:21:90:
38:8f:26:fd:91:1e:00:a1:b2:1f:f0:de:80:29:86:62:d7:43:
0d:88:4c:71:91:7f:40:21:a4:3d:a8:93:41:68:e6:0c:ed:ce:
cb:4a:e6:87:ad:4d:fd:3b:61:78:4a:00:7d:05:7f:4d:75:12:
bf:fe:a8:69:44:1f:65:de:29:99:53:1e:7b:d6:5a:06:26:51:
aa:a1:e4:27:d4:06:ac:8f:bc:4f:8c:b1:29:45:03:af:d5:61:
e0:51:1f:7c:0e:2a:5c:a9:44:41:bc:0e:f2:4a:aa:08:0d:a2:
69:6b:32:0e:54:21:33:bc:99:ea:e1:93:e4:a9:92:26:fc:03:
02:8d:eb:9d:84:ec:4b:71:5b:46:59:24:d2:b4:ac:6b:27:70:
03:e7:19:f4:72:cd:bc:f8:3f:18:35:9e:ea:bc:cd:da:35:a5:
3a:5d:40:9e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICArAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUJGNEYxMTAvBgNVBAUTKEEwREU1NzJBNDZDRjMyNEJBRTA4QzNFOTMwQkNBRkU3
MzlBMDE1RDEwHhcNMjUwNzAzMDIwNjMyWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODY1ZTVhOC1hMjA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy+ZDY+5Mmm4PjfreVEbtJDabv+ZrrNBBCDAliNOVqmtC3JDbWv+aSj4yDLvr
iJCzSOc7YbWpTtRWYEJyW1lwnIOGALHJl2S7kjG3tKoTG57zYPyOfJlvQfRBXFhJ
FzwFhpfy32ingna35l1u7SabkQfd6ekj2ZCGvcfvSn6JrBRw21haHdr1Hkz7beNO
FUSU+8obyac7EWYJ+Qw9bRIuADKswA/RrQcteM7XKbiDxR33Ux0Z77/Yp/8tPA9U
xEUEJ31mmipDLYct+pN1UMu+TfDo1WV7T6GmybjjAC00l3Tq2N8SEz6v7tei+1LL
brJk3Pb8KeauPoGEIuDD12IsrQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFN1Kd5p5
vP3LyFKNfNl5WxskBB0tMB8GA1UdIwQYMBaAFKDeVypGzzJLrgjD6TC8r+c5oBXR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QkY0Ri9DNUUyRDcxRTA0
MTkxMUVEOTE1NzY1MjhDNEY5QUUwMi9vTjVYS2tiUE1rdXVDTVBwTUx5djV6bWdG
ZEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29ONVhLa2JQTWt1dUNNUHBNTHl2NXptZ0ZkRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUJGNEYvQzVFMkQ3MUUwNDE5MTFFRDkxNTc2NTI4QzRGOUFFMDIvNDFGODhGMjIw
NDIxMTFFRDg4OEJCMDI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAJn8HADBAN4iBgDBAN8bDADBAO3UbgwDQYJKoZIhvcNAQEL
BQADggEBABOyWXpXt+6JxpRWdzhIYmZ1D7pnQaCdvRqefYmN7VkMtr1sbeDMzP3U
Q5oekw3bdAnL4wbF9dVWTsMH32B/W63lZb3p1xFsmCbSCDEI15ssTGbsG+hBbCch
kDiPJv2RHgChsh/w3oAphmLXQw2ITHGRf0AhpD2ok0Fo5gztzstK5oetTf07YXhK
AH0Ff011Er/+qGlEH2XeKZlTHnvWWgYmUaqh5CfUBqyPvE+MsSlFA6/VYeBRH3wO
KlypREG8DvJKqggNomlrMg5UITO8merhk+Spkib8AwKN652E7EtxW0ZZJNK0rGsn
cAPnGfRyzbz4Pxg1nuq8zdo1pTpdQJ4=
-----END CERTIFICATE-----
Generated at Sun Aug 10 13:43:33 2025 by rpki-client