Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915BF4F/C5E2D71E041911ED91576528C4F9AE02/42D236F0042111ED888BB024C4F9AE02.roa
File: 42D236F0042111ED888BB024C4F9AE02.roa (raw, json)
Hash identifier: Sw/iVVZQKRk2IehEH8KSZSL+WBhl3LKTM/sZZ2FNR28=
Subject key identifier: 22:C5:A4:0D:DF:EA:12:04:2A:92:92:06:05:E0:77:EC:F1:77:00:E8
Certificate issuer: /CN=A915BF4F/serialNumber=A0DE572A46CF324BAE08C3E930BCAFE739A015D1
Certificate serial: 02B1
Authority key identifier: A0:DE:57:2A:46:CF:32:4B:AE:08:C3:E9:30:BC:AF:E7:39:A0:15:D1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oN5XKkbPMkuuCMPpMLyv5zmgFdE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915BF4F/C5E2D71E041911ED91576528C4F9AE02/42D236F0042111ED888BB024C4F9AE02.roa
Signing time: Thu 03 Jul 2025 02:06:33 +0000
ROA not before: Thu 03 Jul 2025 02:06:33 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 38209
IP address blocks: 103.240.112.0/22 maxlen: 22
103.240.112.0/24 maxlen: 24
103.240.113.0/24 maxlen: 24
103.240.114.0/24 maxlen: 24
103.240.115.0/24 maxlen: 24
120.136.24.0/21 maxlen: 21
120.136.24.0/24 maxlen: 24
120.136.25.0/24 maxlen: 24
120.136.26.0/24 maxlen: 24
120.136.27.0/24 maxlen: 24
120.136.28.0/24 maxlen: 24
120.136.29.0/24 maxlen: 24
120.136.30.0/24 maxlen: 24
120.136.31.0/24 maxlen: 24
124.108.48.0/21 maxlen: 21
124.108.48.0/24 maxlen: 24
124.108.49.0/24 maxlen: 24
124.108.50.0/24 maxlen: 24
124.108.51.0/24 maxlen: 24
124.108.52.0/23 maxlen: 23
124.108.54.0/24 maxlen: 24
124.108.55.0/24 maxlen: 24
183.81.184.0/21 maxlen: 21
183.81.184.0/24 maxlen: 24
183.81.185.0/24 maxlen: 24
183.81.186.0/24 maxlen: 24
183.81.187.0/24 maxlen: 24
183.81.188.0/24 maxlen: 24
183.81.189.0/24 maxlen: 24
183.81.190.0/24 maxlen: 24
183.81.191.0/24 maxlen: 24
2400:d460::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915BF4F/C5E2D71E041911ED91576528C4F9AE02/oN5XKkbPMkuuCMPpMLyv5zmgFdE.crl
rsync://rpki.apnic.net/member_repository/A915BF4F/C5E2D71E041911ED91576528C4F9AE02/oN5XKkbPMkuuCMPpMLyv5zmgFdE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oN5XKkbPMkuuCMPpMLyv5zmgFdE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 689 (0x2b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915BF4F, serialNumber=A0DE572A46CF324BAE08C3E930BCAFE739A015D1
Validity
Not Before: Jul 3 02:06:33 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=6865e5a9-54ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:69:cd:7e:97:eb:5c:ae:cd:2f:5c:bb:e5:5b:
2b:81:35:ca:dc:9a:d9:8a:a6:66:6a:31:86:e2:6f:
06:00:0d:8d:9f:09:33:9e:81:2f:2a:7a:c8:79:3d:
04:07:04:d9:85:36:d2:d0:53:86:da:ba:f2:af:4b:
e8:ff:1c:69:72:5e:0a:fa:28:4c:1c:ba:c3:2e:e3:
c9:e4:d5:a4:49:5a:81:40:09:48:3c:2d:15:d7:ae:
71:b1:fe:34:71:c0:9c:04:8d:3f:71:64:71:dc:de:
2a:1e:a9:31:23:45:13:3d:9c:a5:30:b0:1f:c9:49:
54:22:4c:22:19:ad:53:00:33:fd:d8:4a:7d:14:01:
56:e3:d0:3e:50:5d:1a:43:6a:21:2a:52:f6:75:e7:
2b:1e:4e:65:ba:0c:67:e2:12:0c:24:e8:f6:41:3c:
3c:ad:a4:fa:db:25:65:a6:9e:b2:e0:94:34:e9:ec:
c0:85:14:ce:ce:7a:53:67:92:b7:54:2b:ba:0f:08:
82:ef:95:b5:e8:e1:96:31:db:01:af:74:d5:d9:24:
0a:aa:1d:fa:ca:70:cd:81:ee:65:d2:2f:55:77:11:
8a:b6:88:48:95:33:cf:a7:4e:ed:df:be:b2:ee:ab:
9b:e9:a3:10:ca:9f:67:b0:04:fc:2b:50:7a:44:9b:
56:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:C5:A4:0D:DF:EA:12:04:2A:92:92:06:05:E0:77:EC:F1:77:00:E8
X509v3 Authority Key Identifier:
keyid:A0:DE:57:2A:46:CF:32:4B:AE:08:C3:E9:30:BC:AF:E7:39:A0:15:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915BF4F/C5E2D71E041911ED91576528C4F9AE02/oN5XKkbPMkuuCMPpMLyv5zmgFdE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oN5XKkbPMkuuCMPpMLyv5zmgFdE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915BF4F/C5E2D71E041911ED91576528C4F9AE02/42D236F0042111ED888BB024C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.240.112.0/22
120.136.24.0/21
124.108.48.0/21
183.81.184.0/21
IPv6:
2400:d460::/32
Signature Algorithm: sha256WithRSAEncryption
09:8e:db:9a:5c:fd:7f:43:25:8f:88:ef:8a:ed:19:08:bd:20:
c4:ff:3d:e2:ed:92:63:6d:ce:95:f7:53:78:a9:6a:84:c3:10:
1c:77:f0:16:a5:18:e8:8c:97:89:35:9e:a7:c4:08:d1:c9:3f:
4b:45:a7:90:bf:f1:1b:31:4d:59:5b:a6:52:64:6f:37:ff:9b:
9b:4c:4c:b6:b1:63:1d:a2:b2:f1:9c:73:6e:ab:e6:bf:1f:47:
6c:e6:bc:b3:09:5d:9b:86:15:14:13:e7:17:63:86:5d:16:1a:
c3:46:52:85:d9:aa:3d:9d:38:0b:55:44:a9:ec:91:f8:bb:b1:
9f:85:96:3c:16:a4:64:30:53:54:45:4e:05:f5:21:f8:4c:18:
76:76:b0:6a:bd:a7:7c:b5:df:23:27:3d:4f:77:0b:ef:c8:68:
30:3f:63:df:f3:25:1d:a6:e2:bf:c9:60:dc:d9:5c:51:2c:23:
15:4c:d0:35:72:85:17:23:66:83:9f:20:99:d1:f3:fe:f2:d7:
67:38:c6:1f:2d:46:0d:cb:cb:2f:2c:85:d0:68:f9:e2:16:87:
a5:2b:58:1e:43:e4:a0:26:7a:7f:ad:b7:5f:5b:2b:84:e9:69:
c3:43:2f:35:dd:a9:c7:5b:12:c2:53:14:06:36:53:08:31:df:
b3:c7:8e:c0
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICArEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUJGNEYxMTAvBgNVBAUTKEEwREU1NzJBNDZDRjMyNEJBRTA4QzNFOTMwQkNBRkU3
MzlBMDE1RDEwHhcNMjUwNzAzMDIwNjMzWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODY1ZTVhOS01NGZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7mnNfpfrXK7NL1y75VsrgTXK3JrZiqZmajGG4m8GAA2NnwkznoEvKnrIeT0E
BwTZhTbS0FOG2rryr0vo/xxpcl4K+ihMHLrDLuPJ5NWkSVqBQAlIPC0V165xsf40
ccCcBI0/cWRx3N4qHqkxI0UTPZylMLAfyUlUIkwiGa1TADP92Ep9FAFW49A+UF0a
Q2ohKlL2decrHk5lugxn4hIMJOj2QTw8raT62yVlpp6y4JQ06ezAhRTOznpTZ5K3
VCu6DwiC75W16OGWMdsBr3TV2SQKqh36ynDNge5l0i9VdxGKtohIlTPPp07t376y
7qub6aMQyp9nsAT8K1B6RJtWqQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFCLFpA3f
6hIEKpKSBgXgd+zxdwDoMB8GA1UdIwQYMBaAFKDeVypGzzJLrgjD6TC8r+c5oBXR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QkY0Ri9DNUUyRDcxRTA0
MTkxMUVEOTE1NzY1MjhDNEY5QUUwMi9vTjVYS2tiUE1rdXVDTVBwTUx5djV6bWdG
ZEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29ONVhLa2JQTWt1dUNNUHBNTHl2NXptZ0ZkRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUJGNEYvQzVFMkQ3MUUwNDE5MTFFRDkxNTc2NTI4QzRGOUFFMDIvNDJEMjM2RjAw
NDIxMTFFRDg4OEJCMDI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAJn8HADBAN4iBgDBAN8bDADBAO3UbgwDQQCAAIwBwMFACQA
1GAwDQYJKoZIhvcNAQELBQADggEBAAmO25pc/X9DJY+I74rtGQi9IMT/PeLtkmNt
zpX3U3ipaoTDEBx38BalGOiMl4k1nqfECNHJP0tFp5C/8RsxTVlbplJkbzf/m5tM
TLaxYx2isvGcc26r5r8fR2zmvLMJXZuGFRQT5xdjhl0WGsNGUoXZqj2dOAtVRKns
kfi7sZ+FljwWpGQwU1RFTgX1IfhMGHZ2sGq9p3y13yMnPU93C+/IaDA/Y9/zJR2m
4r/JYNzZXFEsIxVM0DVyhRcjZoOfIJnR8/7y12c4xh8tRg3Lyy8shdBo+eIWh6Ur
WB5D5KAmen+tt19bK4TpacNDLzXdqcdbEsJTFAY2Uwgx37PHjsA=
-----END CERTIFICATE-----
Generated at Sun Aug 10 13:43:05 2025 by rpki-client