Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/6AE44D5C3E4511F090A5C643C4F9AE02.roa
File: 6AE44D5C3E4511F090A5C643C4F9AE02.roa (raw, json)
Hash identifier: O5M1jbKU4KBTSC5g58y6skgHkeCwY767jwNIVlihlmc=
Subject key identifier: 2D:7B:3C:BF:67:7E:85:7A:46:D1:ED:AE:0D:63:F3:B1:10:26:1D:72
Certificate issuer: /CN=A91657DD/serialNumber=FBBAC1656A0C63708BCCD60DC825E6C3191A719B
Certificate serial: 0F79
Authority key identifier: FB:BA:C1:65:6A:0C:63:70:8B:CC:D6:0D:C8:25:E6:C3:19:1A:71:9B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-7rBZWoMY3CLzNYNyCXmwxkacZs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/6AE44D5C3E4511F090A5C643C4F9AE02.roa
Signing time: Tue 22 Jul 2025 17:56:44 +0000
ROA not before: Tue 22 Jul 2025 17:56:44 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 63996
IP address blocks: 45.120.112.0/22 maxlen: 24
103.60.172.0/22 maxlen: 24
103.205.68.0/22 maxlen: 24
192.144.86.0/23 maxlen: 24
203.95.220.0/22 maxlen: 24
2400:3240::/32 maxlen: 36
2400:3240:300::/40 maxlen: 40
2400:3240:7000::/42 maxlen: 48
2400:3240:7080::/42 maxlen: 42
2400:3240:7400::/42 maxlen: 42
2400:3240:7440::/42 maxlen: 42
2400:3240:8000::/48 maxlen: 48
2400:3240:9000::/43 maxlen: 43
2400:3240:9020::/43 maxlen: 43
2400:3240:9060::/43 maxlen: 43
2400:3240:9080::/43 maxlen: 43
2400:3240:90a0::/43 maxlen: 43
2400:3240:9100::/43 maxlen: 43
2400:3240:9120::/43 maxlen: 43
2400:3240:91a0::/43 maxlen: 43
2400:3240:91c0::/43 maxlen: 43
2400:3240:91e0::/43 maxlen: 43
2400:3240:9200::/43 maxlen: 43
2400:3240:9240::/43 maxlen: 48
2404:1380::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/-7rBZWoMY3CLzNYNyCXmwxkacZs.crl
rsync://rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/-7rBZWoMY3CLzNYNyCXmwxkacZs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-7rBZWoMY3CLzNYNyCXmwxkacZs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3961 (0xf79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91657DD, serialNumber=FBBAC1656A0C63708BCCD60DC825E6C3191A719B
Validity
Not Before: Jul 22 17:56:44 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=687fd0dc-cff6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a6:4f:a6:e2:be:48:82:56:b5:df:b9:16:59:
ea:0e:ad:49:78:55:e0:72:3a:47:01:77:c4:2d:30:
11:c8:22:0e:48:a3:3b:d7:aa:71:1a:b7:91:71:93:
4e:0f:c4:cb:c0:f9:73:67:dd:33:a5:f6:29:60:9b:
1b:24:1a:d7:81:6e:e5:9d:65:23:fc:8d:e2:15:20:
ec:70:21:72:89:b8:f1:b3:51:95:73:49:e7:db:7f:
81:af:f1:5b:5d:ad:30:8e:62:de:8b:29:3b:35:7b:
e5:d1:e5:ac:7b:74:27:ed:65:af:3c:a8:9a:a9:58:
d4:db:22:20:cc:78:ef:e9:c4:8b:35:5c:e9:cd:96:
90:f0:fa:8b:42:2f:4f:40:67:77:4f:8e:cf:87:54:
c0:55:c6:24:ce:c4:f5:e4:e1:36:9e:dd:1d:e9:e4:
76:28:4f:2c:d5:34:39:ca:a7:c3:15:59:5e:37:a8:
5c:4e:03:ac:ed:20:16:ae:bc:ee:30:0f:f8:51:8f:
3b:0e:23:df:4e:c0:39:bf:12:3b:7a:96:f1:29:b6:
0e:98:ea:e3:0a:c0:bb:db:6f:5f:23:a1:18:28:f0:
7e:92:c2:bc:a5:1d:fa:57:30:5d:2f:51:bb:60:f3:
f6:ae:7b:8e:45:eb:b0:2e:d8:ac:a5:41:c1:49:d2:
df:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:7B:3C:BF:67:7E:85:7A:46:D1:ED:AE:0D:63:F3:B1:10:26:1D:72
X509v3 Authority Key Identifier:
keyid:FB:BA:C1:65:6A:0C:63:70:8B:CC:D6:0D:C8:25:E6:C3:19:1A:71:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/-7rBZWoMY3CLzNYNyCXmwxkacZs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-7rBZWoMY3CLzNYNyCXmwxkacZs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/6AE44D5C3E4511F090A5C643C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.120.112.0/22
103.60.172.0/22
103.205.68.0/22
192.144.86.0/23
203.95.220.0/22
IPv6:
2400:3240::/32
2404:1380::/32
Signature Algorithm: sha256WithRSAEncryption
1d:3d:f7:c7:13:22:f0:87:64:66:5e:ea:2e:23:5f:33:4c:51:
ef:35:55:a1:74:8a:79:f4:2e:c1:d4:e4:2d:2e:6a:b9:7e:ab:
3d:97:07:c9:bb:a9:18:49:6d:08:6e:57:9c:92:8b:8c:cb:3e:
d3:19:34:18:88:24:6f:d6:2f:81:b2:49:35:c7:09:79:1f:60:
fa:1f:17:73:25:63:24:bc:32:4f:e6:c3:6d:4f:f4:57:d8:87:
87:a8:1d:97:01:44:98:87:92:d0:d1:af:6e:fa:ac:11:87:d0:
a6:6e:6d:76:05:79:63:c9:b6:db:1d:81:7b:10:b5:0e:5e:f3:
74:a5:2a:65:87:cc:17:19:c9:3e:b0:8d:d3:d9:07:b1:bf:67:
e2:58:83:8d:c3:04:bd:ff:bd:08:c5:41:9a:6e:82:82:08:c7:
00:1e:2e:fb:de:fa:76:91:aa:60:0c:4c:1e:96:81:6e:d2:01:
51:ee:1a:d9:57:76:a0:7b:65:45:ed:78:b4:74:68:15:45:3f:
91:54:3b:02:10:6d:5e:45:ca:55:3c:80:8b:07:f9:fd:78:77:
67:cf:25:d0:5f:7a:c0:4c:77:c7:01:12:ce:9d:d8:0b:87:83:
90:f2:f7:e6:29:b2:f3:e0:2f:33:62:9b:b2:7f:30:7e:85:eb:
f5:66:3f:ba
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgICD3kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjU3REQxMTAvBgNVBAUTKEZCQkFDMTY1NkEwQzYzNzA4QkNDRDYwREM4MjVFNkMz
MTkxQTcxOUIwHhcNMjUwNzIyMTc1NjQ0WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODdmZDBkYy1jZmY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzKZPpuK+SIJWtd+5FlnqDq1JeFXgcjpHAXfELTARyCIOSKM716pxGreRcZNO
D8TLwPlzZ90zpfYpYJsbJBrXgW7lnWUj/I3iFSDscCFyibjxs1GVc0nn23+Br/Fb
Xa0wjmLeiyk7NXvl0eWse3Qn7WWvPKiaqVjU2yIgzHjv6cSLNVzpzZaQ8PqLQi9P
QGd3T47Ph1TAVcYkzsT15OE2nt0d6eR2KE8s1TQ5yqfDFVleN6hcTgOs7SAWrrzu
MA/4UY87DiPfTsA5vxI7epbxKbYOmOrjCsC7229fI6EYKPB+ksK8pR36VzBdL1G7
YPP2rnuOReuwLtispUHBSdLfgQIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFC17PL9n
foV6RtHtrg1j87EQJh1yMB8GA1UdIwQYMBaAFPu6wWVqDGNwi8zWDcgl5sMZGnGb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTdERC9BRDYxNUY2RTZF
NTYxMUU5QkQ5QjVFNjlDNEY5QUUwMi8tN3JCWldvTVkzQ0x6TllOeUNYbXd4a2Fj
WnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy03ckJaV29NWTNDTHpOWU55Q1htd3hrYWNacy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjU3REQvQUQ2MTVGNkU2RTU2MTFFOUJEOUI1RTY5QzRGOUFFMDIvNkFFNDRENUMz
RTQ1MTFGMDkwQTVDNjQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTQYIKwYBBQUHAQcBAf8E
PjA8MCQEAgABMB4DBAIteHADBAJnPKwDBAJnzUQDBAHAkFYDBALLX9wwFAQCAAIw
DgMFACQAMkADBQAkBBOAMA0GCSqGSIb3DQEBCwUAA4IBAQAdPffHEyLwh2RmXuou
I18zTFHvNVWhdIp59C7B1OQtLmq5fqs9lwfJu6kYSW0IbleckouMyz7TGTQYiCRv
1i+Bskk1xwl5H2D6HxdzJWMkvDJP5sNtT/RX2IeHqB2XAUSYh5LQ0a9u+qwRh9Cm
bm12BXljybbbHYF7ELUOXvN0pSplh8wXGck+sI3T2Qexv2fiWIONwwS9/70IxUGa
boKCCMcAHi773vp2kapgDEweloFu0gFR7hrZV3age2VF7Xi0dGgVRT+RVDsCEG1e
RcpVPICLB/n9eHdnzyXQX3rATHfHARLOndgLh4OQ8vfmKbLz4C8zYpuyfzB+hev1
Zj+6
-----END CERTIFICATE-----
Generated at Mon Aug 11 10:31:38 2025 by rpki-client