Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/EBD5A3CA6B8711EFB0476280C4F9AE02.roa
File: EBD5A3CA6B8711EFB0476280C4F9AE02.roa (raw, json)
Hash identifier: CEN7jfWU1vPpLzR5uzYZhWk4C138cZA3lkf/fBKS00g=
Subject key identifier: DA:64:C5:70:6E:F1:5D:6A:A0:EF:03:A7:3E:8B:83:7E:35:7E:53:54
Certificate issuer: /CN=A91697FA/serialNumber=9F82DBC9466312C5BA2E921279302400956A982A
Certificate serial: 35E3
Authority key identifier: 9F:82:DB:C9:46:63:12:C5:BA:2E:92:12:79:30:24:00:95:6A:98:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n4LbyUZjEsW6LpISeTAkAJVqmCo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/EBD5A3CA6B8711EFB0476280C4F9AE02.roa
Signing time: Thu 24 Jul 2025 14:50:43 +0000
ROA not before: Thu 24 Jul 2025 14:50:43 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 7693
IP address blocks: 58.181.128.0/17 maxlen: 17
58.181.128.0/20 maxlen: 20
58.181.144.0/20 maxlen: 20
58.181.146.0/23 maxlen: 23
58.181.160.0/20 maxlen: 20
58.181.176.0/20 maxlen: 20
58.181.192.0/20 maxlen: 20
58.181.200.0/24 maxlen: 24
58.181.208.0/20 maxlen: 20
58.181.212.0/24 maxlen: 24
58.181.224.0/20 maxlen: 20
58.181.225.0/24 maxlen: 24
58.181.240.0/20 maxlen: 20
58.181.248.0/23 maxlen: 23
58.181.252.0/22 maxlen: 22
103.19.104.0/22 maxlen: 22
202.44.144.0/24 maxlen: 24
202.149.96.0/19 maxlen: 19
202.149.96.0/20 maxlen: 20
202.149.112.0/20 maxlen: 20
203.107.128.0/17 maxlen: 17
203.107.128.0/20 maxlen: 20
203.107.129.0/24 maxlen: 24
203.107.130.0/24 maxlen: 24
203.107.144.0/20 maxlen: 20
203.107.160.0/20 maxlen: 20
203.107.176.0/20 maxlen: 20
203.107.192.0/20 maxlen: 20
203.107.192.0/24 maxlen: 24
203.107.208.0/20 maxlen: 20
203.107.224.0/20 maxlen: 20
203.107.231.0/24 maxlen: 24
203.107.240.0/20 maxlen: 20
203.107.255.0/24 maxlen: 24
203.155.0.0/16 maxlen: 16
203.155.0.0/20 maxlen: 20
203.155.0.0/23 maxlen: 23
203.155.16.0/20 maxlen: 20
203.155.32.0/20 maxlen: 20
203.155.42.0/24 maxlen: 24
203.155.48.0/20 maxlen: 20
203.155.54.0/23 maxlen: 23
203.155.64.0/20 maxlen: 20
203.155.66.0/24 maxlen: 24
203.155.80.0/20 maxlen: 20
203.155.96.0/20 maxlen: 20
203.155.112.0/20 maxlen: 20
203.155.128.0/20 maxlen: 20
203.155.144.0/20 maxlen: 20
203.155.160.0/20 maxlen: 20
203.155.176.0/20 maxlen: 20
203.155.192.0/20 maxlen: 20
203.155.208.0/20 maxlen: 20
203.155.219.0/24 maxlen: 24
203.155.224.0/20 maxlen: 20
203.155.240.0/20 maxlen: 20
203.155.253.0/24 maxlen: 24
203.155.255.0/24 maxlen: 24
203.188.0.0/18 maxlen: 18
203.188.0.0/20 maxlen: 24
203.188.32.0/20 maxlen: 24
203.195.96.0/20 maxlen: 20
203.195.105.0/24 maxlen: 24
203.209.0.0/18 maxlen: 18
203.209.0.0/20 maxlen: 20
203.209.16.0/20 maxlen: 20
203.209.32.0/20 maxlen: 20
203.209.48.0/20 maxlen: 20
203.209.64.0/18 maxlen: 18
203.209.64.0/20 maxlen: 20
203.209.75.0/24 maxlen: 24
203.209.80.0/20 maxlen: 20
203.209.93.0/24 maxlen: 24
203.209.96.0/20 maxlen: 20
203.209.112.0/20 maxlen: 20
203.209.122.0/24 maxlen: 24
203.209.123.0/24 maxlen: 24
203.209.125.0/24 maxlen: 24
2405:a000::/32 maxlen: 32
2405:a000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/n4LbyUZjEsW6LpISeTAkAJVqmCo.crl
rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/n4LbyUZjEsW6LpISeTAkAJVqmCo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n4LbyUZjEsW6LpISeTAkAJVqmCo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13795 (0x35e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91697FA, serialNumber=9F82DBC9466312C5BA2E921279302400956A982A
Validity
Not Before: Jul 24 14:50:43 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=68824843-8f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:56:0d:ab:d7:15:e2:db:c8:32:b6:b1:dc:89:
01:45:90:c6:46:6e:71:8e:05:63:75:45:84:bc:49:
00:07:0e:93:0f:4b:ba:75:6e:8f:77:0f:61:57:11:
af:b8:8e:6d:f5:f5:f6:75:5a:5d:9b:fa:21:bd:86:
33:e8:71:d0:f4:c7:72:db:7d:ec:d2:ff:8e:3f:01:
9e:04:67:68:3e:48:14:e6:c0:fb:c1:1e:80:3f:b6:
3a:23:62:f6:51:75:d9:60:64:0d:0a:0d:1a:a5:e4:
e3:62:94:25:4c:1e:87:fb:eb:a7:30:60:65:ac:06:
86:0f:b5:d5:ef:05:f4:46:88:7a:4c:6d:cf:0e:45:
e8:f7:4f:d7:2f:fe:9e:b2:af:1a:f5:59:37:31:c5:
bc:a3:30:08:9b:0d:4f:93:67:9c:3c:79:9c:a6:ae:
f0:3e:02:01:d9:84:a5:27:19:f9:78:66:76:21:cf:
32:7f:36:2f:78:14:d2:b9:39:88:83:45:03:8e:da:
64:df:b2:f4:6b:76:6a:ec:19:4e:ec:68:03:8a:80:
46:0a:03:7d:7d:cf:b0:bb:3b:49:47:d6:27:b2:35:
81:dd:14:da:ca:c5:d9:9c:bd:42:26:ae:9d:87:0b:
37:52:9e:b3:a8:47:ba:58:6f:31:9f:40:c9:46:cd:
b7:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:64:C5:70:6E:F1:5D:6A:A0:EF:03:A7:3E:8B:83:7E:35:7E:53:54
X509v3 Authority Key Identifier:
keyid:9F:82:DB:C9:46:63:12:C5:BA:2E:92:12:79:30:24:00:95:6A:98:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/n4LbyUZjEsW6LpISeTAkAJVqmCo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n4LbyUZjEsW6LpISeTAkAJVqmCo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/EBD5A3CA6B8711EFB0476280C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.181.128.0/17
103.19.104.0/22
202.44.144.0/24
202.149.96.0/19
203.107.128.0/17
203.155.0.0/16
203.188.0.0/18
203.195.96.0/20
203.209.0.0/17
IPv6:
2405:a000::/32
Signature Algorithm: sha256WithRSAEncryption
09:a1:3c:d8:2f:33:ee:d0:97:62:59:ce:24:e6:40:cc:d7:aa:
a1:c8:99:6f:0f:ee:6f:43:04:8b:e7:7f:b6:72:72:bf:57:a9:
7d:00:38:4a:f8:5c:5a:1e:94:09:45:23:d1:ce:76:35:d5:d3:
3a:2d:1f:49:9d:88:cf:4a:70:0e:fc:76:20:1b:43:6e:43:4d:
66:37:a7:38:f3:df:b7:62:d8:9f:a1:ea:cc:e7:c5:c5:e4:43:
94:15:53:f8:a5:d8:d9:76:40:a2:7b:92:ec:18:82:1e:ac:4a:
7b:22:bb:ab:1f:32:1d:2c:4a:b9:ac:c2:65:79:ce:aa:4e:2a:
56:de:b7:c5:07:b1:7c:fe:ea:e3:e3:1a:f4:54:ad:6f:a4:d3:
03:b0:48:13:61:b2:46:d8:83:73:f0:09:d4:1f:37:a2:76:72:
35:b6:2e:84:d9:95:1d:88:1c:ef:cf:23:be:9c:78:29:6b:ab:
bc:7e:9b:75:86:d4:5a:d6:0e:be:04:6f:9e:cc:dd:c0:c7:4e:
96:e7:4c:50:23:e4:ea:39:b1:50:be:66:85:de:d3:b7:89:2d:
d2:ed:2a:09:1b:e0:df:2f:70:4f:31:b5:24:94:ad:c1:6a:b2:
5a:ea:6a:44:78:a9:1b:0c:d1:4d:31:46:2f:c2:8e:34:3c:60:
47:fd:b8:69
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgICNeMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Njk3RkExMTAvBgNVBAUTKDlGODJEQkM5NDY2MzEyQzVCQTJFOTIxMjc5MzAyNDAw
OTU2QTk4MkEwHhcNMjUwNzI0MTQ1MDQzWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODgyNDg0My04ZjVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw1YNq9cV4tvIMrax3IkBRZDGRm5xjgVjdUWEvEkABw6TD0u6dW6Pdw9hVxGv
uI5t9fX2dVpdm/ohvYYz6HHQ9Mdy233s0v+OPwGeBGdoPkgU5sD7wR6AP7Y6I2L2
UXXZYGQNCg0apeTjYpQlTB6H++unMGBlrAaGD7XV7wX0Roh6TG3PDkXo90/XL/6e
sq8a9Vk3McW8ozAImw1Pk2ecPHmcpq7wPgIB2YSlJxn5eGZ2Ic8yfzYveBTSuTmI
g0UDjtpk37L0a3Zq7BlO7GgDioBGCgN9fc+wuztJR9YnsjWB3RTaysXZnL1CJq6d
hws3Up6zqEe6WG8xn0DJRs23IQIDAQABo4IC0zCCAs8wHQYDVR0OBBYEFNpkxXBu
8V1qoO8Dpz6Lg341flNUMB8GA1UdIwQYMBaAFJ+C28lGYxLFui6SEnkwJACVapgq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OTdGQS8yN0Y4M0I3MDFE
ODMxMUUyOTMyOTIxRDgwOEIwMkNEMi9uNExieVVaakVzVzZMcElTZVRBa0FKVnFt
Q28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL240TGJ5VVpqRXNXNkxwSVNlVEFrQUpWcW1Dby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Njk3RkEvMjdGODNCNzAxRDgzMTFFMjkzMjkyMUQ4MDhCMDJDRDIvRUJENUEzQ0E2
Qjg3MTFFRkIwNDc2MjgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXQYIKwYBBQUHAQcBAf8E
TjBMMDsEAgABMDUDBAc6tYADBAJnE2gDBADKLJADBAXKlWADBAfLa4ADAwDLmwME
Bsu8AAMEBMvDYAMEB8vRADANBAIAAjAHAwUAJAWgADANBgkqhkiG9w0BAQsFAAOC
AQEACaE82C8z7tCXYlnOJOZAzNeqociZbw/ub0MEi+d/tnJyv1epfQA4SvhcWh6U
CUUj0c52NdXTOi0fSZ2Iz0pwDvx2IBtDbkNNZjenOPPft2LYn6HqzOfFxeRDlBVT
+KXY2XZAonuS7BiCHqxKeyK7qx8yHSxKuazCZXnOqk4qVt63xQexfP7q4+Ma9FSt
b6TTA7BIE2GyRtiDc/AJ1B83onZyNbYuhNmVHYgc788jvpx4KWurvH6bdYbUWtYO
vgRvnszdwMdOludMUCPk6jmxUL5mhd7Tt4kt0u0qCRvg3y9wTzG1JJStwWqyWupq
RHipGwzRTTFGL8KONDxgR/24aQ==
-----END CERTIFICATE-----
Generated at Mon Aug 11 01:49:32 2025 by rpki-client