Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916CE83/9564191A43B811E9ABA22A34C4F9AE02/6657C8D243B911E9AE253437C4F9AE02.roa
File: 6657C8D243B911E9AE253437C4F9AE02.roa (raw, json)
Hash identifier: aqDXfi1cpey7rrA0hnZOJDeXkzojciPz9haEnhZerHw=
Subject key identifier: 0B:43:CB:5F:F6:4E:63:E4:B2:FC:2C:5D:0A:D1:12:FA:F7:01:D2:C6
Certificate issuer: /CN=A916CE83/serialNumber=B066E241050C38C349CB25D44014450F4F5018AE
Certificate serial: 1053
Authority key identifier: B0:66:E2:41:05:0C:38:C3:49:CB:25:D4:40:14:45:0F:4F:50:18:AE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGbiQQUMOMNJyyXUQBRFD09QGK4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916CE83/9564191A43B811E9ABA22A34C4F9AE02/6657C8D243B911E9AE253437C4F9AE02.roa
Signing time: Sat 19 Jul 2025 08:20:52 +0000
ROA not before: Sat 19 Jul 2025 08:20:52 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 138600
IP address blocks: 103.134.56.0/22 maxlen: 22
103.134.56.0/23 maxlen: 23
103.134.56.0/24 maxlen: 24
103.134.57.0/24 maxlen: 24
103.134.58.0/23 maxlen: 23
103.134.58.0/24 maxlen: 24
103.134.59.0/24 maxlen: 24
2401:84e0::/32 maxlen: 32
2401:84e0:2::/48 maxlen: 48
2401:84e0:3::/48 maxlen: 48
2401:84e0:4::/48 maxlen: 48
2401:84e0:5::/48 maxlen: 48
2401:84e0:6::/48 maxlen: 48
2401:84e0:7::/48 maxlen: 48
2401:84e0:8::/48 maxlen: 48
2401:84e0:9::/48 maxlen: 48
2401:84e0:a::/48 maxlen: 48
2401:84e0:b::/48 maxlen: 48
2401:84e0:c::/48 maxlen: 48
2401:84e0:d::/48 maxlen: 48
2401:84e0:e::/48 maxlen: 48
2401:84e0:f::/48 maxlen: 48
2401:84e0:10::/48 maxlen: 48
2401:84e0:11::/48 maxlen: 48
2401:84e0:12::/48 maxlen: 48
2401:84e0:13::/48 maxlen: 48
2401:84e0:14::/48 maxlen: 48
2401:84e0:15::/48 maxlen: 48
2401:84e0:16::/48 maxlen: 48
2401:84e0:17::/48 maxlen: 48
2401:84e0:18::/48 maxlen: 48
2401:84e0:19::/48 maxlen: 48
2401:84e0:1a::/48 maxlen: 48
2401:84e0:1b::/48 maxlen: 48
2401:84e0:1c::/48 maxlen: 48
2401:84e0:1d::/48 maxlen: 48
2401:84e0:1e::/48 maxlen: 48
2401:84e0:1f::/48 maxlen: 48
2401:84e0:20::/48 maxlen: 48
2401:84e0:21::/48 maxlen: 48
2401:84e0:22::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916CE83/9564191A43B811E9ABA22A34C4F9AE02/sGbiQQUMOMNJyyXUQBRFD09QGK4.crl
rsync://rpki.apnic.net/member_repository/A916CE83/9564191A43B811E9ABA22A34C4F9AE02/sGbiQQUMOMNJyyXUQBRFD09QGK4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGbiQQUMOMNJyyXUQBRFD09QGK4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4179 (0x1053)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916CE83, serialNumber=B066E241050C38C349CB25D44014450F4F5018AE
Validity
Not Before: Jul 19 08:20:52 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=687b5564-b9dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c4:fa:b8:db:bb:b3:65:0a:22:9e:d7:da:5c:
7d:29:7f:59:3d:70:51:e7:b9:f1:b3:ac:ae:1c:a0:
43:28:d9:47:66:a1:5b:f6:1f:32:a1:b6:6f:ed:ea:
2d:0f:9d:77:5a:c2:17:dc:5b:bd:4c:35:85:33:66:
aa:b8:59:56:ec:4b:27:27:d7:72:24:5a:d6:0c:b2:
8f:7d:c2:0c:bb:82:c4:fe:bc:95:60:d2:5b:08:db:
11:3f:7c:ef:5d:54:0e:2f:89:29:15:cd:e4:ad:cf:
62:42:30:35:c6:1b:85:af:e5:b4:10:b8:9e:fd:39:
e4:de:a4:14:ba:51:d7:99:7c:cd:b2:69:00:7e:73:
e4:48:a7:23:34:dc:74:b1:4d:e2:78:5e:03:6e:77:
d0:20:ed:42:f8:6b:c9:80:9c:93:4a:e1:ec:f0:86:
d1:d0:0b:88:6a:63:8c:37:e9:8d:91:ac:c0:53:b0:
a8:74:bf:5b:61:4e:c3:5c:0d:7f:07:74:24:ba:d7:
77:95:ad:78:dd:e3:62:32:43:57:e3:7d:65:b5:0e:
42:87:41:1f:73:4c:42:ae:a4:20:c8:8a:7d:29:f3:
1f:3e:45:49:ce:57:11:f6:43:64:a9:96:ae:c8:e9:
54:85:4c:17:cc:16:80:53:94:5c:fe:0a:8d:78:ca:
8f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:43:CB:5F:F6:4E:63:E4:B2:FC:2C:5D:0A:D1:12:FA:F7:01:D2:C6
X509v3 Authority Key Identifier:
keyid:B0:66:E2:41:05:0C:38:C3:49:CB:25:D4:40:14:45:0F:4F:50:18:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916CE83/9564191A43B811E9ABA22A34C4F9AE02/sGbiQQUMOMNJyyXUQBRFD09QGK4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGbiQQUMOMNJyyXUQBRFD09QGK4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916CE83/9564191A43B811E9ABA22A34C4F9AE02/6657C8D243B911E9AE253437C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.134.56.0/22
IPv6:
2401:84e0::/32
Signature Algorithm: sha256WithRSAEncryption
41:fd:a2:d4:4a:b5:f9:21:b8:e2:e7:3e:ca:ad:a2:4a:3c:ed:
e5:c7:e4:53:97:10:6a:38:ad:78:33:89:85:f4:92:0c:63:84:
4a:d2:38:d5:e3:67:13:fe:58:0e:7a:3a:3a:de:77:74:d7:5b:
8e:7c:c1:70:8c:f9:6f:48:6d:ba:b5:a6:06:9a:7f:67:96:7c:
23:43:8e:ff:0c:43:c3:e0:27:16:20:b6:f7:06:69:9c:7f:7d:
0f:9f:e2:2e:db:ed:a4:58:43:aa:85:a2:1b:36:ba:4b:75:3c:
7f:24:a4:cd:2e:83:af:f4:f8:10:43:db:1c:e8:76:98:a7:7e:
8c:86:30:30:8e:81:91:50:6a:9f:43:22:06:5a:21:06:6d:53:
e3:07:62:8e:af:eb:bd:70:95:63:7a:dd:3c:06:83:a8:f2:2f:
ae:a8:30:2c:00:cd:31:2e:ea:ae:a3:be:69:b5:a8:29:30:3b:
08:b4:da:7c:a7:9f:d5:d7:64:15:15:36:1a:90:6e:a3:10:54:
f4:d4:80:66:e4:70:21:63:72:fd:b6:fc:5e:2c:ea:e2:77:90:
d5:1e:6c:d3:b4:94:b7:2e:9e:bf:d9:b7:b9:a7:5f:e7:1e:49:
80:75:02:c8:ed:a2:f9:d1:6d:ee:9b:ab:82:44:45:b8:0c:ad:
d9:66:78:0f
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICEFMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkNFODMxMTAvBgNVBAUTKEIwNjZFMjQxMDUwQzM4QzM0OUNCMjVENDQwMTQ0NTBG
NEY1MDE4QUUwHhcNMjUwNzE5MDgyMDUyWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODdiNTU2NC1iOWRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAusT6uNu7s2UKIp7X2lx9KX9ZPXBR57nxs6yuHKBDKNlHZqFb9h8yobZv7eot
D513WsIX3Fu9TDWFM2aquFlW7EsnJ9dyJFrWDLKPfcIMu4LE/ryVYNJbCNsRP3zv
XVQOL4kpFc3krc9iQjA1xhuFr+W0ELie/Tnk3qQUulHXmXzNsmkAfnPkSKcjNNx0
sU3ieF4DbnfQIO1C+GvJgJyTSuHs8IbR0AuIamOMN+mNkazAU7CodL9bYU7DXA1/
B3Qkutd3la143eNiMkNX431ltQ5Ch0Efc0xCrqQgyIp9KfMfPkVJzlcR9kNkqZau
yOlUhUwXzBaAU5Rc/gqNeMqPzwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFAtDy1/2
TmPksvwsXQrREvr3AdLGMB8GA1UdIwQYMBaAFLBm4kEFDDjDScsl1EAURQ9PUBiu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2Q0U4My85NTY0MTkxQTQz
QjgxMUU5QUJBMjJBMzRDNEY5QUUwMi9zR2JpUVFVTU9NTkp5eVhVUUJSRkQwOVFH
SzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NHYmlRUVVNT01OSnl5WFVRQlJGRDA5UUdLNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkNFODMvOTU2NDE5MUE0M0I4MTFFOUFCQTIyQTM0QzRGOUFFMDIvNjY1N0M4RDI0
M0I5MTFFOUFFMjUzNDM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnhjgwDQQCAAIwBwMFACQBhOAwDQYJKoZIhvcNAQELBQAD
ggEBAEH9otRKtfkhuOLnPsqtoko87eXH5FOXEGo4rXgziYX0kgxjhErSONXjZxP+
WA56Ojred3TXW458wXCM+W9Ibbq1pgaaf2eWfCNDjv8MQ8PgJxYgtvcGaZx/fQ+f
4i7b7aRYQ6qFohs2ukt1PH8kpM0ug6/0+BBD2xzodpinfoyGMDCOgZFQap9DIgZa
IQZtU+MHYo6v671wlWN63TwGg6jyL66oMCwAzTEu6q6jvmm1qCkwOwi02nynn9XX
ZBUVNhqQbqMQVPTUgGbkcCFjcv22/F4s6uJ3kNUebNO0lLcunr/Zt7mnX+ceSYB1
AsjtovnRbe6bq4JERbgMrdlmeA8=
-----END CERTIFICATE-----
Generated at Sun Aug 10 16:02:34 2025 by rpki-client