Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917C615/4200C9E6006C11EAA363C264C4F9AE02/A0632940737D11F091340126C4F9AE02.roa
File: A0632940737D11F091340126C4F9AE02.roa (raw, json)
Hash identifier: A9CfvWHo8wQog2ij+U4wMZKQtVK7NG2gnZm4ccTlh58=
Subject key identifier: 71:E7:2C:60:C8:AC:E6:17:A9:A2:CB:3F:41:A1:6C:F8:00:99:1C:EE
Certificate issuer: /CN=A917C615/serialNumber=1948CC14F30ED83CAA52C8EC4B08C44CA83A629E
Certificate serial: 0CCB
Authority key identifier: 19:48:CC:14:F3:0E:D8:3C:AA:52:C8:EC:4B:08:C4:4C:A8:3A:62:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GUjMFPMO2DyqUsjsSwjETKg6Yp4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917C615/4200C9E6006C11EAA363C264C4F9AE02/A0632940737D11F091340126C4F9AE02.roa
Signing time: Tue 28 Oct 2025 18:36:52 +0000
ROA not before: Tue 28 Oct 2025 18:36:52 +0000
ROA not after: Wed 30 Dec 2026 00:00:00 +0000
asID: 64043
IP address blocks: 59.153.16.0/22 maxlen: 22
59.153.16.0/23 maxlen: 23
59.153.16.0/24 maxlen: 24
59.153.17.0/24 maxlen: 24
59.153.18.0/23 maxlen: 23
59.153.18.0/24 maxlen: 24
59.153.19.0/24 maxlen: 24
103.197.248.0/22 maxlen: 22
103.197.248.0/23 maxlen: 23
103.197.248.0/24 maxlen: 24
103.197.249.0/24 maxlen: 24
103.197.250.0/23 maxlen: 23
103.197.250.0/24 maxlen: 24
103.197.251.0/24 maxlen: 24
2403:f2c0::/32 maxlen: 32
2403:f2c0::/36 maxlen: 36
2403:f2c0:1000::/36 maxlen: 36
2403:f2c0:2000::/36 maxlen: 36
2403:f2c0:3000::/36 maxlen: 36
2403:f2c0:4000::/36 maxlen: 36
2403:f2c0:5000::/36 maxlen: 36
2403:f2c0:6000::/36 maxlen: 36
2403:f2c0:7000::/36 maxlen: 36
2403:f2c0:8000::/36 maxlen: 36
2403:f2c0:9000::/36 maxlen: 36
2403:f2c0:a000::/36 maxlen: 36
2403:f2c0:b000::/36 maxlen: 36
2403:f2c0:c000::/36 maxlen: 36
2403:f2c0:d000::/36 maxlen: 36
2403:f2c0:e000::/36 maxlen: 36
2403:f2c0:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917C615/4200C9E6006C11EAA363C264C4F9AE02/GUjMFPMO2DyqUsjsSwjETKg6Yp4.crl
rsync://rpki.apnic.net/member_repository/A917C615/4200C9E6006C11EAA363C264C4F9AE02/GUjMFPMO2DyqUsjsSwjETKg6Yp4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GUjMFPMO2DyqUsjsSwjETKg6Yp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 11 Nov 2025 18:19:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3275 (0xccb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917C615, serialNumber=1948CC14F30ED83CAA52C8EC4B08C44CA83A629E
Validity
Not Before: Oct 28 18:36:52 2025 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=69010d44-855c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:08:c0:26:f4:f9:21:57:3f:8f:1a:c4:dc:36:
50:fd:1c:96:70:b8:f0:31:80:78:c7:8e:10:ae:50:
19:10:41:9b:59:85:04:29:d7:11:bf:c5:66:9c:24:
1c:de:c1:22:aa:dd:09:87:ef:18:1b:34:5c:02:bf:
2a:97:ff:f9:ce:7c:d4:e5:af:d0:2f:dc:86:76:ec:
c4:d4:1e:ff:93:e3:36:72:d7:60:ab:6b:88:a5:d9:
b2:13:fc:6b:16:ed:0b:2d:a8:97:fc:71:2e:75:ed:
90:d3:06:95:51:5d:72:87:0a:59:ce:24:51:5f:5a:
44:1a:c4:58:ab:7f:e0:50:03:ad:15:36:27:ee:14:
2f:81:76:87:1c:9d:e8:e1:1a:19:54:4e:7f:69:e2:
f0:bf:31:85:1f:d1:ee:43:40:8b:1c:d8:64:aa:a6:
e9:bb:e6:3d:98:d0:7e:47:d4:47:15:49:c4:12:30:
28:42:8c:63:46:c8:a7:89:cc:e2:ab:c5:d8:78:b0:
4f:90:4c:74:fd:d8:80:5c:0c:67:a8:18:51:76:c9:
79:e4:20:c6:74:69:ba:52:21:e5:97:85:a6:72:ce:
0a:4f:eb:d2:e1:cd:2e:0b:68:ca:28:44:de:7b:02:
d4:59:96:d6:41:b6:db:eb:6b:27:08:ba:d9:c1:a2:
1a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:E7:2C:60:C8:AC:E6:17:A9:A2:CB:3F:41:A1:6C:F8:00:99:1C:EE
X509v3 Authority Key Identifier:
keyid:19:48:CC:14:F3:0E:D8:3C:AA:52:C8:EC:4B:08:C4:4C:A8:3A:62:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917C615/4200C9E6006C11EAA363C264C4F9AE02/GUjMFPMO2DyqUsjsSwjETKg6Yp4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GUjMFPMO2DyqUsjsSwjETKg6Yp4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C615/4200C9E6006C11EAA363C264C4F9AE02/A0632940737D11F091340126C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.153.16.0/22
103.197.248.0/22
IPv6:
2403:f2c0::/32
Signature Algorithm: sha256WithRSAEncryption
00:e3:08:9c:bb:45:e8:70:9d:b6:1e:7f:df:70:44:08:b2:6b:
7a:dc:ea:8a:41:98:73:e8:a4:50:aa:30:35:d8:67:c5:6a:6c:
c2:cf:9e:cc:9f:eb:87:d2:a2:ee:bd:cd:c0:a9:28:7b:02:5d:
a5:da:96:fc:28:9f:2d:db:56:3d:46:f6:ea:78:8d:a9:65:22:
38:68:0f:39:b8:67:1a:da:1f:06:f0:f5:e4:76:ef:0e:93:79:
21:10:60:20:8e:56:58:91:30:86:25:7c:0e:c9:12:ab:3e:02:
d7:74:31:d1:64:8a:c7:59:db:0f:65:26:94:c6:32:69:82:a4:
63:81:d8:6f:88:55:a6:39:8c:a5:80:36:05:5a:5e:23:11:85:
08:59:16:48:62:7d:af:67:e1:2a:c9:24:d8:21:2d:29:6d:35:
2c:b5:e8:9c:d1:8d:32:6a:d3:22:22:3a:7c:5f:09:11:64:53:
07:d7:79:65:ac:55:38:b9:f1:bd:fc:d4:07:5e:eb:bb:d3:8a:
1d:14:f0:19:6b:fa:7a:87:56:ac:e7:33:b1:ec:a1:aa:a9:c0:
9a:d8:3f:55:ed:44:a5:59:92:e4:6f:00:70:b1:3a:50:07:29:
72:96:ef:24:dc:61:ce:ff:a5:bb:e1:6d:a9:5f:a3:3a:40:14:
5f:59:a1:a3
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDMswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0M2MTUxMTAvBgNVBAUTKDE5NDhDQzE0RjMwRUQ4M0NBQTUyQzhFQzRCMDhDNDRD
QTgzQTYyOUUwHhcNMjUxMDI4MTgzNjUyWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OTAxMGQ0NC04NTVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxAjAJvT5IVc/jxrE3DZQ/RyWcLjwMYB4x44QrlAZEEGbWYUEKdcRv8VmnCQc
3sEiqt0Jh+8YGzRcAr8ql//5znzU5a/QL9yGduzE1B7/k+M2ctdgq2uIpdmyE/xr
Fu0LLaiX/HEude2Q0waVUV1yhwpZziRRX1pEGsRYq3/gUAOtFTYn7hQvgXaHHJ3o
4RoZVE5/aeLwvzGFH9HuQ0CLHNhkqqbpu+Y9mNB+R9RHFUnEEjAoQoxjRsiniczi
q8XYeLBPkEx0/diAXAxnqBhRdsl55CDGdGm6UiHll4Wmcs4KT+vS4c0uC2jKKETe
ewLUWZbWQbbb62snCLrZwaIaOwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFHHnLGDI
rOYXqaLLP0GhbPgAmRzuMB8GA1UdIwQYMBaAFBlIzBTzDtg8qlLI7EsIxEyoOmKe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzYxNS80MjAwQzlFNjAw
NkMxMUVBQTM2M0MyNjRDNEY5QUUwMi9HVWpNRlBNTzJEeXFVc2pzU3dqRVRLZzZZ
cDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0dVak1GUE1PMkR5cVVzanNTd2pFVEtnNllwNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0M2MTUvNDIwMEM5RTYwMDZDMTFFQUEzNjNDMjY0QzRGOUFFMDIvQTA2MzI5NDA3
MzdEMTFGMDkxMzQwMTI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAI7mRADBAJnxfgwDQQCAAIwBwMFACQD8sAwDQYJKoZIhvcN
AQELBQADggEBAADjCJy7RehwnbYef99wRAiya3rc6opBmHPopFCqMDXYZ8VqbMLP
nsyf64fSou69zcCpKHsCXaXalvwony3bVj1G9up4jallIjhoDzm4ZxraHwbw9eR2
7w6TeSEQYCCOVliRMIYlfA7JEqs+Atd0MdFkisdZ2w9lJpTGMmmCpGOB2G+IVaY5
jKWANgVaXiMRhQhZFkhifa9n4SrJJNghLSltNSy16JzRjTJq0yIiOnxfCRFkUwfX
eWWsVTi58b381Ade67vTih0U8Blr+nqHVqznM7HsoaqpwJrYP1XtRKVZkuRvAHCx
OlAHKXKW7yTcYc7/pbvhbalfozpAFF9ZoaM=
-----END CERTIFICATE-----
Generated at Wed Nov 5 12:06:00 2025 by rpki-client