Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917C615/4200C9E6006C11EAA363C264C4F9AE02/A0632940737D11F091340126C4F9AE02.roa
File: A0632940737D11F091340126C4F9AE02.roa (raw, json)
Hash identifier: MgunnEkdhYyxCKv1PICJfgMQMsgL6bJvzf4zx6j7RFc=
Subject key identifier: B8:3A:5D:7B:C6:90:05:79:F6:41:63:DA:3E:57:C1:78:C7:E0:13:B2
Certificate issuer: /CN=A917C615/serialNumber=1948CC14F30ED83CAA52C8EC4B08C44CA83A629E
Certificate serial: 0C9D
Authority key identifier: 19:48:CC:14:F3:0E:D8:3C:AA:52:C8:EC:4B:08:C4:4C:A8:3A:62:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GUjMFPMO2DyqUsjsSwjETKg6Yp4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917C615/4200C9E6006C11EAA363C264C4F9AE02/A0632940737D11F091340126C4F9AE02.roa
Signing time: Thu 07 Aug 2025 11:08:34 +0000
ROA not before: Thu 07 Aug 2025 11:08:34 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 64043
IP address blocks: 59.153.16.0/22 maxlen: 22
59.153.16.0/23 maxlen: 23
59.153.16.0/24 maxlen: 24
59.153.17.0/24 maxlen: 24
59.153.18.0/23 maxlen: 23
59.153.18.0/24 maxlen: 24
59.153.19.0/24 maxlen: 24
103.197.248.0/22 maxlen: 22
103.197.248.0/23 maxlen: 23
103.197.248.0/24 maxlen: 24
103.197.249.0/24 maxlen: 24
103.197.250.0/23 maxlen: 23
103.197.250.0/24 maxlen: 24
103.197.251.0/24 maxlen: 24
2403:f2c0::/32 maxlen: 32
2403:f2c0::/36 maxlen: 36
2403:f2c0:1000::/36 maxlen: 36
2403:f2c0:2000::/36 maxlen: 36
2403:f2c0:3000::/36 maxlen: 36
2403:f2c0:4000::/36 maxlen: 36
2403:f2c0:5000::/36 maxlen: 36
2403:f2c0:6000::/36 maxlen: 36
2403:f2c0:7000::/36 maxlen: 36
2403:f2c0:8000::/36 maxlen: 36
2403:f2c0:9000::/36 maxlen: 36
2403:f2c0:a000::/36 maxlen: 36
2403:f2c0:b000::/36 maxlen: 36
2403:f2c0:c000::/36 maxlen: 36
2403:f2c0:d000::/36 maxlen: 36
2403:f2c0:e000::/36 maxlen: 36
2403:f2c0:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917C615/4200C9E6006C11EAA363C264C4F9AE02/GUjMFPMO2DyqUsjsSwjETKg6Yp4.crl
rsync://rpki.apnic.net/member_repository/A917C615/4200C9E6006C11EAA363C264C4F9AE02/GUjMFPMO2DyqUsjsSwjETKg6Yp4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GUjMFPMO2DyqUsjsSwjETKg6Yp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 19 Aug 2025 18:27:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3229 (0xc9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917C615, serialNumber=1948CC14F30ED83CAA52C8EC4B08C44CA83A629E
Validity
Not Before: Aug 7 11:08:34 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=68948932-e3fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f5:c3:20:c8:4b:03:b2:1a:35:53:20:0f:7e:
5e:d4:49:de:c8:af:9f:50:fb:74:01:3e:dc:66:8f:
6e:19:d3:de:c9:19:34:34:e4:8d:72:fa:b4:2b:0e:
02:bd:4f:93:05:92:72:5e:9a:4f:9e:d0:80:25:d1:
ef:b5:97:a7:fd:94:8f:97:aa:6d:38:a9:76:53:01:
a2:d3:9b:1f:a8:c6:49:f5:f1:bc:b4:0e:50:22:68:
5d:5c:31:21:c4:d1:3e:3e:1a:d4:a5:4f:d4:f5:28:
41:38:fd:8a:02:a0:63:9e:84:60:57:bf:d7:dc:7f:
90:fe:66:78:44:5a:70:a2:1d:6d:3a:ee:a8:b7:09:
3d:2d:09:49:90:78:8a:3b:6b:c9:15:3e:77:0a:d5:
fc:ec:17:dc:f8:5e:a5:c3:79:60:c0:e5:f7:cd:9d:
19:d5:b4:80:82:1b:36:fa:e1:fb:fb:a0:ba:f2:d4:
7b:e9:1e:58:f9:2e:0b:30:2b:d5:5b:ce:84:27:6c:
b8:99:e1:5e:55:ff:60:0a:be:90:62:58:c3:d9:1d:
b2:5e:9b:92:e5:7c:ae:6f:f0:f2:e6:05:c6:b1:3b:
83:d0:fe:2d:7f:a6:3b:9e:4d:b6:5f:48:cd:8a:78:
16:26:cd:a9:ff:33:08:b8:93:01:e5:4f:ed:e0:77:
45:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:3A:5D:7B:C6:90:05:79:F6:41:63:DA:3E:57:C1:78:C7:E0:13:B2
X509v3 Authority Key Identifier:
keyid:19:48:CC:14:F3:0E:D8:3C:AA:52:C8:EC:4B:08:C4:4C:A8:3A:62:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917C615/4200C9E6006C11EAA363C264C4F9AE02/GUjMFPMO2DyqUsjsSwjETKg6Yp4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GUjMFPMO2DyqUsjsSwjETKg6Yp4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C615/4200C9E6006C11EAA363C264C4F9AE02/A0632940737D11F091340126C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.153.16.0/22
103.197.248.0/22
IPv6:
2403:f2c0::/32
Signature Algorithm: sha256WithRSAEncryption
40:24:34:55:a8:02:3b:14:ce:61:e8:f5:6f:d1:65:40:74:ff:
1a:76:58:2c:81:b6:84:85:36:6e:17:c0:a5:bf:c6:50:ae:55:
62:25:a6:e7:f5:47:95:3f:52:f7:f5:f3:a8:bd:91:6a:1d:ba:
be:05:b3:7c:15:59:34:9b:d7:00:46:1a:ef:8f:c3:c7:15:7f:
b0:52:14:54:b2:c6:96:23:88:38:fd:e1:62:ca:65:87:48:3f:
6b:86:64:68:8b:51:ee:be:8b:04:bd:c9:5b:a9:63:d7:cf:f8:
44:82:70:bc:c3:55:e4:3a:ee:89:89:c7:25:09:43:11:54:71:
7a:56:a0:ff:2a:9d:06:db:6b:ec:5e:24:1b:4f:c5:ce:98:7b:
90:51:97:5e:72:70:b3:fd:3c:8b:59:5a:fe:68:f8:59:c4:b3:
7c:58:86:82:ba:93:f8:19:cf:2c:ce:b6:1b:8d:b6:66:4e:17:
eb:35:37:07:66:9c:d0:dd:ce:5b:75:35:3d:a8:4a:9b:e9:f9:
9f:2c:e5:6b:1e:40:58:d5:8f:fd:45:39:d0:db:ce:4a:7b:a0:
76:30:8e:1b:7e:e9:7b:82:b7:df:a5:89:5d:dc:99:b7:79:69:
3b:73:3c:46:aa:fc:78:8c:9c:d1:a6:56:96:9b:ef:b6:7d:62:
76:4f:7b:d7
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDJ0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0M2MTUxMTAvBgNVBAUTKDE5NDhDQzE0RjMwRUQ4M0NBQTUyQzhFQzRCMDhDNDRD
QTgzQTYyOUUwHhcNMjUwODA3MTEwODM0WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODk0ODkzMi1lM2ZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu/XDIMhLA7IaNVMgD35e1EneyK+fUPt0AT7cZo9uGdPeyRk0NOSNcvq0Kw4C
vU+TBZJyXppPntCAJdHvtZen/ZSPl6ptOKl2UwGi05sfqMZJ9fG8tA5QImhdXDEh
xNE+PhrUpU/U9ShBOP2KAqBjnoRgV7/X3H+Q/mZ4RFpwoh1tOu6otwk9LQlJkHiK
O2vJFT53CtX87Bfc+F6lw3lgwOX3zZ0Z1bSAghs2+uH7+6C68tR76R5Y+S4LMCvV
W86EJ2y4meFeVf9gCr6QYljD2R2yXpuS5Xyub/Dy5gXGsTuD0P4tf6Y7nk22X0jN
ingWJs2p/zMIuJMB5U/t4HdFnwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFLg6XXvG
kAV59kFj2j5XwXjH4BOyMB8GA1UdIwQYMBaAFBlIzBTzDtg8qlLI7EsIxEyoOmKe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzYxNS80MjAwQzlFNjAw
NkMxMUVBQTM2M0MyNjRDNEY5QUUwMi9HVWpNRlBNTzJEeXFVc2pzU3dqRVRLZzZZ
cDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0dVak1GUE1PMkR5cVVzanNTd2pFVEtnNllwNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0M2MTUvNDIwMEM5RTYwMDZDMTFFQUEzNjNDMjY0QzRGOUFFMDIvQTA2MzI5NDA3
MzdEMTFGMDkxMzQwMTI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAI7mRADBAJnxfgwDQQCAAIwBwMFACQD8sAwDQYJKoZIhvcN
AQELBQADggEBAEAkNFWoAjsUzmHo9W/RZUB0/xp2WCyBtoSFNm4XwKW/xlCuVWIl
puf1R5U/Uvf186i9kWodur4Fs3wVWTSb1wBGGu+Pw8cVf7BSFFSyxpYjiDj94WLK
ZYdIP2uGZGiLUe6+iwS9yVupY9fP+ESCcLzDVeQ67omJxyUJQxFUcXpWoP8qnQbb
a+xeJBtPxc6Ye5BRl15ycLP9PItZWv5o+FnEs3xYhoK6k/gZzyzOthuNtmZOF+s1
NwdmnNDdzlt1NT2oSpvp+Z8s5WseQFjVj/1FOdDbzkp7oHYwjht+6XuCt9+liV3c
mbd5aTtzPEaq/HiMnNGmVpab77Z9YnZPe9c=
-----END CERTIFICATE-----
Generated at Wed Aug 13 04:30:14 2025 by rpki-client