Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/7909FCC06DF211EA806B671BC4F9AE02.roa
File: 7909FCC06DF211EA806B671BC4F9AE02.roa (raw, json)
Hash identifier: A36l5vIxO39bSQHMANaf+/tD78P8NfKhTp6R9CnZr5o=
Subject key identifier: 09:84:B9:34:64:53:10:A5:B0:EB:82:A9:20:B4:49:9B:EE:FC:61:FE
Certificate issuer: /CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Certificate serial: 369D
Authority key identifier: F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/7909FCC06DF211EA806B671BC4F9AE02.roa
Signing time: Sat 02 Aug 2025 15:53:03 +0000
ROA not before: Sat 02 Aug 2025 15:53:03 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 23951
IP address blocks: 103.101.136.0/24 maxlen: 24
103.101.137.0/24 maxlen: 24
103.101.138.0/24 maxlen: 24
103.101.139.0/24 maxlen: 24
117.20.48.0/24 maxlen: 24
117.20.49.0/24 maxlen: 24
117.20.50.0/24 maxlen: 24
117.20.51.0/24 maxlen: 24
117.20.52.0/24 maxlen: 24
117.20.53.0/24 maxlen: 24
117.20.54.0/24 maxlen: 24
117.20.55.0/24 maxlen: 24
117.20.56.0/24 maxlen: 24
117.20.57.0/24 maxlen: 24
117.20.58.0/24 maxlen: 24
117.20.59.0/24 maxlen: 24
117.20.60.0/24 maxlen: 24
117.20.61.0/24 maxlen: 24
117.20.62.0/24 maxlen: 24
117.20.63.0/24 maxlen: 24
202.152.129.0/24 maxlen: 24
202.152.130.0/24 maxlen: 24
202.152.131.0/24 maxlen: 24
202.152.132.0/24 maxlen: 24
202.152.133.0/24 maxlen: 24
202.152.134.0/24 maxlen: 24
202.152.135.0/24 maxlen: 24
202.152.136.0/24 maxlen: 24
202.152.137.0/24 maxlen: 24
202.152.138.0/24 maxlen: 24
202.152.139.0/24 maxlen: 24
202.152.140.0/24 maxlen: 24
202.152.141.0/24 maxlen: 24
202.152.142.0/24 maxlen: 24
202.152.143.0/24 maxlen: 24
202.152.144.0/24 maxlen: 24
202.152.145.0/24 maxlen: 24
202.152.146.0/24 maxlen: 24
202.152.147.0/24 maxlen: 24
202.152.148.0/24 maxlen: 24
202.152.149.0/24 maxlen: 24
202.152.150.0/24 maxlen: 24
202.152.151.0/24 maxlen: 24
202.152.152.0/24 maxlen: 24
202.152.153.0/24 maxlen: 24
202.152.154.0/24 maxlen: 24
202.152.155.0/24 maxlen: 24
202.152.156.0/24 maxlen: 24
202.152.157.0/24 maxlen: 24
202.152.158.0/24 maxlen: 24
202.152.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13981 (0x369d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186214, serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Validity
Not Before: Aug 2 15:53:03 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=688e345f-caec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b0:a4:73:f2:6e:f2:f9:b1:0d:75:bd:e1:d6:
83:a6:28:05:53:8e:92:7f:73:fa:24:9f:07:9f:ed:
7f:c9:a2:62:97:8e:1b:fd:1e:d6:ec:d7:8c:0f:89:
d4:6e:b0:37:87:2f:26:27:52:5f:29:ec:3c:f4:0b:
b1:40:57:4c:5c:10:46:15:27:1b:92:44:c9:06:bd:
ae:d0:e6:51:7a:59:ed:27:46:2a:31:4e:e2:b4:78:
49:26:3d:37:43:ac:d9:08:2f:e9:33:39:7b:c7:7c:
20:3e:83:50:62:85:e1:bb:c9:60:bb:f8:e8:25:6e:
fb:12:9c:06:a1:1c:04:f1:8a:e9:6d:5e:c0:99:6d:
58:97:17:e2:2f:1b:74:11:37:a5:f4:dc:d4:96:c2:
dc:66:0e:82:f0:9d:85:12:0f:71:6a:78:c1:f7:b5:
5b:0e:d6:f8:37:14:df:e5:4c:af:6b:cf:b5:cb:7a:
ce:ca:cb:e6:74:27:91:1a:13:b5:49:c1:5d:c0:02:
c6:7c:88:0a:a0:e9:41:c1:a5:7e:f6:05:ae:93:0a:
0c:80:b8:25:09:48:d6:56:5a:ac:92:47:d2:cc:73:
7a:12:24:c2:ca:2a:ed:a3:ca:b7:03:97:dc:e5:17:
10:c3:ad:ba:68:f2:6d:29:3c:c0:98:87:93:c5:b4:
80:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:84:B9:34:64:53:10:A5:B0:EB:82:A9:20:B4:49:9B:EE:FC:61:FE
X509v3 Authority Key Identifier:
keyid:F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/7909FCC06DF211EA806B671BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.101.136.0/22
117.20.48.0/20
202.152.129.0-202.152.159.255
Signature Algorithm: sha256WithRSAEncryption
22:fe:d9:47:4d:8d:83:05:bf:f9:68:b9:2e:e9:4e:23:82:7e:
7d:76:da:6e:58:8d:2d:78:4f:b8:aa:ce:39:ba:1d:8b:53:5c:
b5:fa:d9:91:ce:7b:aa:55:cb:2d:ef:87:03:bb:6f:0d:ab:e9:
f8:01:5d:27:85:55:90:c3:ad:11:3f:30:12:41:f2:c7:e9:ef:
91:3a:c7:45:0a:a3:f6:eb:11:43:79:ed:90:1f:d0:bc:66:10:
4f:21:af:f3:3d:7a:8e:ee:df:0f:3d:48:fd:52:7c:e6:b6:30:
c5:44:d9:bd:00:34:65:03:ad:ba:40:e1:c6:28:ed:92:a6:7f:
36:b2:71:56:72:33:24:a5:fd:f8:c7:4c:d3:bc:1d:87:85:5c:
06:9b:ef:cf:9a:b5:ab:f1:3a:f1:97:5b:3f:b9:40:ed:e6:50:
b5:99:36:a3:80:c3:27:7c:86:e7:3e:09:72:0b:cf:43:c1:66:
54:c5:48:4d:f5:f7:c2:43:c3:b2:60:eb:a1:21:9c:cb:16:7e:
9c:5b:4d:d8:d7:e1:39:af:28:c1:80:36:02:80:b8:45:7f:41:
e3:e9:c9:d3:3b:76:65:13:04:ea:c3:40:17:a0:65:df:95:51:
1d:4d:05:d8:40:84:02:8c:d6:1b:e8:db:a1:ac:49:80:7f:80:
ad:2d:5c:35
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICNp0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODYyMTQxMTAvBgNVBAUTKEYzREI5RjE2MjAwOEJENjY2Q0JGOEM5OTYwNzgxNENG
QUIyNEQ3RTcwHhcNMjUwODAyMTU1MzAzWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODhlMzQ1Zi1jYWVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv7Ckc/Ju8vmxDXW94daDpigFU46Sf3P6JJ8Hn+1/yaJil44b/R7W7NeMD4nU
brA3hy8mJ1JfKew89AuxQFdMXBBGFScbkkTJBr2u0OZRelntJ0YqMU7itHhJJj03
Q6zZCC/pMzl7x3wgPoNQYoXhu8lgu/joJW77EpwGoRwE8YrpbV7AmW1YlxfiLxt0
ETel9NzUlsLcZg6C8J2FEg9xanjB97VbDtb4NxTf5Uyva8+1y3rOysvmdCeRGhO1
ScFdwALGfIgKoOlBwaV+9gWukwoMgLglCUjWVlqskkfSzHN6EiTCyirto8q3A5fc
5RcQw626aPJtKTzAmIeTxbSAdwIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFAmEuTRk
UxClsOuCqSC0SZvu/GH+MB8GA1UdIwQYMBaAFPPbnxYgCL1mbL+MmWB4FM+rJNfn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjIxNC9DNjVENTM2NDMz
MUExMUU0QUYyQUIzN0NDNEY5QUUwMi84OXVmRmlBSXZXWnN2NHlaWUhnVXo2c2sx
LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg5dWZGaUFJdldac3Y0eVpZSGdVejZzazEtYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODYyMTQvQzY1RDUzNjQzMzFBMTFFNEFGMkFCMzdDQzRGOUFFMDIvNzkwOUZDQzA2
REYyMTFFQTgwNkI2NzFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBoDBAJnZYgDBAR1FDAwDAMEAMqYgQMEBcqYgDANBgkqhkiG9w0B
AQsFAAOCAQEAIv7ZR02NgwW/+Wi5LulOI4J+fXbabliNLXhPuKrOObodi1NctfrZ
kc57qlXLLe+HA7tvDavp+AFdJ4VVkMOtET8wEkHyx+nvkTrHRQqj9usRQ3ntkB/Q
vGYQTyGv8z16ju7fDz1I/VJ85rYwxUTZvQA0ZQOtukDhxijtkqZ/NrJxVnIzJKX9
+MdM07wdh4VcBpvvz5q1q/E68ZdbP7lA7eZQtZk2o4DDJ3yG5z4JcgvPQ8FmVMVI
TfX3wkPDsmDroSGcyxZ+nFtN2NfhOa8owYA2AoC4RX9B4+nJ0zt2ZRME6sNAF6Bl
35VRHU0F2ECEAozWG+jboaxJgH+ArS1cNQ==
-----END CERTIFICATE-----
Generated at Fri Aug 8 20:42:59 2025 by rpki-client