Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/785E5E7036DC11F0A07BF464C4F9AE02.roa
File: 785E5E7036DC11F0A07BF464C4F9AE02.roa (raw, json)
Hash identifier: yHc9qaI29v/jGscJzcbCLbt20naVMU6/mCBYEbXcQ0w=
Subject key identifier: F0:AE:9A:97:10:6E:5E:D6:C0:E7:4F:E0:30:CF:E2:35:DD:32:C5:E7
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: BCF7
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/785E5E7036DC11F0A07BF464C4F9AE02.roa
Signing time: Wed 04 Jun 2025 11:34:14 +0000
ROA not before: Wed 04 Jun 2025 11:34:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 138296
IP address blocks: 103.2.190.0/23 maxlen: 24
103.31.140.0/23 maxlen: 24
103.31.142.0/23 maxlen: 24
103.31.220.0/23 maxlen: 24
103.41.32.0/22 maxlen: 24
103.93.192.0/22 maxlen: 24
103.111.70.0/24 maxlen: 24
103.115.154.0/23 maxlen: 24
103.119.82.0/23 maxlen: 24
103.119.172.0/23 maxlen: 24
103.123.154.0/23 maxlen: 24
103.123.224.0/22 maxlen: 24
103.124.22.0/23 maxlen: 24
103.124.122.0/23 maxlen: 24
103.127.116.0/23 maxlen: 24
103.127.252.0/24 maxlen: 24
103.132.100.0/23 maxlen: 24
103.133.116.0/24 maxlen: 24
103.134.4.0/22 maxlen: 24
103.142.106.0/23 maxlen: 24
103.143.8.0/23 maxlen: 23
103.143.8.0/24 maxlen: 24
103.143.9.0/24 maxlen: 24
103.157.178.0/23 maxlen: 24
103.157.222.0/23 maxlen: 24
103.158.48.0/23 maxlen: 24
103.167.176.0/23 maxlen: 24
103.171.210.0/23 maxlen: 24
103.172.86.0/23 maxlen: 24
103.172.156.0/23 maxlen: 24
103.173.120.0/23 maxlen: 24
103.173.177.0/24 maxlen: 24
103.173.205.0/24 maxlen: 24
103.173.244.0/24 maxlen: 24
103.173.245.0/24 maxlen: 24
103.174.244.0/23 maxlen: 24
103.175.60.0/23 maxlen: 24
103.179.46.0/23 maxlen: 24
103.179.232.0/24 maxlen: 24
103.179.236.0/23 maxlen: 24
103.181.54.0/23 maxlen: 24
103.190.212.0/24 maxlen: 24
103.190.213.0/24 maxlen: 24
103.195.80.0/23 maxlen: 24
103.204.132.0/22 maxlen: 24
103.206.26.0/23 maxlen: 24
103.207.90.0/23 maxlen: 24
103.208.90.0/23 maxlen: 24
103.209.72.0/23 maxlen: 24
103.212.172.0/23 maxlen: 24
103.215.184.0/23 maxlen: 24
103.217.138.0/23 maxlen: 24
103.218.106.0/23 maxlen: 24
103.218.180.0/23 maxlen: 24
103.218.184.0/23 maxlen: 24
103.218.186.0/23 maxlen: 24
103.220.232.0/23 maxlen: 24
103.225.30.0/23 maxlen: 24
103.225.116.0/23 maxlen: 24
103.227.104.0/23 maxlen: 24
103.228.72.0/23 maxlen: 24
103.229.90.0/23 maxlen: 24
103.244.94.0/23 maxlen: 24
110.44.10.0/24 maxlen: 24
110.44.11.0/24 maxlen: 24
2001:df2:380::/48 maxlen: 48
2400:4fe0::/32 maxlen: 32
2404:58c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 21 Jun 2025 15:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48375 (0xbcf7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jun 4 11:34:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68402f35-5149
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0f:b4:fa:fa:09:b6:c5:55:c6:46:75:84:a0:
09:ff:3f:be:73:f0:da:2b:93:be:52:50:03:0f:48:
6a:cf:e4:5e:21:d0:d5:80:d5:30:36:8b:13:20:38:
96:c1:12:37:33:3f:1b:5d:1f:92:58:fe:5d:ea:da:
dd:ec:3f:8f:e6:f8:12:d6:fb:4a:83:f8:68:01:ca:
7b:bd:0c:54:32:a6:e2:cf:72:8a:e8:37:7d:25:bd:
45:d2:9e:7c:47:01:72:ce:b4:07:fe:66:e6:87:59:
d1:0a:84:d7:e5:d7:70:5c:89:21:c0:a9:82:aa:c0:
31:3d:54:53:a7:2e:d2:59:37:da:e3:cf:63:a1:c5:
b6:06:fc:f8:63:a2:f0:00:f9:2b:dc:f3:cb:99:0c:
a9:1e:3f:8a:3c:de:ed:58:99:59:be:dd:e0:4c:b7:
57:7f:9c:91:ad:8d:db:6f:94:47:78:48:dd:d4:9f:
15:66:d4:14:73:07:35:5c:f0:ef:0d:f2:32:33:d6:
5f:81:9c:27:60:63:e3:68:fb:de:14:f8:c4:f0:ae:
3a:c4:ea:10:64:4c:e4:6e:dc:0f:f0:9b:15:9f:51:
cf:51:17:1c:99:ad:2b:2b:ac:65:8d:07:9f:dc:19:
a3:f4:46:59:78:3c:1d:e8:90:cd:41:1f:17:fe:61:
18:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:AE:9A:97:10:6E:5E:D6:C0:E7:4F:E0:30:CF:E2:35:DD:32:C5:E7
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/785E5E7036DC11F0A07BF464C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.2.190.0/23
103.31.140.0/22
103.31.220.0/23
103.41.32.0/22
103.93.192.0/22
103.111.70.0/24
103.115.154.0/23
103.119.82.0/23
103.119.172.0/23
103.123.154.0/23
103.123.224.0/22
103.124.22.0/23
103.124.122.0/23
103.127.116.0/23
103.127.252.0/24
103.132.100.0/23
103.133.116.0/24
103.134.4.0/22
103.142.106.0/23
103.143.8.0/23
103.157.178.0/23
103.157.222.0/23
103.158.48.0/23
103.167.176.0/23
103.171.210.0/23
103.172.86.0/23
103.172.156.0/23
103.173.120.0/23
103.173.177.0/24
103.173.205.0/24
103.173.244.0/23
103.174.244.0/23
103.175.60.0/23
103.179.46.0/23
103.179.232.0/24
103.179.236.0/23
103.181.54.0/23
103.190.212.0/23
103.195.80.0/23
103.204.132.0/22
103.206.26.0/23
103.207.90.0/23
103.208.90.0/23
103.209.72.0/23
103.212.172.0/23
103.215.184.0/23
103.217.138.0/23
103.218.106.0/23
103.218.180.0/23
103.218.184.0/22
103.220.232.0/23
103.225.30.0/23
103.225.116.0/23
103.227.104.0/23
103.228.72.0/23
103.229.90.0/23
103.244.94.0/23
110.44.10.0/23
IPv6:
2001:df2:380::/48
2400:4fe0::/32
2404:58c0::/48
Signature Algorithm: sha256WithRSAEncryption
86:54:c7:20:6d:a0:a0:16:8d:07:82:fc:85:67:13:cf:d7:a7:
c2:08:15:8f:5b:3d:a0:a3:cc:27:70:37:82:7d:40:78:09:58:
cb:27:68:f0:2d:45:3d:b0:9b:9a:60:87:5b:10:99:c2:94:9e:
9c:e4:90:b1:eb:9a:8d:49:16:3e:f5:d7:9e:49:6a:9e:7b:65:
e9:99:2c:ff:87:60:d4:38:b6:9f:c4:41:8c:de:26:c3:9d:fe:
b4:24:5d:ee:82:35:b2:e2:b7:38:a2:76:a6:55:4d:d4:21:c7:
36:95:b9:50:90:84:57:b6:f8:47:d7:b2:e3:77:e3:32:29:21:
20:af:ef:65:30:9e:90:c4:bc:3f:7f:f7:b9:75:2e:47:a1:70:
38:98:39:b7:a0:1c:72:88:75:29:28:7f:6c:d6:4c:10:bb:9d:
d7:de:ef:cc:2c:1b:00:a6:d6:01:06:69:9d:2e:d9:24:8e:15:
cf:b6:d1:49:37:ac:96:88:eb:4b:65:fb:69:31:80:6c:3f:ed:
10:8e:41:a7:a7:66:84:7c:69:67:5d:2a:3b:2e:c1:d7:2a:f3:
4f:98:cf:85:c6:fa:1f:ac:5a:f4:34:0a:2a:20:0c:eb:2d:c6:
97:b8:64:31:1f:db:42:ab:e1:b5:bb:c3:d8:e5:8d:38:30:c6:
60:ae:4d:ed
-----BEGIN CERTIFICATE-----
MIIG8zCCBdugAwIBAgIDALz3MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDYwNDExMzQxNFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjg0MDJmMzUtNTE0OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALAPtPr6CbbFVcZGdYSgCf8/vnPw2iuTvlJQAw9Ias/kXiHQ1YDVMDaLEyA4
lsESNzM/G10fklj+Xera3ew/j+b4Etb7SoP4aAHKe70MVDKm4s9yiug3fSW9RdKe
fEcBcs60B/5m5odZ0QqE1+XXcFyJIcCpgqrAMT1UU6cu0lk32uPPY6HFtgb8+GOi
8AD5K9zzy5kMqR4/ijze7ViZWb7d4Ey3V3+cka2N22+UR3hI3dSfFWbUFHMHNVzw
7w3yMjPWX4GcJ2Bj42j73hT4xPCuOsTqEGRM5G7cD/CbFZ9Rz1EXHJmtKyusZY0H
n9wZo/RGWXg8HeiQzUEfF/5hGO0CAwEAAaOCBBYwggQSMB0GA1UdDgQWBBTwrpqX
EG5e1sDnT+Awz+I13TLF5zAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzc4NUU1RTcw
MzZEQzExRjBBMDdCRjQ2NEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBngYIKwYBBQUHAQcB
Af8EggGNMIIBiTCCAWQEAgABMIIBXAMEAWcCvgMEAmcfjAMEAWcf3AMEAmcpIAME
AmddwAMEAGdvRgMEAWdzmgMEAWd3UgMEAWd3rAMEAWd7mgMEAmd74AMEAWd8FgME
AWd8egMEAWd/dAMEAGd//AMEAWeEZAMEAGeFdAMEAmeGBAMEAWeOagMEAWePCAME
AWedsgMEAWed3gMEAWeeMAMEAWensAMEAWer0gMEAWesVgMEAWesnAMEAWeteAME
AGetsQMEAGetzQMEAWet9AMEAWeu9AMEAWevPAMEAWezLgMEAGez6AMEAWez7AME
AWe1NgMEAWe+1AMEAWfDUAMEAmfMhAMEAWfOGgMEAWfPWgMEAWfQWgMEAWfRSAME
AWfUrAMEAWfXuAMEAWfZigMEAWfaagMEAWfatAMEAmfauAMEAWfc6AMEAWfhHgME
AWfhdAMEAWfjaAMEAWfkSAMEAWflWgMEAWf0XgMEAW4sCjAfBAIAAjAZAwcAIAEN
8gOAAwUAJABP4AMHACQEWMAAADANBgkqhkiG9w0BAQsFAAOCAQEAhlTHIG2goBaN
B4L8hWcTz9enwggVj1s9oKPMJ3A3gn1AeAlYyydo8C1FPbCbmmCHWxCZwpSenOSQ
seuajUkWPvXXnklqnntl6Zks/4dg1Di2n8RBjN4mw53+tCRd7oI1suK3OKJ2plVN
1CHHNpW5UJCEV7b4R9ey43fjMikhIK/vZTCekMS8P3/3uXUuR6FwOJg5t6Accoh1
KSh/bNZMELud197vzCwbAKbWAQZpnS7ZJI4Vz7bRSTeslojrS2X7aTGAbD/tEI5B
p6dmhHxpZ10qOy7B1yrzT5jPhcb6H6xa9DQKKiAM6y3Gl7hkMR/bQqvhtbvD2OWN
ODDGYK5N7Q==
-----END CERTIFICATE-----
Generated at Sun Jun 15 06:05:31 2025 by rpki-client