Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/BFC15EB0A87111EFBB7C2F32C4F9AE02.roa
File: BFC15EB0A87111EFBB7C2F32C4F9AE02.roa (raw, json)
Hash identifier: niVbbPDR7NAx4l3qLzNY4nWdL3rA6GqsCF5CIS++dLE=
Subject key identifier: 3D:6A:B7:22:99:A9:E1:17:5E:AC:1F:EE:E7:FB:53:23:35:57:0F:58
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4C00
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/BFC15EB0A87111EFBB7C2F32C4F9AE02.roa
Signing time: Wed 30 Jul 2025 15:06:21 +0000
ROA not before: Wed 30 Jul 2025 15:06:21 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 140810
IP address blocks: 103.77.172.0/23 maxlen: 23
103.77.214.0/23 maxlen: 23
103.77.240.0/23 maxlen: 23
103.77.246.0/23 maxlen: 23
103.78.0.0/23 maxlen: 23
103.116.38.0/23 maxlen: 23
103.141.140.0/23 maxlen: 23
103.155.216.0/24 maxlen: 24
103.176.108.0/23 maxlen: 24
103.178.234.0/23 maxlen: 23
103.213.218.0/23 maxlen: 23
103.214.8.0/22 maxlen: 22
103.238.234.0/23 maxlen: 23
103.252.136.0/23 maxlen: 23
223.130.10.0/23 maxlen: 23
2001:df4:c340::/48 maxlen: 48
2001:df4:d880::/48 maxlen: 48
2400:ece0::/48 maxlen: 48
2401:1960::/48 maxlen: 48
2401:2420::/48 maxlen: 48
2401:3660::/48 maxlen: 48
2401:36a0::/48 maxlen: 48
2401:3760::/48 maxlen: 48
2401:37a0::/48 maxlen: 48
2401:3f20::/48 maxlen: 48
2401:45a0::/48 maxlen: 48
2405:19c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19456 (0x4c00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Jul 30 15:06:21 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=688a34ed-715b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b5:93:50:09:1d:93:ff:95:8a:67:75:82:cf:
03:16:b9:33:80:c1:dd:85:5c:c3:c8:f9:39:a7:25:
48:06:db:ea:c2:f9:22:03:2b:c5:90:57:23:d6:48:
12:d5:64:ff:94:0f:5f:cb:7f:ed:48:30:49:b6:4e:
4b:cf:f0:ec:72:de:5c:7e:c2:66:46:26:a7:66:30:
f4:d5:c8:b1:7e:4d:ff:e7:b5:86:ea:c6:88:64:51:
c4:ba:08:43:2d:a0:12:3e:f2:04:2a:65:1c:a4:da:
95:a5:00:4e:6d:39:ea:f5:a2:d1:95:6e:92:b0:9f:
ac:16:b5:e3:20:ce:e9:78:4e:2f:01:5c:32:ae:c1:
aa:43:ac:4d:10:05:70:e3:8b:c3:86:6a:84:9d:42:
e3:c9:3c:dd:8a:e8:56:bd:9a:dd:ee:80:b8:51:68:
74:10:cf:c9:46:c4:10:43:3d:eb:1e:18:a8:0b:37:
a2:75:ed:f6:0e:19:56:26:ec:b9:b3:72:76:c3:38:
4f:9c:9c:1c:d7:64:0a:72:63:3f:7f:f0:7c:c0:c3:
82:d9:98:39:34:17:59:4b:52:84:86:16:90:dd:c3:
ce:2c:df:c1:b6:bd:b0:8d:7d:ac:3f:46:05:b5:cd:
13:9a:76:6b:0a:19:0e:c4:69:47:19:c5:b1:f4:cb:
56:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:6A:B7:22:99:A9:E1:17:5E:AC:1F:EE:E7:FB:53:23:35:57:0F:58
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/BFC15EB0A87111EFBB7C2F32C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.77.172.0/23
103.77.214.0/23
103.77.240.0/23
103.77.246.0/23
103.78.0.0/23
103.116.38.0/23
103.141.140.0/23
103.155.216.0/24
103.176.108.0/23
103.178.234.0/23
103.213.218.0/23
103.214.8.0/22
103.238.234.0/23
103.252.136.0/23
223.130.10.0/23
IPv6:
2001:df4:c340::/48
2001:df4:d880::/48
2400:ece0::/48
2401:1960::/48
2401:2420::/48
2401:3660::/48
2401:36a0::/48
2401:3760::/48
2401:37a0::/48
2401:3f20::/48
2401:45a0::/48
2405:19c0::/32
Signature Algorithm: sha256WithRSAEncryption
46:80:62:29:7a:e9:6d:ab:bb:2a:dc:77:46:73:00:e9:cb:0f:
13:fb:f0:18:19:37:d2:06:2b:fa:b7:d0:20:e0:3c:88:76:83:
a2:5f:1d:ea:bf:f7:78:9c:3a:e1:9c:37:49:be:1f:68:00:eb:
6f:a2:04:9e:5a:b5:ae:21:f8:6e:92:ee:da:2a:ec:30:2e:3a:
f4:b3:9b:b0:cc:ff:e5:82:4f:4c:9f:7c:89:a8:93:36:ef:78:
8e:fb:45:f6:a6:8a:b1:4f:35:32:42:4a:2d:f7:07:52:d5:cb:
d9:71:b8:4f:6d:4d:fc:d2:ac:74:26:c2:21:7f:c2:88:69:8b:
90:a5:bc:2d:70:32:f0:64:ef:4a:d6:45:69:c5:be:b6:65:56:
58:c2:70:89:f0:95:0c:e8:1f:dc:bc:fd:60:0e:6a:dd:5f:ec:
ea:fa:55:60:70:b8:3e:b5:69:4f:76:86:22:6d:05:86:fa:7b:
16:95:f5:94:6a:43:15:ae:64:a4:63:7b:6d:ac:94:43:0b:2e:
cc:8b:08:2e:56:fe:8b:a7:cd:92:14:72:cc:ed:01:5d:8d:4b:
c3:31:52:38:ba:2a:22:07:e7:a4:df:d8:af:89:c1:42:c2:54:
77:aa:4e:a1:02:93:4f:66:ca:d2:9f:38:62:d4:08:da:1a:3e:
e5:e0:fa:e5
-----BEGIN CERTIFICATE-----
MIIGOjCCBSKgAwIBAgICTAAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjUwNzMwMTUwNjIxWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODhhMzRlZC03MTViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA17WTUAkdk/+Vimd1gs8DFrkzgMHdhVzDyPk5pyVIBtvqwvkiAyvFkFcj1kgS
1WT/lA9fy3/tSDBJtk5Lz/Dsct5cfsJmRianZjD01cixfk3/57WG6saIZFHEughD
LaASPvIEKmUcpNqVpQBObTnq9aLRlW6SsJ+sFrXjIM7peE4vAVwyrsGqQ6xNEAVw
44vDhmqEnULjyTzdiuhWvZrd7oC4UWh0EM/JRsQQQz3rHhioCzeide32DhlWJuy5
s3J2wzhPnJwc12QKcmM/f/B8wMOC2Zg5NBdZS1KEhhaQ3cPOLN/Btr2wjX2sP0YF
tc0TmnZrChkOxGlHGcWx9MtWhQIDAQABo4IDXjCCA1owHQYDVR0OBBYEFD1qtyKZ
qeEXXqwf7uf7UyM1Vw9YMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvQkZDMTVFQjBB
ODcxMTFFRkJCN0MyRjMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgecGCCsGAQUFBwEHAQH/
BIHXMIHUMGAEAgABMFoDBAFnTawDBAFnTdYDBAFnTfADBAFnTfYDBAFnTgADBAFn
dCYDBAFnjYwDBABnm9gDBAFnsGwDBAFnsuoDBAFn1doDBAJn1ggDBAFn7uoDBAFn
/IgDBAHfggowcAQCAAIwagMHACABDfTDQAMHACABDfTYgAMHACQA7OAAAAMHACQB
GWAAAAMHACQBJCAAAAMHACQBNmAAAAMHACQBNqAAAAMHACQBN2AAAAMHACQBN6AA
AAMHACQBPyAAAAMHACQBRaAAAAMFACQFGcAwDQYJKoZIhvcNAQELBQADggEBAEaA
Yil66W2ruyrcd0ZzAOnLDxP78BgZN9IGK/q30CDgPIh2g6JfHeq/93icOuGcN0m+
H2gA62+iBJ5ata4h+G6S7toq7DAuOvSzm7DM/+WCT0yffImokzbveI77RfamirFP
NTJCSi33B1LVy9lxuE9tTfzSrHQmwiF/wohpi5ClvC1wMvBk70rWRWnFvrZlVljC
cInwlQzoH9y8/WAOat1f7Or6VWBwuD61aU92hiJtBYb6exaV9ZRqQxWuZKRje22s
lEMLLsyLCC5W/ounzZIUcsztAV2NS8MxUji6KiIH56Tf2K+JwULCVHeqTqECk09m
ytKfOGLUCNoaPuXg+uU=
-----END CERTIFICATE-----
Generated at Sun Aug 10 03:56:42 2025 by rpki-client