Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/A508D320BBC711ED8DF23C40C4F9AE02.roa
File: A508D320BBC711ED8DF23C40C4F9AE02.roa (raw, json)
Hash identifier: qkRYuAT6UAGXsy4Gp/LpKypt/tBfT+73f11tCNpfSwM=
Subject key identifier: 8C:E3:21:5D:A1:0D:97:E0:10:05:5A:F2:3A:96:BB:8E:30:2A:4B:74
Certificate issuer: /CN=A91A57F8/serialNumber=9F64FE50992537FB0B40E52F9CFAC310CA271918
Certificate serial: 0237
Authority key identifier: 9F:64:FE:50:99:25:37:FB:0B:40:E5:2F:9C:FA:C3:10:CA:27:19:18
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n2T-UJklN_sLQOUvnPrDEMonGRg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/A508D320BBC711ED8DF23C40C4F9AE02.roa
Signing time: Mon 27 Oct 2025 01:58:11 +0000
ROA not before: Mon 27 Oct 2025 01:58:11 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 136000
IP address blocks: 103.114.190.0/23 maxlen: 23
103.117.166.0/23 maxlen: 23
103.117.228.0/22 maxlen: 22
103.134.20.0/22 maxlen: 22
103.196.240.0/22 maxlen: 22
103.209.12.0/22 maxlen: 22
118.91.179.0/24 maxlen: 24
118.91.188.0/24 maxlen: 24
124.198.224.0/20 maxlen: 20
202.14.177.0/24 maxlen: 24
202.62.240.0/22 maxlen: 22
202.73.30.0/23 maxlen: 23
203.14.201.0/24 maxlen: 24
203.18.242.0/23 maxlen: 23
203.22.206.0/24 maxlen: 24
203.23.53.0/24 maxlen: 24
203.24.148.0/23 maxlen: 23
203.28.160.0/24 maxlen: 24
203.29.91.0/24 maxlen: 24
203.32.98.0/23 maxlen: 23
203.33.103.0/24 maxlen: 24
203.55.150.0/24 maxlen: 24
203.56.119.0/24 maxlen: 24
203.57.252.0/24 maxlen: 24
203.98.90.0/24 maxlen: 24
203.168.216.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/n2T-UJklN_sLQOUvnPrDEMonGRg.crl
rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/n2T-UJklN_sLQOUvnPrDEMonGRg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n2T-UJklN_sLQOUvnPrDEMonGRg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 12 Nov 2025 02:35:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 567 (0x237)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A57F8, serialNumber=9F64FE50992537FB0B40E52F9CFAC310CA271918
Validity
Not Before: Oct 27 01:58:11 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=68fed1b2-f30f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0a:5b:f2:a8:f1:3f:7a:5c:30:d6:c1:e2:b8:
c1:1b:a5:8f:04:9e:f6:9b:2d:fd:1b:e9:32:34:bb:
1c:90:0e:2d:28:a2:1a:ae:de:14:35:7f:f3:a2:24:
73:4e:e6:94:4f:4a:83:a0:98:66:aa:4e:d5:52:8c:
1d:55:30:0e:e3:55:19:c4:30:1e:2b:76:38:f8:3c:
bb:13:74:3f:2c:a2:bf:48:41:f8:cc:31:84:bb:91:
f7:83:c8:9f:ab:85:ff:b8:69:5f:06:ce:a5:94:d9:
64:48:3e:52:9b:23:2f:18:5d:2b:a1:62:7a:75:95:
42:26:37:8a:c8:fc:1b:0f:ec:b6:38:9f:82:27:1e:
08:77:33:b4:cc:98:01:2d:8e:08:c8:17:cb:f6:cf:
5c:61:17:68:d0:fd:c1:03:06:e8:0b:2d:4f:51:a8:
e0:e0:b9:12:b0:cc:a1:de:32:d8:87:bc:f7:33:0b:
bc:b9:a7:93:42:7d:34:3e:54:44:f2:6a:1f:b3:0b:
ad:49:34:6c:c0:68:d0:77:02:4c:ca:02:2b:0f:29:
a5:c5:e1:cb:47:8c:39:02:d2:b9:70:d8:11:48:2a:
7d:6e:70:9f:c6:20:90:0e:c0:2a:e8:dc:67:14:2e:
de:d5:e8:73:c2:c9:ae:57:2d:aa:db:b2:d7:8a:22:
80:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:E3:21:5D:A1:0D:97:E0:10:05:5A:F2:3A:96:BB:8E:30:2A:4B:74
X509v3 Authority Key Identifier:
keyid:9F:64:FE:50:99:25:37:FB:0B:40:E5:2F:9C:FA:C3:10:CA:27:19:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/n2T-UJklN_sLQOUvnPrDEMonGRg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n2T-UJklN_sLQOUvnPrDEMonGRg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/A508D320BBC711ED8DF23C40C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.114.190.0/23
103.117.166.0/23
103.117.228.0/22
103.134.20.0/22
103.196.240.0/22
103.209.12.0/22
118.91.179.0/24
118.91.188.0/24
124.198.224.0/20
202.14.177.0/24
202.62.240.0/22
202.73.30.0/23
203.14.201.0/24
203.18.242.0/23
203.22.206.0/24
203.23.53.0/24
203.24.148.0/23
203.28.160.0/24
203.29.91.0/24
203.32.98.0/23
203.33.103.0/24
203.55.150.0/24
203.56.119.0/24
203.57.252.0/24
203.98.90.0/24
203.168.216.0/22
Signature Algorithm: sha256WithRSAEncryption
61:85:14:4e:94:80:62:2d:47:f8:57:e3:13:3d:7f:c2:81:af:
82:d1:bb:01:20:5d:24:95:f7:60:6c:9a:9a:ba:95:2d:23:b1:
e2:bb:71:51:72:db:a9:c1:96:d8:5f:82:28:1d:e6:85:1f:8a:
5a:2e:8e:3c:c3:6c:44:65:85:85:3d:02:4f:1e:98:ef:cd:f6:
f7:30:21:97:a1:d6:ec:a4:7e:38:bf:7f:f4:18:a1:52:02:e9:
8f:a5:98:b5:73:b2:47:c2:67:cb:25:80:75:d6:21:ac:0e:59:
92:f8:f7:ff:d6:93:63:26:a6:d0:7e:69:4c:21:d9:9b:38:15:
8c:c1:6f:f4:2f:27:d2:d6:e8:39:0a:4d:fd:74:1d:88:db:cb:
61:c0:a1:20:1f:a1:d5:fa:ac:f0:6e:e0:a8:b0:f5:03:05:f6:
c6:f0:dc:6b:29:bf:e8:98:b2:e9:cd:2d:74:db:05:0f:47:97:
3c:e7:54:37:40:95:d2:5b:37:0c:37:73:57:3b:20:81:08:c0:
9e:b3:5b:fe:e1:98:09:b5:c9:7d:44:42:5a:25:29:33:65:a0:
40:e5:17:3a:fc:87:82:94:5e:47:c2:0f:c8:f7:33:27:89:f7:
e3:95:29:08:e0:f1:8e:82:8e:da:16:1f:64:fa:06:48:4c:62:
e8:0d:ec:ca
-----BEGIN CERTIFICATE-----
MIIGDDCCBPSgAwIBAgICAjcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU3RjgxMTAvBgNVBAUTKDlGNjRGRTUwOTkyNTM3RkIwQjQwRTUyRjlDRkFDMzEw
Q0EyNzE5MTgwHhcNMjUxMDI3MDE1ODExWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OGZlZDFiMi1mMzBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtApb8qjxP3pcMNbB4rjBG6WPBJ72my39G+kyNLsckA4tKKIart4UNX/zoiRz
TuaUT0qDoJhmqk7VUowdVTAO41UZxDAeK3Y4+Dy7E3Q/LKK/SEH4zDGEu5H3g8if
q4X/uGlfBs6llNlkSD5SmyMvGF0roWJ6dZVCJjeKyPwbD+y2OJ+CJx4IdzO0zJgB
LY4IyBfL9s9cYRdo0P3BAwboCy1PUajg4LkSsMyh3jLYh7z3Mwu8uaeTQn00PlRE
8mofswutSTRswGjQdwJMygIrDymlxeHLR4w5AtK5cNgRSCp9bnCfxiCQDsAq6Nxn
FC7e1ehzwsmuVy2q27LXiiKAMwIDAQABo4IDMDCCAywwHQYDVR0OBBYEFIzjIV2h
DZfgEAVa8jqWu44wKkt0MB8GA1UdIwQYMBaAFJ9k/lCZJTf7C0DlL5z6wxDKJxkY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTdGOC8zNDUwOTQwMEI5
NzUxMUVEODA0MERFMjJDNEY5QUUwMi9uMlQtVUprbE5fc0xRT1V2blByREVNb25H
UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL24yVC1VSmtsTl9zTFFPVXZuUHJERU1vbkdSZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU3RjgvMzQ1MDk0MDBCOTc1MTFFRDgwNDBERTIyQzRGOUFFMDIvQTUwOEQzMjBC
QkM3MTFFRDhERjIzQzQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbkGCCsGAQUFBwEHAQH/
BIGpMIGmMIGjBAIAATCBnAMEAWdyvgMEAWd1pgMEAmd15AMEAmeGFAMEAmfE8AME
AmfRDAMEAHZbswMEAHZbvAMEBHzG4AMEAMoOsQMEAso+8AMEAcpJHgMEAMsOyQME
AcsS8gMEAMsWzgMEAMsXNQMEAcsYlAMEAMscoAMEAMsdWwMEAcsgYgMEAMshZwME
AMs3lgMEAMs4dwMEAMs5/AMEAMtiWgMEAsuo2DANBgkqhkiG9w0BAQsFAAOCAQEA
YYUUTpSAYi1H+FfjEz1/woGvgtG7ASBdJJX3YGyamrqVLSOx4rtxUXLbqcGW2F+C
KB3mhR+KWi6OPMNsRGWFhT0CTx6Y78329zAhl6HW7KR+OL9/9BihUgLpj6WYtXOy
R8JnyyWAddYhrA5Zkvj3/9aTYyam0H5pTCHZmzgVjMFv9C8n0tboOQpN/XQdiNvL
YcChIB+h1fqs8G7gqLD1AwX2xvDcaym/6Jiy6c0tdNsFD0eXPOdUN0CV0ls3DDdz
VzsggQjAnrNb/uGYCbXJfURCWiUpM2WgQOUXOvyHgpReR8IPyPczJ4n345UpCODx
joKO2hYfZPoGSExi6A3syg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 19:22:53 2025 by rpki-client