
Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/A508D320BBC711ED8DF23C40C4F9AE02.roa
File: A508D320BBC711ED8DF23C40C4F9AE02.roa (raw, json)
Hash identifier: dWDbCVpbD2Fv8B28JP0RFzPPUhHwh3HRs+s/QVcOin8=
Subject key identifier: A0:42:C2:85:06:93:D9:5D:38:FB:01:8F:66:4A:CF:12:56:7E:26:5C
Certificate issuer: /CN=A91A57F8/serialNumber=9F64FE50992537FB0B40E52F9CFAC310CA271918
Certificate serial: 0205
Authority key identifier: 9F:64:FE:50:99:25:37:FB:0B:40:E5:2F:9C:FA:C3:10:CA:27:19:18
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n2T-UJklN_sLQOUvnPrDEMonGRg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/A508D320BBC711ED8DF23C40C4F9AE02.roa
Signing time: Thu 31 Jul 2025 23:46:29 +0000
ROA not before: Thu 31 Jul 2025 23:46:29 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 136000
IP address blocks: 103.117.166.0/23 maxlen: 23
103.117.228.0/22 maxlen: 22
103.134.20.0/22 maxlen: 22
103.196.240.0/22 maxlen: 22
103.209.12.0/22 maxlen: 22
118.91.179.0/24 maxlen: 24
118.91.188.0/24 maxlen: 24
202.14.177.0/24 maxlen: 24
202.62.240.0/22 maxlen: 22
202.73.30.0/23 maxlen: 23
203.14.201.0/24 maxlen: 24
203.18.242.0/23 maxlen: 23
203.22.206.0/24 maxlen: 24
203.23.53.0/24 maxlen: 24
203.24.148.0/23 maxlen: 23
203.28.160.0/24 maxlen: 24
203.29.91.0/24 maxlen: 24
203.32.98.0/23 maxlen: 23
203.33.103.0/24 maxlen: 24
203.55.150.0/24 maxlen: 24
203.56.119.0/24 maxlen: 24
203.57.252.0/24 maxlen: 24
203.98.90.0/24 maxlen: 24
203.168.216.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/n2T-UJklN_sLQOUvnPrDEMonGRg.crl
rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/n2T-UJklN_sLQOUvnPrDEMonGRg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n2T-UJklN_sLQOUvnPrDEMonGRg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 517 (0x205)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A57F8, serialNumber=9F64FE50992537FB0B40E52F9CFAC310CA271918
Validity
Not Before: Jul 31 23:46:29 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=688c0055-dfcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:28:5d:df:ef:7c:1d:8c:f7:8b:19:89:ba:0a:
3d:64:62:4f:d1:0d:34:e9:7f:89:41:7a:ec:1e:0d:
26:41:04:bf:02:b0:01:ac:f2:37:f1:a3:85:25:4c:
83:e7:12:45:29:83:dc:85:b8:fa:64:15:9b:ac:0b:
8d:f9:8f:6b:8f:cc:90:82:a8:e8:aa:95:d2:1a:3a:
0d:47:b6:59:0e:70:d1:e7:3a:0b:4b:15:8a:63:13:
22:c3:c1:f1:36:02:e8:c8:a2:e0:8b:e3:a3:ac:07:
0a:c7:a4:e2:87:bf:f4:6d:8f:45:60:31:18:c4:4e:
9b:c5:61:8a:ba:b6:28:55:e5:c6:a7:98:c8:07:29:
47:f7:cd:5c:1b:1f:e5:63:b9:19:fb:b3:27:20:91:
a6:77:d5:3a:09:49:21:50:5e:32:9a:d0:41:6c:78:
3b:43:36:5d:94:cf:35:3a:95:9f:32:a3:d4:4d:75:
5d:92:5b:72:27:bf:5b:77:72:86:59:e1:a1:17:4f:
b3:6b:8a:a7:5e:97:8e:a7:34:73:4e:0b:6a:ee:d6:
d9:fd:1f:a3:8e:c7:c1:6f:5c:58:23:a9:d3:73:de:
d0:0c:f1:5f:13:f6:25:f7:0c:0c:d7:f6:0e:51:49:
02:a1:0e:0e:eb:58:d5:18:fe:b8:d2:8f:91:7c:69:
38:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:42:C2:85:06:93:D9:5D:38:FB:01:8F:66:4A:CF:12:56:7E:26:5C
X509v3 Authority Key Identifier:
keyid:9F:64:FE:50:99:25:37:FB:0B:40:E5:2F:9C:FA:C3:10:CA:27:19:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/n2T-UJklN_sLQOUvnPrDEMonGRg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n2T-UJklN_sLQOUvnPrDEMonGRg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/A508D320BBC711ED8DF23C40C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.117.166.0/23
103.117.228.0/22
103.134.20.0/22
103.196.240.0/22
103.209.12.0/22
118.91.179.0/24
118.91.188.0/24
202.14.177.0/24
202.62.240.0/22
202.73.30.0/23
203.14.201.0/24
203.18.242.0/23
203.22.206.0/24
203.23.53.0/24
203.24.148.0/23
203.28.160.0/24
203.29.91.0/24
203.32.98.0/23
203.33.103.0/24
203.55.150.0/24
203.56.119.0/24
203.57.252.0/24
203.98.90.0/24
203.168.216.0/22
Signature Algorithm: sha256WithRSAEncryption
12:ef:1c:b4:5a:8e:e4:34:1c:0e:62:3f:d0:ad:15:ae:b4:fb:
89:af:33:00:41:d4:14:df:fc:3c:03:6f:cf:c2:32:a3:d5:96:
02:eb:b7:78:40:9b:ca:92:91:0b:17:f8:cc:d0:99:44:cc:a2:
f5:6a:da:f1:4b:8d:0e:ea:df:10:98:28:55:39:0a:16:cb:65:
b4:50:b0:cb:8a:02:f4:66:9d:97:7f:90:66:24:fa:ea:aa:6b:
15:f1:4f:cb:3d:67:1d:16:a3:4d:72:5d:2c:94:d9:0b:ca:99:
fc:c1:44:97:1e:fe:6a:7a:91:1d:88:e4:98:fe:73:d5:c7:08:
f1:5f:d0:a1:98:2f:d3:28:0f:df:ec:31:2a:42:c1:80:eb:4f:
50:95:e5:3e:e0:1d:c6:d2:b5:3a:60:9a:31:44:8c:4f:62:ca:
03:c6:4d:6a:7b:fa:4f:f1:02:c1:8d:fa:ff:40:1c:f9:64:c1:
91:d3:5d:45:d8:86:a8:40:6b:5e:ee:b3:fe:c3:06:cf:91:f1:
52:94:47:6f:dc:a0:e8:a7:a4:c5:68:32:d7:2b:7a:5d:a3:53:
e8:13:43:5f:a8:76:b4:fc:51:93:d4:83:c0:36:50:f7:8c:0c:
6d:14:bf:fa:2c:48:1c:53:93:78:1d:65:a7:9b:cd:4d:7f:e2:
e9:6e:5d:fb
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgICAgUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU3RjgxMTAvBgNVBAUTKDlGNjRGRTUwOTkyNTM3RkIwQjQwRTUyRjlDRkFDMzEw
Q0EyNzE5MTgwHhcNMjUwNzMxMjM0NjI5WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02ODhjMDA1NS1kZmNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8Shd3+98HYz3ixmJugo9ZGJP0Q006X+JQXrsHg0mQQS/ArABrPI38aOFJUyD
5xJFKYPchbj6ZBWbrAuN+Y9rj8yQgqjoqpXSGjoNR7ZZDnDR5zoLSxWKYxMiw8Hx
NgLoyKLgi+OjrAcKx6Tih7/0bY9FYDEYxE6bxWGKurYoVeXGp5jIBylH981cGx/l
Y7kZ+7MnIJGmd9U6CUkhUF4ymtBBbHg7QzZdlM81OpWfMqPUTXVdkltyJ79bd3KG
WeGhF0+za4qnXpeOpzRzTgtq7tbZ/R+jjsfBb1xYI6nTc97QDPFfE/Yl9wwM1/YO
UUkCoQ4O61jVGP640o+RfGk4NwIDAQABo4IDJDCCAyAwHQYDVR0OBBYEFKBCwoUG
k9ldOPsBj2ZKzxJWfiZcMB8GA1UdIwQYMBaAFJ9k/lCZJTf7C0DlL5z6wxDKJxkY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTdGOC8zNDUwOTQwMEI5
NzUxMUVEODA0MERFMjJDNEY5QUUwMi9uMlQtVUprbE5fc0xRT1V2blByREVNb25H
UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL24yVC1VSmtsTl9zTFFPVXZuUHJERU1vbkdSZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU3RjgvMzQ1MDk0MDBCOTc1MTFFRDgwNDBERTIyQzRGOUFFMDIvQTUwOEQzMjBC
QkM3MTFFRDhERjIzQzQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwga0GCCsGAQUFBwEHAQH/
BIGdMIGaMIGXBAIAATCBkAMEAWd1pgMEAmd15AMEAmeGFAMEAmfE8AMEAmfRDAME
AHZbswMEAHZbvAMEAMoOsQMEAso+8AMEAcpJHgMEAMsOyQMEAcsS8gMEAMsWzgME
AMsXNQMEAcsYlAMEAMscoAMEAMsdWwMEAcsgYgMEAMshZwMEAMs3lgMEAMs4dwME
AMs5/AMEAMtiWgMEAsuo2DANBgkqhkiG9w0BAQsFAAOCAQEAEu8ctFqO5DQcDmI/
0K0VrrT7ia8zAEHUFN/8PANvz8Iyo9WWAuu3eECbypKRCxf4zNCZRMyi9Wra8UuN
DurfEJgoVTkKFstltFCwy4oC9Gadl3+QZiT66qprFfFPyz1nHRajTXJdLJTZC8qZ
/MFElx7+anqRHYjkmP5z1ccI8V/QoZgv0ygP3+wxKkLBgOtPUJXlPuAdxtK1OmCa
MUSMT2LKA8ZNanv6T/ECwY36/0Ac+WTBkdNdRdiGqEBrXu6z/sMGz5HxUpRHb9yg
6KekxWgy1yt6XaNT6BNDX6h2tPxRk9SDwDZQ94wMbRS/+ixIHFOTeB1lp5vNTX/i
6W5d+w==
-----END CERTIFICATE-----
Generated at Mon Aug 11 07:49:19 2025 by rpki-client