Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AEA8C/F27B9CDEBB8611E68FF50C57C4F9AE02/2C9502D83C4011EA852C097BC4F9AE02.roa
File: 2C9502D83C4011EA852C097BC4F9AE02.roa (raw, json)
Hash identifier: T9CcmOYBnNKsJ74gzkX91oYJBjZ0iZKwkKctLlhYFiA=
Subject key identifier: 2B:E7:8A:2C:15:C0:7C:B2:30:3A:A3:09:DC:C9:F7:0C:E8:C7:5E:77
Certificate issuer: /CN=A91AEA8C/serialNumber=870B9CD2E41DAB05BD5527C9150E948959716696
Certificate serial: 1D52
Authority key identifier: 87:0B:9C:D2:E4:1D:AB:05:BD:55:27:C9:15:0E:94:89:59:71:66:96
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hwuc0uQdqwW9VSfJFQ6UiVlxZpY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AEA8C/F27B9CDEBB8611E68FF50C57C4F9AE02/2C9502D83C4011EA852C097BC4F9AE02.roa
Signing time: Thu 31 Jul 2025 16:24:28 +0000
ROA not before: Thu 31 Jul 2025 16:24:28 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 133524
IP address blocks: 43.242.134.0/23 maxlen: 23
43.242.134.0/24 maxlen: 24
43.242.135.0/24 maxlen: 24
43.245.44.0/22 maxlen: 22
43.245.44.0/24 maxlen: 24
43.245.45.0/24 maxlen: 24
43.245.46.0/24 maxlen: 24
43.245.47.0/24 maxlen: 24
103.25.76.0/22 maxlen: 22
103.25.76.0/24 maxlen: 24
103.25.77.0/24 maxlen: 24
103.25.78.0/24 maxlen: 24
103.25.79.0/24 maxlen: 24
103.29.90.0/23 maxlen: 23
103.29.90.0/24 maxlen: 24
103.29.91.0/24 maxlen: 24
103.233.204.0/22 maxlen: 22
103.233.204.0/24 maxlen: 24
103.233.205.0/24 maxlen: 24
103.233.206.0/24 maxlen: 24
103.233.207.0/24 maxlen: 24
185.133.212.0/22 maxlen: 22
185.133.212.0/24 maxlen: 24
185.133.213.0/24 maxlen: 24
185.133.214.0/24 maxlen: 24
185.133.215.0/24 maxlen: 24
2407:2a80::/32 maxlen: 32
2407:2a80::/36 maxlen: 36
2407:2a80:a::/48 maxlen: 48
2407:2a80:1000::/36 maxlen: 36
2407:2a80:2000::/36 maxlen: 36
2407:2a80:3000::/36 maxlen: 36
2407:2a80:4000::/36 maxlen: 36
2407:2a80:5000::/36 maxlen: 36
2407:2a80:6000::/36 maxlen: 36
2407:2a80:7000::/36 maxlen: 36
2407:2a80:8000::/36 maxlen: 36
2407:2a80:9000::/36 maxlen: 36
2407:2a80:a000::/36 maxlen: 36
2407:2a80:b000::/36 maxlen: 36
2407:2a80:c000::/36 maxlen: 36
2407:2a80:d000::/36 maxlen: 36
2407:2a80:e000::/36 maxlen: 36
2407:2a80:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91AEA8C/F27B9CDEBB8611E68FF50C57C4F9AE02/hwuc0uQdqwW9VSfJFQ6UiVlxZpY.crl
rsync://rpki.apnic.net/member_repository/A91AEA8C/F27B9CDEBB8611E68FF50C57C4F9AE02/hwuc0uQdqwW9VSfJFQ6UiVlxZpY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hwuc0uQdqwW9VSfJFQ6UiVlxZpY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7506 (0x1d52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AEA8C, serialNumber=870B9CD2E41DAB05BD5527C9150E948959716696
Validity
Not Before: Jul 31 16:24:28 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=688b98bc-1943
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ff:b4:e7:f0:dd:4a:b3:26:5a:96:81:ca:bb:
76:38:e1:0b:e5:d3:bb:5a:77:68:ce:82:f0:66:e5:
f0:1a:9f:93:46:98:65:d3:97:88:df:56:76:27:a8:
62:76:09:92:23:04:dc:e2:2e:d4:c3:39:3e:0f:87:
23:59:1a:67:e3:0e:7b:ba:9b:2b:40:86:1e:7d:56:
b5:26:e4:3e:6b:54:4a:f0:8e:a7:29:37:dd:35:c0:
a3:f7:23:c1:09:cd:f1:9c:ba:b8:f3:cf:1c:2d:a5:
a5:13:62:99:7a:2a:78:7d:ab:87:6d:a8:5a:d0:2f:
05:4f:96:8e:94:71:1a:1d:f5:d9:38:9f:e5:c9:47:
e2:d4:33:c0:60:9b:99:7c:db:10:dc:c4:b3:f7:a7:
d1:1b:ee:0c:61:01:c2:4e:ab:4b:c3:23:e8:e7:0f:
5f:a4:c2:84:8f:bb:c0:6a:e9:3f:7c:61:9a:38:e2:
08:2f:7f:7e:32:33:20:14:57:9f:06:d6:dd:33:49:
ff:e1:6b:12:6a:33:2c:6b:e6:0e:e9:c6:e4:1f:6d:
1f:14:62:6c:27:bf:78:8c:c9:2d:f0:75:68:48:43:
56:04:61:5d:7e:33:b7:0a:ef:49:e7:8c:8a:09:ca:
43:c9:d7:b2:9e:f4:b1:50:b3:5a:4a:b0:4b:79:0b:
50:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:E7:8A:2C:15:C0:7C:B2:30:3A:A3:09:DC:C9:F7:0C:E8:C7:5E:77
X509v3 Authority Key Identifier:
keyid:87:0B:9C:D2:E4:1D:AB:05:BD:55:27:C9:15:0E:94:89:59:71:66:96
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AEA8C/F27B9CDEBB8611E68FF50C57C4F9AE02/hwuc0uQdqwW9VSfJFQ6UiVlxZpY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hwuc0uQdqwW9VSfJFQ6UiVlxZpY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AEA8C/F27B9CDEBB8611E68FF50C57C4F9AE02/2C9502D83C4011EA852C097BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.242.134.0/23
43.245.44.0/22
103.25.76.0/22
103.29.90.0/23
103.233.204.0/22
185.133.212.0/22
IPv6:
2407:2a80::/32
Signature Algorithm: sha256WithRSAEncryption
7f:7c:8d:c7:7e:60:83:31:09:8c:2b:c4:81:8b:59:39:0c:ff:
3d:f3:e9:71:2d:0d:9a:45:95:9f:7c:75:23:58:cc:7a:02:89:
1d:fe:b2:64:11:23:c9:ea:82:c9:48:c4:da:93:b3:4d:fb:8d:
95:93:f7:ad:fd:14:34:f4:34:81:ad:01:a9:37:93:33:6d:6c:
75:8c:b4:3a:f6:78:59:c5:76:4e:b1:71:8e:05:6c:93:f0:6d:
d2:7b:b9:7a:04:e7:b6:2d:06:a5:86:e3:81:37:3c:a0:aa:9c:
f8:85:9e:08:03:99:aa:ca:58:84:80:80:15:bd:44:f7:5f:13:
d5:45:10:a7:c7:b6:c6:5d:6f:a5:13:8c:e7:ae:f7:87:d6:27:
6f:0a:00:43:9c:c5:bf:28:df:c6:2f:07:44:c8:56:d2:f6:7a:
15:98:82:ac:1d:3b:fe:e8:ad:b8:ef:17:06:20:38:fe:12:fc:
0f:e2:47:a1:19:4d:03:7c:cd:df:cd:da:b6:8a:c5:1a:ee:76:
7d:29:8b:8e:ee:de:f9:f7:1f:ac:42:9a:6a:ca:d7:17:4b:22:
c7:99:90:9d:d7:c0:49:c4:93:02:eb:a0:51:24:d5:76:c0:ca:
54:12:9f:db:a3:f4:9c:03:8d:09:c4:31:1c:02:45:07:9c:ed:
4c:e6:da:9e
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICHVIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUVBOEMxMTAvBgNVBAUTKDg3MEI5Q0QyRTQxREFCMDVCRDU1MjdDOTE1MEU5NDg5
NTk3MTY2OTYwHhcNMjUwNzMxMTYyNDI4WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODhiOThiYy0xOTQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyP+05/DdSrMmWpaByrt2OOEL5dO7WndozoLwZuXwGp+TRphl05eI31Z2J6hi
dgmSIwTc4i7Uwzk+D4cjWRpn4w57upsrQIYefVa1JuQ+a1RK8I6nKTfdNcCj9yPB
Cc3xnLq4888cLaWlE2KZeip4fauHbaha0C8FT5aOlHEaHfXZOJ/lyUfi1DPAYJuZ
fNsQ3MSz96fRG+4MYQHCTqtLwyPo5w9fpMKEj7vAauk/fGGaOOIIL39+MjMgFFef
BtbdM0n/4WsSajMsa+YO6cbkH20fFGJsJ794jMkt8HVoSENWBGFdfjO3Cu9J54yK
CcpDydeynvSxULNaSrBLeQtQRwIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFCvniiwV
wHyyMDqjCdzJ9wzox153MB8GA1UdIwQYMBaAFIcLnNLkHasFvVUnyRUOlIlZcWaW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRUE4Qy9GMjdCOUNERUJC
ODYxMUU2OEZGNTBDNTdDNEY5QUUwMi9od3VjMHVRZHF3VzlWU2ZKRlE2VWlWbHha
cFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h3dWMwdVFkcXdXOVZTZkpGUTZVaVZseFpwWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUVBOEMvRjI3QjlDREVCQjg2MTFFNjhGRjUwQzU3QzRGOUFFMDIvMkM5NTAyRDgz
QzQwMTFFQTg1MkMwOTdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E
PTA7MCoEAgABMCQDBAEr8oYDBAIr9SwDBAJnGUwDBAFnHVoDBAJn6cwDBAK5hdQw
DQQCAAIwBwMFACQHKoAwDQYJKoZIhvcNAQELBQADggEBAH98jcd+YIMxCYwrxIGL
WTkM/z3z6XEtDZpFlZ98dSNYzHoCiR3+smQRI8nqgslIxNqTs037jZWT9639FDT0
NIGtAak3kzNtbHWMtDr2eFnFdk6xcY4FbJPwbdJ7uXoE57YtBqWG44E3PKCqnPiF
nggDmarKWISAgBW9RPdfE9VFEKfHtsZdb6UTjOeu94fWJ28KAEOcxb8o38YvB0TI
VtL2ehWYgqwdO/7orbjvFwYgOP4S/A/iR6EZTQN8zd/N2raKxRrudn0pi47u3vn3
H6xCmmrK1xdLIseZkJ3XwEnEkwLroFEk1XbAylQSn9uj9JwDjQnEMRwCRQec7Uzm
2p4=
-----END CERTIFICATE-----
Generated at Sun Aug 10 15:58:41 2025 by rpki-client