Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/7BC4E6DE322C11EFBC879F31C4F9AE02.roa
File: 7BC4E6DE322C11EFBC879F31C4F9AE02.roa (raw, json)
Hash identifier: 4whCD3BefA16gco8GRXsiAdGqv5E31DbZxV0ybOWul8=
Subject key identifier: 5C:97:EB:B1:AE:7B:00:8F:44:A0:C6:1D:88:7B:81:20:00:ED:32:CB
Certificate issuer: /CN=A91B1185/serialNumber=FE3CD37CEC0E382307B4F9D5FFD57E97F121F053
Certificate serial: 1690
Authority key identifier: FE:3C:D3:7C:EC:0E:38:23:07:B4:F9:D5:FF:D5:7E:97:F1:21:F0:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_jzTfOwOOCMHtPnV_9V-l_Eh8FM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/7BC4E6DE322C11EFBC879F31C4F9AE02.roa
Signing time: Sun 10 Aug 2025 15:48:16 +0000
ROA not before: Sun 10 Aug 2025 15:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24435
IP address blocks: 27.0.184.0/22 maxlen: 22
103.27.22.0/24 maxlen: 24
175.111.0.0/23 maxlen: 24
175.111.3.0/24 maxlen: 24
175.111.4.0/23 maxlen: 24
203.130.0.0/20 maxlen: 20
203.130.0.0/24 maxlen: 24
203.130.1.0/24 maxlen: 24
203.130.2.0/24 maxlen: 24
203.130.3.0/24 maxlen: 24
203.130.4.0/24 maxlen: 24
203.130.5.0/24 maxlen: 24
203.130.6.0/24 maxlen: 24
203.130.7.0/24 maxlen: 24
203.130.8.0/24 maxlen: 24
203.130.9.0/24 maxlen: 24
203.130.10.0/24 maxlen: 24
203.130.11.0/24 maxlen: 24
203.130.12.0/24 maxlen: 24
203.130.13.0/24 maxlen: 24
203.130.14.0/24 maxlen: 24
203.130.15.0/24 maxlen: 24
203.130.16.0/24 maxlen: 24
203.130.17.0/24 maxlen: 24
203.130.18.0/24 maxlen: 24
203.130.19.0/24 maxlen: 24
203.130.20.0/24 maxlen: 24
203.130.21.0/24 maxlen: 24
203.130.22.0/24 maxlen: 24
203.130.23.0/24 maxlen: 24
203.130.24.0/24 maxlen: 24
203.130.25.0/24 maxlen: 24
203.130.26.0/23 maxlen: 24
203.130.28.0/22 maxlen: 22
203.130.28.0/24 maxlen: 24
203.130.29.0/24 maxlen: 24
203.130.30.0/24 maxlen: 24
203.130.31.0/24 maxlen: 24
2001:fe8::/48 maxlen: 48
2001:fe8:1::/48 maxlen: 48
2001:fe8:2::/48 maxlen: 48
2001:fe8:3::/48 maxlen: 48
2001:fe8:9::/48 maxlen: 48
2001:fe8:10::/48 maxlen: 48
2001:fe8:11::/48 maxlen: 48
2001:fe8:48::/48 maxlen: 48
2001:fe8:4000::/48 maxlen: 48
2001:fe8:4001::/48 maxlen: 48
2001:fe8:4002::/48 maxlen: 48
2001:fe8:4003::/48 maxlen: 48
2001:fe8:4100::/48 maxlen: 48
2001:fe8:4101::/48 maxlen: 48
2001:fe8:8100::/48 maxlen: 48
2001:fe8:8101::/48 maxlen: 48
2001:fe8:8110::/48 maxlen: 48
2001:fe8:8111::/48 maxlen: 48
2001:fe8:8130::/48 maxlen: 48
2001:fe8:8131::/48 maxlen: 48
2001:fe8:9000::/48 maxlen: 48
2001:fe8:c001::/48 maxlen: 48
2001:fe8:c002::/48 maxlen: 48
2001:fe8:c100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/_jzTfOwOOCMHtPnV_9V-l_Eh8FM.crl
rsync://rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/_jzTfOwOOCMHtPnV_9V-l_Eh8FM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_jzTfOwOOCMHtPnV_9V-l_Eh8FM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5776 (0x1690)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B1185, serialNumber=FE3CD37CEC0E382307B4F9D5FFD57E97F121F053
Validity
Not Before: Aug 10 15:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6898bf40-2443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:9c:ae:ca:cc:3c:98:01:82:2f:d8:d3:96:75:
9f:a9:f7:60:be:10:17:6d:11:e6:64:80:57:41:89:
5c:cb:16:17:19:29:33:38:4c:08:e2:48:27:6a:86:
ff:66:aa:82:bb:c3:d0:9f:74:6e:bf:d8:c0:e0:3f:
98:83:42:4d:ac:28:b9:3d:1a:57:e4:29:93:27:a5:
b5:bf:49:a0:50:2d:ee:55:c0:55:4a:61:4d:22:69:
74:7e:36:d1:50:ae:2a:7b:dc:2b:87:4d:72:d5:93:
a8:84:9c:fb:f3:4f:e9:c0:10:c3:a3:b4:e0:70:76:
d1:af:7a:19:6f:5a:6e:d9:86:ec:b3:15:da:b5:9c:
3f:c8:2e:5f:bb:fe:3c:5b:f5:9f:1e:b1:4d:a0:da:
7c:fd:8d:e0:7b:be:9c:ce:f2:cb:3c:91:42:49:32:
d1:ac:c1:a3:3c:6d:96:ce:c6:78:9c:68:cc:b8:86:
d2:cb:13:bf:d7:b0:7a:96:cc:4e:61:ec:d9:22:4a:
03:93:40:25:14:c7:d3:9a:66:01:7b:48:cf:c3:e4:
bb:59:23:03:7b:43:0e:36:1e:d3:64:b0:3b:a8:3c:
34:71:cb:ac:03:df:81:00:93:e4:63:be:f8:05:a4:
00:70:04:20:a0:05:6d:4e:ae:31:2c:58:23:e8:03:
c2:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:97:EB:B1:AE:7B:00:8F:44:A0:C6:1D:88:7B:81:20:00:ED:32:CB
X509v3 Authority Key Identifier:
keyid:FE:3C:D3:7C:EC:0E:38:23:07:B4:F9:D5:FF:D5:7E:97:F1:21:F0:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/_jzTfOwOOCMHtPnV_9V-l_Eh8FM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_jzTfOwOOCMHtPnV_9V-l_Eh8FM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/7BC4E6DE322C11EFBC879F31C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.0.184.0/22
103.27.22.0/24
175.111.0.0/23
175.111.3.0-175.111.5.255
203.130.0.0/19
IPv6:
2001:fe8::/46
2001:fe8:9::/48
2001:fe8:10::/47
2001:fe8:48::/48
2001:fe8:4000::/46
2001:fe8:4100::/47
2001:fe8:8100::/47
2001:fe8:8110::/47
2001:fe8:8130::/47
2001:fe8:9000::/48
2001:fe8:c001::-2001:fe8:c002:ffff:ffff:ffff:ffff:ffff
2001:fe8:c100::/48
Signature Algorithm: sha256WithRSAEncryption
af:91:97:82:fb:91:17:40:5a:eb:83:5a:1b:96:93:d2:46:d5:
2a:a1:d3:34:e8:4c:04:e4:7b:7b:b6:1f:f4:1c:4e:dc:e4:ce:
16:8b:ed:5d:3b:5e:c9:de:ef:d9:67:fe:ca:25:74:e2:cc:39:
4d:a5:52:36:e3:5f:0c:d2:40:7f:d9:77:79:bf:9d:00:96:e6:
4d:ae:ee:af:b3:04:dd:00:63:75:d8:3b:f8:2c:90:9e:ba:fb:
49:c9:35:2e:e9:9d:50:b5:30:89:ec:29:28:17:70:81:86:7c:
b4:ed:ac:79:56:cd:6b:49:65:f9:84:61:24:cd:49:a0:cc:ef:
a7:15:dd:60:f9:da:b4:19:04:88:bf:63:96:fc:96:bc:3a:8b:
e6:f1:96:12:6c:83:3d:bb:a0:35:1c:ec:d8:6e:c8:a5:55:59:
eb:19:37:b1:9a:2b:38:19:4c:32:2c:3b:a5:1c:0a:cb:b6:2b:
84:67:86:d4:62:59:f3:ac:bf:09:e9:9a:ed:83:db:93:82:03:
0e:74:8f:9a:e6:2e:99:36:58:1b:a4:a3:dc:ca:4d:ce:72:93:
de:d2:9a:d9:65:30:b3:e3:4d:33:03:7b:b8:39:5f:db:4d:6e:
ff:01:f7:dd:e2:1d:44:5f:5e:6e:4a:8d:08:c4:9c:d5:39:36:
64:5d:ba:21
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgICFpAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjExODUxMTAvBgNVBAUTKEZFM0NEMzdDRUMwRTM4MjMwN0I0RjlENUZGRDU3RTk3
RjEyMUYwNTMwHhcNMjUwODEwMTU0ODE2WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODk4YmY0MC0yNDQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3Jyuysw8mAGCL9jTlnWfqfdgvhAXbRHmZIBXQYlcyxYXGSkzOEwI4kgnaob/
ZqqCu8PQn3Ruv9jA4D+Yg0JNrCi5PRpX5CmTJ6W1v0mgUC3uVcBVSmFNIml0fjbR
UK4qe9wrh01y1ZOohJz780/pwBDDo7TgcHbRr3oZb1pu2YbssxXatZw/yC5fu/48
W/WfHrFNoNp8/Y3ge76czvLLPJFCSTLRrMGjPG2WzsZ4nGjMuIbSyxO/17B6lsxO
YezZIkoDk0AlFMfTmmYBe0jPw+S7WSMDe0MONh7TZLA7qDw0ccusA9+BAJPkY774
BaQAcAQgoAVtTq4xLFgj6APCqwIDAQABo4IDNzCCAzMwHQYDVR0OBBYEFFyX67Gu
ewCPRKDGHYh7gSAA7TLLMB8GA1UdIwQYMBaAFP4803zsDjgjB7T51f/VfpfxIfBT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMTE4NS8zRUE5REQzQTE2
MjMxMUU4OTJDNEE5NDBDNEY5QUUwMi9fanpUZk93T09DTUh0UG5WXzlWLWxfRWg4
Rk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19qelRmT3dPT0NNSHRQblZfOVYtbF9FaDhGTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjExODUvM0VBOUREM0ExNjIzMTFFODkyQzRBOTQwQzRGOUFFMDIvN0JDNEU2REUz
MjJDMTFFRkJDODc5RjMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgcAGCCsGAQUFBwEHAQH/
BIGwMIGtMCwEAgABMCYDBAIbALgDBABnGxYDBAGvbwAwDAMEAK9vAwMEAa9vBAME
BcuCADB9BAIAAjB3AwcCIAEP6AAAAwcAIAEP6AAJAwcBIAEP6AAQAwcAIAEP6ABI
AwcCIAEP6EAAAwcBIAEP6EEAAwcBIAEP6IEAAwcBIAEP6IEQAwcBIAEP6IEwAwcA
IAEP6JAAMBIDBwAgAQ/owAEDBwAgAQ/owAIDBwAgAQ/owQAwDQYJKoZIhvcNAQEL
BQADggEBAK+Rl4L7kRdAWuuDWhuWk9JG1Sqh0zToTATke3u2H/QcTtzkzhaL7V07
Xsne79ln/soldOLMOU2lUjbjXwzSQH/Zd3m/nQCW5k2u7q+zBN0AY3XYO/gskJ66
+0nJNS7pnVC1MInsKSgXcIGGfLTtrHlWzWtJZfmEYSTNSaDM76cV3WD52rQZBIi/
Y5b8lrw6i+bxlhJsgz27oDUc7NhuyKVVWesZN7GaKzgZTDIsO6UcCsu2K4RnhtRi
WfOsvwnpmu2D25OCAw50j5rmLpk2WBuko9zKTc5yk97SmtllMLPjTTMDe7g5X9tN
bv8B993iHURfXm5KjQjEnNU5NmRduiE=
-----END CERTIFICATE-----
Generated at Mon Aug 11 04:27:42 2025 by rpki-client