Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/E9472C0C144111EFB247B936C4F9AE02.roa
File: E9472C0C144111EFB247B936C4F9AE02.roa (raw, json)
Hash identifier: UizZ15Cr22SOL0UhK5WwB13ZM4GQbii/2cGEEaMhR7Y=
Subject key identifier: E2:BC:3D:5B:77:18:86:B5:50:16:7C:B7:87:C7:F8:EA:16:55:F9:EC
Certificate issuer: /CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638
Certificate serial: 0335
Authority key identifier: 2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/E9472C0C144111EFB247B936C4F9AE02.roa
Signing time: Wed 06 Aug 2025 14:53:06 +0000
ROA not before: Wed 06 Aug 2025 14:53:06 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 203020
IP address blocks: 45.125.245.0/24 maxlen: 24
103.3.224.0/22 maxlen: 22
103.66.178.0/23 maxlen: 23
103.77.102.0/24 maxlen: 24
103.77.103.0/24 maxlen: 24
103.77.255.0/24 maxlen: 24
103.84.254.0/23 maxlen: 23
103.85.228.0/22 maxlen: 22
103.102.246.0/23 maxlen: 23
103.104.92.0/22 maxlen: 22
103.104.128.0/23 maxlen: 24
103.110.104.0/22 maxlen: 22
103.117.92.0/22 maxlen: 22
103.117.214.0/23 maxlen: 23
103.120.6.0/24 maxlen: 24
103.138.124.0/24 maxlen: 24
103.139.178.0/24 maxlen: 24
103.141.60.0/24 maxlen: 24
103.142.70.0/23 maxlen: 23
103.148.214.0/23 maxlen: 23
103.149.97.0/24 maxlen: 24
103.151.58.0/23 maxlen: 23
103.221.232.0/24 maxlen: 24
103.221.234.0/24 maxlen: 24
103.221.235.0/24 maxlen: 24
103.228.132.0/24 maxlen: 24
103.241.52.0/22 maxlen: 22
103.252.108.0/24 maxlen: 24
103.252.111.0/24 maxlen: 24
150.107.224.0/23 maxlen: 23
150.107.227.0/24 maxlen: 24
202.94.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl
rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 821 (0x335)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B6587, serialNumber=2D634077CC847B59D4048D43E04B3309698FE638
Validity
Not Before: Aug 6 14:53:06 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=68936c51-5626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:a0:5a:d7:a3:a9:47:c1:8b:83:06:fd:e8:8a:
6c:a9:29:81:cd:7a:2c:33:9d:b2:23:ee:50:26:4a:
b4:e4:e9:f0:06:a4:17:80:ff:5b:a6:eb:cb:76:ed:
9d:49:ba:72:8f:16:45:31:f3:96:60:b6:94:18:8c:
e3:08:e5:46:24:11:be:30:1a:02:94:e4:52:52:62:
da:98:c4:32:e8:3a:ca:53:07:ec:c0:8f:9b:70:19:
da:4d:10:db:cb:c9:56:e0:34:73:2e:4e:15:eb:8a:
e2:0f:be:52:9f:36:84:f1:29:e3:19:99:1e:56:73:
c8:79:e8:41:05:53:ef:a0:cd:c2:a4:43:15:c0:a1:
69:d9:b2:95:1d:77:f4:b1:2e:a1:21:ab:cb:93:cc:
07:6b:e7:60:b8:27:0c:2b:81:73:d0:e4:da:47:1a:
45:88:17:33:54:9e:a5:17:bd:63:a4:83:79:ed:94:
96:30:cd:dd:1b:bb:fe:cf:31:e4:8f:dc:f9:5c:20:
8b:1e:f1:8b:4f:c4:7f:32:73:2d:3b:43:5c:56:3e:
89:65:de:0d:0c:3b:f6:80:79:71:56:bd:c0:3d:9c:
c9:50:61:6d:f5:44:43:2e:e4:9f:71:27:6d:c0:17:
94:9a:41:f6:e4:58:56:ab:4d:5e:97:48:8a:30:98:
e1:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:BC:3D:5B:77:18:86:B5:50:16:7C:B7:87:C7:F8:EA:16:55:F9:EC
X509v3 Authority Key Identifier:
keyid:2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/E9472C0C144111EFB247B936C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.125.245.0/24
103.3.224.0/22
103.66.178.0/23
103.77.102.0/23
103.77.255.0/24
103.84.254.0/23
103.85.228.0/22
103.102.246.0/23
103.104.92.0/22
103.104.128.0/23
103.110.104.0/22
103.117.92.0/22
103.117.214.0/23
103.120.6.0/24
103.138.124.0/24
103.139.178.0/24
103.141.60.0/24
103.142.70.0/23
103.148.214.0/23
103.149.97.0/24
103.151.58.0/23
103.221.232.0/24
103.221.234.0/23
103.228.132.0/24
103.241.52.0/22
103.252.108.0/24
103.252.111.0/24
150.107.224.0/23
150.107.227.0/24
202.94.174.0/24
Signature Algorithm: sha256WithRSAEncryption
21:26:02:ce:eb:e3:e9:5a:3a:79:5c:69:fd:2f:db:9a:3e:0b:
ef:ed:9f:73:13:6e:10:d2:9c:c6:5d:87:c7:a7:47:f4:7e:40:
56:cf:89:e8:4e:ef:6a:17:0f:5c:ea:58:24:19:3e:76:5c:4e:
10:2d:39:45:8b:58:2b:49:de:65:06:58:39:c0:55:89:06:8d:
82:dc:3f:f6:91:ac:2a:9c:4f:6a:51:e3:a7:9a:90:ba:8b:51:
06:36:38:08:ed:ed:9e:24:df:4a:65:9d:27:6f:fe:2d:9f:bb:
6c:a1:fe:49:82:1f:26:70:2d:61:54:49:ef:70:60:32:c6:27:
5e:3a:95:62:f8:42:14:7c:e7:7e:f6:f0:ab:3f:9f:7a:e7:f5:
4b:93:d5:e5:3e:88:68:a2:4a:26:b5:00:7f:6f:b3:01:e5:68:
64:47:24:83:69:51:1b:4c:69:e2:19:24:df:4b:cb:3c:8c:d9:
11:68:70:9f:26:f2:11:d9:b9:50:dc:3b:cf:b7:81:e9:e1:e6:
c9:ca:dc:b4:32:2a:89:54:9b:7a:9c:b0:9a:75:c8:f4:23:bf:
78:c0:78:64:cc:71:18:7a:bf:6f:7e:8b:25:c8:ff:51:a5:e4:
ac:6d:3c:d5:4f:98:fa:62:5f:33:73:b7:02:60:ce:bb:8b:86:
b6:2e:63:da
-----BEGIN CERTIFICATE-----
MIIGJDCCBQygAwIBAgICAzUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjY1ODcxMTAvBgNVBAUTKDJENjM0MDc3Q0M4NDdCNTlENDA0OEQ0M0UwNEIzMzA5
Njk4RkU2MzgwHhcNMjUwODA2MTQ1MzA2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODkzNmM1MS01NjI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA16Ba16OpR8GLgwb96IpsqSmBzXosM52yI+5QJkq05OnwBqQXgP9bpuvLdu2d
SbpyjxZFMfOWYLaUGIzjCOVGJBG+MBoClORSUmLamMQy6DrKUwfswI+bcBnaTRDb
y8lW4DRzLk4V64riD75SnzaE8SnjGZkeVnPIeehBBVPvoM3CpEMVwKFp2bKVHXf0
sS6hIavLk8wHa+dguCcMK4Fz0OTaRxpFiBczVJ6lF71jpIN57ZSWMM3dG7v+zzHk
j9z5XCCLHvGLT8R/MnMtO0NcVj6JZd4NDDv2gHlxVr3APZzJUGFt9URDLuSfcSdt
wBeUmkH25FhWq01el0iKMJjhPQIDAQABo4IDSDCCA0QwHQYDVR0OBBYEFOK8PVt3
GIa1UBZ8t4fH+OoWVfnsMB8GA1UdIwQYMBaAFC1jQHfMhHtZ1ASNQ+BLMwlpj+Y4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjU4Ny80MTdENzFCNDkx
ODYxMUVEQTg0QTEyNERDNEY5QUUwMi9MV05BZDh5RWUxblVCSTFENEVzekNXbVA1
amcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xXTkFkOHlFZTFuVUJJMUQ0RXN6Q1dtUDVqZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjY1ODcvNDE3RDcxQjQ5MTg2MTFFREE4NEExMjREQzRGOUFFMDIvRTk0NzJDMEMx
NDQxMTFFRkIyNDdCOTM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgdEGCCsGAQUFBwEHAQH/
BIHBMIG+MIG7BAIAATCBtAMEAC199QMEAmcD4AMEAWdCsgMEAWdNZgMEAGdN/wME
AWdU/gMEAmdV5AMEAWdm9gMEAmdoXAMEAWdogAMEAmduaAMEAmd1XAMEAWd11gME
AGd4BgMEAGeKfAMEAGeLsgMEAGeNPAMEAWeORgMEAWeU1gMEAGeVYQMEAWeXOgME
AGfd6AMEAWfd6gMEAGfkhAMEAmfxNAMEAGf8bAMEAGf8bwMEAZZr4AMEAJZr4wME
AMperjANBgkqhkiG9w0BAQsFAAOCAQEAISYCzuvj6Vo6eVxp/S/bmj4L7+2fcxNu
ENKcxl2Hx6dH9H5AVs+J6E7vahcPXOpYJBk+dlxOEC05RYtYK0neZQZYOcBViQaN
gtw/9pGsKpxPalHjp5qQuotRBjY4CO3tniTfSmWdJ2/+LZ+7bKH+SYIfJnAtYVRJ
73BgMsYnXjqVYvhCFHznfvbwqz+feuf1S5PV5T6IaKJKJrUAf2+zAeVoZEckg2lR
G0xp4hkk30vLPIzZEWhwnybyEdm5UNw7z7eB6eHmycrctDIqiVSbepywmnXI9CO/
eMB4ZMxxGHq/b36LJcj/UaXkrG081U+Y+mJfM3O3AmDOu4uGti5j2g==
-----END CERTIFICATE-----
Generated at Sun Aug 10 13:53:40 2025 by rpki-client