Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/B2AB6010721811F09FD98A22C4F9AE02.roa
File: B2AB6010721811F09FD98A22C4F9AE02.roa (raw, json)
Hash identifier: wIEPKrCJxeZRSiZdLH1odZTLGWweMxawrTUKzvXI4fM=
Subject key identifier: D0:1D:61:95:71:1D:AE:47:49:98:2A:98:BB:36:42:78:38:F6:A3:D0
Certificate issuer: /CN=A91C2CC7/serialNumber=77486B610D333AEBDA8F255C501411B01F18FF49
Certificate serial: 0FF9
Authority key identifier: 77:48:6B:61:0D:33:3A:EB:DA:8F:25:5C:50:14:11:B0:1F:18:FF:49
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/B2AB6010721811F09FD98A22C4F9AE02.roa
Signing time: Tue 05 Aug 2025 16:24:45 +0000
ROA not before: Tue 05 Aug 2025 16:24:45 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 3360
IP address blocks: 103.30.186.0/23 maxlen: 23
202.53.197.0/24 maxlen: 24
202.53.204.0/23 maxlen: 23
202.53.206.0/23 maxlen: 23
2401:df00:1::/48 maxlen: 48
2401:df00:2::/48 maxlen: 48
2401:df00:11::/48 maxlen: 48
2401:df00:12::/48 maxlen: 48
2401:df00:21::/48 maxlen: 48
2401:df00:22::/48 maxlen: 48
2401:df00:31::/48 maxlen: 48
2401:df00:32::/48 maxlen: 48
2401:df00:41::/48 maxlen: 48
2401:df00:42::/48 maxlen: 48
2401:df00:51::/48 maxlen: 48
2401:df00:52::/48 maxlen: 48
2401:df00:61::/48 maxlen: 48
2401:df00:62::/48 maxlen: 48
2401:df00:181::/48 maxlen: 48
2401:df00:182::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.crl
rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4089 (0xff9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C2CC7, serialNumber=77486B610D333AEBDA8F255C501411B01F18FF49
Validity
Not Before: Aug 5 16:24:45 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=6892304d-ec41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:a0:2f:b9:0a:8d:9d:c4:bf:c5:5e:d7:68:06:
cc:71:ae:bb:6a:39:d3:24:a3:ff:0b:61:c3:da:ff:
41:1e:62:3a:56:16:ae:0b:2c:fd:dd:a3:b4:a2:50:
dd:25:bf:ed:9f:0d:96:79:a9:50:da:db:00:74:b7:
4c:ec:8a:b2:ce:82:73:52:09:eb:25:ff:14:8c:dd:
ba:9d:2c:35:54:6e:51:2c:23:5d:5e:77:d4:f1:b1:
8d:3f:2c:d9:72:0b:84:15:4b:ba:a5:74:cd:e0:3a:
c3:d2:a1:4e:f0:e3:e7:00:4b:7e:f5:a3:2b:a6:1a:
3a:d6:8c:8e:6e:46:8c:a9:e3:49:e9:bd:f6:b9:f9:
61:78:2e:d6:dc:ba:aa:da:45:5b:d1:d8:da:41:97:
c7:97:f2:c2:d1:71:b9:0e:ba:b8:5f:1e:aa:28:5a:
75:76:88:e9:57:fc:58:f9:9d:6e:31:40:4d:68:39:
89:7d:1b:a5:46:6b:83:fd:cd:dc:bd:ec:b4:e6:d4:
a6:2f:6a:6c:c1:bd:b9:bd:29:9e:f7:28:c4:5b:60:
e2:af:6e:11:c9:4d:65:9b:ea:a3:cd:2d:bf:fc:6c:
6e:be:e0:98:88:be:f3:41:0a:9d:67:16:e4:d4:0f:
90:12:82:67:ba:ae:0d:25:74:42:f7:4a:17:60:ae:
89:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:1D:61:95:71:1D:AE:47:49:98:2A:98:BB:36:42:78:38:F6:A3:D0
X509v3 Authority Key Identifier:
keyid:77:48:6B:61:0D:33:3A:EB:DA:8F:25:5C:50:14:11:B0:1F:18:FF:49
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/B2AB6010721811F09FD98A22C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.30.186.0/23
202.53.197.0/24
202.53.204.0/22
IPv6:
2401:df00:1::-2401:df00:2:ffff:ffff:ffff:ffff:ffff
2401:df00:11::-2401:df00:12:ffff:ffff:ffff:ffff:ffff
2401:df00:21::-2401:df00:22:ffff:ffff:ffff:ffff:ffff
2401:df00:31::-2401:df00:32:ffff:ffff:ffff:ffff:ffff
2401:df00:41::-2401:df00:42:ffff:ffff:ffff:ffff:ffff
2401:df00:51::-2401:df00:52:ffff:ffff:ffff:ffff:ffff
2401:df00:61::-2401:df00:62:ffff:ffff:ffff:ffff:ffff
2401:df00:181::-2401:df00:182:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b7:45:82:da:a0:25:5c:83:e2:31:36:8e:f7:cc:f5:e2:6c:49:
ca:65:22:ab:74:7c:79:62:bc:c6:37:f7:6e:8c:3d:a0:0e:83:
8a:17:2f:44:57:8d:c9:72:50:88:50:07:1b:79:26:f8:64:c4:
63:ba:77:0e:42:a4:13:36:b2:e8:eb:17:71:43:df:f4:b0:7e:
2c:16:3f:4a:59:56:b8:03:a9:06:2f:cf:ad:19:7d:de:d3:31:
be:08:15:a2:c2:2d:69:43:9f:4b:e0:a0:9b:9b:d7:2b:72:c0:
68:a7:33:2c:a7:eb:78:85:5a:43:4f:bf:42:71:90:3f:0e:4a:
a1:8f:a5:98:64:11:6f:9f:25:b7:ca:8c:19:59:06:48:68:88:
0b:09:89:ae:15:b9:8d:36:57:ce:e4:3f:a8:5f:43:c3:f8:ec:
e1:fe:71:3c:de:21:e0:7f:04:fb:5a:55:7d:10:d7:85:b6:a8:
2a:64:4f:47:c5:ce:ca:21:05:06:61:f6:e0:70:0c:03:c3:79:
96:27:65:01:21:5f:4c:45:a5:d2:8e:f1:d9:61:d6:5d:72:e5:
59:a5:c5:26:8e:06:82:15:7a:f4:94:73:f7:8c:0e:00:b1:f1:
7e:0a:81:5c:13:ff:6c:09:ca:ba:53:86:51:a0:fc:c6:f0:59:
23:ff:b9:3f
-----BEGIN CERTIFICATE-----
MIIGKjCCBRKgAwIBAgICD/kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzJDQzcxMTAvBgNVBAUTKDc3NDg2QjYxMEQzMzNBRUJEQThGMjU1QzUwMTQxMUIw
MUYxOEZGNDkwHhcNMjUwODA1MTYyNDQ1WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02ODkyMzA0ZC1lYzQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2aAvuQqNncS/xV7XaAbMca67ajnTJKP/C2HD2v9BHmI6VhauCyz93aO0olDd
Jb/tnw2WealQ2tsAdLdM7IqyzoJzUgnrJf8UjN26nSw1VG5RLCNdXnfU8bGNPyzZ
cguEFUu6pXTN4DrD0qFO8OPnAEt+9aMrpho61oyObkaMqeNJ6b32uflheC7W3Lqq
2kVb0djaQZfHl/LC0XG5Drq4Xx6qKFp1dojpV/xY+Z1uMUBNaDmJfRulRmuD/c3c
vey05tSmL2pswb25vSme9yjEW2Dir24RyU1lm+qjzS2//GxuvuCYiL7zQQqdZxbk
1A+QEoJnuq4NJXRC90oXYK6JeQIDAQABo4IDTjCCA0owHQYDVR0OBBYEFNAdYZVx
Ha5HSZgqmLs2Qng49qPQMB8GA1UdIwQYMBaAFHdIa2ENMzrr2o8lXFAUEbAfGP9J
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMkNDNy83OTFDNkEzNDdC
MzgxMUU5QkMwRDNCMzJDNEY5QUUwMi9kMGhyWVEwek91dmFqeVZjVUJRUnNCOFlf
MGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2QwaHJZUTB6T3V2YWp5VmNVQlFSc0I4WV8way5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzJDQzcvNzkxQzZBMzQ3QjM4MTFFOUJDMEQzQjMyQzRGOUFFMDIvQjJBQjYwMTA3
MjE4MTFGMDlGRDk4QTIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgdcGCCsGAQUFBwEHAQH/
BIHHMIHEMBgEAgABMBIDBAFnHroDBADKNcUDBALKNcwwgacEAgACMIGgMBIDBwAk
Ad8AAAEDBwAkAd8AAAIwEgMHACQB3wAAEQMHACQB3wAAEjASAwcAJAHfAAAhAwcA
JAHfAAAiMBIDBwAkAd8AADEDBwAkAd8AADIwEgMHACQB3wAAQQMHACQB3wAAQjAS
AwcAJAHfAABRAwcAJAHfAABSMBIDBwAkAd8AAGEDBwAkAd8AAGIwEgMHACQB3wAB
gQMHACQB3wABgjANBgkqhkiG9w0BAQsFAAOCAQEAt0WC2qAlXIPiMTaO98z14mxJ
ymUiq3R8eWK8xjf3bow9oA6DihcvRFeNyXJQiFAHG3km+GTEY7p3DkKkEzay6OsX
cUPf9LB+LBY/SllWuAOpBi/PrRl93tMxvggVosItaUOfS+Cgm5vXK3LAaKczLKfr
eIVaQ0+/QnGQPw5KoY+lmGQRb58lt8qMGVkGSGiICwmJrhW5jTZXzuQ/qF9Dw/js
4f5xPN4h4H8E+1pVfRDXhbaoKmRPR8XOyiEFBmH24HAMA8N5lidlASFfTEWl0o7x
2WHWXXLlWaXFJo4GghV69JRz94wOALHxfgqBXBP/bAnKulOGUaD8xvBZI/+5Pw==
-----END CERTIFICATE-----
Generated at Mon Aug 11 04:22:34 2025 by rpki-client