Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/5A318E06F6A111EBB6318B7EC4F9AE02.roa
File: 5A318E06F6A111EBB6318B7EC4F9AE02.roa (raw, json)
Hash identifier: IyDQYJrM5fIKR+ASJpDKeAtN9Kfn9iiroq8ekuZROvU=
Subject key identifier: 4B:2B:0F:E3:FA:A8:AB:6D:02:88:9D:16:EC:CB:BC:71:A8:DF:26:53
Certificate issuer: /CN=A91C4F06/serialNumber=3AAF80EA97E99B9525B33BC1335BB095C2D278A7
Certificate serial: 3575
Authority key identifier: 3A:AF:80:EA:97:E9:9B:95:25:B3:3B:C1:33:5B:B0:95:C2:D2:78:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/5A318E06F6A111EBB6318B7EC4F9AE02.roa
Signing time: Mon 14 Jul 2025 10:25:09 +0000
ROA not before: Mon 14 Jul 2025 10:25:09 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 23955
IP address blocks: 43.241.136.0/22 maxlen: 23
43.241.136.0/23 maxlen: 24
43.241.138.0/24 maxlen: 24
103.29.224.0/22 maxlen: 24
103.71.40.0/22 maxlen: 24
118.103.136.0/21 maxlen: 23
118.103.136.0/23 maxlen: 24
118.103.139.0/24 maxlen: 24
118.103.140.0/22 maxlen: 24
2405:ec00::/32 maxlen: 32
2405:ec00:2::/48 maxlen: 48
2405:ec00:3::/48 maxlen: 48
2405:ec00:4::/48 maxlen: 48
2405:ec00:5::/48 maxlen: 48
2405:ec00:6::/48 maxlen: 48
2405:ec00:10a::/48 maxlen: 48
2405:ec00:10b::/48 maxlen: 48
2405:ec00:10c::/48 maxlen: 48
2405:ec00:10d::/48 maxlen: 48
2405:ec00:10e::/48 maxlen: 48
2405:ec00:10f::/48 maxlen: 48
2405:ec00:110::/48 maxlen: 48
2405:ec00:1000::/48 maxlen: 48
2405:ec00:1001::/48 maxlen: 48
2405:ec00:1002::/48 maxlen: 48
2405:ec00:1003::/48 maxlen: 48
2405:ec00:1004::/48 maxlen: 48
2405:ec00:1005::/48 maxlen: 48
2405:ec00:1100::/48 maxlen: 48
2405:ec00:1101::/48 maxlen: 48
2405:ec00:1201::/48 maxlen: 48
2405:ec00:1202::/48 maxlen: 48
2405:ec00:1203::/48 maxlen: 48
2405:ec00:1204::/48 maxlen: 48
2405:ec00:1205::/48 maxlen: 48
2405:ec00:1206::/48 maxlen: 48
2405:ec00:1208::/48 maxlen: 48
2405:ec00:1209::/48 maxlen: 48
2405:ec00:1300::/48 maxlen: 48
2405:ec00:1301::/48 maxlen: 48
2405:ec00:7000::/40 maxlen: 40
2405:ec00:7100::/40 maxlen: 40
2405:ec00:9011::/48 maxlen: 48
2405:ec00:9012::/48 maxlen: 48
2405:ec00:9013::/48 maxlen: 48
2405:ec00:9014::/48 maxlen: 48
2405:ec00:9015::/48 maxlen: 48
2405:ec00:9016::/48 maxlen: 48
2405:ec00:9017::/48 maxlen: 48
2405:ec00:9018::/48 maxlen: 48
2405:ec00:9019::/48 maxlen: 48
2405:ec00:901a::/48 maxlen: 48
2405:ec00:901b::/48 maxlen: 48
2405:ec00:9021::/48 maxlen: 48
2405:ec00:9022::/48 maxlen: 48
2405:ec00:9023::/48 maxlen: 48
2405:ec00:9024::/48 maxlen: 48
2405:ec00:9025::/48 maxlen: 48
2405:ec00:9051::/48 maxlen: 48
2405:ec00:9052::/48 maxlen: 48
2405:ec00:9053::/48 maxlen: 48
2405:ec00:9054::/48 maxlen: 48
2405:ec00:9055::/48 maxlen: 48
2405:ec00:9071::/48 maxlen: 48
2405:ec00:9072::/48 maxlen: 48
2405:ec00:9073::/48 maxlen: 48
2405:ec00:9074::/48 maxlen: 48
2405:ec00:9075::/48 maxlen: 48
2405:ec00:9081::/48 maxlen: 48
2405:ec00:9082::/48 maxlen: 48
2405:ec00:9083::/48 maxlen: 48
2405:ec00:9100::/48 maxlen: 48
2405:ec00:9101::/48 maxlen: 48
2405:ec00:a1ca::/48 maxlen: 48
2405:ec00:f000::/36 maxlen: 36
2405:ec00:fa00::/48 maxlen: 48
2405:ec00:face::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.crl
rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 19 Aug 2025 14:50:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13685 (0x3575)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C4F06, serialNumber=3AAF80EA97E99B9525B33BC1335BB095C2D278A7
Validity
Not Before: Jul 14 10:25:09 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=6874db05-0141
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5f:ab:ec:6c:ad:3b:95:a1:78:13:69:6e:2b:
ce:9b:53:aa:2b:4c:87:7a:de:bf:6e:3f:81:b3:92:
d7:2b:fd:4f:c0:84:9d:11:00:e1:d2:ad:e4:6c:27:
1e:60:1e:0a:9c:fd:63:48:e2:c0:09:22:40:26:31:
51:12:70:a0:a0:0a:3d:65:75:d6:cb:bd:5f:e8:f8:
c2:46:0a:6f:51:69:5c:0d:50:b0:39:d8:f3:90:99:
a7:d7:48:6d:24:4a:20:53:7b:bb:10:7c:55:e8:7e:
2a:58:7c:03:5c:c6:ef:82:c6:a9:fe:88:c1:6e:2f:
bf:7f:50:d0:be:50:5a:3c:d6:b1:ef:1d:27:d2:65:
6d:94:f0:fe:b7:70:40:d8:15:69:f3:19:a9:3e:b0:
5f:08:f0:58:f9:89:62:05:c3:4a:c5:29:ed:01:c6:
80:c0:27:31:6a:71:47:bb:f8:72:4e:99:2b:a7:fb:
47:5f:6a:8a:ec:be:15:ff:ea:6d:1a:74:81:9b:23:
d8:8f:67:59:7b:18:e4:c9:80:f2:56:37:bb:9c:6f:
2f:78:af:e0:a9:aa:d4:32:be:e9:e2:de:ce:64:60:
68:f6:36:b8:3a:5f:6c:f8:05:e9:bc:14:9d:ed:96:
2c:7b:ce:20:78:0b:83:a9:41:2c:4b:52:05:8d:23:
86:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:2B:0F:E3:FA:A8:AB:6D:02:88:9D:16:EC:CB:BC:71:A8:DF:26:53
X509v3 Authority Key Identifier:
keyid:3A:AF:80:EA:97:E9:9B:95:25:B3:3B:C1:33:5B:B0:95:C2:D2:78:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/5A318E06F6A111EBB6318B7EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.136.0/22
103.29.224.0/22
103.71.40.0/22
118.103.136.0/21
IPv6:
2405:ec00::/32
Signature Algorithm: sha256WithRSAEncryption
51:2b:3c:0c:6a:19:0e:97:13:25:bf:11:11:2f:fb:0f:0c:df:
e1:e6:ad:21:c6:e6:5c:1a:af:ae:20:ad:55:bb:82:bd:05:2a:
b7:6c:e4:bb:3a:a8:68:81:03:9b:92:c1:24:ea:88:47:c9:15:
86:e0:0e:d7:f0:49:b5:7a:cb:df:b5:26:fa:d6:dc:00:31:26:
9e:f2:8c:8a:1a:e4:1a:7b:53:d0:f7:d1:72:c2:45:81:92:a0:
22:ca:60:d2:c4:4b:52:e9:f9:3c:bf:5b:bf:02:ca:bf:8e:2e:
d2:6d:02:90:3c:a9:43:49:6b:85:49:a0:a2:86:01:78:73:82:
f1:84:54:fc:4c:84:a3:de:81:30:a5:f7:5f:42:4e:a9:b5:cf:
44:56:83:54:80:07:21:f6:c6:6e:26:01:d4:47:eb:6c:cd:5b:
55:a4:8b:9d:26:31:fa:16:24:47:7d:1a:31:be:a0:bc:d7:5e:
2f:c2:5d:24:f3:1a:0e:22:05:ce:7b:cb:4f:80:83:a2:39:aa:
8a:2a:2c:1f:41:8c:ac:47:b0:52:7c:66:68:c0:30:74:f3:dc:
7a:d3:42:75:b5:d6:59:d6:0a:fe:33:60:21:9a:78:f0:e7:55:
02:bf:b4:5a:87:78:d4:63:d1:72:1d:86:77:21:ef:e0:fc:4d:
fd:b5:a5:48
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICNXUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzRGMDYxMTAvBgNVBAUTKDNBQUY4MEVBOTdFOTlCOTUyNUIzM0JDMTMzNUJCMDk1
QzJEMjc4QTcwHhcNMjUwNzE0MTAyNTA5WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODc0ZGIwNS0wMTQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxl+r7GytO5WheBNpbivOm1OqK0yHet6/bj+Bs5LXK/1PwISdEQDh0q3kbCce
YB4KnP1jSOLACSJAJjFREnCgoAo9ZXXWy71f6PjCRgpvUWlcDVCwOdjzkJmn10ht
JEogU3u7EHxV6H4qWHwDXMbvgsap/ojBbi+/f1DQvlBaPNax7x0n0mVtlPD+t3BA
2BVp8xmpPrBfCPBY+YliBcNKxSntAcaAwCcxanFHu/hyTpkrp/tHX2qK7L4V/+pt
GnSBmyPYj2dZexjkyYDyVje7nG8veK/gqarUMr7p4t7OZGBo9ja4Ol9s+AXpvBSd
7ZYse84geAuDqUEsS1IFjSOGsQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFEsrD+P6
qKttAoidFuzLvHGo3yZTMB8GA1UdIwQYMBaAFDqvgOqX6ZuVJbM7wTNbsJXC0nin
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNEYwNi83NkUxQzQ3RTFE
OTUxMUUyQkU1OTVFN0QwOEIwMkNEMi9PcS1BNnBmcG01VWxzenZCTTF1d2xjTFNl
S2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09xLUE2cGZwbTVVbHN6dkJNMXV3bGNMU2VLYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzRGMDYvNzZFMUM0N0UxRDk1MTFFMkJFNTk1RTdEMDhCMDJDRDIvNUEzMThFMDZG
NkExMTFFQkI2MzE4QjdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAIr8YgDBAJnHeADBAJnRygDBAN2Z4gwDQQCAAIwBwMFACQF
7AAwDQYJKoZIhvcNAQELBQADggEBAFErPAxqGQ6XEyW/EREv+w8M3+HmrSHG5lwa
r64grVW7gr0FKrds5Ls6qGiBA5uSwSTqiEfJFYbgDtfwSbV6y9+1JvrW3AAxJp7y
jIoa5Bp7U9D30XLCRYGSoCLKYNLES1Lp+Ty/W78Cyr+OLtJtApA8qUNJa4VJoKKG
AXhzgvGEVPxMhKPegTCl919CTqm1z0RWg1SAByH2xm4mAdRH62zNW1Wki50mMfoW
JEd9GjG+oLzXXi/CXSTzGg4iBc57y0+Ag6I5qooqLB9BjKxHsFJ8ZmjAMHTz3HrT
QnW11lnWCv4zYCGaePDnVQK/tFqHeNRj0XIdhnch7+D8Tf21pUg=
-----END CERTIFICATE-----
Generated at Wed Aug 13 14:33:52 2025 by rpki-client