Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91144C9/842F98940EC911F0A26FF144C4F9AE02/98DD71780ECC11F0B8E48170C4F9AE02.roa
File: 98DD71780ECC11F0B8E48170C4F9AE02.roa (raw, json)
Hash identifier: wfDreRJEGF1JW5W3fjwvAomrv9lvr6AoS+ZjgINTuCA=
Subject key identifier: 46:00:D0:F7:79:18:75:B1:77:3A:26:EF:59:15:52:CA:BB:31:34:08
Certificate issuer: /CN=A91144C9/serialNumber=95745293C88A2726E10A57D58F42CC3169B7C922
Certificate serial: 86
Authority key identifier: 95:74:52:93:C8:8A:27:26:E1:0A:57:D5:8F:42:CC:31:69:B7:C9:22
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lXRSk8iKJybhClfVj0LMMWm3ySI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91144C9/842F98940EC911F0A26FF144C4F9AE02/98DD71780ECC11F0B8E48170C4F9AE02.roa
Signing time: Wed 05 Nov 2025 05:18:23 +0000
ROA not before: Wed 05 Nov 2025 05:18:23 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 10099
IP address blocks: 43.251.12.0/22 maxlen: 24
43.252.84.0/22 maxlen: 24
43.255.168.0/22 maxlen: 24
103.1.64.0/22 maxlen: 24
103.69.184.0/22 maxlen: 24
103.77.20.0/22 maxlen: 24
103.86.12.0/22 maxlen: 24
103.95.176.0/22 maxlen: 24
103.107.88.0/22 maxlen: 24
103.118.36.0/22 maxlen: 24
103.203.184.0/22 maxlen: 24
103.214.64.0/22 maxlen: 24
103.228.68.0/22 maxlen: 24
103.229.244.0/22 maxlen: 24
103.239.176.0/22 maxlen: 24
119.252.136.0/21 maxlen: 24
202.77.16.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91144C9/842F98940EC911F0A26FF144C4F9AE02/lXRSk8iKJybhClfVj0LMMWm3ySI.crl
rsync://rpki.apnic.net/member_repository/A91144C9/842F98940EC911F0A26FF144C4F9AE02/lXRSk8iKJybhClfVj0LMMWm3ySI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lXRSk8iKJybhClfVj0LMMWm3ySI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 12 Nov 2025 07:06:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134 (0x86)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91144C9, serialNumber=95745293C88A2726E10A57D58F42CC3169B7C922
Validity
Not Before: Nov 5 05:18:23 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=690ade1f-5813
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:5e:14:13:95:61:e5:fe:27:8c:c2:76:46:e5:
11:10:5d:4a:f6:48:9a:94:43:37:16:26:4d:12:43:
c3:8c:44:4b:33:3b:ec:a5:e7:e8:9f:9c:47:1f:86:
d1:61:26:d9:7a:1f:a8:46:f3:9c:42:8e:4a:75:35:
96:1a:55:3b:8a:c7:30:6b:1d:fa:db:93:ee:ff:ee:
12:ce:7a:30:22:97:f3:7a:62:db:5d:2d:84:b4:aa:
2d:7b:5f:11:b1:61:7c:a5:14:ff:d9:1d:60:b9:56:
9a:74:64:b9:9c:f4:28:d3:ae:be:47:9b:72:21:0b:
90:4f:c4:a9:f9:74:07:9e:81:2b:5a:4c:d0:df:07:
80:d0:1c:fc:e8:ee:2b:92:79:11:9c:04:4d:5c:02:
77:5a:19:dc:92:9c:94:fe:6e:e9:35:51:96:b6:b6:
e6:27:cf:39:86:67:e5:5c:90:5f:5e:50:d0:2f:60:
21:a2:4b:67:07:7c:65:65:d5:85:15:2e:a1:78:09:
88:de:91:36:89:f7:e8:5e:d5:b2:27:21:4e:e2:e7:
0b:cf:15:0d:95:5a:1b:f4:54:ec:20:8c:b5:ca:1e:
af:8d:3a:ac:ba:83:63:c5:e0:5a:93:d5:e5:8b:a8:
03:80:27:f5:e7:30:ca:1d:c6:1e:45:9b:bc:2d:0d:
7a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:00:D0:F7:79:18:75:B1:77:3A:26:EF:59:15:52:CA:BB:31:34:08
X509v3 Authority Key Identifier:
keyid:95:74:52:93:C8:8A:27:26:E1:0A:57:D5:8F:42:CC:31:69:B7:C9:22
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91144C9/842F98940EC911F0A26FF144C4F9AE02/lXRSk8iKJybhClfVj0LMMWm3ySI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lXRSk8iKJybhClfVj0LMMWm3ySI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91144C9/842F98940EC911F0A26FF144C4F9AE02/98DD71780ECC11F0B8E48170C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.251.12.0/22
43.252.84.0/22
43.255.168.0/22
103.1.64.0/22
103.69.184.0/22
103.77.20.0/22
103.86.12.0/22
103.95.176.0/22
103.107.88.0/22
103.118.36.0/22
103.203.184.0/22
103.214.64.0/22
103.228.68.0/22
103.229.244.0/22
103.239.176.0/22
119.252.136.0/21
202.77.16.0/21
Signature Algorithm: sha256WithRSAEncryption
a7:7a:ec:62:b6:53:7d:c1:5a:a7:60:dd:71:2a:64:f7:f2:00:
80:01:5b:68:65:15:aa:40:70:95:bf:79:19:4e:30:48:e2:1e:
5a:f9:55:bc:57:59:59:6e:ca:57:2a:36:a6:5b:3f:8c:0f:2b:
62:07:98:c4:20:75:bf:f7:eb:b2:75:a3:bb:52:cd:c7:66:48:
e0:aa:73:01:b4:3b:5e:b4:a9:0e:7a:92:86:b9:4b:73:6f:b3:
f4:cc:74:c1:aa:f7:89:b3:aa:d9:24:96:fa:76:b6:cb:42:c6:
45:32:95:79:3e:b4:47:64:d4:ba:37:a4:5f:7f:c8:d0:ee:98:
70:f2:42:d1:bb:2e:7c:20:56:d9:66:ad:01:af:1f:65:90:f1:
f8:73:bc:59:6e:13:76:52:40:8e:95:33:7c:e4:75:06:c9:64:
14:7e:6a:36:89:ce:63:65:b3:7c:7c:bc:66:1a:04:12:a7:79:
c0:8d:77:19:2a:e1:65:1e:4a:27:46:67:66:7e:1a:cd:40:e3:
a4:26:fd:e5:34:57:79:db:1d:3a:63:6d:50:c6:94:15:4b:c5:
ef:d7:14:90:c6:ea:27:a0:6e:fa:a9:d1:0f:6b:bf:fb:2b:3b:
93:9c:76:1c:e8:3e:eb:b4:b6:c8:48:13:33:23:20:ec:f2:00:
f7:b9:54:d4
-----BEGIN CERTIFICATE-----
MIIF0TCCBLmgAwIBAgICAIYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTQ0QzkxMTAvBgNVBAUTKDk1NzQ1MjkzQzg4QTI3MjZFMTBBNTdENThGNDJDQzMx
NjlCN0M5MjIwHhcNMjUxMTA1MDUxODIzWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OTBhZGUxZi01ODEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyl4UE5Vh5f4njMJ2RuUREF1K9kialEM3FiZNEkPDjERLMzvspefon5xHH4bR
YSbZeh+oRvOcQo5KdTWWGlU7iscwax3625Pu/+4SznowIpfzemLbXS2EtKote18R
sWF8pRT/2R1guVaadGS5nPQo066+R5tyIQuQT8Sp+XQHnoErWkzQ3weA0Bz86O4r
knkRnARNXAJ3WhnckpyU/m7pNVGWtrbmJ885hmflXJBfXlDQL2AhoktnB3xlZdWF
FS6heAmI3pE2iffoXtWyJyFO4ucLzxUNlVob9FTsIIy1yh6vjTqsuoNjxeBak9Xl
i6gDgCf15zDKHcYeRZu8LQ162wIDAQABo4IC9TCCAvEwHQYDVR0OBBYEFEYA0Pd5
GHWxdzom71kVUsq7MTQIMB8GA1UdIwQYMBaAFJV0UpPIiicm4QpX1Y9CzDFpt8ki
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNDRDOS84NDJGOTg5NDBF
QzkxMUYwQTI2RkYxNDRDNEY5QUUwMi9sWFJTazhpS0p5YmhDbGZWajBMTU1XbTN5
U0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xYUlNrOGlLSnliaENsZlZqMExNTVdtM3lTSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTQ0QzkvODQyRjk4OTQwRUM5MTFGMEEyNkZGMTQ0QzRGOUFFMDIvOThERDcxNzgw
RUNDMTFGMEI4RTQ4MTcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfwYIKwYBBQUHAQcBAf8E
cDBuMGwEAgABMGYDBAIr+wwDBAIr/FQDBAIr/6gDBAJnAUADBAJnRbgDBAJnTRQD
BAJnVgwDBAJnX7ADBAJna1gDBAJndiQDBAJny7gDBAJn1kADBAJn5EQDBAJn5fQD
BAJn77ADBAN3/IgDBAPKTRAwDQYJKoZIhvcNAQELBQADggEBAKd67GK2U33BWqdg
3XEqZPfyAIABW2hlFapAcJW/eRlOMEjiHlr5VbxXWVluylcqNqZbP4wPK2IHmMQg
db/367J1o7tSzcdmSOCqcwG0O160qQ56koa5S3Nvs/TMdMGq94mzqtkklvp2tstC
xkUylXk+tEdk1Lo3pF9/yNDumHDyQtG7LnwgVtlmrQGvH2WQ8fhzvFluE3ZSQI6V
M3zkdQbJZBR+ajaJzmNls3x8vGYaBBKnecCNdxkq4WUeSidGZ2Z+Gs1A46Qm/eU0
V3nbHTpjbVDGlBVLxe/XFJDG6iegbvqp0Q9rv/srO5OcdhzoPuu0tshIEzMjIOzy
APe5VNQ=
-----END CERTIFICATE-----
Generated at Wed Nov 5 13:38:07 2025 by rpki-client