Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9125C22/045695B87FAE11EB977B5335C4F9AE02/202A51EA52D611EFA0333E23C4F9AE02.roa
File: 202A51EA52D611EFA0333E23C4F9AE02.roa (raw, json)
Hash identifier: Sxl9Vw9Z+DTDShpFQB0WpYJiHDd/mA9uIojiho1C+jo=
Subject key identifier: 86:F4:B8:E6:88:73:7A:E3:C0:9C:AD:A2:8E:B9:87:BC:BF:F1:5F:79
Certificate issuer: /CN=A9125C22/serialNumber=D9069391A3E7804A6EBDDF9D41F2DE4D91BD51B3
Certificate serial: 06C3
Authority key identifier: D9:06:93:91:A3:E7:80:4A:6E:BD:DF:9D:41:F2:DE:4D:91:BD:51:B3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QaTkaPngEpuvd-dQfLeTZG9UbM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9125C22/045695B87FAE11EB977B5335C4F9AE02/202A51EA52D611EFA0333E23C4F9AE02.roa
Signing time: Fri 24 Oct 2025 23:41:26 +0000
ROA not before: Fri 24 Oct 2025 23:41:26 +0000
ROA not after: Sun 31 Jan 2027 00:00:00 +0000
asID: 133771
IP address blocks: 59.153.56.0/22 maxlen: 22
59.153.56.0/24 maxlen: 24
59.153.57.0/24 maxlen: 24
59.153.58.0/24 maxlen: 24
59.153.59.0/24 maxlen: 24
103.198.56.0/22 maxlen: 24
116.251.224.0/19 maxlen: 19
116.251.224.0/22 maxlen: 22
116.251.224.0/24 maxlen: 24
116.251.225.0/24 maxlen: 24
116.251.226.0/23 maxlen: 24
116.251.228.0/22 maxlen: 22
116.251.228.0/24 maxlen: 24
116.251.229.0/24 maxlen: 24
116.251.230.0/24 maxlen: 24
116.251.231.0/24 maxlen: 24
116.251.232.0/22 maxlen: 22
116.251.232.0/24 maxlen: 24
116.251.233.0/24 maxlen: 24
116.251.234.0/23 maxlen: 24
116.251.236.0/22 maxlen: 22
116.251.236.0/23 maxlen: 24
116.251.238.0/24 maxlen: 24
116.251.239.0/24 maxlen: 24
116.251.240.0/22 maxlen: 22
116.251.240.0/24 maxlen: 24
116.251.241.0/24 maxlen: 24
116.251.242.0/24 maxlen: 24
116.251.243.0/24 maxlen: 24
116.251.244.0/22 maxlen: 22
116.251.244.0/24 maxlen: 24
116.251.245.0/24 maxlen: 24
116.251.246.0/24 maxlen: 24
116.251.247.0/24 maxlen: 24
116.251.248.0/22 maxlen: 22
116.251.248.0/24 maxlen: 24
116.251.249.0/24 maxlen: 24
116.251.250.0/24 maxlen: 24
116.251.251.0/24 maxlen: 24
116.251.252.0/22 maxlen: 22
116.251.252.0/24 maxlen: 24
116.251.253.0/24 maxlen: 24
116.251.254.0/24 maxlen: 24
116.251.255.0/24 maxlen: 24
138.43.32.0/20 maxlen: 24
138.43.192.0/20 maxlen: 24
2401:d280::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9125C22/045695B87FAE11EB977B5335C4F9AE02/2QaTkaPngEpuvd-dQfLeTZG9UbM.crl
rsync://rpki.apnic.net/member_repository/A9125C22/045695B87FAE11EB977B5335C4F9AE02/2QaTkaPngEpuvd-dQfLeTZG9UbM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QaTkaPngEpuvd-dQfLeTZG9UbM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 09 Nov 2025 22:09:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1731 (0x6c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9125C22, serialNumber=D9069391A3E7804A6EBDDF9D41F2DE4D91BD51B3
Validity
Not Before: Oct 24 23:41:26 2025 GMT
Not After : Jan 31 00:00:00 2027 GMT
Subject: CN=68fc0ea6-b908
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:87:38:17:fd:64:8d:8a:dc:36:7d:a7:fb:e3:
74:ba:6e:2c:0b:3a:dd:dd:5d:b1:f1:ee:f0:9a:05:
b6:19:e5:bf:41:ff:cb:5d:92:dc:70:e1:26:37:30:
ba:77:f9:c0:98:ac:34:b2:43:bb:8b:13:8c:59:a7:
50:56:fe:11:5e:c3:c3:da:9a:ac:d8:8d:65:c5:dc:
0d:2b:e9:a3:98:12:cb:a1:52:1a:ac:89:c0:dd:d3:
b2:04:97:2e:ae:44:9e:92:3b:12:32:79:22:b4:22:
64:73:8a:d9:d4:ec:90:db:6f:80:94:78:e1:28:af:
c3:8c:6a:4f:04:10:f2:c0:99:32:ba:d6:7f:06:20:
72:a9:76:2c:32:37:a6:fa:6c:d8:88:d0:fa:1d:fd:
0d:0d:2c:ed:2c:8e:0f:84:38:b6:8e:69:4c:c5:a2:
3e:2a:51:4f:78:50:28:a6:f0:5a:99:ca:98:16:e1:
79:bf:85:c6:fd:a6:d3:85:b6:82:96:cf:ab:8f:6f:
52:3f:fe:34:7c:3d:88:05:13:b3:60:71:33:17:af:
0b:6e:50:77:66:0c:62:fd:e3:6e:6f:22:72:d3:6e:
78:01:a4:46:4c:fc:09:94:41:76:ce:b1:b6:9f:89:
ff:16:14:fb:1f:93:35:fd:68:7c:c1:55:41:56:c9:
35:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:F4:B8:E6:88:73:7A:E3:C0:9C:AD:A2:8E:B9:87:BC:BF:F1:5F:79
X509v3 Authority Key Identifier:
keyid:D9:06:93:91:A3:E7:80:4A:6E:BD:DF:9D:41:F2:DE:4D:91:BD:51:B3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9125C22/045695B87FAE11EB977B5335C4F9AE02/2QaTkaPngEpuvd-dQfLeTZG9UbM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QaTkaPngEpuvd-dQfLeTZG9UbM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125C22/045695B87FAE11EB977B5335C4F9AE02/202A51EA52D611EFA0333E23C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.153.56.0/22
103.198.56.0/22
116.251.224.0/19
138.43.32.0/20
138.43.192.0/20
IPv6:
2401:d280::/32
Signature Algorithm: sha256WithRSAEncryption
30:c3:38:0b:40:11:7a:1a:cb:53:be:fa:03:6d:91:2d:eb:6e:
78:5a:82:69:af:9a:fd:1a:a5:e7:cf:80:6d:1c:62:35:73:67:
76:63:e4:6d:d7:d9:eb:2c:fa:8d:6c:ee:2c:29:b3:1a:d4:40:
83:6b:e0:e9:17:fc:6e:13:25:c4:7a:0e:80:86:af:46:5a:68:
69:ea:d4:10:88:90:3b:5a:32:19:54:56:3f:35:f5:ac:44:4d:
f1:84:9f:36:23:55:81:4f:63:d2:4b:eb:e7:c2:62:d6:23:f3:
85:b5:48:ba:84:d5:d4:fa:92:28:ed:bf:2e:71:74:3f:93:e4:
91:4c:e4:79:ae:af:5e:60:8b:3a:0f:ae:71:c9:74:1b:a3:09:
34:9d:b5:b6:44:7a:33:b5:c1:ff:0f:2e:40:bd:9e:15:42:fb:
30:9f:c0:f4:82:39:a6:b9:1d:6d:07:dd:29:61:60:42:86:ee:
4c:ac:30:bd:54:ac:74:88:e5:7f:9c:43:65:15:f9:12:ec:94:
b9:26:3e:6f:eb:6e:0d:6f:0f:80:d3:13:1a:2a:94:ac:19:45:
ad:e1:d2:56:cb:40:76:ce:3a:5c:e3:6b:f7:ef:91:8d:dd:ae:
08:33:d9:08:d8:5e:fb:6a:ca:0a:4b:cd:e4:9a:3d:5f:0e:84:
eb:a4:8b:85
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICBsMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjVDMjIxMTAvBgNVBAUTKEQ5MDY5MzkxQTNFNzgwNEE2RUJEREY5RDQxRjJERTRE
OTFCRDUxQjMwHhcNMjUxMDI0MjM0MTI2WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGZjMGVhNi1iOTA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAroc4F/1kjYrcNn2n++N0um4sCzrd3V2x8e7wmgW2GeW/Qf/LXZLccOEmNzC6
d/nAmKw0skO7ixOMWadQVv4RXsPD2pqs2I1lxdwNK+mjmBLLoVIarInA3dOyBJcu
rkSekjsSMnkitCJkc4rZ1OyQ22+AlHjhKK/DjGpPBBDywJkyutZ/BiByqXYsMjem
+mzYiND6Hf0NDSztLI4PhDi2jmlMxaI+KlFPeFAopvBamcqYFuF5v4XG/abThbaC
ls+rj29SP/40fD2IBROzYHEzF68LblB3Zgxi/eNubyJy0254AaRGTPwJlEF2zrG2
n4n/FhT7H5M1/Wh8wVVBVsk1uwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFIb0uOaI
c3rjwJytoo65h7y/8V95MB8GA1UdIwQYMBaAFNkGk5Gj54BKbr3fnUHy3k2RvVGz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNUMyMi8wNDU2OTVCODdG
QUUxMUVCOTc3QjUzMzVDNEY5QUUwMi8yUWFUa2FQbmdFcHV2ZC1kUWZMZVRaRzlV
Yk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJRYVRrYVBuZ0VwdXZkLWRRZkxlVFpHOVViTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjVDMjIvMDQ1Njk1Qjg3RkFFMTFFQjk3N0I1MzM1QzRGOUFFMDIvMjAyQTUxRUE1
MkQ2MTFFRkEwMzMzRTIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAI7mTgDBAJnxjgDBAV0++ADBASKKyADBASKK8AwDQQCAAIw
BwMFACQB0oAwDQYJKoZIhvcNAQELBQADggEBADDDOAtAEXoay1O++gNtkS3rbnha
gmmvmv0apefPgG0cYjVzZ3Zj5G3X2ess+o1s7iwpsxrUQINr4OkX/G4TJcR6DoCG
r0ZaaGnq1BCIkDtaMhlUVj819axETfGEnzYjVYFPY9JL6+fCYtYj84W1SLqE1dT6
kijtvy5xdD+T5JFM5Hmur15gizoPrnHJdBujCTSdtbZEejO1wf8PLkC9nhVC+zCf
wPSCOaa5HW0H3SlhYEKG7kysML1UrHSI5X+cQ2UV+RLslLkmPm/rbg1vD4DTExoq
lKwZRa3h0lbLQHbOOlzja/fvkY3drggz2QjYXvtqygpLzeSaPV8OhOuki4U=
-----END CERTIFICATE-----
Generated at Tue Nov 4 21:34:57 2025 by rpki-client