Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/CF5F1FBEB6FE11F0A9F72B71C4F9AE02.roa
File: CF5F1FBEB6FE11F0A9F72B71C4F9AE02.roa (raw, json)
Hash identifier: LwDrT7in+D0XPtR9fTtiLNVPkAt3lM0XdhJ9KTaC6rM=
Subject key identifier: D6:FF:A0:6F:41:75:00:F6:E1:43:45:E2:FD:B9:0A:22:96:DF:24:D2
Certificate issuer: /CN=A91298DA/serialNumber=FCAA086226DF02AF8394FAB22D1FB96E0B7D65DD
Certificate serial: 0C4A
Authority key identifier: FC:AA:08:62:26:DF:02:AF:83:94:FA:B2:2D:1F:B9:6E:0B:7D:65:DD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/CF5F1FBEB6FE11F0A9F72B71C4F9AE02.roa
Signing time: Sat 01 Nov 2025 08:43:17 +0000
ROA not before: Sat 01 Nov 2025 08:43:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58895
IP address blocks: 36.255.100.0/22 maxlen: 22
36.255.100.0/24 maxlen: 24
36.255.101.0/24 maxlen: 24
36.255.102.0/24 maxlen: 24
36.255.103.0/24 maxlen: 24
43.229.164.0/22 maxlen: 22
43.229.164.0/24 maxlen: 24
43.229.165.0/24 maxlen: 24
43.229.166.0/24 maxlen: 24
43.229.167.0/24 maxlen: 24
43.231.60.0/22 maxlen: 22
43.231.60.0/24 maxlen: 24
43.231.61.0/24 maxlen: 24
43.231.62.0/24 maxlen: 24
43.231.63.0/24 maxlen: 24
43.248.12.0/22 maxlen: 22
43.248.12.0/24 maxlen: 24
43.248.13.0/24 maxlen: 24
43.248.14.0/24 maxlen: 24
43.248.15.0/24 maxlen: 24
45.113.124.0/22 maxlen: 22
45.113.124.0/24 maxlen: 24
45.113.125.0/24 maxlen: 24
45.113.126.0/24 maxlen: 24
45.113.127.0/24 maxlen: 24
45.117.105.0/24 maxlen: 24
45.117.106.0/24 maxlen: 24
45.117.107.0/24 maxlen: 24
103.24.96.0/22 maxlen: 24
103.35.214.0/24 maxlen: 24
103.35.215.0/24 maxlen: 24
103.39.80.0/22 maxlen: 22
103.39.80.0/24 maxlen: 24
103.39.81.0/24 maxlen: 24
103.39.82.0/24 maxlen: 24
103.39.83.0/24 maxlen: 24
103.49.136.0/24 maxlen: 24
103.49.137.0/24 maxlen: 24
103.49.138.0/24 maxlen: 24
103.49.139.0/24 maxlen: 24
103.50.156.0/22 maxlen: 22
103.50.156.0/24 maxlen: 24
103.50.157.0/24 maxlen: 24
103.50.158.0/24 maxlen: 24
103.50.159.0/24 maxlen: 24
103.53.44.0/22 maxlen: 22
103.53.44.0/24 maxlen: 24
103.53.45.0/24 maxlen: 24
103.53.46.0/24 maxlen: 24
103.53.47.0/24 maxlen: 24
103.57.168.0/22 maxlen: 22
103.57.168.0/24 maxlen: 24
103.57.169.0/24 maxlen: 24
103.57.170.0/24 maxlen: 24
103.57.171.0/24 maxlen: 24
103.70.84.0/24 maxlen: 24
103.70.85.0/24 maxlen: 24
103.200.196.0/24 maxlen: 24
103.200.197.0/24 maxlen: 24
103.200.198.0/24 maxlen: 24
103.200.199.0/24 maxlen: 24
103.209.84.0/22 maxlen: 22
103.209.84.0/24 maxlen: 24
103.209.85.0/24 maxlen: 24
103.209.86.0/24 maxlen: 24
103.209.87.0/24 maxlen: 24
117.53.40.0/22 maxlen: 22
117.53.40.0/24 maxlen: 24
117.53.41.0/24 maxlen: 24
117.53.42.0/24 maxlen: 24
117.53.43.0/24 maxlen: 24
150.129.4.0/22 maxlen: 22
150.129.4.0/24 maxlen: 24
150.129.5.0/24 maxlen: 24
150.129.6.0/24 maxlen: 24
150.129.7.0/24 maxlen: 24
2400:1680::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.crl
rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 11 Nov 2025 18:58:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3146 (0xc4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91298DA, serialNumber=FCAA086226DF02AF8394FAB22D1FB96E0B7D65DD
Validity
Not Before: Nov 1 08:43:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6905c824-5123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:6b:d3:ac:14:c9:b5:e6:d8:10:bc:87:77:8a:
e2:91:20:b5:75:69:d5:4d:16:3a:80:df:36:2e:09:
73:ab:a9:0e:e5:64:f3:d9:56:82:18:60:1a:69:57:
bf:f0:68:6e:b2:08:cc:fe:c9:59:d5:d6:fd:31:c1:
9d:fe:92:ab:ca:84:ba:3c:17:0a:40:ae:98:5d:0e:
33:7f:b3:88:a5:4e:b9:00:8b:ab:5b:9a:78:c3:73:
90:e0:9a:cd:76:bc:56:dc:56:e5:1e:4f:44:d1:8b:
3f:4b:2b:fb:dc:51:af:5a:ec:49:9f:df:f6:65:72:
15:7e:1e:20:bd:8f:07:46:56:ca:d2:34:8a:9b:05:
10:84:e4:9d:5f:76:48:16:ae:17:b3:ac:2e:41:d6:
79:69:2d:9b:a0:38:49:2d:fb:77:64:93:ba:7a:31:
cc:74:14:45:fa:74:49:60:f5:67:37:bb:e9:7c:b9:
db:af:71:32:c3:df:69:58:0f:c5:41:0f:38:84:16:
38:82:5b:32:e2:b1:53:f5:7c:d5:9e:19:cf:23:fa:
c6:8f:53:5f:28:db:d0:54:9f:18:c8:15:71:45:82:
1d:9a:55:c4:6e:1e:03:62:a4:f8:53:dc:d2:3e:7d:
23:40:a3:3a:4f:a1:3a:09:51:c0:bf:c1:88:de:48:
89:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:FF:A0:6F:41:75:00:F6:E1:43:45:E2:FD:B9:0A:22:96:DF:24:D2
X509v3 Authority Key Identifier:
keyid:FC:AA:08:62:26:DF:02:AF:83:94:FA:B2:2D:1F:B9:6E:0B:7D:65:DD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/CF5F1FBEB6FE11F0A9F72B71C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.100.0/22
43.229.164.0/22
43.231.60.0/22
43.248.12.0/22
45.113.124.0/22
45.117.105.0-45.117.107.255
103.24.96.0/22
103.35.214.0/23
103.39.80.0/22
103.49.136.0/22
103.50.156.0/22
103.53.44.0/22
103.57.168.0/22
103.70.84.0/23
103.200.196.0/22
103.209.84.0/22
117.53.40.0/22
150.129.4.0/22
IPv6:
2400:1680::/32
Signature Algorithm: sha256WithRSAEncryption
8e:7f:fb:49:5a:a4:e6:53:c2:d2:bc:1e:7e:e4:b4:d3:a2:18:
37:ff:1d:20:fe:69:eb:d8:db:0d:ef:a6:df:bc:05:4e:00:a6:
89:11:7f:21:6b:c0:75:76:b8:9e:cc:36:9f:86:e6:b5:bf:8c:
17:72:f4:e6:21:fb:80:9e:f8:bd:51:4a:60:0b:cc:48:dc:e7:
34:df:7a:7c:fa:7d:97:94:a7:e5:a7:3b:4a:43:c5:b0:22:ed:
82:70:7f:f2:f4:f4:9b:12:43:81:0c:a0:1b:d5:77:3a:34:f3:
e4:ae:8e:e7:de:32:a9:9a:92:e8:52:80:2b:28:8e:38:77:56:
7a:a0:7b:84:24:59:9c:18:06:78:89:e3:7a:64:1b:f5:e6:93:
2d:2e:9f:30:c6:30:9b:50:79:03:c3:12:3f:d1:ba:86:33:28:
06:75:63:36:eb:73:8b:f3:46:21:bc:65:48:2e:fc:3a:4a:d4:
17:06:64:3c:af:a1:4b:3a:bb:27:3e:a8:97:e5:cc:dc:0f:1e:
4c:46:27:64:8d:5e:78:8d:5f:d6:2f:60:e8:96:eb:7b:1c:7e:
a2:c3:4d:e9:3e:d1:45:a2:9e:d2:63:2b:60:ec:f8:9e:23:43:
ad:07:0e:bb:10:d5:e2:f5:19:36:fe:11:aa:c1:b3:10:53:ec:
27:af:db:eb
-----BEGIN CERTIFICATE-----
MIIF8TCCBNmgAwIBAgICDEowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjk4REExMTAvBgNVBAUTKEZDQUEwODYyMjZERjAyQUY4Mzk0RkFCMjJEMUZCOTZF
MEI3RDY1REQwHhcNMjUxMTAxMDg0MzE3WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OTA1YzgyNC01MTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA42vTrBTJtebYELyHd4rikSC1dWnVTRY6gN82Lglzq6kO5WTz2VaCGGAaaVe/
8GhusgjM/slZ1db9McGd/pKryoS6PBcKQK6YXQ4zf7OIpU65AIurW5p4w3OQ4JrN
drxW3FblHk9E0Ys/Syv73FGvWuxJn9/2ZXIVfh4gvY8HRlbK0jSKmwUQhOSdX3ZI
Fq4Xs6wuQdZ5aS2boDhJLft3ZJO6ejHMdBRF+nRJYPVnN7vpfLnbr3Eyw99pWA/F
QQ84hBY4glsy4rFT9XzVnhnPI/rGj1NfKNvQVJ8YyBVxRYIdmlXEbh4DYqT4U9zS
Pn0jQKM6T6E6CVHAv8GI3kiJ1wIDAQABo4IDFTCCAxEwHQYDVR0OBBYEFNb/oG9B
dQD24UNF4v25CiKW3yTSMB8GA1UdIwQYMBaAFPyqCGIm3wKvg5T6si0fuW4LfWXd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOThEQS8zNEYzNjEyRTI2
ODExMUVBOTAzRDcwNThDNEY5QUUwMi9fS29JWWliZkFxLURsUHF5TFItNWJndDla
ZDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19Lb0lZaWJmQXEtRGxQcXlMUi01Ymd0OVpkMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjk4REEvMzRGMzYxMkUyNjgxMTFFQTkwM0Q3MDU4QzRGOUFFMDIvQ0Y1RjFGQkVC
NkZFMTFGMEE5RjcyQjcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZ4GCCsGAQUFBwEHAQH/
BIGOMIGLMHoEAgABMHQDBAIk/2QDBAIr5aQDBAIr5zwDBAIr+AwDBAItcXwwDAME
AC11aQMEAi11aAMEAmcYYAMEAWcj1gMEAmcnUAMEAmcxiAMEAmcynAMEAmc1LAME
Amc5qAMEAWdGVAMEAmfIxAMEAmfRVAMEAnU1KAMEApaBBDANBAIAAjAHAwUAJAAW
gDANBgkqhkiG9w0BAQsFAAOCAQEAjn/7SVqk5lPC0rwefuS006IYN/8dIP5p69jb
De+m37wFTgCmiRF/IWvAdXa4nsw2n4bmtb+MF3L05iH7gJ74vVFKYAvMSNznNN96
fPp9l5Sn5ac7SkPFsCLtgnB/8vT0mxJDgQygG9V3OjTz5K6O594yqZqS6FKAKyiO
OHdWeqB7hCRZnBgGeInjemQb9eaTLS6fMMYwm1B5A8MSP9G6hjMoBnVjNutzi/NG
IbxlSC78OkrUFwZkPK+hSzq7Jz6ol+XM3A8eTEYnZI1eeI1f1i9g6Jbrexx+osNN
6T7RRaKe0mMrYOz4niNDrQcOuxDV4vUZNv4RqsGzEFPsJ6/b6w==
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:00:01 2025 by rpki-client