Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9146AD7/F8BABACA8B8911E790115C3FC4F9AE02/3003BB4EB3A411F0B8845739C4F9AE02.roa
File: 3003BB4EB3A411F0B8845739C4F9AE02.roa (raw, json)
Hash identifier: UycMltR2Ynhn38PRQa1nzKUMNJLr7f35szWGmspWwxg=
Subject key identifier: 91:0C:36:0B:A5:4C:11:3A:F0:77:6E:28:51:94:7E:87:EC:D1:02:D8
Certificate issuer: /CN=A9146AD7/serialNumber=BAF5ADA32CA0D34CF3CCF53ABDF86DE6F8ED9005
Certificate serial: 1A39
Authority key identifier: BA:F5:AD:A3:2C:A0:D3:4C:F3:CC:F5:3A:BD:F8:6D:E6:F8:ED:90:05
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uvWtoyyg00zzzPU6vfht5vjtkAU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9146AD7/F8BABACA8B8911E790115C3FC4F9AE02/3003BB4EB3A411F0B8845739C4F9AE02.roa
Signing time: Tue 28 Oct 2025 02:17:01 +0000
ROA not before: Tue 28 Oct 2025 02:17:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 116.89.224.0/20 maxlen: 24
121.74.0.0/16 maxlen: 16
121.75.0.0/16 maxlen: 16
121.90.0.0/16 maxlen: 16
124.6.192.0/19 maxlen: 19
124.6.198.0/24 maxlen: 24
202.0.32.0/19 maxlen: 19
202.20.93.0/24 maxlen: 24
202.36.72.0/24 maxlen: 24
203.96.144.0/20 maxlen: 20
203.96.152.0/24 maxlen: 24
203.96.192.0/19 maxlen: 19
203.97.128.0/17 maxlen: 17
203.97.183.0/24 maxlen: 24
203.97.184.0/23 maxlen: 23
203.97.224.0/24 maxlen: 24
203.97.225.0/24 maxlen: 24
203.97.226.0/24 maxlen: 24
203.97.227.0/24 maxlen: 24
203.97.232.0/24 maxlen: 24
203.97.246.0/23 maxlen: 23
203.109.128.0/17 maxlen: 17
203.109.143.0/24 maxlen: 24
203.109.179.0/24 maxlen: 24
203.109.183.0/24 maxlen: 24
203.144.32.0/20 maxlen: 24
210.246.0.0/18 maxlen: 18
218.101.0.0/18 maxlen: 18
218.101.64.0/18 maxlen: 18
2001:4400::/30 maxlen: 48
2407:7000::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9146AD7/F8BABACA8B8911E790115C3FC4F9AE02/uvWtoyyg00zzzPU6vfht5vjtkAU.crl
rsync://rpki.apnic.net/member_repository/A9146AD7/F8BABACA8B8911E790115C3FC4F9AE02/uvWtoyyg00zzzPU6vfht5vjtkAU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uvWtoyyg00zzzPU6vfht5vjtkAU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 09 Nov 2025 16:26:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6713 (0x1a39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9146AD7, serialNumber=BAF5ADA32CA0D34CF3CCF53ABDF86DE6F8ED9005
Validity
Not Before: Oct 28 02:17:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6900279d-d1db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f2:9a:76:3c:6d:cf:90:08:58:07:59:77:50:
6e:af:e7:88:9a:76:53:46:01:c1:94:5b:8a:00:0d:
54:f5:96:be:15:61:cb:3d:3c:f6:5a:ab:0e:6b:61:
32:1d:8b:ef:da:5d:48:cc:b1:8d:6f:f9:c1:f9:78:
53:d2:5f:2f:14:96:5f:a3:62:2d:d5:fe:7c:30:e8:
02:2d:52:64:ca:25:db:a5:97:da:2b:77:fe:e7:e6:
4e:5d:0f:a7:e4:5a:a8:a2:f7:37:9b:dc:63:5b:0e:
2a:78:d8:61:63:32:fb:0b:95:78:fa:a4:d2:32:85:
5f:4f:95:bf:0b:e0:f0:45:78:31:a0:fe:e7:47:0b:
ea:14:ff:17:31:c3:bd:2f:de:72:11:1a:78:61:75:
15:04:2a:55:74:94:20:84:0d:9f:6b:0e:4a:4d:4e:
4e:e4:8d:00:d0:89:a4:81:01:5b:5e:19:41:c9:8a:
f9:e6:2c:eb:bc:7e:cf:78:d3:78:44:0a:2d:05:de:
97:d6:f1:b0:7c:67:6a:d3:33:01:90:ba:9c:95:35:
43:f7:2e:a9:7c:e9:9c:7f:17:96:ae:d1:8d:3a:82:
55:0b:02:c3:e1:42:68:0e:12:89:6b:e7:49:e3:2b:
5c:22:d1:6b:6c:fe:41:63:fd:3c:36:3c:4f:4f:51:
49:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:0C:36:0B:A5:4C:11:3A:F0:77:6E:28:51:94:7E:87:EC:D1:02:D8
X509v3 Authority Key Identifier:
keyid:BA:F5:AD:A3:2C:A0:D3:4C:F3:CC:F5:3A:BD:F8:6D:E6:F8:ED:90:05
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9146AD7/F8BABACA8B8911E790115C3FC4F9AE02/uvWtoyyg00zzzPU6vfht5vjtkAU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uvWtoyyg00zzzPU6vfht5vjtkAU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146AD7/F8BABACA8B8911E790115C3FC4F9AE02/3003BB4EB3A411F0B8845739C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.89.224.0/20
121.74.0.0/15
121.90.0.0/16
124.6.192.0/19
202.0.32.0/19
202.20.93.0/24
202.36.72.0/24
203.96.144.0/20
203.96.192.0/19
203.97.128.0/17
203.109.128.0/17
203.144.32.0/20
210.246.0.0/18
218.101.0.0/17
IPv6:
2001:4400::/30
2407:7000::/32
Signature Algorithm: sha256WithRSAEncryption
4f:f8:fd:7d:b5:32:49:d0:2a:13:b6:ac:78:e5:78:ef:78:f2:
e9:b5:37:56:90:b4:96:22:99:00:55:0e:e9:ce:9c:f7:06:9c:
10:51:49:c7:48:8f:b2:0e:43:8c:47:1a:95:c4:d2:d0:52:ad:
77:f0:60:ad:2f:9c:b5:1d:d2:5f:32:82:13:f4:ea:39:c4:27:
85:bf:b6:11:1b:17:d0:4c:e2:ff:30:60:72:73:f4:40:5d:1a:
35:e4:4d:11:48:70:29:f7:07:c2:38:4e:3a:5f:52:12:a9:56:
f7:a6:0c:a8:d0:3a:9a:0f:cc:ea:c0:f0:0d:6f:f8:53:84:ea:
cf:f6:44:aa:41:ba:eb:d5:4f:b2:ae:24:52:06:33:a4:48:6a:
fc:ed:e2:31:a0:45:e6:f5:e5:ba:fb:12:7e:5a:70:77:cc:da:
7a:b4:fb:a0:2a:81:a1:1f:5c:66:cb:2b:7d:44:14:29:e0:3f:
25:56:02:97:77:e8:e2:c1:7e:28:26:e7:e7:3d:46:05:3c:2c:
80:50:a9:b9:b8:0c:bc:5a:f8:08:97:e8:72:ce:05:45:fc:76:
92:33:d8:bd:32:b3:4b:6c:7d:48:a9:b6:61:15:5c:51:5f:61:
61:19:a2:21:9b:89:74:fc:d0:e6:5e:61:6b:3d:27:b2:f4:0e:
a8:0b:5a:a7
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgICGjkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDZBRDcxMTAvBgNVBAUTKEJBRjVBREEzMkNBMEQzNENGM0NDRjUzQUJERjg2REU2
RjhFRDkwMDUwHhcNMjUxMDI4MDIxNzAxWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OTAwMjc5ZC1kMWRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy/Kadjxtz5AIWAdZd1Bur+eImnZTRgHBlFuKAA1U9Za+FWHLPTz2WqsOa2Ey
HYvv2l1IzLGNb/nB+XhT0l8vFJZfo2It1f58MOgCLVJkyiXbpZfaK3f+5+ZOXQ+n
5Fqoovc3m9xjWw4qeNhhYzL7C5V4+qTSMoVfT5W/C+DwRXgxoP7nRwvqFP8XMcO9
L95yERp4YXUVBCpVdJQghA2faw5KTU5O5I0A0ImkgQFbXhlByYr55izrvH7PeNN4
RAotBd6X1vGwfGdq0zMBkLqclTVD9y6pfOmcfxeWrtGNOoJVCwLD4UJoDhKJa+dJ
4ytcItFrbP5BY/08NjxPT1FJUwIDAQABo4IC+DCCAvQwHQYDVR0OBBYEFJEMNgul
TBE68HduKFGUfofs0QLYMB8GA1UdIwQYMBaAFLr1raMsoNNM88z1Or34beb47ZAF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NkFENy9GOEJBQkFDQThC
ODkxMUU3OTAxMTVDM0ZDNEY5QUUwMi91dld0b3l5ZzAwenp6UFU2dmZodDV2anRr
QVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3V2V3RveXlnMDB6enpQVTZ2Zmh0NXZqdGtBVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDZBRDcvRjhCQUJBQ0E4Qjg5MTFFNzkwMTE1QzNGQzRGOUFFMDIvMzAwM0JCNEVC
M0E0MTFGMEI4ODQ1NzM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYEGCCsGAQUFBwEHAQH/
BHIwcDBYBAIAATBSAwQEdFngAwMBeUoDAwB5WgMEBXwGwAMEBcoAIAMEAMoUXQME
AMokSAMEBMtgkAMEBctgwAMEB8thgAMEB8ttgAMEBMuQIAMEBtL2AAMEB9plADAU
BAIAAjAOAwUCIAFEAAMFACQHcAAwDQYJKoZIhvcNAQELBQADggEBAE/4/X21MknQ
KhO2rHjleO948um1N1aQtJYimQBVDunOnPcGnBBRScdIj7IOQ4xHGpXE0tBSrXfw
YK0vnLUd0l8yghP06jnEJ4W/thEbF9BM4v8wYHJz9EBdGjXkTRFIcCn3B8I4Tjpf
UhKpVvemDKjQOpoPzOrA8A1v+FOE6s/2RKpBuuvVT7KuJFIGM6RIavzt4jGgReb1
5br7En5acHfM2nq0+6AqgaEfXGbLK31EFCngPyVWApd36OLBfigm5+c9RgU8LIBQ
qbm4DLxa+AiX6HLOBUX8dpIz2L0ys0tsfUiptmEVXFFfYWEZoiGbiXT80OZeYWs9
J7L0DqgLWqc=
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:01:18 2025 by rpki-client