Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
File: CCF0C1920EBA11ECB2C2867AC4F9AE02.roa (raw, json)
Hash identifier: 9ytKh3T9Z/Kw2eQnrRMwlwaEeF0CXemNBNTyZ/XjMpg=
Subject key identifier: 64:BC:14:84:BB:4C:E8:5B:05:21:C0:2D:A6:2E:86:FD:9D:0F:12:01
Certificate issuer: /CN=A9150F66/serialNumber=9009E74196D48B03964F1FC56CFE446EC5048CF7
Certificate serial: 28D2
Authority key identifier: 90:09:E7:41:96:D4:8B:03:96:4F:1F:C5:6C:FE:44:6E:C5:04:8C:F7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
Signing time: Sat 24 May 2025 15:43:34 +0000
ROA not before: Sat 24 May 2025 15:43:34 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 24440
IP address blocks: 36.255.44.0/22 maxlen: 24
43.242.100.0/22 maxlen: 24
58.65.192.0/19 maxlen: 24
61.5.128.0/19 maxlen: 24
101.53.224.0/19 maxlen: 24
103.7.60.0/22 maxlen: 24
103.18.8.0/22 maxlen: 24
103.18.12.0/22 maxlen: 24
103.18.20.0/22 maxlen: 24
103.26.80.0/22 maxlen: 24
103.26.84.0/22 maxlen: 24
103.31.92.0/22 maxlen: 24
103.31.100.0/22 maxlen: 24
103.31.104.0/22 maxlen: 24
103.244.172.0/22 maxlen: 24
103.244.176.0/22 maxlen: 24
103.245.132.0/22 maxlen: 24
103.245.192.0/22 maxlen: 24
119.13.184.0/21 maxlen: 24
124.29.192.0/18 maxlen: 24
175.107.192.0/18 maxlen: 24
202.47.32.0/19 maxlen: 24
202.163.64.0/19 maxlen: 24
202.163.96.0/19 maxlen: 24
203.101.160.0/19 maxlen: 24
218.100.85.0/24 maxlen: 24
2001:4538::/32 maxlen: 32
2001:4538:41::/48 maxlen: 48
2400:adc0:9::/64 maxlen: 64
2400:adc0:200::/48 maxlen: 48
2400:adc0:4005::/48 maxlen: 48
2400:adc0:4013::/48 maxlen: 48
2400:adc0:4203::/48 maxlen: 48
2400:adc0:4302::/48 maxlen: 48
2400:adc0:4500::/48 maxlen: 48
2400:adc0:4611::/48 maxlen: 48
2400:adc0:4700::/48 maxlen: 48
2400:adc0:4710::/48 maxlen: 48
2400:adc0:4711::/48 maxlen: 48
2400:adc0:c001::/48 maxlen: 48
2400:adc0:c003::/48 maxlen: 48
2400:adc0:c030::/48 maxlen: 48
2400:adc0:c102::/48 maxlen: 48
2400:adc0:c210::/48 maxlen: 48
2400:adc0:c211::/48 maxlen: 48
2400:adc0:c310::/48 maxlen: 48
2400:adc2:100::/48 maxlen: 48
2400:adc2:300::/40 maxlen: 40
2400:adc2:400::/40 maxlen: 40
2400:adc2:600::/40 maxlen: 40
2400:adc2:700::/40 maxlen: 40
2400:adc2:900::/40 maxlen: 40
2400:adc2:a00::/40 maxlen: 40
2400:adc4::/40 maxlen: 40
2400:adc4:100::/40 maxlen: 40
2400:adc4:800::/40 maxlen: 40
2400:adc4:900::/40 maxlen: 40
2400:adc5::/42 maxlen: 42
2400:adc5:40::/42 maxlen: 42
2400:adc5:80::/42 maxlen: 42
2400:adc5:c0::/42 maxlen: 42
2400:adc5:100::/42 maxlen: 42
2400:adc5:140::/42 maxlen: 42
2400:adc5:180::/42 maxlen: 42
2400:adc5:1c0::/42 maxlen: 42
2400:adc5:300::/42 maxlen: 42
2400:adc5:340::/42 maxlen: 42
2400:adc5:380::/42 maxlen: 42
2400:adc5:3c0::/42 maxlen: 42
2400:adc5:400::/42 maxlen: 42
2400:adc5:440::/42 maxlen: 42
2400:adc5:480::/42 maxlen: 42
2400:adc5:4c0::/42 maxlen: 42
2400:adca::/40 maxlen: 40
2400:adca:100::/40 maxlen: 40
2400:addb:800::/40 maxlen: 40
2400:addb:900::/40 maxlen: 40
2400:addd:2000::/40 maxlen: 40
2400:addd:2100::/40 maxlen: 40
2400:addd:2800::/40 maxlen: 40
2400:addd:2900::/40 maxlen: 40
2400:adde::/40 maxlen: 40
2400:adde:100::/40 maxlen: 40
2400:addf:800::/40 maxlen: 40
2400:addf:900::/40 maxlen: 40
2400:addf:1000::/40 maxlen: 40
2400:addf:1100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.crl
rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 23 Jun 2025 15:44:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10450 (0x28d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9150F66, serialNumber=9009E74196D48B03964F1FC56CFE446EC5048CF7
Validity
Not Before: May 24 15:43:34 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=6831e925-4650
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4d:5d:68:1e:2a:db:92:d3:f9:8e:b3:30:29:
fe:13:59:7c:99:c9:1f:cc:26:32:47:6b:b3:f3:ba:
d1:2a:c6:a9:65:23:eb:4a:6f:78:91:c9:7b:a9:25:
47:8c:22:1b:6f:09:26:d1:3c:dc:97:de:22:ef:0b:
59:0a:68:c5:fe:d6:e5:bb:e1:f4:6c:64:09:fa:5c:
d1:64:72:a0:2b:47:4d:a5:d0:7f:5a:5c:93:ce:1d:
3a:ea:f2:4c:e2:c0:0c:a8:bd:d1:63:a4:97:ec:55:
22:79:c3:b7:a4:bb:93:45:4c:dd:c3:15:ff:c6:34:
1a:df:a4:84:98:2e:9c:dc:8f:af:0c:eb:56:b4:12:
0f:f4:58:d1:5c:ac:db:14:47:1c:58:9c:ef:16:73:
64:74:9a:69:c8:35:18:0b:9c:1c:8d:2b:e0:53:c3:
db:8b:84:02:e3:2f:04:2e:d4:27:d8:42:5e:dd:eb:
10:46:3d:25:36:db:b4:78:85:50:89:58:d0:84:2f:
9a:f0:fc:8c:3a:29:74:ef:46:9b:03:a8:a8:b4:12:
a9:65:58:28:33:cb:24:24:91:3f:58:52:0b:fa:9c:
6f:f0:a8:6b:31:24:e7:54:60:9a:1d:a6:12:58:1f:
a5:7d:21:17:6f:f3:9f:63:0c:ca:9a:84:03:c7:c1:
77:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:BC:14:84:BB:4C:E8:5B:05:21:C0:2D:A6:2E:86:FD:9D:0F:12:01
X509v3 Authority Key Identifier:
keyid:90:09:E7:41:96:D4:8B:03:96:4F:1F:C5:6C:FE:44:6E:C5:04:8C:F7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.44.0/22
43.242.100.0/22
58.65.192.0/19
61.5.128.0/19
101.53.224.0/19
103.7.60.0/22
103.18.8.0/21
103.18.20.0/22
103.26.80.0/21
103.31.92.0/22
103.31.100.0-103.31.107.255
103.244.172.0-103.244.179.255
103.245.132.0/22
103.245.192.0/22
119.13.184.0/21
124.29.192.0/18
175.107.192.0/18
202.47.32.0/19
202.163.64.0/18
203.101.160.0/19
218.100.85.0/24
IPv6:
2001:4538::/32
2400:adc0:9::/64
2400:adc0:200::/48
2400:adc0:4005::/48
2400:adc0:4013::/48
2400:adc0:4203::/48
2400:adc0:4302::/48
2400:adc0:4500::/48
2400:adc0:4611::/48
2400:adc0:4700::/48
2400:adc0:4710::/47
2400:adc0:c001::/48
2400:adc0:c003::/48
2400:adc0:c030::/48
2400:adc0:c102::/48
2400:adc0:c210::/47
2400:adc0:c310::/48
2400:adc2:100::/48
2400:adc2:300::-2400:adc2:4ff:ffff:ffff:ffff:ffff:ffff
2400:adc2:600::/39
2400:adc2:900::-2400:adc2:aff:ffff:ffff:ffff:ffff:ffff
2400:adc4::/39
2400:adc4:800::/39
2400:adc5::/39
2400:adc5:300::-2400:adc5:4ff:ffff:ffff:ffff:ffff:ffff
2400:adca::/39
2400:addb:800::/39
2400:addd:2000::/39
2400:addd:2800::/39
2400:adde::/39
2400:addf:800::/39
2400:addf:1000::/39
Signature Algorithm: sha256WithRSAEncryption
3d:35:02:0f:17:18:5f:1f:f8:f2:d9:16:02:fa:c7:9e:a4:26:
c1:51:e2:99:eb:26:ff:24:3f:55:c4:fc:35:3d:8f:01:ac:1b:
c2:c0:b8:13:96:ac:c9:c7:93:e9:93:f2:d7:dc:bb:1f:c3:2f:
98:58:d7:24:1c:58:06:ec:a4:8a:c4:14:ba:a2:6a:21:d6:fd:
9e:81:f0:0d:a6:19:5b:b1:7b:dc:d1:98:02:bf:3e:40:3e:0e:
d0:ac:ba:40:0f:e2:0b:2e:7a:95:fa:83:a8:53:fc:5b:e2:5b:
3d:0e:41:ae:d7:d0:8c:67:90:36:98:ff:2f:bb:01:1a:1a:52:
9e:6f:59:6e:75:67:26:44:36:60:04:04:bf:28:2f:da:7f:e8:
a9:52:e1:2e:ab:c4:a1:d0:b5:3f:19:7e:c4:4c:e6:1d:f3:d1:
af:4f:45:76:c2:20:39:68:a8:7b:86:39:84:59:04:27:f0:5c:
8d:9e:28:bb:3a:b5:cf:ae:30:12:da:5a:83:43:fc:40:5c:13:
6f:19:79:cc:a5:49:d2:ed:94:ef:e6:7c:9c:e0:41:73:ef:bf:
09:21:ed:a8:ff:64:48:43:12:fa:df:cf:69:23:03:3a:10:84:
c7:97:c2:a5:19:06:01:6b:cd:43:77:6b:55:d7:25:89:13:3b:
ee:63:27:c3
-----BEGIN CERTIFICATE-----
MIIHPTCCBiWgAwIBAgICKNIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTBGNjYxMTAvBgNVBAUTKDkwMDlFNzQxOTZENDhCMDM5NjRGMUZDNTZDRkU0NDZF
QzUwNDhDRjcwHhcNMjUwNTI0MTU0MzM0WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODMxZTkyNS00NjUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvE1daB4q25LT+Y6zMCn+E1l8mckfzCYyR2uz87rRKsapZSPrSm94kcl7qSVH
jCIbbwkm0Tzcl94i7wtZCmjF/tblu+H0bGQJ+lzRZHKgK0dNpdB/WlyTzh066vJM
4sAMqL3RY6SX7FUiecO3pLuTRUzdwxX/xjQa36SEmC6c3I+vDOtWtBIP9FjRXKzb
FEccWJzvFnNkdJppyDUYC5wcjSvgU8Pbi4QC4y8ELtQn2EJe3esQRj0lNtu0eIVQ
iVjQhC+a8PyMOil070abA6iotBKpZVgoM8skJJE/WFIL+pxv8KhrMSTnVGCaHaYS
WB+lfSEXb/OfYwzKmoQDx8F33wIDAQABo4IEYTCCBF0wHQYDVR0OBBYEFGS8FIS7
TOhbBSHALaYuhv2dDxIBMB8GA1UdIwQYMBaAFJAJ50GW1IsDlk8fxWz+RG7FBIz3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MEY2Ni9CQzFEQzFGNkMx
NzUxMUU0QTJDN0I3NENDNEY5QUUwMi9rQW5uUVpiVWl3T1dUeF9GYlA1RWJzVUVq
UGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tBbm5RWmJVaXdPV1R4X0ZiUDVFYnNVRWpQYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTBGNjYvQkMxREMxRjZDMTc1MTFFNEEyQzdCNzRDQzRGOUFFMDIvQ0NGMEMxOTIw
RUJBMTFFQ0IyQzI4NjdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggHpBggrBgEFBQcBBwEB
/wSCAdgwggHUMIGVBAIAATCBjgMEAiT/LAMEAivyZAMEBTpBwAMEBT0FgAMEBWU1
4AMEAmcHPAMEA2cSCAMEAmcSFAMEA2caUAMEAmcfXDAMAwQCZx9kAwQCZx9oMAwD
BAJn9KwDBAJn9LADBAJn9YQDBAJn9cADBAN3DbgDBAZ8HcADBAava8ADBAXKLyAD
BAbKo0ADBAXLZaADBADaZFUwggE4BAIAAjCCATADBQAgAUU4AwkAJACtwAAJAAAD
BwAkAK3AAgADBwAkAK3AQAUDBwAkAK3AQBMDBwAkAK3AQgMDBwAkAK3AQwIDBwAk
AK3ARQADBwAkAK3ARhEDBwAkAK3ARwADBwEkAK3ARxADBwAkAK3AwAEDBwAkAK3A
wAMDBwAkAK3AwDADBwAkAK3AwQIDBwEkAK3AwhADBwAkAK3AwxADBwAkAK3CAQAw
EAMGACQArcIDAwYAJACtwgQDBgEkAK3CBjAQAwYAJACtwgkDBgAkAK3CCgMGASQA
rcQAAwYBJACtxAgDBgEkAK3FADAQAwYAJACtxQMDBgAkAK3FBAMGASQArcoAAwYB
JACt2wgDBgEkAK3dIAMGASQArd0oAwYBJACt3gADBgEkAK3fCAMGASQArd8QMA0G
CSqGSIb3DQEBCwUAA4IBAQA9NQIPFxhfH/jy2RYC+seepCbBUeKZ6yb/JD9VxPw1
PY8BrBvCwLgTlqzJx5Ppk/LX3Lsfwy+YWNckHFgG7KSKxBS6omoh1v2egfANphlb
sXvc0ZgCvz5APg7QrLpAD+ILLnqV+oOoU/xb4ls9DkGu19CMZ5A2mP8vuwEaGlKe
b1ludWcmRDZgBAS/KC/af+ipUuEuq8Sh0LU/GX7ETOYd89GvT0V2wiA5aKh7hjmE
WQQn8FyNnii7OrXPrjAS2lqDQ/xAXBNvGXnMpUnS7ZTv5nyc4EFz778JIe2o/2RI
QxL6389pIwM6EITHl8KlGQYBa81Dd2tV1yWJEzvuYyfD
-----END CERTIFICATE-----
Generated at Wed Jun 18 06:42:16 2025 by rpki-client