Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
File: CCF0C1920EBA11ECB2C2867AC4F9AE02.roa (raw, json)
Hash identifier: 6aOo70Q7K4tYLTCpg+ZsGuHxEyJ9A5waQxjGOykwyX4=
Subject key identifier: A9:58:28:18:2B:28:00:FD:A5:FF:6B:C8:CC:4F:07:39:FB:80:D5:A4
Certificate issuer: /CN=A9150F66/serialNumber=9009E74196D48B03964F1FC56CFE446EC5048CF7
Certificate serial: 2904
Authority key identifier: 90:09:E7:41:96:D4:8B:03:96:4F:1F:C5:6C:FE:44:6E:C5:04:8C:F7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
Signing time: Thu 31 Jul 2025 06:14:57 +0000
ROA not before: Thu 31 Jul 2025 06:14:57 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 24440
IP address blocks: 36.255.44.0/22 maxlen: 24
43.242.100.0/22 maxlen: 24
58.65.192.0/19 maxlen: 24
61.5.128.0/19 maxlen: 24
101.53.224.0/19 maxlen: 24
103.7.60.0/22 maxlen: 24
103.18.8.0/22 maxlen: 24
103.18.12.0/22 maxlen: 24
103.18.20.0/22 maxlen: 24
103.26.80.0/22 maxlen: 24
103.26.84.0/22 maxlen: 24
103.31.92.0/22 maxlen: 24
103.31.100.0/22 maxlen: 24
103.31.104.0/22 maxlen: 24
103.244.172.0/22 maxlen: 24
103.244.176.0/22 maxlen: 24
103.245.132.0/22 maxlen: 24
103.245.192.0/22 maxlen: 24
119.13.184.0/21 maxlen: 24
124.29.192.0/18 maxlen: 24
175.107.192.0/18 maxlen: 24
202.47.32.0/19 maxlen: 24
202.163.64.0/19 maxlen: 24
202.163.96.0/19 maxlen: 24
203.101.160.0/19 maxlen: 24
218.100.85.0/24 maxlen: 24
2001:4538::/32 maxlen: 32
2001:4538:41::/48 maxlen: 48
2400:adc0:9::/64 maxlen: 64
2400:adc0:200::/48 maxlen: 48
2400:adc0:201::/48 maxlen: 48
2400:adc0:4005::/48 maxlen: 48
2400:adc0:4006::/48 maxlen: 48
2400:adc0:4013::/48 maxlen: 48
2400:adc0:4104::/48 maxlen: 48
2400:adc0:4203::/48 maxlen: 48
2400:adc0:4302::/48 maxlen: 48
2400:adc0:4303::/48 maxlen: 48
2400:adc0:4500::/48 maxlen: 48
2400:adc0:4611::/48 maxlen: 48
2400:adc0:4700::/48 maxlen: 48
2400:adc0:4710::/48 maxlen: 48
2400:adc0:4711::/48 maxlen: 48
2400:adc0:c001::/48 maxlen: 48
2400:adc0:c003::/48 maxlen: 48
2400:adc0:c030::/48 maxlen: 48
2400:adc0:c102::/48 maxlen: 48
2400:adc0:c210::/48 maxlen: 48
2400:adc0:c211::/48 maxlen: 48
2400:adc0:c310::/48 maxlen: 48
2400:adc0:c410::/48 maxlen: 48
2400:adc2:100::/48 maxlen: 48
2400:adc2:300::/40 maxlen: 40
2400:adc2:400::/40 maxlen: 40
2400:adc2:600::/40 maxlen: 40
2400:adc2:700::/40 maxlen: 40
2400:adc2:900::/40 maxlen: 40
2400:adc2:a00::/40 maxlen: 40
2400:adc4::/40 maxlen: 40
2400:adc4:100::/40 maxlen: 40
2400:adc4:800::/40 maxlen: 40
2400:adc4:900::/40 maxlen: 40
2400:adc5::/42 maxlen: 42
2400:adc5:40::/42 maxlen: 42
2400:adc5:80::/42 maxlen: 42
2400:adc5:c0::/42 maxlen: 42
2400:adc5:100::/42 maxlen: 42
2400:adc5:140::/42 maxlen: 42
2400:adc5:180::/42 maxlen: 42
2400:adc5:1c0::/42 maxlen: 42
2400:adc5:300::/42 maxlen: 42
2400:adc5:340::/42 maxlen: 42
2400:adc5:380::/42 maxlen: 42
2400:adc5:3c0::/42 maxlen: 42
2400:adc5:400::/42 maxlen: 42
2400:adc5:440::/42 maxlen: 42
2400:adc5:480::/42 maxlen: 42
2400:adc5:4c0::/42 maxlen: 42
2400:adca::/40 maxlen: 40
2400:adca:100::/40 maxlen: 40
2400:addb:800::/40 maxlen: 40
2400:addb:900::/40 maxlen: 40
2400:addd:2000::/40 maxlen: 40
2400:addd:2100::/40 maxlen: 40
2400:addd:2800::/40 maxlen: 40
2400:addd:2900::/40 maxlen: 40
2400:adde::/40 maxlen: 40
2400:adde:100::/40 maxlen: 40
2400:addf:800::/40 maxlen: 40
2400:addf:900::/40 maxlen: 40
2400:addf:1000::/40 maxlen: 40
2400:addf:1100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.crl
rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10500 (0x2904)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9150F66, serialNumber=9009E74196D48B03964F1FC56CFE446EC5048CF7
Validity
Not Before: Jul 31 06:14:57 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=688b09e1-8213
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:73:7f:62:44:5d:7c:11:df:e8:01:52:2c:d2:
9b:c0:b5:4d:83:ef:81:60:c7:4a:7b:99:5e:53:8e:
0a:eb:62:23:88:ec:48:0d:7b:99:9f:68:3b:52:80:
99:91:c8:3f:a8:91:ef:3f:db:18:68:8d:5e:4b:7d:
a3:ca:9e:f7:1a:63:f2:aa:7c:b9:ff:82:aa:ae:81:
f1:31:36:27:76:66:ff:d8:13:a7:72:13:23:18:3c:
6f:37:d3:14:13:9e:81:27:06:b2:13:d5:b6:9c:f0:
5f:51:c6:40:e8:3d:5d:e8:a9:6f:6e:db:62:48:40:
7d:a7:2f:7f:96:32:d4:cc:d2:81:eb:2c:fa:e0:a7:
9b:0c:45:8e:2b:c2:f8:e3:bc:4f:55:ef:21:10:58:
00:95:87:8a:ab:ba:33:77:67:fd:b6:3b:16:90:9b:
11:f8:25:de:ed:fc:c0:b4:a0:1f:e2:66:74:ae:a1:
93:72:00:47:ce:e8:6b:c3:f0:7f:0a:55:06:a7:ad:
b0:1c:79:ee:42:c1:f8:50:12:1c:dc:03:af:bf:ba:
90:c2:27:a1:fe:71:30:05:af:bc:30:27:e7:b3:ba:
70:c1:bd:3a:6c:13:0e:a0:3a:aa:cf:dc:8d:5b:c1:
be:b3:00:36:81:fc:09:d0:37:73:70:cf:a4:c2:ce:
c1:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:58:28:18:2B:28:00:FD:A5:FF:6B:C8:CC:4F:07:39:FB:80:D5:A4
X509v3 Authority Key Identifier:
keyid:90:09:E7:41:96:D4:8B:03:96:4F:1F:C5:6C:FE:44:6E:C5:04:8C:F7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.44.0/22
43.242.100.0/22
58.65.192.0/19
61.5.128.0/19
101.53.224.0/19
103.7.60.0/22
103.18.8.0/21
103.18.20.0/22
103.26.80.0/21
103.31.92.0/22
103.31.100.0-103.31.107.255
103.244.172.0-103.244.179.255
103.245.132.0/22
103.245.192.0/22
119.13.184.0/21
124.29.192.0/18
175.107.192.0/18
202.47.32.0/19
202.163.64.0/18
203.101.160.0/19
218.100.85.0/24
IPv6:
2001:4538::/32
2400:adc0:9::/64
2400:adc0:200::/47
2400:adc0:4005::-2400:adc0:4006:ffff:ffff:ffff:ffff:ffff
2400:adc0:4013::/48
2400:adc0:4104::/48
2400:adc0:4203::/48
2400:adc0:4302::/47
2400:adc0:4500::/48
2400:adc0:4611::/48
2400:adc0:4700::/48
2400:adc0:4710::/47
2400:adc0:c001::/48
2400:adc0:c003::/48
2400:adc0:c030::/48
2400:adc0:c102::/48
2400:adc0:c210::/47
2400:adc0:c310::/48
2400:adc0:c410::/48
2400:adc2:100::/48
2400:adc2:300::-2400:adc2:4ff:ffff:ffff:ffff:ffff:ffff
2400:adc2:600::/39
2400:adc2:900::-2400:adc2:aff:ffff:ffff:ffff:ffff:ffff
2400:adc4::/39
2400:adc4:800::/39
2400:adc5::/39
2400:adc5:300::-2400:adc5:4ff:ffff:ffff:ffff:ffff:ffff
2400:adca::/39
2400:addb:800::/39
2400:addd:2000::/39
2400:addd:2800::/39
2400:adde::/39
2400:addf:800::/39
2400:addf:1000::/39
Signature Algorithm: sha256WithRSAEncryption
4c:23:eb:25:46:06:3b:e6:5f:58:af:a2:c5:df:86:67:28:e8:
7d:88:11:81:c2:98:20:a2:64:fb:37:d6:9d:41:ef:0b:7d:a6:
5a:27:b9:28:14:0a:f5:83:f7:f6:f8:5d:c9:22:f3:ef:f3:7e:
d9:5c:5d:42:f5:11:bc:6d:87:09:49:f2:79:84:ff:f3:6f:35:
71:5a:d2:9a:a3:d5:ee:34:3e:56:41:02:5d:5f:39:64:61:cd:
e2:67:02:6a:30:d8:6a:45:97:29:fa:3a:13:b4:70:08:87:65:
eb:ab:d4:ab:70:45:56:e2:8b:af:23:db:b1:9c:54:51:b7:fe:
b4:8a:d3:d6:79:23:c0:3a:f4:3d:54:cd:74:26:36:1a:09:0f:
b1:13:2d:a1:4a:32:4e:d9:bc:bc:3e:74:35:05:83:38:5f:02:
b6:f1:71:98:f4:95:8b:43:97:91:c3:67:1b:9d:25:12:9c:60:
5a:fc:47:1b:02:97:79:b7:4a:43:d0:7f:e1:b5:7a:86:a5:1d:
56:35:1e:fb:9c:2e:57:5f:8a:1a:73:2a:b5:da:5e:67:95:6d:
3f:71:1a:3c:46:bb:37:6b:7b:eb:50:a7:f1:49:42:e9:ea:83:
9a:44:a6:3a:6d:cb:a5:39:f7:83:12:23:4d:dd:5b:4a:0e:4d:
38:b1:e6:0b
-----BEGIN CERTIFICATE-----
MIIHWjCCBkKgAwIBAgICKQQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTBGNjYxMTAvBgNVBAUTKDkwMDlFNzQxOTZENDhCMDM5NjRGMUZDNTZDRkU0NDZF
QzUwNDhDRjcwHhcNMjUwNzMxMDYxNDU3WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODhiMDllMS04MjEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy3N/YkRdfBHf6AFSLNKbwLVNg++BYMdKe5leU44K62IjiOxIDXuZn2g7UoCZ
kcg/qJHvP9sYaI1eS32jyp73GmPyqny5/4KqroHxMTYndmb/2BOnchMjGDxvN9MU
E56BJwayE9W2nPBfUcZA6D1d6KlvbttiSEB9py9/ljLUzNKB6yz64KebDEWOK8L4
47xPVe8hEFgAlYeKq7ozd2f9tjsWkJsR+CXe7fzAtKAf4mZ0rqGTcgBHzuhrw/B/
ClUGp62wHHnuQsH4UBIc3AOvv7qQwieh/nEwBa+8MCfns7pwwb06bBMOoDqqz9yN
W8G+swA2gfwJ0DdzcM+kws7BiwIDAQABo4IEfjCCBHowHQYDVR0OBBYEFKlYKBgr
KAD9pf9ryMxPBzn7gNWkMB8GA1UdIwQYMBaAFJAJ50GW1IsDlk8fxWz+RG7FBIz3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MEY2Ni9CQzFEQzFGNkMx
NzUxMUU0QTJDN0I3NENDNEY5QUUwMi9rQW5uUVpiVWl3T1dUeF9GYlA1RWJzVUVq
UGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tBbm5RWmJVaXdPV1R4X0ZiUDVFYnNVRWpQYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTBGNjYvQkMxREMxRjZDMTc1MTFFNEEyQzdCNzRDQzRGOUFFMDIvQ0NGMEMxOTIw
RUJBMTFFQ0IyQzI4NjdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggIGBggrBgEFBQcBBwEB
/wSCAfUwggHxMIGVBAIAATCBjgMEAiT/LAMEAivyZAMEBTpBwAMEBT0FgAMEBWU1
4AMEAmcHPAMEA2cSCAMEAmcSFAMEA2caUAMEAmcfXDAMAwQCZx9kAwQCZx9oMAwD
BAJn9KwDBAJn9LADBAJn9YQDBAJn9cADBAN3DbgDBAZ8HcADBAava8ADBAXKLyAD
BAbKo0ADBAXLZaADBADaZFUwggFVBAIAAjCCAU0DBQAgAUU4AwkAJACtwAAJAAAD
BwEkAK3AAgAwEgMHACQArcBABQMHACQArcBABgMHACQArcBAEwMHACQArcBBBAMH
ACQArcBCAwMHASQArcBDAgMHACQArcBFAAMHACQArcBGEQMHACQArcBHAAMHASQA
rcBHEAMHACQArcDAAQMHACQArcDAAwMHACQArcDAMAMHACQArcDBAgMHASQArcDC
EAMHACQArcDDEAMHACQArcDEEAMHACQArcIBADAQAwYAJACtwgMDBgAkAK3CBAMG
ASQArcIGMBADBgAkAK3CCQMGACQArcIKAwYBJACtxAADBgEkAK3ECAMGASQArcUA
MBADBgAkAK3FAwMGACQArcUEAwYBJACtygADBgEkAK3bCAMGASQArd0gAwYBJACt
3SgDBgEkAK3eAAMGASQArd8IAwYBJACt3xAwDQYJKoZIhvcNAQELBQADggEBAEwj
6yVGBjvmX1ivosXfhmco6H2IEYHCmCCiZPs31p1B7wt9plonuSgUCvWD9/b4Xcki
8+/zftlcXUL1EbxthwlJ8nmE//NvNXFa0pqj1e40PlZBAl1fOWRhzeJnAmow2GpF
lyn6OhO0cAiHZeur1KtwRVbii68j27GcVFG3/rSK09Z5I8A69D1UzXQmNhoJD7ET
LaFKMk7ZvLw+dDUFgzhfArbxcZj0lYtDl5HDZxudJRKcYFr8RxsCl3m3SkPQf+G1
eoalHVY1HvucLldfihpzKrXaXmeVbT9xGjxGuzdre+tQp/FJQunqg5pEpjpty6U5
94MSI03dW0oOTTix5gs=
-----END CERTIFICATE-----
Generated at Sat Aug 9 03:03:50 2025 by rpki-client