Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
File: CCF0C1920EBA11ECB2C2867AC4F9AE02.roa (raw, json)
Hash identifier: RiN7qmGENJ/a6NY3TfMPb2x9SlOQGchR1M+OSAYfI9k=
Subject key identifier: E0:BF:73:BF:77:F7:48:FD:32:B0:43:F3:D8:3E:90:C1:96:09:C5:79
Certificate issuer: /CN=A9150F66/serialNumber=9009E74196D48B03964F1FC56CFE446EC5048CF7
Certificate serial: 295B
Authority key identifier: 90:09:E7:41:96:D4:8B:03:96:4F:1F:C5:6C:FE:44:6E:C5:04:8C:F7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
Signing time: Wed 05 Nov 2025 05:53:54 +0000
ROA not before: Wed 05 Nov 2025 05:53:54 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 24440
IP address blocks: 36.255.44.0/22 maxlen: 24
43.242.100.0/22 maxlen: 24
58.65.192.0/19 maxlen: 24
61.5.128.0/19 maxlen: 24
101.53.224.0/19 maxlen: 24
103.7.60.0/22 maxlen: 24
103.18.8.0/22 maxlen: 24
103.18.12.0/22 maxlen: 24
103.18.20.0/22 maxlen: 24
103.26.80.0/22 maxlen: 24
103.26.84.0/22 maxlen: 24
103.31.92.0/22 maxlen: 24
103.31.100.0/22 maxlen: 24
103.31.104.0/22 maxlen: 24
103.244.172.0/22 maxlen: 24
103.244.176.0/22 maxlen: 24
103.245.132.0/22 maxlen: 24
103.245.192.0/22 maxlen: 24
119.13.184.0/21 maxlen: 24
124.29.192.0/18 maxlen: 24
175.107.192.0/18 maxlen: 24
202.47.32.0/19 maxlen: 24
202.163.64.0/19 maxlen: 24
202.163.96.0/19 maxlen: 24
203.101.160.0/19 maxlen: 24
218.100.85.0/24 maxlen: 24
2001:4538::/32 maxlen: 32
2001:4538:41::/48 maxlen: 48
2400:adc0:9::/64 maxlen: 64
2400:adc0:200::/48 maxlen: 48
2400:adc0:201::/48 maxlen: 48
2400:adc0:4005::/48 maxlen: 48
2400:adc0:4006::/48 maxlen: 48
2400:adc0:4013::/48 maxlen: 48
2400:adc0:4104::/48 maxlen: 48
2400:adc0:4203::/48 maxlen: 48
2400:adc0:4204::/48 maxlen: 48
2400:adc0:4302::/48 maxlen: 48
2400:adc0:4303::/48 maxlen: 48
2400:adc0:4500::/48 maxlen: 48
2400:adc0:4611::/48 maxlen: 48
2400:adc0:4700::/48 maxlen: 48
2400:adc0:4710::/48 maxlen: 48
2400:adc0:4711::/48 maxlen: 48
2400:adc0:4900::/48 maxlen: 48
2400:adc0:4910::/48 maxlen: 48
2400:adc0:4a10::/48 maxlen: 48
2400:adc0:4b10::/48 maxlen: 48
2400:adc0:c001::/48 maxlen: 48
2400:adc0:c003::/48 maxlen: 48
2400:adc0:c030::/48 maxlen: 48
2400:adc0:c102::/48 maxlen: 48
2400:adc0:c103::/48 maxlen: 48
2400:adc0:c210::/48 maxlen: 48
2400:adc0:c211::/48 maxlen: 48
2400:adc0:c310::/48 maxlen: 48
2400:adc0:c410::/48 maxlen: 48
2400:adc2:100::/48 maxlen: 48
2400:adc2:300::/40 maxlen: 40
2400:adc2:400::/40 maxlen: 40
2400:adc2:600::/40 maxlen: 40
2400:adc2:700::/40 maxlen: 40
2400:adc2:900::/40 maxlen: 40
2400:adc2:a00::/40 maxlen: 40
2400:adc4::/40 maxlen: 40
2400:adc4:100::/40 maxlen: 40
2400:adc4:800::/40 maxlen: 40
2400:adc4:900::/40 maxlen: 40
2400:adc5::/42 maxlen: 42
2400:adc5:40::/42 maxlen: 42
2400:adc5:80::/42 maxlen: 42
2400:adc5:c0::/42 maxlen: 42
2400:adc5:100::/42 maxlen: 42
2400:adc5:140::/42 maxlen: 42
2400:adc5:180::/42 maxlen: 42
2400:adc5:1c0::/42 maxlen: 42
2400:adc5:300::/42 maxlen: 42
2400:adc5:340::/42 maxlen: 42
2400:adc5:380::/42 maxlen: 42
2400:adc5:3c0::/42 maxlen: 42
2400:adc5:400::/42 maxlen: 42
2400:adc5:440::/42 maxlen: 42
2400:adc5:480::/42 maxlen: 42
2400:adc5:4c0::/42 maxlen: 42
2400:adca::/40 maxlen: 40
2400:adca:100::/40 maxlen: 40
2400:add9::/40 maxlen: 40
2400:add9:100::/40 maxlen: 40
2400:add9:200::/40 maxlen: 40
2400:add9:300::/40 maxlen: 40
2400:addb:800::/40 maxlen: 40
2400:addb:900::/40 maxlen: 40
2400:addd:2000::/40 maxlen: 40
2400:addd:2100::/40 maxlen: 40
2400:addd:2800::/40 maxlen: 40
2400:addd:2900::/40 maxlen: 40
2400:addd:4900::/40 maxlen: 40
2400:adde::/40 maxlen: 40
2400:adde:100::/40 maxlen: 40
2400:addf:800::/40 maxlen: 40
2400:addf:900::/40 maxlen: 40
2400:addf:1000::/40 maxlen: 40
2400:addf:1100::/40 maxlen: 40
2400:addf:3900::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.crl
rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 12 Nov 2025 06:02:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10587 (0x295b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9150F66, serialNumber=9009E74196D48B03964F1FC56CFE446EC5048CF7
Validity
Not Before: Nov 5 05:53:54 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=690ae671-05b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:50:63:9f:b5:83:4e:8b:82:00:a7:42:5b:2d:
d8:ee:43:9e:29:34:4c:c7:b0:52:f5:8e:bf:25:3d:
5f:9e:79:d9:56:5b:9c:dc:e2:cd:f1:66:38:f5:7e:
63:04:e7:ef:79:e8:73:8f:66:39:d2:38:04:0b:a2:
41:32:90:70:c6:6b:bc:94:41:96:75:e7:67:48:c0:
c3:f5:83:49:23:52:37:9f:f8:1f:f9:74:c5:3e:53:
c2:0f:ae:be:50:11:d4:ab:e5:f2:52:58:91:c2:ca:
a0:61:65:d5:8b:fa:09:a6:f6:cc:2c:cb:ad:54:ff:
93:4a:45:8e:e4:6c:3b:ed:26:4f:bb:81:ac:03:68:
3a:01:b9:d8:80:b3:a1:e4:93:89:e7:24:9e:9f:20:
f1:f7:72:11:81:cd:2d:3e:46:e6:14:69:ed:48:8d:
57:5d:c7:11:72:7b:29:35:0f:81:4f:99:a2:80:67:
a4:10:9c:64:cb:f9:70:b3:e0:58:49:8a:49:2f:e8:
e2:48:26:b7:84:82:b3:8c:f7:73:9e:58:4b:44:73:
d5:b7:fc:57:20:2b:60:de:ac:2b:02:ae:c4:ca:e2:
fc:e4:f3:d3:11:e9:46:84:82:d7:5f:ab:b9:35:2e:
44:18:e5:eb:54:50:b5:09:96:a9:4b:01:98:0e:fc:
64:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:BF:73:BF:77:F7:48:FD:32:B0:43:F3:D8:3E:90:C1:96:09:C5:79
X509v3 Authority Key Identifier:
keyid:90:09:E7:41:96:D4:8B:03:96:4F:1F:C5:6C:FE:44:6E:C5:04:8C:F7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.44.0/22
43.242.100.0/22
58.65.192.0/19
61.5.128.0/19
101.53.224.0/19
103.7.60.0/22
103.18.8.0/21
103.18.20.0/22
103.26.80.0/21
103.31.92.0/22
103.31.100.0-103.31.107.255
103.244.172.0-103.244.179.255
103.245.132.0/22
103.245.192.0/22
119.13.184.0/21
124.29.192.0/18
175.107.192.0/18
202.47.32.0/19
202.163.64.0/18
203.101.160.0/19
218.100.85.0/24
IPv6:
2001:4538::/32
2400:adc0:9::/64
2400:adc0:200::/47
2400:adc0:4005::-2400:adc0:4006:ffff:ffff:ffff:ffff:ffff
2400:adc0:4013::/48
2400:adc0:4104::/48
2400:adc0:4203::-2400:adc0:4204:ffff:ffff:ffff:ffff:ffff
2400:adc0:4302::/47
2400:adc0:4500::/48
2400:adc0:4611::/48
2400:adc0:4700::/48
2400:adc0:4710::/47
2400:adc0:4900::/48
2400:adc0:4910::/48
2400:adc0:4a10::/48
2400:adc0:4b10::/48
2400:adc0:c001::/48
2400:adc0:c003::/48
2400:adc0:c030::/48
2400:adc0:c102::/47
2400:adc0:c210::/47
2400:adc0:c310::/48
2400:adc0:c410::/48
2400:adc2:100::/48
2400:adc2:300::-2400:adc2:4ff:ffff:ffff:ffff:ffff:ffff
2400:adc2:600::/39
2400:adc2:900::-2400:adc2:aff:ffff:ffff:ffff:ffff:ffff
2400:adc4::/39
2400:adc4:800::/39
2400:adc5::/39
2400:adc5:300::-2400:adc5:4ff:ffff:ffff:ffff:ffff:ffff
2400:adca::/39
2400:add9::/38
2400:addb:800::/39
2400:addd:2000::/39
2400:addd:2800::/39
2400:addd:4900::/40
2400:adde::/39
2400:addf:800::/39
2400:addf:1000::/39
2400:addf:3900::/40
Signature Algorithm: sha256WithRSAEncryption
08:d6:a1:db:e9:ae:ca:ac:28:6f:4e:81:79:8b:be:da:8b:ce:
5c:97:6c:87:5f:a1:7b:f7:24:f7:79:c6:29:42:fb:90:68:e1:
77:26:12:ea:bb:10:bf:8a:ee:72:af:40:8d:2f:30:71:9a:73:
b5:d7:61:23:cf:95:f3:9b:7e:2e:80:a9:70:28:c0:68:99:21:
9d:50:24:d3:2d:8c:d6:1c:06:91:e8:c7:98:03:3b:f4:2f:30:
af:0b:13:6d:79:9c:ec:2e:f3:7b:99:57:1b:22:18:3f:f0:83:
96:4b:6d:e5:59:ec:cb:60:de:b2:93:e6:10:a5:a0:18:a0:68:
ea:a6:95:0d:55:ca:5c:ad:cb:d2:0f:8b:66:7a:d8:bb:21:96:
91:e5:75:4f:54:0f:1a:24:75:f7:0f:ab:a2:72:63:d8:d0:8a:
0c:58:02:6c:2d:2d:3e:0e:dd:47:5e:3c:b4:6b:30:60:7d:0d:
57:bb:f5:a9:45:76:24:d0:3c:e0:b7:92:77:6c:b3:92:4d:34:
a2:f1:a2:05:25:5e:ae:2c:9f:03:5d:81:fe:14:af:6b:4c:43:
ea:dd:b0:ad:39:a3:34:5b:33:07:bd:59:a9:4a:0a:a3:9e:3f:
f0:20:c1:ff:39:f9:81:6b:76:ae:1b:60:78:48:70:51:b7:70:
d0:07:32:16
-----BEGIN CERTIFICATE-----
MIIHoTCCBomgAwIBAgICKVswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTBGNjYxMTAvBgNVBAUTKDkwMDlFNzQxOTZENDhCMDM5NjRGMUZDNTZDRkU0NDZF
QzUwNDhDRjcwHhcNMjUxMTA1MDU1MzU0WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OTBhZTY3MS0wNWIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApFBjn7WDTouCAKdCWy3Y7kOeKTRMx7BS9Y6/JT1fnnnZVluc3OLN8WY49X5j
BOfveehzj2Y50jgEC6JBMpBwxmu8lEGWdednSMDD9YNJI1I3n/gf+XTFPlPCD66+
UBHUq+XyUliRwsqgYWXVi/oJpvbMLMutVP+TSkWO5Gw77SZPu4GsA2g6AbnYgLOh
5JOJ5ySenyDx93IRgc0tPkbmFGntSI1XXccRcnspNQ+BT5migGekEJxky/lws+BY
SYpJL+jiSCa3hIKzjPdznlhLRHPVt/xXICtg3qwrAq7EyuL85PPTEelGhILXX6u5
NS5EGOXrVFC1CZapSwGYDvxkZwIDAQABo4IExTCCBMEwHQYDVR0OBBYEFOC/c793
90j9MrBD89g+kMGWCcV5MB8GA1UdIwQYMBaAFJAJ50GW1IsDlk8fxWz+RG7FBIz3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MEY2Ni9CQzFEQzFGNkMx
NzUxMUU0QTJDN0I3NENDNEY5QUUwMi9rQW5uUVpiVWl3T1dUeF9GYlA1RWJzVUVq
UGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tBbm5RWmJVaXdPV1R4X0ZiUDVFYnNVRWpQYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTBGNjYvQkMxREMxRjZDMTc1MTFFNEEyQzdCNzRDQzRGOUFFMDIvQ0NGMEMxOTIw
RUJBMTFFQ0IyQzI4NjdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggJNBggrBgEFBQcBBwEB
/wSCAjwwggI4MIGVBAIAATCBjgMEAiT/LAMEAivyZAMEBTpBwAMEBT0FgAMEBWU1
4AMEAmcHPAMEA2cSCAMEAmcSFAMEA2caUAMEAmcfXDAMAwQCZx9kAwQCZx9oMAwD
BAJn9KwDBAJn9LADBAJn9YQDBAJn9cADBAN3DbgDBAZ8HcADBAava8ADBAXKLyAD
BAbKo0ADBAXLZaADBADaZFUwggGcBAIAAjCCAZQDBQAgAUU4AwkAJACtwAAJAAAD
BwEkAK3AAgAwEgMHACQArcBABQMHACQArcBABgMHACQArcBAEwMHACQArcBBBDAS
AwcAJACtwEIDAwcAJACtwEIEAwcBJACtwEMCAwcAJACtwEUAAwcAJACtwEYRAwcA
JACtwEcAAwcBJACtwEcQAwcAJACtwEkAAwcAJACtwEkQAwcAJACtwEoQAwcAJACt
wEsQAwcAJACtwMABAwcAJACtwMADAwcAJACtwMAwAwcBJACtwMECAwcBJACtwMIQ
AwcAJACtwMMQAwcAJACtwMQQAwcAJACtwgEAMBADBgAkAK3CAwMGACQArcIEAwYB
JACtwgYwEAMGACQArcIJAwYAJACtwgoDBgEkAK3EAAMGASQArcQIAwYBJACtxQAw
EAMGACQArcUDAwYAJACtxQQDBgEkAK3KAAMGAiQArdkAAwYBJACt2wgDBgEkAK3d
IAMGASQArd0oAwYAJACt3UkDBgEkAK3eAAMGASQArd8IAwYBJACt3xADBgAkAK3f
OTANBgkqhkiG9w0BAQsFAAOCAQEACNah2+muyqwob06BeYu+2ovOXJdsh1+he/ck
93nGKUL7kGjhdyYS6rsQv4rucq9AjS8wcZpztddhI8+V85t+LoCpcCjAaJkhnVAk
0y2M1hwGkejHmAM79C8wrwsTbXmc7C7ze5lXGyIYP/CDlktt5Vnsy2DespPmEKWg
GKBo6qaVDVXKXK3L0g+LZnrYuyGWkeV1T1QPGiR19w+ronJj2NCKDFgCbC0tPg7d
R148tGswYH0NV7v1qUV2JNA84LeSd2yzkk00ovGiBSVeriyfA12B/hSva0xD6t2w
rTmjNFszB71ZqUoKo54/8CDB/zn5gWt2rhtgeEhwUbdw0AcyFg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 13:27:18 2025 by rpki-client