Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/6E0B5938066711EFA1505F46C4F9AE02.roa
File: 6E0B5938066711EFA1505F46C4F9AE02.roa (raw, json)
Hash identifier: vz1JkowcSPPocIJM8LY5Tc1J1IEwQwHTAm7ad6CcM1k=
Subject key identifier: C5:0C:81:9C:B2:F6:3F:22:8C:10:6F:AC:60:B4:38:12:D0:CE:13:71
Certificate issuer: /CN=A916A983/serialNumber=71565F2D7B924CD72B455B68B667194010BB1A9F
Certificate serial: 133F
Authority key identifier: 71:56:5F:2D:7B:92:4C:D7:2B:45:5B:68:B6:67:19:40:10:BB:1A:9F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cVZfLXuSTNcrRVtotmcZQBC7Gp8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/6E0B5938066711EFA1505F46C4F9AE02.roa
Signing time: Wed 06 Aug 2025 17:26:32 +0000
ROA not before: Wed 06 Aug 2025 17:26:32 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 1221
IP address blocks: 1.120.0.0/13 maxlen: 13
1.128.0.0/11 maxlen: 11
58.160.0.0/12 maxlen: 12
60.224.0.0/13 maxlen: 13
61.8.0.0/19 maxlen: 19
61.9.128.0/17 maxlen: 17
101.103.0.0/16 maxlen: 16
101.160.0.0/11 maxlen: 11
110.140.0.0/15 maxlen: 15
110.142.0.0/16 maxlen: 16
110.143.0.0/16 maxlen: 16
110.144.0.0/13 maxlen: 13
120.144.0.0/13 maxlen: 13
120.152.0.0/14 maxlen: 14
120.156.0.0/15 maxlen: 15
120.158.0.0/16 maxlen: 16
121.208.0.0/12 maxlen: 12
123.209.0.0/16 maxlen: 16
123.210.0.0/15 maxlen: 15
124.176.0.0/12 maxlen: 12
125.255.0.0/16 maxlen: 16
202.7.64.0/19 maxlen: 19
202.12.128.0/18 maxlen: 18
202.12.192.0/19 maxlen: 19
202.12.224.0/20 maxlen: 20
202.12.240.0/23 maxlen: 23
202.12.242.0/24 maxlen: 24
203.2.228.0/24 maxlen: 24
203.9.190.0/23 maxlen: 23
203.12.42.0/24 maxlen: 24
203.12.144.0/21 maxlen: 21
203.13.21.0/24 maxlen: 24
203.14.0.0/20 maxlen: 20
203.15.68.0/24 maxlen: 24
203.16.180.0/22 maxlen: 22
203.17.40.0/21 maxlen: 21
203.17.162.0/24 maxlen: 24
203.18.76.0/23 maxlen: 23
203.18.112.0/20 maxlen: 20
203.22.129.0/24 maxlen: 24
203.24.134.0/23 maxlen: 23
203.24.170.0/24 maxlen: 24
203.26.8.0/22 maxlen: 22
203.26.175.0/24 maxlen: 24
203.27.69.0/24 maxlen: 24
203.27.128.0/18 maxlen: 18
203.27.237.0/24 maxlen: 24
203.29.160.0/20 maxlen: 20
203.34.33.0/24 maxlen: 24
203.34.68.0/24 maxlen: 24
203.35.0.0/16 maxlen: 16
203.36.0.0/14 maxlen: 14
203.40.0.0/13 maxlen: 13
203.48.0.0/14 maxlen: 14
203.52.0.0/15 maxlen: 15
203.54.0.0/16 maxlen: 16
203.58.32.0/19 maxlen: 19
203.58.64.0/18 maxlen: 18
203.58.128.0/17 maxlen: 17
203.62.148.0/22 maxlen: 22
203.62.248.0/21 maxlen: 21
203.92.224.0/19 maxlen: 24
203.100.224.0/19 maxlen: 19
203.143.192.0/18 maxlen: 18
203.143.192.0/19 maxlen: 19
203.143.224.0/19 maxlen: 19
210.23.128.0/19 maxlen: 19
2001:8000::/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/cVZfLXuSTNcrRVtotmcZQBC7Gp8.crl
rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/cVZfLXuSTNcrRVtotmcZQBC7Gp8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cVZfLXuSTNcrRVtotmcZQBC7Gp8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4927 (0x133f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916A983, serialNumber=71565F2D7B924CD72B455B68B667194010BB1A9F
Validity
Not Before: Aug 6 17:26:32 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=68939048-1706
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:25:89:c8:ce:0d:5f:90:72:4a:ae:68:bd:1d:
58:c5:e7:de:9b:20:e6:4f:f2:53:53:e9:dd:3e:e4:
cf:04:05:8d:92:6f:e9:18:13:0a:c0:b8:d7:ef:0e:
c8:fe:d6:9c:e0:54:c0:a4:62:13:6e:4d:fb:26:cd:
4b:7f:0b:f3:8f:9e:5e:90:51:47:4c:a6:5f:19:a7:
1a:63:a9:2f:67:70:f0:8b:1e:cd:f5:37:7a:d8:9e:
2b:f1:ae:c7:bf:65:7c:f2:d8:80:23:8d:a0:02:ab:
b9:79:7a:d0:30:25:9f:56:f0:1f:34:44:5b:7e:7f:
e2:76:b6:04:7d:fb:c5:f8:51:e8:d7:1d:08:9a:72:
c9:ab:b5:52:36:0a:9f:1d:17:b5:c9:d9:0e:55:dd:
18:b1:5d:f0:d7:44:92:ed:3a:d5:b8:e8:9e:90:40:
02:35:6b:e4:57:69:01:7f:cc:60:e2:5a:80:60:5d:
41:f0:26:60:15:84:ae:74:6f:40:aa:0e:1d:54:73:
44:02:6f:2a:cd:50:31:e0:e4:32:9e:22:a2:c4:52:
52:30:5d:ee:cd:ec:2d:07:f4:be:cc:c9:d9:2c:d7:
9f:ae:51:65:4a:30:ac:10:90:82:3b:f9:30:b6:3d:
f7:c6:05:b3:5e:68:9e:89:c9:b1:04:4a:d1:7c:78:
e0:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:0C:81:9C:B2:F6:3F:22:8C:10:6F:AC:60:B4:38:12:D0:CE:13:71
X509v3 Authority Key Identifier:
keyid:71:56:5F:2D:7B:92:4C:D7:2B:45:5B:68:B6:67:19:40:10:BB:1A:9F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/cVZfLXuSTNcrRVtotmcZQBC7Gp8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cVZfLXuSTNcrRVtotmcZQBC7Gp8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/6E0B5938066711EFA1505F46C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.120.0.0-1.159.255.255
58.160.0.0/12
60.224.0.0/13
61.8.0.0/19
61.9.128.0/17
101.103.0.0/16
101.160.0.0/11
110.140.0.0-110.151.255.255
120.144.0.0-120.158.255.255
121.208.0.0/12
123.209.0.0-123.211.255.255
124.176.0.0/12
125.255.0.0/16
202.7.64.0/19
202.12.128.0-202.12.242.255
203.2.228.0/24
203.9.190.0/23
203.12.42.0/24
203.12.144.0/21
203.13.21.0/24
203.14.0.0/20
203.15.68.0/24
203.16.180.0/22
203.17.40.0/21
203.17.162.0/24
203.18.76.0/23
203.18.112.0/20
203.22.129.0/24
203.24.134.0/23
203.24.170.0/24
203.26.8.0/22
203.26.175.0/24
203.27.69.0/24
203.27.128.0/18
203.27.237.0/24
203.29.160.0/20
203.34.33.0/24
203.34.68.0/24
203.35.0.0-203.54.255.255
203.58.32.0-203.58.255.255
203.62.148.0/22
203.62.248.0/21
203.92.224.0/19
203.100.224.0/19
203.143.192.0/18
210.23.128.0/19
IPv6:
2001:8000::/20
Signature Algorithm: sha256WithRSAEncryption
6d:a2:92:96:e1:97:f6:27:69:97:15:ff:2d:37:95:db:7d:3a:
a3:b8:5d:41:18:8f:4a:e9:6c:fc:64:fd:84:36:4c:19:ab:aa:
d9:66:e9:58:60:98:c6:e3:26:7b:98:73:4d:8d:e7:b9:ff:53:
79:b9:77:8e:06:94:5e:22:52:09:ca:95:67:6a:1c:89:27:e4:
34:aa:de:39:95:c6:e1:fa:9e:0d:d5:bf:08:61:7d:80:9c:de:
67:52:34:ab:eb:03:95:11:1d:da:e0:02:92:fa:10:ab:67:d3:
fe:4c:d4:c6:8b:59:62:b5:74:74:a8:30:1a:56:df:98:cd:b5:
82:45:39:88:0b:b9:83:f5:e6:f5:61:d3:88:e2:23:4f:42:13:
b5:01:c3:14:f3:15:d7:a7:7f:92:14:1a:47:e0:9a:7b:5b:20:
f4:0c:1c:58:37:c0:70:24:56:25:ad:82:02:51:ae:1a:99:17:
48:ad:d3:69:19:40:56:a1:f1:d6:f1:a2:f2:fc:dd:83:e2:67:
13:52:ac:5d:8d:31:c1:74:a3:d5:0d:a7:ae:64:b5:a7:38:e0:
16:d3:c8:28:1a:a8:02:bc:7e:69:4a:e8:da:b8:19:48:a3:f5:
86:c2:66:eb:cc:0e:97:d6:82:84:c6:dc:86:a6:ce:24:1e:5e:
1c:a0:d2:3f
-----BEGIN CERTIFICATE-----
MIIGvTCCBaWgAwIBAgICEz8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkE5ODMxMTAvBgNVBAUTKDcxNTY1RjJEN0I5MjRDRDcyQjQ1NUI2OEI2NjcxOTQw
MTBCQjFBOUYwHhcNMjUwODA2MTcyNjMyWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODkzOTA0OC0xNzA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA/CWJyM4NX5BySq5ovR1YxefemyDmT/JTU+ndPuTPBAWNkm/pGBMKwLjX7w7I
/tac4FTApGITbk37Js1Lfwvzj55ekFFHTKZfGacaY6kvZ3Dwix7N9Td62J4r8a7H
v2V88tiAI42gAqu5eXrQMCWfVvAfNERbfn/idrYEffvF+FHo1x0ImnLJq7VSNgqf
HRe1ydkOVd0YsV3w10SS7TrVuOiekEACNWvkV2kBf8xg4lqAYF1B8CZgFYSudG9A
qg4dVHNEAm8qzVAx4OQyniKixFJSMF3uzewtB/S+zMnZLNefrlFlSjCsEJCCO/kw
tj33xgWzXmieicmxBErRfHjgpQIDAQABo4ID4TCCA90wHQYDVR0OBBYEFMUMgZyy
9j8ijBBvrGC0OBLQzhNxMB8GA1UdIwQYMBaAFHFWXy17kkzXK0VbaLZnGUAQuxqf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QTk4My8xNjczMEQyMENE
MEYxMUU4OUQ5RkYxNjVDNEY5QUUwMi9jVlpmTFh1U1ROY3JSVnRvdG1jWlFCQzdH
cDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NWWmZMWHVTVE5jclJWdG90bWNaUUJDN0dwOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkE5ODMvMTY3MzBEMjBDRDBGMTFFODlEOUZGMTY1QzRGOUFFMDIvNkUwQjU5Mzgw
NjY3MTFFRkExNTA1RjQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggFpBggrBgEFBQcBBwEB
/wSCAVgwggFUMIIBQgQCAAEwggE6MAoDAwMBeAMDBQGAAwMEOqADAwM84AMEBT0I
AAMEBz0JgAMDAGVnAwMFZaAwCgMDAm6MAwMDbpAwCgMDBHiQAwMAeJ4DAwR50DAK
AwMAe9EDAwJ70AMDBHywAwMAff8DBAXKB0AwDAMEB8oMgAMEAMoM8gMEAMsC5AME
AcsJvgMEAMsMKgMEA8sMkAMEAMsNFQMEBMsOAAMEAMsPRAMEAssQtAMEA8sRKAME
AMsRogMEAcsSTAMEBMsScAMEAMsWgQMEAcsYhgMEAMsYqgMEAssaCAMEAMsarwME
AMsbRQMEBssbgAMEAMsb7QMEBMsdoAMEAMsiIQMEAMsiRDAKAwMAyyMDAwDLNjAL
AwQFyzogAwMAyzoDBALLPpQDBAPLPvgDBAXLXOADBAXLZOADBAbLj8ADBAXSF4Aw
DAQCAAIwBgMEBCABgDANBgkqhkiG9w0BAQsFAAOCAQEAbaKSluGX9idplxX/LTeV
2306o7hdQRiPSuls/GT9hDZMGauq2WbpWGCYxuMme5hzTY3nuf9Tebl3jgaUXiJS
CcqVZ2ociSfkNKreOZXG4fqeDdW/CGF9gJzeZ1I0q+sDlREd2uACkvoQq2fT/kzU
xotZYrV0dKgwGlbfmM21gkU5iAu5g/Xm9WHTiOIjT0ITtQHDFPMV16d/khQaR+Ca
e1sg9AwcWDfAcCRWJa2CAlGuGpkXSK3TaRlAVqHx1vGi8vzdg+JnE1KsXY0xwXSj
1Q2nrmS1pzjgFtPIKBqoArx+aUro2rgZSKP1hsJm68wOl9aChMbchqbOJB5eHKDS
Pw==
-----END CERTIFICATE-----
Generated at Mon Aug 11 02:07:41 2025 by rpki-client