Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/6E0B5938066711EFA1505F46C4F9AE02.roa
File: 6E0B5938066711EFA1505F46C4F9AE02.roa (raw, json)
Hash identifier: rzWRSvP8FzgLIAzzQm5a0g9KtMMg7ZcTgH4qB+DOkDI=
Subject key identifier: 68:A3:65:B6:86:07:00:D3:70:F6:A9:C3:55:0B:92:6F:2B:17:B7:5E
Certificate issuer: /CN=A916A983/serialNumber=71565F2D7B924CD72B455B68B667194010BB1A9F
Certificate serial: 1372
Authority key identifier: 71:56:5F:2D:7B:92:4C:D7:2B:45:5B:68:B6:67:19:40:10:BB:1A:9F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cVZfLXuSTNcrRVtotmcZQBC7Gp8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/6E0B5938066711EFA1505F46C4F9AE02.roa
Signing time: Tue 28 Oct 2025 00:07:06 +0000
ROA not before: Tue 28 Oct 2025 00:07:06 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 1221
IP address blocks: 1.120.0.0/13 maxlen: 13
1.128.0.0/11 maxlen: 11
58.160.0.0/12 maxlen: 12
60.224.0.0/13 maxlen: 13
61.8.0.0/19 maxlen: 19
61.9.128.0/17 maxlen: 17
101.103.0.0/16 maxlen: 16
101.160.0.0/11 maxlen: 11
110.140.0.0/15 maxlen: 15
110.142.0.0/16 maxlen: 16
110.143.0.0/16 maxlen: 16
110.144.0.0/13 maxlen: 13
120.144.0.0/13 maxlen: 13
120.152.0.0/14 maxlen: 14
120.156.0.0/15 maxlen: 15
120.158.0.0/16 maxlen: 16
121.208.0.0/12 maxlen: 12
123.209.0.0/16 maxlen: 16
123.210.0.0/15 maxlen: 15
124.176.0.0/12 maxlen: 12
125.255.0.0/16 maxlen: 16
202.7.64.0/19 maxlen: 19
202.12.128.0/18 maxlen: 18
202.12.192.0/19 maxlen: 19
202.12.224.0/20 maxlen: 20
202.12.240.0/23 maxlen: 23
202.12.242.0/24 maxlen: 24
203.2.228.0/24 maxlen: 24
203.9.190.0/23 maxlen: 23
203.12.42.0/24 maxlen: 24
203.12.144.0/21 maxlen: 21
203.13.21.0/24 maxlen: 24
203.14.0.0/20 maxlen: 20
203.15.68.0/24 maxlen: 24
203.16.180.0/22 maxlen: 22
203.17.40.0/21 maxlen: 21
203.17.162.0/24 maxlen: 24
203.18.76.0/23 maxlen: 23
203.18.112.0/20 maxlen: 20
203.22.129.0/24 maxlen: 24
203.24.134.0/23 maxlen: 23
203.24.170.0/24 maxlen: 24
203.26.8.0/22 maxlen: 22
203.26.175.0/24 maxlen: 24
203.27.69.0/24 maxlen: 24
203.27.128.0/18 maxlen: 18
203.27.237.0/24 maxlen: 24
203.29.160.0/20 maxlen: 20
203.34.33.0/24 maxlen: 24
203.34.68.0/24 maxlen: 24
203.35.0.0/16 maxlen: 16
203.36.0.0/14 maxlen: 14
203.40.0.0/13 maxlen: 13
203.48.0.0/14 maxlen: 14
203.50.251.0/24 maxlen: 24
203.50.252.0/24 maxlen: 24
203.50.253.0/24 maxlen: 24
203.50.254.0/24 maxlen: 24
203.52.0.0/15 maxlen: 15
203.54.0.0/16 maxlen: 16
203.58.32.0/19 maxlen: 19
203.58.64.0/18 maxlen: 18
203.58.128.0/17 maxlen: 17
203.62.148.0/22 maxlen: 22
203.62.248.0/21 maxlen: 21
203.92.224.0/19 maxlen: 24
203.100.224.0/19 maxlen: 19
203.143.192.0/18 maxlen: 18
203.143.192.0/19 maxlen: 19
203.143.224.0/19 maxlen: 19
210.23.128.0/19 maxlen: 19
2001:8000::/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/cVZfLXuSTNcrRVtotmcZQBC7Gp8.crl
rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/cVZfLXuSTNcrRVtotmcZQBC7Gp8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cVZfLXuSTNcrRVtotmcZQBC7Gp8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 09 Nov 2025 17:03:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4978 (0x1372)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916A983, serialNumber=71565F2D7B924CD72B455B68B667194010BB1A9F
Validity
Not Before: Oct 28 00:07:06 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=6900092a-233d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:5e:77:69:be:3d:61:25:06:c9:7b:b5:71:d1:
6e:61:f3:dc:a4:0a:0b:ca:25:a1:53:e4:ea:9d:ff:
a7:9c:55:57:69:c2:7c:61:ea:af:7c:18:31:d9:6c:
5d:58:37:c4:9f:e7:75:84:6b:f0:5a:85:9f:fd:f4:
00:06:e8:e2:b6:f1:b2:02:5e:f2:4d:9d:98:98:6d:
56:1e:dd:fb:ad:cd:51:2d:91:1c:9d:ff:d5:a4:54:
00:0a:f3:e7:76:bd:a8:ff:35:b4:12:bf:c0:18:0e:
1f:89:87:16:7b:d1:03:8b:5d:a6:52:b3:4d:e3:8a:
9c:43:4b:16:e9:3b:1c:2c:15:f1:ac:0e:38:89:89:
b9:6c:71:f0:62:d7:ac:b7:c6:d1:94:2b:6f:6c:51:
57:1a:52:e7:0a:7e:2c:19:9d:0d:da:d2:56:b8:d7:
2a:16:fb:af:a4:0c:22:39:15:87:af:2d:db:dd:60:
be:c0:cb:c5:e3:a9:39:bc:ba:3a:90:fa:ef:b0:cf:
43:33:9f:8e:c7:8c:37:e2:73:88:40:66:a5:39:e2:
0e:4d:d8:5c:b6:e2:ac:cd:9c:b1:67:da:4b:7f:9d:
4c:e6:ac:83:c6:c6:af:b2:a0:f1:aa:e0:9a:b5:b5:
e9:f5:e1:23:ff:bd:fb:3d:c4:55:72:23:40:15:e9:
42:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:A3:65:B6:86:07:00:D3:70:F6:A9:C3:55:0B:92:6F:2B:17:B7:5E
X509v3 Authority Key Identifier:
keyid:71:56:5F:2D:7B:92:4C:D7:2B:45:5B:68:B6:67:19:40:10:BB:1A:9F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/cVZfLXuSTNcrRVtotmcZQBC7Gp8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cVZfLXuSTNcrRVtotmcZQBC7Gp8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/6E0B5938066711EFA1505F46C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.120.0.0-1.159.255.255
58.160.0.0/12
60.224.0.0/13
61.8.0.0/19
61.9.128.0/17
101.103.0.0/16
101.160.0.0/11
110.140.0.0-110.151.255.255
120.144.0.0-120.158.255.255
121.208.0.0/12
123.209.0.0-123.211.255.255
124.176.0.0/12
125.255.0.0/16
202.7.64.0/19
202.12.128.0-202.12.242.255
203.2.228.0/24
203.9.190.0/23
203.12.42.0/24
203.12.144.0/21
203.13.21.0/24
203.14.0.0/20
203.15.68.0/24
203.16.180.0/22
203.17.40.0/21
203.17.162.0/24
203.18.76.0/23
203.18.112.0/20
203.22.129.0/24
203.24.134.0/23
203.24.170.0/24
203.26.8.0/22
203.26.175.0/24
203.27.69.0/24
203.27.128.0/18
203.27.237.0/24
203.29.160.0/20
203.34.33.0/24
203.34.68.0/24
203.35.0.0-203.54.255.255
203.58.32.0-203.58.255.255
203.62.148.0/22
203.62.248.0/21
203.92.224.0/19
203.100.224.0/19
203.143.192.0/18
210.23.128.0/19
IPv6:
2001:8000::/20
Signature Algorithm: sha256WithRSAEncryption
b0:d3:60:13:38:4e:34:84:c7:7d:a3:42:f2:40:e7:eb:cd:be:
23:cf:45:fd:43:92:a7:30:58:3b:6f:38:33:e2:cd:38:ba:21:
4a:92:8a:1c:80:fb:2d:c0:c9:6c:e7:29:ae:8d:29:75:86:ea:
dd:c3:4c:6d:4c:08:4d:54:d7:eb:a6:6c:6e:00:20:22:54:c8:
a4:f3:41:4d:c8:f9:79:e1:92:6d:09:6f:13:27:a1:9c:0b:ad:
ca:64:b9:c9:37:c9:38:49:a2:2b:2c:57:8e:15:b5:8f:e9:04:
d1:70:c8:c8:6f:a6:68:ef:05:95:29:c0:76:a8:f5:ce:2c:f4:
f6:41:d3:fc:f6:95:50:f1:8c:4d:5d:3a:fd:4a:67:40:69:24:
da:c9:f8:17:14:16:5b:1d:b2:7c:0d:6e:bd:e5:4f:f7:73:b1:
a9:54:6a:db:de:4e:b7:dd:47:0a:56:0a:bf:33:1c:fc:3d:72:
31:c7:f1:1c:85:be:36:39:99:94:af:5a:8b:53:c2:c2:94:1d:
7d:56:dd:73:84:34:8e:bd:92:52:0f:82:50:06:8f:6e:a1:ec:
2e:a2:9c:c2:c4:0d:d6:41:fa:b4:27:b2:f3:9e:9a:87:6d:e6:
27:c4:5b:7a:e4:fc:66:d4:74:3a:56:24:96:ff:69:fa:86:87:
cd:fe:d6:e5
-----BEGIN CERTIFICATE-----
MIIGvTCCBaWgAwIBAgICE3IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkE5ODMxMTAvBgNVBAUTKDcxNTY1RjJEN0I5MjRDRDcyQjQ1NUI2OEI2NjcxOTQw
MTBCQjFBOUYwHhcNMjUxMDI4MDAwNzA2WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OTAwMDkyYS0yMzNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6F53ab49YSUGyXu1cdFuYfPcpAoLyiWhU+Tqnf+nnFVXacJ8YeqvfBgx2Wxd
WDfEn+d1hGvwWoWf/fQABujitvGyAl7yTZ2YmG1WHt37rc1RLZEcnf/VpFQACvPn
dr2o/zW0Er/AGA4fiYcWe9EDi12mUrNN44qcQ0sW6TscLBXxrA44iYm5bHHwYtes
t8bRlCtvbFFXGlLnCn4sGZ0N2tJWuNcqFvuvpAwiORWHry3b3WC+wMvF46k5vLo6
kPrvsM9DM5+Ox4w34nOIQGalOeIOTdhctuKszZyxZ9pLf51M5qyDxsavsqDxquCa
tbXp9eEj/737PcRVciNAFelCOQIDAQABo4ID4TCCA90wHQYDVR0OBBYEFGijZbaG
BwDTcPapw1ULkm8rF7deMB8GA1UdIwQYMBaAFHFWXy17kkzXK0VbaLZnGUAQuxqf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QTk4My8xNjczMEQyMENE
MEYxMUU4OUQ5RkYxNjVDNEY5QUUwMi9jVlpmTFh1U1ROY3JSVnRvdG1jWlFCQzdH
cDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NWWmZMWHVTVE5jclJWdG90bWNaUUJDN0dwOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkE5ODMvMTY3MzBEMjBDRDBGMTFFODlEOUZGMTY1QzRGOUFFMDIvNkUwQjU5Mzgw
NjY3MTFFRkExNTA1RjQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggFpBggrBgEFBQcBBwEB
/wSCAVgwggFUMIIBQgQCAAEwggE6MAoDAwMBeAMDBQGAAwMEOqADAwM84AMEBT0I
AAMEBz0JgAMDAGVnAwMFZaAwCgMDAm6MAwMDbpAwCgMDBHiQAwMAeJ4DAwR50DAK
AwMAe9EDAwJ70AMDBHywAwMAff8DBAXKB0AwDAMEB8oMgAMEAMoM8gMEAMsC5AME
AcsJvgMEAMsMKgMEA8sMkAMEAMsNFQMEBMsOAAMEAMsPRAMEAssQtAMEA8sRKAME
AMsRogMEAcsSTAMEBMsScAMEAMsWgQMEAcsYhgMEAMsYqgMEAssaCAMEAMsarwME
AMsbRQMEBssbgAMEAMsb7QMEBMsdoAMEAMsiIQMEAMsiRDAKAwMAyyMDAwDLNjAL
AwQFyzogAwMAyzoDBALLPpQDBAPLPvgDBAXLXOADBAXLZOADBAbLj8ADBAXSF4Aw
DAQCAAIwBgMEBCABgDANBgkqhkiG9w0BAQsFAAOCAQEAsNNgEzhONITHfaNC8kDn
682+I89F/UOSpzBYO284M+LNOLohSpKKHID7LcDJbOcpro0pdYbq3cNMbUwITVTX
66ZsbgAgIlTIpPNBTcj5eeGSbQlvEyehnAutymS5yTfJOEmiKyxXjhW1j+kE0XDI
yG+maO8FlSnAdqj1ziz09kHT/PaVUPGMTV06/UpnQGkk2sn4FxQWWx2yfA1uveVP
93OxqVRq295Ot91HClYKvzMc/D1yMcfxHIW+NjmZlK9ai1PCwpQdfVbdc4Q0jr2S
Ug+CUAaPbqHsLqKcwsQN1kH6tCey856ah23mJ8RbeuT8ZtR0OlYklv9p+oaHzf7W
5Q==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:01:43 2025 by rpki-client