Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/CDE495CE739211F09FE8D469C4F9AE02.roa
File:                     CDE495CE739211F09FE8D469C4F9AE02.roa (raw, json)
Hash identifier:          I4K7FSPTYD/z9X+TzRY9cofCEZUIvqp6z6K+zYC1DhM=
Subject key identifier:   42:3B:86:95:EC:77:D3:2D:6B:88:B3:4A:FB:6C:98:EC:B8:B4:B8:D7
Certificate issuer:       /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Certificate serial:       3932
Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/CDE495CE739211F09FE8D469C4F9AE02.roa
Signing time:             Thu 07 Aug 2025 13:31:21 +0000
ROA not before:           Thu 07 Aug 2025 13:31:21 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     150382
IP address blocks:        111.88.76.0/24 maxlen: 24
                          111.88.77.0/24 maxlen: 24
                          111.88.79.0/24 maxlen: 24
                          111.88.138.0/24 maxlen: 24
                          111.88.139.0/24 maxlen: 24
                          111.88.184.0/24 maxlen: 24
                          111.88.185.0/24 maxlen: 24
                          111.88.186.0/24 maxlen: 24
                          111.88.187.0/24 maxlen: 24
                          111.88.188.0/24 maxlen: 24
                          111.88.189.0/24 maxlen: 24
                          111.88.190.0/24 maxlen: 24
                          111.88.191.0/24 maxlen: 24
                          111.88.232.0/24 maxlen: 24
                          111.88.234.0/24 maxlen: 24
                          111.88.235.0/24 maxlen: 24
                          111.88.236.0/24 maxlen: 24
                          111.88.237.0/24 maxlen: 24
                          115.186.1.0/24 maxlen: 24
                          115.186.10.0/24 maxlen: 24
                          115.186.11.0/24 maxlen: 24
                          115.186.12.0/24 maxlen: 24
                          115.186.16.0/24 maxlen: 24
                          115.186.19.0/24 maxlen: 24
                          115.186.22.0/24 maxlen: 24
                          115.186.24.0/24 maxlen: 24
                          115.186.26.0/24 maxlen: 24
                          115.186.27.0/24 maxlen: 24
                          115.186.28.0/24 maxlen: 24
                          115.186.29.0/24 maxlen: 24
                          115.186.48.0/24 maxlen: 24
                          115.186.49.0/24 maxlen: 24
                          115.186.50.0/24 maxlen: 24
                          115.186.51.0/24 maxlen: 24
                          115.186.52.0/24 maxlen: 24
                          115.186.53.0/24 maxlen: 24
                          115.186.54.0/24 maxlen: 24
                          115.186.55.0/24 maxlen: 24
                          115.186.64.0/24 maxlen: 24
                          115.186.65.0/24 maxlen: 24
                          115.186.66.0/24 maxlen: 24
                          115.186.67.0/24 maxlen: 24
                          115.186.68.0/24 maxlen: 24
                          115.186.69.0/24 maxlen: 24
                          115.186.70.0/24 maxlen: 24
                          115.186.71.0/24 maxlen: 24
                          115.186.72.0/24 maxlen: 24
                          115.186.73.0/24 maxlen: 24
                          115.186.74.0/24 maxlen: 24
                          115.186.75.0/24 maxlen: 24
                          115.186.88.0/24 maxlen: 24
                          115.186.89.0/24 maxlen: 24
                          115.186.91.0/24 maxlen: 24
                          115.186.92.0/24 maxlen: 24
                          115.186.93.0/24 maxlen: 24
                          115.186.94.0/24 maxlen: 24
                          115.186.95.0/24 maxlen: 24
                          115.186.97.0/24 maxlen: 24
                          115.186.99.0/24 maxlen: 24
                          115.186.100.0/24 maxlen: 24
                          115.186.105.0/24 maxlen: 24
                          115.186.114.0/24 maxlen: 24
                          115.186.116.0/24 maxlen: 24
                          115.186.122.0/24 maxlen: 24
                          115.186.123.0/24 maxlen: 24
                          115.186.124.0/24 maxlen: 24
                          115.186.125.0/24 maxlen: 24
                          115.186.127.0/24 maxlen: 24
                          117.102.10.0/24 maxlen: 24
                          117.102.11.0/24 maxlen: 24
                          117.102.13.0/24 maxlen: 24
                          117.102.14.0/24 maxlen: 24
                          117.102.15.0/24 maxlen: 24
                          117.102.20.0/24 maxlen: 24
                          117.102.21.0/24 maxlen: 24
                          117.102.22.0/24 maxlen: 24
                          117.102.23.0/24 maxlen: 24
                          117.102.27.0/24 maxlen: 24
                          117.102.29.0/24 maxlen: 24
                          117.102.30.0/24 maxlen: 24
                          117.102.31.0/24 maxlen: 24
                          203.81.224.0/24 maxlen: 24
                          203.81.225.0/24 maxlen: 24
                          203.81.226.0/24 maxlen: 24
                          203.81.227.0/24 maxlen: 24
                          203.81.228.0/24 maxlen: 24
                          203.81.229.0/24 maxlen: 24
                          203.81.231.0/24 maxlen: 24
                          203.81.232.0/24 maxlen: 24
                          203.81.233.0/24 maxlen: 24
                          203.81.234.0/24 maxlen: 24
                          203.81.235.0/24 maxlen: 24
                          203.81.236.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl
                          rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14642 (0x3932)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916C83B, serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
        Validity
            Not Before: Aug  7 13:31:21 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=6894aaa8-0254
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:5d:46:6c:89:da:2e:ac:91:f7:fd:b0:f9:47:
                    bd:73:31:d4:6c:3e:af:27:14:4a:40:5a:52:6d:52:
                    e7:a1:c0:e4:c1:8a:2f:a1:f2:f7:80:11:61:f4:ed:
                    d5:38:94:4c:64:26:6a:e8:ac:bf:ed:7f:92:b2:d8:
                    4e:ce:7b:8f:1a:95:0b:0f:be:67:f7:7d:7d:1e:ab:
                    53:0e:4f:6a:78:4e:f6:0c:8b:cb:b5:ec:94:cc:a4:
                    1d:d3:90:27:1c:61:54:fa:0f:b4:b1:dd:18:79:a3:
                    5c:72:07:e5:c0:03:7f:36:c1:9d:f6:3b:dd:3c:38:
                    ae:eb:7c:0e:68:d9:45:ed:46:b0:58:70:a4:6a:54:
                    64:c0:7e:1a:9a:ef:a0:98:08:3e:dc:cb:75:04:e9:
                    f0:09:9b:85:85:c3:fa:0f:16:81:07:08:c4:71:8f:
                    ce:ab:79:ed:47:38:0e:03:1b:41:c2:66:aa:86:46:
                    f3:97:56:b2:86:9e:8e:17:40:78:60:fc:4a:b7:4e:
                    f2:25:2e:39:a6:80:6a:df:c0:31:a6:a5:15:fd:9f:
                    05:bb:bb:ad:81:05:d5:af:a9:4a:f8:eb:11:f8:b2:
                    23:2a:e3:30:66:36:c5:48:3c:f3:d0:2c:db:c2:3f:
                    c9:0b:a7:97:d4:45:34:4b:8b:54:6c:ea:64:18:6d:
                    db:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:3B:86:95:EC:77:D3:2D:6B:88:B3:4A:FB:6C:98:EC:B8:B4:B8:D7
            X509v3 Authority Key Identifier:
                keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/CDE495CE739211F09FE8D469C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  111.88.76.0/23
                  111.88.79.0/24
                  111.88.138.0/23
                  111.88.184.0/21
                  111.88.232.0/24
                  111.88.234.0-111.88.237.255
                  115.186.1.0/24
                  115.186.10.0-115.186.12.255
                  115.186.16.0/24
                  115.186.19.0/24
                  115.186.22.0/24
                  115.186.24.0/24
                  115.186.26.0-115.186.29.255
                  115.186.48.0/21
                  115.186.64.0-115.186.75.255
                  115.186.88.0/23
                  115.186.91.0-115.186.95.255
                  115.186.97.0/24
                  115.186.99.0-115.186.100.255
                  115.186.105.0/24
                  115.186.114.0/24
                  115.186.116.0/24
                  115.186.122.0-115.186.125.255
                  115.186.127.0/24
                  117.102.10.0/23
                  117.102.13.0-117.102.15.255
                  117.102.20.0/22
                  117.102.27.0/24
                  117.102.29.0-117.102.31.255
                  203.81.224.0-203.81.229.255
                  203.81.231.0-203.81.236.255

    Signature Algorithm: sha256WithRSAEncryption
         7a:c0:a2:11:16:c6:ea:6d:27:3f:3b:43:10:11:1e:ff:99:f7:
         11:fa:e8:7d:7a:a6:82:1f:db:6f:0b:6a:75:f7:77:77:38:45:
         3f:60:3f:63:cd:31:d9:6e:f3:98:ae:c0:5f:ed:20:83:4f:fc:
         12:91:9a:6a:cc:16:6d:af:70:cb:43:66:be:6a:98:00:9a:bc:
         9d:1f:52:07:59:e9:56:a7:cc:a6:df:a2:79:31:82:06:24:2c:
         8c:77:c9:49:53:97:65:f9:7f:33:95:33:67:c6:0e:3f:64:a0:
         c3:0a:2b:ed:14:37:b4:6e:30:5e:d7:98:d8:91:82:95:4f:a6:
         63:6e:81:41:40:c0:11:d1:dd:68:63:98:7e:93:9f:e3:80:98:
         ec:14:a6:f0:c0:52:a2:6e:4d:7d:22:6c:7b:cb:d8:48:c8:e5:
         1d:be:ce:67:b4:45:44:b3:5f:f1:f1:c7:ef:6e:f9:75:c2:66:
         fc:32:9a:fd:d8:36:58:9a:37:55:cd:80:50:7c:c8:8a:4f:98:
         2a:e1:fe:f4:9d:cf:61:29:8c:db:dc:60:e7:a1:5e:c0:0e:2b:
         08:eb:5c:1e:a6:c5:cc:d0:74:46:d8:2a:78:1d:a3:20:60:71:
         ab:42:42:21:56:3b:38:ba:dc:24:83:18:39:d8:7e:64:cb:18:
         12:44:4c:84
-----BEGIN CERTIFICATE-----
MIIGhzCCBW+gAwIBAgICOTIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE
RDIxRkUyMDYwHhcNMjUwODA3MTMzMTIxWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODk0YWFhOC0wMjU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtV1GbInaLqyR9/2w+Ue9czHUbD6vJxRKQFpSbVLnocDkwYovofL3gBFh9O3V
OJRMZCZq6Ky/7X+SsthOznuPGpULD75n9319HqtTDk9qeE72DIvLteyUzKQd05An
HGFU+g+0sd0YeaNccgflwAN/NsGd9jvdPDiu63wOaNlF7UawWHCkalRkwH4amu+g
mAg+3Mt1BOnwCZuFhcP6DxaBBwjEcY/Oq3ntRzgOAxtBwmaqhkbzl1ayhp6OF0B4
YPxKt07yJS45poBq38AxpqUV/Z8Fu7utgQXVr6lK+OsR+LIjKuMwZjbFSDzz0Czb
wj/JC6eX1EU0S4tUbOpkGG3bTQIDAQABo4IDqzCCA6cwHQYDVR0OBBYEFEI7hpXs
d9Mta4izSvtsmOy4tLjXMB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE
ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvQ0RFNDk1Q0U3
MzkyMTFGMDlGRThENDY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEzBggrBgEFBQcBBwEB
/wSCASIwggEeMIIBGgQCAAEwggESAwQBb1hMAwQAb1hPAwQBb1iKAwQDb1i4AwQA
b1joMAwDBAFvWOoDBAFvWOwDBABzugEwDAMEAXO6CgMEAHO6DAMEAHO6EAMEAHO6
EwMEAHO6FgMEAHO6GDAMAwQBc7oaAwQBc7ocAwQDc7owMAwDBAZzukADBAJzukgD
BAFzulgwDAMEAHO6WwMEBXO6QAMEAHO6YTAMAwQAc7pjAwQAc7pkAwQAc7ppAwQA
c7pyAwQAc7p0MAwDBAFzunoDBAFzunwDBABzun8DBAF1ZgowDAMEAHVmDQMEBHVm
AAMEAnVmFAMEAHVmGzAMAwQAdWYdAwQFdWYAMAwDBAXLUeADBAHLUeQwDAMEAMtR
5wMEAMtR7DANBgkqhkiG9w0BAQsFAAOCAQEAesCiERbG6m0nPztDEBEe/5n3Efro
fXqmgh/bbwtqdfd3dzhFP2A/Y80x2W7zmK7AX+0gg0/8EpGaaswWba9wy0NmvmqY
AJq8nR9SB1npVqfMpt+ieTGCBiQsjHfJSVOXZfl/M5UzZ8YOP2Sgwwor7RQ3tG4w
XteY2JGClU+mY26BQUDAEdHdaGOYfpOf44CY7BSm8MBSom5NfSJse8vYSMjlHb7O
Z7RFRLNf8fHH7275dcJm/DKa/dg2WJo3Vc2AUHzIik+YKuH+9J3PYSmM29xg56Fe
wA4rCOtcHqbFzNB0RtgqeB2jIGBxq0JCIVY7OLrcJIMYOdh+ZMsYEkRMhA==
-----END CERTIFICATE-----
Generated at Mon Aug 11 04:07:51 2025 by rpki-client