
Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/CDE495CE739211F09FE8D469C4F9AE02.roa
File: CDE495CE739211F09FE8D469C4F9AE02.roa (raw, json)
Hash identifier: I4K7FSPTYD/z9X+TzRY9cofCEZUIvqp6z6K+zYC1DhM=
Subject key identifier: 42:3B:86:95:EC:77:D3:2D:6B:88:B3:4A:FB:6C:98:EC:B8:B4:B8:D7
Certificate issuer: /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Certificate serial: 3932
Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/CDE495CE739211F09FE8D469C4F9AE02.roa
Signing time: Thu 07 Aug 2025 13:31:21 +0000
ROA not before: Thu 07 Aug 2025 13:31:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 150382
IP address blocks: 111.88.76.0/24 maxlen: 24
111.88.77.0/24 maxlen: 24
111.88.79.0/24 maxlen: 24
111.88.138.0/24 maxlen: 24
111.88.139.0/24 maxlen: 24
111.88.184.0/24 maxlen: 24
111.88.185.0/24 maxlen: 24
111.88.186.0/24 maxlen: 24
111.88.187.0/24 maxlen: 24
111.88.188.0/24 maxlen: 24
111.88.189.0/24 maxlen: 24
111.88.190.0/24 maxlen: 24
111.88.191.0/24 maxlen: 24
111.88.232.0/24 maxlen: 24
111.88.234.0/24 maxlen: 24
111.88.235.0/24 maxlen: 24
111.88.236.0/24 maxlen: 24
111.88.237.0/24 maxlen: 24
115.186.1.0/24 maxlen: 24
115.186.10.0/24 maxlen: 24
115.186.11.0/24 maxlen: 24
115.186.12.0/24 maxlen: 24
115.186.16.0/24 maxlen: 24
115.186.19.0/24 maxlen: 24
115.186.22.0/24 maxlen: 24
115.186.24.0/24 maxlen: 24
115.186.26.0/24 maxlen: 24
115.186.27.0/24 maxlen: 24
115.186.28.0/24 maxlen: 24
115.186.29.0/24 maxlen: 24
115.186.48.0/24 maxlen: 24
115.186.49.0/24 maxlen: 24
115.186.50.0/24 maxlen: 24
115.186.51.0/24 maxlen: 24
115.186.52.0/24 maxlen: 24
115.186.53.0/24 maxlen: 24
115.186.54.0/24 maxlen: 24
115.186.55.0/24 maxlen: 24
115.186.64.0/24 maxlen: 24
115.186.65.0/24 maxlen: 24
115.186.66.0/24 maxlen: 24
115.186.67.0/24 maxlen: 24
115.186.68.0/24 maxlen: 24
115.186.69.0/24 maxlen: 24
115.186.70.0/24 maxlen: 24
115.186.71.0/24 maxlen: 24
115.186.72.0/24 maxlen: 24
115.186.73.0/24 maxlen: 24
115.186.74.0/24 maxlen: 24
115.186.75.0/24 maxlen: 24
115.186.88.0/24 maxlen: 24
115.186.89.0/24 maxlen: 24
115.186.91.0/24 maxlen: 24
115.186.92.0/24 maxlen: 24
115.186.93.0/24 maxlen: 24
115.186.94.0/24 maxlen: 24
115.186.95.0/24 maxlen: 24
115.186.97.0/24 maxlen: 24
115.186.99.0/24 maxlen: 24
115.186.100.0/24 maxlen: 24
115.186.105.0/24 maxlen: 24
115.186.114.0/24 maxlen: 24
115.186.116.0/24 maxlen: 24
115.186.122.0/24 maxlen: 24
115.186.123.0/24 maxlen: 24
115.186.124.0/24 maxlen: 24
115.186.125.0/24 maxlen: 24
115.186.127.0/24 maxlen: 24
117.102.10.0/24 maxlen: 24
117.102.11.0/24 maxlen: 24
117.102.13.0/24 maxlen: 24
117.102.14.0/24 maxlen: 24
117.102.15.0/24 maxlen: 24
117.102.20.0/24 maxlen: 24
117.102.21.0/24 maxlen: 24
117.102.22.0/24 maxlen: 24
117.102.23.0/24 maxlen: 24
117.102.27.0/24 maxlen: 24
117.102.29.0/24 maxlen: 24
117.102.30.0/24 maxlen: 24
117.102.31.0/24 maxlen: 24
203.81.224.0/24 maxlen: 24
203.81.225.0/24 maxlen: 24
203.81.226.0/24 maxlen: 24
203.81.227.0/24 maxlen: 24
203.81.228.0/24 maxlen: 24
203.81.229.0/24 maxlen: 24
203.81.231.0/24 maxlen: 24
203.81.232.0/24 maxlen: 24
203.81.233.0/24 maxlen: 24
203.81.234.0/24 maxlen: 24
203.81.235.0/24 maxlen: 24
203.81.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl
rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14642 (0x3932)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C83B, serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Validity
Not Before: Aug 7 13:31:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6894aaa8-0254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5d:46:6c:89:da:2e:ac:91:f7:fd:b0:f9:47:
bd:73:31:d4:6c:3e:af:27:14:4a:40:5a:52:6d:52:
e7:a1:c0:e4:c1:8a:2f:a1:f2:f7:80:11:61:f4:ed:
d5:38:94:4c:64:26:6a:e8:ac:bf:ed:7f:92:b2:d8:
4e:ce:7b:8f:1a:95:0b:0f:be:67:f7:7d:7d:1e:ab:
53:0e:4f:6a:78:4e:f6:0c:8b:cb:b5:ec:94:cc:a4:
1d:d3:90:27:1c:61:54:fa:0f:b4:b1:dd:18:79:a3:
5c:72:07:e5:c0:03:7f:36:c1:9d:f6:3b:dd:3c:38:
ae:eb:7c:0e:68:d9:45:ed:46:b0:58:70:a4:6a:54:
64:c0:7e:1a:9a:ef:a0:98:08:3e:dc:cb:75:04:e9:
f0:09:9b:85:85:c3:fa:0f:16:81:07:08:c4:71:8f:
ce:ab:79:ed:47:38:0e:03:1b:41:c2:66:aa:86:46:
f3:97:56:b2:86:9e:8e:17:40:78:60:fc:4a:b7:4e:
f2:25:2e:39:a6:80:6a:df:c0:31:a6:a5:15:fd:9f:
05:bb:bb:ad:81:05:d5:af:a9:4a:f8:eb:11:f8:b2:
23:2a:e3:30:66:36:c5:48:3c:f3:d0:2c:db:c2:3f:
c9:0b:a7:97:d4:45:34:4b:8b:54:6c:ea:64:18:6d:
db:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:3B:86:95:EC:77:D3:2D:6B:88:B3:4A:FB:6C:98:EC:B8:B4:B8:D7
X509v3 Authority Key Identifier:
keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/CDE495CE739211F09FE8D469C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.88.76.0/23
111.88.79.0/24
111.88.138.0/23
111.88.184.0/21
111.88.232.0/24
111.88.234.0-111.88.237.255
115.186.1.0/24
115.186.10.0-115.186.12.255
115.186.16.0/24
115.186.19.0/24
115.186.22.0/24
115.186.24.0/24
115.186.26.0-115.186.29.255
115.186.48.0/21
115.186.64.0-115.186.75.255
115.186.88.0/23
115.186.91.0-115.186.95.255
115.186.97.0/24
115.186.99.0-115.186.100.255
115.186.105.0/24
115.186.114.0/24
115.186.116.0/24
115.186.122.0-115.186.125.255
115.186.127.0/24
117.102.10.0/23
117.102.13.0-117.102.15.255
117.102.20.0/22
117.102.27.0/24
117.102.29.0-117.102.31.255
203.81.224.0-203.81.229.255
203.81.231.0-203.81.236.255
Signature Algorithm: sha256WithRSAEncryption
7a:c0:a2:11:16:c6:ea:6d:27:3f:3b:43:10:11:1e:ff:99:f7:
11:fa:e8:7d:7a:a6:82:1f:db:6f:0b:6a:75:f7:77:77:38:45:
3f:60:3f:63:cd:31:d9:6e:f3:98:ae:c0:5f:ed:20:83:4f:fc:
12:91:9a:6a:cc:16:6d:af:70:cb:43:66:be:6a:98:00:9a:bc:
9d:1f:52:07:59:e9:56:a7:cc:a6:df:a2:79:31:82:06:24:2c:
8c:77:c9:49:53:97:65:f9:7f:33:95:33:67:c6:0e:3f:64:a0:
c3:0a:2b:ed:14:37:b4:6e:30:5e:d7:98:d8:91:82:95:4f:a6:
63:6e:81:41:40:c0:11:d1:dd:68:63:98:7e:93:9f:e3:80:98:
ec:14:a6:f0:c0:52:a2:6e:4d:7d:22:6c:7b:cb:d8:48:c8:e5:
1d:be:ce:67:b4:45:44:b3:5f:f1:f1:c7:ef:6e:f9:75:c2:66:
fc:32:9a:fd:d8:36:58:9a:37:55:cd:80:50:7c:c8:8a:4f:98:
2a:e1:fe:f4:9d:cf:61:29:8c:db:dc:60:e7:a1:5e:c0:0e:2b:
08:eb:5c:1e:a6:c5:cc:d0:74:46:d8:2a:78:1d:a3:20:60:71:
ab:42:42:21:56:3b:38:ba:dc:24:83:18:39:d8:7e:64:cb:18:
12:44:4c:84
-----BEGIN CERTIFICATE-----
MIIGhzCCBW+gAwIBAgICOTIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE
RDIxRkUyMDYwHhcNMjUwODA3MTMzMTIxWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODk0YWFhOC0wMjU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtV1GbInaLqyR9/2w+Ue9czHUbD6vJxRKQFpSbVLnocDkwYovofL3gBFh9O3V
OJRMZCZq6Ky/7X+SsthOznuPGpULD75n9319HqtTDk9qeE72DIvLteyUzKQd05An
HGFU+g+0sd0YeaNccgflwAN/NsGd9jvdPDiu63wOaNlF7UawWHCkalRkwH4amu+g
mAg+3Mt1BOnwCZuFhcP6DxaBBwjEcY/Oq3ntRzgOAxtBwmaqhkbzl1ayhp6OF0B4
YPxKt07yJS45poBq38AxpqUV/Z8Fu7utgQXVr6lK+OsR+LIjKuMwZjbFSDzz0Czb
wj/JC6eX1EU0S4tUbOpkGG3bTQIDAQABo4IDqzCCA6cwHQYDVR0OBBYEFEI7hpXs
d9Mta4izSvtsmOy4tLjXMB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE
ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvQ0RFNDk1Q0U3
MzkyMTFGMDlGRThENDY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEzBggrBgEFBQcBBwEB
/wSCASIwggEeMIIBGgQCAAEwggESAwQBb1hMAwQAb1hPAwQBb1iKAwQDb1i4AwQA
b1joMAwDBAFvWOoDBAFvWOwDBABzugEwDAMEAXO6CgMEAHO6DAMEAHO6EAMEAHO6
EwMEAHO6FgMEAHO6GDAMAwQBc7oaAwQBc7ocAwQDc7owMAwDBAZzukADBAJzukgD
BAFzulgwDAMEAHO6WwMEBXO6QAMEAHO6YTAMAwQAc7pjAwQAc7pkAwQAc7ppAwQA
c7pyAwQAc7p0MAwDBAFzunoDBAFzunwDBABzun8DBAF1ZgowDAMEAHVmDQMEBHVm
AAMEAnVmFAMEAHVmGzAMAwQAdWYdAwQFdWYAMAwDBAXLUeADBAHLUeQwDAMEAMtR
5wMEAMtR7DANBgkqhkiG9w0BAQsFAAOCAQEAesCiERbG6m0nPztDEBEe/5n3Efro
fXqmgh/bbwtqdfd3dzhFP2A/Y80x2W7zmK7AX+0gg0/8EpGaaswWba9wy0NmvmqY
AJq8nR9SB1npVqfMpt+ieTGCBiQsjHfJSVOXZfl/M5UzZ8YOP2Sgwwor7RQ3tG4w
XteY2JGClU+mY26BQUDAEdHdaGOYfpOf44CY7BSm8MBSom5NfSJse8vYSMjlHb7O
Z7RFRLNf8fHH7275dcJm/DKa/dg2WJo3Vc2AUHzIik+YKuH+9J3PYSmM29xg56Fe
wA4rCOtcHqbFzNB0RtgqeB2jIGBxq0JCIVY7OLrcJIMYOdh+ZMsYEkRMhA==
-----END CERTIFICATE-----
Generated at Mon Aug 11 04:07:51 2025 by rpki-client