Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91778C2/ED2BBC70F88711E7921F8668C4F9AE02/0EF775B2EFCD11EF92BCB66CC4F9AE02.roa
File: 0EF775B2EFCD11EF92BCB66CC4F9AE02.roa (raw, json)
Hash identifier: dhGM48Qmuh+yyQJu0VDMTodAqTolqsrvBN1YFz8HF0g=
Subject key identifier: F8:B3:90:8C:2D:92:87:7F:46:04:54:FF:75:00:F1:9E:4F:5B:33:30
Certificate issuer: /CN=A91778C2/serialNumber=6D4AE89FA97A716A2D92661FF2CF5BD3CCDC29FC
Certificate serial: 1795
Authority key identifier: 6D:4A:E8:9F:A9:7A:71:6A:2D:92:66:1F:F2:CF:5B:D3:CC:DC:29:FC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bUron6l6cWotkmYf8s9b08zcKfw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91778C2/ED2BBC70F88711E7921F8668C4F9AE02/0EF775B2EFCD11EF92BCB66CC4F9AE02.roa
Signing time: Tue 28 Oct 2025 17:04:47 +0000
ROA not before: Tue 28 Oct 2025 17:04:47 +0000
ROA not after: Wed 30 Dec 2026 00:00:00 +0000
asID: 132817
IP address blocks: 43.242.0.0/22 maxlen: 22
45.249.104.0/22 maxlen: 22
45.252.56.0/22 maxlen: 23
59.152.84.0/22 maxlen: 22
103.66.64.0/22 maxlen: 22
103.69.156.0/22 maxlen: 22
103.73.52.0/22 maxlen: 22
103.74.132.0/22 maxlen: 22
103.74.176.0/22 maxlen: 22
103.75.220.0/22 maxlen: 22
103.76.236.0/22 maxlen: 22
103.211.144.0/22 maxlen: 22
103.214.92.0/22 maxlen: 22
103.221.56.0/22 maxlen: 22
103.228.224.0/22 maxlen: 22
116.206.48.0/22 maxlen: 22
119.42.36.0/22 maxlen: 22
144.48.96.0/22 maxlen: 22
160.238.16.0/22 maxlen: 22
192.144.88.0/22 maxlen: 22
2402:54c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91778C2/ED2BBC70F88711E7921F8668C4F9AE02/bUron6l6cWotkmYf8s9b08zcKfw.crl
rsync://rpki.apnic.net/member_repository/A91778C2/ED2BBC70F88711E7921F8668C4F9AE02/bUron6l6cWotkmYf8s9b08zcKfw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bUron6l6cWotkmYf8s9b08zcKfw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 11 Nov 2025 16:43:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6037 (0x1795)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91778C2, serialNumber=6D4AE89FA97A716A2D92661FF2CF5BD3CCDC29FC
Validity
Not Before: Oct 28 17:04:47 2025 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=6900f7af-e3a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:2a:0f:d4:a6:b3:fb:b2:b3:ee:74:bf:30:55:
9f:84:8b:40:d8:20:f7:e5:d1:a5:65:f9:c7:4b:a1:
38:02:40:31:ee:4f:d8:1c:59:ef:21:37:74:f5:83:
c7:67:37:24:21:ee:f7:7c:8d:88:b2:b3:cc:02:8b:
d8:71:c4:57:ef:9f:40:38:ec:f5:1d:c3:ec:75:82:
20:d1:43:9c:07:fa:8c:46:21:28:14:d7:7f:77:c7:
97:34:05:e0:96:40:6a:38:d2:35:6d:84:b9:3d:e2:
e5:78:61:48:fa:24:33:bd:5b:61:9e:be:28:2e:26:
45:f5:6c:fb:53:0d:c9:16:23:64:2a:df:18:72:1a:
cf:92:93:4a:6f:df:89:76:c5:51:d3:96:e8:38:6c:
85:c9:2a:be:8d:1d:b7:63:24:04:52:02:0f:46:9a:
98:c9:3b:e0:c0:24:5f:30:13:0f:d5:aa:87:9b:91:
01:30:11:0b:57:02:d1:eb:71:e9:56:89:5b:a4:c1:
af:f8:18:ae:39:c3:1b:fd:ce:89:85:f2:8d:9a:ec:
d5:7c:52:2d:0d:15:b8:4a:81:26:22:c5:7f:4b:f0:
b1:a1:72:43:ca:e3:22:5e:f1:c6:63:3f:30:d9:a4:
aa:c0:e0:18:5f:3e:15:5c:70:1e:43:2a:be:a3:79:
0b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:B3:90:8C:2D:92:87:7F:46:04:54:FF:75:00:F1:9E:4F:5B:33:30
X509v3 Authority Key Identifier:
keyid:6D:4A:E8:9F:A9:7A:71:6A:2D:92:66:1F:F2:CF:5B:D3:CC:DC:29:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91778C2/ED2BBC70F88711E7921F8668C4F9AE02/bUron6l6cWotkmYf8s9b08zcKfw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bUron6l6cWotkmYf8s9b08zcKfw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91778C2/ED2BBC70F88711E7921F8668C4F9AE02/0EF775B2EFCD11EF92BCB66CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.242.0.0/22
45.249.104.0/22
45.252.56.0/22
59.152.84.0/22
103.66.64.0/22
103.69.156.0/22
103.73.52.0/22
103.74.132.0/22
103.74.176.0/22
103.75.220.0/22
103.76.236.0/22
103.211.144.0/22
103.214.92.0/22
103.221.56.0/22
103.228.224.0/22
116.206.48.0/22
119.42.36.0/22
144.48.96.0/22
160.238.16.0/22
192.144.88.0/22
IPv6:
2402:54c0::/32
Signature Algorithm: sha256WithRSAEncryption
1f:e8:f7:67:f1:93:c0:7b:d6:bf:98:8f:84:6b:10:d3:c0:82:
20:4d:78:0c:af:18:35:d7:f8:94:2b:d4:f5:a2:f0:a9:35:77:
95:66:58:b0:06:e5:d9:a8:f0:8c:53:20:ac:18:72:db:d0:80:
be:8f:3f:bc:39:11:37:04:02:86:6d:10:36:8f:4b:51:59:1f:
1b:48:6e:cf:3d:04:9c:05:56:0a:29:7a:e3:cb:45:29:bf:17:
ca:f4:da:1c:fe:b8:60:68:98:d3:9c:c0:18:46:6c:c8:74:85:
f7:de:fc:d9:f1:d7:ca:f1:48:dc:29:ba:5d:a5:b6:d9:36:d2:
2b:ff:1f:2b:bb:09:5f:34:df:bb:45:85:a2:4d:34:81:bc:1d:
9f:34:a5:12:65:ef:71:dc:f2:b3:4a:2b:f6:f5:ac:2b:d1:29:
2d:9f:03:3e:a3:8d:8a:72:da:06:7a:8e:47:15:07:20:fb:9e:
92:b5:c0:08:95:65:99:bc:4d:6a:b0:ed:15:96:14:c4:a9:8c:
16:b4:88:79:8d:99:0c:2f:af:ad:6e:cd:ff:71:a9:81:b5:25:
37:62:b3:18:94:f0:f6:2f:76:24:76:fe:83:be:98:5a:78:a0:
1d:c7:af:ef:6a:cb:e1:ee:08:98:8c:3a:d8:d4:95:02:1d:a1:
bf:b1:97:e5
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgICF5UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Nzc4QzIxMTAvBgNVBAUTKDZENEFFODlGQTk3QTcxNkEyRDkyNjYxRkYyQ0Y1QkQz
Q0NEQzI5RkMwHhcNMjUxMDI4MTcwNDQ3WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OTAwZjdhZi1lM2ExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0ioP1Kaz+7Kz7nS/MFWfhItA2CD35dGlZfnHS6E4AkAx7k/YHFnvITd09YPH
ZzckIe73fI2IsrPMAovYccRX759AOOz1HcPsdYIg0UOcB/qMRiEoFNd/d8eXNAXg
lkBqONI1bYS5PeLleGFI+iQzvVthnr4oLiZF9Wz7Uw3JFiNkKt8YchrPkpNKb9+J
dsVR05boOGyFySq+jR23YyQEUgIPRpqYyTvgwCRfMBMP1aqHm5EBMBELVwLR63Hp
VolbpMGv+BiuOcMb/c6JhfKNmuzVfFItDRW4SoEmIsV/S/CxoXJDyuMiXvHGYz8w
2aSqwOAYXz4VXHAeQyq+o3kL4QIDAQABo4IDGTCCAxUwHQYDVR0OBBYEFPizkIwt
kod/RgRU/3UA8Z5PWzMwMB8GA1UdIwQYMBaAFG1K6J+penFqLZJmH/LPW9PM3Cn8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzhDMi9FRDJCQkM3MEY4
ODcxMUU3OTIxRjg2NjhDNEY5QUUwMi9iVXJvbjZsNmNXb3RrbVlmOHM5YjA4emNL
ZncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JVcm9uNmw2Y1dvdGttWWY4czliMDh6Y0tmdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Nzc4QzIvRUQyQkJDNzBGODg3MTFFNzkyMUY4NjY4QzRGOUFFMDIvMEVGNzc1QjJF
RkNEMTFFRjkyQkNCNjZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaIGCCsGAQUFBwEHAQH/
BIGSMIGPMH4EAgABMHgDBAIr8gADBAIt+WgDBAIt/DgDBAI7mFQDBAJnQkADBAJn
RZwDBAJnSTQDBAJnSoQDBAJnSrADBAJnS9wDBAJnTOwDBAJn05ADBAJn1lwDBAJn
3TgDBAJn5OADBAJ0zjADBAJ3KiQDBAKQMGADBAKg7hADBALAkFgwDQQCAAIwBwMF
ACQCVMAwDQYJKoZIhvcNAQELBQADggEBAB/o92fxk8B71r+Yj4RrENPAgiBNeAyv
GDXX+JQr1PWi8Kk1d5VmWLAG5dmo8IxTIKwYctvQgL6PP7w5ETcEAoZtEDaPS1FZ
HxtIbs89BJwFVgopeuPLRSm/F8r02hz+uGBomNOcwBhGbMh0hffe/Nnx18rxSNwp
ul2lttk20iv/Hyu7CV8037tFhaJNNIG8HZ80pRJl73Hc8rNKK/b1rCvRKS2fAz6j
jYpy2gZ6jkcVByD7npK1wAiVZZm8TWqw7RWWFMSpjBa0iHmNmQwvr61uzf9xqYG1
JTdisxiU8PYvdiR2/oO+mFp4oB3Hr+9qy+HuCJiMOtjUlQIdob+xl+U=
-----END CERTIFICATE-----
Generated at Wed Nov 5 18:19:08 2025 by rpki-client