Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186E8A/3B476E7C2DFF11EB868A9135C4F9AE02/8554A0A86A8A11F0BBF66881C4F9AE02.roa
File: 8554A0A86A8A11F0BBF66881C4F9AE02.roa (raw, json)
Hash identifier: zJAHsR5vMmBId4rgQblkmv5dzmrkfUHqapxlAFUK3IU=
Subject key identifier: 14:B7:E2:C3:1C:81:CA:3E:82:0A:A7:A9:80:6E:4F:49:FA:FD:DF:D4
Certificate issuer: /CN=A9186E8A/serialNumber=A9BCCA6D34D3D5F1EFF8BBE783D49773813E5EF8
Certificate serial: 07E2
Authority key identifier: A9:BC:CA:6D:34:D3:D5:F1:EF:F8:BB:E7:83:D4:97:73:81:3E:5E:F8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qbzKbTTT1fHv-Lvng9SXc4E-Xvg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186E8A/3B476E7C2DFF11EB868A9135C4F9AE02/8554A0A86A8A11F0BBF66881C4F9AE02.roa
Signing time: Sun 27 Jul 2025 12:31:59 +0000
ROA not before: Sun 27 Jul 2025 12:31:59 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 62610
IP address blocks: 45.249.244.0/24 maxlen: 24
45.249.245.0/24 maxlen: 24
45.249.246.0/24 maxlen: 24
45.249.247.0/24 maxlen: 24
101.36.106.0/24 maxlen: 24
101.36.107.0/24 maxlen: 24
101.36.108.0/24 maxlen: 24
101.36.109.0/24 maxlen: 24
101.36.110.0/24 maxlen: 24
101.36.111.0/24 maxlen: 24
101.36.112.0/24 maxlen: 24
101.36.113.0/24 maxlen: 24
101.36.116.0/24 maxlen: 24
101.36.117.0/24 maxlen: 24
101.36.118.0/24 maxlen: 24
101.36.119.0/24 maxlen: 24
101.36.120.0/24 maxlen: 24
101.36.121.0/24 maxlen: 24
101.36.122.0/24 maxlen: 24
101.36.123.0/24 maxlen: 24
101.36.124.0/24 maxlen: 24
101.36.125.0/24 maxlen: 24
101.36.126.0/24 maxlen: 24
101.36.127.0/24 maxlen: 24
103.149.26.0/24 maxlen: 24
103.149.27.0/24 maxlen: 24
103.218.240.0/24 maxlen: 24
103.218.241.0/24 maxlen: 24
103.218.242.0/24 maxlen: 24
103.218.243.0/24 maxlen: 24
103.234.61.0/24 maxlen: 24
118.26.36.0/24 maxlen: 24
118.26.37.0/24 maxlen: 24
118.26.38.0/24 maxlen: 24
118.26.39.0/24 maxlen: 24
118.193.32.0/24 maxlen: 24
118.193.33.0/24 maxlen: 24
118.193.34.0/24 maxlen: 24
118.193.35.0/24 maxlen: 24
118.193.36.0/24 maxlen: 24
118.193.37.0/24 maxlen: 24
118.193.38.0/24 maxlen: 24
118.193.39.0/24 maxlen: 24
118.193.40.0/24 maxlen: 24
118.193.41.0/24 maxlen: 24
118.193.42.0/24 maxlen: 24
118.193.43.0/24 maxlen: 24
118.193.44.0/24 maxlen: 24
118.193.45.0/24 maxlen: 24
118.193.46.0/24 maxlen: 24
118.193.47.0/24 maxlen: 24
118.193.79.0/24 maxlen: 24
123.58.208.0/24 maxlen: 24
123.58.209.0/24 maxlen: 24
123.58.210.0/24 maxlen: 24
123.58.211.0/24 maxlen: 24
123.58.212.0/24 maxlen: 24
123.58.213.0/24 maxlen: 24
123.58.214.0/24 maxlen: 24
123.58.215.0/24 maxlen: 24
123.58.216.0/24 maxlen: 24
123.58.217.0/24 maxlen: 24
123.58.218.0/24 maxlen: 24
123.58.219.0/24 maxlen: 24
123.58.220.0/24 maxlen: 24
123.58.221.0/24 maxlen: 24
123.58.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9186E8A/3B476E7C2DFF11EB868A9135C4F9AE02/qbzKbTTT1fHv-Lvng9SXc4E-Xvg.crl
rsync://rpki.apnic.net/member_repository/A9186E8A/3B476E7C2DFF11EB868A9135C4F9AE02/qbzKbTTT1fHv-Lvng9SXc4E-Xvg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qbzKbTTT1fHv-Lvng9SXc4E-Xvg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2018 (0x7e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186E8A, serialNumber=A9BCCA6D34D3D5F1EFF8BBE783D49773813E5EF8
Validity
Not Before: Jul 27 12:31:59 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=68861c3f-5b10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:93:dc:e4:91:93:e1:c8:47:89:2f:6e:a2:15:
11:69:8f:9c:00:6f:e6:e3:25:c1:0c:2c:4b:b4:57:
ff:06:26:89:6c:11:6c:51:9e:82:f7:5a:a8:2c:44:
b8:e5:8f:d0:36:63:28:2e:bf:cf:67:4a:94:c0:12:
9f:9a:9d:e7:61:1a:7c:a7:88:08:29:d1:46:f1:34:
3d:12:82:8d:c7:bf:b3:12:b3:c1:33:f4:45:b2:c3:
7a:df:35:a5:fa:52:f9:d6:84:a0:c1:a6:f2:50:23:
87:51:80:8e:1f:05:69:cf:63:7c:b8:4d:1d:7b:32:
d0:bc:28:8e:fa:89:85:59:e1:8e:38:00:29:50:87:
bc:ba:c3:49:80:0b:4d:e4:79:d2:33:2a:4d:d5:cc:
79:d4:b2:ce:25:de:84:61:32:c9:ec:3d:97:7e:fa:
a2:14:bb:ff:e4:47:c2:5d:22:67:35:e0:a5:d5:b9:
ce:ac:24:41:1e:23:09:e5:c0:07:59:79:f9:2a:52:
91:20:d3:41:bc:4b:50:74:e2:6e:e9:12:b0:62:4f:
e1:cd:69:3f:a6:12:2c:05:3c:a1:7e:5c:99:1e:52:
1a:b4:60:37:27:b0:19:c6:e7:ce:0b:89:05:90:f0:
07:93:a4:92:54:cd:f8:36:27:a2:62:19:69:e1:8d:
68:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:B7:E2:C3:1C:81:CA:3E:82:0A:A7:A9:80:6E:4F:49:FA:FD:DF:D4
X509v3 Authority Key Identifier:
keyid:A9:BC:CA:6D:34:D3:D5:F1:EF:F8:BB:E7:83:D4:97:73:81:3E:5E:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186E8A/3B476E7C2DFF11EB868A9135C4F9AE02/qbzKbTTT1fHv-Lvng9SXc4E-Xvg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qbzKbTTT1fHv-Lvng9SXc4E-Xvg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186E8A/3B476E7C2DFF11EB868A9135C4F9AE02/8554A0A86A8A11F0BBF66881C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.249.244.0/22
101.36.106.0-101.36.113.255
101.36.116.0-101.36.127.255
103.149.26.0/23
103.218.240.0/22
103.234.61.0/24
118.26.36.0/22
118.193.32.0/20
118.193.79.0/24
123.58.208.0-123.58.221.255
123.58.223.0/24
Signature Algorithm: sha256WithRSAEncryption
17:42:77:0b:94:ae:ad:f3:25:ea:6c:a4:72:f9:fa:f2:5a:da:
c7:19:1f:e1:05:2c:00:32:af:bb:4b:f7:2c:61:ec:4f:e5:be:
4d:59:b8:e0:c1:f4:29:d4:51:93:74:46:30:ba:7f:1d:81:4a:
60:d6:bd:ea:a3:08:f8:25:e5:9c:a5:d1:cb:ba:bc:fe:ec:4f:
b7:c4:e7:fc:bd:af:7e:1c:dd:8b:68:4b:6e:90:9d:2e:0d:75:
86:ef:34:7c:00:6f:7b:46:ba:45:5e:4e:85:d7:66:dc:48:39:
62:fd:3b:70:90:51:1c:9f:f1:59:27:62:48:ec:05:ad:32:61:
2c:c2:8a:c8:12:01:29:f4:4f:32:04:57:27:92:f4:79:68:76:
5e:dd:98:c6:b1:2d:c0:1a:01:b4:1e:98:c7:6f:09:a2:d2:35:
a0:14:5e:d1:cc:8c:8f:e2:da:7d:69:5a:c3:63:ee:a3:b0:7e:
70:29:c8:c6:e8:e3:27:77:e3:27:41:7f:c2:4e:3a:bf:8a:f9:
22:9b:33:85:e3:e8:84:27:5f:a2:a2:56:e2:6d:6e:8f:83:3d:
11:ce:89:b9:77:95:98:ad:8b:de:35:26:66:ca:72:b9:87:d3:
81:49:30:81:76:12:12:31:1f:8d:95:dc:08:ed:93:05:e1:b7:
be:d5:c2:e0
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgICB+IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODZFOEExMTAvBgNVBAUTKEE5QkNDQTZEMzREM0Q1RjFFRkY4QkJFNzgzRDQ5Nzcz
ODEzRTVFRjgwHhcNMjUwNzI3MTIzMTU5WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02ODg2MWMzZi01YjEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+JPc5JGT4chHiS9uohURaY+cAG/m4yXBDCxLtFf/BiaJbBFsUZ6C91qoLES4
5Y/QNmMoLr/PZ0qUwBKfmp3nYRp8p4gIKdFG8TQ9EoKNx7+zErPBM/RFssN63zWl
+lL51oSgwabyUCOHUYCOHwVpz2N8uE0dezLQvCiO+omFWeGOOAApUIe8usNJgAtN
5HnSMypN1cx51LLOJd6EYTLJ7D2XfvqiFLv/5EfCXSJnNeCl1bnOrCRBHiMJ5cAH
WXn5KlKRINNBvEtQdOJu6RKwYk/hzWk/phIsBTyhflyZHlIatGA3J7AZxufOC4kF
kPAHk6SSVM34NieiYhlp4Y1opQIDAQABo4IC6TCCAuUwHQYDVR0OBBYEFBS34sMc
gco+ggqnqYBuT0n6/d/UMB8GA1UdIwQYMBaAFKm8ym0009Xx7/i754PUl3OBPl74
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NkU4QS8zQjQ3NkU3QzJE
RkYxMUVCODY4QTkxMzVDNEY5QUUwMi9xYnpLYlRUVDFmSHYtTHZuZzlTWGM0RS1Y
dmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FiektiVFRUMWZIdi1Mdm5nOVNYYzRFLVh2Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODZFOEEvM0I0NzZFN0MyREZGMTFFQjg2OEE5MTM1QzRGOUFFMDIvODU1NEEwQTg2
QThBMTFGMEJCRjY2ODgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcwYIKwYBBQUHAQcBAf8E
ZDBiMGAEAgABMFoDBAIt+fQwDAMEAWUkagMEAWUkcDAMAwQCZSR0AwQHZSQAAwQB
Z5UaAwQCZ9rwAwQAZ+o9AwQCdhokAwQEdsEgAwQAdsFPMAwDBAR7OtADBAF7OtwD
BAB7Ot8wDQYJKoZIhvcNAQELBQADggEBABdCdwuUrq3zJepspHL5+vJa2scZH+EF
LAAyr7tL9yxh7E/lvk1ZuODB9CnUUZN0RjC6fx2BSmDWveqjCPgl5Zyl0cu6vP7s
T7fE5/y9r34c3YtoS26QnS4NdYbvNHwAb3tGukVeToXXZtxIOWL9O3CQURyf8Vkn
YkjsBa0yYSzCisgSASn0TzIEVyeS9Hlodl7dmMaxLcAaAbQemMdvCaLSNaAUXtHM
jI/i2n1pWsNj7qOwfnApyMbo4yd34ydBf8JOOr+K+SKbM4Xj6IQnX6KiVuJtbo+D
PRHOibl3lZiti941JmbKcrmH04FJMIF2EhIxH42V3AjtkwXht77VwuA=
-----END CERTIFICATE-----
Generated at Sun Aug 10 18:29:44 2025 by rpki-client