Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919A998/AB34FBD4F25811E9B75E3C70C4F9AE02/653CF2F6F25A11E9937D9D73C4F9AE02.roa
File: 653CF2F6F25A11E9937D9D73C4F9AE02.roa (raw, json)
Hash identifier: IlqRKAixBVu9Vx4XUBGktOBKcBONHQKrwOz30YJWU9c=
Subject key identifier: 09:DB:45:44:48:51:F0:CE:CF:0E:C1:FA:90:19:A0:65:6C:82:A4:52
Certificate issuer: /CN=A919A998/serialNumber=5EA1A7B802E7E7EFC77CA1A38E52F72ACD463930
Certificate serial: 0D62
Authority key identifier: 5E:A1:A7:B8:02:E7:E7:EF:C7:7C:A1:A3:8E:52:F7:2A:CD:46:39:30
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XqGnuALn5-_HfKGjjlL3Ks1GOTA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919A998/AB34FBD4F25811E9B75E3C70C4F9AE02/653CF2F6F25A11E9937D9D73C4F9AE02.roa
Signing time: Sun 02 Nov 2025 20:21:35 +0000
ROA not before: Sun 02 Nov 2025 20:21:35 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 58715
IP address blocks: 45.113.132.0/22 maxlen: 24
59.152.96.0/20 maxlen: 24
103.21.40.0/22 maxlen: 24
103.85.156.0/22 maxlen: 24
144.48.116.0/22 maxlen: 24
182.48.64.0/19 maxlen: 24
2404:4f80::/32 maxlen: 36
2404:4f80::/48 maxlen: 48
2404:4f80:f::/48 maxlen: 48
2404:4f80:10::/48 maxlen: 48
2404:4f80:11::/48 maxlen: 48
2404:4f80:12::/48 maxlen: 48
2404:4f80:13::/48 maxlen: 48
2404:4f80:14::/48 maxlen: 48
2404:4f80:15::/48 maxlen: 48
2404:4f80:16::/48 maxlen: 48
2404:4f80:17::/48 maxlen: 48
2404:4f80:18::/48 maxlen: 48
2404:4f80:19::/48 maxlen: 48
2404:4f80:1a::/48 maxlen: 48
2404:4f80:1b::/48 maxlen: 48
2404:4f80:1c::/48 maxlen: 48
2404:4f80:1d::/48 maxlen: 48
2404:4f80:1e::/48 maxlen: 48
2404:4f80:1f::/48 maxlen: 48
2404:4f80:20::/48 maxlen: 48
2404:4f80:21::/48 maxlen: 48
2404:4f80:22::/48 maxlen: 48
2404:4f80:23::/48 maxlen: 48
2404:4f80:29::/48 maxlen: 48
2404:4f80:30::/48 maxlen: 48
2404:4f80:31::/48 maxlen: 48
2404:4f80:32::/48 maxlen: 48
2404:4f80:33::/48 maxlen: 48
2404:4f80:34::/48 maxlen: 48
2404:4f80:35::/48 maxlen: 48
2404:4f80:36::/48 maxlen: 48
2404:4f80:37::/48 maxlen: 48
2404:4f80:38::/48 maxlen: 48
2404:4f80:39::/48 maxlen: 48
2404:4f80:3a::/48 maxlen: 48
2404:4f80:3b::/48 maxlen: 48
2404:4f80:3c::/48 maxlen: 48
2404:4f80:3d::/48 maxlen: 48
2404:4f80:3e::/48 maxlen: 48
2404:4f80:71::/48 maxlen: 48
2404:4f80:72::/48 maxlen: 48
2404:4f80:73::/48 maxlen: 48
2404:4f80:310::/48 maxlen: 48
2404:4f80:311::/48 maxlen: 48
2404:4f80:312::/48 maxlen: 48
2404:4f80:313::/48 maxlen: 48
2404:4f80:314::/48 maxlen: 48
2404:4f80:315::/48 maxlen: 48
2404:4f80:316::/48 maxlen: 48
2404:4f80:317::/48 maxlen: 48
2404:4f80:318::/48 maxlen: 48
2404:4f80:319::/48 maxlen: 48
2404:4f80:31a::/48 maxlen: 48
2404:4f80:31b::/48 maxlen: 48
2404:4f80:31c::/48 maxlen: 48
2404:4f80:31d::/48 maxlen: 48
2404:4f80:31e::/48 maxlen: 48
2404:4f80:31f::/48 maxlen: 48
2404:4f80:320::/48 maxlen: 48
2404:4f80:321::/48 maxlen: 48
2404:4f80:322::/48 maxlen: 48
2404:4f80:323::/48 maxlen: 48
2404:4f80:324::/48 maxlen: 48
2404:4f80:325::/48 maxlen: 48
2404:4f80:326::/48 maxlen: 48
2404:4f80:327::/48 maxlen: 48
2404:4f80:328::/48 maxlen: 48
2404:4f80:329::/48 maxlen: 48
2404:4f80:32a::/48 maxlen: 48
2404:4f80:32b::/48 maxlen: 48
2404:4f80:32c::/48 maxlen: 48
2404:4f80:32d::/48 maxlen: 48
2404:4f80:330::/48 maxlen: 48
2404:4f80:331::/48 maxlen: 48
2404:4f80:332::/48 maxlen: 48
2404:4f80:333::/48 maxlen: 48
2404:4f80:334::/48 maxlen: 48
2404:4f80:335::/48 maxlen: 48
2404:4f80:336::/48 maxlen: 48
2404:4f80:337::/48 maxlen: 48
2404:4f80:338::/48 maxlen: 48
2404:4f80:339::/48 maxlen: 48
2404:4f80:33b::/48 maxlen: 48
2404:4f80:33c::/48 maxlen: 48
2404:4f80:33d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919A998/AB34FBD4F25811E9B75E3C70C4F9AE02/XqGnuALn5-_HfKGjjlL3Ks1GOTA.crl
rsync://rpki.apnic.net/member_repository/A919A998/AB34FBD4F25811E9B75E3C70C4F9AE02/XqGnuALn5-_HfKGjjlL3Ks1GOTA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XqGnuALn5-_HfKGjjlL3Ks1GOTA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 11 Nov 2025 18:10:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3426 (0xd62)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919A998, serialNumber=5EA1A7B802E7E7EFC77CA1A38E52F72ACD463930
Validity
Not Before: Nov 2 20:21:35 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=6907bd4f-a473
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:8a:5f:1c:a2:a9:b5:c0:26:30:9c:88:49:ba:
be:d2:61:f9:6c:f7:11:df:e0:f6:09:2f:08:fb:69:
04:4a:22:57:8f:9e:40:14:f9:a5:be:44:50:00:64:
5e:0b:65:09:47:16:4e:37:a4:12:85:02:24:9e:b1:
16:74:f0:98:63:71:06:d4:2c:64:83:d3:ab:10:f8:
46:08:ed:f1:45:de:45:be:74:94:c9:ec:cc:e6:10:
6f:0f:21:7b:ad:05:e0:36:5e:ba:5a:fa:56:29:67:
5d:bb:68:9a:b0:0d:2d:b9:f6:f7:6e:08:74:d9:68:
92:ff:10:61:0a:ce:a3:ca:94:61:6c:3d:58:bc:1f:
b0:3f:20:20:18:db:60:3c:f2:bb:0b:6f:17:92:ea:
74:01:06:38:1e:30:66:9d:03:0a:d0:53:6f:9a:62:
02:a6:de:ae:32:4d:e2:50:d8:fb:3b:72:a0:3f:fb:
fe:37:c0:39:5c:e0:3a:31:dd:2f:da:54:62:77:2b:
51:73:ca:51:93:77:8c:fa:32:f4:44:d6:f3:eb:05:
31:a3:a8:8b:1e:27:46:79:5c:9e:96:7d:95:45:f8:
43:9b:cf:68:08:b9:60:5c:d6:0f:7e:53:a0:5b:bf:
93:bf:d6:fe:34:0f:60:69:bd:16:21:31:e3:4b:8b:
1c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:DB:45:44:48:51:F0:CE:CF:0E:C1:FA:90:19:A0:65:6C:82:A4:52
X509v3 Authority Key Identifier:
keyid:5E:A1:A7:B8:02:E7:E7:EF:C7:7C:A1:A3:8E:52:F7:2A:CD:46:39:30
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919A998/AB34FBD4F25811E9B75E3C70C4F9AE02/XqGnuALn5-_HfKGjjlL3Ks1GOTA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XqGnuALn5-_HfKGjjlL3Ks1GOTA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A998/AB34FBD4F25811E9B75E3C70C4F9AE02/653CF2F6F25A11E9937D9D73C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.113.132.0/22
59.152.96.0/20
103.21.40.0/22
103.85.156.0/22
144.48.116.0/22
182.48.64.0/19
IPv6:
2404:4f80::/32
Signature Algorithm: sha256WithRSAEncryption
33:05:4e:7c:7c:83:00:a4:59:ee:70:72:da:a9:14:9c:c1:78:
e8:c6:cf:72:9c:d0:26:3e:0b:e8:5b:c6:f9:b9:f4:2e:37:66:
e3:6e:8f:8a:ea:37:da:c7:5a:05:b2:8c:2b:25:f2:0e:cd:65:
a0:4f:aa:11:ad:3e:e3:ea:60:fc:3c:cb:77:5f:3d:21:9a:1b:
9e:4f:a0:1a:0b:2b:28:97:21:58:50:bd:b0:9b:83:48:cd:90:
8d:c2:63:d0:b6:aa:2e:85:ea:8d:55:91:fc:bc:cb:fd:85:38:
a6:d3:2f:6c:ab:eb:9f:34:1b:71:43:fa:b4:71:58:ef:74:be:
8c:5e:d6:2d:dc:d9:88:4f:4f:72:20:bf:a5:51:27:a1:cf:b6:
b9:11:a3:21:67:6f:d5:54:1d:b5:e6:0a:f5:25:2a:09:60:b3:
12:a1:57:9e:ef:39:87:05:32:65:32:5c:b4:a7:c6:76:32:88:
9c:b0:a1:5d:37:72:54:0a:21:f8:3b:b1:d6:1f:ac:ba:e9:09:
ba:5c:2c:c9:a4:94:59:dd:b6:9d:ff:aa:f2:a8:b3:bb:72:2e:
16:8a:d8:11:02:01:2d:cd:42:d8:86:52:38:78:20:17:e8:a4:
5d:fa:84:d6:69:29:39:7b:1b:df:cd:da:2c:c3:27:c8:a8:7d:
a2:eb:3c:47
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICDWIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUE5OTgxMTAvBgNVBAUTKDVFQTFBN0I4MDJFN0U3RUZDNzdDQTFBMzhFNTJGNzJB
Q0Q0NjM5MzAwHhcNMjUxMTAyMjAyMTM1WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OTA3YmQ0Zi1hNDczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxIpfHKKptcAmMJyISbq+0mH5bPcR3+D2CS8I+2kESiJXj55AFPmlvkRQAGRe
C2UJRxZON6QShQIknrEWdPCYY3EG1Cxkg9OrEPhGCO3xRd5FvnSUyezM5hBvDyF7
rQXgNl66WvpWKWddu2iasA0tufb3bgh02WiS/xBhCs6jypRhbD1YvB+wPyAgGNtg
PPK7C28Xkup0AQY4HjBmnQMK0FNvmmICpt6uMk3iUNj7O3KgP/v+N8A5XOA6Md0v
2lRidytRc8pRk3eM+jL0RNbz6wUxo6iLHidGeVyeln2VRfhDm89oCLlgXNYPflOg
W7+Tv9b+NA9gab0WITHjS4scXQIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFAnbRURI
UfDOzw7B+pAZoGVsgqRSMB8GA1UdIwQYMBaAFF6hp7gC5+fvx3yho45S9yrNRjkw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QTk5OC9BQjM0RkJENEYy
NTgxMUU5Qjc1RTNDNzBDNEY5QUUwMi9YcUdudUFMbjUtX0hmS0dqamxMM0tzMUdP
VEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hxR251QUxuNS1fSGZLR2pqbEwzS3MxR09UQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUE5OTgvQUIzNEZCRDRGMjU4MTFFOUI3NUUzQzcwQzRGOUFFMDIvNjUzQ0YyRjZG
MjVBMTFFOTkzN0Q5RDczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E
PTA7MCoEAgABMCQDBAItcYQDBAQ7mGADBAJnFSgDBAJnVZwDBAKQMHQDBAW2MEAw
DQQCAAIwBwMFACQET4AwDQYJKoZIhvcNAQELBQADggEBADMFTnx8gwCkWe5wctqp
FJzBeOjGz3Kc0CY+C+hbxvm59C43ZuNuj4rqN9rHWgWyjCsl8g7NZaBPqhGtPuPq
YPw8y3dfPSGaG55PoBoLKyiXIVhQvbCbg0jNkI3CY9C2qi6F6o1Vkfy8y/2FOKbT
L2yr6580G3FD+rRxWO90voxe1i3c2YhPT3Igv6VRJ6HPtrkRoyFnb9VUHbXmCvUl
KglgsxKhV57vOYcFMmUyXLSnxnYyiJywoV03clQKIfg7sdYfrLrpCbpcLMmklFnd
tp3/qvKos7tyLhaK2BECAS3NQtiGUjh4IBfopF36hNZpKTl7G9/N2izDJ8iofaLr
PEc=
-----END CERTIFICATE-----
Generated at Wed Nov 5 04:49:18 2025 by rpki-client