Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8E61229E3AEA11EC84E6634EC4F9AE02.roa
File: 8E61229E3AEA11EC84E6634EC4F9AE02.roa (raw, json)
Hash identifier: 3heY0Fr93mlyFsseOVdIpF/xnvugkikH0X2MhJsgwiU=
Subject key identifier: 29:5F:3E:33:16:8E:A5:27:C4:8E:69:52:D3:2F:CB:6A:D6:94:CE:23
Certificate issuer: /CN=A91B885C/serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF
Certificate serial: 0D97
Authority key identifier: 53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8E61229E3AEA11EC84E6634EC4F9AE02.roa
Signing time: Fri 31 Oct 2025 18:36:46 +0000
ROA not before: Fri 31 Oct 2025 18:36:46 +0000
ROA not after: Sun 01 Mar 2026 00:00:00 +0000
asID: 55799
IP address blocks: 27.122.56.0/24 maxlen: 24
27.122.57.0/24 maxlen: 24
27.122.58.0/24 maxlen: 24
27.122.59.0/24 maxlen: 24
43.239.156.0/22 maxlen: 22
43.239.156.0/23 maxlen: 23
43.239.156.0/24 maxlen: 24
43.239.157.0/24 maxlen: 24
43.239.158.0/23 maxlen: 23
43.239.158.0/24 maxlen: 24
43.239.159.0/24 maxlen: 24
43.245.196.0/23 maxlen: 23
43.245.196.0/24 maxlen: 24
43.245.197.0/24 maxlen: 24
43.245.198.0/24 maxlen: 24
43.245.199.0/24 maxlen: 24
43.251.157.0/24 maxlen: 24
43.251.158.0/24 maxlen: 24
43.251.159.0/24 maxlen: 24
103.1.152.0/24 maxlen: 24
103.1.153.0/24 maxlen: 24
103.1.154.0/24 maxlen: 24
103.1.155.0/24 maxlen: 24
103.10.196.0/24 maxlen: 24
103.10.198.0/24 maxlen: 24
103.35.72.0/22 maxlen: 22
103.35.72.0/24 maxlen: 24
103.35.73.0/24 maxlen: 24
103.35.74.0/24 maxlen: 24
103.35.75.0/24 maxlen: 24
103.68.223.0/24 maxlen: 24
103.71.254.0/24 maxlen: 24
103.72.4.0/23 maxlen: 23
182.161.32.0/22 maxlen: 22
182.161.32.0/24 maxlen: 24
182.161.33.0/24 maxlen: 24
182.161.34.0/24 maxlen: 24
182.161.35.0/24 maxlen: 24
202.144.192.0/22 maxlen: 22
202.144.192.0/24 maxlen: 24
202.144.193.0/24 maxlen: 24
202.144.194.0/24 maxlen: 24
202.144.195.0/24 maxlen: 24
2402:c480:3001::/48 maxlen: 48
2402:c480:8001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl
rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 11 Nov 2025 18:10:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3479 (0xd97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B885C, serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF
Validity
Not Before: Oct 31 18:36:46 2025 GMT
Not After : Mar 1 00:00:00 2026 GMT
Subject: CN=690501be-91cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b9:cb:45:a6:8c:1c:14:cb:07:bc:f7:87:0e:
1a:cb:97:3a:a4:a6:0b:a1:c0:d8:db:94:6a:94:32:
05:9b:ab:67:dc:dd:31:03:3d:44:10:52:5a:df:54:
ad:37:7a:52:fd:1e:f1:a1:97:46:41:4c:e2:08:7b:
07:6b:d5:03:f7:df:18:3a:60:dd:73:06:22:38:bd:
1f:81:3e:e5:bb:3a:a8:26:6b:dc:af:57:f7:ca:6a:
34:30:b6:b8:8b:9a:ec:c0:7f:f2:b7:5a:55:6f:81:
4c:30:bf:10:f0:7c:bc:52:6a:09:28:0a:b7:0c:4f:
3c:4c:74:4c:60:d5:ce:26:c7:a9:0d:72:29:0b:90:
81:14:2f:01:15:13:51:89:b8:bb:a9:b9:2c:a0:bf:
cb:0b:d1:a4:6b:9e:6e:b4:93:cb:16:38:cb:a5:e0:
58:f4:a6:e1:32:d0:67:b2:55:03:b7:43:41:1f:71:
5b:0a:27:8a:ad:dc:14:fc:bd:ea:75:e8:f9:e7:1e:
34:92:5e:22:e1:37:d9:7b:2d:e7:5d:11:c8:22:86:
88:8a:d4:89:27:5b:30:9d:0c:b1:54:2c:67:bd:29:
b8:77:10:1a:4b:b3:8d:9c:6d:c2:71:c0:66:59:7f:
5c:01:0e:4c:97:0b:07:98:51:82:3e:02:a8:03:fa:
94:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:5F:3E:33:16:8E:A5:27:C4:8E:69:52:D3:2F:CB:6A:D6:94:CE:23
X509v3 Authority Key Identifier:
keyid:53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8E61229E3AEA11EC84E6634EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.122.56.0/22
43.239.156.0/22
43.245.196.0/22
43.251.157.0-43.251.159.255
103.1.152.0/22
103.10.196.0/24
103.10.198.0/24
103.35.72.0/22
103.68.223.0/24
103.71.254.0/24
103.72.4.0/23
182.161.32.0/22
202.144.192.0/22
IPv6:
2402:c480:3001::/48
2402:c480:8001::/48
Signature Algorithm: sha256WithRSAEncryption
86:44:2e:55:43:89:8f:41:e2:bf:e3:b2:66:73:78:d5:e4:76:
1d:42:5f:a5:4e:9f:ed:4a:be:f0:fa:1c:73:e4:d3:55:af:d2:
e0:74:77:0e:76:55:08:77:87:6f:b4:5e:ce:89:e9:7a:77:dc:
ff:89:35:b8:ae:33:93:92:65:27:e6:aa:9d:3d:2e:24:01:57:
47:b1:87:f2:44:0d:dd:9a:48:d4:46:16:f2:c2:64:0d:28:ba:
47:a9:7e:6e:fe:df:1c:1d:37:9d:cf:58:c6:d0:4c:c9:79:0b:
15:17:6d:ae:76:df:a1:dd:a9:14:12:f4:b8:61:cf:c9:b5:34:
07:68:bb:9a:84:b0:ba:f5:c3:ff:90:cc:c5:84:7a:fc:83:3d:
7f:41:6c:8d:78:42:7f:81:1a:e0:a9:ed:e7:2d:93:3e:82:9d:
4c:95:db:d7:05:30:5b:2e:72:6a:5b:be:1b:bb:ed:a6:7e:d5:
fb:25:f6:72:f9:06:ca:bb:3c:3a:87:47:20:d9:e0:b0:69:52:
51:0a:00:52:d3:b3:55:20:6e:ba:64:e2:a1:07:f9:7a:83:44:
73:1e:b1:54:43:c5:79:17:50:97:91:31:97:3f:55:d0:d9:b7:
bc:61:5b:3a:5d:43:c9:b9:59:33:6a:19:d5:0f:0a:e8:74:8f:
53:9a:08:20
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgICDZcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjg4NUMxMTAvBgNVBAUTKDUzNzRDNkU3NUYxODYwNTI0NTVBMkQ4REE1MjkyRkVG
MDA5Q0M5QUYwHhcNMjUxMDMxMTgzNjQ2WhcNMjYwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OTA1MDFiZS05MWNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAurnLRaaMHBTLB7z3hw4ay5c6pKYLocDY25RqlDIFm6tn3N0xAz1EEFJa31St
N3pS/R7xoZdGQUziCHsHa9UD998YOmDdcwYiOL0fgT7luzqoJmvcr1f3ymo0MLa4
i5rswH/yt1pVb4FMML8Q8Hy8UmoJKAq3DE88THRMYNXOJsepDXIpC5CBFC8BFRNR
ibi7qbksoL/LC9Gka55utJPLFjjLpeBY9KbhMtBnslUDt0NBH3FbCieKrdwU/L3q
dej55x40kl4i4TfZey3nXRHIIoaIitSJJ1swnQyxVCxnvSm4dxAaS7ONnG3CccBm
WX9cAQ5MlwsHmFGCPgKoA/qUywIDAQABo4IDADCCAvwwHQYDVR0OBBYEFClfPjMW
jqUnxI5pUtMvy2rWlM4jMB8GA1UdIwQYMBaAFFN0xudfGGBSRVotjaUpL+8AnMmv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODg1Qy81QzE5Rjg0MkYy
NjcxMUU5ODdDNzEzMUZDNEY5QUUwMi9VM1RHNTE4WVlGSkZXaTJOcFNrdjd3Q2N5
YTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1UzVEc1MThZWUZKRldpMk5wU2t2N3dDY3lhOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjg4NUMvNUMxOUY4NDJGMjY3MTFFOTg3QzcxMzFGQzRGOUFFMDIvOEU2MTIyOUUz
QUVBMTFFQzg0RTY2MzRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYkGCCsGAQUFBwEHAQH/
BHoweDBcBAIAATBWAwQCG3o4AwQCK++cAwQCK/XEMAwDBAAr+50DBAUr+4ADBAJn
AZgDBABnCsQDBABnCsYDBAJnI0gDBABnRN8DBABnR/4DBAFnSAQDBAK2oSADBALK
kMAwGAQCAAIwEgMHACQCxIAwAQMHACQCxICAATANBgkqhkiG9w0BAQsFAAOCAQEA
hkQuVUOJj0Hiv+OyZnN41eR2HUJfpU6f7Uq+8Pocc+TTVa/S4HR3DnZVCHeHb7Re
zonpenfc/4k1uK4zk5JlJ+aqnT0uJAFXR7GH8kQN3ZpI1EYW8sJkDSi6R6l+bv7f
HB03nc9YxtBMyXkLFRdtrnbfod2pFBL0uGHPybU0B2i7moSwuvXD/5DMxYR6/IM9
f0FsjXhCf4Ea4Knt5y2TPoKdTJXb1wUwWy5yalu+G7vtpn7V+yX2cvkGyrs8OodH
INngsGlSUQoAUtOzVSBuumTioQf5eoNEcx6xVEPFeRdQl5Exlz9V0Nm3vGFbOl1D
yblZM2oZ1Q8K6HSPU5oIIA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:14:43 2025 by rpki-client