Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8F6D3D583AEA11EC84E6634EC4F9AE02.roa
File: 8F6D3D583AEA11EC84E6634EC4F9AE02.roa (raw, json)
Hash identifier: ZyoVviYdna5gEZUP2FSAk5vLjrRPq9Nos5X+Ufxuffo=
Subject key identifier: 1C:DA:05:CA:66:4E:A6:E8:20:A1:8C:98:19:63:9D:7C:A2:55:04:BB
Certificate issuer: /CN=A91B885C/serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF
Certificate serial: 0D98
Authority key identifier: 53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8F6D3D583AEA11EC84E6634EC4F9AE02.roa
Signing time: Fri 31 Oct 2025 18:36:47 +0000
ROA not before: Fri 31 Oct 2025 18:36:47 +0000
ROA not after: Sun 01 Mar 2026 00:00:00 +0000
asID: 63916
IP address blocks: 27.122.56.0/24 maxlen: 24
27.122.57.0/24 maxlen: 24
27.122.58.0/24 maxlen: 24
27.122.59.0/24 maxlen: 24
43.239.156.0/22 maxlen: 22
43.239.156.0/23 maxlen: 23
43.239.156.0/24 maxlen: 24
43.239.157.0/24 maxlen: 24
43.239.158.0/23 maxlen: 23
43.239.158.0/24 maxlen: 24
43.239.159.0/24 maxlen: 24
43.245.196.0/23 maxlen: 23
43.245.196.0/24 maxlen: 24
43.245.197.0/24 maxlen: 24
43.245.198.0/24 maxlen: 24
43.245.199.0/24 maxlen: 24
43.251.157.0/24 maxlen: 24
43.251.158.0/24 maxlen: 24
43.251.159.0/24 maxlen: 24
103.1.152.0/24 maxlen: 24
103.1.153.0/24 maxlen: 24
103.1.154.0/24 maxlen: 24
103.1.155.0/24 maxlen: 24
103.10.196.0/24 maxlen: 24
103.10.198.0/24 maxlen: 24
103.35.72.0/22 maxlen: 22
103.35.72.0/24 maxlen: 24
103.35.73.0/24 maxlen: 24
103.35.74.0/24 maxlen: 24
103.35.75.0/24 maxlen: 24
103.68.223.0/24 maxlen: 24
103.71.254.0/24 maxlen: 24
103.72.4.0/23 maxlen: 24
182.161.32.0/22 maxlen: 22
182.161.32.0/24 maxlen: 24
182.161.33.0/24 maxlen: 24
182.161.34.0/24 maxlen: 24
182.161.35.0/24 maxlen: 24
202.144.192.0/22 maxlen: 22
202.144.192.0/24 maxlen: 24
202.144.193.0/24 maxlen: 24
202.144.194.0/24 maxlen: 24
202.144.195.0/24 maxlen: 24
2402:c480::/32 maxlen: 32
2402:c480:3000::/48 maxlen: 48
2402:c480:3001::/48 maxlen: 48
2402:c480:3002::/48 maxlen: 48
2402:c480:3003::/48 maxlen: 48
2402:c480:3004::/48 maxlen: 48
2402:c480:5000::/48 maxlen: 48
2402:c480:6000::/48 maxlen: 48
2402:c480:6001::/48 maxlen: 48
2402:c480:6002::/48 maxlen: 48
2402:c480:7000::/48 maxlen: 48
2402:c480:7001::/48 maxlen: 48
2402:c480:8000::/48 maxlen: 48
2402:c480:8001::/48 maxlen: 48
2402:c480:8003::/48 maxlen: 48
2402:c480:8208::/48 maxlen: 48
2402:c480:8412::/48 maxlen: 48
2402:c480:9000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl
rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 11 Nov 2025 18:10:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3480 (0xd98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B885C, serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF
Validity
Not Before: Oct 31 18:36:47 2025 GMT
Not After : Mar 1 00:00:00 2026 GMT
Subject: CN=690501bf-4ec0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:21:ba:f0:be:c8:62:02:08:9c:49:45:bb:21:
f2:af:ea:2b:5c:f2:2d:8d:a8:8f:96:aa:d5:54:fc:
85:97:71:b1:c6:78:6c:e3:50:db:d5:27:9c:f2:de:
b2:7b:2b:44:70:0d:1e:86:8b:bd:a1:b3:4d:e3:5b:
d4:b2:af:de:75:9f:3d:ea:ea:c8:8b:61:e9:80:45:
9e:be:a5:b0:25:67:8a:19:bc:8e:74:88:e6:34:5b:
e5:74:a7:69:41:82:63:19:dc:c1:64:64:b6:2f:54:
1f:71:45:50:81:4a:58:f3:3d:01:1f:49:39:5c:04:
a9:4d:1e:2d:5e:e1:68:4b:c2:6a:16:17:22:80:32:
c3:8a:50:ef:16:b0:35:39:c6:cb:f2:d9:c4:93:74:
d7:84:09:ad:99:b0:dc:e5:7d:aa:b9:6a:32:b2:bb:
e7:5d:29:12:01:27:bf:ec:65:d5:c5:d9:b1:38:11:
c9:30:5c:e8:04:ac:68:16:bc:a3:f6:fd:07:97:84:
e0:e2:48:21:ed:3e:ed:f9:81:d5:dd:d7:6c:76:20:
f9:0f:1c:cc:23:9d:53:ea:b0:55:0e:36:7b:25:57:
9d:15:34:a5:ee:1f:2a:d1:16:14:98:9a:d2:66:18:
f6:8f:1e:73:5a:7c:32:b2:93:1a:0e:84:78:33:c4:
cd:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:DA:05:CA:66:4E:A6:E8:20:A1:8C:98:19:63:9D:7C:A2:55:04:BB
X509v3 Authority Key Identifier:
keyid:53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8F6D3D583AEA11EC84E6634EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.122.56.0/22
43.239.156.0/22
43.245.196.0/22
43.251.157.0-43.251.159.255
103.1.152.0/22
103.10.196.0/24
103.10.198.0/24
103.35.72.0/22
103.68.223.0/24
103.71.254.0/24
103.72.4.0/23
182.161.32.0/22
202.144.192.0/22
IPv6:
2402:c480::/32
Signature Algorithm: sha256WithRSAEncryption
9d:42:b5:4c:58:10:d1:84:e7:7f:40:ec:76:dd:6f:91:1c:0d:
18:31:62:83:80:4d:91:bb:95:26:06:47:26:0a:68:f9:33:46:
e7:b6:0a:28:df:45:37:03:c9:90:9f:c4:7e:45:75:31:57:9e:
49:7e:08:0d:87:d2:66:1e:e0:4c:71:87:da:a6:32:ec:98:1c:
3f:07:73:c8:4c:7d:0e:0d:f6:61:04:c4:4a:90:fc:bb:7c:6e:
66:d1:ee:f3:8e:3f:29:da:fd:c6:54:23:d6:c2:d0:b8:5f:c1:
99:42:bc:93:89:56:c1:80:1c:08:e1:89:c9:ae:3a:68:ec:a0:
76:cb:e2:90:dc:44:6c:70:26:54:d3:75:80:c2:af:29:e5:99:
4e:31:0c:36:d2:34:0a:d1:75:e4:6e:c8:e1:13:97:2a:4f:89:
63:62:b4:cb:8d:36:80:03:6a:0a:0a:c3:f1:33:fb:f4:6d:72:
a5:1d:b5:b4:26:92:bf:e1:a4:e4:bc:66:3d:b8:97:ab:c9:56:
48:22:7c:51:0b:ff:0c:38:95:56:2b:28:db:1b:0c:67:f5:45:
8b:f4:c8:bb:59:69:30:49:7b:39:0b:fb:ca:f5:e7:c0:60:26:
9c:07:6f:cf:40:85:85:1a:c5:57:eb:d1:e6:76:25:36:d1:f0:
f0:41:dc:e6
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgICDZgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjg4NUMxMTAvBgNVBAUTKDUzNzRDNkU3NUYxODYwNTI0NTVBMkQ4REE1MjkyRkVG
MDA5Q0M5QUYwHhcNMjUxMDMxMTgzNjQ3WhcNMjYwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OTA1MDFiZi00ZWMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxSG68L7IYgIInElFuyHyr+orXPItjaiPlqrVVPyFl3Gxxnhs41Db1Sec8t6y
eytEcA0ehou9obNN41vUsq/edZ896urIi2HpgEWevqWwJWeKGbyOdIjmNFvldKdp
QYJjGdzBZGS2L1QfcUVQgUpY8z0BH0k5XASpTR4tXuFoS8JqFhcigDLDilDvFrA1
OcbL8tnEk3TXhAmtmbDc5X2quWoysrvnXSkSASe/7GXVxdmxOBHJMFzoBKxoFryj
9v0Hl4Tg4kgh7T7t+YHV3ddsdiD5DxzMI51T6rBVDjZ7JVedFTSl7h8q0RYUmJrS
Zhj2jx5zWnwyspMaDoR4M8TNNQIDAQABo4IC9DCCAvAwHQYDVR0OBBYEFBzaBcpm
TqboIKGMmBljnXyiVQS7MB8GA1UdIwQYMBaAFFN0xudfGGBSRVotjaUpL+8AnMmv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODg1Qy81QzE5Rjg0MkYy
NjcxMUU5ODdDNzEzMUZDNEY5QUUwMi9VM1RHNTE4WVlGSkZXaTJOcFNrdjd3Q2N5
YTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1UzVEc1MThZWUZKRldpMk5wU2t2N3dDY3lhOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjg4NUMvNUMxOUY4NDJGMjY3MTFFOTg3QzcxMzFGQzRGOUFFMDIvOEY2RDNENTgz
QUVBMTFFQzg0RTY2MzRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfgYIKwYBBQUHAQcBAf8E
bzBtMFwEAgABMFYDBAIbejgDBAIr75wDBAIr9cQwDAMEACv7nQMEBSv7gAMEAmcB
mAMEAGcKxAMEAGcKxgMEAmcjSAMEAGdE3wMEAGdH/gMEAWdIBAMEArahIAMEAsqQ
wDANBAIAAjAHAwUAJALEgDANBgkqhkiG9w0BAQsFAAOCAQEAnUK1TFgQ0YTnf0Ds
dt1vkRwNGDFig4BNkbuVJgZHJgpo+TNG57YKKN9FNwPJkJ/EfkV1MVeeSX4IDYfS
Zh7gTHGH2qYy7JgcPwdzyEx9Dg32YQTESpD8u3xuZtHu844/Kdr9xlQj1sLQuF/B
mUK8k4lWwYAcCOGJya46aOygdsvikNxEbHAmVNN1gMKvKeWZTjEMNtI0CtF15G7I
4ROXKk+JY2K0y402gANqCgrD8TP79G1ypR21tCaSv+Gk5LxmPbiXq8lWSCJ8UQv/
DDiVViso2xsMZ/VFi/TIu1lpMEl7OQv7yvXnwGAmnAdvz0CFhRrFV+vR5nYlNtHw
8EHc5g==
-----END CERTIFICATE-----
Generated at Wed Nov 5 02:17:04 2025 by rpki-client