Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BC269/BA676E30CFE511EC94BBC75AC4F9AE02/9B8A0A56F56F11EF84317935C4F9AE02.roa
File: 9B8A0A56F56F11EF84317935C4F9AE02.roa (raw, json)
Hash identifier: hUEi5Mxm1d2fdxW2k3TL0lrkSD9s1MOK7bqcVMZxr0U=
Subject key identifier: 9A:CE:08:D6:DB:54:E5:4D:D5:C7:69:9D:8C:05:54:22:0B:64:91:90
Certificate issuer: /CN=A91BC269/serialNumber=30E2061F7C20BD843BEE5372C1321C35FBB1D3EF
Certificate serial: 03C0
Authority key identifier: 30:E2:06:1F:7C:20:BD:84:3B:EE:53:72:C1:32:1C:35:FB:B1:D3:EF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOIGH3wgvYQ77lNywTIcNfux0-8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BC269/BA676E30CFE511EC94BBC75AC4F9AE02/9B8A0A56F56F11EF84317935C4F9AE02.roa
Signing time: Wed 22 Oct 2025 04:16:07 +0000
ROA not before: Wed 22 Oct 2025 04:16:07 +0000
ROA not after: Wed 30 Dec 2026 00:00:00 +0000
asID: 55850
IP address blocks: 14.137.0.0/19 maxlen: 19
101.53.192.0/19 maxlen: 19
101.53.208.0/21 maxlen: 21
101.53.216.0/22 maxlen: 22
101.53.220.0/22 maxlen: 23
103.8.140.0/22 maxlen: 22
103.15.126.0/23 maxlen: 23
103.26.202.0/24 maxlen: 24
103.173.251.0/24 maxlen: 24
103.241.56.0/22 maxlen: 22
115.69.160.0/19 maxlen: 19
116.251.128.0/18 maxlen: 18
116.251.192.0/21 maxlen: 21
116.251.200.0/22 maxlen: 22
124.155.224.0/20 maxlen: 20
150.107.172.0/22 maxlen: 22
163.47.236.0/22 maxlen: 22
180.148.96.0/19 maxlen: 19
202.56.32.0/20 maxlen: 20
202.56.48.0/21 maxlen: 21
202.74.33.0/24 maxlen: 24
202.137.240.0/21 maxlen: 21
203.94.32.0/19 maxlen: 19
203.124.16.0/21 maxlen: 21
2401:2f40::/32 maxlen: 32
2406:5a00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91BC269/BA676E30CFE511EC94BBC75AC4F9AE02/MOIGH3wgvYQ77lNywTIcNfux0-8.crl
rsync://rpki.apnic.net/member_repository/A91BC269/BA676E30CFE511EC94BBC75AC4F9AE02/MOIGH3wgvYQ77lNywTIcNfux0-8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOIGH3wgvYQ77lNywTIcNfux0-8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 10 Nov 2025 00:52:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 960 (0x3c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BC269, serialNumber=30E2061F7C20BD843BEE5372C1321C35FBB1D3EF
Validity
Not Before: Oct 22 04:16:07 2025 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=68f85a86-4d58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0d:fc:e2:61:5c:79:8f:01:af:d1:4f:29:30:
40:05:1e:4e:2d:b2:c5:1c:22:ba:3f:9d:9f:5d:16:
13:8f:a7:8a:7b:30:eb:c0:98:27:ac:f5:d1:97:73:
9c:e3:e8:69:f5:ee:b3:f8:77:fa:fd:09:ef:3f:0c:
72:5f:2d:26:f9:f9:03:ba:1b:7d:8a:36:d6:22:f2:
f6:b5:ae:28:a8:c1:d4:fc:98:5a:21:44:e4:5b:67:
dc:1f:e6:2d:e2:dd:98:fb:d7:a6:a3:80:5f:22:c4:
8a:3d:77:12:c1:1d:71:e5:9b:f5:f2:21:b1:35:65:
3f:38:09:c0:5a:d3:a0:d8:6e:ef:a0:8a:90:f6:8c:
c7:e0:5d:37:e0:6a:18:46:a2:7e:23:65:60:b2:97:
e3:30:fb:3d:cb:7f:b9:16:f0:ee:08:77:5a:7d:10:
b7:1d:a7:05:6c:85:c7:74:44:5d:ed:07:21:8c:42:
67:15:95:ec:97:45:0d:75:47:80:c1:b3:25:09:be:
34:ca:e1:13:4b:64:42:ab:c3:2a:2a:4f:a9:90:da:
9d:e3:ed:eb:6c:ff:01:57:f4:06:d5:88:19:c9:47:
06:36:14:c9:ff:0f:3d:b4:4e:e7:c9:a8:2a:66:fd:
f8:2b:a7:8b:d9:be:27:af:92:ac:d3:40:07:9f:cc:
d7:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:CE:08:D6:DB:54:E5:4D:D5:C7:69:9D:8C:05:54:22:0B:64:91:90
X509v3 Authority Key Identifier:
keyid:30:E2:06:1F:7C:20:BD:84:3B:EE:53:72:C1:32:1C:35:FB:B1:D3:EF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BC269/BA676E30CFE511EC94BBC75AC4F9AE02/MOIGH3wgvYQ77lNywTIcNfux0-8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOIGH3wgvYQ77lNywTIcNfux0-8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BC269/BA676E30CFE511EC94BBC75AC4F9AE02/9B8A0A56F56F11EF84317935C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.137.0.0/19
101.53.192.0/19
103.8.140.0/22
103.15.126.0/23
103.26.202.0/24
103.173.251.0/24
103.241.56.0/22
115.69.160.0/19
116.251.128.0-116.251.203.255
124.155.224.0/20
150.107.172.0/22
163.47.236.0/22
180.148.96.0/19
202.56.32.0-202.56.55.255
202.74.33.0/24
202.137.240.0/21
203.94.32.0/19
203.124.16.0/21
IPv6:
2401:2f40::/32
2406:5a00::/32
Signature Algorithm: sha256WithRSAEncryption
c4:b1:a2:3b:f2:c5:74:81:c4:dd:78:59:60:0e:e5:c4:f3:e8:
6f:f3:28:f6:cf:bc:e7:f3:58:b1:06:35:b0:67:81:99:9e:d1:
58:ae:6b:2b:ee:67:1d:62:b1:95:a3:d8:b2:96:8e:4e:a6:c8:
ad:e4:93:87:d3:76:68:5d:b2:19:82:4a:c0:52:96:71:d1:62:
81:a4:b8:c9:ae:2b:15:8c:c7:d5:a0:48:a0:0b:29:dc:69:e4:
6b:ec:58:3e:e4:d8:3e:38:25:6d:fe:7e:6c:bd:49:1d:0f:c1:
be:94:66:e6:54:43:79:66:11:a1:30:9c:47:3f:1a:5c:f0:c1:
e4:fe:1f:6d:f1:9d:ee:93:51:13:dc:d4:a2:37:d2:a2:ed:33:
87:a6:03:cb:75:0d:2a:19:44:de:7b:5b:1d:30:9e:d1:e3:b2:
8c:16:77:9a:d9:df:fe:82:40:8a:5a:db:1e:a7:7e:cc:03:a9:
06:3a:6a:67:24:70:79:9d:fe:4c:d8:84:65:47:9d:a6:08:ed:
0e:8f:88:48:ec:e2:5d:65:7d:cf:13:e8:17:fc:54:5e:88:42:
36:83:67:89:ab:90:06:33:75:c0:cf:48:cf:0e:ba:6a:fc:e5:
d0:48:f3:1c:0e:0f:8c:0d:82:f5:c0:68:c9:6f:f6:4b:9a:21:
22:1a:1c:c1
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgICA8AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkMyNjkxMTAvBgNVBAUTKDMwRTIwNjFGN0MyMEJEODQzQkVFNTM3MkMxMzIxQzM1
RkJCMUQzRUYwHhcNMjUxMDIyMDQxNjA3WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGY4NWE4Ni00ZDU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxQ384mFceY8Br9FPKTBABR5OLbLFHCK6P52fXRYTj6eKezDrwJgnrPXRl3Oc
4+hp9e6z+Hf6/QnvPwxyXy0m+fkDuht9ijbWIvL2ta4oqMHU/JhaIUTkW2fcH+Yt
4t2Y+9emo4BfIsSKPXcSwR1x5Zv18iGxNWU/OAnAWtOg2G7voIqQ9ozH4F034GoY
RqJ+I2VgspfjMPs9y3+5FvDuCHdafRC3HacFbIXHdERd7QchjEJnFZXsl0UNdUeA
wbMlCb40yuETS2RCq8MqKk+pkNqd4+3rbP8BV/QG1YgZyUcGNhTJ/w89tE7nyagq
Zv34K6eL2b4nr5Ks00AHn8zXEQIDAQABo4IDJTCCAyEwHQYDVR0OBBYEFJrOCNbb
VOVN1cdpnYwFVCILZJGQMB8GA1UdIwQYMBaAFDDiBh98IL2EO+5TcsEyHDX7sdPv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQzI2OS9CQTY3NkUzMENG
RTUxMUVDOTRCQkM3NUFDNEY5QUUwMi9NT0lHSDN3Z3ZZUTc3bE55d1RJY05mdXgw
LTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01PSUdIM3dndllRNzdsTnl3VEljTmZ1eDAtOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkMyNjkvQkE2NzZFMzBDRkU1MTFFQzk0QkJDNzVBQzRGOUFFMDIvOUI4QTBBNTZG
NTZGMTFFRjg0MzE3OTM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwga4GCCsGAQUFBwEHAQH/
BIGeMIGbMIGCBAIAATB8AwQFDokAAwQFZTXAAwQCZwiMAwQBZw9+AwQAZxrKAwQA
Z637AwQCZ/E4AwQFc0WgMAwDBAd0+4ADBAJ0+8gDBAR8m+ADBAKWa6wDBAKjL+wD
BAW0lGAwDAMEBco4IAMEA8o4MAMEAMpKIQMEA8qJ8AMEBcteIAMEA8t8EDAUBAIA
AjAOAwUAJAEvQAMFACQGWgAwDQYJKoZIhvcNAQELBQADggEBAMSxojvyxXSBxN14
WWAO5cTz6G/zKPbPvOfzWLEGNbBngZme0ViuayvuZx1isZWj2LKWjk6myK3kk4fT
dmhdshmCSsBSlnHRYoGkuMmuKxWMx9WgSKALKdxp5GvsWD7k2D44JW3+fmy9SR0P
wb6UZuZUQ3lmEaEwnEc/GlzwweT+H23xne6TURPc1KI30qLtM4emA8t1DSoZRN57
Wx0wntHjsowWd5rZ3/6CQIpa2x6nfswDqQY6amckcHmd/kzYhGVHnaYI7Q6PiEjs
4l1lfc8T6Bf8VF6IQjaDZ4mrkAYzdcDPSM8Oumr85dBI8xwOD4wNgvXAaMlv9kua
ISIaHME=
-----END CERTIFICATE-----
Generated at Tue Nov 4 16:03:55 2025 by rpki-client