Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/4A1187B26E7811F09E744A82C4F9AE02.roa
File: 4A1187B26E7811F09E744A82C4F9AE02.roa (raw, json)
Hash identifier: dJjpFHpkMqHmt4CfDfWFKzsV9Emfi+BcDZ6MOJ55ZSs=
Subject key identifier: 3A:08:9F:E1:56:F7:72:60:91:43:EA:83:3C:E9:9E:E4:A1:D4:95:90
Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Certificate serial: 190F
Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/4A1187B26E7811F09E744A82C4F9AE02.roa
Signing time: Mon 04 Aug 2025 11:58:40 +0000
ROA not before: Mon 04 Aug 2025 11:58:40 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 4826
IP address blocks: 14.137.106.0/24 maxlen: 24
27.106.200.0/22 maxlen: 22
43.241.188.0/22 maxlen: 22
43.252.252.0/22 maxlen: 22
49.255.0.0/16 maxlen: 16
49.255.233.0/24 maxlen: 24
49.255.255.0/24 maxlen: 24
103.37.120.0/24 maxlen: 24
103.233.148.0/22 maxlen: 22
103.255.16.0/22 maxlen: 22
110.5.116.0/22 maxlen: 22
112.213.192.0/19 maxlen: 19
112.213.224.0/19 maxlen: 19
114.31.192.0/20 maxlen: 20
116.212.192.0/18 maxlen: 18
116.212.204.0/24 maxlen: 24
116.212.230.0/23 maxlen: 24
116.212.253.0/24 maxlen: 24
119.161.64.0/20 maxlen: 20
119.161.80.0/20 maxlen: 20
121.54.128.0/19 maxlen: 19
121.54.128.0/20 maxlen: 20
121.54.136.0/24 maxlen: 24
121.54.145.0/24 maxlen: 24
121.79.0.0/17 maxlen: 17
123.103.192.0/19 maxlen: 19
124.254.64.0/18 maxlen: 18
124.254.64.0/24 maxlen: 24
124.254.95.0/24 maxlen: 24
124.254.96.0/24 maxlen: 24
175.45.64.0/18 maxlen: 18
175.45.73.0/24 maxlen: 24
175.45.78.0/24 maxlen: 24
175.45.82.0/24 maxlen: 24
175.45.83.0/24 maxlen: 24
175.45.85.0/24 maxlen: 24
175.45.92.0/24 maxlen: 24
175.45.94.0/23 maxlen: 23
175.45.99.0/24 maxlen: 24
175.45.100.0/24 maxlen: 24
175.45.101.0/24 maxlen: 24
175.45.105.0/24 maxlen: 24
175.45.111.0/24 maxlen: 24
180.148.64.0/19 maxlen: 19
180.148.76.0/24 maxlen: 24
180.148.77.0/24 maxlen: 24
180.148.83.0/24 maxlen: 24
180.148.84.0/24 maxlen: 24
180.148.95.0/24 maxlen: 24
202.62.138.0/24 maxlen: 24
202.62.139.0/24 maxlen: 24
202.62.141.0/24 maxlen: 24
202.62.142.0/24 maxlen: 24
202.62.147.0/24 maxlen: 24
202.62.152.0/24 maxlen: 24
202.62.153.0/24 maxlen: 24
202.62.154.0/24 maxlen: 24
202.62.155.0/24 maxlen: 24
202.80.176.0/20 maxlen: 20
202.89.160.0/19 maxlen: 19
202.136.32.0/20 maxlen: 20
202.137.96.0/20 maxlen: 20
202.137.192.0/21 maxlen: 21
202.174.224.0/19 maxlen: 19
202.189.64.0/20 maxlen: 20
202.189.72.0/24 maxlen: 24
202.189.73.0/24 maxlen: 24
203.12.251.0/24 maxlen: 24
203.18.212.0/23 maxlen: 23
203.28.186.0/24 maxlen: 24
203.29.177.0/24 maxlen: 24
203.55.11.0/24 maxlen: 24
203.55.250.0/24 maxlen: 24
203.89.64.0/19 maxlen: 19
203.89.80.0/24 maxlen: 24
203.89.92.0/24 maxlen: 24
203.92.28.0/22 maxlen: 22
203.129.128.0/19 maxlen: 19
203.153.224.0/19 maxlen: 19
203.153.226.0/24 maxlen: 24
203.161.64.0/18 maxlen: 18
203.188.128.0/19 maxlen: 19
210.50.198.0/24 maxlen: 24
211.26.193.0/24 maxlen: 24
218.100.80.0/22 maxlen: 22
223.27.96.0/21 maxlen: 21
2402:7800::/32 maxlen: 32
2402:7800:ff00::/40 maxlen: 40
2402:7800:ff00::/48 maxlen: 48
2402:7800:ff01::/48 maxlen: 48
2402:7800:ff20::/48 maxlen: 48
2402:7800:ff40::/44 maxlen: 44
2402:7800:ffe0::/48 maxlen: 48
2403:d600::/32 maxlen: 32
2403:fc00:300::/40 maxlen: 40
2404:b000::/32 maxlen: 32
2404:bc00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6415 (0x190f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE3D, serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Validity
Not Before: Aug 4 11:58:40 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=6890a070-a46d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:37:2b:6d:49:c5:5c:ea:8e:61:af:f3:bf:8a:
f1:50:ce:7a:87:a2:41:49:86:d6:f6:ae:94:2c:70:
a1:56:5a:63:ad:06:80:33:41:fa:fb:fd:59:39:f2:
e0:f8:12:76:a9:77:45:7d:e2:b7:ad:83:06:9a:01:
f2:27:c9:5d:07:55:41:bc:34:87:95:54:bc:f4:6b:
a3:e0:0f:c6:37:32:85:45:a7:66:47:af:a3:2b:9d:
a1:e4:8b:ae:75:1a:d1:e0:02:a4:2c:54:fb:10:91:
0d:dd:17:a4:f0:67:15:e4:be:9e:11:03:c1:5a:64:
78:31:89:75:9a:a9:47:40:75:f8:bc:5f:71:1b:c1:
16:f9:8c:fb:b6:34:91:03:69:71:d1:d5:58:a2:1d:
ad:62:8a:f7:69:bb:28:8e:e7:72:f6:a3:7d:ef:67:
78:50:68:c4:2d:7d:ac:ed:f5:b6:62:7a:b1:53:e2:
ea:f4:95:14:df:f4:bd:e8:1a:ea:16:40:41:72:6c:
85:e5:a1:dd:42:a3:62:d0:95:9e:a8:16:f0:48:7f:
dd:3f:84:ec:ca:7d:62:70:32:f0:c6:38:4a:f8:df:
2e:94:98:48:2b:73:50:28:5e:03:cd:e7:36:43:5d:
89:8b:97:7b:13:6c:68:63:42:0c:e8:9d:39:12:cc:
02:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:08:9F:E1:56:F7:72:60:91:43:EA:83:3C:E9:9E:E4:A1:D4:95:90
X509v3 Authority Key Identifier:
keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/4A1187B26E7811F09E744A82C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.137.106.0/24
27.106.200.0/22
43.241.188.0/22
43.252.252.0/22
49.255.0.0/16
103.37.120.0/24
103.233.148.0/22
103.255.16.0/22
110.5.116.0/22
112.213.192.0/18
114.31.192.0/20
116.212.192.0/18
119.161.64.0/19
121.54.128.0/19
121.79.0.0/17
123.103.192.0/19
124.254.64.0/18
175.45.64.0/18
180.148.64.0/19
202.62.138.0/23
202.62.141.0-202.62.142.255
202.62.147.0/24
202.62.152.0/22
202.80.176.0/20
202.89.160.0/19
202.136.32.0/20
202.137.96.0/20
202.137.192.0/21
202.174.224.0/19
202.189.64.0/20
203.12.251.0/24
203.18.212.0/23
203.28.186.0/24
203.29.177.0/24
203.55.11.0/24
203.55.250.0/24
203.89.64.0/19
203.92.28.0/22
203.129.128.0/19
203.153.224.0/19
203.161.64.0/18
203.188.128.0/19
210.50.198.0/24
211.26.193.0/24
218.100.80.0/22
223.27.96.0/21
IPv6:
2402:7800::/32
2403:d600::/32
2403:fc00:300::/40
2404:b000::/32
2404:bc00::/32
Signature Algorithm: sha256WithRSAEncryption
14:e5:a5:65:d0:57:4b:fe:ce:4a:12:e7:f6:bc:7e:17:16:f2:
e3:f1:ab:53:6a:68:59:41:8f:31:e4:8c:c9:d1:13:08:fc:0c:
33:cb:34:05:e8:e9:65:c4:6f:0f:df:c4:07:91:bb:17:62:c2:
07:4b:90:ce:16:d2:4f:18:66:51:59:94:05:4b:10:d9:19:ff:
e3:30:c9:e4:73:a2:e3:0b:62:8a:3d:1f:fe:09:fa:32:94:d1:
a2:98:d7:45:36:89:90:3d:12:1f:56:b1:62:cf:12:a2:52:c8:
63:43:f5:d2:9f:d3:9e:f5:0c:ad:31:68:06:15:b6:e2:f6:ae:
df:20:7e:f6:f3:29:e3:c3:fd:06:cf:05:5c:7d:31:40:e2:bb:
0e:54:21:a6:73:6f:b9:0a:65:f6:59:89:6d:5b:af:21:16:35:
6e:5b:c5:3e:92:97:28:f9:be:f1:b2:2b:63:c0:e1:29:52:27:
b2:aa:aa:48:7b:6c:45:6c:3b:38:c7:d8:cb:a9:3b:12:19:e3:
4e:5d:6b:d1:4a:ea:c5:c8:c7:d4:8e:81:6f:20:83:90:70:00:
bf:48:d2:c6:18:3a:cc:8d:d4:33:78:93:d7:cc:5f:a4:bd:89:
43:98:18:3c:d3:fc:d6:ce:e1:87:10:d7:71:11:48:fa:38:5b:
01:08:c0:64
-----BEGIN CERTIFICATE-----
MIIGvDCCBaSgAwIBAgICGQ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE
NDc2Q0JEMDAwHhcNMjUwODA0MTE1ODQwWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODkwYTA3MC1hNDZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAszcrbUnFXOqOYa/zv4rxUM56h6JBSYbW9q6ULHChVlpjrQaAM0H6+/1ZOfLg
+BJ2qXdFfeK3rYMGmgHyJ8ldB1VBvDSHlVS89Guj4A/GNzKFRadmR6+jK52h5Iuu
dRrR4AKkLFT7EJEN3Rek8GcV5L6eEQPBWmR4MYl1mqlHQHX4vF9xG8EW+Yz7tjSR
A2lx0dVYoh2tYor3absojudy9qN972d4UGjELX2s7fW2YnqxU+Lq9JUU3/S96Brq
FkBBcmyF5aHdQqNi0JWeqBbwSH/dP4Tsyn1icDLwxjhK+N8ulJhIK3NQKF4Dzec2
Q12Ji5d7E2xoY0IM6J05EswCcwIDAQABo4ID4DCCA9wwHQYDVR0OBBYEFDoIn+FW
93JgkUPqgzzpnuSh1JWQMB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1
REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvNEExMTg3QjI2
RTc4MTFGMDlFNzQ0QTgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggFoBggrBgEFBQcBBwEB
/wSCAVcwggFTMIIBIwQCAAEwggEbAwQADolqAwQCG2rIAwQCK/G8AwQCK/z8AwMA
Mf8DBABnJXgDBAJn6ZQDBAJn/xADBAJuBXQDBAZw1cADBARyH8ADBAZ01MADBAV3
oUADBAV5NoADBAd5TwADBAV7Z8ADBAZ8/kADBAavLUADBAW0lEADBAHKPoowDAME
AMo+jQMEAMo+jgMEAMo+kwMEAso+mAMEBMpQsAMEBcpZoAMEBMqIIAMEBMqJYAME
A8qJwAMEBcqu4AMEBMq9QAMEAMsM+wMEAcsS1AMEAMscugMEAMsdsQMEAMs3CwME
AMs3+gMEBctZQAMEAstcHAMEBcuBgAMEBcuZ4AMEBsuhQAMEBcu8gAMEANIyxgME
ANMawQMEAtpkUAMEA98bYDAqBAIAAjAkAwUAJAJ4AAMFACQD1gADBgAkA/wAAwMF
ACQEsAADBQAkBLwAMA0GCSqGSIb3DQEBCwUAA4IBAQAU5aVl0FdL/s5KEuf2vH4X
FvLj8atTamhZQY8x5IzJ0RMI/AwzyzQF6OllxG8P38QHkbsXYsIHS5DOFtJPGGZR
WZQFSxDZGf/jMMnkc6LjC2KKPR/+CfoylNGimNdFNomQPRIfVrFizxKiUshjQ/XS
n9Oe9QytMWgGFbbi9q7fIH728ynjw/0GzwVcfTFA4rsOVCGmc2+5CmX2WYltW68h
FjVuW8U+kpco+b7xsitjwOEpUieyqqpIe2xFbDs4x9jLqTsSGeNOXWvRSurFyMfU
joFvIIOQcAC/SNLGGDrMjdQzeJPXzF+kvYlDmBg80/zWzuGHENdxEUj6OFsBCMBk
-----END CERTIFICATE-----
Generated at Sun Aug 10 19:55:09 2025 by rpki-client