Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
File: B32F80267BD111EBBB223C84C4F9AE02.roa (raw, json)
Hash identifier: yiLQ9EmXS6HBeZRU449aDC8/RG6nT4241LzqKm3ZWUM=
Subject key identifier: 3A:D2:CC:EA:6B:19:6E:68:7B:C5:90:77:E8:28:AC:37:81:5C:AF:88
Certificate issuer: /CN=A91EDB37/serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Certificate serial: 075F
Authority key identifier: 95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
Signing time: Mon 11 Aug 2025 02:25:29 +0000
ROA not before: Mon 11 Aug 2025 02:25:29 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 21859
IP address blocks: 129.227.17.0/24 maxlen: 24
129.227.18.0/24 maxlen: 24
129.227.19.0/24 maxlen: 24
129.227.29.0/24 maxlen: 24
129.227.30.0/24 maxlen: 24
129.227.31.0/24 maxlen: 24
129.227.63.0/24 maxlen: 24
129.227.176.0/23 maxlen: 24
129.227.192.0/24 maxlen: 24
129.227.193.0/24 maxlen: 24
129.227.194.0/23 maxlen: 24
156.59.16.0/22 maxlen: 24
156.59.48.0/23 maxlen: 24
156.59.50.0/23 maxlen: 24
156.59.52.0/22 maxlen: 24
156.59.73.0/24 maxlen: 24
156.59.80.0/21 maxlen: 24
156.59.94.0/23 maxlen: 24
156.59.108.0/24 maxlen: 24
156.59.123.0/24 maxlen: 24
156.59.128.0/21 maxlen: 24
156.59.136.0/21 maxlen: 24
156.59.146.0/24 maxlen: 24
156.59.216.0/24 maxlen: 24
156.59.224.0/24 maxlen: 24
156.59.225.0/24 maxlen: 24
156.59.241.0/24 maxlen: 24
162.128.43.0/24 maxlen: 24
162.128.44.0/24 maxlen: 24
162.128.53.0/24 maxlen: 24
162.128.54.0/24 maxlen: 24
162.128.55.0/24 maxlen: 24
162.128.56.0/24 maxlen: 24
162.128.140.0/24 maxlen: 24
162.128.149.0/24 maxlen: 24
162.128.150.0/24 maxlen: 24
162.128.186.0/24 maxlen: 24
162.128.196.0/24 maxlen: 24
162.128.199.0/24 maxlen: 24
162.128.200.0/24 maxlen: 24
162.128.201.0/24 maxlen: 24
162.128.202.0/24 maxlen: 24
162.128.204.0/24 maxlen: 24
162.128.205.0/24 maxlen: 24
162.128.206.0/24 maxlen: 24
162.128.207.0/24 maxlen: 24
162.128.208.0/24 maxlen: 24
162.128.209.0/24 maxlen: 24
162.128.210.0/24 maxlen: 24
162.128.211.0/24 maxlen: 24
162.128.213.0/24 maxlen: 24
162.128.214.0/24 maxlen: 24
162.128.218.0/24 maxlen: 24
162.128.219.0/24 maxlen: 24
162.128.220.0/24 maxlen: 24
162.128.221.0/24 maxlen: 24
162.128.222.0/24 maxlen: 24
162.128.223.0/24 maxlen: 24
162.128.224.0/24 maxlen: 24
162.128.225.0/24 maxlen: 24
162.128.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 18 Aug 2025 02:35:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1887 (0x75f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EDB37, serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Validity
Not Before: Aug 11 02:25:29 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=68995498-610d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:92:5a:32:e6:02:0a:b8:1e:7f:4f:20:27:fd:
9c:df:ae:91:d2:15:a0:b6:49:55:d9:69:40:3c:5c:
16:a4:4a:ac:4e:25:52:68:68:05:54:40:9e:92:1e:
e0:2a:47:e9:6a:51:af:2d:65:d3:b5:3d:97:12:05:
f1:48:49:ed:f5:4a:0a:78:93:79:45:f1:86:ff:d7:
67:a0:a0:81:32:d8:68:0c:a7:cc:d0:72:11:a7:2d:
26:ad:32:8b:61:93:fd:4b:0e:9b:91:8a:76:68:2c:
3d:db:51:18:ab:7d:f9:72:50:6e:7c:54:5b:69:61:
2f:3d:38:63:1b:a9:a6:b3:18:ef:d6:56:24:01:c4:
27:9d:47:10:b4:5e:f8:95:15:47:54:9d:19:49:a6:
84:91:05:c1:9a:6b:f7:85:32:60:8f:ab:9f:73:08:
6c:cc:88:50:bb:8c:49:e9:cd:aa:a9:24:8e:7a:0f:
3a:d6:8b:60:d7:38:63:d7:2d:e2:b3:41:1f:84:98:
dc:86:e8:14:44:36:af:5c:c8:bb:ca:9a:5c:08:6e:
c5:fc:34:1b:cf:32:45:d9:05:7d:14:54:e8:23:31:
8b:07:16:75:e1:d9:b3:21:2d:59:85:59:66:a3:0f:
90:79:e0:46:16:5e:ef:30:89:00:ef:dd:28:63:f7:
79:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:D2:CC:EA:6B:19:6E:68:7B:C5:90:77:E8:28:AC:37:81:5C:AF:88
X509v3 Authority Key Identifier:
keyid:95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.227.17.0-129.227.19.255
129.227.29.0-129.227.31.255
129.227.63.0/24
129.227.176.0/23
129.227.192.0/22
156.59.16.0/22
156.59.48.0/21
156.59.73.0/24
156.59.80.0/21
156.59.94.0/23
156.59.108.0/24
156.59.123.0/24
156.59.128.0/20
156.59.146.0/24
156.59.216.0/24
156.59.224.0/23
156.59.241.0/24
162.128.43.0-162.128.44.255
162.128.53.0-162.128.56.255
162.128.140.0/24
162.128.149.0-162.128.150.255
162.128.186.0/24
162.128.196.0/24
162.128.199.0-162.128.202.255
162.128.204.0-162.128.211.255
162.128.213.0-162.128.214.255
162.128.218.0-162.128.225.255
162.128.254.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:91:15:fe:c0:7b:fc:39:06:31:60:b0:66:22:6f:60:de:2f:
db:00:16:39:b6:e4:77:9b:b1:74:7b:b0:08:34:70:98:d6:3a:
f1:1b:e6:54:3e:c0:c5:57:c6:db:79:d9:2f:de:07:57:2b:1b:
74:25:cd:c5:f4:c5:d1:87:5f:5d:10:b1:0d:d7:10:2a:d4:d7:
25:d7:b8:3b:45:9c:12:45:5b:f9:51:8e:00:46:de:10:d9:76:
53:22:4f:2a:d7:4d:75:e5:53:31:bf:16:b1:0c:ea:4b:5f:dc:
74:16:de:f6:fa:76:9e:75:69:4f:54:04:3e:12:3b:89:42:83:
33:ef:b6:97:65:fb:19:ad:d9:71:fa:a9:4d:77:be:0f:0e:58:
0f:1f:2a:1a:09:8a:ec:cf:41:41:de:e9:53:2b:18:2e:2c:9c:
13:27:11:c7:e9:eb:b8:d7:51:f5:2f:b5:82:20:27:7d:db:bf:
6d:49:b0:ab:14:99:d3:0b:9b:22:7f:7d:3f:d7:ea:16:40:9e:
df:96:00:68:83:cd:d5:2e:2f:76:4e:a5:9f:84:b9:02:20:30:
8f:22:df:b4:e9:88:e4:26:32:1c:bc:20:a6:dd:2f:b3:2a:34:
38:98:ff:e2:16:5a:7c:39:11:7e:fb:4d:51:8b:1f:a6:ff:1a:
42:be:60:52
-----BEGIN CERTIFICATE-----
MIIGYTCCBUmgAwIBAgICB18wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RURCMzcxMTAvBgNVBAUTKDk1RkVCRTkzQTMzQTMzOTRCRDFGNjBEQ0JCRERCOUZE
RTA3MkI3RjMwHhcNMjUwODExMDIyNTI5WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODk5NTQ5OC02MTBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApJJaMuYCCrgef08gJ/2c366R0hWgtklV2WlAPFwWpEqsTiVSaGgFVECekh7g
KkfpalGvLWXTtT2XEgXxSEnt9UoKeJN5RfGG/9dnoKCBMthoDKfM0HIRpy0mrTKL
YZP9Sw6bkYp2aCw921EYq335clBufFRbaWEvPThjG6mmsxjv1lYkAcQnnUcQtF74
lRVHVJ0ZSaaEkQXBmmv3hTJgj6ufcwhszIhQu4xJ6c2qqSSOeg861otg1zhj1y3i
s0EfhJjchugURDavXMi7yppcCG7F/DQbzzJF2QV9FFToIzGLBxZ14dmzIS1ZhVlm
ow+QeeBGFl7vMIkA790oY/d53QIDAQABo4IDhTCCA4EwHQYDVR0OBBYEFDrSzOpr
GW5oe8WQd+gorDeBXK+IMB8GA1UdIwQYMBaAFJX+vpOjOjOUvR9g3Lvduf3gcrfz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFREIzNy80REU2MzVFMDc4
QTAxMUVCOTUwRDMxNzVDNEY5QUUwMi9sZjYtazZNNk01UzlIMkRjdTkyNV9lQnl0
X00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2xmNi1rNk02TTVTOUgyRGN1OTI1X2VCeXRfTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RURCMzcvNERFNjM1RTA3OEEwMTFFQjk1MEQzMTc1QzRGOUFFMDIvQjMyRjgwMjY3
QkQxMTFFQkJCMjIzQzg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggENBggrBgEFBQcBBwEB
/wSB/TCB+jCB9wQCAAEwgfAwDAMEAIHjEQMEAoHjEDAMAwQAgeMdAwQFgeMAAwQA
geM/AwQBgeOwAwQCgePAAwQCnDsQAwQDnDswAwQAnDtJAwQDnDtQAwQBnDteAwQA
nDtsAwQAnDt7AwQEnDuAAwQAnDuSAwQAnDvYAwQBnDvgAwQAnDvxMAwDBACigCsD
BACigCwwDAMEAKKANQMEAKKAOAMEAKKAjDAMAwQAooCVAwQAooCWAwQAooC6AwQA
ooDEMAwDBACigMcDBACigMowDAMEAqKAzAMEAqKA0DAMAwQAooDVAwQAooDWMAwD
BAGigNoDBAGigOADBACigP4wDQYJKoZIhvcNAQELBQADggEBABqRFf7Ae/w5BjFg
sGYib2DeL9sAFjm25HebsXR7sAg0cJjWOvEb5lQ+wMVXxtt52S/eB1crG3QlzcX0
xdGHX10QsQ3XECrU1yXXuDtFnBJFW/lRjgBG3hDZdlMiTyrXTXXlUzG/FrEM6ktf
3HQW3vb6dp51aU9UBD4SO4lCgzPvtpdl+xmt2XH6qU13vg8OWA8fKhoJiuzPQUHe
6VMrGC4snBMnEcfp67jXUfUvtYIgJ33bv21JsKsUmdMLmyJ/fT/X6hZAnt+WAGiD
zdUuL3ZOpZ+EuQIgMI8i37TpiOQmMhy8IKbdL7MqNDiY/+IWWnw5EX77TVGLH6b/
GkK+YFI=
-----END CERTIFICATE-----
Generated at Tue Aug 12 14:46:03 2025 by rpki-client