Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FBD28/E6CED722E1B011E48C2DDE16C4F9AE02/94688318A57B11EA964E0C3DC4F9AE02.roa
File: 94688318A57B11EA964E0C3DC4F9AE02.roa (raw, json)
Hash identifier: YuV1/atgnEaFCqu1mP7hP8CBn8yEYyO/tgyELx2LMIg=
Subject key identifier: 21:3B:0D:73:E0:CC:D1:F1:FC:3C:2C:20:A7:DE:4D:DA:3F:97:83:00
Certificate issuer: /CN=A91FBD28/serialNumber=B95D954AAEB959D3427C1076A9F57DF21C38BFCC
Certificate serial: 2704
Authority key identifier: B9:5D:95:4A:AE:B9:59:D3:42:7C:10:76:A9:F5:7D:F2:1C:38:BF:CC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uV2VSq65WdNCfBB2qfV98hw4v8w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FBD28/E6CED722E1B011E48C2DDE16C4F9AE02/94688318A57B11EA964E0C3DC4F9AE02.roa
Signing time: Wed 22 Oct 2025 16:02:50 +0000
ROA not before: Wed 22 Oct 2025 16:02:50 +0000
ROA not after: Sun 31 Jan 2027 00:00:00 +0000
asID: 24499
IP address blocks: 43.224.236.0/22 maxlen: 22
43.224.236.0/24 maxlen: 24
43.224.237.0/24 maxlen: 24
43.224.238.0/24 maxlen: 24
43.224.239.0/24 maxlen: 24
103.7.76.0/22 maxlen: 22
103.7.76.0/24 maxlen: 24
103.7.77.0/24 maxlen: 24
103.7.78.0/24 maxlen: 24
103.7.79.0/24 maxlen: 24
202.69.8.0/21 maxlen: 22
202.69.8.0/24 maxlen: 24
202.69.9.0/24 maxlen: 24
202.69.10.0/24 maxlen: 24
202.69.11.0/24 maxlen: 24
202.69.12.0/22 maxlen: 24
202.69.12.0/24 maxlen: 24
202.69.13.0/24 maxlen: 24
202.69.15.0/24 maxlen: 24
2402:e000::/32 maxlen: 32
2402:e000:1::/48 maxlen: 48
2402:e000:2::/48 maxlen: 48
2402:e000:3::/48 maxlen: 48
2402:e000:a::/48 maxlen: 48
2402:e000:b::/48 maxlen: 48
2402:e000:c::/48 maxlen: 48
2402:e000:100::/41 maxlen: 41
2402:e000:180::/41 maxlen: 41
2402:e000:200::/41 maxlen: 41
2402:e000:400::/40 maxlen: 48
2402:e000:500::/40 maxlen: 48
2402:e000:600::/40 maxlen: 48
2402:e000:4000::/48 maxlen: 48
2402:e000:5300::/41 maxlen: 41
2402:e000:5380::/41 maxlen: 41
2402:e000:5400::/41 maxlen: 41
2402:e000:8000::/48 maxlen: 48
2402:e000:a100::/41 maxlen: 41
2402:e000:a180::/41 maxlen: 41
2402:e000:a200::/41 maxlen: 41
2402:e000:c000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91FBD28/E6CED722E1B011E48C2DDE16C4F9AE02/uV2VSq65WdNCfBB2qfV98hw4v8w.crl
rsync://rpki.apnic.net/member_repository/A91FBD28/E6CED722E1B011E48C2DDE16C4F9AE02/uV2VSq65WdNCfBB2qfV98hw4v8w.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uV2VSq65WdNCfBB2qfV98hw4v8w.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 11 Nov 2025 15:45:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9988 (0x2704)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FBD28, serialNumber=B95D954AAEB959D3427C1076A9F57DF21C38BFCC
Validity
Not Before: Oct 22 16:02:50 2025 GMT
Not After : Jan 31 00:00:00 2027 GMT
Subject: CN=68f90029-ef2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c8:59:cc:d7:e0:a9:b4:6c:3b:b9:4d:d0:d2:
60:32:6b:4b:46:cd:7e:3b:27:54:28:d3:ac:bf:e7:
d3:b2:c3:aa:5a:fd:13:34:e8:95:af:45:3e:5d:54:
9a:4a:12:75:f3:07:6e:10:37:57:b4:48:74:38:9c:
1d:45:bc:60:1e:6e:59:2b:1b:47:3f:24:9f:6e:2e:
f3:bf:67:2c:91:23:59:a5:6d:1b:28:b8:11:a3:7e:
c6:d8:e3:4b:d3:a5:02:96:6c:05:bc:c2:42:39:15:
9f:c2:83:48:e9:09:f5:b4:90:b0:a0:06:c7:52:7e:
4d:21:c0:b8:74:c8:32:1b:8d:d7:c6:7f:67:21:e5:
e1:09:66:b5:e0:28:fb:23:fe:c6:bd:2d:0b:d5:cd:
0e:d8:b0:ac:1c:2f:d5:0e:26:c2:15:6b:fd:d0:32:
bd:ea:8c:c0:fc:da:8e:07:d7:15:81:d5:85:cb:a2:
d6:77:bf:73:3c:08:6e:6d:76:9e:ca:ca:8f:d1:6b:
c6:bb:c6:be:38:fe:71:a7:0f:d2:22:90:c5:2a:95:
78:47:de:9c:83:06:a9:a6:40:6b:75:38:cb:da:1c:
ad:05:66:6c:96:e2:fc:44:72:1c:b5:7f:59:37:86:
57:a7:36:89:9f:9e:cb:e0:ac:84:99:07:51:38:66:
56:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:3B:0D:73:E0:CC:D1:F1:FC:3C:2C:20:A7:DE:4D:DA:3F:97:83:00
X509v3 Authority Key Identifier:
keyid:B9:5D:95:4A:AE:B9:59:D3:42:7C:10:76:A9:F5:7D:F2:1C:38:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FBD28/E6CED722E1B011E48C2DDE16C4F9AE02/uV2VSq65WdNCfBB2qfV98hw4v8w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uV2VSq65WdNCfBB2qfV98hw4v8w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FBD28/E6CED722E1B011E48C2DDE16C4F9AE02/94688318A57B11EA964E0C3DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.224.236.0/22
103.7.76.0/22
202.69.8.0/21
IPv6:
2402:e000::/32
Signature Algorithm: sha256WithRSAEncryption
28:ba:af:7c:f8:d4:5f:0d:8d:e6:69:ce:20:6f:45:69:7a:2f:
dd:fa:69:9c:1c:dc:b2:76:b4:ac:81:fe:51:79:8b:50:9c:db:
c1:5a:6e:83:4e:22:7f:cf:b6:44:99:0c:b0:5d:96:52:88:20:
6a:ec:b8:98:d9:b7:fa:6c:15:14:af:99:11:3d:89:b4:64:b7:
eb:08:aa:79:09:62:d9:06:a4:30:7b:92:58:26:27:e5:ba:b9:
9a:65:1d:20:d1:18:54:e5:11:54:73:91:68:94:44:e4:6d:d9:
d3:f5:eb:e2:82:2c:d1:77:9c:7c:5f:3d:2d:c1:41:52:24:98:
d5:a8:d6:7d:02:c0:5f:ab:9e:4d:b1:ae:f0:62:fa:5e:a1:11:
81:2d:f3:03:40:45:f3:1b:c0:8d:65:a6:9b:44:ca:0d:e9:58:
ae:4c:f8:96:93:df:bf:56:62:bf:1c:36:be:57:46:24:34:d8:
1f:33:92:46:d2:04:b1:44:25:0c:70:61:57:1a:4d:a0:6c:a1:
c3:27:6d:ab:22:c0:46:7d:6f:ba:60:c5:8d:00:ef:60:10:f2:
8b:05:8b:2b:1a:32:b1:ce:a7:c6:0b:f9:77:9c:43:05:40:ea:
19:5d:cf:67:0c:2c:f1:ea:fb:6e:a6:a9:8a:3c:5d:15:d4:cf:
73:85:73:56
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICJwQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkJEMjgxMTAvBgNVBAUTKEI5NUQ5NTRBQUVCOTU5RDM0MjdDMTA3NkE5RjU3REYy
MUMzOEJGQ0MwHhcNMjUxMDIyMTYwMjUwWhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGY5MDAyOS1lZjJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2chZzNfgqbRsO7lN0NJgMmtLRs1+OydUKNOsv+fTssOqWv0TNOiVr0U+XVSa
ShJ18wduEDdXtEh0OJwdRbxgHm5ZKxtHPySfbi7zv2cskSNZpW0bKLgRo37G2ONL
06UClmwFvMJCORWfwoNI6Qn1tJCwoAbHUn5NIcC4dMgyG43Xxn9nIeXhCWa14Cj7
I/7GvS0L1c0O2LCsHC/VDibCFWv90DK96ozA/NqOB9cVgdWFy6LWd79zPAhubXae
ysqP0WvGu8a+OP5xpw/SIpDFKpV4R96cgwappkBrdTjL2hytBWZsluL8RHIctX9Z
N4ZXpzaJn57L4KyEmQdROGZWywIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFCE7DXPg
zNHx/DwsIKfeTdo/l4MAMB8GA1UdIwQYMBaAFLldlUquuVnTQnwQdqn1ffIcOL/M
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQkQyOC9FNkNFRDcyMkUx
QjAxMUU0OEMyRERFMTZDNEY5QUUwMi91VjJWU3E2NVdkTkNmQkIycWZWOThodzR2
OHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3VWMlZTcTY1V2ROQ2ZCQjJxZlY5OGh3NHY4dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkJEMjgvRTZDRUQ3MjJFMUIwMTFFNDhDMkRERTE2QzRGOUFFMDIvOTQ2ODgzMThB
NTdCMTFFQTk2NEUwQzNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAIr4OwDBAJnB0wDBAPKRQgwDQQCAAIwBwMFACQC4AAwDQYJ
KoZIhvcNAQELBQADggEBACi6r3z41F8NjeZpziBvRWl6L936aZwc3LJ2tKyB/lF5
i1Cc28FaboNOIn/PtkSZDLBdllKIIGrsuJjZt/psFRSvmRE9ibRkt+sIqnkJYtkG
pDB7klgmJ+W6uZplHSDRGFTlEVRzkWiURORt2dP16+KCLNF3nHxfPS3BQVIkmNWo
1n0CwF+rnk2xrvBi+l6hEYEt8wNARfMbwI1lpptEyg3pWK5M+JaT379WYr8cNr5X
RiQ02B8zkkbSBLFEJQxwYVcaTaBsocMnbasiwEZ9b7pgxY0A72AQ8osFiysaMrHO
p8YL+XecQwVA6hldz2cMLPHq+26mqYo8XRXUz3OFc1Y=
-----END CERTIFICATE-----
Generated at Wed Nov 5 12:06:00 2025 by rpki-client