Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/DB5AEE86AA8411ECA420473FC4F9AE02.roa
File: DB5AEE86AA8411ECA420473FC4F9AE02.roa (raw, json)
Hash identifier: DLqnLgh6hbk8jtdkDiQoZGDu6DFN+ZWyWbwznlO/rps=
Subject key identifier: F5:CA:78:CD:31:B3:BC:10:AE:87:A5:F8:A7:51:F7:49:A4:CD:05:F4
Certificate issuer: /CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Certificate serial: 3A19
Authority key identifier: 61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/DB5AEE86AA8411ECA420473FC4F9AE02.roa
Signing time: Mon 14 Jul 2025 14:51:40 +0000
ROA not before: Mon 14 Jul 2025 14:51:40 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 9287
IP address blocks: 61.90.185.0/24 maxlen: 24
61.90.197.0/24 maxlen: 24
61.90.198.0/24 maxlen: 24
61.90.200.0/22 maxlen: 22
61.90.200.0/24 maxlen: 24
61.90.201.0/24 maxlen: 24
61.90.202.0/24 maxlen: 24
61.90.204.0/23 maxlen: 23
61.90.204.0/24 maxlen: 24
61.90.205.0/24 maxlen: 24
61.90.213.0/24 maxlen: 24
61.90.231.0/24 maxlen: 24
61.91.0.0/21 maxlen: 21
61.91.0.0/24 maxlen: 24
61.91.1.0/24 maxlen: 24
61.91.2.0/24 maxlen: 24
61.91.3.0/24 maxlen: 24
61.91.4.0/24 maxlen: 24
61.91.5.0/24 maxlen: 24
61.91.6.0/24 maxlen: 24
61.91.7.0/24 maxlen: 24
61.91.11.0/24 maxlen: 24
61.91.12.0/22 maxlen: 22
61.91.12.0/24 maxlen: 24
61.91.13.0/24 maxlen: 24
61.91.14.0/24 maxlen: 24
61.91.15.0/24 maxlen: 24
61.91.80.0/23 maxlen: 23
61.91.80.0/24 maxlen: 24
61.91.81.0/24 maxlen: 24
61.91.92.0/24 maxlen: 24
61.91.120.0/21 maxlen: 21
61.91.120.0/24 maxlen: 24
61.91.121.0/24 maxlen: 24
61.91.122.0/24 maxlen: 24
61.91.123.0/24 maxlen: 24
61.91.124.0/24 maxlen: 24
61.91.125.0/24 maxlen: 24
61.91.126.0/24 maxlen: 24
61.91.127.0/24 maxlen: 24
61.91.247.0/24 maxlen: 24
119.46.69.0/24 maxlen: 24
119.46.92.0/24 maxlen: 24
119.46.96.0/23 maxlen: 23
119.46.96.0/24 maxlen: 24
119.46.97.0/24 maxlen: 24
119.46.98.0/24 maxlen: 24
119.46.113.0/24 maxlen: 24
119.46.194.0/24 maxlen: 24
119.46.226.0/24 maxlen: 24
203.144.245.0/24 maxlen: 24
210.86.139.0/24 maxlen: 24
210.86.176.0/21 maxlen: 21
210.86.176.0/24 maxlen: 24
210.86.177.0/24 maxlen: 24
210.86.178.0/24 maxlen: 24
210.86.179.0/24 maxlen: 24
210.86.180.0/22 maxlen: 22
210.86.180.0/24 maxlen: 24
210.86.181.0/24 maxlen: 24
210.86.182.0/24 maxlen: 24
210.86.183.0/24 maxlen: 24
2001:fb0:1000::/48 maxlen: 48
2001:fb0:1001::/48 maxlen: 48
2001:fb0:1002::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 27 Jul 2025 14:20:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14873 (0x3a19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9137ABC, serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Validity
Not Before: Jul 14 14:51:40 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=6875197b-2154
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b5:7f:3a:6a:d4:66:c8:10:22:ec:c5:17:36:
b3:15:e3:9b:55:25:c1:66:5c:19:bf:b0:22:7b:11:
88:ff:6e:8a:f1:9d:ae:c9:1b:46:45:9a:96:1a:fe:
33:89:33:ea:97:c8:2d:db:87:24:33:d7:01:6c:62:
ab:0e:ee:3d:ca:41:e2:16:f3:e0:be:2c:68:b2:65:
6e:a9:8b:39:9c:0f:42:e2:54:d4:9e:ab:a2:8e:bc:
12:85:10:8d:68:7e:a7:22:78:06:40:3b:e2:8e:37:
76:59:09:5f:2a:e3:05:15:c4:54:ee:8b:1d:bb:b1:
c7:a1:d8:b6:bc:93:6e:7a:d9:37:cf:b9:21:16:ce:
6f:13:1d:27:dc:4e:ff:f1:c8:f0:97:99:0d:45:f5:
fe:6f:fc:90:06:4b:19:6e:85:cf:5a:47:df:8e:58:
28:d1:1c:dc:6c:57:47:32:7f:f8:6f:e4:3f:45:64:
66:f1:58:59:98:ea:60:24:84:bc:27:86:95:f0:3f:
f9:df:91:28:53:60:24:24:bd:34:64:12:8b:1b:88:
23:e8:2b:62:12:21:2e:79:aa:a4:4e:94:b3:0f:7d:
96:27:2e:79:35:6d:0f:cc:0c:45:c7:26:ad:b0:b5:
1e:eb:a0:74:f9:99:08:21:ae:1d:0a:7a:a5:49:ec:
66:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:CA:78:CD:31:B3:BC:10:AE:87:A5:F8:A7:51:F7:49:A4:CD:05:F4
X509v3 Authority Key Identifier:
keyid:61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/DB5AEE86AA8411ECA420473FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.90.185.0/24
61.90.197.0-61.90.198.255
61.90.200.0-61.90.205.255
61.90.213.0/24
61.90.231.0/24
61.91.0.0/21
61.91.11.0-61.91.15.255
61.91.80.0/23
61.91.92.0/24
61.91.120.0/21
61.91.247.0/24
119.46.69.0/24
119.46.92.0/24
119.46.96.0-119.46.98.255
119.46.113.0/24
119.46.194.0/24
119.46.226.0/24
203.144.245.0/24
210.86.139.0/24
210.86.176.0/21
IPv6:
2001:fb0:1000::-2001:fb0:1002:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5f:49:8c:f7:28:ec:91:34:bd:f1:c2:0c:5d:92:57:a2:2e:1b:
e0:47:32:4a:90:35:37:a9:b0:33:3e:ac:50:15:38:37:e4:2f:
62:74:8c:fd:59:80:3a:80:14:e2:57:b8:57:5d:df:ae:11:93:
d6:92:6c:08:fe:e0:57:52:cf:e1:05:0f:49:aa:52:be:4a:e9:
03:73:49:7c:36:de:a6:40:1c:6b:ac:de:cf:f8:00:74:a3:18:
f9:59:f4:15:09:e9:e9:89:61:d1:e9:c5:81:e2:57:d6:15:42:
18:c2:8e:d7:85:ee:60:47:7c:e0:ff:6c:cd:79:e9:de:8c:f8:
d2:5e:1e:66:6e:16:52:db:c2:1a:13:f1:9c:74:02:fc:b8:03:
ac:f2:f7:86:9f:d5:81:da:7c:5c:89:6d:6a:4b:aa:af:74:42:
be:04:73:fe:50:94:3f:42:0b:d8:51:a6:d5:3a:16:50:0b:da:
89:d1:7e:a2:fd:85:39:4d:2d:87:b2:bc:6a:99:4a:49:23:c4:
88:ed:8a:29:b4:44:78:da:cb:8c:5f:39:b7:1a:b7:da:0c:83:
4e:43:6e:7f:58:3f:c3:25:3c:e6:cd:a4:50:1f:48:3f:6e:3e:
38:3b:3e:c3:9d:bf:c6:1e:2a:d7:92:76:66:b6:be:c4:bb:02:
3b:8d:65:77
-----BEGIN CERTIFICATE-----
MIIGIzCCBQugAwIBAgICOhkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzdBQkMxMTAvBgNVBAUTKDYxQkYzRUQ0QzNCRkJDMDkxNkVGOTQ4MEFBRkYyMjJB
NDM3QUYwMkMwHhcNMjUwNzE0MTQ1MTQwWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODc1MTk3Yi0yMTU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs7V/OmrUZsgQIuzFFzazFeObVSXBZlwZv7AiexGI/26K8Z2uyRtGRZqWGv4z
iTPql8gt24ckM9cBbGKrDu49ykHiFvPgvixosmVuqYs5nA9C4lTUnquijrwShRCN
aH6nIngGQDvijjd2WQlfKuMFFcRU7osdu7HHodi2vJNuetk3z7khFs5vEx0n3E7/
8cjwl5kNRfX+b/yQBksZboXPWkffjlgo0RzcbFdHMn/4b+Q/RWRm8VhZmOpgJIS8
J4aV8D/535EoU2AkJL00ZBKLG4gj6CtiEiEueaqkTpSzD32WJy55NW0PzAxFxyat
sLUe66B0+ZkIIa4dCnqlSexmjQIDAQABo4IDRzCCA0MwHQYDVR0OBBYEFPXKeM0x
s7wQroel+KdR90mkzQX0MB8GA1UdIwQYMBaAFGG/PtTDv7wJFu+UgKr/IipDevAs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FCQy83MTNEOUZCMDFE
NzgxMUUyODI4NjhEQzQwOEIwMkNEMi9ZYjgtMU1PX3ZBa1c3NVNBcXY4aUtrTjY4
Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1liOC0xTU9fdkFrVzc1U0FxdjhpS2tONjhDdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzdBQkMvNzEzRDlGQjAxRDc4MTFFMjgyODY4REM0MDhCMDJDRDIvREI1QUVFODZB
QTg0MTFFQ0E0MjA0NzNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgdAGCCsGAQUFBwEHAQH/
BIHAMIG9MIGfBAIAATCBmAMEAD1auTAMAwQAPVrFAwQAPVrGMAwDBAM9WsgDBAE9
WswDBAA9WtUDBAA9WucDBAM9WwAwDAMEAD1bCwMEBD1bAAMEAT1bUAMEAD1bXAME
Az1beAMEAD1b9wMEAHcuRQMEAHcuXDAMAwQFdy5gAwQAdy5iAwQAdy5xAwQAdy7C
AwQAdy7iAwQAy5D1AwQA0laLAwQD0lawMBkEAgACMBMwEQMGBCABD7AQAwcAIAEP
sBACMA0GCSqGSIb3DQEBCwUAA4IBAQBfSYz3KOyRNL3xwgxdkleiLhvgRzJKkDU3
qbAzPqxQFTg35C9idIz9WYA6gBTiV7hXXd+uEZPWkmwI/uBXUs/hBQ9JqlK+SukD
c0l8Nt6mQBxrrN7P+AB0oxj5WfQVCenpiWHR6cWB4lfWFUIYwo7Xhe5gR3zg/2zN
eenejPjSXh5mbhZS28IaE/GcdAL8uAOs8veGn9WB2nxciW1qS6qvdEK+BHP+UJQ/
QgvYUabVOhZQC9qJ0X6i/YU5TS2HsrxqmUpJI8SI7YoptER42suMXzm3GrfaDINO
Q25/WD/DJTzmzaRQH0g/bj44Oz7Dnb/GHirXknZmtr7EuwI7jWV3
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:31:41 2025 by rpki-client