Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
File: CCF0C1920EBA11ECB2C2867AC4F9AE02.roa (raw, json)
Hash identifier: utw8lW/Z+SnfTxVVA9IYgEwTljgENFT7GWBY9r4W5yI=
Subject key identifier: 74:9B:F4:FD:8C:69:8A:F3:9A:90:1A:40:E2:75:32:6A:7E:C1:4E:7B
Certificate issuer: /CN=A9150F66/serialNumber=9009E74196D48B03964F1FC56CFE446EC5048CF7
Certificate serial: 28EC
Authority key identifier: 90:09:E7:41:96:D4:8B:03:96:4F:1F:C5:6C:FE:44:6E:C5:04:8C:F7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
Signing time: Fri 27 Jun 2025 12:51:53 +0000
ROA not before: Fri 27 Jun 2025 12:51:53 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 24440
IP address blocks: 36.255.44.0/22 maxlen: 24
43.242.100.0/22 maxlen: 24
58.65.192.0/19 maxlen: 24
61.5.128.0/19 maxlen: 24
101.53.224.0/19 maxlen: 24
103.7.60.0/22 maxlen: 24
103.18.8.0/22 maxlen: 24
103.18.12.0/22 maxlen: 24
103.18.20.0/22 maxlen: 24
103.26.80.0/22 maxlen: 24
103.26.84.0/22 maxlen: 24
103.31.92.0/22 maxlen: 24
103.31.100.0/22 maxlen: 24
103.31.104.0/22 maxlen: 24
103.244.172.0/22 maxlen: 24
103.244.176.0/22 maxlen: 24
103.245.132.0/22 maxlen: 24
103.245.192.0/22 maxlen: 24
119.13.184.0/21 maxlen: 24
124.29.192.0/18 maxlen: 24
175.107.192.0/18 maxlen: 24
202.47.32.0/19 maxlen: 24
202.163.64.0/19 maxlen: 24
202.163.96.0/19 maxlen: 24
203.101.160.0/19 maxlen: 24
218.100.85.0/24 maxlen: 24
2001:4538::/32 maxlen: 32
2001:4538:41::/48 maxlen: 48
2400:adc0:9::/64 maxlen: 64
2400:adc0:200::/48 maxlen: 48
2400:adc0:201::/48 maxlen: 48
2400:adc0:4005::/48 maxlen: 48
2400:adc0:4006::/48 maxlen: 48
2400:adc0:4013::/48 maxlen: 48
2400:adc0:4104::/48 maxlen: 48
2400:adc0:4203::/48 maxlen: 48
2400:adc0:4302::/48 maxlen: 48
2400:adc0:4303::/48 maxlen: 48
2400:adc0:4500::/48 maxlen: 48
2400:adc0:4611::/48 maxlen: 48
2400:adc0:4700::/48 maxlen: 48
2400:adc0:4710::/48 maxlen: 48
2400:adc0:4711::/48 maxlen: 48
2400:adc0:c001::/48 maxlen: 48
2400:adc0:c003::/48 maxlen: 48
2400:adc0:c030::/48 maxlen: 48
2400:adc0:c102::/48 maxlen: 48
2400:adc0:c210::/48 maxlen: 48
2400:adc0:c211::/48 maxlen: 48
2400:adc0:c310::/48 maxlen: 48
2400:adc2:100::/48 maxlen: 48
2400:adc2:300::/40 maxlen: 40
2400:adc2:400::/40 maxlen: 40
2400:adc2:600::/40 maxlen: 40
2400:adc2:700::/40 maxlen: 40
2400:adc2:900::/40 maxlen: 40
2400:adc2:a00::/40 maxlen: 40
2400:adc4::/40 maxlen: 40
2400:adc4:100::/40 maxlen: 40
2400:adc4:800::/40 maxlen: 40
2400:adc4:900::/40 maxlen: 40
2400:adc5::/42 maxlen: 42
2400:adc5:40::/42 maxlen: 42
2400:adc5:80::/42 maxlen: 42
2400:adc5:c0::/42 maxlen: 42
2400:adc5:100::/42 maxlen: 42
2400:adc5:140::/42 maxlen: 42
2400:adc5:180::/42 maxlen: 42
2400:adc5:1c0::/42 maxlen: 42
2400:adc5:300::/42 maxlen: 42
2400:adc5:340::/42 maxlen: 42
2400:adc5:380::/42 maxlen: 42
2400:adc5:3c0::/42 maxlen: 42
2400:adc5:400::/42 maxlen: 42
2400:adc5:440::/42 maxlen: 42
2400:adc5:480::/42 maxlen: 42
2400:adc5:4c0::/42 maxlen: 42
2400:adca::/40 maxlen: 40
2400:adca:100::/40 maxlen: 40
2400:addb:800::/40 maxlen: 40
2400:addb:900::/40 maxlen: 40
2400:addd:2000::/40 maxlen: 40
2400:addd:2100::/40 maxlen: 40
2400:addd:2800::/40 maxlen: 40
2400:addd:2900::/40 maxlen: 40
2400:adde::/40 maxlen: 40
2400:adde:100::/40 maxlen: 40
2400:addf:800::/40 maxlen: 40
2400:addf:900::/40 maxlen: 40
2400:addf:1000::/40 maxlen: 40
2400:addf:1100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.crl
rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 25 Jul 2025 15:45:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10476 (0x28ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9150F66, serialNumber=9009E74196D48B03964F1FC56CFE446EC5048CF7
Validity
Not Before: Jun 27 12:51:53 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=685e93e9-baf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:af:36:c1:71:ba:8d:46:80:8f:a2:f7:35:10:
f9:84:ab:19:d9:9c:ea:f5:f5:ba:47:76:7c:d0:eb:
9c:bd:61:f7:6c:e4:20:c0:c2:6b:01:f4:28:74:9e:
32:86:77:9f:f8:9e:48:4e:f7:f6:e5:98:04:72:4f:
31:23:b6:45:82:70:14:27:eb:61:6d:74:65:ec:9d:
8a:58:25:b8:62:00:a9:f6:97:0d:36:52:b6:7e:ee:
ff:db:ea:96:6c:7c:6e:ff:f2:1f:1d:4f:1d:3e:79:
9a:c4:ff:0e:08:9a:30:bb:d4:db:40:e7:c0:bc:dc:
f2:b0:6f:44:0a:0b:80:5e:55:dd:49:64:4c:4e:83:
91:67:57:6e:b2:9f:07:2a:89:a6:48:a0:e7:c1:08:
39:9a:00:69:a4:9d:b7:67:7f:ea:7f:7f:c0:49:a1:
21:bd:c1:34:b0:48:a5:77:ad:ea:04:a3:3a:b4:88:
cb:ea:eb:ea:de:76:66:8e:c5:a8:53:0b:b0:48:e5:
11:d2:f3:c6:7a:4f:ae:1f:3c:cf:bd:cb:9b:ad:6b:
d6:e8:c7:08:6e:84:7c:c2:18:08:6f:d2:05:2f:b5:
ab:1e:da:ae:0b:74:bb:94:c0:eb:21:b9:6f:78:e3:
e0:ee:02:ed:54:81:f5:e3:db:b1:36:05:ba:e6:a8:
7d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:9B:F4:FD:8C:69:8A:F3:9A:90:1A:40:E2:75:32:6A:7E:C1:4E:7B
X509v3 Authority Key Identifier:
keyid:90:09:E7:41:96:D4:8B:03:96:4F:1F:C5:6C:FE:44:6E:C5:04:8C:F7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.44.0/22
43.242.100.0/22
58.65.192.0/19
61.5.128.0/19
101.53.224.0/19
103.7.60.0/22
103.18.8.0/21
103.18.20.0/22
103.26.80.0/21
103.31.92.0/22
103.31.100.0-103.31.107.255
103.244.172.0-103.244.179.255
103.245.132.0/22
103.245.192.0/22
119.13.184.0/21
124.29.192.0/18
175.107.192.0/18
202.47.32.0/19
202.163.64.0/18
203.101.160.0/19
218.100.85.0/24
IPv6:
2001:4538::/32
2400:adc0:9::/64
2400:adc0:200::/47
2400:adc0:4005::-2400:adc0:4006:ffff:ffff:ffff:ffff:ffff
2400:adc0:4013::/48
2400:adc0:4104::/48
2400:adc0:4203::/48
2400:adc0:4302::/47
2400:adc0:4500::/48
2400:adc0:4611::/48
2400:adc0:4700::/48
2400:adc0:4710::/47
2400:adc0:c001::/48
2400:adc0:c003::/48
2400:adc0:c030::/48
2400:adc0:c102::/48
2400:adc0:c210::/47
2400:adc0:c310::/48
2400:adc2:100::/48
2400:adc2:300::-2400:adc2:4ff:ffff:ffff:ffff:ffff:ffff
2400:adc2:600::/39
2400:adc2:900::-2400:adc2:aff:ffff:ffff:ffff:ffff:ffff
2400:adc4::/39
2400:adc4:800::/39
2400:adc5::/39
2400:adc5:300::-2400:adc5:4ff:ffff:ffff:ffff:ffff:ffff
2400:adca::/39
2400:addb:800::/39
2400:addd:2000::/39
2400:addd:2800::/39
2400:adde::/39
2400:addf:800::/39
2400:addf:1000::/39
Signature Algorithm: sha256WithRSAEncryption
6f:01:c4:86:77:3e:6f:f1:3f:25:ab:9a:ae:20:3e:c4:ba:5d:
bb:ea:46:c8:0c:dc:af:0b:46:4b:54:9d:34:ca:06:ea:aa:6b:
50:4f:75:3f:d1:2d:03:d6:19:cd:72:29:d2:da:c0:52:55:23:
4b:d2:48:cb:c3:4f:97:cc:f3:a0:f1:e7:9b:99:ae:63:e5:72:
b2:91:27:4d:34:bc:d7:44:b8:70:82:37:ed:38:b4:e2:92:0c:
19:9b:4b:c1:08:ac:a6:40:ff:be:1e:5b:ba:c2:eb:f9:35:46:
29:73:67:83:03:b0:48:e8:f3:42:9d:a8:20:b1:33:14:94:23:
ef:25:6b:ed:42:de:ad:7d:3b:14:cb:32:32:ea:3a:ff:84:f3:
a6:ec:56:ee:c8:7b:b6:f0:e2:05:72:2d:40:5d:5a:04:17:3e:
fc:7a:bd:1e:df:52:dc:e8:a7:04:eb:68:6c:e4:12:39:e2:77:
3e:32:40:dc:34:e8:d5:a2:ed:67:d3:f8:18:45:54:f7:b6:91:
02:6c:11:2e:88:c2:43:3b:e6:01:1b:af:6e:c3:bf:60:0a:60:
a2:02:45:5f:ed:71:cd:ba:03:4b:9e:e7:09:17:59:59:ac:17:
62:ce:54:9a:75:16:f6:6a:ba:03:05:63:77:30:8a:06:5d:dd:
12:fe:22:1c
-----BEGIN CERTIFICATE-----
MIIHUTCCBjmgAwIBAgICKOwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTBGNjYxMTAvBgNVBAUTKDkwMDlFNzQxOTZENDhCMDM5NjRGMUZDNTZDRkU0NDZF
QzUwNDhDRjcwHhcNMjUwNjI3MTI1MTUzWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODVlOTNlOS1iYWYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtK82wXG6jUaAj6L3NRD5hKsZ2Zzq9fW6R3Z80OucvWH3bOQgwMJrAfQodJ4y
hnef+J5ITvf25ZgEck8xI7ZFgnAUJ+thbXRl7J2KWCW4YgCp9pcNNlK2fu7/2+qW
bHxu//IfHU8dPnmaxP8OCJowu9TbQOfAvNzysG9ECguAXlXdSWRMToORZ1dusp8H
KommSKDnwQg5mgBppJ23Z3/qf3/ASaEhvcE0sEild63qBKM6tIjL6uvq3nZmjsWo
UwuwSOUR0vPGek+uHzzPvcubrWvW6McIboR8whgIb9IFL7WrHtquC3S7lMDrIblv
eOPg7gLtVIH149uxNgW65qh9+QIDAQABo4IEdTCCBHEwHQYDVR0OBBYEFHSb9P2M
aYrzmpAaQOJ1Mmp+wU57MB8GA1UdIwQYMBaAFJAJ50GW1IsDlk8fxWz+RG7FBIz3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MEY2Ni9CQzFEQzFGNkMx
NzUxMUU0QTJDN0I3NENDNEY5QUUwMi9rQW5uUVpiVWl3T1dUeF9GYlA1RWJzVUVq
UGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tBbm5RWmJVaXdPV1R4X0ZiUDVFYnNVRWpQYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTBGNjYvQkMxREMxRjZDMTc1MTFFNEEyQzdCNzRDQzRGOUFFMDIvQ0NGMEMxOTIw
RUJBMTFFQ0IyQzI4NjdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggH9BggrBgEFBQcBBwEB
/wSCAewwggHoMIGVBAIAATCBjgMEAiT/LAMEAivyZAMEBTpBwAMEBT0FgAMEBWU1
4AMEAmcHPAMEA2cSCAMEAmcSFAMEA2caUAMEAmcfXDAMAwQCZx9kAwQCZx9oMAwD
BAJn9KwDBAJn9LADBAJn9YQDBAJn9cADBAN3DbgDBAZ8HcADBAava8ADBAXKLyAD
BAbKo0ADBAXLZaADBADaZFUwggFMBAIAAjCCAUQDBQAgAUU4AwkAJACtwAAJAAAD
BwEkAK3AAgAwEgMHACQArcBABQMHACQArcBABgMHACQArcBAEwMHACQArcBBBAMH
ACQArcBCAwMHASQArcBDAgMHACQArcBFAAMHACQArcBGEQMHACQArcBHAAMHASQA
rcBHEAMHACQArcDAAQMHACQArcDAAwMHACQArcDAMAMHACQArcDBAgMHASQArcDC
EAMHACQArcDDEAMHACQArcIBADAQAwYAJACtwgMDBgAkAK3CBAMGASQArcIGMBAD
BgAkAK3CCQMGACQArcIKAwYBJACtxAADBgEkAK3ECAMGASQArcUAMBADBgAkAK3F
AwMGACQArcUEAwYBJACtygADBgEkAK3bCAMGASQArd0gAwYBJACt3SgDBgEkAK3e
AAMGASQArd8IAwYBJACt3xAwDQYJKoZIhvcNAQELBQADggEBAG8BxIZ3Pm/xPyWr
mq4gPsS6XbvqRsgM3K8LRktUnTTKBuqqa1BPdT/RLQPWGc1yKdLawFJVI0vSSMvD
T5fM86Dx55uZrmPlcrKRJ000vNdEuHCCN+04tOKSDBmbS8EIrKZA/74eW7rC6/k1
RilzZ4MDsEjo80KdqCCxMxSUI+8la+1C3q19OxTLMjLqOv+E86bsVu7Ie7bw4gVy
LUBdWgQXPvx6vR7fUtzopwTraGzkEjnidz4yQNw06NWi7WfT+BhFVPe2kQJsES6I
wkM75gEbr27Dv2AKYKICRV/tcc26A0ue5wkXWVmsF2LOVJp1FvZqugMFY3cwigZd
3RL+Ihw=
-----END CERTIFICATE-----
Generated at Sun Jul 20 07:35:20 2025 by rpki-client