Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/93AC2C18CF5811ED9DBB075DC4F9AE02.roa
File: 93AC2C18CF5811ED9DBB075DC4F9AE02.roa (raw, json)
Hash identifier: 8KuusaWdM7XE0SsLxUanmFi6arr5FObPV+arfCP9uGg=
Subject key identifier: FB:4F:2E:00:59:2A:2A:AE:A2:06:C0:E3:F4:49:CF:F4:C3:D0:EF:75
Certificate issuer: /CN=A9173CE6/serialNumber=33195F96C46D4D285D5BDE4B0B030E38314E8FCB
Certificate serial: 06BA
Authority key identifier: 33:19:5F:96:C4:6D:4D:28:5D:5B:DE:4B:0B:03:0E:38:31:4E:8F:CB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MxlflsRtTShdW95LCwMOODFOj8s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/93AC2C18CF5811ED9DBB075DC4F9AE02.roa
Signing time: Fri 04 Jul 2025 23:03:40 +0000
ROA not before: Fri 04 Jul 2025 23:03:40 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 17766
IP address blocks: 43.251.108.0/22 maxlen: 24
103.1.228.0/24 maxlen: 24
103.1.229.0/24 maxlen: 24
103.1.230.0/23 maxlen: 23
103.16.148.0/22 maxlen: 22
103.16.148.0/24 maxlen: 24
103.16.149.0/24 maxlen: 24
103.252.191.0/24 maxlen: 24
116.213.0.0/23 maxlen: 23
116.213.3.0/24 maxlen: 24
116.213.4.0/24 maxlen: 24
116.213.6.0/23 maxlen: 23
116.213.7.0/24 maxlen: 24
116.213.8.0/22 maxlen: 22
116.213.12.0/22 maxlen: 22
116.213.16.0/22 maxlen: 22
124.109.64.0/19 maxlen: 19
150.129.84.0/22 maxlen: 22
150.129.84.0/24 maxlen: 24
202.9.87.0/24 maxlen: 24
202.125.164.0/23 maxlen: 23
202.125.168.0/21 maxlen: 21
202.155.160.0/20 maxlen: 20
203.1.248.0/22 maxlen: 22
203.3.166.0/24 maxlen: 24
203.9.152.0/22 maxlen: 22
203.9.152.0/23 maxlen: 23
203.9.246.0/23 maxlen: 23
203.9.248.0/23 maxlen: 23
203.12.234.0/24 maxlen: 24
203.17.76.0/22 maxlen: 22
203.19.214.0/23 maxlen: 23
203.19.244.0/22 maxlen: 22
203.25.126.0/23 maxlen: 23
203.26.138.0/24 maxlen: 24
203.26.139.0/24 maxlen: 24
203.28.121.0/24 maxlen: 24
203.30.164.0/23 maxlen: 23
203.30.199.0/24 maxlen: 24
203.31.116.0/22 maxlen: 22
203.31.116.0/24 maxlen: 24
203.32.160.0/20 maxlen: 20
203.32.161.0/24 maxlen: 24
203.33.150.0/24 maxlen: 24
203.55.1.0/24 maxlen: 24
203.56.26.0/24 maxlen: 24
203.76.0.0/18 maxlen: 18
203.149.64.0/20 maxlen: 20
203.149.64.0/22 maxlen: 22
203.149.64.0/24 maxlen: 24
203.149.65.0/24 maxlen: 24
203.149.66.0/24 maxlen: 24
203.149.67.0/24 maxlen: 24
203.149.68.0/22 maxlen: 22
203.149.68.0/24 maxlen: 24
203.149.69.0/24 maxlen: 24
203.149.70.0/24 maxlen: 24
203.149.71.0/24 maxlen: 24
203.149.72.0/22 maxlen: 22
203.149.72.0/24 maxlen: 24
203.149.73.0/24 maxlen: 24
203.149.74.0/24 maxlen: 24
203.149.75.0/24 maxlen: 24
203.149.76.0/22 maxlen: 22
203.149.76.0/24 maxlen: 24
203.149.77.0/24 maxlen: 24
203.149.78.0/24 maxlen: 24
203.149.79.0/24 maxlen: 24
203.149.80.0/21 maxlen: 22
203.149.80.0/24 maxlen: 24
203.149.81.0/24 maxlen: 24
203.149.82.0/24 maxlen: 24
203.149.83.0/24 maxlen: 24
203.149.84.0/24 maxlen: 24
203.149.85.0/24 maxlen: 24
203.149.86.0/24 maxlen: 24
203.149.87.0/24 maxlen: 24
210.215.0.0/16 maxlen: 16
210.215.5.0/24 maxlen: 24
210.215.6.0/24 maxlen: 24
210.215.48.0/24 maxlen: 24
210.215.72.0/24 maxlen: 24
210.215.75.0/24 maxlen: 24
210.215.77.0/24 maxlen: 24
210.215.83.0/24 maxlen: 24
210.215.84.0/24 maxlen: 24
210.215.85.0/24 maxlen: 24
210.215.87.0/24 maxlen: 24
210.215.90.0/24 maxlen: 24
210.215.101.0/24 maxlen: 24
210.215.102.0/24 maxlen: 24
210.215.130.0/24 maxlen: 24
210.215.131.0/24 maxlen: 24
210.215.136.0/24 maxlen: 24
210.215.151.0/24 maxlen: 24
2001:db0::/32 maxlen: 32
2001:db0::/36 maxlen: 36
2001:db0:1000::/36 maxlen: 36
2001:db0:2000::/36 maxlen: 36
2001:db0:3000::/36 maxlen: 36
2001:db0:4000::/36 maxlen: 36
2001:db0:5000::/36 maxlen: 36
2001:db0:6000::/36 maxlen: 36
2001:db0:7000::/36 maxlen: 36
2001:db0:8000::/36 maxlen: 36
2001:db0:9000::/36 maxlen: 36
2001:db0:a000::/36 maxlen: 36
2001:db0:b000::/36 maxlen: 36
2001:db0:c000::/36 maxlen: 36
2001:db0:d000::/36 maxlen: 36
2001:db0:e000::/36 maxlen: 36
2001:db0:f000::/36 maxlen: 36
2404:d200::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/MxlflsRtTShdW95LCwMOODFOj8s.crl
rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/MxlflsRtTShdW95LCwMOODFOj8s.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MxlflsRtTShdW95LCwMOODFOj8s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 25 Jul 2025 22:33:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1722 (0x6ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9173CE6, serialNumber=33195F96C46D4D285D5BDE4B0B030E38314E8FCB
Validity
Not Before: Jul 4 23:03:40 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=68685dcb-2953
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5e:a2:44:91:3b:7e:f6:41:0c:b2:f0:9b:20:
0c:3f:f3:ad:13:b8:e4:f8:8b:39:e3:56:77:b4:7c:
9b:55:d6:8b:e6:43:d8:ea:d0:a7:6a:9b:2b:c5:0a:
de:85:e4:90:d3:36:fe:60:00:90:95:68:87:04:c1:
ff:89:1c:44:45:bd:c5:20:2b:51:9b:bd:c5:a8:12:
1b:3a:a6:5e:6f:6a:ec:9c:cd:ae:26:08:5d:38:89:
5e:40:94:3c:7f:aa:ae:02:a0:8c:77:fa:4c:d4:c7:
5c:11:74:42:c8:20:f8:49:3d:3d:f0:c9:4a:95:8d:
e1:29:5d:30:75:ea:ec:a5:c9:69:85:01:30:5e:2d:
ad:74:00:65:6d:5b:49:1b:d1:a4:95:fb:7a:96:74:
50:25:fd:2b:52:86:67:e4:df:51:3c:36:cf:72:b8:
8d:08:eb:97:ec:4d:d5:35:fa:10:64:81:64:56:bd:
68:0a:62:e9:fe:3e:ac:3c:70:55:8a:e9:4a:8c:d1:
66:f9:70:40:0b:09:4d:64:bf:4f:70:06:cd:8d:70:
d3:ea:d6:7c:86:58:1e:2f:2a:72:df:36:24:6e:bb:
66:a4:08:65:06:8c:d0:15:b3:da:3e:27:61:15:e9:
da:85:54:f5:37:74:5e:60:41:b2:59:c8:b3:a0:bb:
e4:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:4F:2E:00:59:2A:2A:AE:A2:06:C0:E3:F4:49:CF:F4:C3:D0:EF:75
X509v3 Authority Key Identifier:
keyid:33:19:5F:96:C4:6D:4D:28:5D:5B:DE:4B:0B:03:0E:38:31:4E:8F:CB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/MxlflsRtTShdW95LCwMOODFOj8s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MxlflsRtTShdW95LCwMOODFOj8s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/93AC2C18CF5811ED9DBB075DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.251.108.0/22
103.1.228.0/22
103.16.148.0/22
103.252.191.0/24
116.213.0.0/23
116.213.3.0-116.213.4.255
116.213.6.0-116.213.19.255
124.109.64.0/19
150.129.84.0/22
202.9.87.0/24
202.125.164.0/23
202.125.168.0/21
202.155.160.0/20
203.1.248.0/22
203.3.166.0/24
203.9.152.0/22
203.9.246.0-203.9.249.255
203.12.234.0/24
203.17.76.0/22
203.19.214.0/23
203.19.244.0/22
203.25.126.0/23
203.26.138.0/23
203.28.121.0/24
203.30.164.0/23
203.30.199.0/24
203.31.116.0/22
203.32.160.0/20
203.33.150.0/24
203.55.1.0/24
203.56.26.0/24
203.76.0.0/18
203.149.64.0-203.149.87.255
210.215.0.0/16
IPv6:
2001:db0::/32
2404:d200::/32
Signature Algorithm: sha256WithRSAEncryption
22:08:92:42:04:06:94:3e:3f:36:79:3b:e2:b7:9b:2f:03:02:
05:b6:e0:68:45:ce:d2:6d:89:9c:b3:91:b6:1a:54:9d:d0:6d:
45:14:89:f2:26:de:48:90:3f:6f:d0:d0:d8:5f:05:0c:2d:99:
e8:32:de:0b:70:4b:5d:00:24:d8:49:cd:b6:38:71:7a:74:17:
1e:fe:68:ca:4f:97:d5:24:0b:18:66:0e:c1:0f:fb:1b:93:08:
d9:ac:ee:a6:74:13:09:9c:8d:a6:79:61:4f:31:1f:fd:66:18:
e1:5f:2c:55:0b:dd:82:7c:b5:3b:39:88:d7:f8:c5:b3:e6:74:
80:68:45:59:8f:28:42:0a:a0:cc:50:32:ee:09:84:1f:5d:c6:
76:b2:c8:d5:a1:5a:ec:e8:ba:b8:1a:9c:b8:32:60:30:d6:c7:
03:a3:bd:ed:af:cb:79:64:f5:b3:f8:41:a2:8a:ea:59:7f:38:
b3:f1:6e:b3:ab:6d:f6:0b:a5:5b:9f:45:64:1a:65:3f:a6:2d:
e9:43:8b:9e:4c:db:3d:8d:5a:e1:13:1c:87:63:27:70:12:78:
47:a9:df:46:b3:43:63:fd:c5:ad:87:e5:05:c0:6e:a8:dd:49:
09:46:0d:de:61:c4:46:2a:c4:1c:ab:fa:63:4f:f8:99:73:59:
d1:82:70:5f
-----BEGIN CERTIFICATE-----
MIIGdDCCBVygAwIBAgICBrowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzNDRTYxMTAvBgNVBAUTKDMzMTk1Rjk2QzQ2RDREMjg1RDVCREU0QjBCMDMwRTM4
MzE0RThGQ0IwHhcNMjUwNzA0MjMwMzQwWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODY4NWRjYi0yOTUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArl6iRJE7fvZBDLLwmyAMP/OtE7jk+Is541Z3tHybVdaL5kPY6tCnapsrxQre
heSQ0zb+YACQlWiHBMH/iRxERb3FICtRm73FqBIbOqZeb2rsnM2uJghdOIleQJQ8
f6quAqCMd/pM1MdcEXRCyCD4ST098MlKlY3hKV0wderspclphQEwXi2tdABlbVtJ
G9Gklft6lnRQJf0rUoZn5N9RPDbPcriNCOuX7E3VNfoQZIFkVr1oCmLp/j6sPHBV
iulKjNFm+XBACwlNZL9PcAbNjXDT6tZ8hlgeLypy3zYkbrtmpAhlBozQFbPaPidh
FenahVT1N3ReYEGyWcizoLvkqQIDAQABo4IDmDCCA5QwHQYDVR0OBBYEFPtPLgBZ
KiquogbA4/RJz/TD0O91MB8GA1UdIwQYMBaAFDMZX5bEbU0oXVveSwsDDjgxTo/L
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3M0NFNi8wRThFMjc4MDdC
RDAxMUVCODVBNjY5ODBDNEY5QUUwMi9NeGxmbHNSdFRTaGRXOTVMQ3dNT09ERk9q
OHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL014bGZsc1J0VFNoZFc5NUxDd01PT0RGT2o4cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzNDRTYvMEU4RTI3ODA3QkQwMTFFQjg1QTY2OTgwQzRGOUFFMDIvOTNBQzJDMThD
RjU4MTFFRDlEQkIwNzVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEgBggrBgEFBQcBBwEB
/wSCAQ8wggELMIHyBAIAATCB6wMEAiv7bAMEAmcB5AMEAmcQlAMEAGf8vwMEAXTV
ADAMAwQAdNUDAwQAdNUEMAwDBAF01QYDBAJ01RADBAV8bUADBAKWgVQDBADKCVcD
BAHKfaQDBAPKfagDBATKm6ADBALLAfgDBADLA6YDBALLCZgwDAMEAcsJ9gMEAcsJ
+AMEAMsM6gMEAssRTAMEAcsT1gMEAssT9AMEAcsZfgMEAcsaigMEAMsceQMEAcse
pAMEAMsexwMEAssfdAMEBMsgoAMEAMshlgMEAMs3AQMEAMs4GgMEBstMADAMAwQG
y5VAAwQDy5VQAwMA0tcwFAQCAAIwDgMFACABDbADBQAkBNIAMA0GCSqGSIb3DQEB
CwUAA4IBAQAiCJJCBAaUPj82eTvit5svAwIFtuBoRc7SbYmcs5G2GlSd0G1FFIny
Jt5IkD9v0NDYXwUMLZnoMt4LcEtdACTYSc22OHF6dBce/mjKT5fVJAsYZg7BD/sb
kwjZrO6mdBMJnI2meWFPMR/9ZhjhXyxVC92CfLU7OYjX+MWz5nSAaEVZjyhCCqDM
UDLuCYQfXcZ2ssjVoVrs6Lq4Gpy4MmAw1scDo73tr8t5ZPWz+EGiiupZfziz8W6z
q232C6Vbn0VkGmU/pi3pQ4ueTNs9jVrhExyHYydwEnhHqd9Gs0Nj/cWth+UFwG6o
3UkJRg3eYcRGKsQcq/pjT/iZc1nRgnBf
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:09:49 2025 by rpki-client