Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9179F22/CF9BF5FE8F2F11EE9CBFD961C4F9AE02/4120F6A28F3011EEA61ACF62C4F9AE02.roa
File: 4120F6A28F3011EEA61ACF62C4F9AE02.roa (raw, json)
Hash identifier: Nv21IfCvVJazj5J+A0/KHCQGagBg8zAcChQSdrN5tL4=
Subject key identifier: BA:69:3F:D0:F4:AC:F3:DF:FF:B2:7E:A1:59:82:DC:9F:DD:85:77:6A
Certificate issuer: /CN=A9179F22/serialNumber=FCF753D346AAAB95AB14C6267515CDF13F80FBBB
Certificate serial: 016C
Authority key identifier: FC:F7:53:D3:46:AA:AB:95:AB:14:C6:26:75:15:CD:F1:3F:80:FB:BB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_PdT00aqq5WrFMYmdRXN8T-A-7s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9179F22/CF9BF5FE8F2F11EE9CBFD961C4F9AE02/4120F6A28F3011EEA61ACF62C4F9AE02.roa
Signing time: Thu 25 Sep 2025 06:48:37 +0000
ROA not before: Thu 25 Sep 2025 06:48:37 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 14618
IP address blocks: 103.150.252.0/24 maxlen: 24
202.74.46.0/24 maxlen: 24
2400:a4a0:1::/48 maxlen: 48
2400:a4a0:30::/48 maxlen: 48
2400:a4a0:40::/48 maxlen: 48
2400:a4a0:41::/48 maxlen: 48
2400:a4a0:42::/48 maxlen: 48
2400:a4a0:90::/48 maxlen: 48
2400:a4a0:100::/48 maxlen: 48
2400:a4a0:101::/48 maxlen: 48
2400:a4a0:115::/48 maxlen: 48
2400:a4a0:a100::/48 maxlen: 48
2400:a4a0:aaa2::/48 maxlen: 48
2400:a4a0:aaa3::/48 maxlen: 48
2400:a4a0:aaa4::/48 maxlen: 48
2400:a4a0:aaa5::/48 maxlen: 48
2400:a4a0:b100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9179F22/CF9BF5FE8F2F11EE9CBFD961C4F9AE02/_PdT00aqq5WrFMYmdRXN8T-A-7s.crl
rsync://rpki.apnic.net/member_repository/A9179F22/CF9BF5FE8F2F11EE9CBFD961C4F9AE02/_PdT00aqq5WrFMYmdRXN8T-A-7s.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_PdT00aqq5WrFMYmdRXN8T-A-7s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 14 Oct 2025 04:19:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 364 (0x16c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9179F22, serialNumber=FCF753D346AAAB95AB14C6267515CDF13F80FBBB
Validity
Not Before: Sep 25 06:48:37 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=68d4e5c4-5934
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:dd:56:6b:98:b8:23:47:50:6d:fa:72:81:39:
7f:77:9a:8d:5b:5c:b3:19:f6:88:da:f9:33:5d:91:
3b:98:5d:2a:2a:c3:12:89:27:72:46:8d:9c:f2:0c:
28:3b:30:89:ee:48:bb:0a:52:b3:71:25:a8:82:fa:
96:5b:a7:94:f4:18:77:94:12:53:59:4f:84:77:a1:
86:0e:e4:81:f3:98:1e:b2:bf:74:a8:22:ad:4b:6b:
3d:2a:81:f9:69:a0:59:ed:4c:81:78:47:0c:26:4f:
fd:5c:a4:21:f5:da:7f:f5:0a:79:80:78:5f:5d:d8:
3d:14:48:47:8f:70:42:53:df:97:57:28:13:a6:bb:
03:95:1d:88:0b:97:fd:b0:6d:4d:f5:06:ce:d4:b7:
41:72:06:ea:db:b5:98:3c:ac:bd:ed:c9:31:d6:b0:
2d:b7:68:88:2c:15:cb:6e:9d:22:29:de:7e:55:21:
99:03:57:a6:fe:b7:9a:ad:24:5f:4a:41:22:68:9a:
64:ab:3a:21:8e:27:35:61:9a:f5:e7:29:f5:2a:5e:
cc:8e:cc:a9:9e:7c:bc:b1:a2:97:e8:2b:77:d3:cb:
8b:21:c9:0f:55:b5:28:18:7b:a2:6a:f6:f6:a9:68:
b4:26:35:96:97:86:48:19:93:0f:16:0f:f7:6b:af:
2c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:69:3F:D0:F4:AC:F3:DF:FF:B2:7E:A1:59:82:DC:9F:DD:85:77:6A
X509v3 Authority Key Identifier:
keyid:FC:F7:53:D3:46:AA:AB:95:AB:14:C6:26:75:15:CD:F1:3F:80:FB:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9179F22/CF9BF5FE8F2F11EE9CBFD961C4F9AE02/_PdT00aqq5WrFMYmdRXN8T-A-7s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_PdT00aqq5WrFMYmdRXN8T-A-7s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9179F22/CF9BF5FE8F2F11EE9CBFD961C4F9AE02/4120F6A28F3011EEA61ACF62C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.150.252.0/24
202.74.46.0/24
IPv6:
2400:a4a0:1::/48
2400:a4a0:30::/48
2400:a4a0:40::-2400:a4a0:42:ffff:ffff:ffff:ffff:ffff
2400:a4a0:90::/48
2400:a4a0:100::/47
2400:a4a0:115::/48
2400:a4a0:a100::/48
2400:a4a0:aaa2::-2400:a4a0:aaa5:ffff:ffff:ffff:ffff:ffff
2400:a4a0:b100::/48
Signature Algorithm: sha256WithRSAEncryption
d5:94:7e:34:34:7e:6c:7f:36:45:0d:53:e6:0d:fd:72:74:21:
92:09:1f:c9:fd:fb:0d:b9:bc:9a:ee:fe:f1:b3:19:9d:b8:6b:
5b:3f:17:d0:c6:1f:11:ce:c3:fb:28:9d:a4:0e:df:60:75:9b:
3a:06:74:48:c6:39:2a:c9:73:f7:37:ad:3c:63:f3:03:a1:58:
5a:58:12:3a:af:33:68:31:9e:23:5b:ce:d4:b0:1d:60:86:f4:
05:ff:ab:48:5b:e6:87:02:1a:ac:f4:f0:6d:19:73:9d:0c:9c:
80:52:26:34:45:0f:e2:84:04:01:fa:68:86:b0:ee:62:4e:cd:
09:80:de:9b:9a:8b:4d:cc:ee:f5:3a:d9:28:55:4e:c3:14:62:
45:5b:c1:b3:7e:3e:49:46:50:c2:e6:1b:d8:24:16:84:62:ba:
f6:a4:f8:1b:a7:0a:ea:66:10:f2:03:27:98:ee:b2:4b:2e:53:
03:e5:62:ab:af:2e:82:e0:5f:b3:83:0a:30:f6:e5:3f:15:44:
c5:cb:60:aa:33:13:a9:29:de:0d:db:91:d3:cb:f8:a2:85:59:
be:24:87:45:04:10:59:80:fd:a4:8e:01:8b:9c:c6:58:78:ce:
12:61:52:61:a5:9c:60:4c:f8:51:5b:ac:8c:5f:71:11:d6:4c:
c6:31:55:3d
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgICAWwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzlGMjIxMTAvBgNVBAUTKEZDRjc1M0QzNDZBQUFCOTVBQjE0QzYyNjc1MTVDREYx
M0Y4MEZCQkIwHhcNMjUwOTI1MDY0ODM3WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGQ0ZTVjNC01OTM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtN1Wa5i4I0dQbfpygTl/d5qNW1yzGfaI2vkzXZE7mF0qKsMSiSdyRo2c8gwo
OzCJ7ki7ClKzcSWogvqWW6eU9Bh3lBJTWU+Ed6GGDuSB85gesr90qCKtS2s9KoH5
aaBZ7UyBeEcMJk/9XKQh9dp/9Qp5gHhfXdg9FEhHj3BCU9+XVygTprsDlR2IC5f9
sG1N9QbO1LdBcgbq27WYPKy97ckx1rAtt2iILBXLbp0iKd5+VSGZA1em/rearSRf
SkEiaJpkqzohjic1YZr15yn1Kl7Mjsypnny8saKX6Ct308uLIckPVbUoGHuiavb2
qWi0JjWWl4ZIGZMPFg/3a68sOwIDAQABo4IDDTCCAwkwHQYDVR0OBBYEFLppP9D0
rPPf/7J+oVmC3J/dhXdqMB8GA1UdIwQYMBaAFPz3U9NGqquVqxTGJnUVzfE/gPu7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OUYyMi9DRjlCRjVGRThG
MkYxMUVFOUNCRkQ5NjFDNEY5QUUwMi9fUGRUMDBhcXE1V3JGTVltZFJYTjhULUEt
N3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19QZFQwMGFxcTVXckZNWW1kUlhOOFQtQS03cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzlGMjIvQ0Y5QkY1RkU4RjJGMTFFRTlDQkZEOTYxQzRGOUFFMDIvNDEyMEY2QTI4
RjMwMTFFRUE2MUFDRjYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZYGCCsGAQUFBwEHAQH/
BIGGMIGDMBIEAgABMAwDBABnlvwDBADKSi4wbQQCAAIwZwMHACQApKAAAQMHACQA
pKAAMDASAwcGJACkoABAAwcAJACkoABCAwcAJACkoACQAwcBJACkoAEAAwcAJACk
oAEVAwcAJACkoKEAMBIDBwEkAKSgqqIDBwEkAKSgqqQDBwAkAKSgsQAwDQYJKoZI
hvcNAQELBQADggEBANWUfjQ0fmx/NkUNU+YN/XJ0IZIJH8n9+w25vJru/vGzGZ24
a1s/F9DGHxHOw/sonaQO32B1mzoGdEjGOSrJc/c3rTxj8wOhWFpYEjqvM2gxniNb
ztSwHWCG9AX/q0hb5ocCGqz08G0Zc50MnIBSJjRFD+KEBAH6aIaw7mJOzQmA3pua
i03M7vU62ShVTsMUYkVbwbN+PklGUMLmG9gkFoRiuvak+BunCupmEPIDJ5jusksu
UwPlYquvLoLgX7ODCjD25T8VRMXLYKozE6kp3g3bkdPL+KKFWb4kh0UEEFmA/aSO
AYucxlh4zhJhUmGlnGBM+FFbrIxfcRHWTMYxVT0=
-----END CERTIFICATE-----
Generated at Wed Oct 8 23:18:44 2025 by rpki-client