Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/C32677AA984111F0A8CC3773C4F9AE02.roa
File: C32677AA984111F0A8CC3773C4F9AE02.roa (raw, json)
Hash identifier: zvt5PKHfXMN6X7f4V6clzwtgf+Vm+WQejAV68riLY3A=
Subject key identifier: BA:59:95:6C:D1:3E:90:9C:B6:EA:C3:41:33:34:A4:72:E0:72:B7:3D
Certificate issuer: /CN=A912176D/serialNumber=96F42E19F69D596A0318921590A17DD53233E595
Certificate serial: 085C
Authority key identifier: 96:F4:2E:19:F6:9D:59:6A:03:18:92:15:90:A1:7D:D5:32:33:E5:95
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lvQuGfadWWoDGJIVkKF91TIz5ZU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/C32677AA984111F0A8CC3773C4F9AE02.roa
Signing time: Tue 23 Sep 2025 05:54:26 +0000
ROA not before: Tue 23 Sep 2025 05:54:26 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 55720
IP address blocks: 14.192.67.0/24 maxlen: 24
14.192.68.0/24 maxlen: 24
14.192.69.0/24 maxlen: 24
43.225.36.0/24 maxlen: 24
43.231.6.0/24 maxlen: 24
43.231.7.0/24 maxlen: 24
45.116.160.0/24 maxlen: 24
45.116.161.0/24 maxlen: 24
45.116.162.0/24 maxlen: 24
45.116.163.0/24 maxlen: 24
45.120.52.0/24 maxlen: 24
45.120.53.0/24 maxlen: 24
45.120.54.0/24 maxlen: 24
45.120.55.0/24 maxlen: 24
61.4.97.0/24 maxlen: 24
61.4.98.0/24 maxlen: 24
61.4.99.0/24 maxlen: 24
61.4.100.0/22 maxlen: 24
61.4.104.0/22 maxlen: 24
61.4.109.0/24 maxlen: 24
61.4.110.0/24 maxlen: 24
103.4.28.0/24 maxlen: 24
103.4.29.0/24 maxlen: 24
103.4.30.0/24 maxlen: 24
103.4.31.0/24 maxlen: 24
103.15.104.0/24 maxlen: 24
103.15.105.0/24 maxlen: 24
103.15.106.0/24 maxlen: 24
103.15.107.0/24 maxlen: 24
103.21.88.0/24 maxlen: 24
103.21.89.0/24 maxlen: 24
103.21.90.0/24 maxlen: 24
103.21.91.0/24 maxlen: 24
103.23.46.0/24 maxlen: 24
103.23.47.0/24 maxlen: 24
103.71.176.0/24 maxlen: 24
103.71.177.0/24 maxlen: 24
103.71.178.0/24 maxlen: 24
103.71.179.0/24 maxlen: 24
103.243.212.0/24 maxlen: 24
103.243.213.0/24 maxlen: 24
103.243.214.0/24 maxlen: 24
103.243.215.0/24 maxlen: 24
103.246.112.0/24 maxlen: 24
103.246.113.0/24 maxlen: 24
103.246.114.0/24 maxlen: 24
103.246.115.0/24 maxlen: 24
118.107.212.0/24 maxlen: 24
118.107.213.0/24 maxlen: 24
118.107.214.0/24 maxlen: 24
118.107.215.0/24 maxlen: 24
118.107.216.0/24 maxlen: 24
118.107.217.0/24 maxlen: 24
118.107.218.0/24 maxlen: 24
118.107.219.0/24 maxlen: 24
118.107.220.0/24 maxlen: 24
118.107.221.0/24 maxlen: 24
118.107.222.0/24 maxlen: 24
118.107.223.0/24 maxlen: 24
150.107.76.0/24 maxlen: 24
150.107.77.0/24 maxlen: 24
150.107.78.0/24 maxlen: 24
150.107.79.0/24 maxlen: 24
202.9.36.0/24 maxlen: 24
202.9.37.0/24 maxlen: 24
202.9.38.0/24 maxlen: 24
202.9.39.0/24 maxlen: 24
202.73.12.0/24 maxlen: 24
202.73.13.0/24 maxlen: 24
202.73.14.0/24 maxlen: 24
202.73.15.0/24 maxlen: 24
202.87.220.0/24 maxlen: 24
202.87.221.0/24 maxlen: 24
202.87.222.0/24 maxlen: 24
202.87.223.0/24 maxlen: 24
223.25.240.0/24 maxlen: 24
223.25.241.0/24 maxlen: 24
223.25.242.0/24 maxlen: 24
223.25.243.0/24 maxlen: 24
223.25.244.0/24 maxlen: 24
223.25.245.0/24 maxlen: 24
223.25.246.0/24 maxlen: 24
223.25.247.0/24 maxlen: 24
2402:9500::/32 maxlen: 32
2402:9500::/48 maxlen: 48
2402:9500:a00::/48 maxlen: 48
2402:9500:b00::/48 maxlen: 48
2402:9500:c00::/48 maxlen: 48
2402:9500:d00::/48 maxlen: 48
2402:9500:1000::/48 maxlen: 48
2402:9500:2000::/48 maxlen: 48
2402:9500:3000::/48 maxlen: 48
2402:9500:4000::/48 maxlen: 48
2402:9500:5000::/48 maxlen: 48
2402:9500:6000::/48 maxlen: 48
2402:9500:7000::/48 maxlen: 48
2402:9500:8000::/48 maxlen: 48
2402:9500:9000::/48 maxlen: 48
2402:9500:e000::/48 maxlen: 48
2402:9500:f000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/lvQuGfadWWoDGJIVkKF91TIz5ZU.crl
rsync://rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/lvQuGfadWWoDGJIVkKF91TIz5ZU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lvQuGfadWWoDGJIVkKF91TIz5ZU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 22:20:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2140 (0x85c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912176D, serialNumber=96F42E19F69D596A0318921590A17DD53233E595
Validity
Not Before: Sep 23 05:54:26 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=68d23612-d2ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:d0:d4:f4:b3:93:a5:b8:0c:31:4e:4c:5a:55:
21:bb:0f:14:de:f6:40:52:f9:74:55:84:c5:3b:22:
a3:70:32:2d:17:80:b3:f4:1a:61:cd:b3:86:82:1f:
4d:f8:80:16:ea:71:c9:ec:96:44:0b:9a:07:59:96:
03:8b:a5:1e:06:8b:78:ab:17:d4:7b:7e:af:9f:59:
1a:62:93:ab:30:4b:71:ee:2b:6f:8c:f6:22:3f:00:
2e:67:9a:aa:a7:ed:1f:f2:55:d3:0e:09:a6:00:d6:
5c:d8:eb:5b:eb:b4:3d:79:0a:11:f7:9b:ef:ea:cf:
a7:49:46:61:7d:62:8c:85:46:c2:a3:96:ba:d7:7f:
a8:d1:06:30:b9:9f:96:29:69:8e:ba:af:fc:64:3e:
f5:36:89:49:99:43:52:1c:4c:01:d7:7a:44:1f:73:
59:18:ea:f0:52:f0:3d:74:1e:8d:7b:da:d5:30:ed:
64:57:53:c9:82:d5:84:4e:98:34:fb:5f:5f:4b:ac:
7b:9b:e5:99:08:87:11:c0:12:0c:e9:ac:cc:85:67:
23:74:d4:02:c2:84:ad:1b:f6:86:e8:93:f6:b2:ba:
b3:06:34:90:ed:1c:69:ce:83:2a:56:26:0d:51:42:
33:33:78:08:31:2d:a8:e0:4c:e4:e5:e1:29:2f:8c:
fb:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:59:95:6C:D1:3E:90:9C:B6:EA:C3:41:33:34:A4:72:E0:72:B7:3D
X509v3 Authority Key Identifier:
keyid:96:F4:2E:19:F6:9D:59:6A:03:18:92:15:90:A1:7D:D5:32:33:E5:95
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/lvQuGfadWWoDGJIVkKF91TIz5ZU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lvQuGfadWWoDGJIVkKF91TIz5ZU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/C32677AA984111F0A8CC3773C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.67.0-14.192.69.255
43.225.36.0/24
43.231.6.0/23
45.116.160.0/22
45.120.52.0/22
61.4.97.0-61.4.107.255
61.4.109.0-61.4.110.255
103.4.28.0/22
103.15.104.0/22
103.21.88.0/22
103.23.46.0/23
103.71.176.0/22
103.243.212.0/22
103.246.112.0/22
118.107.212.0-118.107.223.255
150.107.76.0/22
202.9.36.0/22
202.73.12.0/22
202.87.220.0/22
223.25.240.0/21
IPv6:
2402:9500::/32
Signature Algorithm: sha256WithRSAEncryption
b2:ff:3c:db:24:48:73:dd:31:fc:c5:bf:4d:6d:09:d8:6d:0b:
c2:27:58:db:58:2b:ed:fb:17:83:b9:d8:cd:de:ed:8c:17:53:
ed:40:be:ef:df:e3:c6:11:6f:9d:5d:14:94:78:d5:1a:af:c3:
67:be:0d:70:3e:76:ae:42:b0:d2:94:ac:5c:b8:cc:1c:46:23:
48:77:ea:46:32:62:03:b0:a6:b0:60:c8:5a:94:5f:68:ab:f2:
8f:6a:4d:4e:af:a5:24:bb:b0:fa:d0:59:9e:58:d7:a7:3c:ad:
0c:e4:56:ab:5a:38:27:8b:a7:3c:be:ea:a5:11:23:e2:37:c7:
07:4c:96:2c:30:42:b3:71:40:9a:f2:0e:c7:69:86:f5:db:94:
a7:e6:f5:e9:c4:69:9f:ca:9e:72:50:b5:30:ea:33:e9:e7:f2:
92:e8:3b:2a:cc:fd:fe:d0:1e:99:c3:87:5f:c0:95:91:c7:4a:
a5:85:c4:88:66:22:b0:76:bd:b7:c1:66:1e:d6:51:1e:cc:8d:
88:71:ec:0a:3a:be:f1:32:23:70:91:4b:91:96:7c:e8:33:17:
51:8a:45:c8:11:60:58:82:4a:28:33:19:67:b1:96:07:ca:99:
50:ab:ea:46:b8:3c:54:1d:d4:5b:b0:db:b5:d2:db:3f:1b:a4:
2e:1e:af:4a
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgICCFwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjE3NkQxMTAvBgNVBAUTKDk2RjQyRTE5RjY5RDU5NkEwMzE4OTIxNTkwQTE3REQ1
MzIzM0U1OTUwHhcNMjUwOTIzMDU1NDI2WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGQyMzYxMi1kMmVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4dDU9LOTpbgMMU5MWlUhuw8U3vZAUvl0VYTFOyKjcDItF4Cz9BphzbOGgh9N
+IAW6nHJ7JZEC5oHWZYDi6UeBot4qxfUe36vn1kaYpOrMEtx7itvjPYiPwAuZ5qq
p+0f8lXTDgmmANZc2Otb67Q9eQoR95vv6s+nSUZhfWKMhUbCo5a613+o0QYwuZ+W
KWmOuq/8ZD71NolJmUNSHEwB13pEH3NZGOrwUvA9dB6Ne9rVMO1kV1PJgtWETpg0
+19fS6x7m+WZCIcRwBIM6azMhWcjdNQCwoStG/aG6JP2srqzBjSQ7RxpzoMqViYN
UUIzM3gIMS2o4Ezk5eEpL4z7EwIDAQABo4IDOzCCAzcwHQYDVR0OBBYEFLpZlWzR
PpCcturDQTM0pHLgcrc9MB8GA1UdIwQYMBaAFJb0Lhn2nVlqAxiSFZChfdUyM+WV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMTc2RC85M0QxN0NEMDA2
QTAxMUVCQjQwOTA4NTlDNEY5QUUwMi9sdlF1R2ZhZFdXb0RHSklWa0tGOTFUSXo1
WlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2x2UXVHZmFkV1dvREdKSVZrS0Y5MVRJejVaVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjE3NkQvOTNEMTdDRDAwNkEwMTFFQkI0MDkwODU5QzRGOUFFMDIvQzMyNjc3QUE5
ODQxMTFGMEE4Q0MzNzczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgcQGCCsGAQUFBwEHAQH/
BIG0MIGxMIGfBAIAATCBmDAMAwQADsBDAwQBDsBEAwQAK+EkAwQBK+cGAwQCLXSg
AwQCLXg0MAwDBAA9BGEDBAI9BGgwDAMEAD0EbQMEAD0EbgMEAmcEHAMEAmcPaAME
AmcVWAMEAWcXLgMEAmdHsAMEAmfz1AMEAmf2cDAMAwQCdmvUAwQFdmvAAwQClmtM
AwQCygkkAwQCykkMAwQCylfcAwQD3xnwMA0EAgACMAcDBQAkApUAMA0GCSqGSIb3
DQEBCwUAA4IBAQCy/zzbJEhz3TH8xb9NbQnYbQvCJ1jbWCvt+xeDudjN3u2MF1Pt
QL7v3+PGEW+dXRSUeNUar8Nnvg1wPnauQrDSlKxcuMwcRiNId+pGMmIDsKawYMha
lF9oq/KPak1Or6Uku7D60FmeWNenPK0M5FarWjgni6c8vuqlESPiN8cHTJYsMEKz
cUCa8g7HaYb125Sn5vXpxGmfyp5yULUw6jPp5/KS6DsqzP3+0B6Zw4dfwJWRx0ql
hcSIZiKwdr23wWYe1lEezI2IcewKOr7xMiNwkUuRlnzoMxdRikXIEWBYgkooMxln
sZYHyplQq+pGuDxUHdRbsNu10ts/G6QuHq9K
-----END CERTIFICATE-----
Generated at Sun Oct 19 14:10:09 2025 by rpki-client