Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/46DD0054BADF11F0869ED509C4F9AE02.roa
File: 46DD0054BADF11F0869ED509C4F9AE02.roa (raw, json)
Hash identifier: eaEjVB+M/RD59g3po2vJUbzDa2GSX9/A9Z/CqkrXnOY=
Subject key identifier: 3B:F0:96:5D:3E:60:1A:44:AB:42:DC:4D:F6:14:43:AE:AB:BE:3F:BC
Certificate issuer: /CN=A91298DA/serialNumber=FCAA086226DF02AF8394FAB22D1FB96E0B7D65DD
Certificate serial: 0C58
Authority key identifier: FC:AA:08:62:26:DF:02:AF:83:94:FA:B2:2D:1F:B9:6E:0B:7D:65:DD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/46DD0054BADF11F0869ED509C4F9AE02.roa
Signing time: Thu 06 Nov 2025 07:07:38 +0000
ROA not before: Thu 06 Nov 2025 07:07:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58895
IP address blocks: 36.255.100.0/22 maxlen: 22
36.255.100.0/24 maxlen: 24
36.255.101.0/24 maxlen: 24
36.255.102.0/24 maxlen: 24
36.255.103.0/24 maxlen: 24
43.229.164.0/22 maxlen: 22
43.229.164.0/24 maxlen: 24
43.229.165.0/24 maxlen: 24
43.229.166.0/24 maxlen: 24
43.229.167.0/24 maxlen: 24
43.231.60.0/22 maxlen: 22
43.231.60.0/24 maxlen: 24
43.231.61.0/24 maxlen: 24
43.231.62.0/24 maxlen: 24
43.231.63.0/24 maxlen: 24
43.248.12.0/22 maxlen: 22
43.248.12.0/24 maxlen: 24
43.248.13.0/24 maxlen: 24
43.248.14.0/24 maxlen: 24
43.248.15.0/24 maxlen: 24
45.113.124.0/22 maxlen: 22
45.113.124.0/24 maxlen: 24
45.113.125.0/24 maxlen: 24
45.113.126.0/24 maxlen: 24
45.113.127.0/24 maxlen: 24
45.117.105.0/24 maxlen: 24
45.117.106.0/24 maxlen: 24
45.117.107.0/24 maxlen: 24
103.24.96.0/22 maxlen: 24
103.35.214.0/24 maxlen: 24
103.35.215.0/24 maxlen: 24
103.39.80.0/22 maxlen: 22
103.39.80.0/24 maxlen: 24
103.39.81.0/24 maxlen: 24
103.39.82.0/24 maxlen: 24
103.39.83.0/24 maxlen: 24
103.49.136.0/24 maxlen: 24
103.49.137.0/24 maxlen: 24
103.49.138.0/24 maxlen: 24
103.49.139.0/24 maxlen: 24
103.50.156.0/22 maxlen: 22
103.50.156.0/24 maxlen: 24
103.50.157.0/24 maxlen: 24
103.50.158.0/24 maxlen: 24
103.50.159.0/24 maxlen: 24
103.53.44.0/22 maxlen: 22
103.53.44.0/24 maxlen: 24
103.53.45.0/24 maxlen: 24
103.53.46.0/24 maxlen: 24
103.53.47.0/24 maxlen: 24
103.57.168.0/22 maxlen: 22
103.57.168.0/24 maxlen: 24
103.57.169.0/24 maxlen: 24
103.57.170.0/24 maxlen: 24
103.57.171.0/24 maxlen: 24
103.70.84.0/24 maxlen: 24
103.70.85.0/24 maxlen: 24
103.200.196.0/24 maxlen: 24
103.200.197.0/24 maxlen: 24
103.200.198.0/24 maxlen: 24
103.200.199.0/24 maxlen: 24
103.209.85.0/24 maxlen: 24
103.209.86.0/24 maxlen: 24
103.209.87.0/24 maxlen: 24
117.53.40.0/22 maxlen: 22
117.53.40.0/24 maxlen: 24
117.53.41.0/24 maxlen: 24
117.53.42.0/24 maxlen: 24
117.53.43.0/24 maxlen: 24
150.129.4.0/22 maxlen: 22
150.129.4.0/24 maxlen: 24
150.129.5.0/24 maxlen: 24
150.129.6.0/24 maxlen: 24
150.129.7.0/24 maxlen: 24
2400:1680::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.crl
rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 23 Nov 2025 18:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3160 (0xc58)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91298DA, serialNumber=FCAA086226DF02AF8394FAB22D1FB96E0B7D65DD
Validity
Not Before: Nov 6 07:07:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=690c493a-072e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:73:50:1e:a4:58:99:5c:c9:f8:99:7f:eb:6a:
23:d5:37:bb:40:7b:32:8e:8a:e6:10:bc:4c:e9:1a:
f8:2b:f4:0d:9b:38:8f:cb:c7:a0:7c:27:2b:9c:70:
74:c6:35:05:1b:aa:60:89:32:58:48:3f:e3:f9:37:
91:0c:79:37:8f:be:a8:5b:84:83:2a:9f:fb:04:9f:
9c:a3:39:47:51:f6:db:b7:fa:52:5c:53:bb:f6:a5:
69:4c:d7:81:29:8f:a0:cc:91:b1:7e:03:39:85:b5:
ce:44:78:b6:39:4b:71:69:0c:e3:3f:68:ac:71:54:
9d:47:9b:fc:b1:73:4b:3c:67:f9:51:58:cc:02:aa:
9f:a9:d0:10:32:42:ec:60:42:f4:60:4e:6c:bc:e4:
ac:ae:98:be:8b:ee:42:29:90:4c:7f:6f:27:a2:ff:
74:17:05:d3:e7:c2:7c:af:97:fb:c0:d1:9d:99:41:
8f:cb:f0:c4:c8:0e:00:9a:1f:71:91:ce:a5:dc:75:
bd:da:63:78:6f:c8:0e:ec:8b:3a:f3:1f:f9:dc:08:
4b:88:ac:4a:02:ca:1d:15:42:57:d5:33:13:40:b9:
73:1e:0c:6d:50:77:6d:a7:45:76:c1:a5:61:ac:6e:
2a:71:79:e6:ef:eb:9f:91:05:80:0a:33:6c:62:42:
51:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F0:96:5D:3E:60:1A:44:AB:42:DC:4D:F6:14:43:AE:AB:BE:3F:BC
X509v3 Authority Key Identifier:
keyid:FC:AA:08:62:26:DF:02:AF:83:94:FA:B2:2D:1F:B9:6E:0B:7D:65:DD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/46DD0054BADF11F0869ED509C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.100.0/22
43.229.164.0/22
43.231.60.0/22
43.248.12.0/22
45.113.124.0/22
45.117.105.0-45.117.107.255
103.24.96.0/22
103.35.214.0/23
103.39.80.0/22
103.49.136.0/22
103.50.156.0/22
103.53.44.0/22
103.57.168.0/22
103.70.84.0/23
103.200.196.0/22
103.209.85.0-103.209.87.255
117.53.40.0/22
150.129.4.0/22
IPv6:
2400:1680::/32
Signature Algorithm: sha256WithRSAEncryption
5d:a9:d7:5a:21:3f:fd:98:9b:d1:79:69:a4:b0:06:e4:c1:cf:
03:db:5f:8f:9c:76:5d:9d:8d:d3:3e:9c:bf:87:da:f1:c4:99:
84:43:29:d5:1e:4e:19:7f:8a:e8:49:e3:74:74:3f:5e:52:0c:
13:32:47:c6:8c:6f:9e:d4:0b:12:29:0b:fc:df:d8:55:71:73:
34:ff:3c:82:3a:45:c5:95:cf:d1:e7:ea:75:3b:bc:38:07:c0:
65:b5:71:9e:99:7a:fd:3b:e2:6c:16:91:87:e8:45:c9:e6:f3:
10:e9:ab:b9:22:b5:88:88:54:57:ed:a3:96:ff:57:9e:ba:e5:
b9:79:3c:d5:d2:ec:a7:8e:7c:f0:27:eb:5e:ee:16:5c:c3:8e:
83:19:df:30:c9:82:20:5d:28:b3:94:8b:6f:05:6e:62:a4:6c:
4b:e8:a2:87:b1:f8:57:35:2e:bd:3e:aa:4d:a2:28:29:1c:bd:
47:77:bf:3e:85:81:55:06:8c:4d:23:22:56:6c:d5:7a:8a:20:
9e:7c:cf:a9:56:7c:f4:4b:d0:a0:f9:c4:21:89:46:fe:ce:c1:
e7:18:b3:3d:c4:93:59:05:30:29:59:25:e5:0b:60:ed:ab:55:
36:ed:ca:5f:0e:20:45:57:1f:83:83:1b:c1:15:8d:0d:7c:b6:
c3:db:c2:80
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgICDFgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjk4REExMTAvBgNVBAUTKEZDQUEwODYyMjZERjAyQUY4Mzk0RkFCMjJEMUZCOTZF
MEI3RDY1REQwHhcNMjUxMTA2MDcwNzM4WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OTBjNDkzYS0wNzJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4XNQHqRYmVzJ+Jl/62oj1Te7QHsyjormELxM6Rr4K/QNmziPy8egfCcrnHB0
xjUFG6pgiTJYSD/j+TeRDHk3j76oW4SDKp/7BJ+cozlHUfbbt/pSXFO79qVpTNeB
KY+gzJGxfgM5hbXORHi2OUtxaQzjP2iscVSdR5v8sXNLPGf5UVjMAqqfqdAQMkLs
YEL0YE5svOSsrpi+i+5CKZBMf28nov90FwXT58J8r5f7wNGdmUGPy/DEyA4Amh9x
kc6l3HW92mN4b8gO7Is68x/53AhLiKxKAsodFUJX1TMTQLlzHgxtUHdtp0V2waVh
rG4qcXnm7+ufkQWACjNsYkJRawIDAQABo4IDHjCCAxowHQYDVR0OBBYEFDvwll0+
YBpEq0LcTfYUQ66rvj+8MB8GA1UdIwQYMBaAFPyqCGIm3wKvg5T6si0fuW4LfWXd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOThEQS8zNEYzNjEyRTI2
ODExMUVBOTAzRDcwNThDNEY5QUUwMi9fS29JWWliZkFxLURsUHF5TFItNWJndDla
ZDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19Lb0lZaWJmQXEtRGxQcXlMUi01Ymd0OVpkMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjk4REEvMzRGMzYxMkUyNjgxMTFFQTkwM0Q3MDU4QzRGOUFFMDIvNDZERDAwNTRC
QURGMTFGMDg2OUVENTA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgacGCCsGAQUFBwEHAQH/
BIGXMIGUMIGCBAIAATB8AwQCJP9kAwQCK+WkAwQCK+c8AwQCK/gMAwQCLXF8MAwD
BAAtdWkDBAItdWgDBAJnGGADBAFnI9YDBAJnJ1ADBAJnMYgDBAJnMpwDBAJnNSwD
BAJnOagDBAFnRlQDBAJnyMQwDAMEAGfRVQMEA2fRUAMEAnU1KAMEApaBBDANBAIA
AjAHAwUAJAAWgDANBgkqhkiG9w0BAQsFAAOCAQEAXanXWiE//Zib0XlppLAG5MHP
A9tfj5x2XZ2N0z6cv4fa8cSZhEMp1R5OGX+K6EnjdHQ/XlIMEzJHxoxvntQLEikL
/N/YVXFzNP88gjpFxZXP0efqdTu8OAfAZbVxnpl6/TvibBaRh+hFyebzEOmruSK1
iIhUV+2jlv9XnrrluXk81dLsp4588CfrXu4WXMOOgxnfMMmCIF0os5SLbwVuYqRs
S+iih7H4VzUuvT6qTaIoKRy9R3e/PoWBVQaMTSMiVmzVeoognnzPqVZ89EvQoPnE
IYlG/s7B5xizPcSTWQUwKVkl5Qtg7atVNu3KXw4gRVcfg4MbwRWNDXy2w9vCgA==
-----END CERTIFICATE-----
Generated at Tue Nov 18 02:36:52 2025 by rpki-client