Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/674B4ED227C811EFAECE0786C4F9AE02.roa
File: 674B4ED227C811EFAECE0786C4F9AE02.roa (raw, json)
Hash identifier: DI67Jqp6pW9qhFaZux5fEuglgq5H5mEfJRIgmORdMWo=
Subject key identifier: F9:18:AE:76:6F:BA:31:49:D4:44:7F:74:52:EB:1B:9D:EF:53:54:A6
Certificate issuer: /CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Certificate serial: 3A52
Authority key identifier: 61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/674B4ED227C811EFAECE0786C4F9AE02.roa
Signing time: Thu 04 Sep 2025 08:20:56 +0000
ROA not before: Thu 04 Sep 2025 08:20:56 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 17552
IP address blocks: 27.145.0.0/16 maxlen: 24
58.8.0.0/16 maxlen: 24
58.9.0.0/16 maxlen: 24
58.10.0.0/16 maxlen: 24
58.11.0.0/16 maxlen: 24
58.97.124.0/24 maxlen: 24
58.97.125.0/24 maxlen: 24
61.90.0.0/17 maxlen: 24
61.91.128.0/21 maxlen: 24
61.91.144.0/21 maxlen: 24
61.91.190.0/24 maxlen: 24
61.91.191.0/24 maxlen: 24
61.91.192.0/24 maxlen: 24
61.91.193.0/24 maxlen: 24
61.91.201.0/24 maxlen: 24
61.91.214.0/24 maxlen: 24
110.168.0.0/17 maxlen: 24
110.168.128.0/17 maxlen: 24
110.169.0.0/16 maxlen: 24
110.171.0.0/17 maxlen: 24
110.171.128.0/17 maxlen: 24
114.109.0.0/16 maxlen: 24
115.87.0.0/16 maxlen: 16
115.87.0.0/17 maxlen: 24
115.87.128.0/17 maxlen: 24
119.46.255.0/24 maxlen: 24
119.76.0.0/16 maxlen: 24
124.120.0.0/16 maxlen: 24
124.121.0.0/16 maxlen: 24
124.122.0.0/16 maxlen: 24
171.96.0.0/16 maxlen: 24
171.97.0.0/16 maxlen: 24
171.98.0.0/16 maxlen: 24
171.99.0.0/16 maxlen: 24
171.100.0.0/16 maxlen: 24
171.101.0.0/16 maxlen: 24
171.102.0.0/16 maxlen: 24
171.103.0.0/16 maxlen: 24
182.17.0.0/16 maxlen: 24
202.133.128.0/20 maxlen: 24
202.133.144.0/20 maxlen: 24
202.133.160.0/19 maxlen: 24
202.176.64.0/18 maxlen: 18
202.176.64.0/19 maxlen: 24
202.176.96.0/19 maxlen: 24
202.176.128.0/18 maxlen: 24
210.213.0.0/18 maxlen: 24
2001:fb0:101::/48 maxlen: 48
2001:fb0:102::/48 maxlen: 48
2001:fb0:1004::/48 maxlen: 48
2001:fb0:1005::/48 maxlen: 48
2001:fb1::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 13 Sep 2025 14:20:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14930 (0x3a52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9137ABC, serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Validity
Not Before: Sep 4 08:20:56 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=68b94be8-7bc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:a8:48:39:65:d7:b9:1a:b8:a5:b1:84:bc:70:
02:3e:71:e9:fc:1b:ba:02:f4:e7:b0:b9:82:3b:11:
9c:c4:b7:95:1f:36:1a:a8:a2:c4:39:66:30:e7:30:
7d:3f:78:fd:5a:8c:89:d1:fc:31:2e:f2:17:07:bf:
e5:f9:bf:97:ac:fe:02:4d:ce:d2:84:f4:90:04:da:
be:7c:71:5b:9a:d6:31:f0:01:fb:d6:6b:c9:35:24:
da:34:4e:a0:1d:b2:20:e2:e8:af:00:9c:cd:64:0c:
d0:19:e1:94:0a:91:1d:b2:8c:ba:89:5f:51:ac:24:
cf:8c:6e:36:01:33:c3:6d:71:48:6b:76:e4:6d:f0:
a0:9e:65:42:0f:6e:8d:5e:33:77:77:59:16:a2:33:
61:cf:c6:9e:08:d7:1f:8c:39:03:9c:61:7a:66:51:
34:ac:ff:6d:d3:00:9f:d9:71:c2:cb:4e:a9:ad:a4:
9e:3e:f3:d6:2d:20:13:77:18:d5:4e:45:b1:eb:54:
ee:6a:24:e5:e9:08:ec:44:97:25:85:f2:82:3a:b4:
2b:37:87:46:67:87:3a:92:fc:a0:61:6c:75:d5:6a:
aa:77:0f:47:12:ba:32:fd:9d:1b:d1:24:ef:d7:10:
11:8c:84:5e:88:15:dc:55:11:48:1f:e7:7f:7d:39:
92:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:18:AE:76:6F:BA:31:49:D4:44:7F:74:52:EB:1B:9D:EF:53:54:A6
X509v3 Authority Key Identifier:
keyid:61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/674B4ED227C811EFAECE0786C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.145.0.0/16
58.8.0.0/14
58.97.124.0/23
61.90.0.0/17
61.91.128.0/21
61.91.144.0/21
61.91.190.0-61.91.193.255
61.91.201.0/24
61.91.214.0/24
110.168.0.0/15
110.171.0.0/16
114.109.0.0/16
115.87.0.0/16
119.46.255.0/24
119.76.0.0/16
124.120.0.0-124.122.255.255
171.96.0.0/13
182.17.0.0/16
202.133.128.0/18
202.176.64.0-202.176.191.255
210.213.0.0/18
IPv6:
2001:fb0:101::-2001:fb0:102:ffff:ffff:ffff:ffff:ffff
2001:fb0:1004::/47
2001:fb1::/32
Signature Algorithm: sha256WithRSAEncryption
59:9f:7d:54:a9:30:f6:34:9d:44:8e:73:62:6d:62:37:15:51:
39:f9:aa:65:d4:c8:22:8c:0f:a1:c9:2a:d0:69:20:02:71:e1:
47:86:1d:71:9f:55:1e:ee:17:c8:f8:07:87:8f:77:52:e1:d9:
c0:e7:5e:ea:c4:3e:27:fb:e6:92:bd:2e:fc:48:39:60:16:1a:
35:43:15:1f:5b:39:4c:6c:cf:37:5b:fe:2b:0c:6b:2d:93:cf:
93:e9:9c:e7:36:1a:23:55:56:61:c8:dd:6e:7e:10:07:78:32:
c0:9c:e8:9c:c1:5b:e8:10:90:bf:79:78:db:26:22:f8:55:d5:
2c:2b:91:a6:24:13:c2:ac:c8:a0:11:9e:6c:90:34:17:33:7a:
93:26:df:e3:35:84:9e:9c:07:f1:55:77:91:12:a4:e5:78:6f:
d1:1d:98:69:8c:7a:ad:7e:53:b0:d2:68:e8:d9:ff:62:5e:2c:
f0:25:91:96:d9:cb:1b:bf:26:75:87:57:8b:f9:47:8e:db:2c:
a1:66:7d:ed:67:f6:4c:07:bc:24:fa:02:df:49:6a:4f:d6:0f:
4e:13:f0:f4:59:e5:09:7b:1d:d4:45:b5:e3:c0:a8:12:0e:2f:
1a:09:2b:91:4d:be:2f:ef:15:d0:c5:d7:8e:46:50:3b:e6:9f:
00:bd:42:b6
-----BEGIN CERTIFICATE-----
MIIGJzCCBQ+gAwIBAgICOlIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzdBQkMxMTAvBgNVBAUTKDYxQkYzRUQ0QzNCRkJDMDkxNkVGOTQ4MEFBRkYyMjJB
NDM3QUYwMkMwHhcNMjUwOTA0MDgyMDU2WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGI5NGJlOC03YmMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA86hIOWXXuRq4pbGEvHACPnHp/Bu6AvTnsLmCOxGcxLeVHzYaqKLEOWYw5zB9
P3j9WoyJ0fwxLvIXB7/l+b+XrP4CTc7ShPSQBNq+fHFbmtYx8AH71mvJNSTaNE6g
HbIg4uivAJzNZAzQGeGUCpEdsoy6iV9RrCTPjG42ATPDbXFIa3bkbfCgnmVCD26N
XjN3d1kWojNhz8aeCNcfjDkDnGF6ZlE0rP9t0wCf2XHCy06praSePvPWLSATdxjV
TkWx61TuaiTl6QjsRJclhfKCOrQrN4dGZ4c6kvygYWx11Wqqdw9HEroy/Z0b0STv
1xARjIReiBXcVRFIH+d/fTmSgQIDAQABo4IDSzCCA0cwHQYDVR0OBBYEFPkYrnZv
ujFJ1ER/dFLrG53vU1SmMB8GA1UdIwQYMBaAFGG/PtTDv7wJFu+UgKr/IipDevAs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FCQy83MTNEOUZCMDFE
NzgxMUUyODI4NjhEQzQwOEIwMkNEMi9ZYjgtMU1PX3ZBa1c3NVNBcXY4aUtrTjY4
Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1liOC0xTU9fdkFrVzc1U0FxdjhpS2tONjhDdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzdBQkMvNzEzRDlGQjAxRDc4MTFFMjgyODY4REM0MDhCMDJDRDIvNjc0QjRFRDIy
N0M4MTFFRkFFQ0UwNzg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgdQGCCsGAQUFBwEHAQH/
BIHEMIHBMIGSBAIAATCBiwMDABuRAwMCOggDBAE6YXwDBAc9WgADBAM9W4ADBAM9
W5AwDAMEAT1bvgMEAT1bwAMEAD1byQMEAD1b1gMDAW6oAwMAbqsDAwBybQMDAHNX
AwQAdy7/AwMAd0wwCgMDA3x4AwMAfHoDAwOrYAMDALYRAwQGyoWAMAwDBAbKsEAD
BAbKsIADBAbS1QAwKgQCAAIwJDASAwcAIAEPsAEBAwcAIAEPsAECAwcBIAEPsBAE
AwUAIAEPsTANBgkqhkiG9w0BAQsFAAOCAQEAWZ99VKkw9jSdRI5zYm1iNxVROfmq
ZdTIIowPockq0GkgAnHhR4YdcZ9VHu4XyPgHh493UuHZwOde6sQ+J/vmkr0u/Eg5
YBYaNUMVH1s5TGzPN1v+KwxrLZPPk+mc5zYaI1VWYcjdbn4QB3gywJzonMFb6BCQ
v3l42yYi+FXVLCuRpiQTwqzIoBGebJA0FzN6kybf4zWEnpwH8VV3kRKk5Xhv0R2Y
aYx6rX5TsNJo6Nn/Yl4s8CWRltnLG78mdYdXi/lHjtssoWZ97Wf2TAe8JPoC30lq
T9YPThPw9FnlCXsd1EW148CoEg4vGgkrkU2+L+8V0MXXjkZQO+afAL1Ctg==
-----END CERTIFICATE-----
Generated at Mon Sep 8 02:15:04 2025 by rpki-client