Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/815EF8B470DD11F08E727853C4F9AE02.roa
File: 815EF8B470DD11F08E727853C4F9AE02.roa (raw, json)
Hash identifier: OPk3qXuPK3eg+BCQ6HiePp4Pdkq+NSX70vqnlNjAfDM=
Subject key identifier: 35:C9:06:0D:69:77:3B:4E:F1:A4:0F:49:5F:04:69:F6:C6:D0:E0:08
Certificate issuer: /CN=A91406AA/serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C
Certificate serial: 0801
Authority key identifier: 31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/815EF8B470DD11F08E727853C4F9AE02.roa
Signing time: Wed 08 Oct 2025 22:24:38 +0000
ROA not before: Wed 08 Oct 2025 22:24:38 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 9790
IP address blocks: 60.234.0.0/16 maxlen: 20
101.98.0.0/16 maxlen: 20
101.100.128.0/19 maxlen: 24
103.224.128.0/22 maxlen: 24
103.237.40.0/22 maxlen: 24
110.44.16.0/22 maxlen: 24
118.148.0.0/15 maxlen: 15
118.148.64.0/20 maxlen: 24
118.148.80.0/20 maxlen: 24
118.148.96.0/20 maxlen: 24
118.148.112.0/20 maxlen: 24
118.149.64.0/20 maxlen: 24
118.149.80.0/20 maxlen: 24
118.149.96.0/20 maxlen: 24
118.149.112.0/20 maxlen: 24
119.224.0.0/18 maxlen: 22
119.224.64.0/19 maxlen: 22
119.224.128.0/20 maxlen: 20
121.98.0.0/15 maxlen: 20
202.50.170.0/24 maxlen: 24
202.53.176.0/20 maxlen: 20
202.180.64.0/18 maxlen: 20
202.189.160.0/20 maxlen: 20
202.191.32.0/20 maxlen: 20
203.184.0.0/18 maxlen: 20
2400:4800::/32 maxlen: 32
2402:6000::/32 maxlen: 32
2402:8200::/32 maxlen: 32
2404:4400::/28 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl
rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 29 Oct 2025 23:14:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2049 (0x801)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91406AA, serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C
Validity
Not Before: Oct 8 22:24:38 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=68e6e4a6-1c25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:da:5e:19:0f:8f:91:8a:83:67:a3:3b:0a:b8:
07:1a:95:98:f9:0d:76:2e:2e:91:22:a4:99:ce:57:
af:a9:b2:75:49:a3:5a:67:f0:4d:75:05:3c:f1:2e:
01:ba:b2:b4:cf:0c:f8:50:a6:5d:1d:b0:53:77:95:
47:23:3d:0b:a3:09:19:18:74:1e:2d:b4:19:98:02:
3d:30:0d:91:1f:4b:a6:4b:c0:e6:e5:b5:25:c1:b3:
99:d9:55:5e:46:2b:0e:d1:53:3c:e6:d3:8e:5e:e2:
b4:76:b6:8f:16:14:60:71:8b:68:b2:2b:86:f8:bc:
1a:67:35:c1:88:ed:dd:7f:a9:bd:1d:8c:1e:83:83:
ea:74:05:81:05:b8:08:95:ea:aa:20:c5:fd:73:00:
76:1a:d3:ea:ec:b9:42:d0:76:a6:ec:b9:98:d1:d7:
26:87:8f:16:8e:4c:af:41:84:a6:67:49:91:73:9c:
6f:7b:aa:cd:f7:d1:a5:fb:d9:6f:47:7d:f9:ee:84:
64:c0:26:91:6d:0b:5c:e8:c5:4b:13:00:f8:b6:8d:
c7:f9:98:6e:f9:9f:28:a3:28:b5:ef:e4:91:6b:c0:
80:b1:72:40:68:0e:c7:98:6f:36:5b:89:d9:db:2a:
1d:29:f5:1d:a6:80:eb:65:e1:ae:8b:e6:b8:96:2e:
da:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:C9:06:0D:69:77:3B:4E:F1:A4:0F:49:5F:04:69:F6:C6:D0:E0:08
X509v3 Authority Key Identifier:
keyid:31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/815EF8B470DD11F08E727853C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
60.234.0.0/16
101.98.0.0/16
101.100.128.0/19
103.224.128.0/22
103.237.40.0/22
110.44.16.0/22
118.148.0.0/15
119.224.0.0-119.224.95.255
119.224.128.0/20
121.98.0.0/15
202.50.170.0/24
202.53.176.0/20
202.180.64.0/18
202.189.160.0/20
202.191.32.0/20
203.184.0.0/18
IPv6:
2400:4800::/32
2402:6000::/32
2402:8200::/32
2404:4400::/28
Signature Algorithm: sha256WithRSAEncryption
06:27:12:22:bd:6a:7d:19:db:cc:2e:9a:ae:e0:6b:8b:af:66:
4a:83:70:b1:f8:3a:62:10:f9:cc:08:9c:fc:d7:97:40:d9:5c:
12:3f:02:58:3e:14:bd:29:1a:05:a3:14:1d:76:2b:c1:18:0c:
6c:7e:7e:67:04:80:0a:35:60:e3:d7:b1:da:21:7c:58:2c:2c:
1b:fc:20:65:e8:1b:0c:d2:b2:81:16:6a:cf:cb:2f:78:1c:05:
28:e3:10:b4:6c:8a:f5:e0:41:86:b2:5f:81:4e:f3:68:49:6c:
85:fd:8f:db:6f:44:aa:4a:43:34:d9:ef:44:ee:99:92:a2:37:
95:8f:a4:92:df:9c:5f:7b:63:04:20:fc:c7:df:a3:93:8c:1a:
88:7c:6d:7f:07:a8:a1:11:ba:fb:08:15:9e:7c:2f:32:c7:07:
88:42:ec:a7:fb:03:83:41:e0:0e:25:3c:1d:f6:f6:1d:a2:0e:
1f:77:14:4d:85:ae:f4:26:a3:20:73:97:f2:7c:21:29:39:6f:
c1:4a:c7:74:57:f6:e7:7b:41:3b:94:11:e8:72:95:e8:ba:68:
09:e7:4b:2a:53:6d:42:8d:22:52:de:1e:e4:39:85:cd:f4:c0:
7e:d8:36:19:45:77:2a:4d:e7:bf:e0:02:38:1b:09:ed:2f:ab:
29:11:a7:33
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgICCAEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDA2QUExMTAvBgNVBAUTKDMxNTUxM0U1NEFCMEM5OUI4QkNBODQwNDJFMzgzNThC
NjBEQjFCMkMwHhcNMjUxMDA4MjIyNDM4WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGU2ZTRhNi0xYzI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx9peGQ+PkYqDZ6M7CrgHGpWY+Q12Li6RIqSZzlevqbJ1SaNaZ/BNdQU88S4B
urK0zwz4UKZdHbBTd5VHIz0LowkZGHQeLbQZmAI9MA2RH0umS8Dm5bUlwbOZ2VVe
RisO0VM85tOOXuK0draPFhRgcYtosiuG+LwaZzXBiO3df6m9HYweg4PqdAWBBbgI
leqqIMX9cwB2GtPq7LlC0Ham7LmY0dcmh48WjkyvQYSmZ0mRc5xve6rN99Gl+9lv
R3357oRkwCaRbQtc6MVLEwD4to3H+Zhu+Z8ooyi17+SRa8CAsXJAaA7HmG82W4nZ
2yodKfUdpoDrZeGui+a4li7aGwIDAQABo4IDGTCCAxUwHQYDVR0OBBYEFDXJBg1p
dztO8aQPSV8EafbG0OAIMB8GA1UdIwQYMBaAFDFVE+VKsMmbi8qEBC44NYtg2xss
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84RjVCQjRGODg2
QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9NVlVUNVVxd3ladUx5b1FFTGpnMWkyRGJH
eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01WVVQ1VXF3eVp1THlvUUVMamcxaTJEYkd5dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDA2QUEvOEY1QkI0Rjg4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvODE1RUY4QjQ3
MEREMTFGMDhFNzI3ODUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaIGCCsGAQUFBwEHAQH/
BIGSMIGPMGkEAgABMGMDAwA86gMDAGViAwQFZWSAAwQCZ+CAAwQCZ+0oAwQCbiwQ
AwMBdpQwCwMDBXfgAwQFd+BAAwQEd+CAAwMBeWIDBADKMqoDBATKNbADBAbKtEAD
BATKvaADBATKvyADBAbLuAAwIgQCAAIwHAMFACQASAADBQAkAmAAAwUAJAKCAAMF
BCQERAAwDQYJKoZIhvcNAQELBQADggEBAAYnEiK9an0Z28wumq7ga4uvZkqDcLH4
OmIQ+cwInPzXl0DZXBI/Alg+FL0pGgWjFB12K8EYDGx+fmcEgAo1YOPXsdohfFgs
LBv8IGXoGwzSsoEWas/LL3gcBSjjELRsivXgQYayX4FO82hJbIX9j9tvRKpKQzTZ
70TumZKiN5WPpJLfnF97YwQg/Mffo5OMGoh8bX8HqKERuvsIFZ58LzLHB4hC7Kf7
A4NB4A4lPB329h2iDh93FE2FrvQmoyBzl/J8ISk5b8FKx3RX9ud7QTuUEehylei6
aAnnSypTbUKNIlLeHuQ5hc30wH7YNhlFdypN57/gAjgbCe0vqykRpzM=
-----END CERTIFICATE-----
Generated at Thu Oct 23 01:31:00 2025 by rpki-client