Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
File: CCF0C1920EBA11ECB2C2867AC4F9AE02.roa (raw, json)
Hash identifier: iWBtuBIjalbSdr/S7ybJJU+iQh4n8A16nqoXCibL9XI=
Subject key identifier: 5B:73:98:41:17:A7:DF:29:4D:68:6D:78:8B:1E:FB:26:4D:00:D3:4B
Certificate issuer: /CN=A9150F66/serialNumber=9009E74196D48B03964F1FC56CFE446EC5048CF7
Certificate serial: 291B
Authority key identifier: 90:09:E7:41:96:D4:8B:03:96:4F:1F:C5:6C:FE:44:6E:C5:04:8C:F7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
Signing time: Sat 30 Aug 2025 12:45:31 +0000
ROA not before: Sat 30 Aug 2025 12:45:31 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 24440
IP address blocks: 36.255.44.0/22 maxlen: 24
43.242.100.0/22 maxlen: 24
58.65.192.0/19 maxlen: 24
61.5.128.0/19 maxlen: 24
101.53.224.0/19 maxlen: 24
103.7.60.0/22 maxlen: 24
103.18.8.0/22 maxlen: 24
103.18.12.0/22 maxlen: 24
103.18.20.0/22 maxlen: 24
103.26.80.0/22 maxlen: 24
103.26.84.0/22 maxlen: 24
103.31.92.0/22 maxlen: 24
103.31.100.0/22 maxlen: 24
103.31.104.0/22 maxlen: 24
103.244.172.0/22 maxlen: 24
103.244.176.0/22 maxlen: 24
103.245.132.0/22 maxlen: 24
103.245.192.0/22 maxlen: 24
119.13.184.0/21 maxlen: 24
124.29.192.0/18 maxlen: 24
175.107.192.0/18 maxlen: 24
202.47.32.0/19 maxlen: 24
202.163.64.0/19 maxlen: 24
202.163.96.0/19 maxlen: 24
203.101.160.0/19 maxlen: 24
218.100.85.0/24 maxlen: 24
2001:4538::/32 maxlen: 32
2001:4538:41::/48 maxlen: 48
2400:adc0:9::/64 maxlen: 64
2400:adc0:200::/48 maxlen: 48
2400:adc0:201::/48 maxlen: 48
2400:adc0:4005::/48 maxlen: 48
2400:adc0:4006::/48 maxlen: 48
2400:adc0:4013::/48 maxlen: 48
2400:adc0:4104::/48 maxlen: 48
2400:adc0:4203::/48 maxlen: 48
2400:adc0:4302::/48 maxlen: 48
2400:adc0:4303::/48 maxlen: 48
2400:adc0:4500::/48 maxlen: 48
2400:adc0:4611::/48 maxlen: 48
2400:adc0:4700::/48 maxlen: 48
2400:adc0:4710::/48 maxlen: 48
2400:adc0:4711::/48 maxlen: 48
2400:adc0:c001::/48 maxlen: 48
2400:adc0:c003::/48 maxlen: 48
2400:adc0:c030::/48 maxlen: 48
2400:adc0:c102::/48 maxlen: 48
2400:adc0:c103::/48 maxlen: 48
2400:adc0:c210::/48 maxlen: 48
2400:adc0:c211::/48 maxlen: 48
2400:adc0:c310::/48 maxlen: 48
2400:adc0:c410::/48 maxlen: 48
2400:adc2:100::/48 maxlen: 48
2400:adc2:300::/40 maxlen: 40
2400:adc2:400::/40 maxlen: 40
2400:adc2:600::/40 maxlen: 40
2400:adc2:700::/40 maxlen: 40
2400:adc2:900::/40 maxlen: 40
2400:adc2:a00::/40 maxlen: 40
2400:adc4::/40 maxlen: 40
2400:adc4:100::/40 maxlen: 40
2400:adc4:800::/40 maxlen: 40
2400:adc4:900::/40 maxlen: 40
2400:adc5::/42 maxlen: 42
2400:adc5:40::/42 maxlen: 42
2400:adc5:80::/42 maxlen: 42
2400:adc5:c0::/42 maxlen: 42
2400:adc5:100::/42 maxlen: 42
2400:adc5:140::/42 maxlen: 42
2400:adc5:180::/42 maxlen: 42
2400:adc5:1c0::/42 maxlen: 42
2400:adc5:300::/42 maxlen: 42
2400:adc5:340::/42 maxlen: 42
2400:adc5:380::/42 maxlen: 42
2400:adc5:3c0::/42 maxlen: 42
2400:adc5:400::/42 maxlen: 42
2400:adc5:440::/42 maxlen: 42
2400:adc5:480::/42 maxlen: 42
2400:adc5:4c0::/42 maxlen: 42
2400:adca::/40 maxlen: 40
2400:adca:100::/40 maxlen: 40
2400:addb:800::/40 maxlen: 40
2400:addb:900::/40 maxlen: 40
2400:addd:2000::/40 maxlen: 40
2400:addd:2100::/40 maxlen: 40
2400:addd:2800::/40 maxlen: 40
2400:addd:2900::/40 maxlen: 40
2400:adde::/40 maxlen: 40
2400:adde:100::/40 maxlen: 40
2400:addf:800::/40 maxlen: 40
2400:addf:900::/40 maxlen: 40
2400:addf:1000::/40 maxlen: 40
2400:addf:1100::/40 maxlen: 40
2400:addf:3900::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.crl
rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 13 Sep 2025 15:40:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10523 (0x291b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9150F66, serialNumber=9009E74196D48B03964F1FC56CFE446EC5048CF7
Validity
Not Before: Aug 30 12:45:31 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=68b2f26b-2075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:10:02:7a:2e:33:b7:37:d5:b6:e2:0a:5a:1b:
78:73:63:89:5b:b0:71:2c:88:4f:24:3a:88:0c:e8:
d0:82:af:73:32:ed:47:0d:bb:8d:cb:13:f2:0f:0b:
c2:1f:57:94:69:5c:1d:55:70:41:f8:8a:5a:e9:a7:
f2:a2:f9:1f:99:d6:c1:0c:ad:0b:db:8a:e0:13:90:
4c:a4:f6:e8:61:51:d1:25:23:c3:36:7d:76:83:44:
1e:75:ac:c4:ff:32:cf:2d:6e:ae:d3:85:38:ee:6f:
5c:26:b2:c0:86:e4:f9:59:9d:48:50:ad:de:9e:e9:
58:92:e5:42:75:0d:6a:d9:fa:28:fc:16:42:e5:64:
0e:d3:5c:56:2d:1a:f0:74:12:69:bc:f9:09:b3:d2:
4d:fd:95:19:48:bb:3f:b5:d1:c2:47:63:06:d8:a2:
a4:cd:63:11:f1:8b:a9:d1:6d:5f:0f:34:78:85:a5:
14:68:13:1e:19:65:77:10:d4:05:c7:24:74:0e:55:
28:0d:36:eb:08:5e:b2:41:7c:e6:8a:87:29:2c:54:
52:55:02:df:77:1e:bc:b9:3e:a1:87:c7:b3:9f:8b:
ba:f3:d6:5a:32:2d:61:02:d8:ee:98:6a:b2:52:96:
0b:32:59:c5:eb:82:49:ff:59:bb:cb:69:42:36:01:
63:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:73:98:41:17:A7:DF:29:4D:68:6D:78:8B:1E:FB:26:4D:00:D3:4B
X509v3 Authority Key Identifier:
keyid:90:09:E7:41:96:D4:8B:03:96:4F:1F:C5:6C:FE:44:6E:C5:04:8C:F7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.44.0/22
43.242.100.0/22
58.65.192.0/19
61.5.128.0/19
101.53.224.0/19
103.7.60.0/22
103.18.8.0/21
103.18.20.0/22
103.26.80.0/21
103.31.92.0/22
103.31.100.0-103.31.107.255
103.244.172.0-103.244.179.255
103.245.132.0/22
103.245.192.0/22
119.13.184.0/21
124.29.192.0/18
175.107.192.0/18
202.47.32.0/19
202.163.64.0/18
203.101.160.0/19
218.100.85.0/24
IPv6:
2001:4538::/32
2400:adc0:9::/64
2400:adc0:200::/47
2400:adc0:4005::-2400:adc0:4006:ffff:ffff:ffff:ffff:ffff
2400:adc0:4013::/48
2400:adc0:4104::/48
2400:adc0:4203::/48
2400:adc0:4302::/47
2400:adc0:4500::/48
2400:adc0:4611::/48
2400:adc0:4700::/48
2400:adc0:4710::/47
2400:adc0:c001::/48
2400:adc0:c003::/48
2400:adc0:c030::/48
2400:adc0:c102::/47
2400:adc0:c210::/47
2400:adc0:c310::/48
2400:adc0:c410::/48
2400:adc2:100::/48
2400:adc2:300::-2400:adc2:4ff:ffff:ffff:ffff:ffff:ffff
2400:adc2:600::/39
2400:adc2:900::-2400:adc2:aff:ffff:ffff:ffff:ffff:ffff
2400:adc4::/39
2400:adc4:800::/39
2400:adc5::/39
2400:adc5:300::-2400:adc5:4ff:ffff:ffff:ffff:ffff:ffff
2400:adca::/39
2400:addb:800::/39
2400:addd:2000::/39
2400:addd:2800::/39
2400:adde::/39
2400:addf:800::/39
2400:addf:1000::/39
2400:addf:3900::/40
Signature Algorithm: sha256WithRSAEncryption
50:58:04:30:49:55:61:37:87:b6:7e:e2:2d:8f:2b:1d:b2:2a:
7a:4a:fb:1a:0d:8b:92:06:29:2a:15:ae:74:02:74:10:b3:3c:
e0:30:9c:55:31:8a:77:0a:3e:b6:12:d3:ad:3b:27:8e:55:14:
bf:fa:d0:e9:50:10:f1:73:36:56:bb:6c:d8:9d:cb:22:15:d7:
c2:29:df:d5:83:7e:bb:e2:eb:3d:8f:c2:2e:c8:d6:a9:68:23:
79:33:76:d4:f8:a2:15:3f:0a:8f:b2:a1:18:cf:d9:02:51:d4:
9f:76:20:80:a5:a9:56:28:0b:d3:33:b8:a0:c5:25:85:75:44:
84:c2:78:db:27:b6:1c:e0:f9:8a:a8:88:72:0d:3b:33:c8:6b:
88:57:51:ac:26:42:af:7c:c1:ae:72:6b:f0:29:e5:7f:32:8c:
63:46:e0:2b:d9:10:c4:83:d7:18:cc:8c:f3:35:3d:1a:f7:cd:
95:79:61:13:c2:9a:cd:07:97:47:86:5c:9a:c8:aa:e7:14:08:
43:49:43:5b:b4:8d:f1:69:c3:89:7e:b2:b8:31:56:19:b1:5a:
4f:e1:cb:41:2f:26:eb:70:6e:15:d1:40:e0:12:7a:53:d6:0c:
50:44:2f:e0:f3:ad:91:8f:99:76:fd:29:51:51:0f:dc:ae:64:
ab:57:64:a1
-----BEGIN CERTIFICATE-----
MIIHYjCCBkqgAwIBAgICKRswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTBGNjYxMTAvBgNVBAUTKDkwMDlFNzQxOTZENDhCMDM5NjRGMUZDNTZDRkU0NDZF
QzUwNDhDRjcwHhcNMjUwODMwMTI0NTMxWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGIyZjI2Yi0yMDc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArxACei4ztzfVtuIKWht4c2OJW7BxLIhPJDqIDOjQgq9zMu1HDbuNyxPyDwvC
H1eUaVwdVXBB+Ipa6afyovkfmdbBDK0L24rgE5BMpPboYVHRJSPDNn12g0QedazE
/zLPLW6u04U47m9cJrLAhuT5WZ1IUK3enulYkuVCdQ1q2foo/BZC5WQO01xWLRrw
dBJpvPkJs9JN/ZUZSLs/tdHCR2MG2KKkzWMR8Yup0W1fDzR4haUUaBMeGWV3ENQF
xyR0DlUoDTbrCF6yQXzmiocpLFRSVQLfdx68uT6hh8ezn4u689ZaMi1hAtjumGqy
UpYLMlnF64JJ/1m7y2lCNgFjbQIDAQABo4IEhjCCBIIwHQYDVR0OBBYEFFtzmEEX
p98pTWhteIse+yZNANNLMB8GA1UdIwQYMBaAFJAJ50GW1IsDlk8fxWz+RG7FBIz3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MEY2Ni9CQzFEQzFGNkMx
NzUxMUU0QTJDN0I3NENDNEY5QUUwMi9rQW5uUVpiVWl3T1dUeF9GYlA1RWJzVUVq
UGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tBbm5RWmJVaXdPV1R4X0ZiUDVFYnNVRWpQYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTBGNjYvQkMxREMxRjZDMTc1MTFFNEEyQzdCNzRDQzRGOUFFMDIvQ0NGMEMxOTIw
RUJBMTFFQ0IyQzI4NjdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggIOBggrBgEFBQcBBwEB
/wSCAf0wggH5MIGVBAIAATCBjgMEAiT/LAMEAivyZAMEBTpBwAMEBT0FgAMEBWU1
4AMEAmcHPAMEA2cSCAMEAmcSFAMEA2caUAMEAmcfXDAMAwQCZx9kAwQCZx9oMAwD
BAJn9KwDBAJn9LADBAJn9YQDBAJn9cADBAN3DbgDBAZ8HcADBAava8ADBAXKLyAD
BAbKo0ADBAXLZaADBADaZFUwggFdBAIAAjCCAVUDBQAgAUU4AwkAJACtwAAJAAAD
BwEkAK3AAgAwEgMHACQArcBABQMHACQArcBABgMHACQArcBAEwMHACQArcBBBAMH
ACQArcBCAwMHASQArcBDAgMHACQArcBFAAMHACQArcBGEQMHACQArcBHAAMHASQA
rcBHEAMHACQArcDAAQMHACQArcDAAwMHACQArcDAMAMHASQArcDBAgMHASQArcDC
EAMHACQArcDDEAMHACQArcDEEAMHACQArcIBADAQAwYAJACtwgMDBgAkAK3CBAMG
ASQArcIGMBADBgAkAK3CCQMGACQArcIKAwYBJACtxAADBgEkAK3ECAMGASQArcUA
MBADBgAkAK3FAwMGACQArcUEAwYBJACtygADBgEkAK3bCAMGASQArd0gAwYBJACt
3SgDBgEkAK3eAAMGASQArd8IAwYBJACt3xADBgAkAK3fOTANBgkqhkiG9w0BAQsF
AAOCAQEAUFgEMElVYTeHtn7iLY8rHbIqekr7Gg2LkgYpKhWudAJ0ELM84DCcVTGK
dwo+thLTrTsnjlUUv/rQ6VAQ8XM2Vrts2J3LIhXXwinf1YN+u+LrPY/CLsjWqWgj
eTN21PiiFT8Kj7KhGM/ZAlHUn3YggKWpVigL0zO4oMUlhXVEhMJ42ye2HOD5iqiI
cg07M8hriFdRrCZCr3zBrnJr8CnlfzKMY0bgK9kQxIPXGMyM8zU9GvfNlXlhE8Ka
zQeXR4Zcmsiq5xQIQ0lDW7SN8WnDiX6yuDFWGbFaT+HLQS8m63BuFdFA4BJ6U9YM
UEQv4POtkY+Zdv0pUVEP3K5kq1dkoQ==
-----END CERTIFICATE-----
Generated at Sat Sep 6 22:58:16 2025 by rpki-client