Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/A0121BD4871711EA924C6626C4F9AE02.roa
File: A0121BD4871711EA924C6626C4F9AE02.roa (raw, json)
Hash identifier: TsmW3wUGCspNY1UcKJcNnUuuDH7qDphY3UYVmmAdbDA=
Subject key identifier: 0E:65:42:65:48:C4:34:82:18:B3:4A:15:22:BE:AC:39:E9:E5:51:46
Certificate issuer: /CN=A917225D/serialNumber=FFE2A03729F32D32227A99C925158C82CA54B957
Certificate serial: 34E2
Authority key identifier: FF:E2:A0:37:29:F3:2D:32:22:7A:99:C9:25:15:8C:82:CA:54:B9:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_-KgNynzLTIiepnJJRWMgspUuVc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/A0121BD4871711EA924C6626C4F9AE02.roa
Signing time: Tue 02 Sep 2025 14:30:20 +0000
ROA not before: Tue 02 Sep 2025 14:30:20 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 23673
IP address blocks: 43.230.192.0/22 maxlen: 22
43.230.192.0/24 maxlen: 24
43.230.193.0/24 maxlen: 24
43.230.194.0/24 maxlen: 24
43.230.195.0/24 maxlen: 24
103.197.240.0/22 maxlen: 24
103.206.68.0/22 maxlen: 24
103.239.52.0/22 maxlen: 22
103.239.52.0/24 maxlen: 24
103.239.53.0/24 maxlen: 24
103.239.54.0/24 maxlen: 24
103.239.55.0/24 maxlen: 24
110.235.240.0/20 maxlen: 20
110.235.240.0/24 maxlen: 24
110.235.241.0/24 maxlen: 24
110.235.242.0/24 maxlen: 24
110.235.243.0/24 maxlen: 24
110.235.244.0/24 maxlen: 24
110.235.245.0/24 maxlen: 24
110.235.246.0/24 maxlen: 24
110.235.247.0/24 maxlen: 24
110.235.248.0/24 maxlen: 24
110.235.249.0/24 maxlen: 24
110.235.250.0/24 maxlen: 24
110.235.251.0/24 maxlen: 24
110.235.252.0/24 maxlen: 24
110.235.253.0/24 maxlen: 24
110.235.254.0/24 maxlen: 24
110.235.255.0/24 maxlen: 24
124.248.160.0/19 maxlen: 19
124.248.160.0/24 maxlen: 24
124.248.161.0/24 maxlen: 24
124.248.162.0/24 maxlen: 24
124.248.163.0/24 maxlen: 24
124.248.164.0/24 maxlen: 24
124.248.165.0/24 maxlen: 24
124.248.166.0/24 maxlen: 24
124.248.167.0/24 maxlen: 24
124.248.168.0/24 maxlen: 24
124.248.169.0/24 maxlen: 24
124.248.170.0/24 maxlen: 24
124.248.171.0/24 maxlen: 24
124.248.172.0/24 maxlen: 24
124.248.173.0/24 maxlen: 24
124.248.174.0/24 maxlen: 24
124.248.175.0/24 maxlen: 24
124.248.176.0/24 maxlen: 24
124.248.177.0/24 maxlen: 24
124.248.178.0/24 maxlen: 24
124.248.179.0/24 maxlen: 24
124.248.180.0/24 maxlen: 24
124.248.181.0/24 maxlen: 24
124.248.182.0/24 maxlen: 24
124.248.183.0/24 maxlen: 24
124.248.184.0/24 maxlen: 24
124.248.185.0/24 maxlen: 24
124.248.186.0/24 maxlen: 24
124.248.187.0/24 maxlen: 24
124.248.188.0/24 maxlen: 24
124.248.189.0/24 maxlen: 24
124.248.190.0/24 maxlen: 24
124.248.191.0/24 maxlen: 24
202.62.32.0/19 maxlen: 19
202.62.32.0/24 maxlen: 24
202.62.33.0/24 maxlen: 24
202.62.34.0/24 maxlen: 24
202.62.35.0/24 maxlen: 24
202.62.36.0/24 maxlen: 24
202.62.37.0/24 maxlen: 24
202.62.38.0/24 maxlen: 24
202.62.39.0/24 maxlen: 24
202.62.40.0/24 maxlen: 24
202.62.41.0/24 maxlen: 24
202.62.42.0/24 maxlen: 24
202.62.43.0/24 maxlen: 24
202.62.44.0/24 maxlen: 24
202.62.45.0/24 maxlen: 24
202.62.46.0/24 maxlen: 24
202.62.47.0/24 maxlen: 24
202.62.48.0/24 maxlen: 24
202.62.49.0/24 maxlen: 24
202.62.50.0/24 maxlen: 24
202.62.51.0/24 maxlen: 24
202.62.52.0/24 maxlen: 24
202.62.53.0/24 maxlen: 24
202.62.54.0/24 maxlen: 24
202.62.55.0/24 maxlen: 24
202.62.56.0/24 maxlen: 24
202.62.57.0/24 maxlen: 24
202.62.58.0/24 maxlen: 24
202.62.59.0/24 maxlen: 24
202.62.60.0/24 maxlen: 24
202.62.61.0/24 maxlen: 24
202.62.62.0/24 maxlen: 24
202.62.63.0/24 maxlen: 24
203.189.128.0/19 maxlen: 19
203.189.128.0/24 maxlen: 24
203.189.129.0/24 maxlen: 24
203.189.130.0/24 maxlen: 24
203.189.131.0/24 maxlen: 24
203.189.132.0/22 maxlen: 24
203.189.136.0/23 maxlen: 24
203.189.138.0/23 maxlen: 24
203.189.140.0/23 maxlen: 24
203.189.142.0/23 maxlen: 24
203.189.144.0/22 maxlen: 24
203.189.148.0/22 maxlen: 24
203.189.152.0/23 maxlen: 24
203.189.154.0/23 maxlen: 24
203.189.156.0/23 maxlen: 24
203.189.158.0/23 maxlen: 24
2402:c100::/32 maxlen: 32
2402:c100::/48 maxlen: 48
2402:c100:c00::/48 maxlen: 48
2402:c100:c01::/48 maxlen: 48
2402:c100:c02::/48 maxlen: 48
2402:c100:c000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.crl
rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_-KgNynzLTIiepnJJRWMgspUuVc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 25 Sep 2025 14:23:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13538 (0x34e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917225D, serialNumber=FFE2A03729F32D32227A99C925158C82CA54B957
Validity
Not Before: Sep 2 14:30:20 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=68b6ff7c-70b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6b:5c:27:9c:08:71:23:7f:c6:91:82:5f:4a:
a3:92:e8:80:26:c7:12:ab:b8:53:8d:d7:f9:86:f7:
7c:54:43:e0:2a:41:d3:3b:d6:c7:a2:1d:8d:b4:ac:
47:f8:8c:d2:22:e4:0e:ab:40:38:25:9d:05:7c:43:
7c:59:e1:84:9f:b9:ff:40:21:13:cb:7b:44:ea:3a:
83:9f:99:fd:a1:22:d8:8d:d7:e5:77:b1:08:a1:fd:
e3:c3:df:18:c2:09:14:c2:34:e4:d1:ca:f6:38:81:
ba:9c:f0:5a:62:9d:b2:bc:b4:91:4a:72:82:7e:10:
55:fd:ad:62:05:31:65:bb:fc:36:6b:42:86:87:d7:
2e:8d:7f:55:5a:0c:b7:ef:c4:2d:d4:54:f6:30:49:
0d:34:e0:1a:a9:1d:55:53:47:f3:b3:00:c2:81:21:
81:3f:45:68:37:d9:ad:57:29:1d:bb:27:d9:a0:bd:
c5:56:5b:88:66:6a:6d:0a:d2:2f:f2:86:74:68:56:
df:d6:4f:c0:33:b4:5c:ce:3c:42:64:cc:1a:17:1e:
96:0b:53:16:88:48:98:a2:f1:16:b1:d6:35:11:98:
c4:45:98:00:9e:4a:31:cb:90:38:54:7d:81:7c:4b:
dc:b4:d1:76:7e:2c:f0:fa:b3:56:20:f6:41:f4:0c:
36:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:65:42:65:48:C4:34:82:18:B3:4A:15:22:BE:AC:39:E9:E5:51:46
X509v3 Authority Key Identifier:
keyid:FF:E2:A0:37:29:F3:2D:32:22:7A:99:C9:25:15:8C:82:CA:54:B9:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_-KgNynzLTIiepnJJRWMgspUuVc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/A0121BD4871711EA924C6626C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.192.0/22
103.197.240.0/22
103.206.68.0/22
103.239.52.0/22
110.235.240.0/20
124.248.160.0/19
202.62.32.0/19
203.189.128.0/19
IPv6:
2402:c100::/32
Signature Algorithm: sha256WithRSAEncryption
c7:19:60:31:36:a6:e9:56:02:fb:be:d2:f1:0a:ba:e5:f4:88:
60:a6:4b:1e:57:ee:fe:79:eb:d7:e5:44:c8:e4:18:d7:89:60:
f8:38:3b:cd:7c:51:1a:6f:a6:cb:cf:de:f1:18:5e:2c:ce:b0:
6b:ba:3a:fc:e0:0b:6d:a8:03:b0:33:93:88:d2:c1:f1:63:8d:
df:a6:8a:8f:c9:c5:1a:8c:f7:65:1d:53:da:00:b1:4d:34:92:
2f:20:a6:c6:8a:8e:c9:8f:a8:2f:cb:a9:4e:57:58:de:b6:c5:
90:89:a1:93:fd:39:4e:d2:e5:dc:53:0c:e1:3f:54:40:ab:4f:
f0:90:a2:4d:5b:58:0d:7c:22:d6:2b:11:03:81:16:15:dc:c5:
50:6e:39:ff:86:9e:96:39:a3:6c:97:dc:e2:e8:7f:29:89:ad:
f1:72:c8:79:23:24:79:25:88:a5:c7:93:d0:89:07:a1:d6:7c:
c7:c3:2f:f9:9d:e4:ac:e6:75:2e:75:19:aa:36:01:c3:72:b5:
cd:b3:d4:b7:75:97:05:40:be:49:0e:62:b1:a1:bf:20:fc:04:
62:fd:ec:ae:28:bf:78:7d:2b:c4:22:c8:90:f8:ef:0b:81:9c:
5b:52:0b:9a:78:ae:6a:e8:7c:ff:55:02:94:fd:05:f7:bf:70:
8d:2a:f0:61
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgICNOIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzIyNUQxMTAvBgNVBAUTKEZGRTJBMDM3MjlGMzJEMzIyMjdBOTlDOTI1MTU4Qzgy
Q0E1NEI5NTcwHhcNMjUwOTAyMTQzMDIwWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGI2ZmY3Yy03MGIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyWtcJ5wIcSN/xpGCX0qjkuiAJscSq7hTjdf5hvd8VEPgKkHTO9bHoh2NtKxH
+IzSIuQOq0A4JZ0FfEN8WeGEn7n/QCETy3tE6jqDn5n9oSLYjdfld7EIof3jw98Y
wgkUwjTk0cr2OIG6nPBaYp2yvLSRSnKCfhBV/a1iBTFlu/w2a0KGh9cujX9VWgy3
78Qt1FT2MEkNNOAaqR1VU0fzswDCgSGBP0VoN9mtVykduyfZoL3FVluIZmptCtIv
8oZ0aFbf1k/AM7RczjxCZMwaFx6WC1MWiEiYovEWsdY1EZjERZgAnkoxy5A4VH2B
fEvctNF2fizw+rNWIPZB9Aw2DwIDAQABo4ICzjCCAsowHQYDVR0OBBYEFA5lQmVI
xDSCGLNKFSK+rDnp5VFGMB8GA1UdIwQYMBaAFP/ioDcp8y0yInqZySUVjILKVLlX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MjI1RC8xRjU1MDgzMDFE
ODQxMUUyOTE3QkQwRDkwOEIwMkNEMi9fLUtnTnluekxUSWllcG5KSlJXTWdzcFV1
VmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL18tS2dOeW56TFRJaWVwbkpKUldNZ3NwVXVWYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzIyNUQvMUY1NTA4MzAxRDg0MTFFMjkxN0JEMEQ5MDhCMDJDRDIvQTAxMjFCRDQ4
NzE3MTFFQTkyNEM2NjI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWAYIKwYBBQUHAQcBAf8E
STBHMDYEAgABMDADBAIr5sADBAJnxfADBAJnzkQDBAJn7zQDBARu6/ADBAV8+KAD
BAXKPiADBAXLvYAwDQQCAAIwBwMFACQCwQAwDQYJKoZIhvcNAQELBQADggEBAMcZ
YDE2pulWAvu+0vEKuuX0iGCmSx5X7v5569flRMjkGNeJYPg4O818URpvpsvP3vEY
XizOsGu6OvzgC22oA7Azk4jSwfFjjd+mio/JxRqM92UdU9oAsU00ki8gpsaKjsmP
qC/LqU5XWN62xZCJoZP9OU7S5dxTDOE/VECrT/CQok1bWA18ItYrEQOBFhXcxVBu
Of+GnpY5o2yX3OLofymJrfFyyHkjJHkliKXHk9CJB6HWfMfDL/md5KzmdS51Gao2
AcNytc2z1Ld1lwVAvkkOYrGhvyD8BGL97K4ov3h9K8QiyJD47wuBnFtSC5p4rmro
fP9VApT9Bfe/cI0q8GE=
-----END CERTIFICATE-----
Generated at Fri Sep 19 08:51:30 2025 by rpki-client