Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/CD959F88062711F0B26BB948C4F9AE02.roa
File: CD959F88062711F0B26BB948C4F9AE02.roa (raw, json)
Hash identifier: 4c1fK99nHwPjpupAnOlB287z+rtDp0E+KVQBZJQxyaE=
Subject key identifier: D6:97:A8:54:F6:C1:F2:B9:3E:9F:C9:65:2A:08:F4:14:66:B4:7D:5B
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4D8F
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/CD959F88062711F0B26BB948C4F9AE02.roa
Signing time: Thu 28 Aug 2025 14:55:24 +0000
ROA not before: Thu 28 Aug 2025 14:55:24 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 150862
IP address blocks: 36.50.24.0/23 maxlen: 23
36.50.134.0/23 maxlen: 23
103.240.6.0/23 maxlen: 23
203.145.46.0/23 maxlen: 23
2001:df3:e6c0::/48 maxlen: 48
2001:df4:1c40::/48 maxlen: 48
2001:df4:2dc0::/48 maxlen: 48
2001:df4:3640::/48 maxlen: 48
2001:df4:36c0::/48 maxlen: 48
2001:df4:50c0::/48 maxlen: 48
2001:df4:63c0::/48 maxlen: 48
2001:df4:6440::/48 maxlen: 48
2001:df4:6840::/48 maxlen: 48
2001:df4:73c0::/48 maxlen: 48
2001:df4:8640::/48 maxlen: 48
2001:df4:8cc0::/48 maxlen: 48
2401:4120::/48 maxlen: 48
2401:5120::/48 maxlen: 48
2401:5b20::/48 maxlen: 48
2401:7160::/48 maxlen: 48
2401:71a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 14 Sep 2025 16:20:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19855 (0x4d8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Aug 28 14:55:24 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=68b06ddc-32b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b3:8e:2a:f3:17:37:8a:c7:be:94:1e:9d:df:
0f:5f:ff:75:eb:53:4f:11:4d:1f:02:69:2d:49:f4:
f9:e5:82:83:f8:1c:c9:b8:08:e6:fc:30:fa:db:8c:
50:13:a3:15:11:97:35:14:b5:71:ad:6d:e0:a4:3d:
22:3d:f2:39:a1:b5:62:d3:72:96:f9:1c:f4:12:bb:
e1:f4:c3:78:5a:2f:81:67:b3:e9:5b:89:f0:a6:49:
8b:84:ae:1c:d9:21:d2:4c:64:cb:a1:6a:40:0c:6c:
93:8d:9b:6a:1c:7a:03:9a:88:c7:ab:3b:a2:0e:51:
4d:f7:4f:52:b2:5c:d0:d7:fd:d7:53:78:0c:14:8a:
24:f3:b6:f7:bd:0e:84:6d:6c:7c:af:2b:f3:ef:ed:
33:a5:99:45:ab:40:0f:fd:65:5c:c0:35:7b:11:31:
49:99:6e:91:3a:19:ca:e1:e6:11:38:cb:7d:d3:81:
51:35:0c:d5:15:62:4e:43:6d:7f:c0:5d:27:7c:e2:
f1:e4:b7:ce:fa:51:8d:a6:89:14:32:0b:3b:eb:d4:
30:34:2d:0d:d4:29:cf:c5:0c:98:b8:01:e0:61:54:
e8:77:28:46:8c:3a:dc:34:76:3d:1b:25:88:0f:fc:
09:f7:22:02:42:82:ce:6f:ac:65:bf:76:e3:77:dd:
67:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:97:A8:54:F6:C1:F2:B9:3E:9F:C9:65:2A:08:F4:14:66:B4:7D:5B
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/CD959F88062711F0B26BB948C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.24.0/23
36.50.134.0/23
103.240.6.0/23
203.145.46.0/23
IPv6:
2001:df3:e6c0::/48
2001:df4:1c40::/48
2001:df4:2dc0::/48
2001:df4:3640::/48
2001:df4:36c0::/48
2001:df4:50c0::/48
2001:df4:63c0::/48
2001:df4:6440::/48
2001:df4:6840::/48
2001:df4:73c0::/48
2001:df4:8640::/48
2001:df4:8cc0::/48
2401:4120::/48
2401:5120::/48
2401:5b20::/48
2401:7160::/48
2401:71a0::/48
Signature Algorithm: sha256WithRSAEncryption
ae:46:49:17:a2:5d:d5:eb:95:df:61:93:77:d8:97:55:f4:0d:
54:56:d9:a1:9b:65:04:bc:75:a0:13:67:d3:ba:e1:5f:99:12:
a9:90:36:6a:a8:af:86:bf:3c:57:5f:cb:4a:1b:fb:2f:2d:81:
33:6a:c4:5b:3f:f0:df:d4:25:11:31:ca:63:d1:cc:e0:00:26:
64:fc:86:a9:69:d7:9b:1d:61:71:e8:fc:7b:b8:a9:0a:bf:cd:
0e:90:a9:5a:7a:09:36:33:2f:38:3d:be:91:ac:63:4c:eb:1f:
f4:01:f1:f8:ad:a7:d1:6c:ef:4b:3e:be:c9:07:40:3b:7c:45:
cb:80:a3:75:1a:4f:c5:b8:f5:56:ef:fb:e2:64:fc:87:d8:24:
ec:9a:42:1f:3a:4f:0b:3b:1a:56:62:3a:75:22:79:07:25:ba:
66:46:d6:09:16:55:68:b7:4b:e4:25:d1:2e:e5:f2:70:c4:46:
ac:d7:36:04:5b:88:97:dd:c9:33:d5:e4:0b:93:66:4e:4b:de:
ba:14:9c:ae:cc:91:a1:c6:bb:f7:0d:58:23:f9:92:6f:a4:67:
6b:32:a8:c3:13:e8:1c:b2:27:43:a1:92:85:ee:31:ff:b9:2b:
52:27:97:67:52:12:9c:3a:ec:b8:aa:12:24:f9:89:c6:4b:8c:
60:93:36:50
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgICTY8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjUwODI4MTQ1NTI0WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGIwNmRkYy0zMmI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp7OOKvMXN4rHvpQend8PX/9161NPEU0fAmktSfT55YKD+BzJuAjm/DD624xQ
E6MVEZc1FLVxrW3gpD0iPfI5obVi03KW+Rz0Ervh9MN4Wi+BZ7PpW4nwpkmLhK4c
2SHSTGTLoWpADGyTjZtqHHoDmojHqzuiDlFN909SslzQ1/3XU3gMFIok87b3vQ6E
bWx8ryvz7+0zpZlFq0AP/WVcwDV7ETFJmW6ROhnK4eYROMt904FRNQzVFWJOQ21/
wF0nfOLx5LfO+lGNpokUMgs769QwNC0N1CnPxQyYuAHgYVTodyhGjDrcNHY9GyWI
D/wJ9yICQoLOb6xlv3bjd91nwQIDAQABo4IDTTCCA0kwHQYDVR0OBBYEFNaXqFT2
wfK5Pp/JZSoI9BRmtH1bMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvQ0Q5NTlGODgw
NjI3MTFGMEIyNkJCOTQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgdYGCCsGAQUFBwEHAQH/
BIHGMIHDMB4EAgABMBgDBAEkMhgDBAEkMoYDBAFn8AYDBAHLkS4wgaAEAgACMIGZ
AwcAIAEN8+bAAwcAIAEN9BxAAwcAIAEN9C3AAwcAIAEN9DZAAwcAIAEN9DbAAwcA
IAEN9FDAAwcAIAEN9GPAAwcAIAEN9GRAAwcAIAEN9GhAAwcAIAEN9HPAAwcAIAEN
9IZAAwcAIAEN9IzAAwcAJAFBIAAAAwcAJAFRIAAAAwcAJAFbIAAAAwcAJAFxYAAA
AwcAJAFxoAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCuRkkXol3V65XfYZN32JdV9A1U
Vtmhm2UEvHWgE2fTuuFfmRKpkDZqqK+GvzxXX8tKG/svLYEzasRbP/Df1CURMcpj
0czgACZk/IapadebHWFx6Px7uKkKv80OkKlaegk2My84Pb6RrGNM6x/0AfH4rafR
bO9LPr7JB0A7fEXLgKN1Gk/FuPVW7/viZPyH2CTsmkIfOk8LOxpWYjp1InkHJbpm
RtYJFlVot0vkJdEu5fJwxEas1zYEW4iX3ckz1eQLk2ZOS966FJyuzJGhxrv3DVgj
+ZJvpGdrMqjDE+gcsidDoZKF7jH/uStSJ5dnUhKcOuy4qhIk+YnGS4xgkzZQ
-----END CERTIFICATE-----
Generated at Mon Sep 8 05:39:27 2025 by rpki-client