Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/C27C0758916B11EF81BBB521C4F9AE02.roa
File: C27C0758916B11EF81BBB521C4F9AE02.roa (raw, json)
Hash identifier: RWvsH7qZ42ZeqEzau0UrStfJovVMk1NGxiirwWcue0E=
Subject key identifier: 42:99:1D:B7:26:35:8F:79:FA:7F:37:66:16:2B:EF:1A:BB:C0:E0:39
Certificate issuer: /CN=A91A7169/serialNumber=E50CB250BFAD0863E85C2902EA0219D53CC0812E
Certificate serial: 01AB
Authority key identifier: E5:0C:B2:50:BF:AD:08:63:E8:5C:29:02:EA:02:19:D5:3C:C0:81:2E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5QyyUL-tCGPoXCkC6gIZ1TzAgS4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/C27C0758916B11EF81BBB521C4F9AE02.roa
Signing time: Tue 21 Oct 2025 11:49:29 +0000
ROA not before: Tue 21 Oct 2025 11:49:29 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 53813
IP address blocks: 101.2.192.0/24 maxlen: 24
101.2.193.0/24 maxlen: 24
101.2.194.0/24 maxlen: 24
101.2.195.0/24 maxlen: 24
101.2.196.0/24 maxlen: 24
101.2.197.0/24 maxlen: 24
101.2.198.0/24 maxlen: 24
101.2.199.0/24 maxlen: 24
101.2.200.0/24 maxlen: 24
101.2.201.0/24 maxlen: 24
101.2.202.0/23 maxlen: 24
101.2.206.0/24 maxlen: 24
101.2.207.0/24 maxlen: 24
101.2.208.0/24 maxlen: 24
101.2.209.0/24 maxlen: 24
101.2.216.0/23 maxlen: 24
101.2.222.0/23 maxlen: 24
101.2.224.0/23 maxlen: 24
101.2.226.0/23 maxlen: 24
101.2.228.0/23 maxlen: 24
101.2.230.0/23 maxlen: 24
101.2.232.0/23 maxlen: 24
101.2.234.0/23 maxlen: 24
101.2.236.0/23 maxlen: 24
101.2.238.0/23 maxlen: 24
175.107.128.0/23 maxlen: 24
175.107.130.0/23 maxlen: 24
175.107.132.0/23 maxlen: 24
175.107.134.0/24 maxlen: 24
175.107.144.0/23 maxlen: 24
175.107.146.0/23 maxlen: 24
175.107.148.0/23 maxlen: 24
175.107.150.0/23 maxlen: 24
175.107.160.0/23 maxlen: 24
175.107.190.0/24 maxlen: 24
2400:7aa0:1200::/40 maxlen: 48
2400:7aa0:1300::/40 maxlen: 48
2400:7aa0:1400::/40 maxlen: 48
2400:7aa0:1500::/40 maxlen: 48
2400:7aa0:1600::/40 maxlen: 48
2400:7aa0:1700::/40 maxlen: 48
2400:7aa0:1800::/40 maxlen: 48
2400:7aa0:1900::/40 maxlen: 48
2400:7aa0:1a00::/40 maxlen: 48
2400:7aa0:1b00::/40 maxlen: 48
2400:7aa0:1c00::/40 maxlen: 48
2400:7aa0:1d00::/40 maxlen: 40
2400:7aa0:1e00::/40 maxlen: 48
2400:7aa0:1f00::/40 maxlen: 48
2400:7aa0:2200::/40 maxlen: 48
2400:7aa0:2300::/40 maxlen: 48
2400:7aa0:2400::/40 maxlen: 48
2400:7aa0:2500::/40 maxlen: 48
2400:7aa0:2600::/40 maxlen: 48
2400:7aa0:2800::/40 maxlen: 48
2400:7aa0:2900::/40 maxlen: 48
2400:7aa0:2c00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/5QyyUL-tCGPoXCkC6gIZ1TzAgS4.crl
rsync://rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/5QyyUL-tCGPoXCkC6gIZ1TzAgS4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5QyyUL-tCGPoXCkC6gIZ1TzAgS4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 28 Oct 2025 11:57:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 427 (0x1ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A7169, serialNumber=E50CB250BFAD0863E85C2902EA0219D53CC0812E
Validity
Not Before: Oct 21 11:49:29 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=68f77349-c98a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:ca:1d:8e:42:d1:a0:d5:26:32:11:c7:9f:61:
99:8c:e0:40:ba:90:9a:2c:94:15:ff:c0:1e:c2:09:
5e:95:c4:b6:72:c9:ce:8f:68:81:7b:cf:ec:57:b8:
58:66:49:76:f8:ef:3c:50:a8:ec:de:a5:bd:dd:23:
d7:58:8b:b9:3f:dc:16:8a:be:cb:03:81:8e:5a:72:
b9:9c:75:b1:92:3b:7a:b7:33:32:29:c7:db:03:d2:
9c:b1:1a:75:41:f9:82:47:5a:11:2e:84:d1:22:c7:
c0:cf:a6:49:cb:7d:b8:2f:51:32:3b:b6:7a:c8:70:
da:39:14:84:34:a5:51:1d:78:9a:ca:a5:5b:8c:4a:
04:e7:05:57:b2:bb:05:a2:f8:60:76:cc:f9:f5:62:
1a:b4:6b:68:cf:65:2e:bb:d1:7d:1d:a4:5f:92:99:
04:97:35:2f:a1:3b:06:1b:ac:bb:73:fd:8c:a1:0e:
b5:17:99:ab:27:8a:79:f8:81:cf:e2:9d:90:41:73:
9a:e1:62:00:22:0f:ee:ec:70:00:a2:05:5a:47:2c:
3b:6d:55:74:e6:3a:75:bc:9a:a1:73:6d:99:5c:c9:
88:33:a0:87:58:e6:37:f0:1d:7f:73:6e:6b:22:e3:
77:89:35:c4:4d:fa:3c:01:89:40:81:29:65:db:35:
e1:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:99:1D:B7:26:35:8F:79:FA:7F:37:66:16:2B:EF:1A:BB:C0:E0:39
X509v3 Authority Key Identifier:
keyid:E5:0C:B2:50:BF:AD:08:63:E8:5C:29:02:EA:02:19:D5:3C:C0:81:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/5QyyUL-tCGPoXCkC6gIZ1TzAgS4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5QyyUL-tCGPoXCkC6gIZ1TzAgS4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/C27C0758916B11EF81BBB521C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.2.192.0-101.2.203.255
101.2.206.0-101.2.209.255
101.2.216.0/23
101.2.222.0-101.2.239.255
175.107.128.0-175.107.134.255
175.107.144.0/21
175.107.160.0/23
175.107.190.0/24
IPv6:
2400:7aa0:1200::-2400:7aa0:1fff:ffff:ffff:ffff:ffff:ffff
2400:7aa0:2200::-2400:7aa0:26ff:ffff:ffff:ffff:ffff:ffff
2400:7aa0:2800::/39
2400:7aa0:2c00::/40
Signature Algorithm: sha256WithRSAEncryption
c5:9d:0a:df:8c:16:e2:7f:2b:6f:b4:91:a8:2f:9b:d9:4e:36:
cf:d8:06:3d:f2:93:8e:08:26:be:fb:50:26:9f:ba:5a:2e:4e:
0a:2c:3e:cc:be:63:c5:65:1f:6a:33:44:01:cb:e4:3e:7e:30:
8e:d1:e1:5e:67:81:2c:ef:ba:29:dc:17:41:48:d1:d9:1f:55:
ca:cc:d5:bd:27:11:1a:74:95:3e:13:4a:73:9e:de:44:42:d5:
b4:01:67:d6:07:fb:f7:07:32:38:2e:3f:96:9c:23:98:28:12:
ea:81:53:dc:46:f5:cf:a4:38:a3:26:30:8a:9d:07:93:74:27:
88:ce:ed:6f:5d:d3:e7:bf:2b:97:b7:34:e8:6e:fd:a0:f3:a0:
7c:5f:3e:22:71:14:65:1b:91:98:6d:42:54:f8:bc:3a:11:0c:
5d:32:a0:a5:2e:10:1d:5b:14:42:ec:19:df:5a:ba:88:22:47:
13:37:17:f2:d6:40:aa:d2:63:cb:53:99:29:b8:ce:b3:f5:18:
22:3b:31:ea:08:1a:1b:40:b4:cf:ce:06:95:82:5a:d2:b9:ab:
3a:f7:68:9d:64:ff:89:0b:0f:97:cd:a3:e8:e5:96:f0:81:21:
b7:47:ad:b7:77:39:5f:ee:48:19:66:8a:64:b5:3d:6b:8d:67:
c8:c8:92:4d
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgICAaswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTcxNjkxMTAvBgNVBAUTKEU1MENCMjUwQkZBRDA4NjNFODVDMjkwMkVBMDIxOUQ1
M0NDMDgxMkUwHhcNMjUxMDIxMTE0OTI5WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGY3NzM0OS1jOThhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6codjkLRoNUmMhHHn2GZjOBAupCaLJQV/8AewglelcS2csnOj2iBe8/sV7hY
Zkl2+O88UKjs3qW93SPXWIu5P9wWir7LA4GOWnK5nHWxkjt6tzMyKcfbA9KcsRp1
QfmCR1oRLoTRIsfAz6ZJy324L1EyO7Z6yHDaORSENKVRHXiayqVbjEoE5wVXsrsF
ovhgdsz59WIatGtoz2Uuu9F9HaRfkpkElzUvoTsGG6y7c/2MoQ61F5mrJ4p5+IHP
4p2QQXOa4WIAIg/u7HAAogVaRyw7bVV05jp1vJqhc22ZXMmIM6CHWOY38B1/c25r
IuN3iTXETfo8AYlAgSll2zXhcwIDAQABo4IDHjCCAxowHQYDVR0OBBYEFEKZHbcm
NY95+n83ZhYr7xq7wOA5MB8GA1UdIwQYMBaAFOUMslC/rQhj6FwpAuoCGdU8wIEu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNzE2OS82QjdGOTkzQ0VC
QUUxMUVFOEEwRUQ5NjRDNEY5QUUwMi81UXl5VUwtdENHUG9YQ2tDNmdJWjFUekFn
UzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVReXlVTC10Q0dQb1hDa0M2Z0laMVR6QWdTNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTcxNjkvNkI3Rjk5M0NFQkFFMTFFRThBMEVEOTY0QzRGOUFFMDIvQzI3QzA3NTg5
MTZCMTFFRjgxQkJCNTIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgacGCCsGAQUFBwEHAQH/
BIGXMIGUMFYEAgABMFAwDAMEBmUCwAMEAmUCyDAMAwQBZQLOAwQBZQLQAwQBZQLY
MAwDBAFlAt4DBARlAuAwDAMEB69rgAMEAK9rhgMEA69rkAMEAa9roAMEAK9rvjA6
BAIAAjA0MBADBgEkAHqgEgMGBSQAeqAAMBADBgEkAHqgIgMGACQAeqAmAwYBJAB6
oCgDBgAkAHqgLDANBgkqhkiG9w0BAQsFAAOCAQEAxZ0K34wW4n8rb7SRqC+b2U42
z9gGPfKTjggmvvtQJp+6Wi5OCiw+zL5jxWUfajNEAcvkPn4wjtHhXmeBLO+6KdwX
QUjR2R9VyszVvScRGnSVPhNKc57eRELVtAFn1gf79wcyOC4/lpwjmCgS6oFT3Eb1
z6Q4oyYwip0Hk3QniM7tb13T578rl7c06G79oPOgfF8+InEUZRuRmG1CVPi8OhEM
XTKgpS4QHVsUQuwZ31q6iCJHEzcX8tZAqtJjy1OZKbjOs/UYIjsx6ggaG0C0z84G
lYJa0rmrOvdonWT/iQsPl82j6OWW8IEht0ett3c5X+5IGWaKZLU9a41nyMiSTQ==
-----END CERTIFICATE-----
Generated at Thu Oct 23 02:08:20 2025 by rpki-client