Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8F6D3D583AEA11EC84E6634EC4F9AE02.roa
File: 8F6D3D583AEA11EC84E6634EC4F9AE02.roa (raw, json)
Hash identifier: B9TNU/jgE/B9qF/pLkXeXHo28NX5WSHP3+HqoCXSOUM=
Subject key identifier: AE:71:CE:46:F6:F3:EE:66:16:86:60:08:F8:FE:B2:B9:1E:40:C6:E2
Certificate issuer: /CN=A91B885C/serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF
Certificate serial: 0D6B
Authority key identifier: 53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8F6D3D583AEA11EC84E6634EC4F9AE02.roa
Signing time: Wed 20 Aug 2025 18:00:21 +0000
ROA not before: Wed 20 Aug 2025 18:00:21 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 63916
IP address blocks: 27.122.56.0/24 maxlen: 24
27.122.57.0/24 maxlen: 24
27.122.58.0/24 maxlen: 24
27.122.59.0/24 maxlen: 24
43.239.156.0/22 maxlen: 22
43.239.156.0/23 maxlen: 23
43.239.156.0/24 maxlen: 24
43.239.157.0/24 maxlen: 24
43.239.158.0/23 maxlen: 23
43.239.158.0/24 maxlen: 24
43.239.159.0/24 maxlen: 24
43.245.196.0/23 maxlen: 23
43.245.196.0/24 maxlen: 24
43.245.197.0/24 maxlen: 24
43.245.198.0/24 maxlen: 24
43.245.199.0/24 maxlen: 24
43.251.157.0/24 maxlen: 24
43.251.158.0/24 maxlen: 24
43.251.159.0/24 maxlen: 24
103.1.152.0/24 maxlen: 24
103.1.153.0/24 maxlen: 24
103.1.154.0/24 maxlen: 24
103.1.155.0/24 maxlen: 24
103.10.196.0/24 maxlen: 24
103.10.198.0/24 maxlen: 24
103.35.72.0/22 maxlen: 22
103.35.72.0/24 maxlen: 24
103.35.73.0/24 maxlen: 24
103.35.74.0/24 maxlen: 24
103.35.75.0/24 maxlen: 24
103.68.223.0/24 maxlen: 24
103.71.254.0/24 maxlen: 24
103.72.4.0/23 maxlen: 24
182.161.32.0/22 maxlen: 22
182.161.32.0/24 maxlen: 24
182.161.33.0/24 maxlen: 24
182.161.34.0/24 maxlen: 24
182.161.35.0/24 maxlen: 24
202.144.192.0/22 maxlen: 22
202.144.192.0/24 maxlen: 24
202.144.193.0/24 maxlen: 24
202.144.194.0/24 maxlen: 24
202.144.195.0/24 maxlen: 24
2402:c480::/32 maxlen: 32
2402:c480:3000::/48 maxlen: 48
2402:c480:3001::/48 maxlen: 48
2402:c480:3002::/48 maxlen: 48
2402:c480:3003::/48 maxlen: 48
2402:c480:3004::/48 maxlen: 48
2402:c480:5000::/48 maxlen: 48
2402:c480:6000::/48 maxlen: 48
2402:c480:6001::/48 maxlen: 48
2402:c480:6002::/48 maxlen: 48
2402:c480:7000::/48 maxlen: 48
2402:c480:7001::/48 maxlen: 48
2402:c480:8000::/48 maxlen: 48
2402:c480:8001::/48 maxlen: 48
2402:c480:8003::/48 maxlen: 48
2402:c480:8208::/48 maxlen: 48
2402:c480:8412::/48 maxlen: 48
2402:c480:9000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl
rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 18:13:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3435 (0xd6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B885C, serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF
Validity
Not Before: Aug 20 18:00:21 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=68a60d35-0e1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:e9:05:d7:a7:90:48:8b:7d:6d:60:0a:06:51:
a1:c1:bd:ca:15:e1:a4:3c:52:b2:8f:a7:72:77:55:
e4:f2:b9:26:87:47:3d:a8:e1:17:74:d4:ad:63:1f:
69:48:9d:ce:28:66:dc:c8:dc:d7:80:79:db:0d:32:
5b:61:21:b6:da:7c:81:37:79:46:11:a4:6e:85:2b:
64:b6:d6:92:40:cf:5a:d5:70:a0:5e:7d:d7:de:27:
7b:71:1a:e3:86:32:f7:b1:5e:9e:e7:d4:60:be:0f:
bd:d9:c5:90:ef:b2:f4:b0:23:56:f6:be:a6:81:80:
01:30:47:ff:06:39:e7:fe:9b:91:6f:88:5c:f6:36:
38:10:38:67:4e:48:b2:9e:69:50:d7:ff:f2:a4:a9:
e4:89:e0:71:bd:1c:3b:bd:81:0e:52:fe:63:03:2e:
04:e1:33:9c:62:f8:d0:ec:ca:93:ba:6d:6e:ba:9c:
a6:e1:40:38:f2:f6:49:c0:c5:62:df:26:c5:e3:fb:
3f:02:cb:66:66:bb:60:d5:7c:00:57:95:43:9d:3e:
ad:10:f1:fa:37:f5:4f:be:39:45:eb:66:f7:46:a4:
e6:d5:5a:14:5b:ce:fe:79:d2:fc:fd:d3:62:a3:50:
fc:f7:44:c5:05:71:ea:8c:0f:cb:ab:4a:9a:d6:04:
e5:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:71:CE:46:F6:F3:EE:66:16:86:60:08:F8:FE:B2:B9:1E:40:C6:E2
X509v3 Authority Key Identifier:
keyid:53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8F6D3D583AEA11EC84E6634EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.122.56.0/22
43.239.156.0/22
43.245.196.0/22
43.251.157.0-43.251.159.255
103.1.152.0/22
103.10.196.0/24
103.10.198.0/24
103.35.72.0/22
103.68.223.0/24
103.71.254.0/24
103.72.4.0/23
182.161.32.0/22
202.144.192.0/22
IPv6:
2402:c480::/32
Signature Algorithm: sha256WithRSAEncryption
39:1a:49:05:d4:0d:93:91:0b:5e:86:a8:25:21:37:f2:63:69:
82:08:0a:bf:33:03:f2:97:a8:be:51:a8:2d:14:a9:3d:8c:67:
9a:e3:08:3a:53:e0:e9:fe:07:33:20:e6:4d:bb:74:93:62:52:
6e:2a:9a:a8:34:e2:06:9d:a1:98:b3:9b:63:91:06:4b:fe:07:
12:1e:3a:f5:6e:ee:e8:ac:0b:28:66:b0:60:e4:5f:b2:45:db:
c2:9d:18:63:3e:97:29:38:97:bc:51:1e:bf:e6:6f:66:70:9d:
b0:14:db:a7:70:6d:08:97:70:2e:41:81:a4:c2:ac:31:6c:97:
81:a7:75:2a:85:a2:76:cd:00:7f:e7:48:0c:90:3c:fd:ec:37:
c3:2f:1f:cf:1d:6c:1f:85:de:a9:f0:72:d8:4a:7b:e4:00:ab:
a8:21:d0:56:61:87:9a:67:2e:41:d0:a8:9b:1e:37:4f:f5:66:
18:ea:bc:34:1b:89:2d:53:1b:05:ba:e2:1c:95:63:e0:5f:d8:
8e:5e:f7:83:ed:a5:f5:df:ed:7d:c8:3d:dd:fc:a9:56:7d:b0:
26:0c:2b:0f:db:e4:f4:c7:ee:a4:38:18:5c:a3:3b:b9:ef:e7:
77:92:ee:51:8b:aa:da:af:32:f4:82:fe:a3:39:d1:d6:7d:ad:
9c:3e:b0:ea
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgICDWswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjg4NUMxMTAvBgNVBAUTKDUzNzRDNkU3NUYxODYwNTI0NTVBMkQ4REE1MjkyRkVG
MDA5Q0M5QUYwHhcNMjUwODIwMTgwMDIxWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGE2MGQzNS0wZTFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4ekF16eQSIt9bWAKBlGhwb3KFeGkPFKyj6dyd1Xk8rkmh0c9qOEXdNStYx9p
SJ3OKGbcyNzXgHnbDTJbYSG22nyBN3lGEaRuhStkttaSQM9a1XCgXn3X3id7cRrj
hjL3sV6e59Rgvg+92cWQ77L0sCNW9r6mgYABMEf/Bjnn/puRb4hc9jY4EDhnTkiy
nmlQ1//ypKnkieBxvRw7vYEOUv5jAy4E4TOcYvjQ7MqTum1uupym4UA48vZJwMVi
3ybF4/s/AstmZrtg1XwAV5VDnT6tEPH6N/VPvjlF62b3RqTm1VoUW87+edL8/dNi
o1D890TFBXHqjA/Lq0qa1gTlVQIDAQABo4IC9DCCAvAwHQYDVR0OBBYEFK5xzkb2
8+5mFoZgCPj+srkeQMbiMB8GA1UdIwQYMBaAFFN0xudfGGBSRVotjaUpL+8AnMmv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODg1Qy81QzE5Rjg0MkYy
NjcxMUU5ODdDNzEzMUZDNEY5QUUwMi9VM1RHNTE4WVlGSkZXaTJOcFNrdjd3Q2N5
YTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1UzVEc1MThZWUZKRldpMk5wU2t2N3dDY3lhOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjg4NUMvNUMxOUY4NDJGMjY3MTFFOTg3QzcxMzFGQzRGOUFFMDIvOEY2RDNENTgz
QUVBMTFFQzg0RTY2MzRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfgYIKwYBBQUHAQcBAf8E
bzBtMFwEAgABMFYDBAIbejgDBAIr75wDBAIr9cQwDAMEACv7nQMEBSv7gAMEAmcB
mAMEAGcKxAMEAGcKxgMEAmcjSAMEAGdE3wMEAGdH/gMEAWdIBAMEArahIAMEAsqQ
wDANBAIAAjAHAwUAJALEgDANBgkqhkiG9w0BAQsFAAOCAQEAORpJBdQNk5ELXoao
JSE38mNpgggKvzMD8peovlGoLRSpPYxnmuMIOlPg6f4HMyDmTbt0k2JSbiqaqDTi
Bp2hmLObY5EGS/4HEh469W7u6KwLKGawYORfskXbwp0YYz6XKTiXvFEev+ZvZnCd
sBTbp3BtCJdwLkGBpMKsMWyXgad1KoWids0Af+dIDJA8/ew3wy8fzx1sH4XeqfBy
2Ep75ACrqCHQVmGHmmcuQdComx43T/VmGOq8NBuJLVMbBbriHJVj4F/Yjl73g+2l
9d/tfcg93fypVn2wJgwrD9vk9MfupDgYXKM7ue/nd5LuUYuq2q8y9IL+oznR1n2t
nD6w6g==
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:10:51 2025 by rpki-client