Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/427BAA66E23211E8BD132210C4F9AE02.roa
File: 427BAA66E23211E8BD132210C4F9AE02.roa (raw, json)
Hash identifier: h82lo/wGrqpMf7HWVtsO8+F8lE20C+ULtc+zbWn4ALA=
Subject key identifier: E8:80:3C:F4:4D:52:BB:34:3E:A2:81:C1:D4:A0:B2:81:D5:5C:9C:99
Certificate issuer: /CN=A91CF4FE/serialNumber=16B564B758DFCD52C5CE891192E31B715B1CBFE8
Certificate serial: 3558
Authority key identifier: 16:B5:64:B7:58:DF:CD:52:C5:CE:89:11:92:E3:1B:71:5B:1C:BF:E8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FrVkt1jfzVLFzokRkuMbcVscv-g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/427BAA66E23211E8BD132210C4F9AE02.roa
Signing time: Tue 02 Sep 2025 14:30:34 +0000
ROA not before: Tue 02 Sep 2025 14:30:34 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 134166
IP address blocks: 1.179.246.0/24 maxlen: 24
1.179.247.0/24 maxlen: 24
113.53.228.0/24 maxlen: 24
118.174.8.0/24 maxlen: 24
118.174.9.0/24 maxlen: 24
118.174.10.0/24 maxlen: 24
118.174.11.0/24 maxlen: 24
118.175.1.0/24 maxlen: 24
118.175.24.0/22 maxlen: 24
118.175.28.0/24 maxlen: 24
180.180.242.0/24 maxlen: 24
180.180.243.0/24 maxlen: 24
180.180.244.0/24 maxlen: 24
180.180.245.0/24 maxlen: 24
180.180.247.0/24 maxlen: 24
203.113.4.0/24 maxlen: 24
203.113.6.0/24 maxlen: 24
203.113.8.0/22 maxlen: 22
203.113.8.0/24 maxlen: 24
203.113.10.0/24 maxlen: 24
203.113.14.0/24 maxlen: 24
203.113.25.0/24 maxlen: 24
203.113.70.0/24 maxlen: 24
203.113.71.0/24 maxlen: 24
203.113.95.0/24 maxlen: 24
203.113.126.0/24 maxlen: 24
203.114.97.0/24 maxlen: 24
203.114.98.0/24 maxlen: 24
203.114.102.0/24 maxlen: 24
2001:ec0:100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/FrVkt1jfzVLFzokRkuMbcVscv-g.crl
rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/FrVkt1jfzVLFzokRkuMbcVscv-g.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FrVkt1jfzVLFzokRkuMbcVscv-g.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 11 Sep 2025 14:26:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13656 (0x3558)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CF4FE, serialNumber=16B564B758DFCD52C5CE891192E31B715B1CBFE8
Validity
Not Before: Sep 2 14:30:34 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=68b6ff89-3545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2a:cd:4f:e7:f1:90:6e:bb:5c:3d:70:49:d5:
c8:c4:ea:fc:af:30:74:7c:43:d4:53:40:58:67:2e:
a0:6d:2a:62:53:f9:3c:67:85:3b:4a:67:24:b5:58:
b4:9c:ff:97:34:a5:46:2c:be:d2:25:88:19:17:43:
16:99:ff:ca:d5:79:c9:a0:0b:4f:8d:80:3e:ef:6d:
c8:92:a6:c6:4d:73:6d:bd:68:41:7c:40:73:32:77:
70:8d:f6:9f:27:0d:3b:3b:56:54:e9:da:06:02:aa:
45:d8:60:3f:18:df:d4:51:41:fe:ee:ca:7f:e2:b9:
c6:91:96:10:c6:e7:19:49:6c:36:e0:54:ac:1d:83:
eb:df:41:21:20:f6:d6:d1:ca:88:d0:77:6a:49:56:
69:80:0d:15:96:fc:9f:4f:9e:e2:4a:25:13:49:0a:
26:b8:2d:a6:d1:a5:d4:1d:a5:0c:39:26:3e:d4:6a:
83:3d:cf:7c:84:37:42:3b:43:e8:a1:00:9a:6c:11:
6a:2b:8a:49:e5:0a:54:11:6a:c4:88:29:7a:6e:d9:
26:d6:91:32:89:8f:d5:64:59:a2:fa:18:3f:41:7b:
ec:2b:b2:16:1f:6d:70:97:fa:a6:33:59:18:2d:91:
10:69:28:eb:c5:b6:3f:08:ce:fa:7e:bb:4f:75:da:
87:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:80:3C:F4:4D:52:BB:34:3E:A2:81:C1:D4:A0:B2:81:D5:5C:9C:99
X509v3 Authority Key Identifier:
keyid:16:B5:64:B7:58:DF:CD:52:C5:CE:89:11:92:E3:1B:71:5B:1C:BF:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/FrVkt1jfzVLFzokRkuMbcVscv-g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FrVkt1jfzVLFzokRkuMbcVscv-g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/427BAA66E23211E8BD132210C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.179.246.0/23
113.53.228.0/24
118.174.8.0/22
118.175.1.0/24
118.175.24.0-118.175.28.255
180.180.242.0-180.180.245.255
180.180.247.0/24
203.113.4.0/24
203.113.6.0/24
203.113.8.0/22
203.113.14.0/24
203.113.25.0/24
203.113.70.0/23
203.113.95.0/24
203.113.126.0/24
203.114.97.0-203.114.98.255
203.114.102.0/24
IPv6:
2001:ec0:100::/40
Signature Algorithm: sha256WithRSAEncryption
05:d4:43:03:27:83:83:ae:2f:a4:f8:38:64:b4:4c:c0:d1:f2:
a3:c8:51:28:05:ba:af:79:d4:bf:6c:83:73:0a:8b:24:8c:ec:
f8:74:2b:9e:3b:af:b6:46:ce:05:cf:45:7f:a5:ad:4f:87:0a:
ac:6b:92:9f:48:f9:fa:f6:06:9e:04:31:96:b5:4d:ee:b5:f7:
93:e7:f4:e6:85:e9:6b:24:2a:d1:59:32:5c:38:a5:8e:4b:b5:
fc:8c:04:d0:a7:92:05:8f:c8:8d:aa:ab:f4:f7:9e:c6:ea:1f:
24:19:19:ea:42:e1:32:83:30:20:01:be:51:11:bd:de:1b:8f:
28:b0:fd:a8:fb:19:a3:da:d7:66:e4:0f:4a:c9:3e:ae:4d:d7:
42:17:85:20:54:16:a3:86:5b:6e:83:6d:3c:b5:98:ee:74:53:
23:5c:26:20:ce:82:0e:20:15:7a:b1:b8:3b:e8:77:ac:85:36:
3a:e5:7f:e2:98:8b:5a:07:1a:87:64:8e:07:8c:40:75:fa:b0:
09:a3:4d:6b:f8:41:4b:88:5e:51:3b:cb:a8:6d:ad:54:71:f4:
38:0a:d5:cf:5d:2a:5d:07:4c:d8:7f:a2:a1:af:5e:e1:27:06:
37:b0:23:1c:f2:45:d8:d8:5a:44:1b:ba:d3:b6:ba:b2:ba:f2:
13:09:b6:4c
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICNVgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0Y0RkUxMTAvBgNVBAUTKDE2QjU2NEI3NThERkNENTJDNUNFODkxMTkyRTMxQjcx
NUIxQ0JGRTgwHhcNMjUwOTAyMTQzMDM0WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGI2ZmY4OS0zNTQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuCrNT+fxkG67XD1wSdXIxOr8rzB0fEPUU0BYZy6gbSpiU/k8Z4U7SmcktVi0
nP+XNKVGLL7SJYgZF0MWmf/K1XnJoAtPjYA+723IkqbGTXNtvWhBfEBzMndwjfaf
Jw07O1ZU6doGAqpF2GA/GN/UUUH+7sp/4rnGkZYQxucZSWw24FSsHYPr30EhIPbW
0cqI0HdqSVZpgA0VlvyfT57iSiUTSQomuC2m0aXUHaUMOSY+1GqDPc98hDdCO0Po
oQCabBFqK4pJ5QpUEWrEiCl6btkm1pEyiY/VZFmi+hg/QXvsK7IWH21wl/qmM1kY
LZEQaSjrxbY/CM76frtPddqHmwIDAQABo4IDITCCAx0wHQYDVR0OBBYEFOiAPPRN
Urs0PqKBwdSgsoHVXJyZMB8GA1UdIwQYMBaAFBa1ZLdY381Sxc6JEZLjG3FbHL/o
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRjRGRS9CQTEzMTI0RTFE
ODUxMUUyQTc3OTk5REMwOEIwMkNEMi9GclZrdDFqZnpWTEZ6b2tSa3VNYmNWc2N2
LWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZyVmt0MWpmelZMRnpva1JrdU1iY1ZzY3YtZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0Y0RkUvQkExMzEyNEUxRDg1MTFFMkE3Nzk5OURDMDhCMDJDRDIvNDI3QkFBNjZF
MjMyMTFFOEJEMTMyMjEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaoGCCsGAQUFBwEHAQH/
BIGaMIGXMIGEBAIAATB+AwQBAbP2AwQAcTXkAwQCdq4IAwQAdq8BMAwDBAN2rxgD
BAB2rxwwDAMEAbS08gMEAbS09AMEALS09wMEAMtxBAMEAMtxBgMEAstxCAMEAMtx
DgMEAMtxGQMEActxRgMEAMtxXwMEAMtxfjAMAwQAy3JhAwQAy3JiAwQAy3JmMA4E
AgACMAgDBgAgAQ7AATANBgkqhkiG9w0BAQsFAAOCAQEABdRDAyeDg64vpPg4ZLRM
wNHyo8hRKAW6r3nUv2yDcwqLJIzs+HQrnjuvtkbOBc9Ff6WtT4cKrGuSn0j5+vYG
ngQxlrVN7rX3k+f05oXpayQq0VkyXDiljku1/IwE0KeSBY/Ijaqr9PeexuofJBkZ
6kLhMoMwIAG+URG93huPKLD9qPsZo9rXZuQPSsk+rk3XQheFIFQWo4ZbboNtPLWY
7nRTI1wmIM6CDiAVerG4O+h3rIU2OuV/4piLWgcah2SOB4xAdfqwCaNNa/hBS4he
UTvLqG2tVHH0OArVz10qXQdM2H+ioa9e4ScGN7AjHPJF2NhaRBu607a6srryEwm2
TA==
-----END CERTIFICATE-----
Generated at Sat Sep 6 14:28:00 2025 by rpki-client