Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
File: B32F80267BD111EBBB223C84C4F9AE02.roa (raw, json)
Hash identifier: RtoElJA8lvG+4Umsv46Pi+fqjvhMfUTwWqRD6pafkf0=
Subject key identifier: B4:28:89:AE:B0:C5:22:24:66:45:F7:D9:B3:FE:73:AE:A2:2B:1F:4E
Certificate issuer: /CN=A91EDB37/serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Certificate serial: 07AB
Authority key identifier: 95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
Signing time: Mon 20 Oct 2025 06:04:49 +0000
ROA not before: Mon 20 Oct 2025 06:04:49 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 21859
IP address blocks: 129.227.17.0/24 maxlen: 24
129.227.18.0/24 maxlen: 24
129.227.19.0/24 maxlen: 24
129.227.29.0/24 maxlen: 24
129.227.30.0/24 maxlen: 24
129.227.31.0/24 maxlen: 24
129.227.63.0/24 maxlen: 24
129.227.176.0/23 maxlen: 24
129.227.192.0/24 maxlen: 24
129.227.193.0/24 maxlen: 24
129.227.194.0/23 maxlen: 24
156.59.16.0/22 maxlen: 24
156.59.48.0/23 maxlen: 24
156.59.50.0/23 maxlen: 24
156.59.52.0/22 maxlen: 24
156.59.73.0/24 maxlen: 24
156.59.80.0/21 maxlen: 24
156.59.94.0/23 maxlen: 24
156.59.108.0/24 maxlen: 24
156.59.123.0/24 maxlen: 24
156.59.128.0/21 maxlen: 24
156.59.136.0/21 maxlen: 24
156.59.146.0/24 maxlen: 24
156.59.216.0/24 maxlen: 24
156.59.224.0/24 maxlen: 24
156.59.225.0/24 maxlen: 24
156.59.241.0/24 maxlen: 24
156.59.255.0/24 maxlen: 24
162.128.43.0/24 maxlen: 24
162.128.44.0/24 maxlen: 24
162.128.53.0/24 maxlen: 24
162.128.54.0/24 maxlen: 24
162.128.55.0/24 maxlen: 24
162.128.56.0/24 maxlen: 24
162.128.57.0/24 maxlen: 24
162.128.59.0/24 maxlen: 24
162.128.60.0/24 maxlen: 24
162.128.61.0/24 maxlen: 24
162.128.62.0/24 maxlen: 24
162.128.63.0/24 maxlen: 24
162.128.140.0/24 maxlen: 24
162.128.149.0/24 maxlen: 24
162.128.150.0/24 maxlen: 24
162.128.151.0/24 maxlen: 24
162.128.186.0/24 maxlen: 24
162.128.196.0/24 maxlen: 24
162.128.197.0/24 maxlen: 24
162.128.198.0/24 maxlen: 24
162.128.199.0/24 maxlen: 24
162.128.200.0/24 maxlen: 24
162.128.201.0/24 maxlen: 24
162.128.202.0/24 maxlen: 24
162.128.203.0/24 maxlen: 24
162.128.204.0/24 maxlen: 24
162.128.205.0/24 maxlen: 24
162.128.206.0/24 maxlen: 24
162.128.207.0/24 maxlen: 24
162.128.208.0/24 maxlen: 24
162.128.209.0/24 maxlen: 24
162.128.210.0/24 maxlen: 24
162.128.211.0/24 maxlen: 24
162.128.213.0/24 maxlen: 24
162.128.214.0/24 maxlen: 24
162.128.217.0/24 maxlen: 24
162.128.218.0/24 maxlen: 24
162.128.219.0/24 maxlen: 24
162.128.220.0/24 maxlen: 24
162.128.221.0/24 maxlen: 24
162.128.222.0/24 maxlen: 24
162.128.223.0/24 maxlen: 24
162.128.224.0/24 maxlen: 24
162.128.225.0/24 maxlen: 24
162.128.226.0/24 maxlen: 24
162.128.227.0/24 maxlen: 24
162.128.228.0/24 maxlen: 24
162.128.229.0/24 maxlen: 24
162.128.230.0/24 maxlen: 24
162.128.231.0/24 maxlen: 24
162.128.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 29 Oct 2025 03:49:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1963 (0x7ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EDB37, serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Validity
Not Before: Oct 20 06:04:49 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=68f5d101-b57a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:44:c9:85:00:88:6d:7a:ec:80:fc:82:00:3b:
d7:27:c9:c0:18:ba:22:2c:36:ce:1b:a9:72:20:42:
61:99:0b:a0:c9:59:0e:d2:c5:17:e7:f6:5a:0f:86:
a8:ab:52:25:22:b0:46:c5:d8:ff:24:40:27:67:b2:
b3:db:05:73:d3:ae:b1:b5:f2:6f:60:04:b0:d8:1c:
1d:0c:6c:b0:26:d4:79:16:ae:e3:49:b2:89:b8:4b:
9f:14:aa:2a:a5:ba:6e:04:33:eb:f9:f0:9e:a0:58:
fb:4a:4f:07:4b:d7:30:86:50:51:bd:55:fb:03:2d:
b3:f6:a0:fa:22:37:2c:60:be:c2:de:34:39:22:27:
88:45:cc:e2:5d:d9:12:75:e0:5f:74:97:7b:87:98:
25:e0:92:b6:19:e0:20:48:16:da:c4:03:1d:ef:51:
ea:c0:60:ea:42:62:f9:21:c6:c6:7b:a5:b4:b4:78:
fd:e5:1f:8e:68:78:dd:4e:8c:81:f8:99:49:3a:f3:
66:46:90:d6:c4:ab:49:2e:36:36:ba:c2:b2:99:83:
5c:e1:a3:ad:ec:44:d8:ad:14:09:ea:5e:df:de:55:
60:75:8e:32:d4:3b:ea:e4:7e:16:e2:0d:f8:3a:fa:
64:9e:cc:ff:9f:0a:9b:7a:0a:3e:e0:1c:8a:72:fd:
f2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:28:89:AE:B0:C5:22:24:66:45:F7:D9:B3:FE:73:AE:A2:2B:1F:4E
X509v3 Authority Key Identifier:
keyid:95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.227.17.0-129.227.19.255
129.227.29.0-129.227.31.255
129.227.63.0/24
129.227.176.0/23
129.227.192.0/22
156.59.16.0/22
156.59.48.0/21
156.59.73.0/24
156.59.80.0/21
156.59.94.0/23
156.59.108.0/24
156.59.123.0/24
156.59.128.0/20
156.59.146.0/24
156.59.216.0/24
156.59.224.0/23
156.59.241.0/24
156.59.255.0/24
162.128.43.0-162.128.44.255
162.128.53.0-162.128.57.255
162.128.59.0-162.128.63.255
162.128.140.0/24
162.128.149.0-162.128.151.255
162.128.186.0/24
162.128.196.0-162.128.211.255
162.128.213.0-162.128.214.255
162.128.217.0-162.128.231.255
162.128.254.0/24
Signature Algorithm: sha256WithRSAEncryption
88:d5:fa:14:84:e1:08:b4:18:66:a2:1f:93:3f:d8:66:cc:9a:
53:4f:53:42:9a:27:89:b5:47:e4:31:c8:c8:dd:8f:4c:46:b4:
f3:9a:99:55:f6:06:40:e5:75:eb:7b:e6:38:32:02:6f:cb:48:
fa:05:97:84:69:19:9a:15:a1:d3:d1:1e:6a:a8:57:6d:31:4b:
b9:f5:9b:b3:8c:86:a0:46:5d:40:e0:2e:1e:8f:65:86:8a:17:
32:15:98:e1:75:10:25:c2:9c:c6:d4:4e:83:ec:41:60:45:00:
fd:af:6c:f1:75:c3:8d:a9:01:03:53:d5:92:04:c6:19:61:e7:
fe:4f:9c:21:64:32:6e:c9:0b:08:f1:0f:8f:0b:29:d5:39:9e:
82:10:47:70:a9:66:15:0e:69:d1:61:a8:a2:1c:7b:70:84:32:
d0:89:d0:60:b4:35:a2:40:fe:18:ec:18:5a:15:96:48:f9:b6:
c6:ff:18:ea:c3:92:24:ca:d6:da:63:db:48:bc:dd:6b:76:2e:
0f:83:52:02:7d:9e:5a:47:06:c1:3e:d7:8b:ae:b5:3b:74:02:
b3:2c:f5:73:fd:b2:44:75:4b:78:a0:a0:f7:cf:79:fc:47:19:
77:6d:ad:8a:e7:ba:4c:bc:3f:15:6e:ab:68:79:db:80:19:cc:
43:fd:2f:b0
-----BEGIN CERTIFICATE-----
MIIGYTCCBUmgAwIBAgICB6swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RURCMzcxMTAvBgNVBAUTKDk1RkVCRTkzQTMzQTMzOTRCRDFGNjBEQ0JCRERCOUZE
RTA3MkI3RjMwHhcNMjUxMDIwMDYwNDQ5WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGY1ZDEwMS1iNTdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0kTJhQCIbXrsgPyCADvXJ8nAGLoiLDbOG6lyIEJhmQugyVkO0sUX5/ZaD4ao
q1IlIrBGxdj/JEAnZ7Kz2wVz066xtfJvYASw2BwdDGywJtR5Fq7jSbKJuEufFKoq
pbpuBDPr+fCeoFj7Sk8HS9cwhlBRvVX7Ay2z9qD6IjcsYL7C3jQ5IieIRcziXdkS
deBfdJd7h5gl4JK2GeAgSBbaxAMd71HqwGDqQmL5IcbGe6W0tHj95R+OaHjdToyB
+JlJOvNmRpDWxKtJLjY2usKymYNc4aOt7ETYrRQJ6l7f3lVgdY4y1Dvq5H4W4g34
Ovpknsz/nwqbego+4ByKcv3yCwIDAQABo4IDhTCCA4EwHQYDVR0OBBYEFLQoia6w
xSIkZkX32bP+c66iKx9OMB8GA1UdIwQYMBaAFJX+vpOjOjOUvR9g3Lvduf3gcrfz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFREIzNy80REU2MzVFMDc4
QTAxMUVCOTUwRDMxNzVDNEY5QUUwMi9sZjYtazZNNk01UzlIMkRjdTkyNV9lQnl0
X00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2xmNi1rNk02TTVTOUgyRGN1OTI1X2VCeXRfTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RURCMzcvNERFNjM1RTA3OEEwMTFFQjk1MEQzMTc1QzRGOUFFMDIvQjMyRjgwMjY3
QkQxMTFFQkJCMjIzQzg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggENBggrBgEFBQcBBwEB
/wSB/TCB+jCB9wQCAAEwgfAwDAMEAIHjEQMEAoHjEDAMAwQAgeMdAwQFgeMAAwQA
geM/AwQBgeOwAwQCgePAAwQCnDsQAwQDnDswAwQAnDtJAwQDnDtQAwQBnDteAwQA
nDtsAwQAnDt7AwQEnDuAAwQAnDuSAwQAnDvYAwQBnDvgAwQAnDvxAwQAnDv/MAwD
BACigCsDBACigCwwDAMEAKKANQMEAaKAODAMAwQAooA7AwQGooAAAwQAooCMMAwD
BACigJUDBAOigJADBACigLowDAMEAqKAxAMEAqKA0DAMAwQAooDVAwQAooDWMAwD
BACigNkDBAOigOADBACigP4wDQYJKoZIhvcNAQELBQADggEBAIjV+hSE4Qi0GGai
H5M/2GbMmlNPU0KaJ4m1R+QxyMjdj0xGtPOamVX2BkDldet75jgyAm/LSPoFl4Rp
GZoVodPRHmqoV20xS7n1m7OMhqBGXUDgLh6PZYaKFzIVmOF1ECXCnMbUToPsQWBF
AP2vbPF1w42pAQNT1ZIExhlh5/5PnCFkMm7JCwjxD48LKdU5noIQR3CpZhUOadFh
qKIce3CEMtCJ0GC0NaJA/hjsGFoVlkj5tsb/GOrDkiTK1tpj20i83Wt2Lg+DUgJ9
nlpHBsE+14uutTt0ArMs9XP9skR1S3igoPfPefxHGXdtrYrnuky8PxVuq2h524AZ
zEP9L7A=
-----END CERTIFICATE-----
Generated at Wed Oct 22 11:40:51 2025 by rpki-client