Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
File: B32F80267BD111EBBB223C84C4F9AE02.roa (raw, json)
Hash identifier: fgj/7WNpDZDJGQYEEdpd9gURGVv+zqVB3bgYW34Wrn0=
Subject key identifier: A5:4D:D0:A2:BA:60:7F:4C:80:3B:7F:E6:03:FA:39:AC:88:DE:36:1C
Certificate issuer: /CN=A91EDB37/serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Certificate serial: 076E
Authority key identifier: 95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
Signing time: Wed 20 Aug 2025 04:39:36 +0000
ROA not before: Wed 20 Aug 2025 04:39:36 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 21859
IP address blocks: 129.227.17.0/24 maxlen: 24
129.227.18.0/24 maxlen: 24
129.227.19.0/24 maxlen: 24
129.227.29.0/24 maxlen: 24
129.227.30.0/24 maxlen: 24
129.227.31.0/24 maxlen: 24
129.227.63.0/24 maxlen: 24
129.227.176.0/23 maxlen: 24
129.227.192.0/24 maxlen: 24
129.227.193.0/24 maxlen: 24
129.227.194.0/23 maxlen: 24
156.59.16.0/22 maxlen: 24
156.59.48.0/23 maxlen: 24
156.59.50.0/23 maxlen: 24
156.59.52.0/22 maxlen: 24
156.59.73.0/24 maxlen: 24
156.59.80.0/21 maxlen: 24
156.59.94.0/23 maxlen: 24
156.59.108.0/24 maxlen: 24
156.59.123.0/24 maxlen: 24
156.59.128.0/21 maxlen: 24
156.59.136.0/21 maxlen: 24
156.59.146.0/24 maxlen: 24
156.59.216.0/24 maxlen: 24
156.59.224.0/24 maxlen: 24
156.59.225.0/24 maxlen: 24
156.59.241.0/24 maxlen: 24
156.59.255.0/24 maxlen: 24
162.128.43.0/24 maxlen: 24
162.128.44.0/24 maxlen: 24
162.128.53.0/24 maxlen: 24
162.128.54.0/24 maxlen: 24
162.128.55.0/24 maxlen: 24
162.128.56.0/24 maxlen: 24
162.128.140.0/24 maxlen: 24
162.128.149.0/24 maxlen: 24
162.128.150.0/24 maxlen: 24
162.128.151.0/24 maxlen: 24
162.128.186.0/24 maxlen: 24
162.128.196.0/24 maxlen: 24
162.128.197.0/24 maxlen: 24
162.128.198.0/24 maxlen: 24
162.128.199.0/24 maxlen: 24
162.128.200.0/24 maxlen: 24
162.128.201.0/24 maxlen: 24
162.128.202.0/24 maxlen: 24
162.128.204.0/24 maxlen: 24
162.128.205.0/24 maxlen: 24
162.128.206.0/24 maxlen: 24
162.128.207.0/24 maxlen: 24
162.128.208.0/24 maxlen: 24
162.128.209.0/24 maxlen: 24
162.128.210.0/24 maxlen: 24
162.128.211.0/24 maxlen: 24
162.128.213.0/24 maxlen: 24
162.128.214.0/24 maxlen: 24
162.128.218.0/24 maxlen: 24
162.128.219.0/24 maxlen: 24
162.128.220.0/24 maxlen: 24
162.128.221.0/24 maxlen: 24
162.128.222.0/24 maxlen: 24
162.128.223.0/24 maxlen: 24
162.128.224.0/24 maxlen: 24
162.128.225.0/24 maxlen: 24
162.128.226.0/24 maxlen: 24
162.128.227.0/24 maxlen: 24
162.128.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Aug 2025 22:15:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1902 (0x76e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EDB37, serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Validity
Not Before: Aug 20 04:39:36 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=68a55188-e0a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:9e:b6:1e:97:30:30:31:33:39:7a:8b:3d:72:
19:b1:12:a4:8f:4a:19:b3:76:86:7c:bf:87:03:4f:
ad:60:66:39:27:28:a3:a5:b8:86:80:0b:c7:71:03:
aa:a7:7e:f3:c9:43:05:9b:e5:ca:7d:a2:6b:0c:d3:
25:f3:00:c9:d5:30:1c:57:68:6f:58:68:fd:d7:ea:
98:3d:aa:b5:ea:88:3b:c1:a1:fe:f3:ad:b3:10:1f:
1b:83:bf:c4:5a:74:ec:e4:cd:15:0f:75:c8:33:1b:
42:b2:f3:00:bd:29:ce:2c:50:cc:7b:7a:0a:6b:52:
80:fd:30:fd:fa:91:f2:49:ba:39:25:65:0b:90:8f:
9c:50:06:e1:ba:33:3d:48:a1:88:48:c0:f5:5d:85:
5d:b9:33:ab:04:e8:b2:db:4b:2b:9c:03:fa:89:37:
3d:3f:f3:26:4c:56:29:56:9e:8b:3f:b8:35:a9:71:
e2:1d:42:34:8d:ba:0a:2c:08:21:26:be:5b:78:f3:
1a:6a:86:de:25:68:4a:8a:3e:5c:60:60:71:b2:2a:
3b:7b:11:2b:f7:3d:2d:0e:21:a4:8d:ec:44:80:1e:
44:22:cc:63:e5:cd:c6:d2:e1:01:40:a7:0c:13:3d:
ac:0e:08:e8:49:0e:3c:7e:08:da:3b:bc:13:57:86:
9d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:4D:D0:A2:BA:60:7F:4C:80:3B:7F:E6:03:FA:39:AC:88:DE:36:1C
X509v3 Authority Key Identifier:
keyid:95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.227.17.0-129.227.19.255
129.227.29.0-129.227.31.255
129.227.63.0/24
129.227.176.0/23
129.227.192.0/22
156.59.16.0/22
156.59.48.0/21
156.59.73.0/24
156.59.80.0/21
156.59.94.0/23
156.59.108.0/24
156.59.123.0/24
156.59.128.0/20
156.59.146.0/24
156.59.216.0/24
156.59.224.0/23
156.59.241.0/24
156.59.255.0/24
162.128.43.0-162.128.44.255
162.128.53.0-162.128.56.255
162.128.140.0/24
162.128.149.0-162.128.151.255
162.128.186.0/24
162.128.196.0-162.128.202.255
162.128.204.0-162.128.211.255
162.128.213.0-162.128.214.255
162.128.218.0-162.128.227.255
162.128.254.0/24
Signature Algorithm: sha256WithRSAEncryption
23:7e:b5:3b:5f:23:64:2b:b2:57:80:dc:fc:cc:f2:97:33:9a:
57:16:4d:19:cc:1c:b5:41:3b:1c:82:dc:a5:60:15:46:71:0a:
fe:7d:53:63:58:27:35:f4:47:37:31:46:74:d9:e7:f1:ae:9a:
04:80:c7:28:6b:57:ed:ea:c1:f9:d1:78:cc:62:02:11:76:0e:
73:1b:87:30:a1:7d:9b:67:85:01:08:2a:91:ff:b0:7a:51:81:
bb:6e:42:95:a9:a1:38:bf:aa:5e:1d:fd:ab:6c:ba:e6:d1:b4:
34:49:02:bc:2f:01:d3:e3:47:41:24:27:7b:3a:00:3f:55:34:
e6:73:61:07:4b:5f:d6:6f:a3:3b:4c:fa:63:25:bf:e9:93:e6:
7d:4d:f3:66:df:d4:9f:45:cf:83:b8:eb:e2:f0:2d:ca:2a:67:
8b:86:57:8d:19:6b:07:cb:8b:2d:7d:f9:09:bc:55:a5:fc:6b:
c2:cd:2d:72:53:e4:99:cf:c6:f6:93:53:6a:07:f0:a0:74:fd:
43:86:db:fc:38:43:de:d7:c9:b0:16:d0:86:56:6a:bc:46:ca:
b3:e3:2d:56:b9:37:d2:fc:4f:1e:4f:b3:7c:46:06:ca:01:d3:
6c:5f:dc:18:e1:97:d3:4d:c4:60:47:cf:ad:79:e9:89:f9:7a:
93:a3:bd:cd
-----BEGIN CERTIFICATE-----
MIIGYTCCBUmgAwIBAgICB24wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RURCMzcxMTAvBgNVBAUTKDk1RkVCRTkzQTMzQTMzOTRCRDFGNjBEQ0JCRERCOUZE
RTA3MkI3RjMwHhcNMjUwODIwMDQzOTM2WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGE1NTE4OC1lMGEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2J62HpcwMDEzOXqLPXIZsRKkj0oZs3aGfL+HA0+tYGY5JyijpbiGgAvHcQOq
p37zyUMFm+XKfaJrDNMl8wDJ1TAcV2hvWGj91+qYPaq16og7waH+862zEB8bg7/E
WnTs5M0VD3XIMxtCsvMAvSnOLFDMe3oKa1KA/TD9+pHySbo5JWULkI+cUAbhujM9
SKGISMD1XYVduTOrBOiy20srnAP6iTc9P/MmTFYpVp6LP7g1qXHiHUI0jboKLAgh
Jr5bePMaaobeJWhKij5cYGBxsio7exEr9z0tDiGkjexEgB5EIsxj5c3G0uEBQKcM
Ez2sDgjoSQ48fgjaO7wTV4adXQIDAQABo4IDhTCCA4EwHQYDVR0OBBYEFKVN0KK6
YH9MgDt/5gP6OayI3jYcMB8GA1UdIwQYMBaAFJX+vpOjOjOUvR9g3Lvduf3gcrfz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFREIzNy80REU2MzVFMDc4
QTAxMUVCOTUwRDMxNzVDNEY5QUUwMi9sZjYtazZNNk01UzlIMkRjdTkyNV9lQnl0
X00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2xmNi1rNk02TTVTOUgyRGN1OTI1X2VCeXRfTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RURCMzcvNERFNjM1RTA3OEEwMTFFQjk1MEQzMTc1QzRGOUFFMDIvQjMyRjgwMjY3
QkQxMTFFQkJCMjIzQzg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggENBggrBgEFBQcBBwEB
/wSB/TCB+jCB9wQCAAEwgfAwDAMEAIHjEQMEAoHjEDAMAwQAgeMdAwQFgeMAAwQA
geM/AwQBgeOwAwQCgePAAwQCnDsQAwQDnDswAwQAnDtJAwQDnDtQAwQBnDteAwQA
nDtsAwQAnDt7AwQEnDuAAwQAnDuSAwQAnDvYAwQBnDvgAwQAnDvxAwQAnDv/MAwD
BACigCsDBACigCwwDAMEAKKANQMEAKKAOAMEAKKAjDAMAwQAooCVAwQDooCQAwQA
ooC6MAwDBAKigMQDBACigMowDAMEAqKAzAMEAqKA0DAMAwQAooDVAwQAooDWMAwD
BAGigNoDBAKigOADBACigP4wDQYJKoZIhvcNAQELBQADggEBACN+tTtfI2QrsleA
3PzM8pczmlcWTRnMHLVBOxyC3KVgFUZxCv59U2NYJzX0RzcxRnTZ5/GumgSAxyhr
V+3qwfnReMxiAhF2DnMbhzChfZtnhQEIKpH/sHpRgbtuQpWpoTi/ql4d/atsuubR
tDRJArwvAdPjR0EkJ3s6AD9VNOZzYQdLX9ZvoztM+mMlv+mT5n1N82bf1J9Fz4O4
6+LwLcoqZ4uGV40ZawfLiy19+Qm8VaX8a8LNLXJT5JnPxvaTU2oH8KB0/UOG2/w4
Q97XybAW0IZWarxGyrPjLVa5N9L8Tx5Ps3xGBsoB02xf3Bjhl9NNxGBHz6156Yn5
epOjvc0=
-----END CERTIFICATE-----
Generated at Thu Aug 21 07:02:46 2025 by rpki-client