Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F17B1/66E4E4F6FB4011EBBAB0DA3BC4F9AE02/65DFCD4A884D11EE8423C486C4F9AE02.roa
File: 65DFCD4A884D11EE8423C486C4F9AE02.roa (raw, json)
Hash identifier: Ji5QHhKyC9d/xw16UVd29SWOnnXI9pwAI1DiN2SnuG0=
Subject key identifier: F0:85:D2:5F:52:F2:92:15:53:02:3E:71:F0:94:05:09:72:5A:33:C5
Certificate issuer: /CN=A91F17B1/serialNumber=FE50C385D9EB19E2EFA14FA35ADA5BDEA5B456D3
Certificate serial: 058C
Authority key identifier: FE:50:C3:85:D9:EB:19:E2:EF:A1:4F:A3:5A:DA:5B:DE:A5:B4:56:D3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_lDDhdnrGeLvoU-jWtpb3qW0VtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F17B1/66E4E4F6FB4011EBBAB0DA3BC4F9AE02/65DFCD4A884D11EE8423C486C4F9AE02.roa
Signing time: Thu 29 May 2025 08:45:14 +0000
ROA not before: Thu 29 May 2025 08:45:14 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 23888
IP address blocks: 43.250.84.0/22 maxlen: 22
43.250.84.0/24 maxlen: 24
43.250.85.0/24 maxlen: 24
43.250.86.0/24 maxlen: 24
43.250.87.0/24 maxlen: 24
103.253.156.0/22 maxlen: 22
103.253.156.0/24 maxlen: 24
103.253.157.0/24 maxlen: 24
103.253.158.0/24 maxlen: 24
103.253.159.0/24 maxlen: 24
113.197.48.0/22 maxlen: 22
113.197.48.0/24 maxlen: 24
113.197.49.0/24 maxlen: 24
113.197.50.0/23 maxlen: 23
113.197.52.0/23 maxlen: 23
113.197.54.0/24 maxlen: 24
113.197.55.0/24 maxlen: 24
175.107.0.0/20 maxlen: 20
175.107.0.0/22 maxlen: 23
175.107.4.0/22 maxlen: 22
175.107.5.0/24 maxlen: 24
175.107.7.0/24 maxlen: 24
175.107.8.0/24 maxlen: 24
175.107.9.0/24 maxlen: 24
175.107.10.0/24 maxlen: 24
175.107.11.0/24 maxlen: 24
175.107.12.0/24 maxlen: 24
175.107.13.0/24 maxlen: 24
175.107.14.0/24 maxlen: 24
175.107.15.0/24 maxlen: 24
175.107.16.0/20 maxlen: 20
175.107.16.0/24 maxlen: 24
175.107.17.0/24 maxlen: 24
175.107.18.0/24 maxlen: 24
175.107.19.0/24 maxlen: 24
175.107.20.0/24 maxlen: 24
175.107.21.0/24 maxlen: 24
175.107.22.0/23 maxlen: 23
175.107.24.0/21 maxlen: 21
175.107.24.0/24 maxlen: 24
175.107.25.0/24 maxlen: 24
175.107.26.0/23 maxlen: 24
175.107.28.0/22 maxlen: 24
175.107.32.0/20 maxlen: 20
175.107.32.0/24 maxlen: 24
175.107.33.0/24 maxlen: 24
175.107.35.0/24 maxlen: 24
175.107.36.0/22 maxlen: 22
175.107.40.0/22 maxlen: 22
175.107.44.0/22 maxlen: 22
175.107.48.0/20 maxlen: 20
175.107.48.0/24 maxlen: 24
175.107.49.0/24 maxlen: 24
175.107.50.0/24 maxlen: 24
175.107.51.0/24 maxlen: 24
175.107.52.0/24 maxlen: 24
175.107.53.0/24 maxlen: 24
175.107.54.0/24 maxlen: 24
175.107.55.0/24 maxlen: 24
175.107.56.0/24 maxlen: 24
175.107.57.0/24 maxlen: 24
175.107.58.0/24 maxlen: 24
175.107.59.0/24 maxlen: 24
175.107.60.0/24 maxlen: 24
175.107.61.0/24 maxlen: 24
175.107.62.0/24 maxlen: 24
175.107.63.0/24 maxlen: 24
202.83.160.0/20 maxlen: 20
202.83.160.0/22 maxlen: 22
202.83.160.0/24 maxlen: 24
202.83.161.0/24 maxlen: 24
202.83.162.0/24 maxlen: 24
202.83.163.0/24 maxlen: 24
202.83.164.0/24 maxlen: 24
202.83.165.0/24 maxlen: 24
202.83.166.0/24 maxlen: 24
202.83.167.0/24 maxlen: 24
202.83.168.0/24 maxlen: 24
202.83.169.0/24 maxlen: 24
202.83.170.0/24 maxlen: 24
202.83.171.0/24 maxlen: 24
202.83.172.0/24 maxlen: 24
202.83.173.0/24 maxlen: 24
202.83.174.0/24 maxlen: 24
202.83.175.0/24 maxlen: 24
2407:9e00::/48 maxlen: 48
2407:9e00:1::/48 maxlen: 48
2407:9e00:2::/48 maxlen: 48
2407:9e00:3::/48 maxlen: 48
2407:9e00:4::/48 maxlen: 48
2407:9e00:5::/48 maxlen: 48
2407:9e00:6::/48 maxlen: 48
2407:9e00:7::/48 maxlen: 48
2407:9e00:10::/48 maxlen: 48
2407:9e00:11::/48 maxlen: 48
2407:9e00:12::/48 maxlen: 48
2407:9e00:13::/48 maxlen: 48
2407:9e00:14::/48 maxlen: 48
2407:9e00:15::/48 maxlen: 48
2407:9e00:20::/48 maxlen: 48
2407:9e00:21::/48 maxlen: 48
2407:9e00:22::/48 maxlen: 48
2407:9e00:23::/48 maxlen: 48
2407:9e00:24::/48 maxlen: 48
2407:9e00:25::/48 maxlen: 48
2407:9e00:30::/48 maxlen: 48
2407:9e00:31::/48 maxlen: 48
2407:9e00:32::/48 maxlen: 48
2407:9e00:33::/48 maxlen: 48
2407:9e00:35::/48 maxlen: 48
2407:9e00:40::/48 maxlen: 48
2407:9e00:41::/48 maxlen: 48
2407:9e00:42::/48 maxlen: 48
2407:9e00:43::/48 maxlen: 48
2407:9e00:44::/48 maxlen: 48
2407:9e00:50::/48 maxlen: 48
2407:9e00:51::/48 maxlen: 48
2407:9e00:52::/48 maxlen: 48
2407:9e00:53::/48 maxlen: 48
2407:9e00:60::/48 maxlen: 48
2407:9e00:61::/48 maxlen: 48
2407:9e00:62::/48 maxlen: 48
2407:9e00:70::/48 maxlen: 48
2407:9e00:71::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91F17B1/66E4E4F6FB4011EBBAB0DA3BC4F9AE02/_lDDhdnrGeLvoU-jWtpb3qW0VtM.crl
rsync://rpki.apnic.net/member_repository/A91F17B1/66E4E4F6FB4011EBBAB0DA3BC4F9AE02/_lDDhdnrGeLvoU-jWtpb3qW0VtM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_lDDhdnrGeLvoU-jWtpb3qW0VtM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Jun 2025 23:44:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1420 (0x58c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F17B1, serialNumber=FE50C385D9EB19E2EFA14FA35ADA5BDEA5B456D3
Validity
Not Before: May 29 08:45:14 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=68381e9a-83d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:82:67:21:f9:a7:f8:25:ac:f6:22:25:68:c1:
ec:6d:c4:8d:ff:27:c0:e5:9d:24:cd:ef:af:4d:c4:
21:67:88:76:4e:51:fc:ba:51:0c:6d:28:6f:f1:5c:
2c:f2:ca:51:9b:a8:47:58:e7:3a:c4:4e:68:bf:40:
bd:2e:e3:37:b3:7f:5b:f7:32:b2:c7:6e:0c:ad:71:
d0:47:52:e1:95:f7:fc:be:da:db:75:08:59:c7:51:
b7:dc:76:a9:ae:90:a3:63:65:7f:dc:b8:17:c1:90:
50:87:80:c9:80:86:7a:d5:13:db:b9:30:8f:02:85:
5e:e1:63:6f:65:87:17:b0:a5:cf:ac:85:c7:ea:c4:
e7:0c:e5:1e:32:f5:dc:ec:af:13:8f:34:03:ce:8d:
f8:6f:b9:fb:e3:66:0b:b6:8f:ac:d8:fa:10:bf:fe:
94:a4:8c:87:26:8b:55:84:29:87:2a:7b:d7:57:ff:
96:5a:fb:14:13:54:59:da:de:bc:d2:1b:80:f8:a9:
82:1a:b8:4d:ee:4e:c9:fd:b0:b9:4c:c9:4a:2f:e6:
4b:bb:d1:7f:5c:63:b2:e5:07:90:e7:9d:77:02:e9:
d3:4e:04:c6:8e:c1:42:57:0a:90:86:b4:36:c7:c4:
5f:97:4c:16:b5:ba:5c:af:dc:98:c5:8c:9a:f4:51:
9a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:85:D2:5F:52:F2:92:15:53:02:3E:71:F0:94:05:09:72:5A:33:C5
X509v3 Authority Key Identifier:
keyid:FE:50:C3:85:D9:EB:19:E2:EF:A1:4F:A3:5A:DA:5B:DE:A5:B4:56:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F17B1/66E4E4F6FB4011EBBAB0DA3BC4F9AE02/_lDDhdnrGeLvoU-jWtpb3qW0VtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_lDDhdnrGeLvoU-jWtpb3qW0VtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F17B1/66E4E4F6FB4011EBBAB0DA3BC4F9AE02/65DFCD4A884D11EE8423C486C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.84.0/22
103.253.156.0/22
113.197.48.0/21
175.107.0.0/18
202.83.160.0/20
IPv6:
2407:9e00::/45
2407:9e00:10::-2407:9e00:15:ffff:ffff:ffff:ffff:ffff
2407:9e00:20::-2407:9e00:25:ffff:ffff:ffff:ffff:ffff
2407:9e00:30::/46
2407:9e00:35::/48
2407:9e00:40::-2407:9e00:44:ffff:ffff:ffff:ffff:ffff
2407:9e00:50::/46
2407:9e00:60::-2407:9e00:62:ffff:ffff:ffff:ffff:ffff
2407:9e00:70::/47
Signature Algorithm: sha256WithRSAEncryption
10:3d:75:f8:63:15:de:de:2e:42:2d:56:72:55:ae:53:ad:79:
d2:4f:e0:e6:ca:7d:a6:9b:ac:53:dc:cb:1b:d8:96:18:66:c0:
2c:eb:84:33:ba:03:c2:bc:4b:a1:dc:73:55:5d:e1:26:e2:8b:
ca:f4:8d:f8:b6:5c:f9:77:1d:b2:3c:d2:10:db:08:9a:6b:f5:
0e:60:c9:10:5a:6b:12:9a:b2:db:6b:ec:2f:07:0d:b9:37:66:
2a:e5:a3:c6:58:b9:57:f5:72:47:36:b1:1a:4b:4c:24:ff:84:
c5:cc:9f:9a:0f:cd:f3:4e:31:be:ab:eb:4e:64:20:ce:8c:19:
60:4e:e7:05:b0:2b:31:2d:b0:f9:18:64:33:ac:b4:2c:f4:58:
86:35:96:67:c9:7a:98:6a:e7:88:b3:ae:86:53:21:ca:23:b3:
3d:d5:a4:ea:eb:0a:6d:bd:67:7d:fd:ed:8e:58:29:1f:46:3a:
f2:ab:c7:8e:d4:38:fd:85:15:ca:1a:37:02:24:54:28:01:f2:
1e:9f:29:e3:ad:b7:0b:a2:f0:26:56:ac:c5:d4:b8:cc:7a:de:
a7:94:03:00:99:98:6b:37:33:28:9a:b6:cd:be:e1:3a:82:76:
4e:50:64:d7:a9:04:39:a9:46:4d:57:c6:01:69:35:20:66:0c:
38:c3:e3:7a
-----BEGIN CERTIFICATE-----
MIIGEjCCBPqgAwIBAgICBYwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjE3QjExMTAvBgNVBAUTKEZFNTBDMzg1RDlFQjE5RTJFRkExNEZBMzVBREE1QkRF
QTVCNDU2RDMwHhcNMjUwNTI5MDg0NTE0WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODM4MWU5YS04M2Q1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2oJnIfmn+CWs9iIlaMHsbcSN/yfA5Z0kze+vTcQhZ4h2TlH8ulEMbShv8Vws
8spRm6hHWOc6xE5ov0C9LuM3s39b9zKyx24MrXHQR1Lhlff8vtrbdQhZx1G33Hap
rpCjY2V/3LgXwZBQh4DJgIZ61RPbuTCPAoVe4WNvZYcXsKXPrIXH6sTnDOUeMvXc
7K8TjzQDzo34b7n742YLto+s2PoQv/6UpIyHJotVhCmHKnvXV/+WWvsUE1RZ2t68
0huA+KmCGrhN7k7J/bC5TMlKL+ZLu9F/XGOy5QeQ5513AunTTgTGjsFCVwqQhrQ2
x8Rfl0wWtbpcr9yYxYya9FGaOQIDAQABo4IDNjCCAzIwHQYDVR0OBBYEFPCF0l9S
8pIVUwI+cfCUBQlyWjPFMB8GA1UdIwQYMBaAFP5Qw4XZ6xni76FPo1raW96ltFbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTdCMS82NkU0RTRGNkZC
NDAxMUVCQkFCMERBM0JDNEY5QUUwMi9fbEREaGRuckdlTHZvVS1qV3RwYjNxVzBW
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19sRERoZG5yR2VMdm9VLWpXdHBiM3FXMFZ0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjE3QjEvNjZFNEU0RjZGQjQwMTFFQkJBQjBEQTNCQzRGOUFFMDIvNjVERkNENEE4
ODREMTFFRTg0MjNDNDg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgb8GCCsGAQUFBwEHAQH/
BIGvMIGsMCQEAgABMB4DBAIr+lQDBAJn/ZwDBANxxTADBAavawADBATKU6AwgYME
AgACMH0DBwMkB54AAAAwEgMHBCQHngAAEAMHASQHngAAFDASAwcFJAeeAAAgAwcB
JAeeAAAkAwcCJAeeAAAwAwcAJAeeAAA1MBIDBwYkB54AAEADBwAkB54AAEQDBwIk
B54AAFAwEgMHBSQHngAAYAMHACQHngAAYgMHASQHngAAcDANBgkqhkiG9w0BAQsF
AAOCAQEAED11+GMV3t4uQi1WclWuU6150k/g5sp9ppusU9zLG9iWGGbALOuEM7oD
wrxLodxzVV3hJuKLyvSN+LZc+XcdsjzSENsImmv1DmDJEFprEpqy22vsLwcNuTdm
KuWjxli5V/VyRzaxGktMJP+Excyfmg/N804xvqvrTmQgzowZYE7nBbArMS2w+Rhk
M6y0LPRYhjWWZ8l6mGrniLOuhlMhyiOzPdWk6usKbb1nff3tjlgpH0Y68qvHjtQ4
/YUVyho3AiRUKAHyHp8p4623C6LwJlasxdS4zHrep5QDAJmYazczKJq2zb7hOoJ2
TlBk16kEOalGTVfGAWk1IGYMOMPjeg==
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:51:29 2025 by rpki-client