Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/D9750E78F01111EFB1720645C4F9AE02.roa
File: D9750E78F01111EFB1720645C4F9AE02.roa (raw, json)
Hash identifier: +Yz6orAM99P+kFeVfZoKus8hCh0ONcQuiBI4/E0rf1A=
Subject key identifier: C5:75:68:32:FD:1B:7E:64:14:FC:3F:01:39:23:EB:12:52:DC:18:D2
Certificate issuer: /CN=A91F33A5/serialNumber=4FF52847215C4A22E9F1149E6CBFEDF74D61CE8B
Certificate serial: 038B
Authority key identifier: 4F:F5:28:47:21:5C:4A:22:E9:F1:14:9E:6C:BF:ED:F7:4D:61:CE:8B
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/T_UoRyFcSiLp8RSebL_t901hzos.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/D9750E78F01111EFB1720645C4F9AE02.roa
Signing time: Fri 05 Sep 2025 01:37:55 +0000
ROA not before: Fri 05 Sep 2025 01:37:55 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 6262
IP address blocks: 130.116.0.0/16 maxlen: 24
130.155.0.0/16 maxlen: 24
138.194.0.0/16 maxlen: 24
140.79.0.0/16 maxlen: 24
140.253.0.0/16 maxlen: 24
144.110.0.0/16 maxlen: 24
146.118.0.0/16 maxlen: 24
152.83.0.0/16 maxlen: 24
192.16.180.0/24 maxlen: 24
192.41.146.0/24 maxlen: 24
192.42.60.0/23 maxlen: 24
192.42.62.0/24 maxlen: 24
192.54.105.0/24 maxlen: 24
192.54.106.0/24 maxlen: 24
192.55.219.0/24 maxlen: 24
192.55.232.0/24 maxlen: 24
192.65.130.0/24 maxlen: 24
192.67.12.0/24 maxlen: 24
192.67.171.0/24 maxlen: 24
192.68.132.0/24 maxlen: 24
192.82.140.0/24 maxlen: 24
192.83.238.0/24 maxlen: 24
192.84.237.0/24 maxlen: 24
192.84.238.0/24 maxlen: 24
192.94.62.0/23 maxlen: 24
192.94.64.0/24 maxlen: 24
192.94.209.0/24 maxlen: 24
192.102.250.0/23 maxlen: 24
192.107.9.0/24 maxlen: 24
192.111.32.0/24 maxlen: 24
192.122.176.0/24 maxlen: 24
192.124.117.0/24 maxlen: 24
192.124.152.0/24 maxlen: 24
192.138.100.0/24 maxlen: 24
192.149.36.0/24 maxlen: 24
192.150.202.0/24 maxlen: 24
192.160.16.0/24 maxlen: 24
192.188.115.0/24 maxlen: 24
192.188.186.0/24 maxlen: 24
192.207.156.0/23 maxlen: 24
192.207.158.0/24 maxlen: 24
192.207.197.0/24 maxlen: 24
192.207.198.0/24 maxlen: 24
192.245.210.0/23 maxlen: 24
192.245.212.0/22 maxlen: 24
192.245.216.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/T_UoRyFcSiLp8RSebL_t901hzos.crl
rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/T_UoRyFcSiLp8RSebL_t901hzos.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/T_UoRyFcSiLp8RSebL_t901hzos.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 16 Sep 2025 01:09:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 907 (0x38b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F33A5, serialNumber=4FF52847215C4A22E9F1149E6CBFEDF74D61CE8B
Validity
Not Before: Sep 5 01:37:55 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=68ba3ef2-4dc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:84:28:e5:d2:f7:38:17:a3:28:c3:9d:23:69:
a4:6e:74:c5:4f:1c:d6:76:86:d3:8b:9a:be:fd:f7:
9c:f7:2e:db:02:bb:95:99:c1:5f:23:b2:02:9f:9a:
75:ee:8f:bb:77:4a:40:3b:49:bc:ad:95:0f:b1:01:
82:80:af:6d:bc:71:50:19:b4:6b:9b:e7:ac:ed:98:
2c:8f:96:df:b2:cb:2b:bd:35:0e:11:10:51:3e:de:
f4:70:2c:54:f5:2a:19:06:3c:c8:86:4a:a8:bf:18:
f1:06:28:d2:6c:2e:43:f6:42:22:78:50:58:ed:db:
11:ca:6c:88:5d:45:93:ba:80:10:cf:13:51:bd:5f:
7c:df:56:57:9a:77:b4:cb:53:98:fe:41:c3:9f:27:
0f:05:8a:50:42:19:ed:51:44:22:25:0f:90:78:ac:
a7:85:c6:84:2f:c0:a8:a9:9b:e3:a0:a4:bf:fb:19:
98:1d:5d:11:54:1d:bd:56:43:f2:05:4d:70:9f:a8:
87:c0:8e:40:d3:96:c3:d6:1a:61:64:3b:df:7e:d5:
74:2b:e5:23:ab:cd:f2:6a:fe:a5:05:04:9f:ea:e9:
7a:23:87:90:b3:f5:4c:96:04:7d:4d:40:e0:69:bc:
1e:f6:da:05:bc:bd:96:17:e0:5d:ee:25:14:db:75:
a3:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:75:68:32:FD:1B:7E:64:14:FC:3F:01:39:23:EB:12:52:DC:18:D2
X509v3 Authority Key Identifier:
keyid:4F:F5:28:47:21:5C:4A:22:E9:F1:14:9E:6C:BF:ED:F7:4D:61:CE:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/T_UoRyFcSiLp8RSebL_t901hzos.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/T_UoRyFcSiLp8RSebL_t901hzos.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/D9750E78F01111EFB1720645C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
130.116.0.0/16
130.155.0.0/16
138.194.0.0/16
140.79.0.0/16
140.253.0.0/16
144.110.0.0/16
146.118.0.0/16
152.83.0.0/16
192.16.180.0/24
192.41.146.0/24
192.42.60.0-192.42.62.255
192.54.105.0-192.54.106.255
192.55.219.0/24
192.55.232.0/24
192.65.130.0/24
192.67.12.0/24
192.67.171.0/24
192.68.132.0/24
192.82.140.0/24
192.83.238.0/24
192.84.237.0-192.84.238.255
192.94.62.0-192.94.64.255
192.94.209.0/24
192.102.250.0/23
192.107.9.0/24
192.111.32.0/24
192.122.176.0/24
192.124.117.0/24
192.124.152.0/24
192.138.100.0/24
192.149.36.0/24
192.150.202.0/24
192.160.16.0/24
192.188.115.0/24
192.188.186.0/24
192.207.156.0-192.207.158.255
192.207.197.0-192.207.198.255
192.245.210.0-192.245.217.255
Signature Algorithm: sha256WithRSAEncryption
9a:99:b9:14:47:5a:f9:52:37:55:87:52:8f:cb:81:f4:08:9b:
1e:f2:28:bd:5c:4c:ef:f2:96:32:12:ea:4c:35:0d:f8:65:33:
db:04:7b:30:70:d5:ef:30:de:cd:8e:f0:9d:b5:2c:1b:78:da:
ad:ba:87:92:5c:37:f4:fb:bd:4f:19:08:ad:d9:b8:93:70:a3:
8e:21:4a:6a:8d:89:8f:29:cf:99:46:e0:18:51:3a:ab:d7:7e:
40:e4:2d:59:a8:2f:65:b8:a3:a4:f4:72:31:ba:33:1f:3d:2e:
71:f4:bc:9a:5d:6e:bd:54:92:f7:98:4c:2a:19:ac:c6:87:8b:
63:53:db:3a:fc:fd:56:e8:bb:50:37:91:b5:ba:76:cb:59:40:
8e:12:49:02:e2:2d:af:7d:e4:97:e9:10:8b:90:44:84:fe:f0:
b3:d3:d8:7b:df:ef:b1:4d:cd:0b:ea:1d:e8:be:b6:8a:b4:d0:
56:32:7f:49:87:22:90:0e:30:63:84:56:fd:79:54:f9:0d:e5:
ed:3a:2e:c5:bc:91:a2:a2:b6:60:aa:4f:a2:24:7f:83:fa:23:
a4:24:68:68:4c:64:5f:77:9c:3b:cb:4c:fe:e7:25:a8:86:19:
45:bc:49:b5:74:f0:f5:6f:dc:8d:8b:f3:57:d1:35:17:94:6a:
70:77:8b:3e
-----BEGIN CERTIFICATE-----
MIIGiTCCBXGgAwIBAgICA4swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjMzQTUxMTAvBgNVBAUTKDRGRjUyODQ3MjE1QzRBMjJFOUYxMTQ5RTZDQkZFREY3
NEQ2MUNFOEIwHhcNMjUwOTA1MDEzNzU1WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGJhM2VmMi00ZGM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3IQo5dL3OBejKMOdI2mkbnTFTxzWdobTi5q+/fec9y7bAruVmcFfI7ICn5p1
7o+7d0pAO0m8rZUPsQGCgK9tvHFQGbRrm+es7Zgsj5bfsssrvTUOERBRPt70cCxU
9SoZBjzIhkqovxjxBijSbC5D9kIieFBY7dsRymyIXUWTuoAQzxNRvV9831ZXmne0
y1OY/kHDnycPBYpQQhntUUQiJQ+QeKynhcaEL8CoqZvjoKS/+xmYHV0RVB29VkPy
BU1wn6iHwI5A05bD1hphZDvfftV0K+Ujq83yav6lBQSf6ul6I4eQs/VMlgR9TUDg
abwe9toFvL2WF+Bd7iUU23WjQQIDAQABo4IDrTCCA6kwHQYDVR0OBBYEFMV1aDL9
G35kFPw/ATkj6xJS3BjSMB8GA1UdIwQYMBaAFE/1KEchXEoi6fEUnmy/7fdNYc6L
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMzNBNS8xMTg3MDk3MkQ0
RDgxMUVDQTQyNDVGMTBDNEY5QUUwMi9UX1VvUnlGY1NpTHA4UlNlYkxfdDkwMWh6
b3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1RfVW9SeUZjU2lMcDhSU2ViTF90OTAxaHpvcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjMzQTUvMTE4NzA5NzJENEQ4MTFFQ0E0MjQ1RjEwQzRGOUFFMDIvRDk3NTBFNzhG
MDExMTFFRkIxNzIwNjQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggE1BggrBgEFBQcBBwEB
/wSCASQwggEgMIIBHAQCAAEwggEUAwMAgnQDAwCCmwMDAIrCAwMAjE8DAwCM/QMD
AJBuAwMAknYDAwCYUwMEAMAQtAMEAMApkjAMAwQCwCo8AwQAwCo+MAwDBADANmkD
BADANmoDBADAN9sDBADAN+gDBADAQYIDBADAQwwDBADAQ6sDBADARIQDBADAUowD
BADAU+4wDAMEAMBU7QMEAMBU7jAMAwQBwF4+AwQAwF5AAwQAwF7RAwQBwGb6AwQA
wGsJAwQAwG8gAwQAwHqwAwQAwHx1AwQAwHyYAwQAwIpkAwQAwJUkAwQAwJbKAwQA
wKAQAwQAwLxzAwQAwLy6MAwDBALAz5wDBADAz54wDAMEAMDPxQMEAMDPxjAMAwQB
wPXSAwQBwPXYMA0GCSqGSIb3DQEBCwUAA4IBAQCambkUR1r5UjdVh1KPy4H0CJse
8ii9XEzv8pYyEupMNQ34ZTPbBHswcNXvMN7NjvCdtSwbeNqtuoeSXDf0+71PGQit
2biTcKOOIUpqjYmPKc+ZRuAYUTqr135A5C1ZqC9luKOk9HIxujMfPS5x9LyaXW69
VJL3mEwqGazGh4tjU9s6/P1W6LtQN5G1unbLWUCOEkkC4i2vfeSX6RCLkESE/vCz
09h73++xTc0L6h3ovraKtNBWMn9JhyKQDjBjhFb9eVT5DeXtOi7FvJGiorZgqk+i
JH+D+iOkJGhoTGRfd5w7y0z+5yWohhlFvEm1dPD1b9yNi/NX0TUXlGpwd4s+
-----END CERTIFICATE-----
Generated at Tue Sep 9 15:35:23 2025 by rpki-client