Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/A9B6556E064311F0BA61C549C4F9AE02.roa
File: A9B6556E064311F0BA61C549C4F9AE02.roa (raw, json)
Hash identifier: 0C6TlHkpuDCz4hvNzUcvUCrXDtcFtiPeiunaW4mmmk0=
Subject key identifier: 2B:03:99:BE:94:C0:5F:61:F5:30:9D:DB:8B:D1:DC:01:07:36:4A:EB
Certificate issuer: /CN=A911C5B0/serialNumber=7A961769549E0AAD0A9BF9925683BAEF733A2F1A
Certificate serial: 3527
Authority key identifier: 7A:96:17:69:54:9E:0A:AD:0A:9B:F9:92:56:83:BA:EF:73:3A:2F:1A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/A9B6556E064311F0BA61C549C4F9AE02.roa
Signing time: Wed 10 Sep 2025 06:42:32 +0000
ROA not before: Wed 10 Sep 2025 06:42:32 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 4741
IP address blocks: 203.149.0.0/18 maxlen: 18
203.149.0.0/19 maxlen: 19
203.149.0.0/20 maxlen: 20
203.149.0.0/22 maxlen: 22
203.149.0.0/24 maxlen: 24
203.149.6.0/24 maxlen: 24
203.149.8.0/24 maxlen: 24
203.149.10.0/24 maxlen: 24
203.149.16.0/20 maxlen: 20
203.149.20.0/24 maxlen: 24
203.149.21.0/24 maxlen: 24
203.149.29.0/24 maxlen: 24
203.149.31.0/24 maxlen: 24
203.149.32.0/19 maxlen: 19
203.149.32.0/24 maxlen: 24
203.149.37.0/24 maxlen: 24
203.149.38.0/24 maxlen: 24
203.149.44.0/24 maxlen: 24
203.149.45.0/24 maxlen: 24
203.149.46.0/23 maxlen: 23
203.149.48.0/20 maxlen: 20
203.149.62.0/24 maxlen: 24
210.246.64.0/18 maxlen: 18
210.246.64.0/19 maxlen: 19
210.246.64.0/20 maxlen: 20
210.246.80.0/20 maxlen: 20
210.246.96.0/19 maxlen: 19
210.246.96.0/20 maxlen: 20
210.246.112.0/20 maxlen: 20
210.246.128.0/17 maxlen: 17
210.246.128.0/18 maxlen: 18
210.246.128.0/20 maxlen: 20
210.246.144.0/20 maxlen: 20
210.246.150.0/24 maxlen: 24
210.246.151.0/24 maxlen: 24
210.246.152.0/24 maxlen: 24
210.246.154.0/24 maxlen: 24
210.246.155.0/24 maxlen: 24
210.246.176.0/20 maxlen: 20
210.246.176.0/21 maxlen: 21
210.246.176.0/24 maxlen: 24
210.246.177.0/24 maxlen: 24
210.246.178.0/24 maxlen: 24
210.246.179.0/24 maxlen: 24
210.246.184.0/21 maxlen: 21
210.246.184.0/24 maxlen: 24
210.246.185.0/24 maxlen: 24
210.246.186.0/24 maxlen: 24
210.246.187.0/24 maxlen: 24
210.246.188.0/24 maxlen: 24
210.246.192.0/18 maxlen: 18
210.246.192.0/20 maxlen: 20
210.246.232.0/22 maxlen: 22
210.246.253.0/24 maxlen: 24
2403:c000::/32 maxlen: 32
2403:c000:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.crl
rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 14:23:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13607 (0x3527)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C5B0, serialNumber=7A961769549E0AAD0A9BF9925683BAEF733A2F1A
Validity
Not Before: Sep 10 06:42:32 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=68c11dd7-7dd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:75:2d:cc:3f:f4:a5:c7:14:d4:86:a1:9d:87:
80:b4:d6:3c:a6:ae:77:46:42:ac:70:39:94:5a:19:
fb:16:13:42:60:34:d8:e8:b1:27:a2:13:e0:ab:a9:
50:f1:f1:40:cb:ad:40:21:4e:3f:d5:de:51:3a:ed:
65:7f:6b:63:63:65:b3:84:c9:34:10:6d:5a:6b:0a:
7b:55:e1:c3:b5:7e:f7:6f:66:32:d8:59:5d:14:7f:
14:bc:ae:06:b0:96:03:c2:5b:b4:1f:b6:b5:a2:2e:
6c:24:dd:c1:5a:b7:9d:ad:46:ac:99:ca:86:d7:b0:
3b:bc:5b:2e:a6:a1:25:ad:35:06:12:39:d5:11:a0:
3d:73:de:a3:3d:a8:9a:ba:bc:34:ff:9c:aa:47:f4:
6e:cf:6e:9e:89:5e:22:aa:64:a2:e9:1c:eb:82:69:
4c:a9:67:e3:00:da:1d:7e:e8:4a:44:78:c5:39:53:
11:91:1a:35:46:1e:24:78:38:a6:69:8d:bf:99:11:
84:e5:9f:2a:df:d4:38:ba:65:21:5c:ab:0b:3e:8a:
c7:da:cf:71:f2:59:b7:47:41:f5:ef:8f:e0:ca:47:
fc:ce:c2:ad:79:53:5e:3d:f7:84:b8:9a:82:43:6f:
95:c0:5e:08:cd:9c:5d:0f:9d:b9:08:f4:60:43:55:
9b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:03:99:BE:94:C0:5F:61:F5:30:9D:DB:8B:D1:DC:01:07:36:4A:EB
X509v3 Authority Key Identifier:
keyid:7A:96:17:69:54:9E:0A:AD:0A:9B:F9:92:56:83:BA:EF:73:3A:2F:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/A9B6556E064311F0BA61C549C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.149.0.0/18
210.246.64.0-210.246.255.255
IPv6:
2403:c000::/32
Signature Algorithm: sha256WithRSAEncryption
21:27:88:17:e1:51:d6:81:04:4f:e1:9a:1b:d6:de:70:99:b2:
bf:b6:9e:d3:c7:62:f2:24:71:f4:1c:5f:5a:d3:b6:36:2f:82:
03:53:88:7d:a9:5a:d1:33:98:c9:2d:98:fd:0b:4f:58:5e:3b:
ec:99:47:76:a7:08:b2:de:21:b3:59:ff:91:7d:da:2c:87:9c:
5c:de:ec:bf:8e:ac:33:3f:ea:be:d5:93:8d:60:28:bf:33:71:
fe:b6:a1:0b:e2:1e:93:dd:43:fd:eb:2a:12:be:ba:f1:9d:17:
77:61:70:d0:a3:2f:5d:82:f6:67:f3:f9:2c:5f:2d:ac:4d:14:
a0:65:9e:29:f4:17:55:d8:ab:de:81:03:0c:6c:98:68:55:38:
e0:79:ed:0f:68:4e:8b:b9:4a:af:fe:15:53:37:6c:22:3b:bf:
eb:bf:8e:81:0d:ac:36:89:f3:e9:92:18:86:c2:e2:aa:04:c0:
9f:17:8e:1c:40:a3:f3:16:6e:b7:7b:e8:53:82:2b:07:5e:cf:
76:04:f6:fb:7e:a0:10:74:ed:22:44:81:9f:9d:02:d5:23:bf:
d0:be:c8:5a:9c:fb:59:2e:46:de:43:9e:8c:ef:3e:fc:12:48:
3f:8f:55:33:40:2b:36:81:a8:7f:9a:3b:aa:5e:96:90:5d:c1:
47:13:71:70
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgICNScwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUM1QjAxMTAvBgNVBAUTKDdBOTYxNzY5NTQ5RTBBQUQwQTlCRjk5MjU2ODNCQUVG
NzMzQTJGMUEwHhcNMjUwOTEwMDY0MjMyWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGMxMWRkNy03ZGQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA33UtzD/0pccU1IahnYeAtNY8pq53RkKscDmUWhn7FhNCYDTY6LEnohPgq6lQ
8fFAy61AIU4/1d5ROu1lf2tjY2WzhMk0EG1aawp7VeHDtX73b2Yy2FldFH8UvK4G
sJYDwlu0H7a1oi5sJN3BWredrUasmcqG17A7vFsupqElrTUGEjnVEaA9c96jPaia
urw0/5yqR/Ruz26eiV4iqmSi6RzrgmlMqWfjANodfuhKRHjFOVMRkRo1Rh4keDim
aY2/mRGE5Z8q39Q4umUhXKsLPorH2s9x8lm3R0H174/gykf8zsKteVNePfeEuJqC
Q2+VwF4IzZxdD525CPRgQ1WbcwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFCsDmb6U
wF9h9TCd24vR3AEHNkrrMB8GA1UdIwQYMBaAFHqWF2lUngqtCpv5klaDuu9zOi8a
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzVCMC80MEM4RDVBNjFE
ODMxMUUyODIzQTVGRDgwOEIwMkNEMi9lcFlYYVZTZUNxMEttX21TVm9PNjczTTZM
eG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VwWVhhVlNlQ3EwS21fbVNWb082NzNNNkx4by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUM1QjAvNDBDOEQ1QTYxRDgzMTFFMjgyM0E1RkQ4MDhCMDJDRDIvQTlCNjU1NkUw
NjQzMTFGMEJBNjFDNTQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E
LDAqMBkEAgABMBMDBAbLlQAwCwMEBtL2QAMDANL2MA0EAgACMAcDBQAkA8AAMA0G
CSqGSIb3DQEBCwUAA4IBAQAhJ4gX4VHWgQRP4Zob1t5wmbK/tp7Tx2LyJHH0HF9a
07Y2L4IDU4h9qVrRM5jJLZj9C09YXjvsmUd2pwiy3iGzWf+Rfdosh5xc3uy/jqwz
P+q+1ZONYCi/M3H+tqEL4h6T3UP96yoSvrrxnRd3YXDQoy9dgvZn8/ksXy2sTRSg
ZZ4p9BdV2KvegQMMbJhoVTjgee0PaE6LuUqv/hVTN2wiO7/rv46BDaw2ifPpkhiG
wuKqBMCfF44cQKPzFm63e+hTgisHXs92BPb7fqAQdO0iRIGfnQLVI7/QvshanPtZ
LkbeQ56M7z78Ekg/j1UzQCs2gah/mjuqXpaQXcFHE3Fw
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:35:37 2025 by rpki-client