Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/0FB29E462A0811EE9A08C30FC4F9AE02.roa
File: 0FB29E462A0811EE9A08C30FC4F9AE02.roa (raw, json)
Hash identifier: jW97EhwSMkh0Bo/mh1Pb9TT13jB118RG5hbBe2CtZqU=
Subject key identifier: 12:FE:3D:4D:D0:FE:98:BB:F5:40:DD:9A:19:34:44:C0:4C:DE:E0:34
Certificate issuer: /CN=A912C8AF/serialNumber=763F7FBD964A1C3668308C9A29E15025C0DDF9D4
Certificate serial: 0BB3
Authority key identifier: 76:3F:7F:BD:96:4A:1C:36:68:30:8C:9A:29:E1:50:25:C0:DD:F9:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/0FB29E462A0811EE9A08C30FC4F9AE02.roa
Signing time: Mon 22 Sep 2025 02:42:47 +0000
ROA not before: Mon 22 Sep 2025 02:42:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 138915
IP address blocks: 59.153.156.0/24 maxlen: 24
59.153.157.0/24 maxlen: 24
59.153.158.0/24 maxlen: 24
59.153.159.0/24 maxlen: 24
103.84.108.0/24 maxlen: 24
103.84.109.0/24 maxlen: 24
103.84.110.0/24 maxlen: 24
103.84.111.0/24 maxlen: 24
103.136.248.0/22 maxlen: 22
103.136.248.0/24 maxlen: 24
103.136.249.0/24 maxlen: 24
103.136.250.0/24 maxlen: 24
103.136.251.0/24 maxlen: 24
103.151.138.0/23 maxlen: 23
103.151.138.0/24 maxlen: 24
103.151.139.0/24 maxlen: 24
103.152.14.0/24 maxlen: 24
103.152.15.0/24 maxlen: 24
103.152.98.0/24 maxlen: 24
103.152.99.0/24 maxlen: 24
103.198.200.0/24 maxlen: 24
103.198.201.0/24 maxlen: 24
103.198.202.0/24 maxlen: 24
103.198.203.0/24 maxlen: 24
175.176.192.0/24 maxlen: 24
175.176.193.0/24 maxlen: 24
175.176.194.0/24 maxlen: 24
175.176.195.0/24 maxlen: 24
2404:a140::/32 maxlen: 32
2404:a140:2::/48 maxlen: 48
2404:a140:3::/48 maxlen: 48
2404:a140:4::/48 maxlen: 48
2404:a140:5::/48 maxlen: 48
2404:a140:6::/48 maxlen: 48
2404:a140:7::/48 maxlen: 48
2404:a140:8::/48 maxlen: 48
2404:a140:9::/48 maxlen: 48
2404:a140:a::/48 maxlen: 48
2404:a140:b::/48 maxlen: 48
2404:a140:c::/48 maxlen: 48
2404:a140:d::/48 maxlen: 48
2404:a140:e::/48 maxlen: 48
2404:a140:f::/48 maxlen: 48
2404:a140:10::/48 maxlen: 48
2404:a140:11::/48 maxlen: 48
2404:a140:12::/48 maxlen: 48
2404:a140:13::/48 maxlen: 48
2404:a140:14::/48 maxlen: 48
2404:a140:15::/48 maxlen: 48
2404:a140:16::/48 maxlen: 48
2404:a140:17::/48 maxlen: 48
2404:a140:18::/48 maxlen: 48
2404:a140:19::/48 maxlen: 48
2404:a140:1a::/48 maxlen: 48
2404:a140:1b::/48 maxlen: 48
2404:a140:1c::/48 maxlen: 48
2404:a140:1d::/48 maxlen: 48
2404:a140:1e::/48 maxlen: 48
2404:a140:1f::/48 maxlen: 48
2404:a140:20::/48 maxlen: 48
2404:a140:21::/48 maxlen: 48
2404:a140:22::/48 maxlen: 48
2404:a140:23::/48 maxlen: 48
2404:a140:24::/48 maxlen: 48
2404:a140:25::/48 maxlen: 48
2404:a140:26::/48 maxlen: 48
2404:a140:27::/48 maxlen: 48
2404:a140:28::/48 maxlen: 48
2404:a140:29::/48 maxlen: 48
2404:a140:2a::/48 maxlen: 48
2404:a140:2b::/48 maxlen: 48
2404:a140:2c::/48 maxlen: 48
2404:a140:2d::/48 maxlen: 48
2404:a140:2e::/48 maxlen: 48
2404:a140:2f::/48 maxlen: 48
2404:a140:30::/48 maxlen: 48
2404:a140:32::/48 maxlen: 48
2404:a140:33::/48 maxlen: 48
2404:a140:38::/48 maxlen: 48
2404:a140:39::/48 maxlen: 48
2404:a140:3a::/48 maxlen: 48
2404:a140:3b::/48 maxlen: 48
2404:a140:3c::/48 maxlen: 48
2404:a140:3d::/48 maxlen: 48
2404:a140:3e::/48 maxlen: 48
2404:a140:3f::/48 maxlen: 48
2404:a140:42::/48 maxlen: 48
2404:a140:43::/48 maxlen: 48
2404:a140:44::/48 maxlen: 48
2404:a140:45::/48 maxlen: 48
2404:a140:46::/48 maxlen: 48
2404:a140:47::/48 maxlen: 48
2404:a140:4a::/48 maxlen: 48
2404:a140:4b::/48 maxlen: 48
2404:a140:4c::/48 maxlen: 48
2404:a140:4d::/48 maxlen: 48
2404:a140:4f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.crl
rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 20:25:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2995 (0xbb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912C8AF, serialNumber=763F7FBD964A1C3668308C9A29E15025C0DDF9D4
Validity
Not Before: Sep 22 02:42:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68d0b7a7-d77d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:04:ef:a8:4a:1b:85:1e:46:45:80:0a:c3:38:
78:af:d5:eb:27:86:cb:99:7a:4a:44:65:e5:ac:5a:
bd:ba:e6:b9:a3:27:cf:0b:bc:ab:4f:f3:66:e5:d6:
26:e8:06:59:57:97:86:5f:d2:90:39:c1:38:5f:31:
d5:67:a8:29:e4:8b:49:4a:1d:b3:8a:10:56:4b:f5:
7a:a2:19:fd:1f:ba:99:4a:2b:fd:0e:13:dd:28:f1:
48:46:d8:a0:1b:b9:3b:ba:a3:bb:57:03:f9:99:9e:
4c:c9:9e:9e:6e:9a:23:66:5d:63:94:7f:a4:8d:f6:
b8:4a:cb:41:f2:d1:c0:21:9a:6d:5b:05:fb:bb:88:
d4:04:cb:75:05:07:61:1b:2c:07:bc:c1:4c:1b:2b:
d4:32:b9:40:18:70:98:44:9e:1f:a3:20:04:ca:88:
4c:b1:fd:fe:c9:d2:13:2e:1f:3d:41:db:97:ac:14:
af:a5:1a:07:61:9e:1d:d2:fc:22:4c:f5:0e:52:22:
fc:84:19:4c:b5:88:c3:b4:e3:75:b8:69:28:37:3a:
e7:e0:18:da:4c:f7:b8:a8:f6:97:ac:b0:94:a0:8a:
88:4a:da:35:e2:f8:7f:63:af:91:e0:cd:73:4a:23:
82:e1:d1:11:e8:a3:dc:ff:27:3a:b1:2f:aa:a3:53:
03:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:FE:3D:4D:D0:FE:98:BB:F5:40:DD:9A:19:34:44:C0:4C:DE:E0:34
X509v3 Authority Key Identifier:
keyid:76:3F:7F:BD:96:4A:1C:36:68:30:8C:9A:29:E1:50:25:C0:DD:F9:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/0FB29E462A0811EE9A08C30FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.153.156.0/22
103.84.108.0/22
103.136.248.0/22
103.151.138.0/23
103.152.14.0/23
103.152.98.0/23
103.198.200.0/22
175.176.192.0/22
IPv6:
2404:a140::/32
Signature Algorithm: sha256WithRSAEncryption
7a:58:20:73:bb:d9:ac:c1:23:d8:a0:00:bc:78:99:34:57:85:
ca:bc:df:47:48:11:b0:8f:dd:e6:9a:30:4b:2a:2f:34:bf:55:
16:b6:8c:dd:eb:60:a6:d3:ac:1a:7b:0f:03:98:e0:2f:e7:7e:
b0:87:88:81:b8:08:2c:32:1d:c2:7a:75:b1:67:47:df:b6:2c:
6f:c3:e3:d6:ee:a1:c3:c6:e8:40:d8:f8:61:82:64:30:0f:c8:
48:78:f2:43:47:97:21:2d:71:4c:0e:f8:5d:7f:75:f1:ff:5a:
d9:43:27:e0:7e:13:03:9b:2e:da:4f:bf:7a:7a:c9:74:bf:6b:
af:74:ed:e3:7b:0c:29:21:34:59:3b:96:e3:95:ac:48:82:bb:
90:c2:35:de:ea:06:b2:06:17:76:1b:b8:fc:ba:2e:bb:89:78:
2c:1b:e2:4d:da:69:de:32:a6:3f:fb:6e:5a:ef:6e:53:08:65:
21:5c:9a:12:0f:19:5c:b1:d8:e1:93:29:c6:38:e5:8f:a7:1d:
5a:21:3a:50:bb:98:da:94:52:f0:69:19:a1:5c:7b:07:e1:ce:
fc:a2:53:5d:9c:de:2c:e0:81:80:6d:e8:04:6f:98:3d:2c:e0:
da:15:9a:a0:ec:55:cf:87:db:49:4b:ff:d8:09:09:f9:00:c5:
a6:6e:f1:47
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgICC7MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkM4QUYxMTAvBgNVBAUTKDc2M0Y3RkJEOTY0QTFDMzY2ODMwOEM5QTI5RTE1MDI1
QzBEREY5RDQwHhcNMjUwOTIyMDI0MjQ3WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGQwYjdhNy1kNzdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+ATvqEobhR5GRYAKwzh4r9XrJ4bLmXpKRGXlrFq9uua5oyfPC7yrT/Nm5dYm
6AZZV5eGX9KQOcE4XzHVZ6gp5ItJSh2zihBWS/V6ohn9H7qZSiv9DhPdKPFIRtig
G7k7uqO7VwP5mZ5MyZ6ebpojZl1jlH+kjfa4SstB8tHAIZptWwX7u4jUBMt1BQdh
GywHvMFMGyvUMrlAGHCYRJ4foyAEyohMsf3+ydITLh89QduXrBSvpRoHYZ4d0vwi
TPUOUiL8hBlMtYjDtON1uGkoNzrn4BjaTPe4qPaXrLCUoIqISto14vh/Y6+R4M1z
SiOC4dER6KPc/yc6sS+qo1MDswIDAQABo4ICzjCCAsowHQYDVR0OBBYEFBL+PU3Q
/pi79UDdmhk0RMBM3uA0MB8GA1UdIwQYMBaAFHY/f72WShw2aDCMminhUCXA3fnU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQzhBRi9EMUY2NEU3MjVF
RUYxMUVBQTU0RTZDNkNDNEY5QUUwMi9kajlfdlpaS0hEWm9NSXlhS2VGUUpjRGQt
ZFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RqOV92WlpLSERab01JeWFLZUZRSmNEZC1kUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkM4QUYvRDFGNjRFNzI1RUVGMTFFQUE1NEU2QzZDQzRGOUFFMDIvMEZCMjlFNDYy
QTA4MTFFRTlBMDhDMzBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWAYIKwYBBQUHAQcBAf8E
STBHMDYEAgABMDADBAI7mZwDBAJnVGwDBAJniPgDBAFnl4oDBAFnmA4DBAFnmGID
BAJnxsgDBAKvsMAwDQQCAAIwBwMFACQEoUAwDQYJKoZIhvcNAQELBQADggEBAHpY
IHO72azBI9igALx4mTRXhcq830dIEbCP3eaaMEsqLzS/VRa2jN3rYKbTrBp7DwOY
4C/nfrCHiIG4CCwyHcJ6dbFnR9+2LG/D49buocPG6EDY+GGCZDAPyEh48kNHlyEt
cUwO+F1/dfH/WtlDJ+B+EwObLtpPv3p6yXS/a6907eN7DCkhNFk7luOVrEiCu5DC
Nd7qBrIGF3YbuPy6LruJeCwb4k3aad4ypj/7blrvblMIZSFcmhIPGVyx2OGTKcY4
5Y+nHVohOlC7mNqUUvBpGaFcewfhzvyiU12c3izggYBt6ARvmD0s4NoVmqDsVc+H
20lL/9gJCfkAxaZu8Uc=
-----END CERTIFICATE-----
Generated at Mon Oct 20 00:15:16 2025 by rpki-client