Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/0FB29E462A0811EE9A08C30FC4F9AE02.roa
File: 0FB29E462A0811EE9A08C30FC4F9AE02.roa (raw, json)
Hash identifier: 1uKvVpgCcQqroLN7AwMHaqVoCWybjV0K8HdokVEjChQ=
Subject key identifier: A2:F0:5A:37:3A:0F:74:04:CD:1D:1A:A3:5F:5E:17:A7:88:A5:F5:21
Certificate issuer: /CN=A912C8AF/serialNumber=763F7FBD964A1C3668308C9A29E15025C0DDF9D4
Certificate serial: 0B90
Authority key identifier: 76:3F:7F:BD:96:4A:1C:36:68:30:8C:9A:29:E1:50:25:C0:DD:F9:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/0FB29E462A0811EE9A08C30FC4F9AE02.roa
Signing time: Tue 19 Aug 2025 06:23:16 +0000
ROA not before: Tue 19 Aug 2025 06:23:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 138915
IP address blocks: 59.153.156.0/24 maxlen: 24
59.153.157.0/24 maxlen: 24
59.153.158.0/24 maxlen: 24
59.153.159.0/24 maxlen: 24
103.84.108.0/24 maxlen: 24
103.84.109.0/24 maxlen: 24
103.84.111.0/24 maxlen: 24
103.136.248.0/22 maxlen: 22
103.136.248.0/24 maxlen: 24
103.136.249.0/24 maxlen: 24
103.136.250.0/24 maxlen: 24
103.136.251.0/24 maxlen: 24
103.151.138.0/23 maxlen: 23
103.151.138.0/24 maxlen: 24
103.151.139.0/24 maxlen: 24
103.152.98.0/24 maxlen: 24
103.152.99.0/24 maxlen: 24
103.198.200.0/24 maxlen: 24
103.198.201.0/24 maxlen: 24
103.198.202.0/24 maxlen: 24
175.176.192.0/24 maxlen: 24
175.176.193.0/24 maxlen: 24
175.176.194.0/24 maxlen: 24
175.176.195.0/24 maxlen: 24
2404:a140::/32 maxlen: 32
2404:a140:2::/48 maxlen: 48
2404:a140:3::/48 maxlen: 48
2404:a140:4::/48 maxlen: 48
2404:a140:5::/48 maxlen: 48
2404:a140:6::/48 maxlen: 48
2404:a140:7::/48 maxlen: 48
2404:a140:8::/48 maxlen: 48
2404:a140:9::/48 maxlen: 48
2404:a140:a::/48 maxlen: 48
2404:a140:b::/48 maxlen: 48
2404:a140:c::/48 maxlen: 48
2404:a140:d::/48 maxlen: 48
2404:a140:e::/48 maxlen: 48
2404:a140:f::/48 maxlen: 48
2404:a140:10::/48 maxlen: 48
2404:a140:11::/48 maxlen: 48
2404:a140:12::/48 maxlen: 48
2404:a140:13::/48 maxlen: 48
2404:a140:14::/48 maxlen: 48
2404:a140:15::/48 maxlen: 48
2404:a140:16::/48 maxlen: 48
2404:a140:17::/48 maxlen: 48
2404:a140:18::/48 maxlen: 48
2404:a140:19::/48 maxlen: 48
2404:a140:1a::/48 maxlen: 48
2404:a140:1b::/48 maxlen: 48
2404:a140:1c::/48 maxlen: 48
2404:a140:1d::/48 maxlen: 48
2404:a140:1e::/48 maxlen: 48
2404:a140:1f::/48 maxlen: 48
2404:a140:20::/48 maxlen: 48
2404:a140:21::/48 maxlen: 48
2404:a140:22::/48 maxlen: 48
2404:a140:23::/48 maxlen: 48
2404:a140:24::/48 maxlen: 48
2404:a140:25::/48 maxlen: 48
2404:a140:26::/48 maxlen: 48
2404:a140:27::/48 maxlen: 48
2404:a140:28::/48 maxlen: 48
2404:a140:29::/48 maxlen: 48
2404:a140:2a::/48 maxlen: 48
2404:a140:2b::/48 maxlen: 48
2404:a140:2c::/48 maxlen: 48
2404:a140:2d::/48 maxlen: 48
2404:a140:2e::/48 maxlen: 48
2404:a140:2f::/48 maxlen: 48
2404:a140:30::/48 maxlen: 48
2404:a140:32::/48 maxlen: 48
2404:a140:33::/48 maxlen: 48
2404:a140:38::/48 maxlen: 48
2404:a140:39::/48 maxlen: 48
2404:a140:3a::/48 maxlen: 48
2404:a140:3b::/48 maxlen: 48
2404:a140:3c::/48 maxlen: 48
2404:a140:3d::/48 maxlen: 48
2404:a140:3e::/48 maxlen: 48
2404:a140:3f::/48 maxlen: 48
2404:a140:42::/48 maxlen: 48
2404:a140:44::/48 maxlen: 48
2404:a140:45::/48 maxlen: 48
2404:a140:46::/48 maxlen: 48
2404:a140:4a::/48 maxlen: 48
2404:a140:4b::/48 maxlen: 48
2404:a140:4c::/48 maxlen: 48
2404:a140:4d::/48 maxlen: 48
2404:a140:4f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.crl
rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 19:40:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2960 (0xb90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912C8AF, serialNumber=763F7FBD964A1C3668308C9A29E15025C0DDF9D4
Validity
Not Before: Aug 19 06:23:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68a41854-0543
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:37:2e:04:27:57:14:3b:62:82:3e:23:22:7f:
3a:9a:90:1d:76:41:c3:de:a0:ae:83:49:e5:0d:e7:
9f:32:1b:a7:bf:54:28:9a:12:cd:a5:02:fc:20:c8:
b7:a1:07:88:29:a3:8c:29:3e:20:9f:7d:2d:e5:b1:
c7:8a:cf:ff:00:22:29:1d:4e:a1:d3:35:a3:55:3c:
05:aa:30:5c:2d:1d:3c:f0:53:dd:8a:b6:b5:79:2a:
f4:c2:5a:0b:a2:96:79:ac:4d:79:0c:f2:0a:d1:98:
1f:d3:c1:32:a5:76:4e:23:fa:d7:3d:30:e5:23:b3:
b2:e6:e0:d9:e6:70:9f:aa:b2:92:15:1c:de:7c:8a:
c6:b3:4f:fb:1d:55:a9:67:b7:f4:3d:87:71:7a:a6:
f9:11:e4:48:8a:5b:8d:eb:f8:52:d4:7b:79:f7:79:
65:ce:f9:aa:98:f0:74:bc:b5:e9:5c:92:5d:cc:b9:
5b:d4:7f:3d:74:16:eb:5d:09:df:40:7e:82:4a:83:
67:ee:a7:f0:cc:08:ef:48:db:7f:8b:d7:a9:a1:0f:
aa:ca:53:87:2d:79:e5:4d:de:32:1b:ac:b6:8d:70:
9c:48:58:ab:3f:57:5b:42:94:1f:af:b3:0e:2a:d1:
37:48:04:41:f4:17:aa:f9:a0:e2:7b:0a:69:4e:69:
90:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:F0:5A:37:3A:0F:74:04:CD:1D:1A:A3:5F:5E:17:A7:88:A5:F5:21
X509v3 Authority Key Identifier:
keyid:76:3F:7F:BD:96:4A:1C:36:68:30:8C:9A:29:E1:50:25:C0:DD:F9:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/0FB29E462A0811EE9A08C30FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.153.156.0/22
103.84.108.0/23
103.84.111.0/24
103.136.248.0/22
103.151.138.0/23
103.152.98.0/23
103.198.200.0-103.198.202.255
175.176.192.0/22
IPv6:
2404:a140::/32
Signature Algorithm: sha256WithRSAEncryption
9c:a5:a9:b7:7e:48:1b:85:b8:6b:ee:a3:94:c2:37:df:b4:6c:
9c:dd:31:73:93:7f:1a:5e:67:bc:f3:29:f5:80:c1:73:d3:17:
39:3d:10:72:83:3f:cc:30:c8:41:1c:6b:65:78:e0:14:c1:87:
f4:5d:82:7a:74:9e:87:d9:93:49:16:21:dd:b3:f4:d2:66:d9:
db:2c:b1:fd:9d:62:d8:6b:9d:47:1e:e2:80:79:5c:61:56:4b:
96:33:02:6a:53:f3:c1:b8:71:d3:17:d5:37:b9:bc:22:a2:fc:
83:67:b7:68:a7:96:a5:34:a5:b0:5c:2b:dc:55:17:4c:b1:57:
96:e3:ad:f9:5b:01:e2:3d:2c:13:a8:58:7a:1f:00:16:46:19:
ce:db:d4:3c:85:b6:aa:ae:0d:93:c6:59:c6:6d:f9:30:c5:c1:
06:f9:9a:51:a1:b7:61:e6:59:19:22:0b:69:99:82:dc:01:77:
2c:8d:e7:1f:2c:89:46:15:28:7f:4e:e5:a4:37:f8:41:9a:b9:
10:06:7d:83:14:35:3e:ff:a8:e6:72:6c:eb:08:70:0d:8e:eb:
80:96:e3:2d:d3:44:04:57:da:0e:74:a5:fe:ce:73:bb:52:26:
f9:7b:e2:25:ad:cb:6f:81:da:e0:17:21:fd:45:cd:b6:33:b5:
94:99:8f:96
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgICC5AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkM4QUYxMTAvBgNVBAUTKDc2M0Y3RkJEOTY0QTFDMzY2ODMwOEM5QTI5RTE1MDI1
QzBEREY5RDQwHhcNMjUwODE5MDYyMzE2WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGE0MTg1NC0wNTQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6TcuBCdXFDtigj4jIn86mpAddkHD3qCug0nlDeefMhunv1QomhLNpQL8IMi3
oQeIKaOMKT4gn30t5bHHis//ACIpHU6h0zWjVTwFqjBcLR088FPdira1eSr0wloL
opZ5rE15DPIK0Zgf08EypXZOI/rXPTDlI7Oy5uDZ5nCfqrKSFRzefIrGs0/7HVWp
Z7f0PYdxeqb5EeRIiluN6/hS1Ht593llzvmqmPB0vLXpXJJdzLlb1H89dBbrXQnf
QH6CSoNn7qfwzAjvSNt/i9epoQ+qylOHLXnlTd4yG6y2jXCcSFirP1dbQpQfr7MO
KtE3SARB9Beq+aDiewppTmmQLQIDAQABo4IC1jCCAtIwHQYDVR0OBBYEFKLwWjc6
D3QEzR0ao19eF6eIpfUhMB8GA1UdIwQYMBaAFHY/f72WShw2aDCMminhUCXA3fnU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQzhBRi9EMUY2NEU3MjVF
RUYxMUVBQTU0RTZDNkNDNEY5QUUwMi9kajlfdlpaS0hEWm9NSXlhS2VGUUpjRGQt
ZFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RqOV92WlpLSERab01JeWFLZUZRSmNEZC1kUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkM4QUYvRDFGNjRFNzI1RUVGMTFFQUE1NEU2QzZDQzRGOUFFMDIvMEZCMjlFNDYy
QTA4MTFFRTlBMDhDMzBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYAYIKwYBBQUHAQcBAf8E
UTBPMD4EAgABMDgDBAI7mZwDBAFnVGwDBABnVG8DBAJniPgDBAFnl4oDBAFnmGIw
DAMEA2fGyAMEAGfGygMEAq+wwDANBAIAAjAHAwUAJAShQDANBgkqhkiG9w0BAQsF
AAOCAQEAnKWpt35IG4W4a+6jlMI337RsnN0xc5N/Gl5nvPMp9YDBc9MXOT0QcoM/
zDDIQRxrZXjgFMGH9F2CenSeh9mTSRYh3bP00mbZ2yyx/Z1i2GudRx7igHlcYVZL
ljMCalPzwbhx0xfVN7m8IqL8g2e3aKeWpTSlsFwr3FUXTLFXluOt+VsB4j0sE6hY
eh8AFkYZztvUPIW2qq4Nk8ZZxm35MMXBBvmaUaG3YeZZGSILaZmC3AF3LI3nHyyJ
RhUof07lpDf4QZq5EAZ9gxQ1Pv+o5nJs6whwDY7rgJbjLdNEBFfaDnSl/s5zu1Im
+XviJa3Lb4Ha4Bch/UXNtjO1lJmPlg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:25:52 2025 by rpki-client