Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/0526730C2C4811EEAC2E4D46C4F9AE02.roa
File: 0526730C2C4811EEAC2E4D46C4F9AE02.roa (raw, json)
Hash identifier: sO+0Vdvls9ZYR5Dlw5L5vQENPT3Y8xAMCjDslvaGngI=
Subject key identifier: CF:BD:9C:3E:DD:A6:9A:9E:63:76:1F:B9:DB:15:49:0E:5E:01:F5:25
Certificate issuer: /CN=A913900D/serialNumber=C603786D55A904124E7592EED2899EF578921100
Certificate serial: 7DA6
Authority key identifier: C6:03:78:6D:55:A9:04:12:4E:75:92:EE:D2:89:9E:F5:78:92:11:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xgN4bVWpBBJOdZLu0ome9XiSEQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/0526730C2C4811EEAC2E4D46C4F9AE02.roa
Signing time: Tue 02 Sep 2025 17:36:18 +0000
ROA not before: Tue 02 Sep 2025 17:36:18 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 139760
IP address blocks: 118.127.67.0/29 maxlen: 29
118.127.72.32/29 maxlen: 29
118.127.89.112/29 maxlen: 29
202.9.114.12/30 maxlen: 30
202.9.114.28/30 maxlen: 30
202.9.114.32/28 maxlen: 28
202.9.114.48/28 maxlen: 28
202.9.114.96/28 maxlen: 28
202.9.114.112/29 maxlen: 29
202.9.114.128/27 maxlen: 27
202.9.114.160/29 maxlen: 29
202.9.114.168/29 maxlen: 29
202.9.114.176/28 maxlen: 28
202.9.114.192/27 maxlen: 27
202.9.114.224/28 maxlen: 28
202.9.114.240/29 maxlen: 29
202.9.115.32/28 maxlen: 28
202.9.115.96/27 maxlen: 27
202.9.115.240/28 maxlen: 28
203.4.212.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/xgN4bVWpBBJOdZLu0ome9XiSEQA.crl
rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/xgN4bVWpBBJOdZLu0ome9XiSEQA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xgN4bVWpBBJOdZLu0ome9XiSEQA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 17:29:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32166 (0x7da6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913900D, serialNumber=C603786D55A904124E7592EED2899EF578921100
Validity
Not Before: Sep 2 17:36:18 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=68b72b12-5a36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2f:58:54:ad:8e:bf:f9:4e:30:73:36:42:51:
3a:e3:bd:09:eb:76:5e:a9:e2:65:6b:5f:ce:2e:ae:
f2:da:6a:73:37:6f:48:79:2d:37:ab:67:c7:e2:42:
d5:33:0a:66:0d:7d:4d:c4:6c:a5:f1:c4:11:02:10:
c0:54:da:bc:2a:67:a6:f0:30:07:69:d3:93:83:42:
58:a5:4d:87:f2:7c:f8:43:9f:10:a9:2b:09:a1:71:
d6:dd:df:00:3f:38:c3:0c:fb:05:01:f1:95:9e:5f:
cb:30:ef:92:fb:46:0f:5d:00:7f:a6:ff:1b:95:08:
3d:ca:f8:c7:fa:72:1e:d1:80:02:8b:07:03:a7:0f:
b6:ec:45:d9:b1:9a:89:f8:6b:7d:50:ab:f5:38:3a:
22:85:fd:03:62:41:4a:ec:6d:b4:ca:c9:dd:bb:fb:
07:42:6d:40:c1:c3:3d:37:31:00:80:f6:82:e1:1a:
5b:0f:79:38:df:60:37:0a:49:78:e5:72:38:89:a8:
57:2a:09:b1:0c:8c:1f:15:7c:41:bf:1a:ee:77:44:
b5:a5:86:18:69:ee:26:89:e7:f6:78:3e:61:1f:54:
77:b8:9d:70:33:02:3a:4f:ed:ee:e6:db:50:16:f0:
3a:94:18:5b:d5:82:ce:e1:72:42:e5:71:16:4c:9b:
5e:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:BD:9C:3E:DD:A6:9A:9E:63:76:1F:B9:DB:15:49:0E:5E:01:F5:25
X509v3 Authority Key Identifier:
keyid:C6:03:78:6D:55:A9:04:12:4E:75:92:EE:D2:89:9E:F5:78:92:11:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/xgN4bVWpBBJOdZLu0ome9XiSEQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xgN4bVWpBBJOdZLu0ome9XiSEQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/0526730C2C4811EEAC2E4D46C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
118.127.67.0/29
118.127.72.32/29
118.127.89.112/29
202.9.114.12/30
202.9.114.28-202.9.114.63
202.9.114.96-202.9.114.119
202.9.114.128-202.9.114.247
202.9.115.32/28
202.9.115.96/27
202.9.115.240/28
203.4.212.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:8f:ec:99:6d:e2:50:6e:54:fa:ff:5c:a7:e9:09:aa:67:03:
cf:fa:46:35:29:3e:6a:df:99:39:9d:65:27:17:9f:ce:cd:6b:
49:e5:62:21:39:92:97:c4:ec:1c:18:80:32:e6:de:02:07:38:
f6:86:e6:41:85:40:78:f9:4e:c4:74:55:71:82:29:79:88:82:
73:4b:5e:80:3b:9d:54:e0:cb:c5:71:50:b9:44:c4:3d:63:ac:
c7:41:a9:48:cc:b9:58:ec:7c:33:1a:24:3b:0c:26:f8:25:6e:
e3:1f:53:f4:b5:7f:23:a7:dd:c2:99:4d:35:37:50:15:ca:e4:
9e:8f:22:c0:a7:ad:3b:12:04:43:65:17:af:88:c8:26:88:99:
59:b9:96:a4:a0:50:2a:e3:9b:cc:e7:5e:91:9e:9c:58:d9:96:
e5:4b:93:4d:94:c0:bc:50:08:4f:10:df:fe:56:3c:be:c8:7f:
b5:3d:88:e5:41:d7:95:99:33:96:1c:e0:82:b7:29:dd:cc:fa:
45:82:69:98:e6:24:e9:47:ee:5d:b9:f3:dd:c6:94:83:f2:18:
e1:6c:3d:6f:8b:f0:c4:f1:ad:7c:75:6e:f1:bf:19:b2:31:89:
a1:c7:d6:12:ec:56:9e:ea:aa:94:45:86:0c:bb:f8:e6:a9:51:
5b:27:e4:78
-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgICfaYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkwMEQxMTAvBgNVBAUTKEM2MDM3ODZENTVBOTA0MTI0RTc1OTJFRUQyODk5RUY1
Nzg5MjExMDAwHhcNMjUwOTAyMTczNjE4WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGI3MmIxMi01YTM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoy9YVK2Ov/lOMHM2QlE6470J63ZeqeJla1/OLq7y2mpzN29IeS03q2fH4kLV
MwpmDX1NxGyl8cQRAhDAVNq8Kmem8DAHadOTg0JYpU2H8nz4Q58QqSsJoXHW3d8A
PzjDDPsFAfGVnl/LMO+S+0YPXQB/pv8blQg9yvjH+nIe0YACiwcDpw+27EXZsZqJ
+Gt9UKv1ODoihf0DYkFK7G20ysndu/sHQm1AwcM9NzEAgPaC4RpbD3k432A3Ckl4
5XI4iahXKgmxDIwfFXxBvxrud0S1pYYYae4mief2eD5hH1R3uJ1wMwI6T+3u5ttQ
FvA6lBhb1YLO4XJC5XEWTJteIwIDAQABo4IC9zCCAvMwHQYDVR0OBBYEFM+9nD7d
ppqeY3YfudsVSQ5eAfUlMB8GA1UdIwQYMBaAFMYDeG1VqQQSTnWS7tKJnvV4khEA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTAwRC9GQ0RDRDNBMEFD
OUQxMUU4OTJDREFEMERDNEY5QUUwMi94Z040YlZXcEJCSk9kWkx1MG9tZTlYaVNF
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hnTjRiVldwQkJKT2RaTHUwb21lOVhpU0VRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkwMEQvRkNEQ0QzQTBBQzlEMTFFODkyQ0RBRDBEQzRGOUFFMDIvMDUyNjczMEMy
QzQ4MTFFRUFDMkU0RDQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYAGCCsGAQUFBwEHAQH/
BHEwbzBtBAIAATBnAwUDdn9DAAMFA3Z/SCADBQN2f1lwAwUCyglyDDAOAwUCygly
HAMFBsoJcgAwDgMFBcoJcmADBQPKCXJwMA4DBQfKCXKAAwUDygly8AMFBMoJcyAD
BQXKCXNgAwUEyglz8AMEAssE1DANBgkqhkiG9w0BAQsFAAOCAQEAqI/smW3iUG5U
+v9cp+kJqmcDz/pGNSk+at+ZOZ1lJxefzs1rSeViITmSl8TsHBiAMubeAgc49obm
QYVAePlOxHRVcYIpeYiCc0tegDudVODLxXFQuUTEPWOsx0GpSMy5WOx8MxokOwwm
+CVu4x9T9LV/I6fdwplNNTdQFcrkno8iwKetOxIEQ2UXr4jIJoiZWbmWpKBQKuOb
zOdekZ6cWNmW5UuTTZTAvFAITxDf/lY8vsh/tT2I5UHXlZkzlhzggrcp3cz6RYJp
mOYk6UfuXbnz3caUg/IY4Ww9b4vwxPGtfHVu8b8ZsjGJocfWEuxWnuqqlEWGDLv4
5qlRWyfkeA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 11:04:51 2025 by rpki-client