Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/087D2D80C4A711EB917EC55EC4F9AE02.roa
File: 087D2D80C4A711EB917EC55EC4F9AE02.roa (raw, json)
Hash identifier: UbbJeh1gWwixc1KBx/TcENcb/xObt11wZD4U7s3lZJw=
Subject key identifier: DB:9F:43:6E:AF:3D:73:62:BD:1D:BF:68:79:9C:30:E0:C1:96:ED:EA
Certificate issuer: /CN=A91402DC/serialNumber=C2B9F5F3C68C576727239B92A93B36297D1B1653
Certificate serial: 1372
Authority key identifier: C2:B9:F5:F3:C6:8C:57:67:27:23:9B:92:A9:3B:36:29:7D:1B:16:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/087D2D80C4A711EB917EC55EC4F9AE02.roa
Signing time: Wed 01 Oct 2025 09:34:58 +0000
ROA not before: Wed 01 Oct 2025 09:34:58 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 4657
IP address blocks: 27.54.0.0/18 maxlen: 24
27.125.128.0/18 maxlen: 24
39.109.128.0/17 maxlen: 24
43.227.228.0/23 maxlen: 23
45.65.0.0/22 maxlen: 24
58.96.192.0/18 maxlen: 24
61.8.192.0/19 maxlen: 24
61.8.224.0/19 maxlen: 24
101.127.0.0/16 maxlen: 24
103.17.144.0/22 maxlen: 24
103.28.208.0/22 maxlen: 22
103.254.252.0/23 maxlen: 23
103.254.254.0/24 maxlen: 24
111.223.64.0/18 maxlen: 18
111.223.64.0/19 maxlen: 24
111.223.96.0/19 maxlen: 24
113.10.64.0/18 maxlen: 24
117.20.128.0/18 maxlen: 24
122.11.128.0/17 maxlen: 24
124.155.192.0/19 maxlen: 24
171.0.0.0/15 maxlen: 15
171.0.0.0/16 maxlen: 24
171.1.0.0/16 maxlen: 24
171.207.0.0/16 maxlen: 24
182.19.128.0/17 maxlen: 24
182.55.0.0/16 maxlen: 24
183.90.0.0/17 maxlen: 24
203.116.0.0/16 maxlen: 24
203.117.0.0/16 maxlen: 24
203.118.0.0/18 maxlen: 24
2406:3000::/30 maxlen: 32
2406:3000::/40 maxlen: 48
2406:3000:2::/56 maxlen: 64
2406:3000:2:100::/56 maxlen: 64
2406:3000:3::/56 maxlen: 64
2406:3000:a::/56 maxlen: 64
2406:3000:c::/56 maxlen: 56
2406:3000:c:100::/56 maxlen: 56
2406:3000:11::/56 maxlen: 64
2406:3000:11:1000::/56 maxlen: 64
2406:3000:11:2000::/56 maxlen: 64
2406:3000:12::/48 maxlen: 56
2406:3000:12::/56 maxlen: 64
2406:3000:12:100::/56 maxlen: 64
2406:3000:20::/56 maxlen: 64
2406:3000:22::/56 maxlen: 64
2406:3000:35::/56 maxlen: 64
2406:3000:36::/56 maxlen: 64
2406:3000:36:100::/56 maxlen: 64
2406:3000:38::/56 maxlen: 64
2406:3000:4f::/56 maxlen: 64
2406:3000:4f:100::/56 maxlen: 64
2406:3000:1000::/56 maxlen: 64
2406:3000:1000:100::/56 maxlen: 56
2406:3000:ad53::/49 maxlen: 49
2406:3001:20::/56 maxlen: 64
2406:3001:22::/56 maxlen: 64
2406:3001:23::/56 maxlen: 64
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.crl
rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 17:42:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4978 (0x1372)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91402DC, serialNumber=C2B9F5F3C68C576727239B92A93B36297D1B1653
Validity
Not Before: Oct 1 09:34:58 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=68dcf5c2-0600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:17:80:28:27:1f:86:e3:47:db:19:ec:ac:39:
f3:5d:6b:20:30:ef:c4:2f:ce:90:ec:39:01:6d:29:
06:13:20:c0:1a:27:b9:1d:e0:14:00:9c:71:34:2a:
75:41:4c:cf:d1:7c:07:b8:7b:7d:94:89:b7:ba:09:
f6:0e:11:55:4c:fa:d9:e4:c5:a9:c8:84:91:ed:f6:
db:8d:0e:b4:35:0f:ad:80:1b:76:88:f2:0b:72:69:
36:e9:18:25:68:04:ea:0f:01:7b:af:ed:11:48:5b:
39:ac:b2:90:5f:15:79:eb:f9:45:fd:79:05:39:ee:
58:bf:44:ab:36:9b:1c:e9:a2:4c:c6:fb:91:12:3f:
45:1b:85:a2:c4:c0:b6:1b:8e:85:03:c2:9a:68:8d:
26:d8:9f:f0:bd:c0:56:b9:87:9b:ea:bc:51:83:62:
6a:25:57:0e:0c:27:bf:7d:1a:6f:f1:4a:8d:7d:b5:
3b:67:3b:b0:ad:99:11:5d:86:57:5f:20:b8:a7:c2:
ed:c9:ea:bc:da:12:2a:d6:c6:3a:b0:88:fe:91:64:
f2:26:98:fe:60:e0:65:e1:66:20:70:c1:dc:7d:13:
e3:d5:46:b8:b0:d2:fb:9e:bf:82:3d:78:73:18:ca:
4e:04:ab:9d:fd:4a:d4:bb:f6:b0:6e:51:36:7a:9e:
32:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:9F:43:6E:AF:3D:73:62:BD:1D:BF:68:79:9C:30:E0:C1:96:ED:EA
X509v3 Authority Key Identifier:
keyid:C2:B9:F5:F3:C6:8C:57:67:27:23:9B:92:A9:3B:36:29:7D:1B:16:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/087D2D80C4A711EB917EC55EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.54.0.0/18
27.125.128.0/18
39.109.128.0/17
43.227.228.0/23
45.65.0.0/22
58.96.192.0/18
61.8.192.0/18
101.127.0.0/16
103.17.144.0/22
103.28.208.0/22
103.254.252.0-103.254.254.255
111.223.64.0/18
113.10.64.0/18
117.20.128.0/18
122.11.128.0/17
124.155.192.0/19
171.0.0.0/15
171.207.0.0/16
182.19.128.0/17
182.55.0.0/16
183.90.0.0/17
203.116.0.0-203.118.63.255
IPv6:
2406:3000::/30
Signature Algorithm: sha256WithRSAEncryption
16:7f:07:17:af:b2:93:cb:35:9c:2f:fd:49:2f:b4:9f:03:1d:
70:a5:11:85:a2:10:17:63:0e:39:35:73:21:16:09:22:89:f2:
62:34:d8:86:95:f5:13:1e:8b:73:c1:2b:4d:4f:8c:4c:2f:b8:
a2:07:ca:f0:6f:9d:c5:7d:fb:62:20:c0:15:0e:64:a9:85:78:
d0:5b:89:b3:7a:73:5a:dd:6a:ae:7a:be:91:b4:09:f9:44:85:
b7:c2:82:5a:fd:6c:85:f8:33:92:ff:ff:43:ae:bc:11:e4:ef:
81:8c:e9:0d:ce:22:3e:33:11:a3:6d:fa:fc:a9:c1:96:76:b3:
52:35:69:48:bc:00:eb:bf:78:76:8e:1b:df:06:3c:1d:2d:ee:
1b:c5:7f:48:2f:a8:3c:f3:53:a6:02:98:ac:f8:45:9f:ba:e5:
5f:95:98:22:c2:19:6b:c2:55:d6:28:69:43:a7:f3:32:2a:63:
25:ba:64:b9:02:0d:eb:0a:07:f3:c1:cd:01:1b:98:71:cd:0c:
85:e2:63:8b:3c:5f:0d:a4:76:de:b8:81:15:44:3a:e1:6a:b2:
a7:d6:ed:50:f7:5b:17:15:ad:95:c9:41:7e:a5:f9:fe:c1:5f:
69:4d:82:d8:f3:b1:00:46:1e:3a:3d:65:42:30:93:4e:c1:f1:
43:9e:2f:d4
-----BEGIN CERTIFICATE-----
MIIGDjCCBPagAwIBAgICE3IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDAyREMxMTAvBgNVBAUTKEMyQjlGNUYzQzY4QzU3NjcyNzIzOUI5MkE5M0IzNjI5
N0QxQjE2NTMwHhcNMjUxMDAxMDkzNDU4WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGRjZjVjMi0wNjAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1xeAKCcfhuNH2xnsrDnzXWsgMO/EL86Q7DkBbSkGEyDAGie5HeAUAJxxNCp1
QUzP0XwHuHt9lIm3ugn2DhFVTPrZ5MWpyISR7fbbjQ60NQ+tgBt2iPILcmk26Rgl
aATqDwF7r+0RSFs5rLKQXxV56/lF/XkFOe5Yv0SrNpsc6aJMxvuREj9FG4WixMC2
G46FA8KaaI0m2J/wvcBWuYeb6rxRg2JqJVcODCe/fRpv8UqNfbU7ZzuwrZkRXYZX
XyC4p8Ltyeq82hIq1sY6sIj+kWTyJpj+YOBl4WYgcMHcfRPj1Ua4sNL7nr+CPXhz
GMpOBKud/UrUu/awblE2ep4ySQIDAQABo4IDMjCCAy4wHQYDVR0OBBYEFNufQ26v
PXNivR2/aHmcMODBlu3qMB8GA1UdIwQYMBaAFMK59fPGjFdnJyObkqk7Nil9GxZT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDJEQy8yRDUxQUY0MkZE
M0UxMUU4ODhDNTM5NDRDNEY5QUUwMi93cm4xODhhTVYyY25JNXVTcVRzMktYMGJG
bE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dybjE4OGFNVjJjbkk1dVNxVHMyS1gwYkZsTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDAyREMvMkQ1MUFGNDJGRDNFMTFFODg4QzUzOTQ0QzRGOUFFMDIvMDg3RDJEODBD
NEE3MTFFQjkxN0VDNTVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbsGCCsGAQUFBwEHAQH/
BIGrMIGoMIGWBAIAATCBjwMEBhs2AAMEBht9gAMEBydtgAMEASvj5AMEAi1BAAME
BjpgwAMEBj0IwAMDAGV/AwQCZxGQAwQCZxzQMAwDBAJn/vwDBABn/v4DBAZv30AD
BAZxCkADBAZ1FIADBAd6C4ADBAV8m8ADAwGrAAMDAKvPAwQHthOAAwMAtjcDBAe3
WgAwCwMDAst0AwQGy3YAMA0EAgACMAcDBQIkBjAAMA0GCSqGSIb3DQEBCwUAA4IB
AQAWfwcXr7KTyzWcL/1JL7SfAx1wpRGFohAXYw45NXMhFgkiifJiNNiGlfUTHotz
wStNT4xML7iiB8rwb53FfftiIMAVDmSphXjQW4mzenNa3Wquer6RtAn5RIW3woJa
/WyF+DOS//9DrrwR5O+BjOkNziI+MxGjbfr8qcGWdrNSNWlIvADrv3h2jhvfBjwd
Le4bxX9IL6g881OmApis+EWfuuVflZgiwhlrwlXWKGlDp/MyKmMlumS5Ag3rCgfz
wc0BG5hxzQyF4mOLPF8NpHbeuIEVRDrharKn1u1Q91sXFa2VyUF+pfn+wV9pTYLY
87EARh46PWVCMJNOwfFDni/U
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:26:22 2025 by rpki-client