Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/CC92F19EEF1811ED96D1F733C4F9AE02.roa
File: CC92F19EEF1811ED96D1F733C4F9AE02.roa (raw, json)
Hash identifier: LghbHudSYXpZvbN5rcOeOmOH0Pzs46h/rkleKElMl2o=
Subject key identifier: 44:FC:8D:5F:4D:C3:6E:35:F6:15:55:3F:31:5E:BF:AF:40:21:BF:B6
Certificate issuer: /CN=A91402DC/serialNumber=C2B9F5F3C68C576727239B92A93B36297D1B1653
Certificate serial: 134D
Authority key identifier: C2:B9:F5:F3:C6:8C:57:67:27:23:9B:92:A9:3B:36:29:7D:1B:16:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/CC92F19EEF1811ED96D1F733C4F9AE02.roa
Signing time: Thu 14 Aug 2025 17:26:52 +0000
ROA not before: Thu 14 Aug 2025 17:26:52 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 9874
IP address blocks: 27.54.0.0/18 maxlen: 24
61.8.235.0/24 maxlen: 24
61.8.236.0/24 maxlen: 24
101.127.200.0/22 maxlen: 24
101.127.204.0/23 maxlen: 24
113.10.64.0/18 maxlen: 24
122.11.150.0/23 maxlen: 24
122.11.152.0/21 maxlen: 24
122.11.169.0/24 maxlen: 24
122.11.170.0/23 maxlen: 24
122.11.172.0/24 maxlen: 24
122.11.216.0/24 maxlen: 24
122.11.217.0/24 maxlen: 24
122.11.218.0/24 maxlen: 24
122.11.219.0/24 maxlen: 24
124.155.192.0/19 maxlen: 24
171.0.0.0/15 maxlen: 15
171.0.0.0/16 maxlen: 24
171.1.0.0/16 maxlen: 24
171.207.0.0/16 maxlen: 24
183.90.0.0/19 maxlen: 24
183.90.32.0/21 maxlen: 24
183.90.32.0/24 maxlen: 24
183.90.33.0/24 maxlen: 24
183.90.34.0/24 maxlen: 24
183.90.36.0/24 maxlen: 24
183.90.37.0/24 maxlen: 24
183.90.38.0/24 maxlen: 24
183.90.40.0/24 maxlen: 24
203.116.22.0/24 maxlen: 24
203.116.107.0/24 maxlen: 24
203.116.116.0/24 maxlen: 24
203.116.119.0/24 maxlen: 24
203.116.133.0/24 maxlen: 24
203.116.149.0/24 maxlen: 24
203.116.150.0/24 maxlen: 24
203.116.181.0/24 maxlen: 24
203.116.211.0/24 maxlen: 24
203.116.222.0/24 maxlen: 24
203.117.40.0/23 maxlen: 24
203.117.56.0/21 maxlen: 24
203.117.246.0/24 maxlen: 24
203.117.247.0/24 maxlen: 24
203.117.248.0/22 maxlen: 24
203.117.252.0/23 maxlen: 24
2406:3000:8:4030::/60 maxlen: 60
2406:3002:20::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.crl
rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 17:19:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4941 (0x134d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91402DC, serialNumber=C2B9F5F3C68C576727239B92A93B36297D1B1653
Validity
Not Before: Aug 14 17:26:52 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=689e1c5b-3e26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:62:76:55:5c:37:20:e1:be:00:b0:fb:a6:ee:
38:5b:f0:33:05:80:dc:c5:24:8e:b0:cb:df:56:5e:
76:b6:25:ea:bd:3d:01:04:76:59:29:52:7c:bd:20:
8d:58:3b:0e:40:23:eb:c4:80:1b:33:28:31:ec:59:
3d:38:ac:89:c1:51:ab:52:eb:33:a0:19:55:df:8f:
6d:bf:19:84:53:b1:f2:b9:d3:f9:ab:70:a0:23:81:
07:33:bb:8d:b0:a9:5a:4e:99:7b:f9:f9:79:7a:92:
e1:04:5c:4c:59:ce:69:d3:6f:a1:1a:b6:33:09:a4:
6a:f7:59:cb:20:2f:ee:a4:d9:2d:ea:d6:60:c6:37:
68:4e:ad:b5:cd:7f:dd:6c:75:39:93:b6:bd:6c:d0:
dc:d4:92:8e:b0:7a:d5:35:f8:8e:6e:5a:df:75:c7:
24:72:bb:1f:b2:68:44:c8:60:ad:e8:6c:91:01:b8:
bf:ba:4c:b7:9e:bb:8b:ac:7a:5c:2c:44:28:f8:4e:
42:c5:e5:e1:fa:52:cc:8b:61:9f:66:bd:00:e9:60:
a6:e4:b2:81:b0:f4:9b:02:00:af:ae:c2:e7:40:34:
dc:5b:fc:78:7b:08:46:bf:04:38:a3:7c:95:20:14:
9d:85:bf:06:33:13:4c:86:9b:72:d6:63:f3:77:37:
03:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:FC:8D:5F:4D:C3:6E:35:F6:15:55:3F:31:5E:BF:AF:40:21:BF:B6
X509v3 Authority Key Identifier:
keyid:C2:B9:F5:F3:C6:8C:57:67:27:23:9B:92:A9:3B:36:29:7D:1B:16:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/CC92F19EEF1811ED96D1F733C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.54.0.0/18
61.8.235.0-61.8.236.255
101.127.200.0-101.127.205.255
113.10.64.0/18
122.11.150.0-122.11.159.255
122.11.169.0-122.11.172.255
122.11.216.0/22
124.155.192.0/19
171.0.0.0/15
171.207.0.0/16
183.90.0.0-183.90.40.255
203.116.22.0/24
203.116.107.0/24
203.116.116.0/24
203.116.119.0/24
203.116.133.0/24
203.116.149.0-203.116.150.255
203.116.181.0/24
203.116.211.0/24
203.116.222.0/24
203.117.40.0/23
203.117.56.0/21
203.117.246.0-203.117.253.255
IPv6:
2406:3000:8:4030::/60
2406:3002:20::/48
Signature Algorithm: sha256WithRSAEncryption
3e:91:63:1d:c5:59:a3:cd:af:b0:74:f8:08:69:75:3d:42:91:
9b:80:76:cf:01:6a:5d:1c:73:a5:f6:23:7d:ad:91:6f:59:6e:
32:fc:11:fa:ad:29:09:5d:c9:e3:6a:a6:ea:2d:83:18:68:94:
9b:35:a1:3e:50:9b:fc:b8:e5:08:c5:78:7b:6a:00:4a:8b:b0:
03:06:55:fb:7f:3e:37:8c:f8:a3:ad:80:2a:ad:0b:77:48:10:
b8:ab:b6:62:07:e1:ae:27:53:31:a4:0a:d7:b0:14:b0:5d:82:
f4:de:e5:04:33:8e:8b:d0:5c:d3:ff:e1:7f:f3:31:0f:d8:a0:
51:94:0f:b2:2c:21:50:01:99:b0:38:1f:fc:c5:10:7d:3d:a4:
74:16:31:7a:27:98:e6:c9:a1:40:09:f3:db:e2:f8:06:95:73:
c2:dd:5a:44:ba:fe:d0:c0:e8:f0:39:d5:c6:5f:50:51:44:99:
51:38:bd:c9:b3:b5:c4:ee:10:75:fc:c4:31:bb:a3:4f:36:da:
f4:9f:35:24:e9:ad:54:21:4d:b7:3a:01:2c:15:f5:e4:67:7e:
4b:6d:3a:3a:0f:81:e0:cf:88:b2:70:b1:aa:b3:60:63:c4:96:
dd:d2:7b:56:35:d1:b3:1b:4b:07:75:b3:ed:19:e5:64:b8:f1:
54:27:7a:34
-----BEGIN CERTIFICATE-----
MIIGSzCCBTOgAwIBAgICE00wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDAyREMxMTAvBgNVBAUTKEMyQjlGNUYzQzY4QzU3NjcyNzIzOUI5MkE5M0IzNjI5
N0QxQjE2NTMwHhcNMjUwODE0MTcyNjUyWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODllMWM1Yi0zZTI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA62J2VVw3IOG+ALD7pu44W/AzBYDcxSSOsMvfVl52tiXqvT0BBHZZKVJ8vSCN
WDsOQCPrxIAbMygx7Fk9OKyJwVGrUuszoBlV349tvxmEU7HyudP5q3CgI4EHM7uN
sKlaTpl7+fl5epLhBFxMWc5p02+hGrYzCaRq91nLIC/upNkt6tZgxjdoTq21zX/d
bHU5k7a9bNDc1JKOsHrVNfiOblrfdcckcrsfsmhEyGCt6GyRAbi/uky3nruLrHpc
LEQo+E5CxeXh+lLMi2GfZr0A6WCm5LKBsPSbAgCvrsLnQDTcW/x4ewhGvwQ4o3yV
IBSdhb8GMxNMhpty1mPzdzcDLwIDAQABo4IDbzCCA2swHQYDVR0OBBYEFET8jV9N
w2419hVVPzFev69AIb+2MB8GA1UdIwQYMBaAFMK59fPGjFdnJyObkqk7Nil9GxZT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDJEQy8yRDUxQUY0MkZE
M0UxMUU4ODhDNTM5NDRDNEY5QUUwMi93cm4xODhhTVYyY25JNXVTcVRzMktYMGJG
bE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dybjE4OGFNVjJjbkk1dVNxVHMyS1gwYkZsTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDAyREMvMkQ1MUFGNDJGRDNFMTFFODg4QzUzOTQ0QzRGOUFFMDIvQ0M5MkYxOUVF
RjE4MTFFRDk2RDFGNzMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgfgGCCsGAQUFBwEHAQH/
BIHoMIHlMIHGBAIAATCBvwMEBhs2ADAMAwQAPQjrAwQAPQjsMAwDBANlf8gDBAFl
f8wDBAZxCkAwDAMEAXoLlgMEBXoLgDAMAwQAegupAwQAegusAwQCegvYAwQFfJvA
AwMBqwADAwCrzzALAwMBt1oDBAC3WigDBADLdBYDBADLdGsDBADLdHQDBADLdHcD
BADLdIUwDAMEAMt0lQMEAMt0lgMEAMt0tQMEAMt00wMEAMt03gMEAct1KAMEA8t1
ODAMAwQBy3X2AwQBy3X8MBoEAgACMBQDCQQkBjAAAAhAMAMHACQGMAIAIDANBgkq
hkiG9w0BAQsFAAOCAQEAPpFjHcVZo82vsHT4CGl1PUKRm4B2zwFqXRxzpfYjfa2R
b1luMvwR+q0pCV3J42qm6i2DGGiUmzWhPlCb/LjlCMV4e2oASouwAwZV+38+N4z4
o62AKq0Ld0gQuKu2YgfhridTMaQK17AUsF2C9N7lBDOOi9Bc0//hf/MxD9igUZQP
siwhUAGZsDgf/MUQfT2kdBYxeieY5smhQAnz2+L4BpVzwt1aRLr+0MDo8DnVxl9Q
UUSZUTi9ybO1xO4QdfzEMbujTzba9J81JOmtVCFNtzoBLBX15Gd+S206Og+B4M+I
snCxqrNgY8SW3dJ7VjXRsxtLB3Wz7RnlZLjxVCd6NA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:52:13 2025 by rpki-client