Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/3C30815CABB611ED8370AB5DC4F9AE02.roa
File: 3C30815CABB611ED8370AB5DC4F9AE02.roa (raw, json)
Hash identifier: 1xMQWEkZ7yIZQEOwvnRuVeomPr6qDumM8MahXM14mKA=
Subject key identifier: 1E:68:5E:54:DA:54:CF:CE:27:C2:5F:3B:EB:C7:FE:71:B4:4F:A8:66
Certificate issuer: /CN=A91406AA/serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C
Certificate serial: 079B
Authority key identifier: 31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/3C30815CABB611ED8370AB5DC4F9AE02.roa
Signing time: Wed 04 Jun 2025 04:50:31 +0000
ROA not before: Wed 04 Jun 2025 04:50:31 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 140220
IP address blocks: 60.234.7.0/24 maxlen: 24
60.234.8.0/24 maxlen: 24
60.234.10.0/24 maxlen: 24
60.234.11.0/24 maxlen: 24
60.234.12.0/24 maxlen: 24
60.234.13.0/24 maxlen: 24
60.234.14.0/24 maxlen: 24
60.234.15.0/24 maxlen: 24
60.234.31.0/24 maxlen: 24
60.234.32.0/24 maxlen: 24
60.234.33.0/24 maxlen: 24
60.234.39.0/24 maxlen: 24
60.234.40.0/23 maxlen: 24
60.234.46.0/24 maxlen: 24
60.234.50.0/24 maxlen: 24
60.234.51.0/24 maxlen: 24
60.234.52.0/24 maxlen: 24
60.234.53.0/24 maxlen: 24
60.234.63.0/24 maxlen: 24
60.234.68.0/24 maxlen: 24
60.234.72.0/24 maxlen: 24
60.234.73.0/24 maxlen: 24
60.234.75.0/24 maxlen: 24
60.234.82.0/23 maxlen: 24
60.234.84.0/22 maxlen: 24
60.234.88.0/24 maxlen: 24
60.234.89.0/24 maxlen: 24
60.234.90.0/23 maxlen: 24
60.234.92.0/23 maxlen: 24
60.234.94.0/24 maxlen: 24
60.234.95.0/24 maxlen: 24
60.234.96.0/24 maxlen: 24
60.234.98.0/24 maxlen: 24
60.234.99.0/24 maxlen: 24
60.234.108.0/24 maxlen: 24
60.234.109.0/24 maxlen: 24
60.234.110.0/24 maxlen: 24
60.234.111.0/24 maxlen: 24
60.234.112.0/24 maxlen: 24
60.234.113.0/24 maxlen: 24
60.234.114.0/24 maxlen: 24
60.234.115.0/24 maxlen: 24
60.234.116.0/23 maxlen: 24
60.234.118.0/24 maxlen: 24
60.234.119.0/24 maxlen: 24
60.234.124.0/24 maxlen: 24
60.234.125.0/24 maxlen: 24
60.234.126.0/24 maxlen: 24
60.234.127.0/24 maxlen: 24
60.234.128.0/24 maxlen: 24
60.234.129.0/24 maxlen: 24
60.234.130.0/24 maxlen: 24
60.234.131.0/24 maxlen: 24
60.234.132.0/24 maxlen: 24
60.234.133.0/24 maxlen: 24
60.234.134.0/24 maxlen: 24
60.234.135.0/24 maxlen: 24
60.234.136.0/24 maxlen: 24
60.234.137.0/24 maxlen: 24
60.234.138.0/24 maxlen: 24
60.234.139.0/24 maxlen: 24
60.234.140.0/24 maxlen: 24
60.234.141.0/24 maxlen: 24
60.234.142.0/24 maxlen: 24
60.234.143.0/24 maxlen: 24
60.234.144.0/23 maxlen: 24
60.234.146.0/23 maxlen: 24
60.234.148.0/24 maxlen: 24
60.234.149.0/24 maxlen: 24
60.234.150.0/23 maxlen: 24
60.234.152.0/21 maxlen: 24
60.234.160.0/24 maxlen: 24
60.234.161.0/24 maxlen: 24
60.234.162.0/23 maxlen: 24
60.234.164.0/24 maxlen: 24
60.234.165.0/24 maxlen: 24
60.234.166.0/24 maxlen: 24
60.234.167.0/24 maxlen: 24
60.234.168.0/24 maxlen: 24
60.234.169.0/24 maxlen: 24
60.234.170.0/24 maxlen: 24
60.234.171.0/24 maxlen: 24
60.234.172.0/24 maxlen: 24
60.234.173.0/24 maxlen: 24
60.234.174.0/24 maxlen: 24
60.234.175.0/24 maxlen: 24
60.234.176.0/24 maxlen: 24
60.234.178.0/24 maxlen: 24
60.234.181.0/24 maxlen: 24
60.234.182.0/23 maxlen: 24
60.234.184.0/23 maxlen: 24
60.234.186.0/24 maxlen: 24
60.234.187.0/24 maxlen: 24
60.234.188.0/24 maxlen: 24
60.234.189.0/24 maxlen: 24
60.234.190.0/24 maxlen: 24
60.234.191.0/24 maxlen: 24
60.234.192.0/24 maxlen: 24
60.234.193.0/24 maxlen: 24
60.234.194.0/23 maxlen: 24
60.234.196.0/23 maxlen: 24
60.234.198.0/23 maxlen: 24
60.234.201.0/24 maxlen: 24
60.234.202.0/23 maxlen: 24
60.234.204.0/24 maxlen: 24
60.234.205.0/24 maxlen: 24
60.234.206.0/24 maxlen: 24
60.234.207.0/24 maxlen: 24
60.234.208.0/20 maxlen: 24
60.234.224.0/19 maxlen: 24
202.127.8.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl
rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 09 Jul 2025 22:45:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1947 (0x79b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91406AA, serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C
Validity
Not Before: Jun 4 04:50:31 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=683fd097-4894
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:4a:6d:6a:49:15:13:b9:24:d9:7a:b9:0e:2c:
51:51:b7:1d:74:b5:7d:76:6d:f1:9d:7f:08:7f:ab:
26:7d:d8:88:8a:14:46:32:37:d1:61:b8:89:47:46:
dd:8c:e7:84:46:5f:50:db:fc:19:5a:e8:75:74:e5:
01:5c:70:8f:28:01:11:fc:3f:31:29:6c:eb:eb:fb:
ce:6e:4f:e0:e3:30:c3:22:a0:84:eb:a9:2c:9f:75:
1a:ff:ed:ae:0a:f7:15:16:12:6a:98:d0:82:d4:85:
4d:f8:40:76:39:e2:63:30:87:af:24:70:f7:6d:09:
ff:20:63:be:5b:d4:5d:07:14:a2:bb:a5:be:b8:18:
b5:ef:1c:56:92:44:6b:76:1b:c5:bd:ed:48:f8:71:
9b:06:ec:3d:3e:2a:55:e1:85:29:54:9e:e9:59:e8:
3c:d3:66:fc:3f:2a:ba:1b:71:cf:24:6c:04:77:5f:
bd:ce:35:2b:04:f9:79:be:0e:19:bf:07:2f:74:20:
0b:89:0c:ad:88:c8:70:84:2f:59:51:3b:0c:c1:93:
66:91:23:d5:93:8a:c3:11:8b:50:d6:f8:e5:21:8b:
ad:45:c0:44:ee:34:8e:67:2c:92:a5:dc:fd:33:99:
e7:1b:9e:c3:1a:eb:78:0f:ca:25:cc:17:4f:2d:d5:
dd:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:68:5E:54:DA:54:CF:CE:27:C2:5F:3B:EB:C7:FE:71:B4:4F:A8:66
X509v3 Authority Key Identifier:
keyid:31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/3C30815CABB611ED8370AB5DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
60.234.7.0-60.234.8.255
60.234.10.0-60.234.15.255
60.234.31.0-60.234.33.255
60.234.39.0-60.234.41.255
60.234.46.0/24
60.234.50.0-60.234.53.255
60.234.63.0/24
60.234.68.0/24
60.234.72.0/23
60.234.75.0/24
60.234.82.0-60.234.96.255
60.234.98.0/23
60.234.108.0-60.234.119.255
60.234.124.0-60.234.176.255
60.234.178.0/24
60.234.181.0-60.234.199.255
60.234.201.0-60.234.255.255
202.127.8.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:89:88:de:fd:34:af:66:36:f5:59:6b:b7:a7:8f:1c:4b:db:
9b:b7:a7:1f:2d:d4:4d:f5:2f:57:79:e9:61:cb:22:f5:26:41:
a9:a2:d7:52:58:c6:89:77:83:39:01:71:8b:ed:93:de:74:17:
73:fc:08:ab:9b:f6:59:0c:8e:e1:28:18:2a:de:0c:c4:23:ac:
36:1c:c0:f8:59:0b:57:72:de:b2:43:d8:f9:7b:f9:50:41:7b:
12:5e:4c:a0:bc:2c:1d:72:51:28:79:06:c9:76:55:8e:9b:ed:
99:c3:b9:43:20:d4:1b:4a:6d:85:15:64:f6:12:8c:3f:13:13:
3e:e2:ed:41:a0:58:05:c6:f9:04:35:f5:87:10:3b:77:8a:24:
5a:3c:79:20:bc:36:56:00:2b:72:c4:af:85:8d:93:0e:07:e6:
59:a6:18:b1:eb:72:dd:53:6a:42:2c:ec:6f:53:c2:b8:9e:eb:
ce:ab:cd:e7:2e:67:3b:91:9f:44:b1:e3:d3:d7:6d:b1:38:31:
af:d9:64:e5:04:4f:9f:5e:bb:2c:31:a9:9e:72:bf:a9:f8:e2:
9c:5f:34:5f:53:58:17:ac:d4:3c:ca:5a:21:9d:40:c3:35:44:
61:77:2d:77:f7:96:cb:d4:09:17:d9:cc:9b:ff:67:ee:67:0c:
75:d5:c3:5a
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgICB5swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDA2QUExMTAvBgNVBAUTKDMxNTUxM0U1NEFCMEM5OUI4QkNBODQwNDJFMzgzNThC
NjBEQjFCMkMwHhcNMjUwNjA0MDQ1MDMxWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODNmZDA5Ny00ODk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzkptakkVE7kk2Xq5DixRUbcddLV9dm3xnX8If6smfdiIihRGMjfRYbiJR0bd
jOeERl9Q2/wZWuh1dOUBXHCPKAER/D8xKWzr6/vObk/g4zDDIqCE66ksn3Ua/+2u
CvcVFhJqmNCC1IVN+EB2OeJjMIevJHD3bQn/IGO+W9RdBxSiu6W+uBi17xxWkkRr
dhvFve1I+HGbBuw9PipV4YUpVJ7pWeg802b8Pyq6G3HPJGwEd1+9zjUrBPl5vg4Z
vwcvdCALiQytiMhwhC9ZUTsMwZNmkSPVk4rDEYtQ1vjlIYutRcBE7jSOZyySpdz9
M5nnG57DGut4D8olzBdPLdXd3QIDAQABo4IDTzCCA0swHQYDVR0OBBYEFB5oXlTa
VM/OJ8JfO+vH/nG0T6hmMB8GA1UdIwQYMBaAFDFVE+VKsMmbi8qEBC44NYtg2xss
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84RjVCQjRGODg2
QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9NVlVUNVVxd3ladUx5b1FFTGpnMWkyRGJH
eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01WVVQ1VXF3eVp1THlvUUVMamcxaTJEYkd5dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDA2QUEvOEY1QkI0Rjg4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvM0MzMDgxNUNB
QkI2MTFFRDgzNzBBQjVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgdgGCCsGAQUFBwEHAQH/
BIHIMIHFMIHCBAIAATCBuzAMAwQAPOoHAwQAPOoIMAwDBAE86goDBAQ86gAwDAME
ADzqHwMEATzqIDAMAwQAPOonAwQBPOooAwQAPOouMAwDBAE86jIDBAE86jQDBAA8
6j8DBAA86kQDBAE86kgDBAA86kswDAMEATzqUgMEADzqYAMEATzqYjAMAwQCPOps
AwQDPOpwMAwDBAI86nwDBAA86rADBAA86rIwDAMEADzqtQMEAzzqwDALAwQAPOrJ
AwMAPOoDBALKfwgwDQYJKoZIhvcNAQELBQADggEBAAqJiN79NK9mNvVZa7enjxxL
25u3px8t1E31L1d56WHLIvUmQami11JYxol3gzkBcYvtk950F3P8CKub9lkMjuEo
GCreDMQjrDYcwPhZC1dy3rJD2Pl7+VBBexJeTKC8LB1yUSh5Bsl2VY6b7ZnDuUMg
1BtKbYUVZPYSjD8TEz7i7UGgWAXG+QQ19YcQO3eKJFo8eSC8NlYAK3LEr4WNkw4H
5lmmGLHrct1TakIs7G9Twrie686rzecuZzuRn0Sx49PXbbE4Ma/ZZOUET59euywx
qZ5yv6n44pxfNF9TWBes1DzKWiGdQMM1RGF3LXf3lsvUCRfZzJv/Z+5nDHXVw1o=
-----END CERTIFICATE-----
Generated at Fri Jul 4 18:04:09 2025 by rpki-client