Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/3C30815CABB611ED8370AB5DC4F9AE02.roa
File: 3C30815CABB611ED8370AB5DC4F9AE02.roa (raw, json)
Hash identifier: Q51Jq+i9hQp6Gzj1WZQI/PGp+TcXZIOteE8sSmnmHM4=
Subject key identifier: 92:7F:BF:42:D2:32:5C:4F:D7:6C:A0:E0:70:00:4C:9A:0A:49:6E:5F
Certificate issuer: /CN=A91406AA/serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C
Certificate serial: 07F7
Authority key identifier: 31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/3C30815CABB611ED8370AB5DC4F9AE02.roa
Signing time: Wed 08 Oct 2025 22:24:29 +0000
ROA not before: Wed 08 Oct 2025 22:24:29 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 140220
IP address blocks: 60.234.7.0/24 maxlen: 24
60.234.8.0/24 maxlen: 24
60.234.10.0/24 maxlen: 24
60.234.11.0/24 maxlen: 24
60.234.12.0/24 maxlen: 24
60.234.13.0/24 maxlen: 24
60.234.14.0/24 maxlen: 24
60.234.15.0/24 maxlen: 24
60.234.31.0/24 maxlen: 24
60.234.32.0/24 maxlen: 24
60.234.33.0/24 maxlen: 24
60.234.39.0/24 maxlen: 24
60.234.40.0/23 maxlen: 24
60.234.46.0/24 maxlen: 24
60.234.50.0/24 maxlen: 24
60.234.51.0/24 maxlen: 24
60.234.52.0/24 maxlen: 24
60.234.53.0/24 maxlen: 24
60.234.63.0/24 maxlen: 24
60.234.68.0/24 maxlen: 24
60.234.72.0/24 maxlen: 24
60.234.73.0/24 maxlen: 24
60.234.75.0/24 maxlen: 24
60.234.82.0/23 maxlen: 24
60.234.84.0/22 maxlen: 24
60.234.88.0/24 maxlen: 24
60.234.89.0/24 maxlen: 24
60.234.90.0/23 maxlen: 24
60.234.92.0/23 maxlen: 24
60.234.94.0/24 maxlen: 24
60.234.95.0/24 maxlen: 24
60.234.96.0/24 maxlen: 24
60.234.98.0/24 maxlen: 24
60.234.99.0/24 maxlen: 24
60.234.104.0/22 maxlen: 24
60.234.108.0/24 maxlen: 24
60.234.109.0/24 maxlen: 24
60.234.110.0/24 maxlen: 24
60.234.111.0/24 maxlen: 24
60.234.112.0/24 maxlen: 24
60.234.113.0/24 maxlen: 24
60.234.114.0/24 maxlen: 24
60.234.115.0/24 maxlen: 24
60.234.116.0/23 maxlen: 24
60.234.118.0/24 maxlen: 24
60.234.119.0/24 maxlen: 24
60.234.122.0/23 maxlen: 24
60.234.124.0/24 maxlen: 24
60.234.125.0/24 maxlen: 24
60.234.126.0/24 maxlen: 24
60.234.127.0/24 maxlen: 24
60.234.128.0/24 maxlen: 24
60.234.129.0/24 maxlen: 24
60.234.130.0/24 maxlen: 24
60.234.131.0/24 maxlen: 24
60.234.132.0/24 maxlen: 24
60.234.133.0/24 maxlen: 24
60.234.134.0/24 maxlen: 24
60.234.135.0/24 maxlen: 24
60.234.136.0/24 maxlen: 24
60.234.137.0/24 maxlen: 24
60.234.138.0/24 maxlen: 24
60.234.139.0/24 maxlen: 24
60.234.140.0/24 maxlen: 24
60.234.141.0/24 maxlen: 24
60.234.142.0/24 maxlen: 24
60.234.143.0/24 maxlen: 24
60.234.144.0/23 maxlen: 24
60.234.146.0/23 maxlen: 24
60.234.148.0/24 maxlen: 24
60.234.149.0/24 maxlen: 24
60.234.150.0/23 maxlen: 24
60.234.152.0/21 maxlen: 24
60.234.160.0/24 maxlen: 24
60.234.161.0/24 maxlen: 24
60.234.162.0/23 maxlen: 24
60.234.164.0/24 maxlen: 24
60.234.165.0/24 maxlen: 24
60.234.166.0/24 maxlen: 24
60.234.167.0/24 maxlen: 24
60.234.168.0/24 maxlen: 24
60.234.169.0/24 maxlen: 24
60.234.170.0/24 maxlen: 24
60.234.171.0/24 maxlen: 24
60.234.172.0/24 maxlen: 24
60.234.173.0/24 maxlen: 24
60.234.174.0/24 maxlen: 24
60.234.175.0/24 maxlen: 24
60.234.176.0/24 maxlen: 24
60.234.178.0/24 maxlen: 24
60.234.181.0/24 maxlen: 24
60.234.182.0/23 maxlen: 24
60.234.184.0/23 maxlen: 24
60.234.186.0/24 maxlen: 24
60.234.187.0/24 maxlen: 24
60.234.188.0/24 maxlen: 24
60.234.189.0/24 maxlen: 24
60.234.190.0/24 maxlen: 24
60.234.191.0/24 maxlen: 24
60.234.192.0/24 maxlen: 24
60.234.193.0/24 maxlen: 24
60.234.194.0/23 maxlen: 24
60.234.196.0/23 maxlen: 24
60.234.198.0/23 maxlen: 24
60.234.201.0/24 maxlen: 24
60.234.202.0/23 maxlen: 24
60.234.204.0/24 maxlen: 24
60.234.205.0/24 maxlen: 24
60.234.206.0/24 maxlen: 24
60.234.207.0/24 maxlen: 24
60.234.208.0/20 maxlen: 24
60.234.224.0/19 maxlen: 24
202.127.8.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl
rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 23:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2039 (0x7f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91406AA, serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C
Validity
Not Before: Oct 8 22:24:29 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=68e6e49d-02f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:9d:e1:ba:d9:c5:7b:6c:bc:a7:d3:6f:72:d2:
89:82:42:36:50:97:30:1e:f6:d0:13:0d:9f:c0:53:
f2:ab:b7:db:28:78:35:cb:e7:1e:21:62:5f:71:f3:
6d:c4:d7:4f:b8:05:74:58:55:fe:f5:af:f2:33:b0:
3a:19:af:d4:3e:8d:25:05:00:39:9e:1c:18:b1:64:
9a:43:e9:d3:1b:0b:1e:57:fa:6e:cb:64:99:f7:6a:
51:0e:42:65:c5:09:af:7d:3f:8a:f4:61:34:3e:84:
48:f9:4a:5d:b0:2a:5e:7f:85:63:91:03:3c:5b:10:
e5:f2:69:fb:1b:83:fd:57:aa:82:0b:19:4f:92:50:
16:3d:82:dd:b8:c0:1e:9f:22:56:d7:fa:3b:95:72:
ef:a6:aa:3b:60:9d:42:3a:ee:8b:9a:c0:4b:64:c4:
77:db:bf:54:75:db:c7:f3:a6:d9:a9:42:b0:61:2f:
f0:a1:a2:db:28:a1:69:10:2f:48:e1:dd:03:5f:f5:
c2:12:80:81:35:bd:1b:a6:7d:4d:b9:15:df:41:f4:
fa:51:e0:bc:45:b8:c1:cf:40:61:e3:ac:af:6e:b6:
b2:de:c2:64:de:59:82:78:83:c1:fe:85:5b:c3:7a:
62:c8:41:02:15:d7:82:94:da:b7:b8:32:dc:34:cf:
4e:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:7F:BF:42:D2:32:5C:4F:D7:6C:A0:E0:70:00:4C:9A:0A:49:6E:5F
X509v3 Authority Key Identifier:
keyid:31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/3C30815CABB611ED8370AB5DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
60.234.7.0-60.234.8.255
60.234.10.0-60.234.15.255
60.234.31.0-60.234.33.255
60.234.39.0-60.234.41.255
60.234.46.0/24
60.234.50.0-60.234.53.255
60.234.63.0/24
60.234.68.0/24
60.234.72.0/23
60.234.75.0/24
60.234.82.0-60.234.96.255
60.234.98.0/23
60.234.104.0-60.234.119.255
60.234.122.0-60.234.176.255
60.234.178.0/24
60.234.181.0-60.234.199.255
60.234.201.0-60.234.255.255
202.127.8.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:4b:ed:b0:24:82:ba:f0:75:d4:6d:30:fc:e8:2c:f9:b4:47:
5f:ce:f0:5e:a0:05:c9:91:12:34:d3:86:ac:29:2f:f9:36:4f:
bd:a4:cb:fb:b6:10:dd:a8:26:79:00:e7:ad:ed:b7:ef:82:bf:
c9:d7:59:06:ee:02:d5:a5:8c:a2:5e:5c:12:d1:58:91:86:23:
a6:4b:1d:32:f0:52:06:71:01:1e:67:b3:cf:af:8b:1b:aa:51:
ab:8b:c0:75:bf:a7:32:c1:7c:af:33:7b:2f:59:bf:9a:e0:2b:
28:74:c6:de:f6:f0:93:c8:ef:c5:14:da:c5:c1:77:63:18:b7:
ac:be:02:da:40:99:d4:a3:c5:33:36:f6:28:3a:06:3d:38:13:
37:77:65:3a:60:98:eb:ff:b2:b9:40:63:24:5e:76:50:bd:ee:
ad:d7:53:87:48:45:f0:86:5b:8f:72:fc:eb:4f:31:9c:b7:16:
54:56:2a:82:43:50:4a:65:62:10:a1:58:2c:3e:32:65:e3:1e:
3c:46:cf:48:c4:fb:98:ec:89:58:a1:92:b3:db:93:5a:ee:0d:
67:e6:fd:37:23:ff:fb:b3:7a:65:76:5b:fc:4d:3b:95:aa:f9:
cb:dc:c1:56:99:9f:09:c8:cd:b4:3a:c5:86:61:98:ec:54:ed:
ff:3b:4d:46
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgICB/cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDA2QUExMTAvBgNVBAUTKDMxNTUxM0U1NEFCMEM5OUI4QkNBODQwNDJFMzgzNThC
NjBEQjFCMkMwHhcNMjUxMDA4MjIyNDI5WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGU2ZTQ5ZC0wMmYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyp3hutnFe2y8p9NvctKJgkI2UJcwHvbQEw2fwFPyq7fbKHg1y+ceIWJfcfNt
xNdPuAV0WFX+9a/yM7A6Ga/UPo0lBQA5nhwYsWSaQ+nTGwseV/puy2SZ92pRDkJl
xQmvfT+K9GE0PoRI+UpdsCpef4VjkQM8WxDl8mn7G4P9V6qCCxlPklAWPYLduMAe
nyJW1/o7lXLvpqo7YJ1COu6LmsBLZMR3279UddvH86bZqUKwYS/woaLbKKFpEC9I
4d0DX/XCEoCBNb0bpn1NuRXfQfT6UeC8RbjBz0Bh46yvbray3sJk3lmCeIPB/oVb
w3piyEECFdeClNq3uDLcNM9OdQIDAQABo4IDTzCCA0swHQYDVR0OBBYEFJJ/v0LS
MlxP12yg4HAATJoKSW5fMB8GA1UdIwQYMBaAFDFVE+VKsMmbi8qEBC44NYtg2xss
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84RjVCQjRGODg2
QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9NVlVUNVVxd3ladUx5b1FFTGpnMWkyRGJH
eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01WVVQ1VXF3eVp1THlvUUVMamcxaTJEYkd5dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDA2QUEvOEY1QkI0Rjg4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvM0MzMDgxNUNB
QkI2MTFFRDgzNzBBQjVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgdgGCCsGAQUFBwEHAQH/
BIHIMIHFMIHCBAIAATCBuzAMAwQAPOoHAwQAPOoIMAwDBAE86goDBAQ86gAwDAME
ADzqHwMEATzqIDAMAwQAPOonAwQBPOooAwQAPOouMAwDBAE86jIDBAE86jQDBAA8
6j8DBAA86kQDBAE86kgDBAA86kswDAMEATzqUgMEADzqYAMEATzqYjAMAwQDPOpo
AwQDPOpwMAwDBAE86noDBAA86rADBAA86rIwDAMEADzqtQMEAzzqwDALAwQAPOrJ
AwMAPOoDBALKfwgwDQYJKoZIhvcNAQELBQADggEBAH9L7bAkgrrwddRtMPzoLPm0
R1/O8F6gBcmREjTThqwpL/k2T72ky/u2EN2oJnkA563tt++Cv8nXWQbuAtWljKJe
XBLRWJGGI6ZLHTLwUgZxAR5ns8+vixuqUauLwHW/pzLBfK8zey9Zv5rgKyh0xt72
8JPI78UU2sXBd2MYt6y+AtpAmdSjxTM29ig6Bj04Ezd3ZTpgmOv/srlAYyRedlC9
7q3XU4dIRfCGW49y/OtPMZy3FlRWKoJDUEplYhChWCw+MmXjHjxGz0jE+5jsiVih
krPbk1ruDWfm/Tcj//uzemV2W/xNO5Wq+cvcwVaZnwnIzbQ6xYZhmOxU7f87TUY=
-----END CERTIFICATE-----
Generated at Tue Oct 21 07:38:12 2025 by rpki-client