Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914C33A/1D2BD03E2DDB11E49AF61530C4F9AE02/3118E43E966B11EAAA23047CC4F9AE02.roa
File: 3118E43E966B11EAAA23047CC4F9AE02.roa (raw, json)
Hash identifier: foVnGp/jqxcrwmjuMi9JIuJxuKPFhTJXYXUK/5x/qrY=
Subject key identifier: A6:CB:7A:18:18:B5:E1:50:1A:B6:90:E5:F3:DD:9A:F4:D7:6C:9E:A4
Certificate issuer: /CN=A914C33A/serialNumber=9C81471F18AAEECDF945A7C917FD8A8985D7C3AC
Certificate serial: 2ACE
Authority key identifier: 9C:81:47:1F:18:AA:EE:CD:F9:45:A7:C9:17:FD:8A:89:85:D7:C3:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nIFHHxiq7s35RafJF_2KiYXXw6w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914C33A/1D2BD03E2DDB11E49AF61530C4F9AE02/3118E43E966B11EAAA23047CC4F9AE02.roa
Signing time: Tue 30 Sep 2025 15:42:31 +0000
ROA not before: Tue 30 Sep 2025 15:42:31 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 7642
IP address blocks: 27.114.128.0/18 maxlen: 18
27.114.128.0/23 maxlen: 24
27.114.130.0/23 maxlen: 24
27.114.132.0/23 maxlen: 24
27.114.134.0/23 maxlen: 24
27.114.136.0/23 maxlen: 24
27.114.138.0/23 maxlen: 24
27.114.140.0/23 maxlen: 24
27.114.142.0/23 maxlen: 24
27.114.144.0/23 maxlen: 24
27.114.146.0/23 maxlen: 24
27.114.148.0/23 maxlen: 24
27.114.150.0/23 maxlen: 24
27.114.152.0/23 maxlen: 24
27.114.154.0/23 maxlen: 24
27.114.156.0/23 maxlen: 24
27.114.158.0/23 maxlen: 24
27.114.160.0/23 maxlen: 24
27.114.162.0/23 maxlen: 24
27.114.164.0/23 maxlen: 24
27.114.166.0/23 maxlen: 24
27.114.168.0/23 maxlen: 24
27.114.170.0/23 maxlen: 24
27.114.172.0/23 maxlen: 24
27.114.174.0/23 maxlen: 24
27.114.176.0/23 maxlen: 24
27.114.178.0/23 maxlen: 24
27.114.180.0/23 maxlen: 24
27.114.182.0/23 maxlen: 24
27.114.184.0/23 maxlen: 24
27.114.186.0/23 maxlen: 24
27.114.188.0/23 maxlen: 24
27.114.190.0/23 maxlen: 24
43.226.220.0/22 maxlen: 24
103.31.84.0/22 maxlen: 24
123.176.0.0/19 maxlen: 24
124.195.192.0/19 maxlen: 19
124.195.192.0/23 maxlen: 24
124.195.194.0/23 maxlen: 24
124.195.196.0/23 maxlen: 24
124.195.198.0/23 maxlen: 24
124.195.200.0/23 maxlen: 24
124.195.202.0/23 maxlen: 24
124.195.204.0/23 maxlen: 24
124.195.206.0/23 maxlen: 24
124.195.208.0/23 maxlen: 24
124.195.210.0/23 maxlen: 24
124.195.212.0/23 maxlen: 24
124.195.214.0/23 maxlen: 24
124.195.216.0/23 maxlen: 24
124.195.218.0/23 maxlen: 24
124.195.220.0/23 maxlen: 24
124.195.222.0/23 maxlen: 24
202.1.192.0/20 maxlen: 24
203.104.24.0/21 maxlen: 21
203.104.24.0/23 maxlen: 24
203.104.26.0/23 maxlen: 24
203.104.28.0/23 maxlen: 24
203.104.30.0/23 maxlen: 24
2406:e400::/32 maxlen: 56
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914C33A/1D2BD03E2DDB11E49AF61530C4F9AE02/nIFHHxiq7s35RafJF_2KiYXXw6w.crl
rsync://rpki.apnic.net/member_repository/A914C33A/1D2BD03E2DDB11E49AF61530C4F9AE02/nIFHHxiq7s35RafJF_2KiYXXw6w.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nIFHHxiq7s35RafJF_2KiYXXw6w.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 27 Oct 2025 15:42:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10958 (0x2ace)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914C33A, serialNumber=9C81471F18AAEECDF945A7C917FD8A8985D7C3AC
Validity
Not Before: Sep 30 15:42:31 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=68dbfa66-233a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:97:cb:f8:41:f3:c5:91:ee:6f:03:f3:36:58:
4a:6b:ee:18:08:d8:b9:69:a4:04:fd:a8:63:f0:b2:
49:0d:a9:65:d5:8a:63:d6:61:08:af:de:b5:44:ff:
e7:5f:0e:74:90:67:61:7c:af:55:69:22:f6:e3:51:
d6:07:2f:43:6a:b4:0e:42:f7:5c:38:75:6c:75:03:
5d:57:51:96:63:0c:f0:6b:af:a6:3b:9b:e9:4e:f7:
ef:de:24:67:7b:60:5c:6f:aa:7a:da:31:2b:dc:d9:
02:14:54:8a:e3:cf:bc:f4:39:5b:56:4a:65:e8:69:
bc:59:bc:fa:06:0f:dc:e8:88:65:4c:c8:88:4f:52:
bf:28:1b:d1:1c:64:03:29:c0:c0:53:86:79:e2:ad:
d0:f6:ab:c2:4b:d0:d8:d2:d2:a7:ec:e2:10:79:a2:
5d:e5:fc:ff:ae:46:e2:1d:f6:13:a5:cb:62:89:d3:
80:90:cd:2b:68:84:15:62:a8:5f:ef:d9:a2:b7:c9:
29:ab:c1:b4:f5:03:30:a3:e3:d4:13:18:c7:bf:b1:
35:48:74:76:a5:1d:89:72:5e:43:ba:31:b1:59:0d:
c1:c9:91:53:8e:04:f1:f9:23:5c:e1:a8:f5:59:9f:
ef:b1:91:ce:41:97:d3:b7:5f:c7:5b:3a:9e:a4:5f:
9c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:CB:7A:18:18:B5:E1:50:1A:B6:90:E5:F3:DD:9A:F4:D7:6C:9E:A4
X509v3 Authority Key Identifier:
keyid:9C:81:47:1F:18:AA:EE:CD:F9:45:A7:C9:17:FD:8A:89:85:D7:C3:AC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914C33A/1D2BD03E2DDB11E49AF61530C4F9AE02/nIFHHxiq7s35RafJF_2KiYXXw6w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nIFHHxiq7s35RafJF_2KiYXXw6w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914C33A/1D2BD03E2DDB11E49AF61530C4F9AE02/3118E43E966B11EAAA23047CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.114.128.0/18
43.226.220.0/22
103.31.84.0/22
123.176.0.0/19
124.195.192.0/19
202.1.192.0/20
203.104.24.0/21
IPv6:
2406:e400::/32
Signature Algorithm: sha256WithRSAEncryption
89:e7:a5:13:5c:df:97:ac:a2:53:c0:d0:db:c4:bf:56:ee:15:
bf:3f:34:13:48:aa:76:03:b4:55:11:83:30:2d:ab:70:c2:69:
f0:ea:4f:63:db:95:a3:b9:8b:e4:09:77:39:31:3a:88:ff:5b:
e9:e4:82:36:d5:8e:9f:5d:99:4c:2c:42:9a:8e:7f:e7:fb:cb:
63:19:64:bb:5b:36:22:19:0e:54:c7:c9:2f:80:76:b6:09:b5:
ea:6b:e7:a2:43:a1:15:f6:95:2f:1d:ae:02:13:4a:2c:7c:a5:
8b:83:48:1a:f6:dc:01:e4:ed:58:83:39:f7:ce:6f:72:92:de:
70:af:4c:a6:c5:94:e4:d4:bc:de:ea:ed:e8:28:35:86:15:ba:
3e:cb:6f:c9:4f:3d:16:be:80:d3:83:39:ef:67:70:2a:5f:ec:
73:1c:9b:29:cf:a4:12:7c:d4:82:a9:d2:8d:40:c4:d8:b5:e2:
80:be:08:a4:e1:d4:ba:79:92:e6:b7:72:99:69:78:51:e3:46:
5a:ee:69:0d:b6:b8:84:e0:d8:5b:25:aa:9d:6b:03:fc:ce:c7:
25:4d:17:27:b5:fe:71:00:a9:c8:a0:af:41:f6:5d:e8:ab:ce:
ce:ea:32:5c:1c:ce:4e:af:a6:4b:1d:00:26:50:86:b6:62:85:
c5:a0:fc:d8
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgICKs4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEMzM0ExMTAvBgNVBAUTKDlDODE0NzFGMThBQUVFQ0RGOTQ1QTdDOTE3RkQ4QTg5
ODVEN0MzQUMwHhcNMjUwOTMwMTU0MjMxWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGRiZmE2Ni0yMzNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp5fL+EHzxZHubwPzNlhKa+4YCNi5aaQE/ahj8LJJDall1Ypj1mEIr961RP/n
Xw50kGdhfK9VaSL241HWBy9DarQOQvdcOHVsdQNdV1GWYwzwa6+mO5vpTvfv3iRn
e2Bcb6p62jEr3NkCFFSK48+89DlbVkpl6Gm8Wbz6Bg/c6IhlTMiIT1K/KBvRHGQD
KcDAU4Z54q3Q9qvCS9DY0tKn7OIQeaJd5fz/rkbiHfYTpctiidOAkM0raIQVYqhf
79mit8kpq8G09QMwo+PUExjHv7E1SHR2pR2Jcl5DujGxWQ3ByZFTjgTx+SNc4aj1
WZ/vsZHOQZfTt1/HWzqepF+cwwIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFKbLehgY
teFQGraQ5fPdmvTXbJ6kMB8GA1UdIwQYMBaAFJyBRx8Yqu7N+UWnyRf9iomF18Os
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QzMzQS8xRDJCRDAzRTJE
REIxMUU0OUFGNjE1MzBDNEY5QUUwMi9uSUZISHhpcTdzMzVSYWZKRl8yS2lZWFh3
NncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25JRkhIeGlxN3MzNVJhZkpGXzJLaVlYWHc2dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEMzM0EvMUQyQkQwM0UyRERCMTFFNDlBRjYxNTMwQzRGOUFFMDIvMzExOEU0M0U5
NjZCMTFFQUFBMjMwNDdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E
QzBBMDAEAgABMCoDBAYbcoADBAIr4twDBAJnH1QDBAV7sAADBAV8w8ADBATKAcAD
BAPLaBgwDQQCAAIwBwMFACQG5AAwDQYJKoZIhvcNAQELBQADggEBAInnpRNc35es
olPA0NvEv1buFb8/NBNIqnYDtFURgzAtq3DCafDqT2PblaO5i+QJdzkxOoj/W+nk
gjbVjp9dmUwsQpqOf+f7y2MZZLtbNiIZDlTHyS+AdrYJtepr56JDoRX2lS8drgIT
Six8pYuDSBr23AHk7ViDOffOb3KS3nCvTKbFlOTUvN7q7egoNYYVuj7Lb8lPPRa+
gNODOe9ncCpf7HMcmynPpBJ81IKp0o1AxNi14oC+CKTh1Lp5kua3cplpeFHjRlru
aQ22uITg2Fslqp1rA/zOxyVNFye1/nEAqcigr0H2Xeirzs7qMlwczk6vpksdACZQ
hrZihcWg/Ng=
-----END CERTIFICATE-----
Generated at Tue Oct 21 03:04:39 2025 by rpki-client