Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
File: CCF0C1920EBA11ECB2C2867AC4F9AE02.roa (raw, json)
Hash identifier: j3u3Z2uchnIh0PFOuDr/86dxHnmkhdcliLWa+Xj5ACM=
Subject key identifier: 24:78:06:16:5E:45:DA:24:DA:02:52:15:70:AF:83:1F:81:02:A5:0B
Certificate issuer: /CN=A9150F66/serialNumber=9009E74196D48B03964F1FC56CFE446EC5048CF7
Certificate serial: 290E
Authority key identifier: 90:09:E7:41:96:D4:8B:03:96:4F:1F:C5:6C:FE:44:6E:C5:04:8C:F7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
Signing time: Mon 11 Aug 2025 11:36:54 +0000
ROA not before: Mon 11 Aug 2025 11:36:54 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 24440
IP address blocks: 36.255.44.0/22 maxlen: 24
43.242.100.0/22 maxlen: 24
58.65.192.0/19 maxlen: 24
61.5.128.0/19 maxlen: 24
101.53.224.0/19 maxlen: 24
103.7.60.0/22 maxlen: 24
103.18.8.0/22 maxlen: 24
103.18.12.0/22 maxlen: 24
103.18.20.0/22 maxlen: 24
103.26.80.0/22 maxlen: 24
103.26.84.0/22 maxlen: 24
103.31.92.0/22 maxlen: 24
103.31.100.0/22 maxlen: 24
103.31.104.0/22 maxlen: 24
103.244.172.0/22 maxlen: 24
103.244.176.0/22 maxlen: 24
103.245.132.0/22 maxlen: 24
103.245.192.0/22 maxlen: 24
119.13.184.0/21 maxlen: 24
124.29.192.0/18 maxlen: 24
175.107.192.0/18 maxlen: 24
202.47.32.0/19 maxlen: 24
202.163.64.0/19 maxlen: 24
202.163.96.0/19 maxlen: 24
203.101.160.0/19 maxlen: 24
218.100.85.0/24 maxlen: 24
2001:4538::/32 maxlen: 32
2001:4538:41::/48 maxlen: 48
2400:adc0:9::/64 maxlen: 64
2400:adc0:200::/48 maxlen: 48
2400:adc0:201::/48 maxlen: 48
2400:adc0:4005::/48 maxlen: 48
2400:adc0:4006::/48 maxlen: 48
2400:adc0:4013::/48 maxlen: 48
2400:adc0:4104::/48 maxlen: 48
2400:adc0:4203::/48 maxlen: 48
2400:adc0:4302::/48 maxlen: 48
2400:adc0:4303::/48 maxlen: 48
2400:adc0:4500::/48 maxlen: 48
2400:adc0:4611::/48 maxlen: 48
2400:adc0:4700::/48 maxlen: 48
2400:adc0:4710::/48 maxlen: 48
2400:adc0:4711::/48 maxlen: 48
2400:adc0:c001::/48 maxlen: 48
2400:adc0:c003::/48 maxlen: 48
2400:adc0:c030::/48 maxlen: 48
2400:adc0:c102::/48 maxlen: 48
2400:adc0:c103::/48 maxlen: 48
2400:adc0:c210::/48 maxlen: 48
2400:adc0:c211::/48 maxlen: 48
2400:adc0:c310::/48 maxlen: 48
2400:adc0:c410::/48 maxlen: 48
2400:adc2:100::/48 maxlen: 48
2400:adc2:300::/40 maxlen: 40
2400:adc2:400::/40 maxlen: 40
2400:adc2:600::/40 maxlen: 40
2400:adc2:700::/40 maxlen: 40
2400:adc2:900::/40 maxlen: 40
2400:adc2:a00::/40 maxlen: 40
2400:adc4::/40 maxlen: 40
2400:adc4:100::/40 maxlen: 40
2400:adc4:800::/40 maxlen: 40
2400:adc4:900::/40 maxlen: 40
2400:adc5::/42 maxlen: 42
2400:adc5:40::/42 maxlen: 42
2400:adc5:80::/42 maxlen: 42
2400:adc5:c0::/42 maxlen: 42
2400:adc5:100::/42 maxlen: 42
2400:adc5:140::/42 maxlen: 42
2400:adc5:180::/42 maxlen: 42
2400:adc5:1c0::/42 maxlen: 42
2400:adc5:300::/42 maxlen: 42
2400:adc5:340::/42 maxlen: 42
2400:adc5:380::/42 maxlen: 42
2400:adc5:3c0::/42 maxlen: 42
2400:adc5:400::/42 maxlen: 42
2400:adc5:440::/42 maxlen: 42
2400:adc5:480::/42 maxlen: 42
2400:adc5:4c0::/42 maxlen: 42
2400:adca::/40 maxlen: 40
2400:adca:100::/40 maxlen: 40
2400:addb:800::/40 maxlen: 40
2400:addb:900::/40 maxlen: 40
2400:addd:2000::/40 maxlen: 40
2400:addd:2100::/40 maxlen: 40
2400:addd:2800::/40 maxlen: 40
2400:addd:2900::/40 maxlen: 40
2400:adde::/40 maxlen: 40
2400:adde:100::/40 maxlen: 40
2400:addf:800::/40 maxlen: 40
2400:addf:900::/40 maxlen: 40
2400:addf:1000::/40 maxlen: 40
2400:addf:1100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.crl
rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 15:41:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10510 (0x290e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9150F66, serialNumber=9009E74196D48B03964F1FC56CFE446EC5048CF7
Validity
Not Before: Aug 11 11:36:54 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=6899d5d6-9998
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:be:ae:00:11:bd:c7:c2:86:07:f8:62:9e:54:
ff:f5:8e:21:7b:d5:fd:c5:16:74:cb:59:fd:82:bd:
0e:55:70:18:30:a7:6e:52:d4:24:f3:26:0f:02:d9:
25:41:c1:07:8e:f7:11:64:9e:49:e9:04:fb:95:d4:
f5:b7:81:a2:98:ff:b7:86:e3:79:b9:04:a0:d2:59:
1d:61:20:f0:85:3e:97:72:29:63:53:bd:7e:94:74:
cd:be:2c:7e:9c:2e:2b:71:3d:06:49:99:b8:d5:b0:
c3:65:09:48:24:02:fb:85:40:a4:72:59:32:3c:48:
47:34:d7:ff:ce:0a:57:61:bd:a8:99:fe:d0:b5:1b:
b5:b9:64:e4:14:bb:bb:b4:8f:f4:15:c9:ca:2a:8c:
66:05:fc:5b:b6:be:8e:fb:6c:bc:3e:04:32:c9:12:
c5:ee:d2:e3:04:b0:04:ad:b0:29:75:07:b8:c6:95:
a0:ad:1b:08:f2:2a:ef:c9:26:4b:af:ad:b9:b2:c4:
56:35:63:f0:ea:5a:de:89:af:fd:10:c3:7f:6d:35:
f0:31:83:00:77:fb:94:f1:68:b9:9a:33:38:66:ed:
33:ae:37:3e:ef:cc:d6:db:55:f1:65:4b:9e:e1:09:
80:4b:d7:4a:96:7e:eb:c5:0a:03:b4:0e:ab:ca:da:
72:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:78:06:16:5E:45:DA:24:DA:02:52:15:70:AF:83:1F:81:02:A5:0B
X509v3 Authority Key Identifier:
keyid:90:09:E7:41:96:D4:8B:03:96:4F:1F:C5:6C:FE:44:6E:C5:04:8C:F7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.44.0/22
43.242.100.0/22
58.65.192.0/19
61.5.128.0/19
101.53.224.0/19
103.7.60.0/22
103.18.8.0/21
103.18.20.0/22
103.26.80.0/21
103.31.92.0/22
103.31.100.0-103.31.107.255
103.244.172.0-103.244.179.255
103.245.132.0/22
103.245.192.0/22
119.13.184.0/21
124.29.192.0/18
175.107.192.0/18
202.47.32.0/19
202.163.64.0/18
203.101.160.0/19
218.100.85.0/24
IPv6:
2001:4538::/32
2400:adc0:9::/64
2400:adc0:200::/47
2400:adc0:4005::-2400:adc0:4006:ffff:ffff:ffff:ffff:ffff
2400:adc0:4013::/48
2400:adc0:4104::/48
2400:adc0:4203::/48
2400:adc0:4302::/47
2400:adc0:4500::/48
2400:adc0:4611::/48
2400:adc0:4700::/48
2400:adc0:4710::/47
2400:adc0:c001::/48
2400:adc0:c003::/48
2400:adc0:c030::/48
2400:adc0:c102::/47
2400:adc0:c210::/47
2400:adc0:c310::/48
2400:adc0:c410::/48
2400:adc2:100::/48
2400:adc2:300::-2400:adc2:4ff:ffff:ffff:ffff:ffff:ffff
2400:adc2:600::/39
2400:adc2:900::-2400:adc2:aff:ffff:ffff:ffff:ffff:ffff
2400:adc4::/39
2400:adc4:800::/39
2400:adc5::/39
2400:adc5:300::-2400:adc5:4ff:ffff:ffff:ffff:ffff:ffff
2400:adca::/39
2400:addb:800::/39
2400:addd:2000::/39
2400:addd:2800::/39
2400:adde::/39
2400:addf:800::/39
2400:addf:1000::/39
Signature Algorithm: sha256WithRSAEncryption
9a:3a:36:fb:70:20:21:29:ef:2b:77:c9:34:c4:77:ea:b0:94:
1f:ff:3e:5f:07:f6:9d:4d:40:d1:15:cd:82:db:84:48:d1:8c:
37:40:a5:83:9f:02:70:7a:d5:c4:80:67:b8:ae:af:05:37:1f:
88:b0:a3:00:71:2d:4e:99:00:1e:5d:ba:29:0a:94:45:ed:55:
db:c4:b3:69:15:cf:d1:ed:ba:cb:1f:c0:0a:3c:ac:17:6c:fa:
a5:e7:06:dd:82:8b:e1:5c:f6:d7:10:24:ad:92:3e:a0:9d:f3:
74:03:35:4d:1c:1e:16:9d:50:71:0a:8e:7c:d2:24:01:bb:16:
b5:57:e5:5b:91:b9:3e:56:5e:b0:a2:e3:75:6b:93:20:42:f3:
fb:ae:a4:45:9d:0b:d9:07:dd:cf:9f:dd:91:90:4f:32:a3:1b:
70:8a:00:77:19:72:ca:d3:eb:d3:f7:6c:9a:6d:ec:5a:89:95:
69:40:ef:20:41:a2:16:39:a7:c6:7f:2d:16:fd:b2:69:95:72:
be:3f:58:5a:46:55:b9:59:bf:c6:8c:61:4e:6f:db:c7:8a:9c:
c1:88:30:a1:d3:6c:bb:2f:ad:bf:5b:70:1d:b7:4a:0e:7b:24:
f2:86:19:5e:b1:16:9c:7c:61:ab:86:fb:47:e2:08:bd:5c:45:
64:5f:38:33
-----BEGIN CERTIFICATE-----
MIIHWjCCBkKgAwIBAgICKQ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTBGNjYxMTAvBgNVBAUTKDkwMDlFNzQxOTZENDhCMDM5NjRGMUZDNTZDRkU0NDZF
QzUwNDhDRjcwHhcNMjUwODExMTEzNjU0WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODk5ZDVkNi05OTk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4L6uABG9x8KGB/hinlT/9Y4he9X9xRZ0y1n9gr0OVXAYMKduUtQk8yYPAtkl
QcEHjvcRZJ5J6QT7ldT1t4GimP+3huN5uQSg0lkdYSDwhT6XciljU71+lHTNvix+
nC4rcT0GSZm41bDDZQlIJAL7hUCkclkyPEhHNNf/zgpXYb2omf7QtRu1uWTkFLu7
tI/0FcnKKoxmBfxbtr6O+2y8PgQyyRLF7tLjBLAErbApdQe4xpWgrRsI8irvySZL
r625ssRWNWPw6lreia/9EMN/bTXwMYMAd/uU8Wi5mjM4Zu0zrjc+78zW21XxZUue
4QmAS9dKln7rxQoDtA6rytpyuwIDAQABo4IEfjCCBHowHQYDVR0OBBYEFCR4BhZe
Rdok2gJSFXCvgx+BAqULMB8GA1UdIwQYMBaAFJAJ50GW1IsDlk8fxWz+RG7FBIz3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MEY2Ni9CQzFEQzFGNkMx
NzUxMUU0QTJDN0I3NENDNEY5QUUwMi9rQW5uUVpiVWl3T1dUeF9GYlA1RWJzVUVq
UGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tBbm5RWmJVaXdPV1R4X0ZiUDVFYnNVRWpQYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTBGNjYvQkMxREMxRjZDMTc1MTFFNEEyQzdCNzRDQzRGOUFFMDIvQ0NGMEMxOTIw
RUJBMTFFQ0IyQzI4NjdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggIGBggrBgEFBQcBBwEB
/wSCAfUwggHxMIGVBAIAATCBjgMEAiT/LAMEAivyZAMEBTpBwAMEBT0FgAMEBWU1
4AMEAmcHPAMEA2cSCAMEAmcSFAMEA2caUAMEAmcfXDAMAwQCZx9kAwQCZx9oMAwD
BAJn9KwDBAJn9LADBAJn9YQDBAJn9cADBAN3DbgDBAZ8HcADBAava8ADBAXKLyAD
BAbKo0ADBAXLZaADBADaZFUwggFVBAIAAjCCAU0DBQAgAUU4AwkAJACtwAAJAAAD
BwEkAK3AAgAwEgMHACQArcBABQMHACQArcBABgMHACQArcBAEwMHACQArcBBBAMH
ACQArcBCAwMHASQArcBDAgMHACQArcBFAAMHACQArcBGEQMHACQArcBHAAMHASQA
rcBHEAMHACQArcDAAQMHACQArcDAAwMHACQArcDAMAMHASQArcDBAgMHASQArcDC
EAMHACQArcDDEAMHACQArcDEEAMHACQArcIBADAQAwYAJACtwgMDBgAkAK3CBAMG
ASQArcIGMBADBgAkAK3CCQMGACQArcIKAwYBJACtxAADBgEkAK3ECAMGASQArcUA
MBADBgAkAK3FAwMGACQArcUEAwYBJACtygADBgEkAK3bCAMGASQArd0gAwYBJACt
3SgDBgEkAK3eAAMGASQArd8IAwYBJACt3xAwDQYJKoZIhvcNAQELBQADggEBAJo6
NvtwICEp7yt3yTTEd+qwlB//Pl8H9p1NQNEVzYLbhEjRjDdApYOfAnB61cSAZ7iu
rwU3H4iwowBxLU6ZAB5duikKlEXtVdvEs2kVz9HtussfwAo8rBds+qXnBt2Ci+Fc
9tcQJK2SPqCd83QDNU0cHhadUHEKjnzSJAG7FrVX5VuRuT5WXrCi43VrkyBC8/uu
pEWdC9kH3c+f3ZGQTzKjG3CKAHcZcsrT69P3bJpt7FqJlWlA7yBBohY5p8Z/LRb9
smmVcr4/WFpGVblZv8aMYU5v28eKnMGIMKHTbLsvrb9bcB23Sg57JPKGGV6xFpx8
YauG+0fiCL1cRWRfODM=
-----END CERTIFICATE-----
Generated at Sun Aug 24 01:27:59 2025 by rpki-client