Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
File: CCF0C1920EBA11ECB2C2867AC4F9AE02.roa (raw, json)
Hash identifier: OSz44UCcf4qRfBCOUb7r8YIHW2Z7ikWsfsVPeHHaHxE=
Subject key identifier: 62:C3:7E:03:4E:4A:6E:E2:4A:CD:BA:4C:D0:60:94:96:90:9A:6C:AF
Certificate issuer: /CN=A9150F66/serialNumber=9009E74196D48B03964F1FC56CFE446EC5048CF7
Certificate serial: 2945
Authority key identifier: 90:09:E7:41:96:D4:8B:03:96:4F:1F:C5:6C:FE:44:6E:C5:04:8C:F7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
Signing time: Fri 03 Oct 2025 06:17:25 +0000
ROA not before: Fri 03 Oct 2025 06:17:25 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 24440
IP address blocks: 36.255.44.0/22 maxlen: 24
43.242.100.0/22 maxlen: 24
58.65.192.0/19 maxlen: 24
61.5.128.0/19 maxlen: 24
101.53.224.0/19 maxlen: 24
103.7.60.0/22 maxlen: 24
103.18.8.0/22 maxlen: 24
103.18.12.0/22 maxlen: 24
103.18.20.0/22 maxlen: 24
103.26.80.0/22 maxlen: 24
103.26.84.0/22 maxlen: 24
103.31.92.0/22 maxlen: 24
103.31.100.0/22 maxlen: 24
103.31.104.0/22 maxlen: 24
103.244.172.0/22 maxlen: 24
103.244.176.0/22 maxlen: 24
103.245.132.0/22 maxlen: 24
103.245.192.0/22 maxlen: 24
119.13.184.0/21 maxlen: 24
124.29.192.0/18 maxlen: 24
175.107.192.0/18 maxlen: 24
202.47.32.0/19 maxlen: 24
202.163.64.0/19 maxlen: 24
202.163.96.0/19 maxlen: 24
203.101.160.0/19 maxlen: 24
218.100.85.0/24 maxlen: 24
2001:4538::/32 maxlen: 32
2001:4538:41::/48 maxlen: 48
2400:adc0:9::/64 maxlen: 64
2400:adc0:200::/48 maxlen: 48
2400:adc0:201::/48 maxlen: 48
2400:adc0:4005::/48 maxlen: 48
2400:adc0:4006::/48 maxlen: 48
2400:adc0:4013::/48 maxlen: 48
2400:adc0:4104::/48 maxlen: 48
2400:adc0:4203::/48 maxlen: 48
2400:adc0:4302::/48 maxlen: 48
2400:adc0:4303::/48 maxlen: 48
2400:adc0:4500::/48 maxlen: 48
2400:adc0:4611::/48 maxlen: 48
2400:adc0:4700::/48 maxlen: 48
2400:adc0:4710::/48 maxlen: 48
2400:adc0:4711::/48 maxlen: 48
2400:adc0:4900::/48 maxlen: 48
2400:adc0:4910::/48 maxlen: 48
2400:adc0:4a10::/48 maxlen: 48
2400:adc0:4b10::/48 maxlen: 48
2400:adc0:c001::/48 maxlen: 48
2400:adc0:c003::/48 maxlen: 48
2400:adc0:c030::/48 maxlen: 48
2400:adc0:c102::/48 maxlen: 48
2400:adc0:c103::/48 maxlen: 48
2400:adc0:c210::/48 maxlen: 48
2400:adc0:c211::/48 maxlen: 48
2400:adc0:c310::/48 maxlen: 48
2400:adc0:c410::/48 maxlen: 48
2400:adc2:100::/48 maxlen: 48
2400:adc2:300::/40 maxlen: 40
2400:adc2:400::/40 maxlen: 40
2400:adc2:600::/40 maxlen: 40
2400:adc2:700::/40 maxlen: 40
2400:adc2:900::/40 maxlen: 40
2400:adc2:a00::/40 maxlen: 40
2400:adc4::/40 maxlen: 40
2400:adc4:100::/40 maxlen: 40
2400:adc4:800::/40 maxlen: 40
2400:adc4:900::/40 maxlen: 40
2400:adc5::/42 maxlen: 42
2400:adc5:40::/42 maxlen: 42
2400:adc5:80::/42 maxlen: 42
2400:adc5:c0::/42 maxlen: 42
2400:adc5:100::/42 maxlen: 42
2400:adc5:140::/42 maxlen: 42
2400:adc5:180::/42 maxlen: 42
2400:adc5:1c0::/42 maxlen: 42
2400:adc5:300::/42 maxlen: 42
2400:adc5:340::/42 maxlen: 42
2400:adc5:380::/42 maxlen: 42
2400:adc5:3c0::/42 maxlen: 42
2400:adc5:400::/42 maxlen: 42
2400:adc5:440::/42 maxlen: 42
2400:adc5:480::/42 maxlen: 42
2400:adc5:4c0::/42 maxlen: 42
2400:adca::/40 maxlen: 40
2400:adca:100::/40 maxlen: 40
2400:add9::/40 maxlen: 40
2400:add9:100::/40 maxlen: 40
2400:add9:200::/40 maxlen: 40
2400:add9:300::/40 maxlen: 40
2400:addb:800::/40 maxlen: 40
2400:addb:900::/40 maxlen: 40
2400:addd:2000::/40 maxlen: 40
2400:addd:2100::/40 maxlen: 40
2400:addd:2800::/40 maxlen: 40
2400:addd:2900::/40 maxlen: 40
2400:addd:4900::/40 maxlen: 40
2400:adde::/40 maxlen: 40
2400:adde:100::/40 maxlen: 40
2400:addf:800::/40 maxlen: 40
2400:addf:900::/40 maxlen: 40
2400:addf:1000::/40 maxlen: 40
2400:addf:1100::/40 maxlen: 40
2400:addf:3900::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.crl
rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 15:51:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10565 (0x2945)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9150F66, serialNumber=9009E74196D48B03964F1FC56CFE446EC5048CF7
Validity
Not Before: Oct 3 06:17:25 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=68df6a75-72a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ca:d0:fc:74:a2:67:6b:84:e1:e2:f4:18:cc:
73:83:67:a0:4d:aa:04:7e:99:39:ec:7b:6a:9d:c9:
95:54:99:77:fb:4a:31:02:84:c4:02:6d:71:62:4a:
8a:22:91:b1:c1:43:94:29:de:00:62:83:6c:cd:86:
59:a0:24:25:c8:6a:8c:2b:41:fc:5e:c3:f3:58:6c:
58:2b:83:cf:f6:68:2b:bb:a0:a4:eb:85:89:45:36:
02:75:10:1c:53:f4:4c:6b:2a:c0:46:ef:18:04:35:
e3:38:4e:1f:98:cf:26:32:8e:5f:ae:b0:3f:e7:37:
14:a1:7c:b2:c6:ee:45:66:8f:10:11:3c:3f:21:02:
bc:d4:00:d2:16:4b:03:ae:b7:13:3f:01:a9:1d:7f:
42:f6:9e:c3:38:1e:50:67:4b:ec:3f:2b:5c:49:82:
85:cf:1f:d6:d8:31:0e:5a:a1:84:07:3d:35:9a:d9:
3c:7e:d7:ef:fe:42:e3:d4:34:b6:50:67:a7:76:e9:
0b:64:85:d4:e0:03:72:e6:a5:9e:5c:68:58:dc:41:
d3:ca:44:bb:86:19:04:ce:45:8c:99:ba:58:69:3f:
60:ec:85:fb:ae:f0:54:57:60:63:54:d8:ba:a5:13:
b0:2d:c5:77:c1:97:cf:9b:f2:4f:04:8b:1e:4e:6b:
01:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:C3:7E:03:4E:4A:6E:E2:4A:CD:BA:4C:D0:60:94:96:90:9A:6C:AF
X509v3 Authority Key Identifier:
keyid:90:09:E7:41:96:D4:8B:03:96:4F:1F:C5:6C:FE:44:6E:C5:04:8C:F7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.44.0/22
43.242.100.0/22
58.65.192.0/19
61.5.128.0/19
101.53.224.0/19
103.7.60.0/22
103.18.8.0/21
103.18.20.0/22
103.26.80.0/21
103.31.92.0/22
103.31.100.0-103.31.107.255
103.244.172.0-103.244.179.255
103.245.132.0/22
103.245.192.0/22
119.13.184.0/21
124.29.192.0/18
175.107.192.0/18
202.47.32.0/19
202.163.64.0/18
203.101.160.0/19
218.100.85.0/24
IPv6:
2001:4538::/32
2400:adc0:9::/64
2400:adc0:200::/47
2400:adc0:4005::-2400:adc0:4006:ffff:ffff:ffff:ffff:ffff
2400:adc0:4013::/48
2400:adc0:4104::/48
2400:adc0:4203::/48
2400:adc0:4302::/47
2400:adc0:4500::/48
2400:adc0:4611::/48
2400:adc0:4700::/48
2400:adc0:4710::/47
2400:adc0:4900::/48
2400:adc0:4910::/48
2400:adc0:4a10::/48
2400:adc0:4b10::/48
2400:adc0:c001::/48
2400:adc0:c003::/48
2400:adc0:c030::/48
2400:adc0:c102::/47
2400:adc0:c210::/47
2400:adc0:c310::/48
2400:adc0:c410::/48
2400:adc2:100::/48
2400:adc2:300::-2400:adc2:4ff:ffff:ffff:ffff:ffff:ffff
2400:adc2:600::/39
2400:adc2:900::-2400:adc2:aff:ffff:ffff:ffff:ffff:ffff
2400:adc4::/39
2400:adc4:800::/39
2400:adc5::/39
2400:adc5:300::-2400:adc5:4ff:ffff:ffff:ffff:ffff:ffff
2400:adca::/39
2400:add9::/38
2400:addb:800::/39
2400:addd:2000::/39
2400:addd:2800::/39
2400:addd:4900::/40
2400:adde::/39
2400:addf:800::/39
2400:addf:1000::/39
2400:addf:3900::/40
Signature Algorithm: sha256WithRSAEncryption
77:7c:50:5d:24:2f:d6:11:d5:67:70:5e:a2:f1:76:a3:83:af:
7a:de:10:4d:f6:33:8e:e9:41:dc:f6:39:bf:96:6c:3e:84:b6:
7b:92:ca:05:2c:eb:d4:de:bd:f3:63:79:31:15:e8:31:aa:1c:
8c:0c:c1:95:46:a0:6e:34:2f:34:48:61:9d:a2:7d:2e:92:7b:
53:83:ed:d2:c3:73:cd:da:1a:17:c6:64:5d:56:7e:44:da:b5:
df:c1:4a:6e:98:85:4f:34:f3:24:f2:fd:cb:c1:31:ad:b4:f2:
de:85:38:75:99:38:c6:0c:00:39:d7:ff:cb:b3:1c:a5:05:df:
0e:ca:0c:02:cb:e7:87:be:42:92:bb:51:4a:f5:13:f9:a7:b9:
e9:0e:d4:77:91:b2:9e:ee:86:e9:d7:12:b0:82:2f:88:c9:86:
d6:bd:91:c0:d8:7f:a1:b3:38:13:a2:76:f5:12:58:03:e9:e1:
39:05:c1:89:cd:9e:eb:44:06:36:ce:8a:b1:1d:88:79:6b:64:
00:9b:6e:31:01:09:86:a4:1e:d0:81:7e:03:4a:71:32:97:c9:
44:df:98:56:ec:21:f9:f2:1d:e1:62:9b:1b:f6:d6:b7:0f:dc:
17:50:f9:4b:a0:35:27:b3:d3:32:04:92:ab:54:ca:6c:92:4a:
96:4a:88:0e
-----BEGIN CERTIFICATE-----
MIIHljCCBn6gAwIBAgICKUUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTBGNjYxMTAvBgNVBAUTKDkwMDlFNzQxOTZENDhCMDM5NjRGMUZDNTZDRkU0NDZF
QzUwNDhDRjcwHhcNMjUxMDAzMDYxNzI1WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGRmNmE3NS03MmE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA18rQ/HSiZ2uE4eL0GMxzg2egTaoEfpk57HtqncmVVJl3+0oxAoTEAm1xYkqK
IpGxwUOUKd4AYoNszYZZoCQlyGqMK0H8XsPzWGxYK4PP9mgru6Ck64WJRTYCdRAc
U/RMayrARu8YBDXjOE4fmM8mMo5frrA/5zcUoXyyxu5FZo8QETw/IQK81ADSFksD
rrcTPwGpHX9C9p7DOB5QZ0vsPytcSYKFzx/W2DEOWqGEBz01mtk8ftfv/kLj1DS2
UGendukLZIXU4ANy5qWeXGhY3EHTykS7hhkEzkWMmbpYaT9g7IX7rvBUV2BjVNi6
pROwLcV3wZfPm/JPBIseTmsBfQIDAQABo4IEujCCBLYwHQYDVR0OBBYEFGLDfgNO
Sm7iSs26TNBglJaQmmyvMB8GA1UdIwQYMBaAFJAJ50GW1IsDlk8fxWz+RG7FBIz3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MEY2Ni9CQzFEQzFGNkMx
NzUxMUU0QTJDN0I3NENDNEY5QUUwMi9rQW5uUVpiVWl3T1dUeF9GYlA1RWJzVUVq
UGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tBbm5RWmJVaXdPV1R4X0ZiUDVFYnNVRWpQYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTBGNjYvQkMxREMxRjZDMTc1MTFFNEEyQzdCNzRDQzRGOUFFMDIvQ0NGMEMxOTIw
RUJBMTFFQ0IyQzI4NjdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggJCBggrBgEFBQcBBwEB
/wSCAjEwggItMIGVBAIAATCBjgMEAiT/LAMEAivyZAMEBTpBwAMEBT0FgAMEBWU1
4AMEAmcHPAMEA2cSCAMEAmcSFAMEA2caUAMEAmcfXDAMAwQCZx9kAwQCZx9oMAwD
BAJn9KwDBAJn9LADBAJn9YQDBAJn9cADBAN3DbgDBAZ8HcADBAava8ADBAXKLyAD
BAbKo0ADBAXLZaADBADaZFUwggGRBAIAAjCCAYkDBQAgAUU4AwkAJACtwAAJAAAD
BwEkAK3AAgAwEgMHACQArcBABQMHACQArcBABgMHACQArcBAEwMHACQArcBBBAMH
ACQArcBCAwMHASQArcBDAgMHACQArcBFAAMHACQArcBGEQMHACQArcBHAAMHASQA
rcBHEAMHACQArcBJAAMHACQArcBJEAMHACQArcBKEAMHACQArcBLEAMHACQArcDA
AQMHACQArcDAAwMHACQArcDAMAMHASQArcDBAgMHASQArcDCEAMHACQArcDDEAMH
ACQArcDEEAMHACQArcIBADAQAwYAJACtwgMDBgAkAK3CBAMGASQArcIGMBADBgAk
AK3CCQMGACQArcIKAwYBJACtxAADBgEkAK3ECAMGASQArcUAMBADBgAkAK3FAwMG
ACQArcUEAwYBJACtygADBgIkAK3ZAAMGASQArdsIAwYBJACt3SADBgEkAK3dKAMG
ACQArd1JAwYBJACt3gADBgEkAK3fCAMGASQArd8QAwYAJACt3zkwDQYJKoZIhvcN
AQELBQADggEBAHd8UF0kL9YR1WdwXqLxdqODr3reEE32M47pQdz2Ob+WbD6EtnuS
ygUs69TevfNjeTEV6DGqHIwMwZVGoG40LzRIYZ2ifS6Se1OD7dLDc83aGhfGZF1W
fkTatd/BSm6YhU808yTy/cvBMa208t6FOHWZOMYMADnX/8uzHKUF3w7KDALL54e+
QpK7UUr1E/mnuekO1HeRsp7uhunXErCCL4jJhta9kcDYf6GzOBOidvUSWAPp4TkF
wYnNnutEBjbOirEdiHlrZACbbjEBCYakHtCBfgNKcTKXyUTfmFbsIfnyHeFimxv2
1rcP3BdQ+UugNSez0zIEkqtUymySSpZKiA4=
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:13:35 2025 by rpki-client