Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/CB67A9DC8D1311EF9895E61CC4F9AE02.roa
File: CB67A9DC8D1311EF9895E61CC4F9AE02.roa (raw, json)
Hash identifier: fKITGlH8Ym4FGCNTLdBz3N/9fT41O0ewrHeW85uprek=
Subject key identifier: 99:34:59:95:36:3D:41:D7:34:59:4B:56:82:32:F9:36:49:06:66:7D
Certificate issuer: /CN=A9158E3F/serialNumber=7E313AB7FF26E783E03C07851612751881AE4918
Certificate serial: 0C3F
Authority key identifier: 7E:31:3A:B7:FF:26:E7:83:E0:3C:07:85:16:12:75:18:81:AE:49:18
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjE6t_8m54PgPAeFFhJ1GIGuSRg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/CB67A9DC8D1311EF9895E61CC4F9AE02.roa
Signing time: Sat 16 Aug 2025 19:30:02 +0000
ROA not before: Sat 16 Aug 2025 19:30:02 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 15830
IP address blocks: 27.111.128.0/22 maxlen: 22
36.255.39.0/24 maxlen: 24
103.8.176.0/22 maxlen: 22
103.8.180.0/22 maxlen: 22
103.8.180.0/24 maxlen: 24
103.8.182.0/23 maxlen: 23
119.27.0.0/19 maxlen: 19
119.27.32.0/20 maxlen: 20
119.27.50.0/23 maxlen: 23
119.27.52.0/22 maxlen: 22
119.27.56.0/22 maxlen: 22
119.27.60.0/23 maxlen: 23
122.50.64.0/19 maxlen: 19
122.50.104.0/21 maxlen: 21
122.50.112.0/22 maxlen: 22
122.50.120.0/21 maxlen: 21
180.189.0.0/20 maxlen: 20
180.189.0.0/21 maxlen: 21
180.189.8.0/21 maxlen: 21
180.189.8.0/22 maxlen: 22
180.189.13.0/24 maxlen: 24
180.189.14.0/23 maxlen: 23
180.189.32.0/20 maxlen: 20
180.189.48.0/22 maxlen: 22
180.189.56.0/21 maxlen: 21
183.177.0.0/20 maxlen: 20
183.177.16.0/20 maxlen: 20
183.177.32.0/20 maxlen: 20
202.167.224.0/23 maxlen: 23
202.167.227.0/24 maxlen: 24
202.167.230.0/23 maxlen: 23
202.167.232.0/24 maxlen: 24
202.167.234.0/23 maxlen: 23
202.167.236.0/22 maxlen: 22
202.167.240.0/22 maxlen: 22
202.167.244.0/22 maxlen: 22
202.167.248.0/23 maxlen: 23
202.167.252.0/23 maxlen: 23
202.167.254.0/24 maxlen: 24
202.167.255.0/24 maxlen: 24
202.177.192.0/24 maxlen: 24
202.177.193.0/24 maxlen: 24
202.177.195.0/24 maxlen: 24
202.177.196.0/23 maxlen: 23
202.177.198.0/24 maxlen: 24
202.177.199.0/24 maxlen: 24
202.177.200.0/23 maxlen: 23
202.177.202.0/23 maxlen: 23
202.177.204.0/23 maxlen: 23
202.177.207.0/24 maxlen: 24
203.190.224.0/23 maxlen: 23
203.190.226.0/24 maxlen: 24
203.190.228.0/23 maxlen: 23
203.190.232.0/22 maxlen: 22
203.190.232.0/24 maxlen: 24
203.190.236.0/22 maxlen: 22
2407:b000::/32 maxlen: 32
2407:b001::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/fjE6t_8m54PgPAeFFhJ1GIGuSRg.crl
rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/fjE6t_8m54PgPAeFFhJ1GIGuSRg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjE6t_8m54PgPAeFFhJ1GIGuSRg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 19:34:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3135 (0xc3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9158E3F, serialNumber=7E313AB7FF26E783E03C07851612751881AE4918
Validity
Not Before: Aug 16 19:30:02 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=68a0dc3a-51be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:51:3b:7b:88:8c:b5:c8:49:70:3c:df:91:c0:
67:c2:20:b4:21:99:1a:69:69:ae:0e:9a:09:45:3c:
6b:e9:32:43:c1:c3:72:e9:70:15:eb:b0:ab:84:24:
cc:47:59:4f:19:cb:5c:db:5c:2c:b3:f5:c0:ea:60:
7f:65:a4:7e:aa:22:af:23:32:4c:48:e2:e1:68:fb:
78:eb:0b:d6:e3:b0:42:02:ea:a4:26:98:bd:e1:f0:
98:6e:1b:4c:b5:06:5c:06:27:8f:3b:a3:28:ea:4f:
eb:62:1d:2b:b9:1d:52:dd:bc:1b:76:21:1e:cf:eb:
f7:68:76:09:f2:f6:2f:64:a1:d4:49:0c:37:a6:3f:
d5:e8:66:a4:62:13:ed:08:cd:bb:a9:2d:d6:26:31:
8d:79:40:11:d4:ca:c0:08:cc:a2:d3:b9:db:d9:3a:
74:a2:55:9c:e4:c8:da:d1:b4:48:10:2a:cd:4a:09:
e4:12:a7:a4:f0:ab:2f:ae:55:71:e5:bb:a0:7b:5a:
fa:70:42:d7:6f:22:7d:0e:94:35:b1:f4:bc:57:bd:
2a:e3:53:31:c3:86:cf:01:b7:a1:be:d0:47:0e:a5:
15:e3:8b:93:bf:c0:e5:8e:09:9a:0e:37:f0:e4:e9:
82:45:44:2a:8f:79:e9:24:13:41:0b:d3:f7:9a:20:
b9:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:34:59:95:36:3D:41:D7:34:59:4B:56:82:32:F9:36:49:06:66:7D
X509v3 Authority Key Identifier:
keyid:7E:31:3A:B7:FF:26:E7:83:E0:3C:07:85:16:12:75:18:81:AE:49:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/fjE6t_8m54PgPAeFFhJ1GIGuSRg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjE6t_8m54PgPAeFFhJ1GIGuSRg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158E3F/C24322BA544611EA8C05651DC4F9AE02/CB67A9DC8D1311EF9895E61CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.111.128.0/22
36.255.39.0/24
103.8.176.0/21
119.27.0.0-119.27.47.255
119.27.50.0-119.27.61.255
122.50.64.0/19
122.50.104.0-122.50.115.255
122.50.120.0/21
180.189.0.0/20
180.189.32.0-180.189.51.255
180.189.56.0/21
183.177.0.0-183.177.47.255
202.167.224.0/23
202.167.227.0/24
202.167.230.0-202.167.232.255
202.167.234.0-202.167.249.255
202.167.252.0/22
202.177.192.0/23
202.177.195.0-202.177.205.255
202.177.207.0/24
203.190.224.0-203.190.226.255
203.190.228.0/23
203.190.232.0/21
IPv6:
2407:b000::/31
Signature Algorithm: sha256WithRSAEncryption
8a:c1:7d:f2:9e:0d:8a:a2:45:fc:37:e2:73:56:b5:c4:f6:55:
a6:8b:7b:cc:6a:70:15:94:a7:7a:27:e2:b8:e1:75:99:66:86:
85:ad:51:9f:01:a9:c2:12:a7:02:0d:af:a9:c1:55:1c:17:04:
13:4f:8b:74:88:1e:49:b0:24:35:20:8e:04:f1:5c:32:81:d9:
ff:e4:82:2f:7f:ce:85:83:9b:6e:d5:5d:e0:94:c6:23:4d:47:
52:8e:b3:a1:8c:61:7a:86:47:a2:20:6d:f3:cf:c8:b4:59:49:
14:2d:39:08:1d:26:6c:38:55:1b:21:d4:66:b6:21:ab:1e:fd:
20:c4:fe:13:f6:9e:d8:0f:1a:90:c7:91:c9:b6:00:b7:9c:01:
d0:c3:19:e5:85:93:6e:14:0f:94:21:4b:6d:db:9f:9d:22:4c:
87:92:6f:f7:ee:e6:dd:25:b9:8f:d5:17:f9:85:04:b7:43:26:
88:8f:bf:a4:57:d0:c5:0b:9e:30:67:f5:a5:eb:75:d4:26:12:
f0:ba:14:dc:9c:a7:1a:86:c3:6a:76:50:1e:1d:e7:7a:7f:00:
a8:d9:6c:b4:c3:8f:7f:c3:1a:b5:9f:db:7d:5c:8a:01:20:33:
07:84:c2:31:5e:59:4c:c1:17:26:8a:41:79:18:fb:35:f6:e9:
2c:ec:48:37
-----BEGIN CERTIFICATE-----
MIIGTzCCBTegAwIBAgICDD8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NThFM0YxMTAvBgNVBAUTKDdFMzEzQUI3RkYyNkU3ODNFMDNDMDc4NTE2MTI3NTE4
ODFBRTQ5MTgwHhcNMjUwODE2MTkzMDAyWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGEwZGMzYS01MWJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1FE7e4iMtchJcDzfkcBnwiC0IZkaaWmuDpoJRTxr6TJDwcNy6XAV67CrhCTM
R1lPGctc21wss/XA6mB/ZaR+qiKvIzJMSOLhaPt46wvW47BCAuqkJpi94fCYbhtM
tQZcBiePO6Mo6k/rYh0ruR1S3bwbdiEez+v3aHYJ8vYvZKHUSQw3pj/V6GakYhPt
CM27qS3WJjGNeUAR1MrACMyi07nb2Tp0olWc5Mja0bRIECrNSgnkEqek8KsvrlVx
5buge1r6cELXbyJ9DpQ1sfS8V70q41Mxw4bPAbehvtBHDqUV44uTv8DljgmaDjfw
5OmCRUQqj3npJBNBC9P3miC5jwIDAQABo4IDczCCA28wHQYDVR0OBBYEFJk0WZU2
PUHXNFlLVoIy+TZJBmZ9MB8GA1UdIwQYMBaAFH4xOrf/JueD4DwHhRYSdRiBrkkY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OEUzRi9DMjQzMjJCQTU0
NDYxMUVBOEMwNTY1MURDNEY5QUUwMi9makU2dF84bTU0UGdQQWVGRmhKMUdJR3VT
UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZqRTZ0XzhtNTRQZ1BBZUZGaEoxR0lHdVNSZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NThFM0YvQzI0MzIyQkE1NDQ2MTFFQThDMDU2NTFEQzRGOUFFMDIvQ0I2N0E5REM4
RDEzMTFFRjk4OTVFNjFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgfwGCCsGAQUFBwEHAQH/
BIHsMIHpMIHXBAIAATCB0AMEAhtvgAMEACT/JwMEA2cIsDALAwMAdxsDBAR3GyAw
DAMEAXcbMgMEAXcbPAMEBXoyQDAMAwQDejJoAwQCejJwAwQDejJ4AwQEtL0AMAwD
BAW0vSADBAK0vTADBAO0vTgwCwMDALexAwQEt7EgAwQByqfgAwQAyqfjMAwDBAHK
p+YDBADKp+gwDAMEAcqn6gMEAcqn+AMEAsqn/AMEAcqxwDAMAwQAyrHDAwQByrHM
AwQAyrHPMAwDBAXLvuADBADLvuIDBAHLvuQDBAPLvugwDQQCAAIwBwMFASQHsAAw
DQYJKoZIhvcNAQELBQADggEBAIrBffKeDYqiRfw34nNWtcT2VaaLe8xqcBWUp3on
4rjhdZlmhoWtUZ8BqcISpwINr6nBVRwXBBNPi3SIHkmwJDUgjgTxXDKB2f/kgi9/
zoWDm27VXeCUxiNNR1KOs6GMYXqGR6IgbfPPyLRZSRQtOQgdJmw4VRsh1Ga2Iase
/SDE/hP2ntgPGpDHkcm2ALecAdDDGeWFk24UD5QhS23bn50iTIeSb/fu5t0luY/V
F/mFBLdDJoiPv6RX0MULnjBn9aXrddQmEvC6FNycpxqGw2p2UB4d53p/AKjZbLTD
j3/DGrWf231cigEgMweEwjFeWUzBFyaKQXkY+zX26SzsSDc=
-----END CERTIFICATE-----
Generated at Sun Aug 24 07:02:59 2025 by rpki-client