Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/55124B02F3C511EFAD4ACE37C4F9AE02.roa
File: 55124B02F3C511EFAD4ACE37C4F9AE02.roa (raw, json)
Hash identifier: PZWbopYHmc3aE31K1/jNwEM+32TBUQZzoxQAmcYx//4=
Subject key identifier: 96:F4:09:3F:CC:C3:D7:92:AC:EA:B2:41:C5:78:9B:31:03:69:D2:8F
Certificate issuer: /CN=A915E475/serialNumber=745FF4F063AB5D171E05251B31E294A4BC7973B1
Certificate serial: 0A95
Authority key identifier: 74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dF_08GOrXRceBSUbMeKUpLx5c7E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/55124B02F3C511EFAD4ACE37C4F9AE02.roa
Signing time: Mon 13 Oct 2025 02:02:26 +0000
ROA not before: Mon 13 Oct 2025 02:02:26 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 38195
IP address blocks: 27.122.112.0/20 maxlen: 22
27.122.112.0/22 maxlen: 24
27.122.116.0/23 maxlen: 24
27.122.120.0/21 maxlen: 24
36.255.112.0/22 maxlen: 22
43.245.152.0/24 maxlen: 24
43.245.153.0/24 maxlen: 24
43.245.154.0/23 maxlen: 24
45.113.92.0/22 maxlen: 22
45.113.94.0/23 maxlen: 23
45.118.64.0/22 maxlen: 22
103.1.52.0/22 maxlen: 22
103.7.48.0/22 maxlen: 24
103.21.0.0/22 maxlen: 22
103.25.180.0/22 maxlen: 22
103.28.160.0/24 maxlen: 24
103.29.86.0/23 maxlen: 23
103.42.226.0/23 maxlen: 23
103.192.192.0/22 maxlen: 22
103.200.13.0/24 maxlen: 24
103.200.14.0/24 maxlen: 24
103.200.15.0/24 maxlen: 24
103.224.49.0/24 maxlen: 24
103.224.52.0/23 maxlen: 23
103.237.16.0/22 maxlen: 22
103.248.16.0/22 maxlen: 22
111.118.192.0/21 maxlen: 24
114.129.184.0/21 maxlen: 21
115.70.48.0/20 maxlen: 20
115.70.52.0/24 maxlen: 24
115.70.54.0/24 maxlen: 24
115.70.56.0/24 maxlen: 24
115.70.64.0/21 maxlen: 21
115.70.96.0/21 maxlen: 21
115.70.103.0/25 maxlen: 25
115.70.103.128/25 maxlen: 25
115.186.192.0/18 maxlen: 18
115.186.229.0/24 maxlen: 24
115.186.230.0/24 maxlen: 24
115.186.234.0/24 maxlen: 24
116.255.0.0/18 maxlen: 24
119.15.72.0/21 maxlen: 21
119.15.73.0/24 maxlen: 24
119.40.104.0/21 maxlen: 21
122.199.0.0/18 maxlen: 18
123.176.112.0/21 maxlen: 21
123.176.119.0/24 maxlen: 24
125.63.0.0/19 maxlen: 19
125.63.8.0/24 maxlen: 24
125.63.24.0/24 maxlen: 24
125.63.25.0/24 maxlen: 24
125.63.26.0/24 maxlen: 24
125.63.27.0/24 maxlen: 24
125.63.28.0/24 maxlen: 24
125.63.29.0/24 maxlen: 24
125.63.30.0/24 maxlen: 24
125.253.0.0/18 maxlen: 18
125.253.0.0/24 maxlen: 24
125.253.1.0/24 maxlen: 24
125.253.2.0/24 maxlen: 24
125.253.3.0/24 maxlen: 24
125.253.4.0/24 maxlen: 24
125.253.10.0/24 maxlen: 24
125.253.11.0/24 maxlen: 24
125.253.15.0/24 maxlen: 24
125.253.19.0/24 maxlen: 27
125.253.22.0/23 maxlen: 24
125.253.28.0/23 maxlen: 24
125.253.39.0/24 maxlen: 24
125.253.43.0/24 maxlen: 24
125.253.54.0/24 maxlen: 24
125.253.56.0/24 maxlen: 24
125.253.57.0/24 maxlen: 24
125.253.96.0/20 maxlen: 24
163.47.68.0/22 maxlen: 22
163.53.144.0/22 maxlen: 24
202.63.64.0/20 maxlen: 20
202.65.64.0/19 maxlen: 19
202.70.129.0/24 maxlen: 24
202.80.144.0/21 maxlen: 21
202.80.151.0/24 maxlen: 24
202.86.112.0/24 maxlen: 24
202.86.119.0/24 maxlen: 24
202.90.206.0/23 maxlen: 23
202.130.192.0/23 maxlen: 23
202.130.194.0/24 maxlen: 24
202.130.196.0/22 maxlen: 22
202.130.197.0/24 maxlen: 24
202.130.200.0/23 maxlen: 23
202.130.202.0/24 maxlen: 24
202.130.204.0/24 maxlen: 24
202.130.207.0/24 maxlen: 24
202.130.208.0/22 maxlen: 22
202.130.212.0/23 maxlen: 23
202.130.215.0/24 maxlen: 24
202.130.216.0/24 maxlen: 24
202.130.218.0/23 maxlen: 23
202.130.220.0/22 maxlen: 22
202.137.160.0/20 maxlen: 24
202.144.160.0/20 maxlen: 20
202.144.160.0/24 maxlen: 24
202.144.161.0/24 maxlen: 24
202.144.162.0/24 maxlen: 24
202.144.165.0/24 maxlen: 24
202.144.170.0/24 maxlen: 24
202.144.171.0/24 maxlen: 24
202.144.172.0/22 maxlen: 22
202.169.96.0/19 maxlen: 19
202.171.160.0/19 maxlen: 19
202.171.160.0/24 maxlen: 24
202.171.166.0/24 maxlen: 24
202.171.174.0/24 maxlen: 24
202.171.175.0/24 maxlen: 24
202.171.182.0/23 maxlen: 24
202.177.40.0/24 maxlen: 24
202.177.41.0/24 maxlen: 24
202.177.42.0/24 maxlen: 24
202.177.43.0/24 maxlen: 24
203.10.77.0/24 maxlen: 24
203.14.230.0/24 maxlen: 24
203.24.182.0/24 maxlen: 24
203.25.102.0/24 maxlen: 24
203.27.116.0/24 maxlen: 24
203.32.82.0/24 maxlen: 24
203.33.254.0/24 maxlen: 24
203.123.96.0/19 maxlen: 19
203.132.64.0/19 maxlen: 19
203.132.64.0/24 maxlen: 24
203.132.65.0/24 maxlen: 24
203.132.66.0/24 maxlen: 24
203.132.67.0/24 maxlen: 24
203.132.68.0/24 maxlen: 24
203.132.69.0/24 maxlen: 24
203.132.70.0/24 maxlen: 24
203.132.71.0/24 maxlen: 24
203.132.72.0/24 maxlen: 24
203.132.73.0/24 maxlen: 24
203.132.74.0/23 maxlen: 23
203.132.88.0/21 maxlen: 24
203.153.16.0/22 maxlen: 22
203.153.16.0/24 maxlen: 24
203.153.18.0/24 maxlen: 24
203.189.4.0/24 maxlen: 24
210.5.32.0/21 maxlen: 21
220.233.4.0/22 maxlen: 22
220.233.8.0/22 maxlen: 22
220.233.12.0/22 maxlen: 22
220.233.16.0/21 maxlen: 21
220.233.21.0/24 maxlen: 24
220.233.22.0/23 maxlen: 23
220.233.36.0/22 maxlen: 22
220.233.44.0/22 maxlen: 22
223.27.64.0/22 maxlen: 22
2401:d000::/28 maxlen: 28
2404:c600::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/dF_08GOrXRceBSUbMeKUpLx5c7E.crl
rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/dF_08GOrXRceBSUbMeKUpLx5c7E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dF_08GOrXRceBSUbMeKUpLx5c7E.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 21:40:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2709 (0xa95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915E475, serialNumber=745FF4F063AB5D171E05251B31E294A4BC7973B1
Validity
Not Before: Oct 13 02:02:26 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=68ec5db1-3d5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:19:2a:e6:c9:8f:d9:49:41:70:77:af:aa:93:
bb:df:91:89:8f:53:b2:3b:b7:4c:60:7b:91:1a:92:
bc:fb:4f:97:6d:96:11:f0:c0:9b:36:b8:86:e3:55:
ef:36:8c:ca:29:8c:c2:79:5a:6f:e8:a2:5d:af:b0:
cc:dd:e4:7f:24:e6:db:dc:65:9a:a3:81:f5:52:26:
32:fd:38:bd:bc:32:ca:46:db:f7:70:79:4a:e0:2b:
b5:c7:7b:ae:cf:a9:91:64:26:39:08:d1:b8:87:c6:
36:c9:fe:19:a5:fa:fa:85:52:4a:cb:11:ae:bc:fe:
77:5e:60:f2:88:c6:09:80:c5:b7:9f:99:0b:12:76:
5e:22:c1:56:c0:8b:bf:ef:70:f1:c9:cd:fb:a7:c8:
fe:2e:57:2b:97:da:fa:9e:56:80:b4:a7:ac:54:53:
26:e8:df:86:f1:22:66:8b:61:1e:b5:30:86:63:76:
d3:38:bb:8d:44:87:ae:eb:e9:7e:41:d8:bd:8e:59:
c9:c9:cc:11:30:7e:b6:e4:1a:16:44:93:a3:d5:12:
fa:55:84:9a:41:62:dd:6e:ba:e7:81:c9:cb:61:df:
b2:bb:87:00:7a:8c:47:1e:08:b9:19:1f:80:7d:9a:
d8:48:91:7f:77:ba:2a:19:c5:19:9c:23:11:ab:33:
fe:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:F4:09:3F:CC:C3:D7:92:AC:EA:B2:41:C5:78:9B:31:03:69:D2:8F
X509v3 Authority Key Identifier:
keyid:74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/dF_08GOrXRceBSUbMeKUpLx5c7E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dF_08GOrXRceBSUbMeKUpLx5c7E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/55124B02F3C511EFAD4ACE37C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.122.112.0/20
36.255.112.0/22
43.245.152.0/22
45.113.92.0/22
45.118.64.0/22
103.1.52.0/22
103.7.48.0/22
103.21.0.0/22
103.25.180.0/22
103.28.160.0/24
103.29.86.0/23
103.42.226.0/23
103.192.192.0/22
103.200.13.0-103.200.15.255
103.224.49.0/24
103.224.52.0/23
103.237.16.0/22
103.248.16.0/22
111.118.192.0/21
114.129.184.0/21
115.70.48.0-115.70.71.255
115.70.96.0/21
115.186.192.0/18
116.255.0.0/18
119.15.72.0/21
119.40.104.0/21
122.199.0.0/18
123.176.112.0/21
125.63.0.0/19
125.253.0.0/18
125.253.96.0/20
163.47.68.0/22
163.53.144.0/22
202.63.64.0/20
202.65.64.0/19
202.70.129.0/24
202.80.144.0/21
202.86.112.0/24
202.86.119.0/24
202.90.206.0/23
202.130.192.0-202.130.194.255
202.130.196.0-202.130.202.255
202.130.204.0/24
202.130.207.0-202.130.213.255
202.130.215.0-202.130.216.255
202.130.218.0-202.130.223.255
202.137.160.0/20
202.144.160.0/20
202.169.96.0/19
202.171.160.0/19
202.177.40.0/22
203.10.77.0/24
203.14.230.0/24
203.24.182.0/24
203.25.102.0/24
203.27.116.0/24
203.32.82.0/24
203.33.254.0/24
203.123.96.0/19
203.132.64.0/19
203.153.16.0/22
203.189.4.0/24
210.5.32.0/21
220.233.4.0-220.233.23.255
220.233.36.0/22
220.233.44.0/22
223.27.64.0/22
IPv6:
2401:d000::/28
2404:c600::/32
Signature Algorithm: sha256WithRSAEncryption
af:2e:45:3b:95:13:d2:06:ac:e6:45:28:9c:bd:a1:d2:41:d1:
de:87:7b:41:94:07:7f:00:f0:1c:70:ce:f9:ee:36:14:4e:e0:
d6:8a:a3:df:ca:10:20:77:ee:56:d8:13:58:a1:82:63:a5:a9:
f8:7a:8f:90:97:56:77:11:c6:6e:e5:94:14:a3:5c:fd:2f:6a:
37:d7:07:df:81:d7:db:8e:79:fe:52:9b:dd:35:f0:c8:35:12:
01:3c:69:01:09:65:fc:b6:71:40:6a:3f:71:9c:66:4c:e5:b1:
68:79:41:9d:e6:ac:41:0c:a9:32:e3:66:f2:c2:cf:13:6a:94:
2e:48:52:bc:bc:9f:89:cc:cb:06:3d:5f:37:cd:b7:23:aa:43:
4f:36:3a:0a:ca:94:5c:e0:16:58:fc:c7:2f:43:4c:f7:0d:e2:
f2:41:a4:57:c7:47:94:24:0c:3c:58:b2:f4:90:86:a9:89:15:
b5:68:9e:77:02:0e:24:66:a5:94:89:26:15:09:7c:1a:41:51:
60:22:96:9e:5d:bd:f9:c0:d7:2d:ea:85:72:11:5e:b9:e4:8b:
31:01:ec:25:a7:f6:11:6a:56:98:10:f7:ed:7f:b2:4c:10:da:
f5:f1:ac:b0:a5:4e:a6:4f:a4:b1:b8:7e:91:64:6d:61:ea:cc:
fb:fa:27:d6
-----BEGIN CERTIFICATE-----
MIIHXTCCBkWgAwIBAgICCpUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUU0NzUxMTAvBgNVBAUTKDc0NUZGNEYwNjNBQjVEMTcxRTA1MjUxQjMxRTI5NEE0
QkM3OTczQjEwHhcNMjUxMDEzMDIwMjI2WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGVjNWRiMS0zZDVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzBkq5smP2UlBcHevqpO735GJj1OyO7dMYHuRGpK8+0+XbZYR8MCbNriG41Xv
NozKKYzCeVpv6KJdr7DM3eR/JObb3GWao4H1UiYy/Ti9vDLKRtv3cHlK4Cu1x3uu
z6mRZCY5CNG4h8Y2yf4Zpfr6hVJKyxGuvP53XmDyiMYJgMW3n5kLEnZeIsFWwIu/
73Dxyc37p8j+Llcrl9r6nlaAtKesVFMm6N+G8SJmi2EetTCGY3bTOLuNRIeu6+l+
Qdi9jlnJycwRMH625BoWRJOj1RL6VYSaQWLdbrrngcnLYd+yu4cAeoxHHgi5GR+A
fZrYSJF/d7oqGcUZnCMRqzP+QQIDAQABo4IEgTCCBH0wHQYDVR0OBBYEFJb0CT/M
w9eSrOqyQcV4mzEDadKPMB8GA1UdIwQYMBaAFHRf9PBjq10XHgUlGzHilKS8eXOx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RTQ3NS9EQTgzQUE3QUNB
MTExMUVBQTQ3OUM3MzRDNEY5QUUwMi9kRl8wOEdPclhSY2VCU1ViTWVLVXBMeDVj
N0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RGXzA4R09yWFJjZUJTVWJNZUtVcEx4NWM3RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUU0NzUvREE4M0FBN0FDQTExMTFFQUE0NzlDNzM0QzRGOUFFMDIvNTUxMjRCMDJG
M0M1MTFFRkFENEFDRTM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggIJBggrBgEFBQcBBwEB
/wSCAfgwggH0MIIB2gQCAAEwggHSAwQEG3pwAwQCJP9wAwQCK/WYAwQCLXFcAwQC
LXZAAwQCZwE0AwQCZwcwAwQCZxUAAwQCZxm0AwQAZxygAwQBZx1WAwQBZyriAwQC
Z8DAMAwDBABnyA0DBARnyAADBABn4DEDBAFn4DQDBAJn7RADBAJn+BADBANvdsAD
BANygbgwDAMEBHNGMAMEA3NGQAMEA3NGYAMEBnO6wAMEBnT/AAMEA3cPSAMEA3co
aAMEBnrHAAMEA3uwcAMEBX0/AAMEBn39AAMEBH39YAMEAqMvRAMEAqM1kAMEBMo/
QAMEBcpBQAMEAMpGgQMEA8pQkAMEAMpWcAMEAMpWdwMEAcpazjAMAwQGyoLAAwQA
yoLCMAwDBALKgsQDBADKgsoDBADKgswwDAMEAMqCzwMEAcqC1DAMAwQAyoLXAwQA
yoLYMAwDBAHKgtoDBAXKgsADBATKiaADBATKkKADBAXKqWADBAXKq6ADBALKsSgD
BADLCk0DBADLDuYDBADLGLYDBADLGWYDBADLG3QDBADLIFIDBADLIf4DBAXLe2AD
BAXLhEADBALLmRADBADLvQQDBAPSBSAwDAMEAtzpBAMEA9zpEAMEAtzpJAMEAtzp
LAMEAt8bQDAUBAIAAjAOAwUEJAHQAAMFACQExgAwDQYJKoZIhvcNAQELBQADggEB
AK8uRTuVE9IGrOZFKJy9odJB0d6He0GUB38A8BxwzvnuNhRO4NaKo9/KECB37lbY
E1ihgmOlqfh6j5CXVncRxm7llBSjXP0vajfXB9+B19uOef5Sm9018Mg1EgE8aQEJ
Zfy2cUBqP3GcZkzlsWh5QZ3mrEEMqTLjZvLCzxNqlC5IUry8n4nMywY9XzfNtyOq
Q082OgrKlFzgFlj8xy9DTPcN4vJBpFfHR5QkDDxYsvSQhqmJFbVonncCDiRmpZSJ
JhUJfBpBUWAilp5dvfnA1y3qhXIRXrnkizEB7CWn9hFqVpgQ9+1/skwQ2vXxrLCl
TqZPpLG4fpFkbWHqzPv6J9Y=
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:13:10 2025 by rpki-client