Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/844EFBDA766C11EF8CE33A86C4F9AE02.roa
File: 844EFBDA766C11EF8CE33A86C4F9AE02.roa (raw, json)
Hash identifier: vGWAfraKDZQAlToukyO5sNChFtgkll9GKUzJk3M3Lm4=
Subject key identifier: 6A:F2:D9:01:20:B3:9F:45:2E:3B:CA:2D:84:9E:39:A5:3F:E1:23:04
Certificate issuer: /CN=A9162EE1/serialNumber=6076BD0BA4DB797A72A68FEFF9BFB558C44398B2
Certificate serial: 0456
Authority key identifier: 60:76:BD:0B:A4:DB:79:7A:72:A6:8F:EF:F9:BF:B5:58:C4:43:98:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/844EFBDA766C11EF8CE33A86C4F9AE02.roa
Signing time: Tue 07 Oct 2025 00:58:08 +0000
ROA not before: Tue 07 Oct 2025 00:58:08 +0000
ROA not after: Wed 30 Dec 2026 00:00:00 +0000
asID: 147049
IP address blocks: 103.173.150.0/23 maxlen: 23
103.173.150.0/24 maxlen: 24
103.173.151.0/24 maxlen: 24
116.204.193.0/24 maxlen: 24
116.204.194.0/24 maxlen: 24
116.204.195.0/24 maxlen: 24
2407:e8c0::/48 maxlen: 48
2407:e8c0:1::/48 maxlen: 48
2407:e8c0:2::/48 maxlen: 48
2407:e8c0:3::/48 maxlen: 48
2407:e8c0:4::/48 maxlen: 48
2407:e8c0:5::/48 maxlen: 48
2407:e8c0:6::/48 maxlen: 48
2407:e8c0:7::/48 maxlen: 48
2407:e8c0:8::/48 maxlen: 48
2407:e8c0:9::/48 maxlen: 48
2407:e8c0:a::/48 maxlen: 48
2407:e8c0:b::/48 maxlen: 48
2407:e8c0:c::/48 maxlen: 48
2407:e8c0:d::/48 maxlen: 48
2407:e8c0:e::/48 maxlen: 48
2407:e8c0:f::/48 maxlen: 48
2407:e8c0:11::/48 maxlen: 48
2407:e8c0:12::/48 maxlen: 48
2407:e8c0:13::/48 maxlen: 48
2407:e8c0:1f::/48 maxlen: 48
2407:e8c0:20::/48 maxlen: 48
2407:e8c0:4a00::/40 maxlen: 40
2407:e8c0:4b00::/40 maxlen: 40
2407:e8c0:4c00::/40 maxlen: 40
2407:e8c0:4d00::/40 maxlen: 40
2407:e8c0:4e00::/40 maxlen: 40
2407:e8c0:4f00::/40 maxlen: 40
2407:e8c0:5000::/40 maxlen: 40
2407:e8c0:5100::/40 maxlen: 40
2407:e8c0:5200::/40 maxlen: 40
2407:e8c0:5300::/40 maxlen: 40
2407:e8c0:5400::/40 maxlen: 40
2407:e8c0:5500::/40 maxlen: 40
2407:e8c0:5600::/40 maxlen: 40
2407:e8c0:5700::/40 maxlen: 40
2407:e8c0:5800::/40 maxlen: 40
2407:e8c0:5a00::/40 maxlen: 40
2407:e8c0:5b00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.crl
rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 26 Oct 2025 02:23:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1110 (0x456)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162EE1, serialNumber=6076BD0BA4DB797A72A68FEFF9BFB558C44398B2
Validity
Not Before: Oct 7 00:58:08 2025 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=68e465a0-e694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:cb:f3:d1:75:f1:c5:06:2c:54:a8:64:32:0b:
12:96:90:09:b2:7a:ff:93:a8:ec:87:9b:50:99:55:
50:a0:b3:5d:fa:b3:14:ea:ea:4c:a7:00:55:3e:fb:
00:72:40:23:5c:cc:03:bc:5a:11:96:96:c5:89:1e:
fc:65:b8:7a:85:d9:8b:51:dd:a1:05:b0:87:0f:84:
fe:67:b6:8e:47:16:8f:08:e5:df:46:d6:35:b5:41:
d6:20:0c:39:d5:e1:71:8a:b9:b6:9d:2f:59:91:ba:
7f:9d:4f:13:7a:b8:eb:5c:cc:34:1b:51:84:28:20:
3b:3f:b1:14:cd:82:d3:36:c7:25:39:ed:6a:01:c9:
85:f5:12:e3:92:9f:d7:81:fe:8a:85:04:47:5e:0a:
7a:b0:a4:f4:b4:3a:45:df:70:12:78:c2:26:ed:81:
4a:9b:e1:b3:3e:cf:07:76:8d:14:ff:01:d5:44:db:
7a:b2:6a:2b:0c:05:e9:3c:6f:0a:9c:96:6e:33:85:
db:44:96:56:a2:51:62:c6:a1:42:31:23:6b:dc:0f:
c2:d5:10:86:12:1c:1c:e4:0f:2d:3f:e3:10:1e:f3:
53:21:01:e7:18:45:ee:86:fc:8a:59:1f:43:09:54:
77:bd:53:67:f7:34:d2:56:eb:1f:e7:fa:a1:7f:01:
c3:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:F2:D9:01:20:B3:9F:45:2E:3B:CA:2D:84:9E:39:A5:3F:E1:23:04
X509v3 Authority Key Identifier:
keyid:60:76:BD:0B:A4:DB:79:7A:72:A6:8F:EF:F9:BF:B5:58:C4:43:98:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/844EFBDA766C11EF8CE33A86C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.173.150.0/23
116.204.193.0-116.204.195.255
IPv6:
2407:e8c0::/44
2407:e8c0:11::-2407:e8c0:13:ffff:ffff:ffff:ffff:ffff
2407:e8c0:1f::-2407:e8c0:20:ffff:ffff:ffff:ffff:ffff
2407:e8c0:4a00::-2407:e8c0:58ff:ffff:ffff:ffff:ffff:ffff
2407:e8c0:5a00::/39
Signature Algorithm: sha256WithRSAEncryption
c8:91:a7:db:17:1e:15:63:aa:b0:fb:a4:25:b5:23:60:d5:2b:
f6:c8:0f:e0:90:46:a5:00:4b:7e:e6:7c:25:c6:55:39:9f:dd:
6d:88:53:5c:74:89:33:77:cb:b8:45:3e:b0:90:b5:75:1e:b8:
12:31:83:08:e6:1b:f0:fc:63:9b:e5:54:bd:c4:42:2d:6e:b9:
72:d3:7e:88:9a:85:70:fc:10:28:1b:1a:16:f5:21:bc:07:88:
63:82:56:d1:31:4a:5f:03:e2:47:3b:b2:65:f6:48:40:f0:88:
b8:e3:e7:fc:2f:62:7a:26:70:ca:1e:78:84:75:74:f8:60:58:
6f:da:dd:7c:a8:4c:c7:ec:da:34:6e:d9:d1:7e:da:1e:31:d1:
eb:30:b5:de:79:e8:50:74:e1:ab:23:06:44:14:a4:95:73:f0:
5e:f5:be:dc:82:9c:0d:ab:3c:90:9b:f4:12:07:31:24:a8:37:
f1:c0:de:3a:5f:60:fe:75:57:6d:47:9f:f9:92:59:a3:a2:55:
4e:f8:12:8e:63:79:d5:3e:98:6a:56:e0:a4:dd:43:d3:1b:4e:
9a:78:7d:32:0d:ab:c3:eb:af:7a:73:e4:f3:15:0a:49:cf:ef:
83:c3:be:c7:d3:be:a3:9e:a9:64:84:0c:fb:63:96:26:82:86:
1f:ce:c5:23
-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgICBFYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjJFRTExMTAvBgNVBAUTKDYwNzZCRDBCQTREQjc5N0E3MkE2OEZFRkY5QkZCNTU4
QzQ0Mzk4QjIwHhcNMjUxMDA3MDA1ODA4WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGU0NjVhMC1lNjk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu8vz0XXxxQYsVKhkMgsSlpAJsnr/k6jsh5tQmVVQoLNd+rMU6upMpwBVPvsA
ckAjXMwDvFoRlpbFiR78Zbh6hdmLUd2hBbCHD4T+Z7aORxaPCOXfRtY1tUHWIAw5
1eFxirm2nS9Zkbp/nU8TerjrXMw0G1GEKCA7P7EUzYLTNsclOe1qAcmF9RLjkp/X
gf6KhQRHXgp6sKT0tDpF33ASeMIm7YFKm+GzPs8Hdo0U/wHVRNt6smorDAXpPG8K
nJZuM4XbRJZWolFixqFCMSNr3A/C1RCGEhwc5A8tP+MQHvNTIQHnGEXuhvyKWR9D
CVR3vVNn9zTSVusf5/qhfwHDnQIDAQABo4IC9zCCAvMwHQYDVR0OBBYEFGry2QEg
s59FLjvKLYSeOaU/4SMEMB8GA1UdIwQYMBaAFGB2vQuk23l6cqaP7/m/tVjEQ5iy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MkVFMS83NTJENDJFODhG
RDIxMUVDOTQ4QTkzN0VDNEY5QUUwMi9ZSGE5QzZUYmVYcHlwb192LWItMVdNUkRt
TEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lIYTlDNlRiZVhweXBvX3YtYi0xV01SRG1MSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjJFRTEvNzUyRDQyRTg4RkQyMTFFQzk0OEE5MzdFQzRGOUFFMDIvODQ0RUZCREE3
NjZDMTFFRjhDRTMzQTg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYAGCCsGAQUFBwEHAQH/
BHEwbzAaBAIAATAUAwQBZ62WMAwDBAB0zMEDBAJ0zMAwUQQCAAIwSwMHBCQH6MAA
ADASAwcAJAfowAARAwcCJAfowAAQMBIDBwAkB+jAAB8DBwAkB+jAACAwEAMGASQH
6MBKAwYAJAfowFgDBgEkB+jAWjANBgkqhkiG9w0BAQsFAAOCAQEAyJGn2xceFWOq
sPukJbUjYNUr9sgP4JBGpQBLfuZ8JcZVOZ/dbYhTXHSJM3fLuEU+sJC1dR64EjGD
COYb8Pxjm+VUvcRCLW65ctN+iJqFcPwQKBsaFvUhvAeIY4JW0TFKXwPiRzuyZfZI
QPCIuOPn/C9ieiZwyh54hHV0+GBYb9rdfKhMx+zaNG7Z0X7aHjHR6zC13nnoUHTh
qyMGRBSklXPwXvW+3IKcDas8kJv0EgcxJKg38cDeOl9g/nVXbUef+ZJZo6JVTvgS
jmN51T6YalbgpN1D0xtOmnh9Mg2rw+uvenPk8xUKSc/vg8O+x9O+o56pZIQM+2OW
JoKGH87FIw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:55:30 2025 by rpki-client