Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/E99C5D78999011F09D326581C4F9AE02.roa
File: E99C5D78999011F09D326581C4F9AE02.roa (raw, json)
Hash identifier: KRc5l8wxQAY0kmCFWdslvfP8E+810yOkcCnLCwPkREQ=
Subject key identifier: 7F:AC:CA:BA:F6:F1:30:BF:58:A3:48:8C:8F:9C:15:1D:59:A3:A2:CC
Certificate issuer: /CN=A9173CE6/serialNumber=33195F96C46D4D285D5BDE4B0B030E38314E8FCB
Certificate serial: 06EC
Authority key identifier: 33:19:5F:96:C4:6D:4D:28:5D:5B:DE:4B:0B:03:0E:38:31:4E:8F:CB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MxlflsRtTShdW95LCwMOODFOj8s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/E99C5D78999011F09D326581C4F9AE02.roa
Signing time: Wed 24 Sep 2025 21:53:32 +0000
ROA not before: Wed 24 Sep 2025 21:53:32 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 17766
IP address blocks: 43.251.108.0/22 maxlen: 24
103.1.228.0/24 maxlen: 24
103.1.229.0/24 maxlen: 24
103.1.230.0/23 maxlen: 23
103.16.148.0/22 maxlen: 22
103.16.148.0/24 maxlen: 24
103.16.149.0/24 maxlen: 24
103.252.191.0/24 maxlen: 24
116.213.0.0/23 maxlen: 23
116.213.3.0/24 maxlen: 24
116.213.4.0/24 maxlen: 24
116.213.6.0/23 maxlen: 23
116.213.7.0/24 maxlen: 24
116.213.8.0/22 maxlen: 22
116.213.12.0/22 maxlen: 22
116.213.16.0/22 maxlen: 22
124.109.64.0/19 maxlen: 19
150.129.84.0/22 maxlen: 22
150.129.84.0/24 maxlen: 24
202.9.87.0/24 maxlen: 24
202.125.164.0/23 maxlen: 23
202.125.168.0/21 maxlen: 21
202.155.160.0/20 maxlen: 20
203.1.248.0/22 maxlen: 22
203.3.166.0/24 maxlen: 24
203.9.152.0/22 maxlen: 22
203.9.152.0/23 maxlen: 23
203.9.246.0/23 maxlen: 23
203.9.248.0/23 maxlen: 23
203.12.234.0/24 maxlen: 24
203.17.76.0/22 maxlen: 22
203.19.214.0/23 maxlen: 23
203.19.244.0/22 maxlen: 22
203.25.126.0/23 maxlen: 23
203.26.138.0/24 maxlen: 24
203.26.139.0/24 maxlen: 24
203.28.121.0/24 maxlen: 24
203.30.164.0/23 maxlen: 24
203.30.199.0/24 maxlen: 24
203.31.116.0/23 maxlen: 24
203.32.160.0/20 maxlen: 20
203.32.161.0/24 maxlen: 24
203.33.150.0/24 maxlen: 24
203.55.1.0/24 maxlen: 24
203.56.26.0/24 maxlen: 24
203.76.0.0/18 maxlen: 18
203.149.64.0/20 maxlen: 20
203.149.64.0/22 maxlen: 22
203.149.64.0/24 maxlen: 24
203.149.65.0/24 maxlen: 24
203.149.66.0/24 maxlen: 24
203.149.67.0/24 maxlen: 24
203.149.68.0/22 maxlen: 22
203.149.68.0/24 maxlen: 24
203.149.69.0/24 maxlen: 24
203.149.70.0/24 maxlen: 24
203.149.71.0/24 maxlen: 24
203.149.72.0/22 maxlen: 22
203.149.72.0/24 maxlen: 24
203.149.73.0/24 maxlen: 24
203.149.74.0/24 maxlen: 24
203.149.75.0/24 maxlen: 24
203.149.76.0/22 maxlen: 22
203.149.76.0/24 maxlen: 24
203.149.77.0/24 maxlen: 24
203.149.78.0/24 maxlen: 24
203.149.79.0/24 maxlen: 24
203.149.80.0/21 maxlen: 22
203.149.80.0/24 maxlen: 24
203.149.81.0/24 maxlen: 24
203.149.82.0/24 maxlen: 24
203.149.83.0/24 maxlen: 24
203.149.84.0/24 maxlen: 24
203.149.85.0/24 maxlen: 24
203.149.86.0/24 maxlen: 24
203.149.87.0/24 maxlen: 24
210.215.0.0/16 maxlen: 16
210.215.5.0/24 maxlen: 24
210.215.6.0/24 maxlen: 24
210.215.8.0/24 maxlen: 24
210.215.48.0/24 maxlen: 24
210.215.72.0/24 maxlen: 24
210.215.75.0/24 maxlen: 24
210.215.77.0/24 maxlen: 24
210.215.83.0/24 maxlen: 24
210.215.84.0/24 maxlen: 24
210.215.85.0/24 maxlen: 24
210.215.87.0/24 maxlen: 24
210.215.90.0/24 maxlen: 24
210.215.101.0/24 maxlen: 24
210.215.102.0/24 maxlen: 24
210.215.104.0/24 maxlen: 24
210.215.112.0/24 maxlen: 24
210.215.113.0/24 maxlen: 24
210.215.130.0/24 maxlen: 24
210.215.131.0/24 maxlen: 24
210.215.136.0/24 maxlen: 24
210.215.151.0/24 maxlen: 24
2001:db0::/32 maxlen: 32
2001:db0::/36 maxlen: 36
2001:db0:1000::/36 maxlen: 36
2001:db0:2000::/36 maxlen: 36
2001:db0:3000::/36 maxlen: 36
2001:db0:4000::/36 maxlen: 36
2001:db0:5000::/36 maxlen: 36
2001:db0:6000::/36 maxlen: 36
2001:db0:7000::/36 maxlen: 36
2001:db0:8000::/36 maxlen: 36
2001:db0:9000::/36 maxlen: 36
2001:db0:a000::/36 maxlen: 36
2001:db0:b000::/36 maxlen: 36
2001:db0:c000::/36 maxlen: 36
2001:db0:d000::/36 maxlen: 36
2001:db0:e000::/36 maxlen: 36
2001:db0:f000::/36 maxlen: 36
2404:d200::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/MxlflsRtTShdW95LCwMOODFOj8s.crl
rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/MxlflsRtTShdW95LCwMOODFOj8s.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MxlflsRtTShdW95LCwMOODFOj8s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 23:34:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1772 (0x6ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9173CE6, serialNumber=33195F96C46D4D285D5BDE4B0B030E38314E8FCB
Validity
Not Before: Sep 24 21:53:32 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=68d4685c-130d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c0:db:27:72:92:eb:e8:e9:00:a9:aa:27:0b:
69:47:e0:5c:54:fa:9c:bf:fd:42:a9:cc:3a:66:ad:
b3:50:e1:55:3b:cb:3a:a3:33:e8:02:f5:dd:2f:94:
43:d1:c6:52:ee:98:05:9e:37:9e:fe:13:5d:e5:df:
eb:51:bb:03:1c:8c:45:87:84:df:b4:36:a8:ae:a4:
5b:00:58:fa:ce:1d:15:c4:5c:13:44:dd:0a:99:41:
a4:8f:c1:98:12:b3:87:09:f0:9c:6e:72:e5:2f:c7:
8c:8d:72:db:45:fe:6c:25:67:d3:a7:86:75:ee:0c:
a2:37:52:8a:b4:84:46:80:99:4c:13:e1:09:9e:47:
56:e3:06:a5:e0:57:6b:03:db:cc:91:3e:60:ed:10:
bf:2e:c8:26:29:44:dc:21:dd:ec:48:09:be:56:df:
3f:66:db:81:f7:b3:a6:11:ab:d1:77:30:e1:dc:80:
b5:bb:c6:b5:72:47:15:ff:81:f8:75:08:c9:82:77:
83:4a:43:e9:fd:4a:11:43:b1:e0:ea:df:f1:ef:84:
d4:84:ff:bd:84:af:af:79:27:a1:43:57:4a:9d:b5:
b3:b4:7e:9b:83:13:28:8d:cb:3a:50:50:bf:e4:a9:
c4:d3:f7:92:4a:8b:68:6e:bc:17:f3:f6:67:49:82:
d6:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:AC:CA:BA:F6:F1:30:BF:58:A3:48:8C:8F:9C:15:1D:59:A3:A2:CC
X509v3 Authority Key Identifier:
keyid:33:19:5F:96:C4:6D:4D:28:5D:5B:DE:4B:0B:03:0E:38:31:4E:8F:CB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/MxlflsRtTShdW95LCwMOODFOj8s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MxlflsRtTShdW95LCwMOODFOj8s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/E99C5D78999011F09D326581C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.251.108.0/22
103.1.228.0/22
103.16.148.0/22
103.252.191.0/24
116.213.0.0/23
116.213.3.0-116.213.4.255
116.213.6.0-116.213.19.255
124.109.64.0/19
150.129.84.0/22
202.9.87.0/24
202.125.164.0/23
202.125.168.0/21
202.155.160.0/20
203.1.248.0/22
203.3.166.0/24
203.9.152.0/22
203.9.246.0-203.9.249.255
203.12.234.0/24
203.17.76.0/22
203.19.214.0/23
203.19.244.0/22
203.25.126.0/23
203.26.138.0/23
203.28.121.0/24
203.30.164.0/23
203.30.199.0/24
203.31.116.0/23
203.32.160.0/20
203.33.150.0/24
203.55.1.0/24
203.56.26.0/24
203.76.0.0/18
203.149.64.0-203.149.87.255
210.215.0.0/16
IPv6:
2001:db0::/32
2404:d200::/32
Signature Algorithm: sha256WithRSAEncryption
73:fe:b6:9e:55:6e:d4:53:f4:1e:32:4e:07:23:e8:f8:2f:69:
48:7f:9b:e6:16:b1:1e:cd:a6:ae:22:80:06:c3:44:af:66:9f:
25:ac:42:92:cf:fe:5d:76:10:2f:13:e5:bb:1a:d5:5f:11:92:
a3:9c:65:69:79:ff:b7:ff:f8:7f:3f:c2:ae:c9:56:fa:df:1e:
dd:1e:fb:c9:9e:9e:09:38:a8:c1:89:6b:51:ad:05:61:47:ec:
38:56:12:14:cc:e3:67:f0:9e:ce:ac:39:70:fa:28:8d:df:57:
03:d2:5f:77:a4:c4:35:53:9a:e0:f7:93:88:21:a3:69:e9:8f:
fd:81:3f:8d:d0:bc:16:1e:cc:33:ec:bb:80:42:56:5d:e5:e3:
b2:84:32:96:59:18:6d:e7:8b:e7:9c:87:82:7c:7f:d2:66:ff:
a0:2f:cc:aa:d8:f9:d7:8a:1c:47:2a:b9:66:27:7b:9a:89:e2:
76:74:b6:50:39:2e:9d:d0:87:26:0e:d4:77:d7:2b:d4:82:e1:
d2:de:93:8e:af:80:23:52:ae:c8:a1:e1:b8:0d:9e:2c:01:02:
17:13:e0:d9:83:08:05:8f:f4:d6:5e:2c:f3:67:13:46:0c:5d:
b1:18:d6:47:0c:da:dd:a7:a5:40:90:af:cc:51:c6:6a:0b:03:
e4:34:2a:de
-----BEGIN CERTIFICATE-----
MIIGdDCCBVygAwIBAgICBuwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzNDRTYxMTAvBgNVBAUTKDMzMTk1Rjk2QzQ2RDREMjg1RDVCREU0QjBCMDMwRTM4
MzE0RThGQ0IwHhcNMjUwOTI0MjE1MzMyWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGQ0Njg1Yy0xMzBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvcDbJ3KS6+jpAKmqJwtpR+BcVPqcv/1Cqcw6Zq2zUOFVO8s6ozPoAvXdL5RD
0cZS7pgFnjee/hNd5d/rUbsDHIxFh4TftDaorqRbAFj6zh0VxFwTRN0KmUGkj8GY
ErOHCfCcbnLlL8eMjXLbRf5sJWfTp4Z17gyiN1KKtIRGgJlME+EJnkdW4wal4Fdr
A9vMkT5g7RC/LsgmKUTcId3sSAm+Vt8/ZtuB97OmEavRdzDh3IC1u8a1ckcV/4H4
dQjJgneDSkPp/UoRQ7Hg6t/x74TUhP+9hK+veSehQ1dKnbWztH6bgxMojcs6UFC/
5KnE0/eSSotobrwX8/ZnSYLWowIDAQABo4IDmDCCA5QwHQYDVR0OBBYEFH+syrr2
8TC/WKNIjI+cFR1Zo6LMMB8GA1UdIwQYMBaAFDMZX5bEbU0oXVveSwsDDjgxTo/L
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3M0NFNi8wRThFMjc4MDdC
RDAxMUVCODVBNjY5ODBDNEY5QUUwMi9NeGxmbHNSdFRTaGRXOTVMQ3dNT09ERk9q
OHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL014bGZsc1J0VFNoZFc5NUxDd01PT0RGT2o4cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzNDRTYvMEU4RTI3ODA3QkQwMTFFQjg1QTY2OTgwQzRGOUFFMDIvRTk5QzVENzg5
OTkwMTFGMDlEMzI2NTgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEgBggrBgEFBQcBBwEB
/wSCAQ8wggELMIHyBAIAATCB6wMEAiv7bAMEAmcB5AMEAmcQlAMEAGf8vwMEAXTV
ADAMAwQAdNUDAwQAdNUEMAwDBAF01QYDBAJ01RADBAV8bUADBAKWgVQDBADKCVcD
BAHKfaQDBAPKfagDBATKm6ADBALLAfgDBADLA6YDBALLCZgwDAMEAcsJ9gMEAcsJ
+AMEAMsM6gMEAssRTAMEAcsT1gMEAssT9AMEAcsZfgMEAcsaigMEAMsceQMEAcse
pAMEAMsexwMEAcsfdAMEBMsgoAMEAMshlgMEAMs3AQMEAMs4GgMEBstMADAMAwQG
y5VAAwQDy5VQAwMA0tcwFAQCAAIwDgMFACABDbADBQAkBNIAMA0GCSqGSIb3DQEB
CwUAA4IBAQBz/raeVW7UU/QeMk4HI+j4L2lIf5vmFrEezaauIoAGw0SvZp8lrEKS
z/5ddhAvE+W7GtVfEZKjnGVpef+3//h/P8KuyVb63x7dHvvJnp4JOKjBiWtRrQVh
R+w4VhIUzONn8J7OrDlw+iiN31cD0l93pMQ1U5rg95OIIaNp6Y/9gT+N0LwWHswz
7LuAQlZd5eOyhDKWWRht54vnnIeCfH/SZv+gL8yq2PnXihxHKrlmJ3uaieJ2dLZQ
OS6d0IcmDtR31yvUguHS3pOOr4AjUq7IoeG4DZ4sAQIXE+DZgwgFj/TWXizzZxNG
DF2xGNZHDNrdp6VAkK/MUcZqCwPkNCre
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:51:03 2025 by rpki-client