Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/AD3B2582EF9A11EDA4E50366C4F9AE02.roa
File: AD3B2582EF9A11EDA4E50366C4F9AE02.roa (raw, json)
Hash identifier: jFhmcGLcWRMJb2NQjPMrP9b0nQzmycMaQ535WZNL3p0=
Subject key identifier: 58:3E:DE:91:AC:1A:DD:73:A4:8B:FA:53:92:89:1C:17:0C:1A:C0:7C
Certificate issuer: /CN=A91798AD/serialNumber=7C1A0F48EA43231FA3343D592821EF29E8D2B31B
Certificate serial: 1C98
Authority key identifier: 7C:1A:0F:48:EA:43:23:1F:A3:34:3D:59:28:21:EF:29:E8:D2:B3:1B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fBoPSOpDIx-jND1ZKCHvKejSsxs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/AD3B2582EF9A11EDA4E50366C4F9AE02.roa
Signing time: Tue 09 Sep 2025 07:56:30 +0000
ROA not before: Tue 09 Sep 2025 07:56:30 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 4761
IP address blocks: 103.105.24.0/24 maxlen: 24
103.105.25.0/24 maxlen: 24
103.105.27.0/24 maxlen: 24
103.108.20.0/24 maxlen: 24
103.108.21.0/24 maxlen: 24
103.108.22.0/24 maxlen: 24
103.108.23.0/24 maxlen: 24
114.0.0.0/16 maxlen: 24
114.1.0.0/16 maxlen: 24
114.2.0.0/16 maxlen: 24
114.3.0.0/16 maxlen: 24
114.4.0.0/16 maxlen: 24
114.5.0.0/16 maxlen: 24
114.6.0.0/16 maxlen: 24
114.7.0.0/16 maxlen: 24
114.8.0.0/16 maxlen: 24
114.9.0.0/16 maxlen: 24
114.10.0.0/16 maxlen: 23
114.10.0.0/19 maxlen: 24
114.10.33.0/24 maxlen: 24
114.10.34.0/23 maxlen: 24
114.10.36.0/22 maxlen: 24
114.10.40.0/21 maxlen: 24
114.10.48.0/20 maxlen: 24
114.10.64.0/18 maxlen: 24
114.10.128.0/17 maxlen: 24
114.11.0.0/16 maxlen: 24
114.12.0.0/16 maxlen: 24
114.13.0.0/16 maxlen: 24
114.14.0.0/16 maxlen: 24
114.15.0.0/16 maxlen: 24
120.160.0.0/11 maxlen: 11
120.188.0.0/21 maxlen: 21
120.188.0.0/22 maxlen: 22
120.188.4.0/22 maxlen: 22
120.188.4.0/24 maxlen: 24
120.188.32.0/21 maxlen: 21
120.188.34.0/23 maxlen: 23
120.188.37.0/24 maxlen: 24
120.188.39.0/24 maxlen: 24
120.188.64.0/22 maxlen: 22
120.188.64.0/23 maxlen: 23
120.188.66.0/23 maxlen: 23
120.188.72.0/21 maxlen: 21
120.188.72.0/22 maxlen: 22
120.188.76.0/22 maxlen: 22
120.188.80.0/21 maxlen: 21
120.188.80.0/22 maxlen: 22
120.188.84.0/22 maxlen: 22
120.188.92.0/22 maxlen: 22
124.195.2.0/24 maxlen: 24
124.195.3.0/24 maxlen: 24
124.195.5.0/24 maxlen: 24
124.195.6.0/23 maxlen: 24
124.195.8.0/23 maxlen: 24
124.195.12.0/22 maxlen: 22
124.195.12.0/23 maxlen: 24
124.195.15.0/24 maxlen: 24
124.195.16.0/24 maxlen: 24
124.195.18.0/24 maxlen: 24
124.195.19.0/24 maxlen: 24
124.195.26.0/23 maxlen: 24
124.195.28.0/23 maxlen: 24
124.195.32.0/23 maxlen: 24
124.195.34.0/23 maxlen: 24
124.195.36.0/23 maxlen: 24
124.195.48.0/22 maxlen: 22
124.195.48.0/23 maxlen: 23
124.195.50.0/24 maxlen: 24
124.195.51.0/24 maxlen: 24
124.195.52.0/22 maxlen: 22
124.195.52.0/24 maxlen: 24
124.195.54.0/23 maxlen: 24
124.195.56.0/22 maxlen: 22
124.195.58.0/23 maxlen: 24
124.195.124.0/23 maxlen: 24
202.93.32.0/20 maxlen: 20
202.93.32.0/24 maxlen: 24
202.93.33.0/24 maxlen: 24
202.93.34.0/24 maxlen: 24
202.93.36.0/24 maxlen: 24
202.93.39.0/24 maxlen: 24
202.93.40.0/23 maxlen: 23
202.93.41.0/24 maxlen: 24
202.93.42.0/24 maxlen: 24
202.93.43.0/24 maxlen: 24
202.93.44.0/24 maxlen: 24
202.93.46.0/24 maxlen: 24
202.93.47.0/24 maxlen: 24
202.152.160.0/20 maxlen: 20
202.152.160.0/24 maxlen: 24
202.152.162.0/24 maxlen: 24
202.152.163.0/24 maxlen: 24
202.152.168.0/24 maxlen: 24
202.152.175.0/24 maxlen: 24
2407::/32 maxlen: 32
2407:0:33bc::/46 maxlen: 46
2407:0:33c0::/43 maxlen: 43
2407:0:3780::/44 maxlen: 44
2407:0:3790::/44 maxlen: 44
2407:0:37a0::/44 maxlen: 44
2407:0:37b0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/fBoPSOpDIx-jND1ZKCHvKejSsxs.crl
rsync://rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/fBoPSOpDIx-jND1ZKCHvKejSsxs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fBoPSOpDIx-jND1ZKCHvKejSsxs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 27 Oct 2025 16:31:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7320 (0x1c98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91798AD, serialNumber=7C1A0F48EA43231FA3343D592821EF29E8D2B31B
Validity
Not Before: Sep 9 07:56:30 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=68bfddae-37ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:cd:cf:c5:b0:7a:34:e3:b4:d7:43:5b:5a:d7:
82:53:45:7f:6c:34:df:46:5b:26:f3:8b:eb:0b:bc:
26:7f:22:a3:42:a5:a9:fb:9b:14:7b:de:56:24:11:
ca:33:23:e7:fe:cc:d0:21:62:08:cb:45:5c:d8:d3:
95:9c:c8:bb:1e:b8:7e:55:f6:cf:6d:63:f4:ef:f1:
03:a8:21:67:46:1a:ce:c0:49:9f:0c:3a:7e:a2:96:
d2:38:b5:d8:f1:ed:a5:0b:6e:a0:9b:41:73:0a:f7:
f6:42:7c:2d:3a:37:a2:12:68:44:38:14:99:01:b6:
5f:ea:42:f8:36:80:13:0a:42:b5:67:d8:a9:40:2d:
f0:b9:d3:b2:44:a2:4f:d7:74:1a:22:7d:ee:71:9a:
66:01:5e:66:44:27:b5:31:39:89:59:ab:9d:99:26:
64:ee:c8:be:7e:69:38:3c:d0:91:19:21:70:29:91:
9d:eb:0c:55:1a:0e:91:4b:81:11:30:d4:f8:11:04:
31:03:f6:5e:f1:7e:56:51:03:98:b1:4f:c6:ec:57:
92:0c:31:83:e0:5a:1e:99:85:26:86:6b:6e:fb:2f:
4b:1a:8d:39:18:51:a1:8f:6c:d0:37:f9:18:e9:6f:
8d:5b:e6:25:9f:d0:10:c5:21:4d:d0:a9:2a:8e:c3:
6e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:3E:DE:91:AC:1A:DD:73:A4:8B:FA:53:92:89:1C:17:0C:1A:C0:7C
X509v3 Authority Key Identifier:
keyid:7C:1A:0F:48:EA:43:23:1F:A3:34:3D:59:28:21:EF:29:E8:D2:B3:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/fBoPSOpDIx-jND1ZKCHvKejSsxs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fBoPSOpDIx-jND1ZKCHvKejSsxs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/AD3B2582EF9A11EDA4E50366C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.105.24.0/23
103.105.27.0/24
103.108.20.0/22
114.0.0.0/12
120.160.0.0/11
124.195.2.0/23
124.195.5.0-124.195.9.255
124.195.12.0-124.195.16.255
124.195.18.0/23
124.195.26.0-124.195.29.255
124.195.32.0-124.195.37.255
124.195.48.0-124.195.59.255
124.195.124.0/23
202.93.32.0/20
202.152.160.0/20
IPv6:
2407::/32
Signature Algorithm: sha256WithRSAEncryption
22:78:3c:89:a4:74:f1:f3:5b:d6:5c:fd:16:91:75:4e:55:19:
5f:d7:05:42:6f:ec:b0:36:cd:3d:fe:4d:83:bb:d1:b9:20:ad:
c7:c5:b6:21:dc:a3:ac:48:4b:1a:0a:4b:04:ac:74:ae:44:18:
5c:49:a3:ed:18:77:3e:2a:58:7a:81:5d:fb:ac:8a:dc:a7:cb:
7f:08:c0:73:9c:a3:5c:c9:b3:a0:32:6f:22:9e:ff:e0:78:0d:
c0:13:1e:f8:83:07:1b:80:30:0e:68:f8:90:39:bc:c8:2e:8d:
f2:55:55:0d:1a:93:0d:0c:8f:38:2e:33:32:d9:6c:f5:ef:53:
53:36:49:d8:3b:24:b0:70:3c:bc:f6:ff:4a:b6:55:7f:3d:d5:
08:8e:98:ac:a0:e1:4c:21:c5:85:27:00:e0:1e:70:73:c2:ee:
65:09:20:93:9c:eb:ad:ae:53:35:98:63:07:31:d1:0b:46:20:
ae:b0:58:c9:fd:fd:fd:6c:03:ef:d7:bd:81:aa:ba:13:0c:91:
0d:a5:ff:49:0e:27:fe:dc:71:e3:f0:68:b1:48:d0:a1:0e:ae:
68:0d:0a:77:e5:97:55:70:d1:a8:ca:75:57:5b:46:42:c4:de:
1c:76:eb:37:4f:25:84:c8:2f:e7:76:13:b3:44:c8:d9:3a:44:
ee:a7:c1:50
-----BEGIN CERTIFICATE-----
MIIF/zCCBOegAwIBAgICHJgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Nzk4QUQxMTAvBgNVBAUTKDdDMUEwRjQ4RUE0MzIzMUZBMzM0M0Q1OTI4MjFFRjI5
RThEMkIzMUIwHhcNMjUwOTA5MDc1NjMwWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGJmZGRhZS0zN2VlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3s3PxbB6NOO010NbWteCU0V/bDTfRlsm84vrC7wmfyKjQqWp+5sUe95WJBHK
MyPn/szQIWIIy0Vc2NOVnMi7Hrh+VfbPbWP07/EDqCFnRhrOwEmfDDp+opbSOLXY
8e2lC26gm0FzCvf2QnwtOjeiEmhEOBSZAbZf6kL4NoATCkK1Z9ipQC3wudOyRKJP
13QaIn3ucZpmAV5mRCe1MTmJWaudmSZk7si+fmk4PNCRGSFwKZGd6wxVGg6RS4ER
MNT4EQQxA/Ze8X5WUQOYsU/G7FeSDDGD4FoemYUmhmtu+y9LGo05GFGhj2zQN/kY
6W+NW+Yln9AQxSFN0KkqjsNuhwIDAQABo4IDIzCCAx8wHQYDVR0OBBYEFFg+3pGs
Gt1zpIv6U5KJHBcMGsB8MB8GA1UdIwQYMBaAFHwaD0jqQyMfozQ9WSgh7yno0rMb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OThBRC83MEVGQjRBQ0ZF
MkExMUU2OEYyQzVBMTNDNEY5QUUwMi9mQm9QU09wREl4LWpORDFaS0NIdktlalNz
eHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZCb1BTT3BESXgtak5EMVpLQ0h2S2VqU3N4cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Nzk4QUQvNzBFRkI0QUNGRTJBMTFFNjhGMkM1QTEzQzRGOUFFMDIvQUQzQjI1ODJF
RjlBMTFFREE0RTUwMzY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgawGCCsGAQUFBwEHAQH/
BIGcMIGZMIGHBAIAATCBgAMEAWdpGAMEAGdpGwMEAmdsFAMDBHIAAwMFeKADBAF8
wwIwDAMEAHzDBQMEAXzDCDAMAwQCfMMMAwQAfMMQAwQBfMMSMAwDBAF8wxoDBAF8
wxwwDAMEBXzDIAMEAXzDJDAMAwQEfMMwAwQCfMM4AwQBfMN8AwQEyl0gAwQEypig
MA0EAgACMAcDBQAkBwAAMA0GCSqGSIb3DQEBCwUAA4IBAQAieDyJpHTx81vWXP0W
kXVOVRlf1wVCb+ywNs09/k2Du9G5IK3HxbYh3KOsSEsaCksErHSuRBhcSaPtGHc+
Klh6gV37rIrcp8t/CMBznKNcybOgMm8inv/geA3AEx74gwcbgDAOaPiQObzILo3y
VVUNGpMNDI84LjMy2Wz171NTNknYOySwcDy89v9KtlV/PdUIjpisoOFMIcWFJwDg
HnBzwu5lCSCTnOutrlM1mGMHMdELRiCusFjJ/f39bAPv172BqroTDJENpf9JDif+
3HHj8GixSNChDq5oDQp35ZdVcNGoynVXW0ZCxN4cdus3TyWEyC/ndhOzRMjZOkTu
p8FQ
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:57:34 2025 by rpki-client