Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/75D2A3666E8011EF92BDE465C4F9AE02.roa
File: 75D2A3666E8011EF92BDE465C4F9AE02.roa (raw, json)
Hash identifier: y+uJHyht1alI7ZPC3JmvnuhjGbEy3LzzaLiSY5fiRNU=
Subject key identifier: 6D:F3:95:35:CF:D0:ED:80:86:E3:6D:62:8F:E4:D1:13:87:37:D0:F4
Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Certificate serial: 1D80
Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/75D2A3666E8011EF92BDE465C4F9AE02.roa
Signing time: Wed 24 Sep 2025 16:34:35 +0000
ROA not before: Wed 24 Sep 2025 16:34:35 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 132165
IP address blocks: 43.245.128.0/24 maxlen: 24
43.245.129.0/24 maxlen: 24
43.245.130.0/24 maxlen: 24
43.245.131.0/24 maxlen: 24
103.12.120.0/24 maxlen: 24
103.12.121.0/24 maxlen: 24
103.12.122.0/24 maxlen: 24
103.12.123.0/24 maxlen: 24
111.119.160.0/24 maxlen: 24
111.119.161.0/24 maxlen: 24
111.119.162.0/24 maxlen: 24
111.119.163.0/24 maxlen: 24
111.119.164.0/24 maxlen: 24
111.119.165.0/24 maxlen: 24
111.119.166.0/24 maxlen: 24
111.119.167.0/24 maxlen: 24
113.203.192.0/24 maxlen: 24
113.203.193.0/24 maxlen: 24
113.203.195.0/24 maxlen: 24
113.203.200.0/24 maxlen: 24
113.203.201.0/24 maxlen: 24
113.203.202.0/24 maxlen: 24
113.203.203.0/24 maxlen: 24
113.203.204.0/24 maxlen: 24
113.203.205.0/24 maxlen: 24
113.203.207.0/24 maxlen: 24
115.42.64.0/24 maxlen: 24
115.42.65.0/24 maxlen: 24
115.42.66.0/24 maxlen: 24
115.42.67.0/24 maxlen: 24
115.42.68.0/24 maxlen: 24
115.42.69.0/24 maxlen: 24
115.42.70.0/24 maxlen: 24
115.42.71.0/24 maxlen: 24
118.103.226.0/24 maxlen: 24
118.103.227.0/24 maxlen: 24
118.103.228.0/24 maxlen: 24
118.103.229.0/24 maxlen: 24
118.103.230.0/24 maxlen: 24
118.103.231.0/24 maxlen: 24
118.103.232.0/24 maxlen: 24
118.103.233.0/24 maxlen: 24
118.103.234.0/24 maxlen: 24
118.103.235.0/24 maxlen: 24
118.103.236.0/24 maxlen: 24
118.103.237.0/24 maxlen: 24
118.103.238.0/24 maxlen: 24
118.103.239.0/24 maxlen: 24
2406:d00::/48 maxlen: 48
2406:d00:2222::/48 maxlen: 48
2406:d00:5555::/48 maxlen: 48
2406:d00:aaaa::/48 maxlen: 48
2406:d00:bbbb::/48 maxlen: 48
2406:d00:ccaa::/47 maxlen: 48
2406:d00:ccad::/48 maxlen: 48
2406:d00:ccc0::/46 maxlen: 48
2406:d00:cccc::/46 maxlen: 48
2406:d00:cce0::/48 maxlen: 48
2406:d00:ccea::/48 maxlen: 48
2406:d00:ddc1::/48 maxlen: 48
2406:d00:ddcc::/48 maxlen: 48
2406:d00:ddd1::/48 maxlen: 48
2406:d00:dddd::/48 maxlen: 48
2406:d00:ddf1::/48 maxlen: 48
2406:d00:ddff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 16:29:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7552 (0x1d80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917A84A, serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Validity
Not Before: Sep 24 16:34:35 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=68d41d9b-0290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:03:21:3e:d9:d1:6f:5f:29:b4:6a:1d:45:62:
03:3f:30:04:34:3a:5d:af:6d:c6:62:45:72:99:01:
c7:bb:de:e5:4a:85:61:b3:72:0f:b1:1a:ca:85:ab:
ca:71:76:a6:8c:f8:dc:df:06:5d:bf:34:f1:2c:dc:
e4:27:91:e1:ac:29:5c:c3:18:bc:e8:36:bd:b1:08:
f3:9c:40:a3:1d:9e:e2:c6:73:f5:bc:97:f1:7f:69:
da:c5:4f:fd:40:77:d6:22:cd:21:a4:38:27:57:2e:
d4:24:b4:4f:2b:f0:44:be:a8:33:a8:fd:e5:0b:17:
58:f3:ad:3e:93:2f:98:e2:f0:3d:fb:29:70:5a:cb:
1e:af:62:87:9c:bb:4d:39:99:22:91:7c:9c:f6:d0:
a4:e9:12:2b:9e:65:5b:cb:ad:e6:58:3e:ff:d5:7a:
77:ea:0e:33:4c:2f:41:b2:ad:4f:af:75:58:05:4d:
34:3e:2e:ba:be:c8:76:80:12:cf:25:07:5a:05:e5:
23:89:f1:3e:6a:ac:ce:b4:1e:ce:dc:f9:3a:bc:dc:
5e:e0:4e:b5:7e:4c:c9:61:99:73:c4:35:72:3b:9b:
9f:d5:23:85:32:6d:e0:94:ec:2c:8d:74:6e:d6:47:
bb:2e:4c:6f:df:93:46:a7:9d:03:bf:e4:16:5b:58:
b5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:F3:95:35:CF:D0:ED:80:86:E3:6D:62:8F:E4:D1:13:87:37:D0:F4
X509v3 Authority Key Identifier:
keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/75D2A3666E8011EF92BDE465C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.245.128.0/22
103.12.120.0/22
111.119.160.0/21
113.203.192.0/23
113.203.195.0/24
113.203.200.0-113.203.205.255
113.203.207.0/24
115.42.64.0/21
118.103.226.0-118.103.239.255
IPv6:
2406:d00::/48
2406:d00:2222::/48
2406:d00:5555::/48
2406:d00:aaaa::/48
2406:d00:bbbb::/48
2406:d00:ccaa::/47
2406:d00:ccad::/48
2406:d00:ccc0::/46
2406:d00:cccc::/46
2406:d00:cce0::/48
2406:d00:ccea::/48
2406:d00:ddc1::/48
2406:d00:ddcc::/48
2406:d00:ddd1::/48
2406:d00:dddd::/48
2406:d00:ddf1::/48
2406:d00:ddff::/48
Signature Algorithm: sha256WithRSAEncryption
af:20:95:ed:3a:ea:77:ca:5d:8e:51:f5:44:8a:3d:85:da:e8:
70:ca:bf:80:b2:ce:0d:28:7b:c4:5c:b9:6d:30:56:cc:63:a4:
4f:b6:ec:c8:f9:b3:25:35:1d:ee:88:06:8d:82:2a:a1:90:ac:
78:36:e6:39:ef:53:3b:e0:5e:76:c5:ea:f3:19:c9:e6:d3:27:
40:c4:bd:b8:50:8e:eb:81:19:9d:78:f9:bb:0a:fd:c1:3d:1a:
2a:58:b4:9a:00:c3:aa:08:ef:b6:5a:7f:3c:e2:0a:ba:c4:a9:
c8:ce:46:d2:85:58:32:48:91:50:f2:cf:ea:51:85:e6:93:50:
b4:a0:ab:7f:f8:41:6d:55:6b:68:11:b0:8b:0b:08:5b:65:81:
b6:5d:fe:ea:eb:dd:11:99:ff:80:01:89:11:6e:7d:89:8a:a0:
6e:01:5e:f9:5c:4b:7c:39:7f:2c:24:1e:f9:4c:b7:a5:a2:b7:
c7:e8:6f:4a:58:a3:58:ae:d7:01:ba:70:2d:94:14:ed:c8:c2:
60:21:b7:eb:10:6c:d8:29:0b:32:60:e3:be:0a:ca:e6:3f:9a:
87:04:99:8f:c3:2d:ef:d6:43:05:33:16:fe:7f:99:43:96:fb:
c7:31:24:d5:27:41:e8:8b:e2:dc:88:2a:a4:8a:56:8b:a1:e7:
fe:21:19:e7
-----BEGIN CERTIFICATE-----
MIIGWDCCBUCgAwIBAgICHYAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB
ODEzOTYwM0EwHhcNMjUwOTI0MTYzNDM1WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGQ0MWQ5Yi0wMjkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqQMhPtnRb18ptGodRWIDPzAENDpdr23GYkVymQHHu97lSoVhs3IPsRrKhavK
cXamjPjc3wZdvzTxLNzkJ5HhrClcwxi86Da9sQjznECjHZ7ixnP1vJfxf2naxU/9
QHfWIs0hpDgnVy7UJLRPK/BEvqgzqP3lCxdY860+ky+Y4vA9+ylwWsser2KHnLtN
OZkikXyc9tCk6RIrnmVby63mWD7/1Xp36g4zTC9Bsq1Pr3VYBU00Pi66vsh2gBLP
JQdaBeUjifE+aqzOtB7O3Pk6vNxe4E61fkzJYZlzxDVyO5uf1SOFMm3glOwsjXRu
1ke7Lkxv35NGp50Dv+QWW1i1aQIDAQABo4IDfDCCA3gwHQYDVR0OBBYEFG3zlTXP
0O2AhuNtYo/k0ROHN9D0MB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx
RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ
RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0E4NEEvMTgwNTE5MUFFMUVGMTFFNjlEMzY1MDFCQzRGOUFFMDIvNzVEMkEzNjY2
RTgwMTFFRjkyQkRFNDY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEEBggrBgEFBQcBBwEB
/wSB9DCB8TBMBAIAATBGAwQCK/WAAwQCZwx4AwQDb3egAwQBccvAAwQAccvDMAwD
BANxy8gDBAFxy8wDBABxy88DBANzKkAwDAMEAXZn4gMEBHZn4DCBoAQCAAIwgZkD
BwAkBg0AAAADBwAkBg0AIiIDBwAkBg0AVVUDBwAkBg0AqqoDBwAkBg0Au7sDBwEk
Bg0AzKoDBwAkBg0AzK0DBwIkBg0AzMADBwIkBg0AzMwDBwAkBg0AzOADBwAkBg0A
zOoDBwAkBg0A3cEDBwAkBg0A3cwDBwAkBg0A3dEDBwAkBg0A3d0DBwAkBg0A3fED
BwAkBg0A3f8wDQYJKoZIhvcNAQELBQADggEBAK8gle066nfKXY5R9USKPYXa6HDK
v4Cyzg0oe8RcuW0wVsxjpE+27Mj5syU1He6IBo2CKqGQrHg25jnvUzvgXnbF6vMZ
yebTJ0DEvbhQjuuBGZ14+bsK/cE9GipYtJoAw6oI77ZafzziCrrEqcjORtKFWDJI
kVDyz+pRheaTULSgq3/4QW1Va2gRsIsLCFtlgbZd/urr3RGZ/4ABiRFufYmKoG4B
XvlcS3w5fywkHvlMt6Wit8fob0pYo1iu1wG6cC2UFO3IwmAht+sQbNgpCzJg474K
yuY/mocEmY/DLe/WQwUzFv5/mUOW+8cxJNUnQeiL4tyIKqSKVouh5/4hGec=
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:04:19 2025 by rpki-client