Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/A29253A69DAA11F08407D362C4F9AE02.roa
File: A29253A69DAA11F08407D362C4F9AE02.roa (raw, json)
Hash identifier: TeAb/CJ1jG0ZHG8y7zd70vALsFMm/SQtIQeZj/RK5xI=
Subject key identifier: F2:82:29:58:81:0B:0D:DE:85:31:71:51:F5:1A:84:5E:5E:94:E8:99
Certificate issuer: /CN=A9182CFC/serialNumber=8027E0EF54D00B61F7136F09719BFCF4C4533405
Certificate serial: 3504
Authority key identifier: 80:27:E0:EF:54:D0:0B:61:F7:13:6F:09:71:9B:FC:F4:C4:53:34:05
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gCfg71TQC2H3E28JcZv89MRTNAU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/A29253A69DAA11F08407D362C4F9AE02.roa
Signing time: Tue 30 Sep 2025 03:07:45 +0000
ROA not before: Tue 30 Sep 2025 03:07:45 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 9892
IP address blocks: 114.129.33.0/24 maxlen: 24
114.129.36.0/22 maxlen: 22
114.129.36.0/24 maxlen: 24
114.129.38.0/24 maxlen: 24
114.129.40.0/23 maxlen: 23
114.129.41.0/24 maxlen: 24
114.129.45.0/24 maxlen: 24
114.129.46.0/24 maxlen: 24
114.129.47.0/24 maxlen: 24
123.100.235.0/24 maxlen: 24
123.100.236.0/22 maxlen: 22
123.100.236.0/24 maxlen: 24
123.100.237.0/24 maxlen: 24
123.100.238.0/23 maxlen: 23
123.100.240.0/22 maxlen: 22
123.100.241.0/24 maxlen: 24
123.100.244.0/23 maxlen: 23
123.100.244.0/24 maxlen: 24
123.100.245.0/24 maxlen: 24
123.100.248.0/21 maxlen: 21
123.100.251.0/24 maxlen: 24
123.100.252.0/24 maxlen: 24
202.157.128.0/21 maxlen: 21
202.157.136.0/22 maxlen: 22
202.157.142.0/23 maxlen: 23
202.157.148.0/24 maxlen: 24
202.157.152.0/24 maxlen: 24
202.157.160.0/20 maxlen: 20
202.157.160.0/21 maxlen: 21
202.157.168.0/21 maxlen: 21
202.160.120.0/24 maxlen: 24
202.160.121.0/24 maxlen: 24
202.160.122.0/24 maxlen: 24
202.160.123.0/24 maxlen: 24
203.83.250.0/24 maxlen: 24
203.142.16.0/21 maxlen: 21
203.142.24.0/23 maxlen: 23
203.142.27.0/24 maxlen: 24
2404:4800::/48 maxlen: 48
2404:4800:1::/48 maxlen: 48
2404:4800:2::/48 maxlen: 48
2404:4800:3::/48 maxlen: 48
2404:4800:20::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/gCfg71TQC2H3E28JcZv89MRTNAU.crl
rsync://rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/gCfg71TQC2H3E28JcZv89MRTNAU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gCfg71TQC2H3E28JcZv89MRTNAU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 14:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13572 (0x3504)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9182CFC, serialNumber=8027E0EF54D00B61F7136F09719BFCF4C4533405
Validity
Not Before: Sep 30 03:07:45 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=68db4980-a9d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ba:58:91:77:8c:f2:bf:ac:ef:0d:f7:09:bb:
17:7f:74:92:93:74:f1:f6:72:60:1b:06:17:97:0a:
d8:cc:f8:2f:bc:bb:52:07:30:fd:83:ec:7d:12:6f:
05:30:bf:de:46:89:fb:de:7d:10:42:69:3b:24:9d:
de:cc:ad:f5:29:02:c8:bb:5c:e1:04:db:8d:75:31:
e9:0e:03:51:ec:04:9b:10:61:bf:ae:89:6e:f3:4f:
f6:6f:9e:e2:e5:e0:04:41:dd:39:54:d0:cb:d7:c9:
d8:9b:dc:37:c8:50:53:be:e2:72:7e:24:96:f7:df:
8d:33:da:86:30:4c:df:ee:66:90:59:34:91:bd:ce:
b3:c9:b0:60:5a:bf:aa:30:b2:84:b4:28:bf:20:7b:
92:a3:ca:d5:2f:e4:e5:3c:40:f5:d1:0d:19:c9:1f:
8d:a4:e4:ac:1f:b0:98:74:19:ad:fc:82:11:00:3b:
2c:64:7c:2b:d1:21:e1:f4:8e:91:83:b4:88:2c:a4:
7d:ce:26:cd:df:8d:16:d3:6e:5c:8f:3d:03:bf:52:
91:f7:ca:bd:42:02:4b:c6:90:cb:04:9e:76:3e:40:
af:91:d1:5e:90:fd:18:6a:1c:45:71:29:82:90:dc:
ff:fe:25:58:a2:61:77:91:81:c5:65:ae:78:21:44:
72:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:82:29:58:81:0B:0D:DE:85:31:71:51:F5:1A:84:5E:5E:94:E8:99
X509v3 Authority Key Identifier:
keyid:80:27:E0:EF:54:D0:0B:61:F7:13:6F:09:71:9B:FC:F4:C4:53:34:05
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/gCfg71TQC2H3E28JcZv89MRTNAU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gCfg71TQC2H3E28JcZv89MRTNAU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/A29253A69DAA11F08407D362C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
114.129.33.0/24
114.129.36.0-114.129.41.255
114.129.45.0-114.129.47.255
123.100.235.0-123.100.245.255
123.100.248.0/21
202.157.128.0-202.157.139.255
202.157.142.0/23
202.157.148.0/24
202.157.152.0/24
202.157.160.0/20
202.160.120.0/22
203.83.250.0/24
203.142.16.0-203.142.25.255
203.142.27.0/24
IPv6:
2404:4800::/46
2404:4800:20::/48
Signature Algorithm: sha256WithRSAEncryption
2a:6a:b9:bf:56:62:85:5a:03:c9:9e:1b:66:2c:70:80:bc:ef:
ad:5f:9a:02:7a:54:ca:f8:80:a8:84:d1:b8:4c:6a:54:81:30:
6f:5e:ba:cd:75:ce:9f:b7:90:47:9f:8d:aa:f1:3e:b5:7a:72:
bf:c9:b2:02:60:a1:37:e7:4a:ef:da:ee:38:bb:11:a6:17:9b:
16:b8:aa:ea:7d:56:ac:d1:06:e2:5b:7c:63:e5:66:92:8b:8e:
25:dc:e2:cc:50:f2:1e:6e:85:cf:5c:2b:11:d6:42:01:e1:98:
8c:7e:06:44:90:1f:6f:41:c9:74:53:63:88:2a:da:b5:d9:50:
9e:0e:ae:ca:a3:ef:73:e0:7f:46:6b:6a:07:7e:db:91:8c:8d:
fe:63:1d:0f:9e:a8:71:9a:bf:1a:b1:ec:ca:32:c5:05:8b:a6:
3a:25:7f:74:90:f6:fb:84:97:bb:26:48:79:11:fa:e1:2b:5c:
3d:6c:d5:ac:29:30:38:ae:85:a7:85:c1:dd:d3:25:ba:76:0d:
b7:29:d4:34:27:ce:be:3e:55:8e:e0:18:04:a3:a5:37:d1:c6:
23:ac:7b:8b:00:1b:1e:31:42:dd:cc:5e:c4:9e:b1:db:c8:b3:
a9:1e:be:b2:cb:e8:91:d5:6a:38:d2:6c:61:c3:d9:de:d0:71:
1e:39:cc:5a
-----BEGIN CERTIFICATE-----
MIIGBTCCBO2gAwIBAgICNQQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODJDRkMxMTAvBgNVBAUTKDgwMjdFMEVGNTREMDBCNjFGNzEzNkYwOTcxOUJGQ0Y0
QzQ1MzM0MDUwHhcNMjUwOTMwMDMwNzQ1WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OGRiNDk4MC1hOWQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtLpYkXeM8r+s7w33CbsXf3SSk3Tx9nJgGwYXlwrYzPgvvLtSBzD9g+x9Em8F
ML/eRon73n0QQmk7JJ3ezK31KQLIu1zhBNuNdTHpDgNR7ASbEGG/rolu80/2b57i
5eAEQd05VNDL18nYm9w3yFBTvuJyfiSW99+NM9qGMEzf7maQWTSRvc6zybBgWr+q
MLKEtCi/IHuSo8rVL+TlPED10Q0ZyR+NpOSsH7CYdBmt/IIRADssZHwr0SHh9I6R
g7SILKR9zibN340W025cjz0Dv1KR98q9QgJLxpDLBJ52PkCvkdFekP0YahxFcSmC
kNz//iVYomF3kYHFZa54IURy9QIDAQABo4IDKTCCAyUwHQYDVR0OBBYEFPKCKViB
Cw3ehTFxUfUahF5elOiZMB8GA1UdIwQYMBaAFIAn4O9U0Ath9xNvCXGb/PTEUzQF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MkNGQy9CRjg0QjU3NDFE
ODYxMUUyQTc2MzQ0REUwOEIwMkNEMi9nQ2ZnNzFUUUMySDNFMjhKY1p2ODlNUlRO
QVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dDZmc3MVRRQzJIM0UyOEpjWnY4OU1SVE5BVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODJDRkMvQkY4NEI1NzQxRDg2MTFFMkE3NjM0NERFMDhCMDJDRDIvQTI5MjUzQTY5
REFBMTFGMDg0MDdEMzYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbIGCCsGAQUFBwEHAQH/
BIGiMIGfMIGCBAIAATB8AwQAcoEhMAwDBAJygSQDBAFygSgwDAMEAHKBLQMEBHKB
IDAMAwQAe2TrAwQBe2T0AwQDe2T4MAwDBAfKnYADBALKnYgDBAHKnY4DBADKnZQD
BADKnZgDBATKnaADBALKoHgDBADLU/owDAMEBMuOEAMEAcuOGAMEAMuOGzAYBAIA
AjASAwcCJARIAAAAAwcAJARIAAAgMA0GCSqGSIb3DQEBCwUAA4IBAQAqarm/VmKF
WgPJnhtmLHCAvO+tX5oCelTK+ICohNG4TGpUgTBvXrrNdc6ft5BHn42q8T61enK/
ybICYKE350rv2u44uxGmF5sWuKrqfVas0QbiW3xj5WaSi44l3OLMUPIeboXPXCsR
1kIB4ZiMfgZEkB9vQcl0U2OIKtq12VCeDq7Ko+9z4H9Ga2oHftuRjI3+Yx0Pnqhx
mr8asezKMsUFi6Y6JX90kPb7hJe7Jkh5EfrhK1w9bNWsKTA4roWnhcHd0yW6dg23
KdQ0J86+PlWO4BgEo6U30cYjrHuLABseMULdzF7EnrHbyLOpHr6yy+iR1Wo40mxh
w9ne0HEeOcxa
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:00:23 2025 by rpki-client