Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/701ACB84777511F0A2FBBB40C4F9AE02.roa
File: 701ACB84777511F0A2FBBB40C4F9AE02.roa (raw, json)
Hash identifier: ShAysWNEEu9fxu4/xBCiGycSNptF17oY0hmQF9zvTDs=
Subject key identifier: 5B:EA:FD:3D:82:B3:39:C2:14:2F:17:D8:6D:40:D4:06:8B:F6:4B:99
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: C264
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/701ACB84777511F0A2FBBB40C4F9AE02.roa
Signing time: Tue 12 Aug 2025 12:11:12 +0000
ROA not before: Tue 12 Aug 2025 12:11:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137085
IP address blocks: 27.123.240.0/23 maxlen: 24
43.225.248.0/22 maxlen: 24
43.228.164.0/23 maxlen: 24
103.37.98.0/23 maxlen: 24
103.40.200.0/22 maxlen: 24
103.54.27.0/24 maxlen: 24
103.68.21.0/24 maxlen: 24
103.68.140.0/23 maxlen: 24
103.69.239.0/24 maxlen: 24
103.72.196.0/24 maxlen: 24
103.88.59.0/24 maxlen: 24
103.91.72.0/24 maxlen: 24
103.91.73.0/24 maxlen: 24
103.91.74.0/24 maxlen: 24
103.91.75.0/24 maxlen: 24
103.91.76.0/22 maxlen: 24
103.92.107.0/24 maxlen: 24
103.93.39.0/24 maxlen: 24
103.101.112.0/22 maxlen: 24
103.113.110.0/23 maxlen: 24
103.120.108.0/24 maxlen: 24
103.120.152.0/24 maxlen: 24
103.120.153.0/24 maxlen: 24
103.124.174.0/24 maxlen: 24
103.138.9.0/24 maxlen: 24
103.139.143.0/24 maxlen: 24
103.154.8.0/23 maxlen: 24
103.154.56.0/23 maxlen: 24
103.155.237.0/24 maxlen: 24
103.156.121.0/24 maxlen: 24
103.157.188.0/23 maxlen: 24
103.159.104.0/23 maxlen: 24
103.160.25.0/24 maxlen: 24
103.164.140.0/24 maxlen: 24
103.165.88.0/23 maxlen: 24
103.167.154.0/23 maxlen: 24
103.167.182.0/23 maxlen: 24
103.167.224.0/23 maxlen: 24
103.167.238.0/23 maxlen: 24
103.168.60.0/23 maxlen: 24
103.169.242.0/24 maxlen: 24
103.169.243.0/24 maxlen: 24
103.170.36.0/23 maxlen: 24
103.170.38.0/23 maxlen: 24
103.170.84.0/23 maxlen: 24
103.178.24.0/23 maxlen: 24
103.178.117.0/24 maxlen: 24
103.179.50.0/23 maxlen: 24
103.181.66.0/24 maxlen: 24
103.181.119.0/24 maxlen: 24
103.184.41.0/24 maxlen: 24
103.184.205.0/24 maxlen: 24
103.191.202.0/23 maxlen: 24
103.204.70.0/24 maxlen: 24
103.206.51.0/24 maxlen: 24
103.206.96.0/23 maxlen: 24
103.216.141.0/24 maxlen: 24
103.232.232.0/22 maxlen: 24
202.4.169.0/24 maxlen: 24
2001:df0:47c0::/48 maxlen: 48
2001:df1:1980::/48 maxlen: 48
2001:df1:d240::/48 maxlen: 48
2001:df1:ed40::/48 maxlen: 48
2001:df2:3ac0::/48 maxlen: 48
2001:df2:3f40::/48 maxlen: 48
2001:df3:1340::/48 maxlen: 48
2400:d660::/32 maxlen: 32
2401:bba0::/32 maxlen: 32
2405:e100:a::/48 maxlen: 48
2405:e100:b::/48 maxlen: 48
2405:e100:c::/48 maxlen: 48
2405:e100:d::/48 maxlen: 48
2405:e100:e::/48 maxlen: 48
2405:e100:f::/48 maxlen: 48
2405:e100:1d::/48 maxlen: 48
2405:e100:1e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 15:25:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49764 (0xc264)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 12 12:11:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=689b2f60-9aa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:cb:b0:7f:f6:64:15:82:da:d0:92:39:a1:42:
bd:06:e5:92:a7:e8:0d:96:d0:fc:f5:4b:3a:39:17:
cd:87:bf:4b:02:87:57:c9:e2:00:2b:d0:1e:27:66:
00:fe:b4:dd:be:2c:ba:8d:a1:3c:f0:74:c4:e9:f6:
c9:6a:91:e0:3d:e3:1b:75:d2:56:94:ca:67:72:a4:
b3:b9:33:27:e2:79:82:a8:2a:99:84:22:6f:c2:a8:
99:d9:56:94:65:b1:8b:7a:64:2c:7b:bf:01:fb:8e:
2e:66:aa:84:88:d6:ca:a8:76:32:1a:39:25:bb:ca:
83:8b:ce:09:5e:55:16:14:0b:6d:8e:09:f0:d8:82:
82:28:bf:70:d4:d3:f1:4c:03:1e:c9:8e:b3:cb:cb:
a9:23:bf:b3:6f:81:55:7c:23:0c:19:50:0c:b3:ed:
4f:7b:2d:bf:f3:42:ba:36:c2:0e:f0:ec:1e:4e:31:
54:2c:5b:f0:75:d2:bb:2e:56:f1:c0:36:1b:c6:5e:
d1:85:2e:2a:41:65:f6:6d:38:80:78:8e:3c:1c:10:
94:07:ed:74:3f:32:b3:bc:a0:56:29:51:4e:90:ea:
8e:43:a3:a3:37:91:de:88:cd:38:f1:76:ac:f0:af:
a9:29:ee:99:e0:63:d2:5e:dd:b8:d0:e1:bd:1f:71:
81:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:EA:FD:3D:82:B3:39:C2:14:2F:17:D8:6D:40:D4:06:8B:F6:4B:99
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/701ACB84777511F0A2FBBB40C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.123.240.0/23
43.225.248.0/22
43.228.164.0/23
103.37.98.0/23
103.40.200.0/22
103.54.27.0/24
103.68.21.0/24
103.68.140.0/23
103.69.239.0/24
103.72.196.0/24
103.88.59.0/24
103.91.72.0/21
103.92.107.0/24
103.93.39.0/24
103.101.112.0/22
103.113.110.0/23
103.120.108.0/24
103.120.152.0/23
103.124.174.0/24
103.138.9.0/24
103.139.143.0/24
103.154.8.0/23
103.154.56.0/23
103.155.237.0/24
103.156.121.0/24
103.157.188.0/23
103.159.104.0/23
103.160.25.0/24
103.164.140.0/24
103.165.88.0/23
103.167.154.0/23
103.167.182.0/23
103.167.224.0/23
103.167.238.0/23
103.168.60.0/23
103.169.242.0/23
103.170.36.0/22
103.170.84.0/23
103.178.24.0/23
103.178.117.0/24
103.179.50.0/23
103.181.66.0/24
103.181.119.0/24
103.184.41.0/24
103.184.205.0/24
103.191.202.0/23
103.204.70.0/24
103.206.51.0/24
103.206.96.0/23
103.216.141.0/24
103.232.232.0/22
202.4.169.0/24
IPv6:
2001:df0:47c0::/48
2001:df1:1980::/48
2001:df1:d240::/48
2001:df1:ed40::/48
2001:df2:3ac0::/48
2001:df2:3f40::/48
2001:df3:1340::/48
2400:d660::/32
2401:bba0::/32
2405:e100:a::-2405:e100:f:ffff:ffff:ffff:ffff:ffff
2405:e100:1d::-2405:e100:1e:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9e:12:70:3d:5c:92:10:25:bb:8d:e0:b3:a2:08:61:72:60:81:
62:e9:00:a5:db:2f:f9:44:f8:25:c1:15:d8:0d:2d:d7:e6:c0:
97:c9:16:cc:70:d4:77:a7:fc:b2:5e:5e:ef:ee:6a:c5:0c:fd:
8b:fc:e8:31:6d:c9:04:95:29:a4:9e:79:68:7c:1c:de:6c:a6:
e7:20:36:44:17:b0:2a:6b:74:43:c4:6c:c1:2a:b6:63:9e:87:
12:37:6e:46:25:5e:13:98:96:13:2d:9e:b9:7a:e0:7f:dc:2e:
62:9c:a4:c7:32:b2:19:81:18:da:8b:8b:0e:57:ef:16:7c:c6:
75:c2:27:93:6a:ef:4e:2a:09:aa:a6:83:08:45:37:cf:55:e3:
4b:fa:7a:bb:09:0b:ad:f0:aa:f6:22:cf:e5:9f:e0:e0:43:76:
8a:f6:e2:1f:32:94:06:39:76:c6:30:05:99:d6:ea:b4:b8:ac:
df:8c:95:a8:d6:72:9c:42:bc:d2:b4:c6:82:5a:c6:e5:12:ba:
63:bf:4a:5b:2d:46:6b:1f:3e:9d:b2:89:89:39:bf:29:4c:17:
03:2d:ca:33:f7:92:1e:e3:44:28:de:c7:e5:bf:11:01:fe:8a:
1d:8b:3e:72:31:05:71:9f:a6:01:ab:c0:22:4c:3c:67:5a:2e:
3f:f6:37:86
-----BEGIN CERTIFICATE-----
MIIHKzCCBhOgAwIBAgIDAMJkMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDgxMjEyMTExMloXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjg5YjJmNjAtOWFhNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANHLsH/2ZBWC2tCSOaFCvQblkqfoDZbQ/PVLOjkXzYe/SwKHV8niACvQHidm
AP603b4suo2hPPB0xOn2yWqR4D3jG3XSVpTKZ3Kks7kzJ+J5gqgqmYQib8KomdlW
lGWxi3pkLHu/AfuOLmaqhIjWyqh2Mho5JbvKg4vOCV5VFhQLbY4J8NiCgii/cNTT
8UwDHsmOs8vLqSO/s2+BVXwjDBlQDLPtT3stv/NCujbCDvDsHk4xVCxb8HXSuy5W
8cA2G8Ze0YUuKkFl9m04gHiOPBwQlAftdD8ys7ygVilRTpDqjkOjozeR3ojNOPF2
rPCvqSnumeBj0l7duNDhvR9xgQsCAwEAAaOCBE4wggRKMB0GA1UdDgQWBBRb6v09
grM5whQvF9htQNQGi/ZLmTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzcwMUFDQjg0
Nzc3NTExRjBBMkZCQkI0MEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIB1gYIKwYBBQUHAQcB
Af8EggHFMIIBwTCCAUAEAgABMIIBOAMEARt78AMEAivh+AMEASvkpAMEAWclYgME
AmcoyAMEAGc2GwMEAGdEFQMEAWdEjAMEAGdF7wMEAGdIxAMEAGdYOwMEA2dbSAME
AGdcawMEAGddJwMEAmdlcAMEAWdxbgMEAGd4bAMEAWd4mAMEAGd8rgMEAGeKCQME
AGeLjwMEAWeaCAMEAWeaOAMEAGeb7QMEAGeceQMEAWedvAMEAWefaAMEAGegGQME
AGekjAMEAWelWAMEAWenmgMEAWentgMEAWen4AMEAWen7gMEAWeoPAMEAWep8gME
AmeqJAMEAWeqVAMEAWeyGAMEAGeydQMEAWezMgMEAGe1QgMEAGe1dwMEAGe4KQME
AGe4zQMEAWe/ygMEAGfMRgMEAGfOMwMEAWfOYAMEAGfYjQMEAmfo6AMEAMoEqTB7
BAIAAjB1AwcAIAEN8EfAAwcAIAEN8RmAAwcAIAEN8dJAAwcAIAEN8e1AAwcAIAEN
8jrAAwcAIAEN8j9AAwcAIAEN8xNAAwUAJADWYAMFACQBu6AwEgMHASQF4QAACgMH
BCQF4QAAADASAwcAJAXhAAAdAwcAJAXhAAAeMA0GCSqGSIb3DQEBCwUAA4IBAQCe
EnA9XJIQJbuN4LOiCGFyYIFi6QCl2y/5RPglwRXYDS3X5sCXyRbMcNR3p/yyXl7v
7mrFDP2L/OgxbckElSmknnlofBzebKbnIDZEF7Aqa3RDxGzBKrZjnocSN25GJV4T
mJYTLZ65euB/3C5inKTHMrIZgRjai4sOV+8WfMZ1wieTau9OKgmqpoMIRTfPVeNL
+nq7CQut8Kr2Is/ln+DgQ3aK9uIfMpQGOXbGMAWZ1uq0uKzfjJWo1nKcQrzStMaC
WsblErpjv0pbLUZrHz6dsomJOb8pTBcDLcoz95Ie40Qo3sflvxEB/oodiz5yMQVx
n6YBq8AiTDxnWi4/9jeG
-----END CERTIFICATE-----
Generated at Sun Aug 24 02:34:56 2025 by rpki-client