Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B795678A8D4B11F0872E1828C4F9AE02.roa
File: B795678A8D4B11F0872E1828C4F9AE02.roa (raw, json)
Hash identifier: qdbXLYf9QAt7s7SdS5tJub00FnxOgYO0qAOK/59/cCg=
Subject key identifier: DF:91:98:AA:C5:1E:02:89:89:F2:CE:96:F8:DF:93:2B:63:28:28:D3
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: C461
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B795678A8D4B11F0872E1828C4F9AE02.roa
Signing time: Tue 09 Sep 2025 07:07:59 +0000
ROA not before: Tue 09 Sep 2025 07:07:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 132215
IP address blocks: 1.6.136.0/24 maxlen: 24
1.6.226.0/24 maxlen: 24
1.6.227.0/24 maxlen: 24
1.6.228.0/24 maxlen: 24
1.7.142.0/24 maxlen: 24
1.7.151.0/24 maxlen: 24
1.7.161.0/24 maxlen: 24
1.7.162.0/24 maxlen: 24
1.7.180.0/24 maxlen: 24
1.7.200.0/24 maxlen: 24
1.7.201.0/24 maxlen: 24
1.7.202.0/24 maxlen: 24
43.227.132.0/22 maxlen: 24
45.127.208.0/22 maxlen: 24
45.127.228.0/22 maxlen: 24
45.127.236.0/22 maxlen: 24
58.84.20.0/22 maxlen: 24
58.84.24.0/22 maxlen: 24
59.152.80.0/22 maxlen: 24
61.14.204.0/22 maxlen: 24
103.7.128.0/22 maxlen: 24
103.15.228.0/22 maxlen: 24
103.59.140.0/22 maxlen: 24
103.70.60.0/22 maxlen: 24
103.120.28.0/22 maxlen: 24
103.196.188.0/22 maxlen: 24
103.196.216.0/22 maxlen: 24
103.196.224.0/22 maxlen: 24
103.197.36.0/22 maxlen: 24
103.197.40.0/22 maxlen: 24
103.197.80.0/22 maxlen: 24
103.197.100.0/22 maxlen: 24
103.197.124.0/22 maxlen: 24
103.197.128.0/22 maxlen: 24
103.197.136.0/22 maxlen: 24
103.197.140.0/22 maxlen: 24
103.200.76.0/22 maxlen: 24
103.200.80.0/22 maxlen: 24
103.200.88.0/22 maxlen: 24
103.203.80.0/22 maxlen: 24
111.235.68.0/22 maxlen: 24
114.134.16.0/22 maxlen: 24
202.177.153.0/24 maxlen: 24
202.177.157.0/24 maxlen: 24
218.185.248.0/22 maxlen: 24
220.158.128.0/22 maxlen: 24
220.158.144.0/22 maxlen: 24
220.158.168.0/22 maxlen: 24
220.158.172.0/22 maxlen: 24
220.158.180.0/22 maxlen: 24
220.158.184.0/22 maxlen: 24
223.31.120.0/24 maxlen: 24
223.31.121.0/24 maxlen: 24
223.31.122.0/24 maxlen: 24
223.31.123.0/24 maxlen: 24
223.31.159.0/24 maxlen: 24
223.31.174.0/24 maxlen: 24
2401:ac20::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 15:33:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50273 (0xc461)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Sep 9 07:07:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68bfd24f-cdd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:70:1e:05:58:0e:73:0b:f5:77:d2:d2:b5:2e:
ef:03:aa:d8:2e:ca:57:86:f9:70:5d:07:1f:35:93:
9f:92:52:ee:62:97:0f:14:3e:10:b2:37:18:6f:3b:
97:16:79:de:23:c8:72:0a:d4:7d:4c:39:ce:d1:0d:
b4:c4:1f:5b:cf:7d:9a:d2:43:32:37:4a:e9:5e:ec:
42:3a:e0:99:f1:bb:78:9a:81:15:14:72:51:a0:0a:
14:1b:f2:5b:02:c6:83:2d:66:d7:f5:68:7a:77:f8:
81:a0:39:4c:78:e2:99:69:af:9a:f4:79:80:44:ed:
65:d7:3b:62:e4:49:22:27:56:73:77:2b:d4:e5:c7:
5a:48:0d:60:ae:a7:13:85:f8:f4:9d:d2:df:de:f6:
44:9a:68:97:3c:bf:45:ac:53:73:8c:13:1a:d2:f3:
1e:d4:15:36:c6:cb:92:13:13:c4:74:3a:56:27:56:
9b:fb:66:43:4f:ea:31:60:8a:3e:e4:86:76:87:da:
65:3e:89:2d:d7:4a:83:32:6c:12:28:b6:f0:fa:94:
89:31:61:ef:37:b4:4e:ed:9b:57:16:44:dc:12:bd:
7c:01:88:15:ce:a3:14:cc:9c:c4:5e:b0:e5:cb:9a:
c3:e2:c6:35:9e:8d:fc:3c:46:95:21:8b:e7:f8:30:
a1:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:91:98:AA:C5:1E:02:89:89:F2:CE:96:F8:DF:93:2B:63:28:28:D3
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B795678A8D4B11F0872E1828C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.6.136.0/24
1.6.226.0-1.6.228.255
1.7.142.0/24
1.7.151.0/24
1.7.161.0-1.7.162.255
1.7.180.0/24
1.7.200.0-1.7.202.255
43.227.132.0/22
45.127.208.0/22
45.127.228.0/22
45.127.236.0/22
58.84.20.0-58.84.27.255
59.152.80.0/22
61.14.204.0/22
103.7.128.0/22
103.15.228.0/22
103.59.140.0/22
103.70.60.0/22
103.120.28.0/22
103.196.188.0/22
103.196.216.0/22
103.196.224.0/22
103.197.36.0-103.197.43.255
103.197.80.0/22
103.197.100.0/22
103.197.124.0-103.197.131.255
103.197.136.0/21
103.200.76.0-103.200.83.255
103.200.88.0/22
103.203.80.0/22
111.235.68.0/22
114.134.16.0/22
202.177.153.0/24
202.177.157.0/24
218.185.248.0/22
220.158.128.0/22
220.158.144.0/22
220.158.168.0/21
220.158.180.0-220.158.187.255
223.31.120.0/22
223.31.159.0/24
223.31.174.0/24
IPv6:
2401:ac20::/32
Signature Algorithm: sha256WithRSAEncryption
27:fb:4c:f4:30:3e:fe:05:ad:e0:71:98:b6:d7:c9:58:95:10:
f2:50:1e:fe:93:93:e8:7b:2f:aa:37:10:26:65:ef:1e:09:11:
e0:d5:95:14:28:a8:a3:7f:85:f8:71:20:58:bf:4e:61:f3:1a:
27:3e:82:47:cf:15:f1:52:1a:ab:e9:54:f2:c8:32:11:d9:8c:
be:96:d2:30:fd:8d:92:77:34:54:dd:04:0c:d5:6b:1b:95:f5:
d0:1c:03:05:46:f3:02:d2:94:08:2e:4c:d1:d8:2a:a6:b4:9e:
48:32:b3:69:6d:d5:79:9a:db:60:fd:ce:13:71:bc:a3:e0:9a:
d3:8f:34:5e:bd:74:2e:75:bb:d6:8b:e6:91:d8:59:7d:00:71:
5c:0b:60:ff:ba:21:88:32:b1:44:94:95:c7:b4:2e:7d:3c:f5:
c7:a5:c9:0c:fa:f3:33:96:71:58:84:04:7f:42:ab:c8:70:69:
e0:f8:84:65:47:98:b5:63:15:e1:ca:49:38:08:a1:4f:a8:f3:
ca:c0:b5:d7:6c:f1:02:2a:18:46:40:44:b9:64:9d:e6:1f:13:
63:44:dd:68:5f:b7:6c:27:ef:6b:55:6f:d3:af:90:19:e5:85:
da:d3:be:2a:28:ca:02:00:9f:d4:7f:5c:c2:ec:08:81:67:07:
20:b9:b2:42
-----BEGIN CERTIFICATE-----
MIIGwTCCBamgAwIBAgIDAMRhMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDkwOTA3MDc1OVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjhiZmQyNGYtY2RkMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMNwHgVYDnML9XfS0rUu7wOq2C7KV4b5cF0HHzWTn5JS7mKXDxQ+ELI3GG87
lxZ53iPIcgrUfUw5ztENtMQfW899mtJDMjdK6V7sQjrgmfG7eJqBFRRyUaAKFBvy
WwLGgy1m1/Voenf4gaA5THjimWmvmvR5gETtZdc7YuRJIidWc3cr1OXHWkgNYK6n
E4X49J3S3972RJpolzy/RaxTc4wTGtLzHtQVNsbLkhMTxHQ6VidWm/tmQ0/qMWCK
PuSGdofaZT6JLddKgzJsEii28PqUiTFh7ze0Tu2bVxZE3BK9fAGIFc6jFMycxF6w
5cuaw+LGNZ6N/DxGlSGL5/gwoWMCAwEAAaOCA+QwggPgMB0GA1UdDgQWBBTfkZiq
xR4CiYnyzpb435MrYygo0zAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0I3OTU2NzhB
OEQ0QjExRjA4NzJFMTgyOEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBbAYIKwYBBQUHAQcB
Af8EggFbMIIBVzCCAUQEAgABMIIBPAMEAAEGiDAMAwQBAQbiAwQAAQbkAwQAAQeO
AwQAAQeXMAwDBAABB6EDBAABB6IDBAABB7QwDAMEAwEHyAMEAAEHygMEAivjhAME
Ai1/0AMEAi1/5AMEAi1/7DAMAwQCOlQUAwQCOlQYAwQCO5hQAwQCPQ7MAwQCZweA
AwQCZw/kAwQCZzuMAwQCZ0Y8AwQCZ3gcAwQCZ8S8AwQCZ8TYAwQCZ8TgMAwDBAJn
xSQDBAJnxSgDBAJnxVADBAJnxWQwDAMEAmfFfAMEAmfFgAMEA2fFiDAMAwQCZ8hM
AwQCZ8hQAwQCZ8hYAwQCZ8tQAwQCb+tEAwQCcoYQAwQAyrGZAwQAyrGdAwQC2rn4
AwQC3J6AAwQC3J6QAwQD3J6oMAwDBALcnrQDBALcnrgDBALfH3gDBADfH58DBADf
H64wDQQCAAIwBwMFACQBrCAwDQYJKoZIhvcNAQELBQADggEBACf7TPQwPv4FreBx
mLbXyViVEPJQHv6Tk+h7L6o3ECZl7x4JEeDVlRQoqKN/hfhxIFi/TmHzGic+gkfP
FfFSGqvpVPLIMhHZjL6W0jD9jZJ3NFTdBAzVaxuV9dAcAwVG8wLSlAguTNHYKqa0
nkgys2lt1Xma22D9zhNxvKPgmtOPNF69dC51u9aL5pHYWX0AcVwLYP+6IYgysUSU
lce0Ln089celyQz68zOWcViEBH9Cq8hwaeD4hGVHmLVjFeHKSTgIoU+o88rAtdds
8QIqGEZARLlkneYfE2NE3Whft2wn72tVb9OvkBnlhdrTviooygIAn9R/XMLsCIFn
ByC5skI=
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:08:43 2025 by rpki-client