Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CC25F854946C11F08D00EB83C4F9AE02.roa
File: CC25F854946C11F08D00EB83C4F9AE02.roa (raw, json)
Hash identifier: oG+v5Fgtj0txArfkLvwsvMFut5VcEnFX5YXTa8S16dA=
Subject key identifier: 77:78:98:E6:B8:06:CF:EE:EA:F3:05:57:D5:CF:0D:E0:8A:8C:A2:3F
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: C61B
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CC25F854946C11F08D00EB83C4F9AE02.roa
Signing time: Fri 10 Oct 2025 04:33:41 +0000
ROA not before: Fri 10 Oct 2025 04:33:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 55824
IP address blocks: 45.118.48.0/21 maxlen: 21
45.118.48.0/22 maxlen: 24
45.118.52.0/22 maxlen: 24
45.118.96.0/22 maxlen: 24
45.118.100.0/22 maxlen: 24
45.118.168.0/22 maxlen: 24
45.118.172.0/22 maxlen: 24
45.118.192.0/22 maxlen: 24
45.118.196.0/22 maxlen: 24
45.118.208.0/22 maxlen: 24
45.118.212.0/22 maxlen: 24
45.119.16.0/22 maxlen: 24
45.119.20.0/22 maxlen: 24
45.119.32.0/22 maxlen: 24
45.119.36.0/22 maxlen: 24
45.119.168.0/22 maxlen: 24
45.119.172.0/22 maxlen: 24
45.124.184.0/22 maxlen: 24
45.124.188.0/22 maxlen: 24
45.125.144.0/22 maxlen: 24
45.125.148.0/22 maxlen: 24
45.125.176.0/22 maxlen: 24
45.125.180.0/22 maxlen: 24
45.127.64.0/24 maxlen: 24
45.127.65.0/24 maxlen: 24
45.127.66.0/24 maxlen: 24
45.127.67.0/24 maxlen: 24
45.127.68.0/24 maxlen: 24
45.127.69.0/24 maxlen: 24
45.127.70.0/24 maxlen: 24
45.127.71.0/24 maxlen: 24
45.127.72.0/24 maxlen: 24
45.127.73.0/24 maxlen: 24
45.127.74.0/24 maxlen: 24
45.127.76.0/24 maxlen: 24
45.127.77.0/24 maxlen: 24
103.58.80.0/22 maxlen: 24
103.58.84.0/22 maxlen: 24
103.58.120.0/22 maxlen: 23
103.58.120.0/24 maxlen: 24
103.58.122.0/23 maxlen: 24
103.58.124.0/22 maxlen: 24
103.58.168.0/22 maxlen: 24
103.58.172.0/22 maxlen: 24
103.58.200.0/22 maxlen: 24
103.58.204.0/22 maxlen: 24
103.58.240.0/22 maxlen: 24
103.58.244.0/22 maxlen: 24
103.59.16.0/22 maxlen: 23
103.59.17.0/24 maxlen: 24
103.59.18.0/23 maxlen: 24
103.59.20.0/22 maxlen: 24
103.59.66.0/24 maxlen: 24
103.59.80.0/22 maxlen: 24
103.59.84.0/22 maxlen: 24
103.59.224.0/22 maxlen: 24
103.59.228.0/22 maxlen: 24
103.60.48.0/22 maxlen: 24
103.60.52.0/22 maxlen: 24
103.68.177.0/24 maxlen: 24
103.88.228.0/24 maxlen: 24
103.127.161.0/24 maxlen: 24
103.194.24.0/24 maxlen: 24
103.194.25.0/24 maxlen: 24
103.194.26.0/24 maxlen: 24
103.194.28.0/22 maxlen: 24
103.194.56.0/22 maxlen: 24
103.194.60.0/22 maxlen: 24
103.194.136.0/22 maxlen: 24
103.194.140.0/22 maxlen: 24
103.194.200.0/22 maxlen: 24
103.194.204.0/22 maxlen: 24
103.194.216.0/22 maxlen: 24
103.194.220.0/22 maxlen: 24
103.213.16.0/22 maxlen: 24
103.213.20.0/22 maxlen: 24
103.218.144.0/22 maxlen: 24
103.218.148.0/22 maxlen: 24
220.156.190.0/23 maxlen: 24
2001:df1:5200::/48 maxlen: 48
2001:df3:1e00::/48 maxlen: 48
2406:f00:3::/48 maxlen: 48
2406:f00:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 15:33:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50715 (0xc61b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Oct 10 04:33:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68e88ca5-6ba6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d8:14:e1:0c:8c:38:94:b2:d5:73:7c:33:69:
4d:68:14:62:5b:1c:31:1c:91:f4:b5:2c:b0:80:14:
77:b1:4f:7b:e8:b3:0a:12:47:db:de:1d:b4:6e:14:
df:d8:00:00:1a:d5:59:ed:b4:a3:27:a1:75:73:b0:
36:a3:20:e5:73:81:b0:7d:92:3a:0f:f5:7a:df:c0:
f6:e8:6b:6f:6c:3d:ec:b3:63:f6:07:63:dd:ba:05:
97:98:1d:b0:75:71:b1:95:31:0c:0c:e5:4f:ed:92:
9f:9e:f4:10:98:91:08:fa:80:68:4a:81:e6:f8:a7:
e3:e6:1c:4a:63:26:01:fc:74:0f:35:93:12:88:8a:
86:91:0a:bb:c5:39:42:26:79:1e:82:d9:c5:a8:3e:
bd:14:1a:8e:05:97:a8:57:1c:94:bf:cf:12:88:e7:
ea:8c:76:cb:0a:a0:2d:c4:eb:38:39:10:fc:12:f1:
e8:bb:43:99:16:80:f1:26:e9:40:c7:2b:ce:73:6e:
eb:fe:5d:9f:f8:3f:4f:af:1b:ae:f1:98:0c:c7:c7:
3d:42:18:cf:56:82:89:73:06:88:53:70:95:3c:11:
f7:1d:ba:2a:32:83:6a:b8:0c:0b:4f:b8:74:2b:c9:
7b:c9:ac:ec:23:17:c7:a7:8e:c8:13:59:ae:29:63:
31:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:78:98:E6:B8:06:CF:EE:EA:F3:05:57:D5:CF:0D:E0:8A:8C:A2:3F
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CC25F854946C11F08D00EB83C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.118.48.0/21
45.118.96.0/21
45.118.168.0/21
45.118.192.0/21
45.118.208.0/21
45.119.16.0/21
45.119.32.0/21
45.119.168.0/21
45.124.184.0/21
45.125.144.0/21
45.125.176.0/21
45.127.64.0-45.127.74.255
45.127.76.0/23
103.58.80.0/21
103.58.120.0/21
103.58.168.0/21
103.58.200.0/21
103.58.240.0/21
103.59.16.0/21
103.59.66.0/24
103.59.80.0/21
103.59.224.0/21
103.60.48.0/21
103.68.177.0/24
103.88.228.0/24
103.127.161.0/24
103.194.24.0-103.194.26.255
103.194.28.0/22
103.194.56.0/21
103.194.136.0/21
103.194.200.0/21
103.194.216.0/21
103.213.16.0/21
103.218.144.0/21
220.156.190.0/23
IPv6:
2001:df1:5200::/48
2001:df3:1e00::/48
2406:f00:3::/48
2406:f00:7::/48
Signature Algorithm: sha256WithRSAEncryption
77:dd:5a:63:6e:37:93:42:68:32:5d:b4:00:d2:c7:d5:a4:28:
3c:69:dc:96:71:58:ab:f2:d5:13:58:75:40:65:5a:0d:7e:ff:
26:3f:88:aa:e9:97:82:28:5a:a6:08:38:3a:20:c3:15:a3:3c:
f4:a8:af:85:12:f4:23:2d:13:b9:f3:13:7f:91:d0:a4:bd:ab:
f6:a4:35:e6:02:ba:65:87:4e:d7:b3:bc:a8:b2:14:1b:fc:26:
65:fd:fc:5d:17:41:c6:26:b7:cd:6a:2c:7c:28:85:2d:e4:e7:
b6:69:d9:4f:34:3b:55:1d:a9:9d:54:12:a2:5b:d4:fb:2b:78:
ce:d5:5c:76:6c:3e:9a:a8:26:c1:41:3b:03:1d:e4:3c:d5:e0:
29:3b:ee:88:90:50:da:9b:72:3a:7e:d3:09:76:9e:f8:ad:7b:
09:db:ca:1f:46:51:a6:c8:46:02:bd:fb:7e:10:51:16:f9:28:
a6:63:ac:38:44:39:28:8e:be:a9:8a:68:35:5b:fc:cb:e1:06:
32:16:26:0b:ec:e4:81:80:5e:db:13:26:9c:d4:74:c0:99:d7:
bd:7c:36:61:0a:d5:14:5a:a3:e7:84:0f:67:08:93:62:00:03:
44:c2:0e:5e:7a:24:e1:a1:54:4c:7a:4a:68:dc:98:26:df:d7:
bf:df:ce:83
-----BEGIN CERTIFICATE-----
MIIGgjCCBWqgAwIBAgIDAMYbMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MTAxMDA0MzM0MVoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjhlODhjYTUtNmJhNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7YFOEMjDiUstVzfDNpTWgUYlscMRyR9LUssIAUd7FPe+izChJH294dtG4U
39gAABrVWe20oyehdXOwNqMg5XOBsH2SOg/1et/A9uhrb2w97LNj9gdj3boFl5gd
sHVxsZUxDAzlT+2Sn570EJiRCPqAaEqB5vin4+YcSmMmAfx0DzWTEoiKhpEKu8U5
QiZ5HoLZxag+vRQajgWXqFcclL/PEojn6ox2ywqgLcTrODkQ/BLx6LtDmRaA8Sbp
QMcrznNu6/5dn/g/T68brvGYDMfHPUIYz1aCiXMGiFNwlTwR9x26KjKDargMC0+4
dCvJe8ms7CMXx6eOyBNZriljMTMCAwEAAaOCA6UwggOhMB0GA1UdDgQWBBR3eJjm
uAbP7urzBVfVzw3gioyiPzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0NDMjVGODU0
OTQ2QzExRjA4RDAwRUI4M0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBLQYIKwYBBQUHAQcB
Af8EggEcMIIBGDCB6QQCAAEwgeIDBAMtdjADBAMtdmADBAMtdqgDBAMtdsADBAMt
dtADBAMtdxADBAMtdyADBAMtd6gDBAMtfLgDBAMtfZADBAMtfbAwDAMEBi1/QAME
AC1/SgMEAS1/TAMEA2c6UAMEA2c6eAMEA2c6qAMEA2c6yAMEA2c68AMEA2c7EAME
AGc7QgMEA2c7UAMEA2c74AMEA2c8MAMEAGdEsQMEAGdY5AMEAGd/oTAMAwQDZ8IY
AwQAZ8IaAwQCZ8IcAwQDZ8I4AwQDZ8KIAwQDZ8LIAwQDZ8LYAwQDZ9UQAwQDZ9qQ
AwQB3Jy+MCoEAgACMCQDBwAgAQ3xUgADBwAgAQ3zHgADBwAkBg8AAAMDBwAkBg8A
AAcwDQYJKoZIhvcNAQELBQADggEBAHfdWmNuN5NCaDJdtADSx9WkKDxp3JZxWKvy
1RNYdUBlWg1+/yY/iKrpl4IoWqYIODogwxWjPPSor4US9CMtE7nzE3+R0KS9q/ak
NeYCumWHTtezvKiyFBv8JmX9/F0XQcYmt81qLHwohS3k57Zp2U80O1UdqZ1UEqJb
1PsreM7VXHZsPpqoJsFBOwMd5DzV4Ck77oiQUNqbcjp+0wl2nvitewnbyh9GUabI
RgK9+34QURb5KKZjrDhEOSiOvqmKaDVb/MvhBjIWJgvs5IGAXtsTJpzUdMCZ1718
NmEK1RRao+eED2cIk2IAA0TCDl56JOGhVEx6SmjcmCbf17/fzoM=
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:50:56 2025 by rpki-client