Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F6973CAC265711F08B890022C4F9AE02.roa
File: F6973CAC265711F08B890022C4F9AE02.roa (raw, json)
Hash identifier: ipVGlywg8lzq7IxIYSFEBo8rNbRY2X6xvAVDQXcs8UQ=
Subject key identifier: A9:9B:B9:08:2D:20:25:F1:5C:3E:11:7D:CC:E7:EE:9E:A1:17:7E:CC
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: C56B
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F6973CAC265711F08B890022C4F9AE02.roa
Signing time: Tue 23 Sep 2025 09:15:53 +0000
ROA not before: Tue 23 Sep 2025 09:15:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 135872
IP address blocks: 45.251.68.0/22 maxlen: 24
103.59.88.0/24 maxlen: 24
103.60.219.0/24 maxlen: 24
103.135.228.0/23 maxlen: 24
103.151.156.0/23 maxlen: 24
103.165.114.0/23 maxlen: 24
103.170.182.0/23 maxlen: 24
103.171.246.0/23 maxlen: 24
103.175.62.0/23 maxlen: 24
103.175.139.0/24 maxlen: 24
103.175.168.0/23 maxlen: 24
103.175.184.0/23 maxlen: 24
103.177.156.0/23 maxlen: 24
103.178.210.0/23 maxlen: 24
103.179.16.0/23 maxlen: 24
103.185.246.0/24 maxlen: 24
103.186.36.0/23 maxlen: 24
103.188.162.0/23 maxlen: 24
103.205.163.0/24 maxlen: 24
103.211.20.0/22 maxlen: 24
103.211.132.0/22 maxlen: 24
103.234.93.0/24 maxlen: 24
139.5.140.0/24 maxlen: 24
139.5.141.0/24 maxlen: 24
139.5.142.0/24 maxlen: 24
139.5.143.0/24 maxlen: 24
146.196.44.0/22 maxlen: 24
160.238.92.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 15:33:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50539 (0xc56b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Sep 23 09:15:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68d26549-36b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e9:29:96:fb:9f:4d:7b:44:ae:71:e0:22:88:
35:24:ad:f5:ee:3b:47:2c:ec:1f:39:a0:0b:99:6c:
62:10:30:40:54:dd:a4:94:e1:52:9b:e3:9d:c9:e1:
ae:d5:d6:21:d3:fa:8e:69:cc:3c:b3:12:ca:d6:4f:
64:bb:ad:c9:1c:0b:7d:43:3e:2a:c2:cf:fa:e7:f9:
1e:1c:51:c9:bb:78:a6:97:1c:5a:ad:09:39:d0:30:
7a:83:41:2e:2e:d3:bd:af:24:39:13:80:bf:ac:20:
3f:04:85:69:a9:b8:df:85:c6:21:57:5f:e4:70:7c:
9c:a5:44:0e:57:d3:e1:5e:1b:86:25:3f:e1:d2:8a:
94:3b:a6:3b:7c:7a:f8:07:62:6e:a9:41:45:1b:ae:
c4:21:3d:f4:5d:b6:76:f3:92:57:10:55:2f:4b:3f:
88:75:6b:df:af:5b:0a:88:76:e0:01:5f:68:78:a9:
45:cc:df:f7:46:d8:d9:ff:5c:52:77:e7:5c:b6:21:
2c:9a:f9:8e:9c:4f:29:94:56:ca:de:5e:e0:80:c2:
42:07:5e:32:ec:fe:f2:4b:d5:25:0e:12:c9:b1:2a:
f7:17:fe:63:83:5b:76:96:ab:28:a5:ae:e7:aa:c8:
ae:2b:12:f3:4f:64:bd:66:49:a7:9c:5a:37:db:9d:
12:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:9B:B9:08:2D:20:25:F1:5C:3E:11:7D:CC:E7:EE:9E:A1:17:7E:CC
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F6973CAC265711F08B890022C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.251.68.0/22
103.59.88.0/24
103.60.219.0/24
103.135.228.0/23
103.151.156.0/23
103.165.114.0/23
103.170.182.0/23
103.171.246.0/23
103.175.62.0/23
103.175.139.0/24
103.175.168.0/23
103.175.184.0/23
103.177.156.0/23
103.178.210.0/23
103.179.16.0/23
103.185.246.0/24
103.186.36.0/23
103.188.162.0/23
103.205.163.0/24
103.211.20.0/22
103.211.132.0/22
103.234.93.0/24
139.5.140.0/22
146.196.44.0/22
160.238.92.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:3e:1d:97:30:eb:2d:7d:09:f6:b4:bf:d6:f7:0a:4e:83:d7:
33:36:a2:1c:63:e6:04:0a:53:71:e9:27:f0:11:9b:a6:03:30:
72:b1:b0:48:72:d5:78:36:f0:bd:82:a5:1c:39:0e:9e:a3:eb:
da:f9:50:bd:7e:50:77:8e:59:88:46:91:d5:76:42:99:24:c7:
96:11:eb:c5:32:ff:27:e1:6d:df:50:89:5c:06:9f:c3:c5:14:
c6:1f:d6:c9:8d:e8:88:15:bb:92:22:fd:5c:72:31:e1:94:30:
dc:64:22:69:e1:9b:e5:cd:91:81:2c:84:06:23:c4:bf:57:dd:
e1:fd:36:9a:68:28:c9:64:14:29:9f:11:5f:7a:40:c4:af:55:
6a:58:ed:87:e7:f8:fd:dc:d6:45:53:43:66:ba:4b:c7:6b:63:
4b:e7:f9:b4:a5:c4:61:1b:b5:68:c8:2c:25:77:b4:04:dc:fc:
49:88:8a:e4:b7:8b:9b:99:b5:16:7d:93:9c:55:cd:5e:87:7b:
4d:da:68:9f:e3:db:7f:e8:13:32:6f:e0:12:86:bc:ca:36:82:
f4:4a:bf:c6:37:ad:38:1a:77:f1:1f:cf:7c:0e:42:bb:75:6f:
d7:05:57:19:ae:b6:66:66:ac:cd:03:0a:a5:91:d3:aa:6e:d4:
c1:20:a0:25
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgIDAMVrMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDkyMzA5MTU1M1oXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjhkMjY1NDktMzZiMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/pKZb7n017RK5x4CKINSSt9e47RyzsHzmgC5lsYhAwQFTdpJThUpvjncnh
rtXWIdP6jmnMPLMSytZPZLutyRwLfUM+KsLP+uf5HhxRybt4ppccWq0JOdAweoNB
Li7Tva8kOROAv6wgPwSFaam434XGIVdf5HB8nKVEDlfT4V4bhiU/4dKKlDumO3x6
+AdibqlBRRuuxCE99F22dvOSVxBVL0s/iHVr369bCoh24AFfaHipRczf90bY2f9c
UnfnXLYhLJr5jpxPKZRWyt5e4IDCQgdeMuz+8kvVJQ4SybEq9xf+Y4NbdparKKWu
56rIrisS809kvWZJp5xaN9udEs8CAwEAAaOCAyowggMmMB0GA1UdDgQWBBSpm7kI
LSAl8Vw+EX3M5+6eoRd+zDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0Y2OTczQ0FD
MjY1NzExRjA4Qjg5MDAyMkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGzBggrBgEFBQcBBwEB
/wSBozCBoDCBnQQCAAEwgZYDBAIt+0QDBABnO1gDBABnPNsDBAFnh+QDBAFnl5wD
BAFnpXIDBAFnqrYDBAFnq/YDBAFnrz4DBABnr4sDBAFnr6gDBAFnr7gDBAFnsZwD
BAFnstIDBAFnsxADBABnufYDBAFnuiQDBAFnvKIDBABnzaMDBAJn0xQDBAJn04QD
BABn6l0DBAKLBYwDBAKSxCwDBAKg7lwwDQYJKoZIhvcNAQELBQADggEBAKQ+HZcw
6y19Cfa0v9b3Ck6D1zM2ohxj5gQKU3HpJ/ARm6YDMHKxsEhy1Xg28L2CpRw5Dp6j
69r5UL1+UHeOWYhGkdV2Qpkkx5YR68Uy/yfhbd9QiVwGn8PFFMYf1smN6IgVu5Ii
/VxyMeGUMNxkImnhm+XNkYEshAYjxL9X3eH9NppoKMlkFCmfEV96QMSvVWpY7Yfn
+P3c1kVTQ2a6S8drY0vn+bSlxGEbtWjILCV3tATc/EmIiuS3i5uZtRZ9k5xVzV6H
e03aaJ/j23/oEzJv4BKGvMo2gvRKv8Y3rTgad/Efz3wOQrt1b9cFVxmutmZmrM0D
CqWR06pu1MEgoCU=
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:23:15 2025 by rpki-client