Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/6ABB2DBE793211F0B46B9927C4F9AE02.roa
File: 6ABB2DBE793211F0B46B9927C4F9AE02.roa (raw, json)
Hash identifier: cJYxlR6Y44tzY4UWBvI68gO8ihKMM3moej/UsOXmo1M=
Subject key identifier: 7F:63:03:6C:9C:BD:7B:5D:7D:6C:A5:4D:C0:10:61:D5:25:23:9E:F6
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4C61
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/6ABB2DBE793211F0B46B9927C4F9AE02.roa
Signing time: Thu 14 Aug 2025 17:49:16 +0000
ROA not before: Thu 14 Aug 2025 17:49:16 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 7552
IP address blocks: 27.64.0.0/12 maxlen: 24
103.84.76.0/22 maxlen: 24
115.72.0.0/13 maxlen: 24
116.96.0.0/16 maxlen: 24
116.97.0.0/17 maxlen: 24
116.97.128.0/19 maxlen: 24
116.97.160.0/20 maxlen: 24
116.97.176.0/21 maxlen: 24
116.97.192.0/18 maxlen: 24
116.98.0.0/16 maxlen: 24
116.99.0.0/16 maxlen: 24
116.100.0.0/16 maxlen: 24
116.101.0.0/16 maxlen: 24
116.102.0.0/16 maxlen: 24
116.103.0.0/18 maxlen: 24
116.103.64.0/19 maxlen: 24
116.103.96.0/21 maxlen: 24
116.103.112.0/20 maxlen: 24
116.103.128.0/17 maxlen: 24
116.104.0.0/16 maxlen: 24
116.105.0.0/16 maxlen: 24
116.106.0.0/16 maxlen: 24
116.107.0.0/16 maxlen: 24
116.108.0.0/16 maxlen: 24
116.109.0.0/16 maxlen: 24
116.110.0.0/16 maxlen: 24
116.111.0.0/17 maxlen: 24
116.111.128.0/19 maxlen: 24
116.111.160.0/20 maxlen: 24
116.111.184.0/21 maxlen: 24
117.0.0.0/13 maxlen: 24
125.212.128.0/20 maxlen: 24
125.212.144.0/23 maxlen: 24
125.212.148.0/23 maxlen: 24
125.212.150.0/23 maxlen: 24
125.212.152.0/23 maxlen: 24
125.212.154.0/23 maxlen: 24
125.212.156.0/23 maxlen: 24
125.212.158.0/23 maxlen: 24
125.212.160.0/20 maxlen: 24
125.212.176.0/20 maxlen: 24
125.214.0.0/20 maxlen: 24
125.234.0.0/17 maxlen: 24
125.234.128.0/19 maxlen: 24
125.234.176.0/20 maxlen: 24
125.234.192.0/18 maxlen: 24
125.235.0.0/16 maxlen: 24
171.224.0.0/11 maxlen: 24
203.113.128.0/19 maxlen: 24
203.113.160.0/21 maxlen: 24
203.113.168.0/22 maxlen: 24
203.113.176.0/20 maxlen: 24
203.190.160.0/20 maxlen: 24
220.231.64.0/18 maxlen: 24
2401:d800::/32 maxlen: 48
2402:800::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 15:32:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19553 (0x4c61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Aug 14 17:49:16 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=689e219b-f75c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:a8:10:33:bf:ea:7f:8e:de:2c:4f:5a:9e:5c:
a8:28:70:b1:f7:02:32:64:a7:1e:24:d2:1c:d0:f2:
e6:34:85:c5:a2:ce:16:64:80:cd:9e:6a:9d:dd:ef:
1e:46:6c:95:92:2b:5b:31:24:b1:01:e8:7a:a8:61:
6a:df:e3:4f:69:d6:76:63:c6:a8:55:6e:e7:11:81:
05:81:c3:89:fb:b3:ae:43:e5:55:0b:ea:f9:a9:9b:
6b:39:d7:06:8b:31:3a:27:b6:61:8c:c6:0d:7a:6c:
27:ae:86:bd:23:95:58:9d:95:70:0e:9e:43:fe:a3:
da:3a:69:ca:b4:21:16:dd:07:1b:15:b0:25:2a:46:
0e:dc:eb:ce:3a:08:eb:6f:44:40:a7:65:26:6d:68:
b2:36:4b:80:ef:90:ce:54:02:06:bb:ba:24:8a:e8:
29:5b:50:f1:f0:6e:17:c3:e9:e5:00:fb:64:50:53:
c1:16:f0:3e:4d:90:48:3e:eb:cd:b4:0d:dd:07:6a:
8f:dc:07:20:1c:15:54:15:5b:f6:63:d7:30:8e:e7:
ac:64:31:0f:aa:c9:73:16:ba:51:42:a7:f7:7f:f5:
a0:0a:de:39:1b:94:03:9e:7f:54:97:36:c7:42:3e:
02:07:46:21:57:79:88:7b:0e:e2:f8:52:4d:74:28:
c0:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:63:03:6C:9C:BD:7B:5D:7D:6C:A5:4D:C0:10:61:D5:25:23:9E:F6
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/6ABB2DBE793211F0B46B9927C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.64.0.0/12
103.84.76.0/22
115.72.0.0/13
116.96.0.0-116.97.183.255
116.97.192.0-116.103.103.255
116.103.112.0-116.111.175.255
116.111.184.0/21
117.0.0.0/13
125.212.128.0-125.212.145.255
125.212.148.0-125.212.191.255
125.214.0.0/20
125.234.0.0-125.234.159.255
125.234.176.0-125.235.255.255
171.224.0.0/11
203.113.128.0-203.113.171.255
203.113.176.0/20
203.190.160.0/20
220.231.64.0/18
IPv6:
2401:d800::/32
2402:800::/32
Signature Algorithm: sha256WithRSAEncryption
0d:00:79:13:01:c4:22:8a:2a:5a:bf:58:a5:99:26:3e:e5:80:
98:9d:fd:2b:47:59:b3:1a:44:ba:65:c3:10:fd:9a:5f:74:2c:
d6:53:94:4a:e3:0f:67:92:87:2f:21:97:f9:da:d5:c4:01:f3:
14:69:9e:c3:a3:4c:e7:e6:63:ad:d9:54:bc:fd:c0:1a:fa:0b:
ad:83:a0:91:98:40:5f:e4:1c:20:13:94:90:21:4e:9e:c8:ac:
1f:df:4f:8f:44:41:05:9a:ac:5a:c5:f7:39:25:d4:75:4a:9d:
11:08:ab:3a:78:0c:6f:4b:c0:01:a2:7b:15:3a:68:1c:70:b9:
c8:e8:32:2c:e0:99:57:e0:f1:cc:4d:45:b0:d1:a5:69:89:b4:
3b:91:68:e6:b6:b5:7d:63:5e:e9:e2:fd:f1:23:d4:37:ff:51:
8a:80:c9:3c:ad:af:a5:3c:7b:18:09:ee:e4:f4:70:6f:2b:30:
cf:41:44:13:8e:0a:58:c5:93:be:36:01:3d:a0:b6:3a:99:ec:
3a:32:3e:b8:78:0b:ab:73:b8:20:f7:15:64:82:c1:e6:56:99:
43:74:18:17:4c:e3:79:50:f8:cc:b0:67:3c:21:50:6c:5e:28:
b9:63:fd:ad:15:30:4d:53:e6:22:74:ac:d0:4e:f9:da:66:25:
18:7b:4b:d1
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgICTGEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjUwODE0MTc0OTE2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODllMjE5Yi1mNzVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3KgQM7/qf47eLE9anlyoKHCx9wIyZKceJNIc0PLmNIXFos4WZIDNnmqd3e8e
RmyVkitbMSSxAeh6qGFq3+NPadZ2Y8aoVW7nEYEFgcOJ+7OuQ+VVC+r5qZtrOdcG
izE6J7ZhjMYNemwnroa9I5VYnZVwDp5D/qPaOmnKtCEW3QcbFbAlKkYO3OvOOgjr
b0RAp2UmbWiyNkuA75DOVAIGu7okiugpW1Dx8G4Xw+nlAPtkUFPBFvA+TZBIPuvN
tA3dB2qP3AcgHBVUFVv2Y9cwjuesZDEPqslzFrpRQqf3f/WgCt45G5QDnn9UlzbH
Qj4CB0YhV3mIew7i+FJNdCjALwIDAQABo4IDTzCCA0swHQYDVR0OBBYEFH9jA2yc
vXtdfWylTcAQYdUlI572MB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvNkFCQjJEQkU3
OTMyMTFGMEI0NkI5OTI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgdgGCCsGAQUFBwEHAQH/
BIHIMIHFMIGsBAIAATCBpQMDBBtAAwQCZ1RMAwMDc0gwCwMDBXRgAwQDdGGwMAwD
BAZ0YcADBAN0Z2AwDAMEBHRncAMEBHRvoAMEA3RvuAMDA3UAMAwDBAd91IADBAF9
1JAwDAMEAn3UlAMEBn3UgAMEBH3WADALAwMBfeoDBAV96oAwCwMEBH3qsAMDAn3o
AwMFq+AwDAMEB8txgAMEAstxqAMEBMtxsAMEBMu+oAMEBtznQDAUBAIAAjAOAwUA
JAHYAAMFACQCCAAwDQYJKoZIhvcNAQELBQADggEBAA0AeRMBxCKKKlq/WKWZJj7l
gJid/StHWbMaRLplwxD9ml90LNZTlErjD2eShy8hl/na1cQB8xRpnsOjTOfmY63Z
VLz9wBr6C62DoJGYQF/kHCATlJAhTp7IrB/fT49EQQWarFrF9zkl1HVKnREIqzp4
DG9LwAGiexU6aBxwucjoMizgmVfg8cxNRbDRpWmJtDuRaOa2tX1jXuni/fEj1Df/
UYqAyTytr6U8exgJ7uT0cG8rMM9BRBOOCljFk742AT2gtjqZ7DoyPrh4C6tzuCD3
FWSCweZWmUN0GBdM43lQ+MywZzwhUGxeKLlj/a0VME1T5iJ0rNBO+dpmJRh7S9E=
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:59:24 2025 by rpki-client