Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/C27C0758916B11EF81BBB521C4F9AE02.roa
File: C27C0758916B11EF81BBB521C4F9AE02.roa (raw, json)
Hash identifier: f5OUElPsm2tpVZTeyclP8kwzz8IWY0doYj0gB+cS9fQ=
Subject key identifier: 1A:A2:33:1A:DC:F9:F1:47:33:54:0D:43:30:B7:6D:62:55:C6:4D:E2
Certificate issuer: /CN=A91A7169/serialNumber=E50CB250BFAD0863E85C2902EA0219D53CC0812E
Certificate serial: 01A1
Authority key identifier: E5:0C:B2:50:BF:AD:08:63:E8:5C:29:02:EA:02:19:D5:3C:C0:81:2E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5QyyUL-tCGPoXCkC6gIZ1TzAgS4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/C27C0758916B11EF81BBB521C4F9AE02.roa
Signing time: Fri 17 Oct 2025 20:18:50 +0000
ROA not before: Fri 17 Oct 2025 20:18:50 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 53813
IP address blocks: 101.2.192.0/24 maxlen: 24
101.2.193.0/24 maxlen: 24
101.2.194.0/24 maxlen: 24
101.2.195.0/24 maxlen: 24
101.2.196.0/24 maxlen: 24
101.2.197.0/24 maxlen: 24
101.2.198.0/24 maxlen: 24
101.2.199.0/24 maxlen: 24
101.2.200.0/24 maxlen: 24
101.2.201.0/24 maxlen: 24
101.2.202.0/23 maxlen: 24
101.2.206.0/24 maxlen: 24
101.2.207.0/24 maxlen: 24
101.2.208.0/24 maxlen: 24
101.2.209.0/24 maxlen: 24
101.2.216.0/23 maxlen: 24
101.2.222.0/23 maxlen: 24
101.2.224.0/23 maxlen: 24
101.2.226.0/23 maxlen: 24
101.2.228.0/23 maxlen: 24
101.2.230.0/23 maxlen: 24
101.2.232.0/23 maxlen: 24
101.2.234.0/23 maxlen: 24
101.2.236.0/23 maxlen: 24
101.2.238.0/23 maxlen: 24
175.107.128.0/23 maxlen: 24
175.107.130.0/23 maxlen: 24
175.107.132.0/23 maxlen: 24
175.107.134.0/24 maxlen: 24
175.107.160.0/23 maxlen: 24
175.107.190.0/24 maxlen: 24
2400:7aa0:1200::/40 maxlen: 48
2400:7aa0:1300::/40 maxlen: 48
2400:7aa0:1400::/40 maxlen: 48
2400:7aa0:1500::/40 maxlen: 48
2400:7aa0:1600::/40 maxlen: 48
2400:7aa0:1700::/40 maxlen: 48
2400:7aa0:1800::/40 maxlen: 48
2400:7aa0:1900::/40 maxlen: 48
2400:7aa0:1a00::/40 maxlen: 48
2400:7aa0:1b00::/40 maxlen: 48
2400:7aa0:1c00::/40 maxlen: 48
2400:7aa0:1d00::/40 maxlen: 40
2400:7aa0:1e00::/40 maxlen: 48
2400:7aa0:1f00::/40 maxlen: 48
2400:7aa0:2200::/40 maxlen: 48
2400:7aa0:2300::/40 maxlen: 48
2400:7aa0:2400::/40 maxlen: 48
2400:7aa0:2500::/40 maxlen: 48
2400:7aa0:2600::/40 maxlen: 48
2400:7aa0:2800::/40 maxlen: 48
2400:7aa0:2900::/40 maxlen: 48
2400:7aa0:2c00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/5QyyUL-tCGPoXCkC6gIZ1TzAgS4.crl
rsync://rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/5QyyUL-tCGPoXCkC6gIZ1TzAgS4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5QyyUL-tCGPoXCkC6gIZ1TzAgS4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 26 Oct 2025 07:31:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 417 (0x1a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A7169, serialNumber=E50CB250BFAD0863E85C2902EA0219D53CC0812E
Validity
Not Before: Oct 17 20:18:50 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=68f2a4aa-ac1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:75:9d:59:50:6b:81:f5:d6:4a:0a:65:8a:95:
b6:0f:88:88:96:d8:22:80:8a:93:74:e0:d3:06:6d:
fe:8a:2a:17:b9:75:30:19:00:67:e9:6d:1a:eb:0c:
0c:a5:a3:4c:23:41:18:dc:e7:14:e6:c1:8a:8e:2f:
59:ed:65:2a:a6:cb:c3:c0:a8:ed:61:9f:5b:96:bb:
a0:3a:56:13:eb:54:d2:ec:44:f6:73:f7:da:51:42:
58:09:73:b2:d7:e7:12:a8:1d:75:6c:6d:b1:02:29:
f2:82:8d:7c:ce:56:1d:31:2b:f1:32:2f:39:3d:e9:
8a:37:80:8f:0b:08:b5:64:4a:1b:43:3e:c1:e6:5b:
cb:26:be:1c:3f:5f:93:f0:51:ee:18:d3:88:47:ac:
66:a1:8d:0e:12:e7:c3:2e:96:9a:93:95:fa:d8:4e:
a5:87:30:ee:69:6b:6c:af:79:2c:d8:62:bc:36:57:
c5:b0:bc:99:4b:b1:7c:6b:62:d8:64:d6:33:fc:bd:
7b:7c:d0:19:ed:22:a1:8e:07:9a:b2:85:e1:78:fc:
59:d5:9d:10:7c:2b:90:60:26:c3:5a:b9:8f:5e:f1:
31:d9:83:81:27:ac:98:9a:08:48:14:42:8d:57:4b:
62:d2:98:5f:f8:90:ec:3e:08:e4:2e:d7:f6:42:41:
bf:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:A2:33:1A:DC:F9:F1:47:33:54:0D:43:30:B7:6D:62:55:C6:4D:E2
X509v3 Authority Key Identifier:
keyid:E5:0C:B2:50:BF:AD:08:63:E8:5C:29:02:EA:02:19:D5:3C:C0:81:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/5QyyUL-tCGPoXCkC6gIZ1TzAgS4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5QyyUL-tCGPoXCkC6gIZ1TzAgS4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/C27C0758916B11EF81BBB521C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.2.192.0-101.2.203.255
101.2.206.0-101.2.209.255
101.2.216.0/23
101.2.222.0-101.2.239.255
175.107.128.0-175.107.134.255
175.107.160.0/23
175.107.190.0/24
IPv6:
2400:7aa0:1200::-2400:7aa0:1fff:ffff:ffff:ffff:ffff:ffff
2400:7aa0:2200::-2400:7aa0:26ff:ffff:ffff:ffff:ffff:ffff
2400:7aa0:2800::/39
2400:7aa0:2c00::/40
Signature Algorithm: sha256WithRSAEncryption
2d:f1:14:3f:59:53:d0:7a:ec:e8:f4:d6:f5:45:68:36:da:7d:
ae:85:2a:f1:a4:1b:7c:f3:eb:91:e6:ad:7f:7a:c7:73:f0:3e:
72:f5:b3:3b:c6:7c:36:8b:3b:e6:11:28:35:4f:cb:8c:9b:bb:
c3:f5:a6:25:64:0a:ff:8f:b5:54:0f:62:3b:3e:8b:e3:00:18:
af:dc:77:e0:6d:8e:4f:8e:37:85:ec:da:3f:9c:40:93:70:8b:
1f:a3:7d:10:ac:a4:d0:9b:9b:8a:97:1d:80:2c:5f:25:e2:d1:
dc:d8:42:ba:b1:84:f2:be:bb:e5:b9:c2:3c:b1:39:b5:00:38:
87:12:5d:48:7c:95:1f:08:11:4e:04:78:a0:c9:8f:9a:44:27:
31:30:61:d6:0a:63:08:83:0a:5f:bc:d6:47:ea:62:3b:84:69:
cc:b8:c3:cf:61:d2:74:af:38:7d:49:12:12:bb:c4:1e:6f:37:
25:74:a6:03:d1:0c:56:d1:d3:0f:be:3c:21:4d:1a:52:20:d1:
08:fa:0b:34:9c:f4:cc:28:62:24:65:e5:1d:2a:89:c1:80:ea:
af:71:61:6a:e6:50:16:b4:ef:cc:6c:24:6e:a0:f3:1d:32:6a:
75:e5:28:84:4d:0a:9c:53:af:d1:cb:0b:bc:79:f2:6a:e6:fb:
eb:ef:0e:fb
-----BEGIN CERTIFICATE-----
MIIF9DCCBNygAwIBAgICAaEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTcxNjkxMTAvBgNVBAUTKEU1MENCMjUwQkZBRDA4NjNFODVDMjkwMkVBMDIxOUQ1
M0NDMDgxMkUwHhcNMjUxMDE3MjAxODUwWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGYyYTRhYS1hYzFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5HWdWVBrgfXWSgplipW2D4iIltgigIqTdODTBm3+iioXuXUwGQBn6W0a6wwM
paNMI0EY3OcU5sGKji9Z7WUqpsvDwKjtYZ9blrugOlYT61TS7ET2c/faUUJYCXOy
1+cSqB11bG2xAinygo18zlYdMSvxMi85PemKN4CPCwi1ZEobQz7B5lvLJr4cP1+T
8FHuGNOIR6xmoY0OEufDLpaak5X62E6lhzDuaWtsr3ks2GK8NlfFsLyZS7F8a2LY
ZNYz/L17fNAZ7SKhjgeasoXhePxZ1Z0QfCuQYCbDWrmPXvEx2YOBJ6yYmghIFEKN
V0ti0phf+JDsPgjkLtf2QkG/WwIDAQABo4IDGDCCAxQwHQYDVR0OBBYEFBqiMxrc
+fFHM1QNQzC3bWJVxk3iMB8GA1UdIwQYMBaAFOUMslC/rQhj6FwpAuoCGdU8wIEu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNzE2OS82QjdGOTkzQ0VC
QUUxMUVFOEEwRUQ5NjRDNEY5QUUwMi81UXl5VUwtdENHUG9YQ2tDNmdJWjFUekFn
UzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVReXlVTC10Q0dQb1hDa0M2Z0laMVR6QWdTNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTcxNjkvNkI3Rjk5M0NFQkFFMTFFRThBMEVEOTY0QzRGOUFFMDIvQzI3QzA3NTg5
MTZCMTFFRjgxQkJCNTIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaEGCCsGAQUFBwEHAQH/
BIGRMIGOMFAEAgABMEowDAMEBmUCwAMEAmUCyDAMAwQBZQLOAwQBZQLQAwQBZQLY
MAwDBAFlAt4DBARlAuAwDAMEB69rgAMEAK9rhgMEAa9roAMEAK9rvjA6BAIAAjA0
MBADBgEkAHqgEgMGBSQAeqAAMBADBgEkAHqgIgMGACQAeqAmAwYBJAB6oCgDBgAk
AHqgLDANBgkqhkiG9w0BAQsFAAOCAQEALfEUP1lT0Hrs6PTW9UVoNtp9roUq8aQb
fPPrkeatf3rHc/A+cvWzO8Z8Nos75hEoNU/LjJu7w/WmJWQK/4+1VA9iOz6L4wAY
r9x34G2OT443hezaP5xAk3CLH6N9EKyk0JubipcdgCxfJeLR3NhCurGE8r675bnC
PLE5tQA4hxJdSHyVHwgRTgR4oMmPmkQnMTBh1gpjCIMKX7zWR+piO4RpzLjDz2HS
dK84fUkSErvEHm83JXSmA9EMVtHTD748IU0aUiDRCPoLNJz0zChiJGXlHSqJwYDq
r3FhauZQFrTvzGwkbqDzHTJqdeUohE0KnFOv0csLvHnyaub76+8O+w==
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:47:47 2025 by rpki-client