Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/C27C0758916B11EF81BBB521C4F9AE02.roa
File: C27C0758916B11EF81BBB521C4F9AE02.roa (raw, json)
Hash identifier: u4ZeIm55OlvtJa5xkJPsK+Sx0fmqtrRR5MwFJtCnobE=
Subject key identifier: AC:EA:08:80:FC:67:A0:E4:83:74:65:29:F5:40:DD:60:63:4E:62:87
Certificate issuer: /CN=A91A7169/serialNumber=E50CB250BFAD0863E85C2902EA0219D53CC0812E
Certificate serial: 0166
Authority key identifier: E5:0C:B2:50:BF:AD:08:63:E8:5C:29:02:EA:02:19:D5:3C:C0:81:2E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5QyyUL-tCGPoXCkC6gIZ1TzAgS4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/C27C0758916B11EF81BBB521C4F9AE02.roa
Signing time: Wed 20 Aug 2025 20:55:38 +0000
ROA not before: Wed 20 Aug 2025 20:55:38 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 53813
IP address blocks: 101.2.192.0/24 maxlen: 24
101.2.193.0/24 maxlen: 24
101.2.194.0/24 maxlen: 24
101.2.195.0/24 maxlen: 24
101.2.196.0/24 maxlen: 24
101.2.197.0/24 maxlen: 24
101.2.198.0/24 maxlen: 24
101.2.199.0/24 maxlen: 24
101.2.200.0/24 maxlen: 24
101.2.201.0/24 maxlen: 24
175.107.128.0/23 maxlen: 24
175.107.130.0/23 maxlen: 24
175.107.190.0/24 maxlen: 24
2400:7aa0:1200::/40 maxlen: 48
2400:7aa0:1300::/40 maxlen: 48
2400:7aa0:1400::/40 maxlen: 48
2400:7aa0:1500::/40 maxlen: 48
2400:7aa0:1600::/40 maxlen: 48
2400:7aa0:1700::/40 maxlen: 48
2400:7aa0:1800::/40 maxlen: 48
2400:7aa0:1900::/40 maxlen: 48
2400:7aa0:1a00::/40 maxlen: 48
2400:7aa0:1b00::/40 maxlen: 48
2400:7aa0:1c00::/40 maxlen: 48
2400:7aa0:1d00::/40 maxlen: 40
2400:7aa0:1e00::/40 maxlen: 48
2400:7aa0:1f00::/40 maxlen: 48
2400:7aa0:2200::/40 maxlen: 48
2400:7aa0:2300::/40 maxlen: 48
2400:7aa0:2400::/40 maxlen: 48
2400:7aa0:2500::/40 maxlen: 48
2400:7aa0:2600::/40 maxlen: 48
2400:7aa0:2800::/40 maxlen: 48
2400:7aa0:2900::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/5QyyUL-tCGPoXCkC6gIZ1TzAgS4.crl
rsync://rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/5QyyUL-tCGPoXCkC6gIZ1TzAgS4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5QyyUL-tCGPoXCkC6gIZ1TzAgS4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Aug 2025 05:10:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 358 (0x166)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A7169, serialNumber=E50CB250BFAD0863E85C2902EA0219D53CC0812E
Validity
Not Before: Aug 20 20:55:38 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=68a6364a-9aef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9a:33:5c:fc:c7:ef:3f:2b:95:8c:86:ed:da:
03:e2:20:5b:0f:75:0e:3a:c6:1b:3a:10:48:cc:4b:
f8:57:f0:a5:aa:e1:d6:07:1a:87:3c:f1:08:16:97:
3f:b0:6c:b1:ab:9f:b1:3e:b3:23:39:a1:50:e9:4d:
b6:47:23:63:a4:ea:a3:b1:02:18:90:4c:15:79:cc:
c2:00:23:2f:c0:d4:5c:02:a2:71:89:0d:c6:60:b8:
d6:e6:e4:51:51:64:67:25:77:d7:86:18:c9:f3:15:
85:8f:e0:9c:b5:ad:23:e6:bf:7f:89:33:89:5d:ec:
98:fc:d1:26:3c:ac:dd:a1:8b:bf:02:c9:17:63:01:
73:a4:7d:51:63:4e:3d:18:05:d1:aa:28:cf:23:40:
24:3d:c0:4a:37:74:80:c3:5c:6b:b8:e6:82:ee:c7:
9a:ff:54:6e:2b:53:54:47:c4:1a:ea:d8:45:9f:17:
22:07:3c:a2:52:68:3b:49:38:ee:31:bf:de:59:71:
24:b0:56:00:50:fa:63:05:f0:ea:5d:3b:b5:e9:7c:
fd:68:87:33:6f:87:ac:27:d1:6d:d9:91:8b:0f:93:
6f:7a:3f:a0:75:d9:72:1f:66:bb:ab:78:2a:06:38:
49:93:18:4b:59:91:18:c0:d3:88:ae:de:47:6f:0b:
79:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:EA:08:80:FC:67:A0:E4:83:74:65:29:F5:40:DD:60:63:4E:62:87
X509v3 Authority Key Identifier:
keyid:E5:0C:B2:50:BF:AD:08:63:E8:5C:29:02:EA:02:19:D5:3C:C0:81:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/5QyyUL-tCGPoXCkC6gIZ1TzAgS4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5QyyUL-tCGPoXCkC6gIZ1TzAgS4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7169/6B7F993CEBAE11EE8A0ED964C4F9AE02/C27C0758916B11EF81BBB521C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.2.192.0-101.2.201.255
175.107.128.0/22
175.107.190.0/24
IPv6:
2400:7aa0:1200::-2400:7aa0:1fff:ffff:ffff:ffff:ffff:ffff
2400:7aa0:2200::-2400:7aa0:26ff:ffff:ffff:ffff:ffff:ffff
2400:7aa0:2800::/39
Signature Algorithm: sha256WithRSAEncryption
1f:78:9a:2a:87:e3:9a:44:0b:77:dc:d8:b0:34:94:b7:1f:e8:
be:50:a0:5e:20:f0:98:39:ec:f4:2b:b1:ac:5d:41:b2:37:99:
20:68:a1:bd:bc:98:ba:0c:11:ea:14:b1:b0:72:a4:fb:6a:62:
3f:ba:10:e1:a7:3c:21:87:5c:67:46:92:a8:b5:08:00:47:69:
d3:ff:00:53:b4:d2:7e:64:56:f4:87:25:22:e8:24:b7:67:0a:
c9:31:16:74:58:8c:3d:d4:c1:f0:1c:96:3c:13:39:c6:9c:95:
d8:2b:10:27:d7:59:23:8d:3c:29:21:52:55:f8:3e:e8:c1:d7:
aa:a1:e0:32:1f:e5:14:43:d8:c2:dc:f2:de:f0:42:88:34:93:
3c:14:6c:a5:0a:da:cc:8c:77:bc:f4:87:9d:73:f6:45:a8:e3:
68:fb:5e:d3:fe:dc:22:67:3c:7e:28:d8:bc:ee:ec:6e:b6:22:
3c:44:2a:26:08:8d:21:1a:bf:62:68:b6:59:0a:0b:86:c4:6b:
3e:74:1f:46:7b:07:d6:bb:16:7c:67:ca:e1:2f:d0:c9:2f:f9:
3c:02:44:9e:c1:bd:e7:be:33:ed:bd:5d:14:35:25:fb:63:73:
f4:b2:c3:8b:3b:4d:a8:e6:2b:95:b7:a8:ac:51:d9:3a:8a:d3:
72:16:f5:fc
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgICAWYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTcxNjkxMTAvBgNVBAUTKEU1MENCMjUwQkZBRDA4NjNFODVDMjkwMkVBMDIxOUQ1
M0NDMDgxMkUwHhcNMjUwODIwMjA1NTM4WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGE2MzY0YS05YWVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwZozXPzH7z8rlYyG7doD4iBbD3UOOsYbOhBIzEv4V/ClquHWBxqHPPEIFpc/
sGyxq5+xPrMjOaFQ6U22RyNjpOqjsQIYkEwVeczCACMvwNRcAqJxiQ3GYLjW5uRR
UWRnJXfXhhjJ8xWFj+Ccta0j5r9/iTOJXeyY/NEmPKzdoYu/AskXYwFzpH1RY049
GAXRqijPI0AkPcBKN3SAw1xruOaC7sea/1RuK1NUR8Qa6thFnxciBzyiUmg7STju
Mb/eWXEksFYAUPpjBfDqXTu16Xz9aIczb4esJ9Ft2ZGLD5Nvej+gddlyH2a7q3gq
BjhJkxhLWZEYwNOIrt5Hbwt5fwIDAQABo4IC3TCCAtkwHQYDVR0OBBYEFKzqCID8
Z6Dkg3RlKfVA3WBjTmKHMB8GA1UdIwQYMBaAFOUMslC/rQhj6FwpAuoCGdU8wIEu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNzE2OS82QjdGOTkzQ0VC
QUUxMUVFOEEwRUQ5NjRDNEY5QUUwMi81UXl5VUwtdENHUG9YQ2tDNmdJWjFUekFn
UzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVReXlVTC10Q0dQb1hDa0M2Z0laMVR6QWdTNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTcxNjkvNkI3Rjk5M0NFQkFFMTFFRThBMEVEOTY0QzRGOUFFMDIvQzI3QzA3NTg5
MTZCMTFFRjgxQkJCNTIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZwYIKwYBBQUHAQcBAf8E
WDBWMCAEAgABMBowDAMEBmUCwAMEAWUCyAMEAq9rgAMEAK9rvjAyBAIAAjAsMBAD
BgEkAHqgEgMGBSQAeqAAMBADBgEkAHqgIgMGACQAeqAmAwYBJAB6oCgwDQYJKoZI
hvcNAQELBQADggEBAB94miqH45pEC3fc2LA0lLcf6L5QoF4g8Jg57PQrsaxdQbI3
mSBoob28mLoMEeoUsbBypPtqYj+6EOGnPCGHXGdGkqi1CABHadP/AFO00n5kVvSH
JSLoJLdnCskxFnRYjD3UwfAcljwTOcacldgrECfXWSONPCkhUlX4PujB16qh4DIf
5RRD2MLc8t7wQog0kzwUbKUK2syMd7z0h51z9kWo42j7XtP+3CJnPH4o2Lzu7G62
IjxEKiYIjSEav2JotlkKC4bEaz50H0Z7B9a7FnxnyuEv0Mkv+TwCRJ7Bvee+M+29
XRQ1Jftjc/Syw4s7TajmK5W3qKxR2TqK03IW9fw=
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:08:24 2025 by rpki-client