Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/8E0F37D4AD9911EF8F5AF92EC4F9AE02.roa
File: 8E0F37D4AD9911EF8F5AF92EC4F9AE02.roa (raw, json)
Hash identifier: AaHslNAvyFB1N0UKdtTkIgpVE4VBUIY1l01evtGLYPA=
Subject key identifier: 33:64:42:CF:0B:0D:67:99:C3:4D:FF:4B:B1:91:02:AC:FC:FF:A1:26
Certificate issuer: /CN=A91AA48F/serialNumber=BE0E7A890F7281C654632E8BE80EBBF9FFB56503
Certificate serial: 3515
Authority key identifier: BE:0E:7A:89:0F:72:81:C6:54:63:2E:8B:E8:0E:BB:F9:FF:B5:65:03
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/8E0F37D4AD9911EF8F5AF92EC4F9AE02.roa
Signing time: Thu 02 Oct 2025 14:40:49 +0000
ROA not before: Thu 02 Oct 2025 14:40:49 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 45143
IP address blocks: 14.100.128.0/17 maxlen: 24
111.65.31.0/24 maxlen: 24
111.65.32.0/24 maxlen: 24
111.65.33.0/24 maxlen: 24
111.65.34.0/24 maxlen: 24
111.65.35.0/24 maxlen: 24
111.65.36.0/24 maxlen: 24
111.65.37.0/24 maxlen: 24
111.65.38.0/24 maxlen: 24
111.65.39.0/24 maxlen: 24
111.65.40.0/24 maxlen: 24
111.65.41.0/24 maxlen: 24
111.65.42.0/24 maxlen: 24
111.65.43.0/24 maxlen: 24
111.65.44.0/24 maxlen: 24
111.65.45.0/24 maxlen: 24
111.65.46.0/24 maxlen: 24
111.65.47.0/24 maxlen: 24
111.65.48.0/24 maxlen: 24
111.65.49.0/24 maxlen: 24
111.65.50.0/24 maxlen: 24
111.65.51.0/24 maxlen: 24
111.65.52.0/24 maxlen: 24
111.65.53.0/24 maxlen: 24
111.65.54.0/24 maxlen: 24
111.65.55.0/24 maxlen: 24
111.65.56.0/24 maxlen: 24
111.65.57.0/24 maxlen: 24
111.65.58.0/24 maxlen: 24
111.65.59.0/24 maxlen: 24
111.65.60.0/24 maxlen: 24
111.65.61.0/24 maxlen: 24
111.65.62.0/24 maxlen: 24
111.65.63.0/24 maxlen: 24
111.65.64.0/24 maxlen: 24
111.65.65.0/24 maxlen: 24
111.65.66.0/24 maxlen: 24
111.65.67.0/24 maxlen: 24
111.65.68.0/24 maxlen: 24
111.65.69.0/24 maxlen: 24
111.65.70.0/24 maxlen: 24
111.65.71.0/24 maxlen: 24
111.65.72.0/24 maxlen: 24
111.65.73.0/24 maxlen: 24
111.65.74.0/24 maxlen: 24
111.65.75.0/24 maxlen: 24
111.65.76.0/24 maxlen: 24
111.65.77.0/24 maxlen: 24
111.65.78.0/24 maxlen: 24
111.65.79.0/24 maxlen: 24
180.255.128.0/17 maxlen: 24
202.78.56.0/24 maxlen: 24
202.78.57.0/24 maxlen: 24
202.78.58.0/24 maxlen: 24
2400:1c00:1::/48 maxlen: 48
2400:1c00:2::/48 maxlen: 48
2400:1c00:3::/48 maxlen: 48
2400:1c00:4::/48 maxlen: 48
2400:1c00:b::/48 maxlen: 48
2400:1c00:c::/48 maxlen: 48
2400:1c00:1a::/48 maxlen: 48
2400:1c00:1b::/48 maxlen: 48
2400:1c00:1c::/48 maxlen: 48
2400:1c00:1e::/48 maxlen: 48
2400:1c00:1f::/48 maxlen: 48
2400:1c00:20::/44 maxlen: 44
2400:1c00:30::/44 maxlen: 44
2400:1c00:40::/44 maxlen: 44
2400:1c00:50::/44 maxlen: 44
2400:1c00:64::/48 maxlen: 48
2400:1c00:66::/48 maxlen: 48
2400:1c00:70::/44 maxlen: 44
2400:1c00:80::/43 maxlen: 43
2400:1c00:a0::/43 maxlen: 43
2400:1c00:f0::/44 maxlen: 44
2400:1c00:100::/44 maxlen: 44
2400:1c00:110::/44 maxlen: 44
2400:1c00:120::/44 maxlen: 44
2400:1c00:130::/44 maxlen: 44
2400:1c00:140::/44 maxlen: 44
2400:1c00:150::/44 maxlen: 44
2400:1c00:160::/44 maxlen: 44
2400:1c00:190::/44 maxlen: 44
2400:1c00:1a0::/44 maxlen: 44
2400:1c00:1b0::/44 maxlen: 44
2400:1c00:1d0::/44 maxlen: 44
2400:1c00:1e0::/44 maxlen: 44
2400:1c00:220::/44 maxlen: 44
2400:1c00:230::/44 maxlen: 44
2400:1c00:310::/45 maxlen: 45
2400:1c00:318::/45 maxlen: 45
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.crl
rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 14:41:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13589 (0x3515)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AA48F, serialNumber=BE0E7A890F7281C654632E8BE80EBBF9FFB56503
Validity
Not Before: Oct 2 14:40:49 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=68de8ef1-276c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:5e:9a:0b:9c:e0:81:6d:de:ed:13:af:a6:c0:
6f:7f:2b:af:1b:f6:64:71:d6:5a:eb:c8:11:8a:09:
95:0a:c4:5e:62:c5:7f:93:04:c2:af:91:c3:13:30:
57:54:1a:e6:9a:8f:ce:01:27:28:26:55:c4:54:71:
0c:18:97:7a:5f:a5:43:15:61:97:29:36:b5:07:8c:
ef:be:ca:56:df:aa:50:15:f5:a0:8e:84:40:d3:0f:
a4:8d:b3:53:2d:58:cb:dd:46:07:8e:d9:85:c6:b0:
40:0e:db:13:26:10:a8:1f:54:a9:e7:e2:a7:d4:e2:
2c:f3:1b:f2:5d:46:7e:ee:e7:88:72:a9:50:7f:00:
a0:c0:97:16:d7:fe:17:a3:30:e0:42:30:58:d2:1f:
f7:3d:e8:2c:cb:99:5e:4f:bd:1d:bf:db:8c:da:17:
e5:fa:84:b9:45:24:25:28:5e:fc:79:e9:dc:63:0c:
a1:8d:ba:fb:e4:75:8f:48:ae:2f:a4:50:21:f7:26:
c0:f4:6c:45:7d:b8:c8:97:dc:eb:2f:ce:dc:29:be:
32:4d:4f:5f:24:de:fb:bd:b3:af:74:3e:94:f7:cc:
9b:9f:69:99:a7:d9:76:1d:3d:d6:7b:06:3b:e7:e8:
11:4f:ad:92:89:33:73:ad:1f:48:b2:53:8a:4e:63:
c5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:64:42:CF:0B:0D:67:99:C3:4D:FF:4B:B1:91:02:AC:FC:FF:A1:26
X509v3 Authority Key Identifier:
keyid:BE:0E:7A:89:0F:72:81:C6:54:63:2E:8B:E8:0E:BB:F9:FF:B5:65:03
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/8E0F37D4AD9911EF8F5AF92EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.100.128.0/17
111.65.31.0-111.65.79.255
180.255.128.0/17
202.78.56.0-202.78.58.255
IPv6:
2400:1c00:1::-2400:1c00:4:ffff:ffff:ffff:ffff:ffff
2400:1c00:b::-2400:1c00:c:ffff:ffff:ffff:ffff:ffff
2400:1c00:1a::-2400:1c00:1c:ffff:ffff:ffff:ffff:ffff
2400:1c00:1e::-2400:1c00:5f:ffff:ffff:ffff:ffff:ffff
2400:1c00:64::/48
2400:1c00:66::/48
2400:1c00:70::-2400:1c00:bf:ffff:ffff:ffff:ffff:ffff
2400:1c00:f0::-2400:1c00:16f:ffff:ffff:ffff:ffff:ffff
2400:1c00:190::-2400:1c00:1bf:ffff:ffff:ffff:ffff:ffff
2400:1c00:1d0::-2400:1c00:1ef:ffff:ffff:ffff:ffff:ffff
2400:1c00:220::/43
2400:1c00:310::/44
Signature Algorithm: sha256WithRSAEncryption
4c:70:59:26:97:65:ee:07:b8:01:2d:44:e1:fe:4e:36:63:3d:
ba:e1:7a:2a:9c:eb:75:a8:33:75:57:e5:e7:c9:88:6f:90:e5:
77:3b:20:40:3c:07:d4:b7:67:d1:82:de:f2:27:19:b5:a7:44:
7f:9b:50:78:51:d4:45:a6:99:0b:a9:5a:ec:2c:11:4d:ba:a5:
60:b3:1e:ec:1d:fb:4f:ee:10:0d:73:de:09:ae:a2:18:22:ba:
4b:c8:65:1a:63:e9:3f:bd:07:1b:44:71:e8:5f:23:87:d2:00:
63:a0:8f:32:8a:f6:0e:38:71:e1:97:74:66:cd:15:b1:4d:1d:
b3:ca:5b:ce:00:53:7e:64:f5:12:c2:91:4b:aa:cc:65:d1:b5:
5b:6f:ff:ed:cb:b0:44:c8:3f:05:f5:45:02:f3:c8:ac:0c:f5:
82:6f:3f:fa:5a:77:fe:f0:59:0a:f6:50:99:b8:12:7b:f5:ef:
64:0f:1e:b3:f3:4d:38:3d:bf:73:c1:5e:a6:43:bd:45:b8:c6:
99:4b:8f:a6:47:31:37:61:7c:59:0d:76:2e:04:de:d5:a6:23:
df:de:42:3d:fa:7f:f8:9e:d8:c7:33:5b:48:2a:82:0c:2f:ac:
15:e2:67:f1:45:39:3f:77:ff:be:2b:17:a8:97:95:b3:98:b0:
a3:ad:72:6c
-----BEGIN CERTIFICATE-----
MIIGZjCCBU6gAwIBAgICNRUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUE0OEYxMTAvBgNVBAUTKEJFMEU3QTg5MEY3MjgxQzY1NDYzMkU4QkU4MEVCQkY5
RkZCNTY1MDMwHhcNMjUxMDAyMTQ0MDQ5WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGRlOGVmMS0yNzZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtl6aC5zggW3e7ROvpsBvfyuvG/ZkcdZa68gRigmVCsReYsV/kwTCr5HDEzBX
VBrmmo/OAScoJlXEVHEMGJd6X6VDFWGXKTa1B4zvvspW36pQFfWgjoRA0w+kjbNT
LVjL3UYHjtmFxrBADtsTJhCoH1Sp5+Kn1OIs8xvyXUZ+7ueIcqlQfwCgwJcW1/4X
ozDgQjBY0h/3Pegsy5leT70dv9uM2hfl+oS5RSQlKF78eencYwyhjbr75HWPSK4v
pFAh9ybA9GxFfbjIl9zrL87cKb4yTU9fJN77vbOvdD6U98ybn2mZp9l2HT3WewY7
5+gRT62SiTNzrR9IslOKTmPFIwIDAQABo4IDijCCA4YwHQYDVR0OBBYEFDNkQs8L
DWeZw03/S7GRAqz8/6EmMB8GA1UdIwQYMBaAFL4OeokPcoHGVGMui+gOu/n/tWUD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQTQ4Ri84QzgxQTg1NjFE
OEQxMUUyODY2QzUwRUIwOEIwMkNEMi92ZzU2aVE5eWdjWlVZeTZMNkE2Ny1mLTFa
UU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZnNTZpUTl5Z2NaVVl5Nkw2QTY3LWYtMVpRTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUE0OEYvOEM4MUE4NTYxRDhEMTFFMjg2NkM1MEVCMDhCMDJDRDIvOEUwRjM3RDRB
RDk5MTFFRjhGNUFGOTJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggESBggrBgEFBQcBBwEB
/wSCAQEwgf4wLgQCAAEwKAMEBw5kgDAMAwQAb0EfAwQEb0FAAwQHtP+AMAwDBAPK
TjgDBADKTjowgcsEAgACMIHEMBIDBwAkABwAAAEDBwAkABwAAAQwEgMHACQAHAAA
CwMHACQAHAAADDASAwcBJAAcAAAaAwcAJAAcAAAcMBIDBwEkABwAAB4DBwUkABwA
AEADBwAkABwAAGQDBwAkABwAAGYwEgMHBCQAHAAAcAMHBiQAHAAAgDASAwcEJAAc
AADwAwcEJAAcAAFgMBIDBwQkABwAAZADBwYkABwAAYAwEgMHBCQAHAAB0AMHBCQA
HAAB4AMHBSQAHAACIAMHBCQAHAADEDANBgkqhkiG9w0BAQsFAAOCAQEATHBZJpdl
7ge4AS1E4f5ONmM9uuF6KpzrdagzdVfl58mIb5DldzsgQDwH1Ldn0YLe8icZtadE
f5tQeFHURaaZC6la7CwRTbqlYLMe7B37T+4QDXPeCa6iGCK6S8hlGmPpP70HG0Rx
6F8jh9IAY6CPMor2Djhx4Zd0Zs0VsU0ds8pbzgBTfmT1EsKRS6rMZdG1W2//7cuw
RMg/BfVFAvPIrAz1gm8/+lp3/vBZCvZQmbgSe/XvZA8es/NNOD2/c8FepkO9RbjG
mUuPpkcxN2F8WQ12LgTe1aYj395CPfp/+J7YxzNbSCqCDC+sFeJn8UU5P3f/visX
qJeVs5iwo61ybA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 11:35:29 2025 by rpki-client