Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/242CDDFC920011F08F0B626AC4F9AE02.roa
File: 242CDDFC920011F08F0B626AC4F9AE02.roa (raw, json)
Hash identifier: xaW6E2RVG/68K3oyubvn/qIciGnDR32kem1/lj8wYYo=
Subject key identifier: 5B:9D:CC:61:3D:07:35:B7:BD:BF:09:AF:6D:3F:95:D7:1A:A9:46:E1
Certificate issuer: /CN=A91AAEB2/serialNumber=9B98FB7D468983A2C14772733248EFFA3462E126
Certificate serial: 016A
Authority key identifier: 9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/242CDDFC920011F08F0B626AC4F9AE02.roa
Signing time: Mon 15 Sep 2025 06:49:35 +0000
ROA not before: Mon 15 Sep 2025 06:49:35 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 4621
IP address blocks: 103.1.160.0/22 maxlen: 22
202.28.2.0/24 maxlen: 24
202.28.3.0/24 maxlen: 24
202.28.20.0/24 maxlen: 24
202.28.21.0/24 maxlen: 24
202.28.22.0/24 maxlen: 24
202.28.36.0/24 maxlen: 24
202.28.37.0/24 maxlen: 24
202.28.38.0/24 maxlen: 24
202.28.39.0/24 maxlen: 24
202.28.52.0/24 maxlen: 24
202.28.56.0/24 maxlen: 24
202.28.63.0/24 maxlen: 24
202.28.82.0/24 maxlen: 24
202.28.83.0/24 maxlen: 24
202.28.84.0/24 maxlen: 24
202.28.86.0/24 maxlen: 24
202.28.108.0/24 maxlen: 24
202.28.120.0/24 maxlen: 24
202.28.194.0/24 maxlen: 24
202.28.198.0/24 maxlen: 24
202.28.253.0/24 maxlen: 24
202.29.3.0/24 maxlen: 24
202.29.5.0/24 maxlen: 24
202.29.7.0/24 maxlen: 24
202.29.13.0/24 maxlen: 24
202.29.14.0/24 maxlen: 24
202.29.15.0/24 maxlen: 24
202.29.34.0/24 maxlen: 24
202.29.38.0/24 maxlen: 24
202.29.48.0/24 maxlen: 24
202.29.50.0/24 maxlen: 24
202.29.51.0/24 maxlen: 24
202.29.54.0/24 maxlen: 24
202.29.55.0/24 maxlen: 24
202.29.56.0/24 maxlen: 24
202.29.62.0/24 maxlen: 24
202.29.68.0/24 maxlen: 24
202.29.75.0/24 maxlen: 24
202.29.76.0/24 maxlen: 24
202.29.79.0/24 maxlen: 24
202.29.90.0/24 maxlen: 24
202.29.92.0/24 maxlen: 24
202.29.129.0/24 maxlen: 24
202.29.153.0/24 maxlen: 24
202.44.138.0/24 maxlen: 24
202.44.139.0/24 maxlen: 24
203.159.128.0/17 maxlen: 17
203.159.129.0/24 maxlen: 24
203.159.134.0/24 maxlen: 24
203.159.135.0/24 maxlen: 24
203.159.142.0/24 maxlen: 24
203.159.144.0/24 maxlen: 24
203.159.147.0/24 maxlen: 24
203.159.148.0/24 maxlen: 24
203.159.149.0/24 maxlen: 24
203.159.150.0/24 maxlen: 24
203.159.151.0/24 maxlen: 24
203.159.153.0/24 maxlen: 24
203.159.155.0/24 maxlen: 24
203.159.156.0/24 maxlen: 24
203.159.158.0/24 maxlen: 24
203.159.159.0/24 maxlen: 24
203.159.161.0/24 maxlen: 24
203.159.163.0/24 maxlen: 24
203.159.165.0/24 maxlen: 24
203.159.166.0/24 maxlen: 24
203.159.167.0/24 maxlen: 24
203.159.168.0/24 maxlen: 24
203.159.169.0/24 maxlen: 24
203.159.170.0/24 maxlen: 24
203.159.172.0/24 maxlen: 24
203.159.173.0/24 maxlen: 24
203.159.176.0/24 maxlen: 24
203.159.177.0/24 maxlen: 24
203.159.180.0/24 maxlen: 24
203.159.182.0/24 maxlen: 24
203.159.185.0/24 maxlen: 24
203.159.186.0/24 maxlen: 24
203.159.187.0/24 maxlen: 24
203.159.188.0/24 maxlen: 24
203.159.189.0/24 maxlen: 24
203.159.190.0/24 maxlen: 24
203.159.194.0/24 maxlen: 24
203.159.195.0/24 maxlen: 24
203.159.197.0/24 maxlen: 24
203.159.198.0/24 maxlen: 24
203.159.199.0/24 maxlen: 24
203.159.200.0/24 maxlen: 24
203.159.201.0/24 maxlen: 24
203.159.202.0/24 maxlen: 24
203.159.203.0/24 maxlen: 24
203.159.204.0/24 maxlen: 24
203.159.209.0/24 maxlen: 24
203.159.210.0/24 maxlen: 24
203.159.212.0/24 maxlen: 24
203.159.213.0/24 maxlen: 24
203.159.214.0/24 maxlen: 24
203.159.216.0/24 maxlen: 24
203.159.218.0/24 maxlen: 24
203.159.219.0/24 maxlen: 24
203.159.221.0/24 maxlen: 24
203.159.222.0/24 maxlen: 24
203.159.224.0/24 maxlen: 24
203.159.225.0/24 maxlen: 24
203.159.226.0/24 maxlen: 24
203.159.227.0/24 maxlen: 24
203.159.228.0/24 maxlen: 24
203.159.230.0/24 maxlen: 24
203.159.231.0/24 maxlen: 24
203.159.238.0/24 maxlen: 24
203.159.239.0/24 maxlen: 24
203.159.240.0/24 maxlen: 24
203.159.241.0/24 maxlen: 24
203.159.242.0/24 maxlen: 24
203.159.243.0/24 maxlen: 24
203.159.244.0/24 maxlen: 24
203.159.245.0/24 maxlen: 24
203.159.246.0/24 maxlen: 24
203.159.247.0/24 maxlen: 24
203.159.248.0/21 maxlen: 21
2001:3c8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.crl
rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 26 Oct 2025 08:45:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 362 (0x16a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AAEB2, serialNumber=9B98FB7D468983A2C14772733248EFFA3462E126
Validity
Not Before: Sep 15 06:49:35 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=68c7b6ff-e9d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:75:db:df:63:06:68:b1:b3:d1:c1:a0:d9:a5:
4a:62:71:e8:9b:5c:39:c9:a6:95:62:a0:7d:b4:e6:
c8:ab:ca:dd:97:51:7e:ed:51:56:55:ff:da:9c:10:
f4:f1:49:e8:b3:46:85:5c:23:3e:ac:81:63:05:ad:
e1:34:1e:e6:91:85:b2:c0:6a:c0:f3:0f:87:44:54:
fa:25:0a:47:ea:00:9c:ba:ee:a6:4a:ec:17:6c:cf:
f2:91:8d:1e:f8:20:0b:58:8a:4a:b7:bc:09:d8:af:
65:84:f2:fe:91:22:3d:13:49:16:4a:19:bc:c5:86:
45:8b:9f:eb:43:25:39:ad:56:8a:d8:15:8d:96:77:
b4:99:83:f4:e5:e7:00:18:dc:18:ee:f0:36:01:09:
be:d0:1e:52:77:f6:5b:84:a9:92:1d:6e:0a:d6:8e:
9a:d9:60:60:fd:ee:30:29:bb:27:67:c3:28:5f:ce:
6f:97:a5:88:6e:db:b4:4a:35:02:b7:c8:41:29:37:
b0:5e:f2:c0:a9:46:0f:45:a7:10:4d:e8:fd:0b:94:
f7:52:4c:a0:f2:3a:40:af:ac:79:2a:ca:9a:55:45:
6b:cb:06:7b:e6:51:14:a1:4f:65:33:b7:0b:14:71:
94:0a:de:fc:e5:bc:90:2c:12:05:ce:63:d0:06:9d:
d4:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:9D:CC:61:3D:07:35:B7:BD:BF:09:AF:6D:3F:95:D7:1A:A9:46:E1
X509v3 Authority Key Identifier:
keyid:9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/242CDDFC920011F08F0B626AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.1.160.0/22
202.28.2.0/23
202.28.20.0-202.28.22.255
202.28.36.0/22
202.28.52.0/24
202.28.56.0/24
202.28.63.0/24
202.28.82.0-202.28.84.255
202.28.86.0/24
202.28.108.0/24
202.28.120.0/24
202.28.194.0/24
202.28.198.0/24
202.28.253.0/24
202.29.3.0/24
202.29.5.0/24
202.29.7.0/24
202.29.13.0-202.29.15.255
202.29.34.0/24
202.29.38.0/24
202.29.48.0/24
202.29.50.0/23
202.29.54.0-202.29.56.255
202.29.62.0/24
202.29.68.0/24
202.29.75.0-202.29.76.255
202.29.79.0/24
202.29.90.0/24
202.29.92.0/24
202.29.129.0/24
202.29.153.0/24
202.44.138.0/23
203.159.128.0/17
IPv6:
2001:3c8::/32
Signature Algorithm: sha256WithRSAEncryption
26:e9:bf:5c:7f:d6:0c:42:54:b2:59:7e:bd:4f:5e:8d:fd:fa:
f5:64:52:a9:29:e0:41:e2:e5:57:16:07:77:8f:ec:93:f7:14:
6e:28:f3:db:b6:50:66:13:44:a9:18:cb:0e:2b:38:a9:25:97:
6c:60:d3:26:91:78:80:e3:48:bd:4e:1b:cc:11:4c:be:19:11:
e5:bd:a0:8a:2f:3c:74:42:bd:5d:bd:7b:c9:f1:04:e5:c3:5f:
1c:32:21:fd:c0:c2:72:5e:a8:3b:41:99:05:f3:e5:ba:ca:e7:
b2:06:08:07:b6:23:c6:66:ee:88:e2:11:91:5a:b9:83:8a:b1:
56:09:00:e7:12:5d:31:a6:ef:ad:b9:9f:ff:25:06:76:8d:17:
96:07:45:a9:82:6e:0f:c0:48:7f:27:8f:20:c8:92:57:d7:c9:
23:7d:23:23:ad:67:f6:f6:b5:3a:58:91:8b:e2:8d:52:af:0e:
a9:0e:9c:14:44:b7:d9:2a:fc:55:cd:09:06:cf:d2:af:57:30:
8b:ed:dc:f4:94:69:71:08:8e:24:70:1a:1d:5f:d5:e7:78:99:
46:a2:50:c6:ac:f3:f5:aa:eb:e2:33:42:81:4c:c4:fc:8a:5d:
d5:af:89:34:d6:e3:d2:8e:f6:96:65:e0:77:a1:01:ff:38:fb:
97:8b:76:de
-----BEGIN CERTIFICATE-----
MIIGcDCCBVigAwIBAgICAWowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUFFQjIxMTAvBgNVBAUTKDlCOThGQjdENDY4OTgzQTJDMTQ3NzI3MzMyNDhFRkZB
MzQ2MkUxMjYwHhcNMjUwOTE1MDY0OTM1WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGM3YjZmZi1lOWQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqXXb32MGaLGz0cGg2aVKYnHom1w5yaaVYqB9tObIq8rdl1F+7VFWVf/anBD0
8Unos0aFXCM+rIFjBa3hNB7mkYWywGrA8w+HRFT6JQpH6gCcuu6mSuwXbM/ykY0e
+CALWIpKt7wJ2K9lhPL+kSI9E0kWShm8xYZFi5/rQyU5rVaK2BWNlne0mYP05ecA
GNwY7vA2AQm+0B5Sd/ZbhKmSHW4K1o6a2WBg/e4wKbsnZ8MoX85vl6WIbtu0SjUC
t8hBKTewXvLAqUYPRacQTej9C5T3Ukyg8jpAr6x5KsqaVUVrywZ75lEUoU9lM7cL
FHGUCt785byQLBIFzmPQBp3UbQIDAQABo4IDlDCCA5AwHQYDVR0OBBYEFFudzGE9
BzW3vb8Jr20/ldcaqUbhMB8GA1UdIwQYMBaAFJuY+31GiYOiwUdyczJI7/o0YuEm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUVCMi8zOTUyMTAwRTZF
ODMxMUVGQUI3MjYxODBDNEY5QUUwMi9tNWo3ZlVhSmc2TEJSM0p6TWtqdi1qUmk0
U1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL201ajdmVWFKZzZMQlIzSnpNa2p2LWpSaTRTWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUFFQjIvMzk1MjEwMEU2RTgzMTFFRkFCNzI2MTgwQzRGOUFFMDIvMjQyQ0RERkM5
MjAwMTFGMDhGMEI2MjZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEcBggrBgEFBQcBBwEB
/wSCAQswggEHMIH1BAIAATCB7gMEAmcBoAMEAcocAjAMAwQCyhwUAwQAyhwWAwQC
yhwkAwQAyhw0AwQAyhw4AwQAyhw/MAwDBAHKHFIDBADKHFQDBADKHFYDBADKHGwD
BADKHHgDBADKHMIDBADKHMYDBADKHP0DBADKHQMDBADKHQUDBADKHQcwDAMEAMod
DQMEBModAAMEAModIgMEAModJgMEAModMAMEAcodMjAMAwQByh02AwQAyh04AwQA
yh0+AwQAyh1EMAwDBADKHUsDBADKHUwDBADKHU8DBADKHVoDBADKHVwDBADKHYED
BADKHZkDBAHKLIoDBAfLn4AwDQQCAAIwBwMFACABA8gwDQYJKoZIhvcNAQELBQAD
ggEBACbpv1x/1gxCVLJZfr1PXo39+vVkUqkp4EHi5VcWB3eP7JP3FG4o89u2UGYT
RKkYyw4rOKkll2xg0yaReIDjSL1OG8wRTL4ZEeW9oIovPHRCvV29e8nxBOXDXxwy
If3AwnJeqDtBmQXz5brK57IGCAe2I8Zm7ojiEZFauYOKsVYJAOcSXTGm7625n/8l
BnaNF5YHRamCbg/ASH8njyDIklfXySN9IyOtZ/b2tTpYkYvijVKvDqkOnBREt9kq
/FXNCQbP0q9XMIvt3PSUaXEIjiRwGh1f1ed4mUaiUMas8/Wq6+IzQoFMxPyKXdWv
iTTW49KO9pZl4HehAf84+5eLdt4=
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:21:18 2025 by rpki-client