Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AEB42/1AD97B646A6E11EDBB990363C4F9AE02/7F12211CB57611EF8568F73EC4F9AE02.roa
File: 7F12211CB57611EF8568F73EC4F9AE02.roa (raw, json)
Hash identifier: CwjbDJIVXG+vDercYeP8LuPj37wtm4yjdjZv2bXW2iw=
Subject key identifier: 9B:3C:9F:56:5B:F2:39:82:82:9B:28:89:A1:E7:9C:6B:B1:D2:21:08
Certificate issuer: /CN=A91AEB42/serialNumber=56237928548B082F5B13C16EDC3E6A7C2F80FCF1
Certificate serial: 024D
Authority key identifier: 56:23:79:28:54:8B:08:2F:5B:13:C1:6E:DC:3E:6A:7C:2F:80:FC:F1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ViN5KFSLCC9bE8Fu3D5qfC-A_PE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AEB42/1AD97B646A6E11EDBB990363C4F9AE02/7F12211CB57611EF8568F73EC4F9AE02.roa
Signing time: Fri 03 Oct 2025 02:28:17 +0000
ROA not before: Fri 03 Oct 2025 02:28:17 +0000
ROA not after: Wed 30 Dec 2026 00:00:00 +0000
asID: 132839
IP address blocks: 43.229.212.0/22 maxlen: 24
43.230.168.0/22 maxlen: 24
43.240.48.0/22 maxlen: 24
43.241.44.0/22 maxlen: 24
43.249.24.0/22 maxlen: 24
43.251.104.0/22 maxlen: 24
45.64.108.0/22 maxlen: 24
45.114.168.0/22 maxlen: 24
45.115.124.0/22 maxlen: 24
45.120.80.0/22 maxlen: 24
45.127.36.0/22 maxlen: 24
45.127.124.0/22 maxlen: 24
45.250.196.0/22 maxlen: 24
103.36.20.0/22 maxlen: 24
103.37.40.0/22 maxlen: 24
103.40.112.0/22 maxlen: 24
103.42.176.0/22 maxlen: 24
103.49.8.0/22 maxlen: 24
103.49.248.0/22 maxlen: 24
103.54.124.0/22 maxlen: 24
103.55.128.0/22 maxlen: 24
103.60.148.0/22 maxlen: 24
103.75.12.0/22 maxlen: 24
103.75.44.0/22 maxlen: 24
103.80.16.0/22 maxlen: 24
103.85.188.0/22 maxlen: 24
103.151.250.0/23 maxlen: 24
103.195.192.0/22 maxlen: 24
103.196.60.0/22 maxlen: 24
103.200.124.0/22 maxlen: 24
103.204.76.0/22 maxlen: 24
103.214.164.0/22 maxlen: 24
103.215.212.0/22 maxlen: 24
103.219.104.0/22 maxlen: 24
103.233.248.0/22 maxlen: 24
116.193.168.0/22 maxlen: 24
117.120.60.0/22 maxlen: 24
120.89.68.0/22 maxlen: 24
121.54.160.0/22 maxlen: 24
144.48.124.0/22 maxlen: 24
157.119.92.0/22 maxlen: 24
182.161.68.0/22 maxlen: 24
202.165.120.0/22 maxlen: 24
2401:f940::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91AEB42/1AD97B646A6E11EDBB990363C4F9AE02/ViN5KFSLCC9bE8Fu3D5qfC-A_PE.crl
rsync://rpki.apnic.net/member_repository/A91AEB42/1AD97B646A6E11EDBB990363C4F9AE02/ViN5KFSLCC9bE8Fu3D5qfC-A_PE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ViN5KFSLCC9bE8Fu3D5qfC-A_PE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 26 Oct 2025 04:19:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 589 (0x24d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AEB42, serialNumber=56237928548B082F5B13C16EDC3E6A7C2F80FCF1
Validity
Not Before: Oct 3 02:28:17 2025 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=68df34c1-4bbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:55:83:c8:21:02:68:2a:7f:ac:a6:6c:74:21:
0f:30:7d:5d:d4:2a:ad:19:86:00:87:cf:07:0c:18:
81:f7:3e:21:d6:1d:dc:66:c8:b4:a9:af:09:48:02:
c8:a9:41:97:4f:d9:b6:5c:ee:09:6c:03:34:ab:54:
29:cd:d5:e6:07:d2:af:fb:c9:70:fe:0c:e1:84:e0:
1d:3e:bb:00:d5:7e:57:f9:85:4c:af:81:da:63:f9:
63:4d:e9:17:eb:31:4d:03:ab:a6:64:8a:b1:a9:55:
cf:df:14:14:68:e6:9d:41:b2:3b:1b:49:7d:20:b2:
bc:da:d7:04:d8:86:89:21:c1:06:c1:ee:70:7a:fa:
c7:8d:5b:80:8c:60:2a:cc:b2:b1:ed:07:c4:cf:d9:
db:ab:76:32:d8:fb:02:2f:9f:88:26:e7:30:c3:c3:
c2:a7:cf:d6:93:63:dd:45:a4:88:64:cd:e7:ac:36:
dc:b9:80:59:a0:5a:ed:2f:45:4c:c1:d9:51:f3:2a:
45:55:a3:c9:83:ce:d3:aa:b2:19:6b:fc:69:cd:05:
99:a8:73:22:c8:32:c7:35:13:53:c9:25:da:6e:00:
9a:a0:98:a9:af:b3:1a:1e:4f:d0:2d:a7:5a:04:2a:
ab:ff:1e:ce:72:1c:d3:91:4d:3e:db:52:a8:6f:27:
7d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:3C:9F:56:5B:F2:39:82:82:9B:28:89:A1:E7:9C:6B:B1:D2:21:08
X509v3 Authority Key Identifier:
keyid:56:23:79:28:54:8B:08:2F:5B:13:C1:6E:DC:3E:6A:7C:2F:80:FC:F1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AEB42/1AD97B646A6E11EDBB990363C4F9AE02/ViN5KFSLCC9bE8Fu3D5qfC-A_PE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ViN5KFSLCC9bE8Fu3D5qfC-A_PE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AEB42/1AD97B646A6E11EDBB990363C4F9AE02/7F12211CB57611EF8568F73EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.212.0/22
43.230.168.0/22
43.240.48.0/22
43.241.44.0/22
43.249.24.0/22
43.251.104.0/22
45.64.108.0/22
45.114.168.0/22
45.115.124.0/22
45.120.80.0/22
45.127.36.0/22
45.127.124.0/22
45.250.196.0/22
103.36.20.0/22
103.37.40.0/22
103.40.112.0/22
103.42.176.0/22
103.49.8.0/22
103.49.248.0/22
103.54.124.0/22
103.55.128.0/22
103.60.148.0/22
103.75.12.0/22
103.75.44.0/22
103.80.16.0/22
103.85.188.0/22
103.151.250.0/23
103.195.192.0/22
103.196.60.0/22
103.200.124.0/22
103.204.76.0/22
103.214.164.0/22
103.215.212.0/22
103.219.104.0/22
103.233.248.0/22
116.193.168.0/22
117.120.60.0/22
120.89.68.0/22
121.54.160.0/22
144.48.124.0/22
157.119.92.0/22
182.161.68.0/22
202.165.120.0/22
IPv6:
2401:f940::/32
Signature Algorithm: sha256WithRSAEncryption
60:84:44:98:77:6e:6c:71:17:03:4d:19:5d:59:d2:aa:2f:75:
7e:9a:08:6a:b6:89:ec:89:c2:77:76:6a:2a:77:2a:26:98:ba:
cb:48:26:af:10:a3:f6:6e:ea:da:73:c7:e8:58:25:48:f4:8c:
67:a9:8e:ab:81:24:10:6f:4d:64:5c:e5:4b:3a:c4:17:b3:ed:
62:dd:bd:65:5d:12:8e:22:4f:2c:00:a5:35:1d:bd:4b:d9:2c:
e4:c8:9f:e6:ab:94:4e:00:ec:e6:a8:3b:3b:98:ab:66:c8:06:
66:ad:14:8c:9b:bd:0a:0b:61:1e:d6:77:ec:f8:82:1f:1f:f3:
0e:2b:52:22:6e:6d:74:71:8c:da:30:9d:e2:4d:03:84:3b:36:
a5:2a:b6:65:f9:77:e3:c0:52:37:ab:79:12:6b:47:61:12:4b:
9e:f9:49:a2:0e:8c:53:49:aa:e4:0c:c9:a0:cd:95:37:a3:c7:
b5:6f:7d:e2:a8:11:c8:6d:3b:32:b4:d1:49:ec:9b:5b:4b:e8:
ac:9e:43:23:51:4b:72:a9:70:1f:ef:63:46:14:70:4a:43:db:
2c:a6:f3:ad:a0:74:da:cc:30:f6:87:16:c1:73:7e:45:a4:6b:
c1:74:81:04:13:6c:72:14:2b:a4:61:2d:be:c9:29:8c:04:42:
f2:5c:05:0f
-----BEGIN CERTIFICATE-----
MIIGhjCCBW6gAwIBAgICAk0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUVCNDIxMTAvBgNVBAUTKDU2MjM3OTI4NTQ4QjA4MkY1QjEzQzE2RURDM0U2QTdD
MkY4MEZDRjEwHhcNMjUxMDAzMDIyODE3WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGRmMzRjMS00YmJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5VWDyCECaCp/rKZsdCEPMH1d1CqtGYYAh88HDBiB9z4h1h3cZsi0qa8JSALI
qUGXT9m2XO4JbAM0q1QpzdXmB9Kv+8lw/gzhhOAdPrsA1X5X+YVMr4HaY/ljTekX
6zFNA6umZIqxqVXP3xQUaOadQbI7G0l9ILK82tcE2IaJIcEGwe5wevrHjVuAjGAq
zLKx7QfEz9nbq3Yy2PsCL5+IJucww8PCp8/Wk2PdRaSIZM3nrDbcuYBZoFrtL0VM
wdlR8ypFVaPJg87TqrIZa/xpzQWZqHMiyDLHNRNTySXabgCaoJipr7MaHk/QLada
BCqr/x7OchzTkU0+21Kobyd9WwIDAQABo4IDqjCCA6YwHQYDVR0OBBYEFJs8n1Zb
8jmCgpsoiaHnnGux0iEIMB8GA1UdIwQYMBaAFFYjeShUiwgvWxPBbtw+anwvgPzx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRUI0Mi8xQUQ5N0I2NDZB
NkUxMUVEQkI5OTAzNjNDNEY5QUUwMi9WaU41S0ZTTENDOWJFOEZ1M0Q1cWZDLUFf
UEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZpTjVLRlNMQ0M5YkU4RnUzRDVxZkMtQV9QRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUVCNDIvMUFEOTdCNjQ2QTZFMTFFREJCOTkwMzYzQzRGOUFFMDIvN0YxMjIxMUNC
NTc2MTFFRjg1NjhGNzNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEyBggrBgEFBQcBBwEB
/wSCASEwggEdMIIBCgQCAAEwggECAwQCK+XUAwQCK+aoAwQCK/AwAwQCK/EsAwQC
K/kYAwQCK/toAwQCLUBsAwQCLXKoAwQCLXN8AwQCLXhQAwQCLX8kAwQCLX98AwQC
LfrEAwQCZyQUAwQCZyUoAwQCZyhwAwQCZyqwAwQCZzEIAwQCZzH4AwQCZzZ8AwQC
ZzeAAwQCZzyUAwQCZ0sMAwQCZ0ssAwQCZ1AQAwQCZ1W8AwQBZ5f6AwQCZ8PAAwQC
Z8Q8AwQCZ8h8AwQCZ8xMAwQCZ9akAwQCZ9fUAwQCZ9toAwQCZ+n4AwQCdMGoAwQC
dXg8AwQCeFlEAwQCeTagAwQCkDB8AwQCnXdcAwQCtqFEAwQCyqV4MA0EAgACMAcD
BQAkAflAMA0GCSqGSIb3DQEBCwUAA4IBAQBghESYd25scRcDTRldWdKqL3V+mghq
tonsicJ3dmoqdyommLrLSCavEKP2burac8foWCVI9IxnqY6rgSQQb01kXOVLOsQX
s+1i3b1lXRKOIk8sAKU1Hb1L2SzkyJ/mq5ROAOzmqDs7mKtmyAZmrRSMm70KC2Ee
1nfs+IIfH/MOK1Iibm10cYzaMJ3iTQOEOzalKrZl+XfjwFI3q3kSa0dhEkue+Umi
DoxTSarkDMmgzZU3o8e1b33iqBHIbTsytNFJ7JtbS+isnkMjUUtyqXAf72NGFHBK
Q9sspvOtoHTazDD2hxbBc35FpGvBdIEEE2xyFCukYS2+ySmMBELyXAUP
-----END CERTIFICATE-----
Generated at Mon Oct 20 11:27:51 2025 by rpki-client