Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C2168/24C62C061D9111E2924430F308B02CD2/A7098B604A5411F0A2CC9015C4F9AE02.roa
File: A7098B604A5411F0A2CC9015C4F9AE02.roa (raw, json)
Hash identifier: sVPCrnH4ijuCZYxExAGbTpSF6uDYt6PkZ4Y0+gIXmKk=
Subject key identifier: 83:FA:11:CC:47:1F:69:21:26:AD:7C:7B:BA:DC:C3:C1:62:FB:0C:A7
Certificate issuer: /CN=A91C2168/serialNumber=9D346E6DB39C3D330C1AFF94060E15055FF4ED1C
Certificate serial: 34C0
Authority key identifier: 9D:34:6E:6D:B3:9C:3D:33:0C:1A:FF:94:06:0E:15:05:5F:F4:ED:1C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nTRubbOcPTMMGv-UBg4VBV_07Rw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C2168/24C62C061D9111E2924430F308B02CD2/A7098B604A5411F0A2CC9015C4F9AE02.roa
Signing time: Mon 16 Jun 2025 03:20:15 +0000
ROA not before: Mon 16 Jun 2025 03:20:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24324
IP address blocks: 122.200.176.0/20 maxlen: 20
122.200.176.0/24 maxlen: 24
122.200.177.0/24 maxlen: 24
122.200.178.0/24 maxlen: 24
122.200.179.0/24 maxlen: 24
122.200.180.0/24 maxlen: 24
122.200.181.0/24 maxlen: 24
122.200.182.0/24 maxlen: 24
122.200.183.0/24 maxlen: 24
122.200.184.0/24 maxlen: 24
122.200.185.0/24 maxlen: 24
122.200.186.0/24 maxlen: 24
122.200.187.0/24 maxlen: 24
122.200.188.0/24 maxlen: 24
122.200.189.0/24 maxlen: 24
122.200.190.0/24 maxlen: 24
122.200.191.0/24 maxlen: 24
124.157.64.0/19 maxlen: 19
124.157.64.0/24 maxlen: 24
124.157.65.0/24 maxlen: 24
124.157.66.0/24 maxlen: 24
124.157.67.0/24 maxlen: 24
124.157.68.0/22 maxlen: 22
124.157.68.0/24 maxlen: 24
124.157.69.0/24 maxlen: 24
124.157.70.0/24 maxlen: 24
124.157.71.0/24 maxlen: 24
124.157.72.0/24 maxlen: 24
124.157.73.0/24 maxlen: 24
124.157.74.0/24 maxlen: 24
124.157.75.0/24 maxlen: 24
124.157.76.0/24 maxlen: 24
124.157.77.0/24 maxlen: 24
124.157.78.0/24 maxlen: 24
124.157.79.0/24 maxlen: 24
124.157.80.0/24 maxlen: 24
124.157.81.0/24 maxlen: 24
124.157.82.0/24 maxlen: 24
124.157.83.0/24 maxlen: 24
124.157.84.0/24 maxlen: 24
124.157.85.0/24 maxlen: 24
124.157.86.0/24 maxlen: 24
124.157.87.0/24 maxlen: 24
124.157.88.0/24 maxlen: 24
124.157.89.0/24 maxlen: 24
124.157.90.0/24 maxlen: 24
124.157.91.0/24 maxlen: 24
124.157.92.0/24 maxlen: 24
124.157.93.0/24 maxlen: 24
124.157.94.0/24 maxlen: 24
124.157.95.0/24 maxlen: 24
124.157.96.0/19 maxlen: 19
124.157.96.0/24 maxlen: 24
124.157.97.0/24 maxlen: 24
124.157.98.0/24 maxlen: 24
124.157.99.0/24 maxlen: 24
124.157.100.0/24 maxlen: 24
124.157.101.0/24 maxlen: 24
124.157.102.0/24 maxlen: 24
124.157.103.0/24 maxlen: 24
124.157.104.0/24 maxlen: 24
124.157.105.0/24 maxlen: 24
124.157.106.0/24 maxlen: 24
124.157.107.0/24 maxlen: 24
124.157.108.0/24 maxlen: 24
124.157.109.0/24 maxlen: 24
124.157.110.0/24 maxlen: 24
124.157.111.0/24 maxlen: 24
124.157.112.0/24 maxlen: 24
124.157.113.0/24 maxlen: 24
124.157.114.0/24 maxlen: 24
124.157.115.0/24 maxlen: 24
124.157.116.0/24 maxlen: 24
124.157.117.0/24 maxlen: 24
124.157.118.0/24 maxlen: 24
124.157.119.0/24 maxlen: 24
124.157.120.0/24 maxlen: 24
124.157.121.0/24 maxlen: 24
124.157.122.0/24 maxlen: 24
124.157.123.0/24 maxlen: 24
124.157.124.0/24 maxlen: 24
124.157.125.0/24 maxlen: 24
124.157.126.0/24 maxlen: 24
124.157.127.0/24 maxlen: 24
202.36.132.0/24 maxlen: 24
202.49.128.0/21 maxlen: 21
202.49.128.0/24 maxlen: 24
202.49.129.0/24 maxlen: 24
202.49.130.0/24 maxlen: 24
202.49.131.0/24 maxlen: 24
202.49.132.0/24 maxlen: 24
202.49.133.0/24 maxlen: 24
202.49.134.0/24 maxlen: 24
202.49.135.0/24 maxlen: 24
203.14.20.0/24 maxlen: 24
203.161.187.0/24 maxlen: 24
203.195.124.0/24 maxlen: 24
2404:6c00::/32 maxlen: 32
2404:6c00:a000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C2168/24C62C061D9111E2924430F308B02CD2/nTRubbOcPTMMGv-UBg4VBV_07Rw.crl
rsync://rpki.apnic.net/member_repository/A91C2168/24C62C061D9111E2924430F308B02CD2/nTRubbOcPTMMGv-UBg4VBV_07Rw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nTRubbOcPTMMGv-UBg4VBV_07Rw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 07 Jul 2025 14:46:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13504 (0x34c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C2168, serialNumber=9D346E6DB39C3D330C1AFF94060E15055FF4ED1C
Validity
Not Before: Jun 16 03:20:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=684f8d6f-ca13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:11:78:3a:3d:bc:83:15:bd:46:88:38:c3:53:
58:b9:e3:ab:ee:63:a7:1d:0c:06:6c:ba:45:88:db:
14:41:9d:d1:62:be:97:64:9a:f9:ab:79:82:35:d4:
2b:c8:64:42:96:ee:a5:68:9b:e2:eb:d2:25:c1:8b:
5d:2d:e9:b7:cb:2e:92:42:2f:5d:20:31:af:e7:d6:
2a:e7:39:40:9f:f1:03:03:bd:dd:14:7e:e7:88:9f:
01:7d:f3:5e:8e:ea:97:db:3f:fa:b7:1f:d3:4c:90:
ff:13:bb:42:21:29:b7:5d:57:ab:2d:36:ee:86:1b:
6e:93:96:82:3d:51:dd:8b:e0:a8:69:84:24:7b:56:
bf:c1:89:df:61:1f:f7:93:e0:cd:31:70:e1:88:2d:
ff:2c:4b:02:fe:71:5f:04:8b:92:d4:c2:b2:02:6e:
7b:9b:8e:12:b0:02:a4:d6:98:9b:1c:f0:83:a8:97:
52:0a:68:28:e9:a2:1f:23:fb:e2:46:af:84:c0:dc:
3d:0b:19:0e:22:04:51:05:f9:1b:10:12:5a:1e:9a:
59:bc:e3:23:4f:44:e6:4a:f2:16:47:d7:35:8b:4c:
8e:fd:ec:38:2b:74:80:c0:8e:26:7d:a6:56:23:8d:
ca:51:15:83:81:26:ab:a4:f7:a6:1b:a5:29:95:e4:
19:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:FA:11:CC:47:1F:69:21:26:AD:7C:7B:BA:DC:C3:C1:62:FB:0C:A7
X509v3 Authority Key Identifier:
keyid:9D:34:6E:6D:B3:9C:3D:33:0C:1A:FF:94:06:0E:15:05:5F:F4:ED:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C2168/24C62C061D9111E2924430F308B02CD2/nTRubbOcPTMMGv-UBg4VBV_07Rw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nTRubbOcPTMMGv-UBg4VBV_07Rw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C2168/24C62C061D9111E2924430F308B02CD2/A7098B604A5411F0A2CC9015C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.200.176.0/20
124.157.64.0/18
202.36.132.0/24
202.49.128.0/21
203.14.20.0/24
203.161.187.0/24
203.195.124.0/24
IPv6:
2404:6c00::/32
Signature Algorithm: sha256WithRSAEncryption
b6:27:36:23:b3:f1:dc:c8:70:51:06:a9:f6:7b:1a:9d:7c:0f:
a7:d3:0e:0e:9c:44:c9:e2:d7:b8:11:70:45:71:c9:3c:28:c8:
15:d7:8a:ab:12:c7:32:f5:2b:45:7a:76:38:b1:3e:b4:ac:cf:
da:07:e0:41:98:af:35:3c:2e:15:29:80:3f:b2:5f:72:e6:25:
f9:13:00:f0:48:f4:2e:c0:c7:2e:0f:30:ad:a5:44:f0:eb:c5:
e3:8c:db:96:46:6c:62:bb:f8:1c:9d:3d:32:59:85:5f:de:e1:
3a:af:2c:f9:b7:37:98:ba:bf:47:4a:86:f5:81:a1:18:a3:33:
36:30:17:9a:47:35:9b:14:49:31:62:3f:04:9b:5c:00:f3:49:
ff:2f:c3:ca:2f:63:88:a7:9a:62:fb:11:91:ff:92:03:78:02:
11:09:72:a4:3f:11:e6:08:b0:5f:c8:9f:c3:f5:26:e8:49:f9:
ac:4e:8d:ab:9b:cb:76:4c:cd:15:e0:5a:f7:a3:60:58:e7:83:
c5:84:c9:21:3a:09:f0:cb:a9:72:6d:15:c0:00:f6:81:06:4f:
af:fc:ed:cc:e7:70:1b:34:d1:98:4a:fe:cd:d4:76:84:ee:22:
2e:bc:f9:ed:10:c3:ba:e0:04:88:5c:99:6c:43:d5:3b:69:6b:
d3:01:6b:18
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgICNMAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzIxNjgxMTAvBgNVBAUTKDlEMzQ2RTZEQjM5QzNEMzMwQzFBRkY5NDA2MEUxNTA1
NUZGNEVEMUMwHhcNMjUwNjE2MDMyMDE1WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODRmOGQ2Zi1jYTEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuhF4Oj28gxW9Rog4w1NYueOr7mOnHQwGbLpFiNsUQZ3RYr6XZJr5q3mCNdQr
yGRClu6laJvi69IlwYtdLem3yy6SQi9dIDGv59Yq5zlAn/EDA73dFH7niJ8BffNe
juqX2z/6tx/TTJD/E7tCISm3XVerLTbuhhtuk5aCPVHdi+CoaYQke1a/wYnfYR/3
k+DNMXDhiC3/LEsC/nFfBIuS1MKyAm57m44SsAKk1pibHPCDqJdSCmgo6aIfI/vi
Rq+EwNw9CxkOIgRRBfkbEBJaHppZvOMjT0TmSvIWR9c1i0yO/ew4K3SAwI4mfaZW
I43KURWDgSarpPemG6UpleQZBwIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFIP6EcxH
H2khJq18e7rcw8Fi+wynMB8GA1UdIwQYMBaAFJ00bm2znD0zDBr/lAYOFQVf9O0c
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMjE2OC8yNEM2MkMwNjFE
OTExMUUyOTI0NDMwRjMwOEIwMkNEMi9uVFJ1YmJPY1BUTU1Hdi1VQmc0VkJWXzA3
UncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25UUnViYk9jUFRNTUd2LVVCZzRWQlZfMDdSdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzIxNjgvMjRDNjJDMDYxRDkxMTFFMjkyNDQzMEYzMDhCMDJDRDIvQTcwOThCNjA0
QTU0MTFGMEEyQ0M5MDE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E
QzBBMDAEAgABMCoDBAR6yLADBAZ8nUADBADKJIQDBAPKMYADBADLDhQDBADLobsD
BADLw3wwDQQCAAIwBwMFACQEbAAwDQYJKoZIhvcNAQELBQADggEBALYnNiOz8dzI
cFEGqfZ7Gp18D6fTDg6cRMni17gRcEVxyTwoyBXXiqsSxzL1K0V6djixPrSsz9oH
4EGYrzU8LhUpgD+yX3LmJfkTAPBI9C7Axy4PMK2lRPDrxeOM25ZGbGK7+BydPTJZ
hV/e4TqvLPm3N5i6v0dKhvWBoRijMzYwF5pHNZsUSTFiPwSbXADzSf8vw8ovY4in
mmL7EZH/kgN4AhEJcqQ/EeYIsF/In8P1JuhJ+axOjauby3ZMzRXgWvejYFjng8WE
ySE6CfDLqXJtFcAA9oEGT6/87czncBs00ZhK/s3UdoTuIi68+e0Qw7rgBIhcmWxD
1Ttpa9MBaxg=
-----END CERTIFICATE-----
Generated at Wed Jul 2 05:25:32 2025 by rpki-client