Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/95EC5BBE0DC811F0A0561D5AC4F9AE02.roa
File: 95EC5BBE0DC811F0A0561D5AC4F9AE02.roa (raw, json)
Hash identifier: E4qGKWG7PfGIitr8iGGPNSOx9z6hB7rmiJDWW78bXko=
Subject key identifier: 87:AF:8E:97:0E:8C:F6:50:D1:21:4D:50:CD:CA:5C:AB:E7:09:EE:E9
Certificate issuer: /CN=A91DB4FE/serialNumber=7F6BE1D5A2730FC227FAFC896D13433241783179
Certificate serial: 085D
Authority key identifier: 7F:6B:E1:D5:A2:73:0F:C2:27:FA:FC:89:6D:13:43:32:41:78:31:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f2vh1aJzD8In-vyJbRNDMkF4MXk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/95EC5BBE0DC811F0A0561D5AC4F9AE02.roa
Signing time: Mon 31 Mar 2025 00:39:52 +0000
ROA not before: Mon 31 Mar 2025 00:39:52 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 9723
IP address blocks: 1.178.2.0/23 maxlen: 24
1.178.66.0/23 maxlen: 24
1.178.80.0/24 maxlen: 24
1.178.82.0/23 maxlen: 24
1.178.84.0/23 maxlen: 24
1.178.96.0/22 maxlen: 24
1.178.175.0/24 maxlen: 24
1.178.176.0/22 maxlen: 24
1.179.0.0/23 maxlen: 24
1.179.4.0/22 maxlen: 24
1.179.8.0/22 maxlen: 24
1.179.12.0/23 maxlen: 24
1.179.16.0/21 maxlen: 24
1.179.48.0/22 maxlen: 24
1.179.62.0/23 maxlen: 24
1.179.96.0/22 maxlen: 24
58.87.0.0/20 maxlen: 20
58.87.0.0/23 maxlen: 23
58.87.2.0/23 maxlen: 23
58.87.6.0/23 maxlen: 23
58.87.8.0/23 maxlen: 23
58.87.10.0/23 maxlen: 23
58.87.12.0/23 maxlen: 23
58.87.14.0/24 maxlen: 24
58.87.15.0/24 maxlen: 24
110.238.21.0/24 maxlen: 24
110.238.24.0/24 maxlen: 24
110.238.25.0/24 maxlen: 24
110.238.144.0/21 maxlen: 21
110.238.144.0/22 maxlen: 24
110.238.240.0/23 maxlen: 24
110.239.0.0/21 maxlen: 21
110.239.15.0/24 maxlen: 24
110.239.16.0/23 maxlen: 23
110.239.26.0/24 maxlen: 24
110.239.31.0/24 maxlen: 24
110.239.32.0/23 maxlen: 23
110.239.128.0/20 maxlen: 20
110.239.128.0/21 maxlen: 21
110.239.176.0/21 maxlen: 21
110.239.176.0/24 maxlen: 24
110.239.178.0/24 maxlen: 24
119.12.80.0/21 maxlen: 24
119.13.0.0/23 maxlen: 23
119.13.2.0/24 maxlen: 24
119.13.3.0/24 maxlen: 24
119.13.4.0/23 maxlen: 23
119.13.6.0/23 maxlen: 23
119.13.8.0/23 maxlen: 23
119.13.10.0/24 maxlen: 24
119.13.48.0/23 maxlen: 23
119.13.48.0/24 maxlen: 24
119.13.49.0/24 maxlen: 24
119.13.144.0/22 maxlen: 24
119.13.176.0/22 maxlen: 23
119.13.176.0/23 maxlen: 24
119.13.178.0/24 maxlen: 24
119.13.240.0/23 maxlen: 24
121.91.96.0/23 maxlen: 24
121.91.199.0/24 maxlen: 24
123.200.128.0/20 maxlen: 20
123.200.128.0/22 maxlen: 22
123.200.133.0/24 maxlen: 24
123.200.134.0/23 maxlen: 23
123.200.136.0/22 maxlen: 22
123.200.140.0/22 maxlen: 22
123.200.144.0/22 maxlen: 22
123.200.148.0/22 maxlen: 22
123.200.152.0/21 maxlen: 21
123.200.160.0/23 maxlen: 23
123.200.162.0/23 maxlen: 23
123.200.164.0/23 maxlen: 23
123.200.165.0/24 maxlen: 24
123.200.166.0/23 maxlen: 23
123.200.168.0/23 maxlen: 23
123.200.170.0/23 maxlen: 23
123.200.172.0/24 maxlen: 24
123.200.174.0/24 maxlen: 24
123.200.175.0/24 maxlen: 24
123.200.176.0/23 maxlen: 23
123.200.179.0/24 maxlen: 24
123.200.180.0/23 maxlen: 23
123.200.182.0/23 maxlen: 23
123.200.184.0/22 maxlen: 22
123.200.186.0/23 maxlen: 23
123.200.187.0/24 maxlen: 24
123.200.188.0/23 maxlen: 23
123.200.200.0/23 maxlen: 24
123.200.208.0/21 maxlen: 21
123.200.216.0/21 maxlen: 21
123.200.240.0/23 maxlen: 24
202.83.64.0/19 maxlen: 19
202.83.64.0/22 maxlen: 22
202.83.68.0/23 maxlen: 23
202.83.70.0/23 maxlen: 23
202.83.72.0/24 maxlen: 24
202.83.73.0/24 maxlen: 24
202.83.74.0/23 maxlen: 23
202.83.76.0/22 maxlen: 22
202.83.80.0/23 maxlen: 23
202.83.82.0/24 maxlen: 24
202.83.83.0/24 maxlen: 24
202.83.84.0/22 maxlen: 22
202.83.88.0/23 maxlen: 23
202.83.90.0/23 maxlen: 23
202.83.92.0/23 maxlen: 23
202.83.94.0/24 maxlen: 24
202.83.95.0/24 maxlen: 24
202.183.96.0/20 maxlen: 20
202.183.96.0/24 maxlen: 24
202.183.97.0/24 maxlen: 24
202.183.98.0/24 maxlen: 24
202.183.100.0/23 maxlen: 23
202.183.102.0/23 maxlen: 23
202.183.102.0/24 maxlen: 24
202.183.104.0/22 maxlen: 22
202.183.108.0/24 maxlen: 24
202.183.110.0/24 maxlen: 24
202.183.111.0/24 maxlen: 24
202.183.112.0/20 maxlen: 20
202.183.112.0/23 maxlen: 23
202.183.114.0/23 maxlen: 23
202.183.116.0/23 maxlen: 23
202.183.118.0/24 maxlen: 24
202.183.119.0/24 maxlen: 24
202.183.120.0/22 maxlen: 22
202.183.124.0/23 maxlen: 23
202.183.126.0/24 maxlen: 24
202.183.127.0/24 maxlen: 24
210.56.64.0/24 maxlen: 24
210.56.68.0/23 maxlen: 24
210.56.70.0/23 maxlen: 24
220.157.64.0/24 maxlen: 24
220.157.70.0/24 maxlen: 24
220.157.71.0/24 maxlen: 24
220.157.74.0/23 maxlen: 24
220.157.79.0/24 maxlen: 24
220.157.80.0/23 maxlen: 24
220.157.82.0/23 maxlen: 24
220.157.84.0/23 maxlen: 24
220.157.86.0/23 maxlen: 24
220.157.90.0/24 maxlen: 24
220.157.91.0/24 maxlen: 24
220.157.92.0/24 maxlen: 24
220.157.93.0/24 maxlen: 24
220.157.94.0/24 maxlen: 24
220.157.95.0/24 maxlen: 24
2407:6800::/32 maxlen: 32
2407:6800:0:200::/56 maxlen: 56
2407:6800:0:300::/56 maxlen: 56
2407:6800:0:400::/56 maxlen: 56
2407:6800:0:500::/56 maxlen: 56
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/f2vh1aJzD8In-vyJbRNDMkF4MXk.crl
rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/f2vh1aJzD8In-vyJbRNDMkF4MXk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f2vh1aJzD8In-vyJbRNDMkF4MXk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 17 May 2025 22:08:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2141 (0x85d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DB4FE, serialNumber=7F6BE1D5A2730FC227FAFC896D13433241783179
Validity
Not Before: Mar 31 00:39:52 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67e9e457-e081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:43:43:8f:a8:22:a3:77:79:38:ae:e5:a3:71:
0e:7b:cf:05:25:e5:5d:1d:08:bb:2b:3b:9e:2a:dc:
bb:8d:da:58:91:47:66:86:27:53:ca:20:72:29:03:
20:c0:b0:c1:07:9e:37:92:5d:0d:82:c7:a1:e7:bb:
46:a6:1c:00:2f:36:00:52:62:24:88:3a:8b:1d:38:
37:4d:7c:6b:f9:90:54:8a:5a:4b:8c:cd:19:be:09:
d7:26:24:1b:dd:73:a1:5d:87:23:40:1f:4e:38:67:
ce:f9:16:1a:0f:a7:9a:86:c2:9e:ea:02:5b:f6:82:
fd:7a:1a:85:fb:ef:b0:88:86:f2:c0:e7:71:fc:48:
00:64:20:3d:dd:e4:94:cb:5b:5c:1c:97:17:a1:62:
3d:e8:a3:d1:52:27:e2:0c:d4:be:4f:99:7e:33:94:
88:6a:63:10:71:d3:e7:94:e5:63:ff:e6:b9:af:90:
02:da:39:e1:56:93:a5:aa:cf:db:80:2e:04:9a:10:
ae:db:0b:67:b8:64:0a:dd:fd:4d:07:e0:cd:b1:53:
4d:c9:36:15:76:b2:c9:09:34:a3:7d:2b:85:cd:c3:
56:05:29:1d:86:8c:1f:74:6b:94:4c:1e:6b:31:34:
a6:f1:de:53:cd:ca:d3:72:d1:50:aa:af:89:38:f1:
d0:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:AF:8E:97:0E:8C:F6:50:D1:21:4D:50:CD:CA:5C:AB:E7:09:EE:E9
X509v3 Authority Key Identifier:
keyid:7F:6B:E1:D5:A2:73:0F:C2:27:FA:FC:89:6D:13:43:32:41:78:31:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/f2vh1aJzD8In-vyJbRNDMkF4MXk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f2vh1aJzD8In-vyJbRNDMkF4MXk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/95EC5BBE0DC811F0A0561D5AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.178.2.0/23
1.178.66.0/23
1.178.80.0/24
1.178.82.0-1.178.85.255
1.178.96.0/22
1.178.175.0-1.178.179.255
1.179.0.0/23
1.179.4.0-1.179.13.255
1.179.16.0/21
1.179.48.0/22
1.179.62.0/23
1.179.96.0/22
58.87.0.0/20
110.238.21.0/24
110.238.24.0/23
110.238.144.0/21
110.238.240.0/23
110.239.0.0/21
110.239.15.0-110.239.17.255
110.239.26.0/24
110.239.31.0-110.239.33.255
110.239.128.0/20
110.239.176.0/21
119.12.80.0/21
119.13.0.0-119.13.10.255
119.13.48.0/23
119.13.144.0/22
119.13.176.0/22
119.13.240.0/23
121.91.96.0/23
121.91.199.0/24
123.200.128.0-123.200.172.255
123.200.174.0-123.200.177.255
123.200.179.0-123.200.189.255
123.200.200.0/23
123.200.208.0/20
123.200.240.0/23
202.83.64.0/19
202.183.96.0/19
210.56.64.0/24
210.56.68.0/22
220.157.64.0/24
220.157.70.0/23
220.157.74.0/23
220.157.79.0-220.157.87.255
220.157.90.0-220.157.95.255
IPv6:
2407:6800::/32
Signature Algorithm: sha256WithRSAEncryption
8e:b7:ba:37:b8:44:2f:a6:88:3e:dc:90:e2:3a:d3:f4:29:4b:
8d:8e:ac:77:75:1b:b1:5e:75:b5:36:84:c2:7c:a4:d7:f1:54:
9b:74:a6:26:cc:a2:be:eb:9d:69:68:5a:08:b4:de:2a:7c:6b:
8c:1b:38:2f:4b:a2:95:73:c7:9f:82:f7:e3:57:7b:f5:bd:93:
86:f3:0b:98:18:53:74:7f:eb:a0:c4:6a:35:40:92:c1:6a:70:
b6:a8:07:9c:2d:33:f4:73:74:29:35:24:15:4a:60:5f:6d:10:
50:ab:a8:df:7b:0a:34:15:26:0b:0e:c6:d0:e7:c9:18:84:ea:
16:34:f3:c7:ca:9e:3b:a5:10:ff:ba:f6:43:f7:75:8b:35:56:
19:fd:ce:1d:ee:8c:f8:fc:17:62:6c:32:d4:ff:c2:88:dd:1b:
ce:76:91:94:f2:1a:03:92:bc:3e:fd:86:78:85:34:4c:7f:8a:
ad:4a:c9:36:c4:aa:b5:7a:79:10:ca:98:3a:c9:4c:6f:db:62:
20:df:21:aa:f8:f3:41:4a:00:aa:7b:fe:25:31:aa:25:d8:4a:
68:25:9c:1a:f0:1a:80:e1:1c:b1:93:98:2f:b8:0e:7d:bb:5a:
b3:3f:6d:3e:b2:01:c9:10:a3:3b:be:c6:c6:98:50:02:ae:3d:
95:58:99:51
-----BEGIN CERTIFICATE-----
MIIG7zCCBdegAwIBAgICCF0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REI0RkUxMTAvBgNVBAUTKDdGNkJFMUQ1QTI3MzBGQzIyN0ZBRkM4OTZEMTM0MzMy
NDE3ODMxNzkwHhcNMjUwMzMxMDAzOTUyWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2U5ZTQ1Ny1lMDgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs0NDj6gio3d5OK7lo3EOe88FJeVdHQi7KzueKty7jdpYkUdmhidTyiByKQMg
wLDBB543kl0Ngseh57tGphwALzYAUmIkiDqLHTg3TXxr+ZBUilpLjM0ZvgnXJiQb
3XOhXYcjQB9OOGfO+RYaD6eahsKe6gJb9oL9ehqF+++wiIbywOdx/EgAZCA93eSU
y1tcHJcXoWI96KPRUifiDNS+T5l+M5SIamMQcdPnlOVj/+a5r5AC2jnhVpOlqs/b
gC4EmhCu2wtnuGQK3f1NB+DNsVNNyTYVdrLJCTSjfSuFzcNWBSkdhowfdGuUTB5r
MTSm8d5TzcrTctFQqq+JOPHQfwIDAQABo4IEEzCCBA8wHQYDVR0OBBYEFIevjpcO
jPZQ0SFNUM3KXKvnCe7pMB8GA1UdIwQYMBaAFH9r4dWicw/CJ/r8iW0TQzJBeDF5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQjRGRS9DRjRBMTBFQTg1
RTExMUVCQUZCNTFFODRDNEY5QUUwMi9mMnZoMWFKekQ4SW4tdnlKYlJORE1rRjRN
WGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2YydmgxYUp6RDhJbi12eUpiUk5ETWtGNE1Yay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REI0RkUvQ0Y0QTEwRUE4NUUxMTFFQkFGQjUxRTg0QzRGOUFFMDIvOTVFQzVCQkUw
REM4MTFGMEEwNTYxRDVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggGbBggrBgEFBQcBBwEB
/wSCAYowggGGMIIBcwQCAAEwggFrAwQBAbICAwQBAbJCAwQAAbJQMAwDBAEBslID
BAEBslQDBAIBsmAwDAMEAAGyrwMEAgGysAMEAQGzADAMAwQCAbMEAwQBAbMMAwQD
AbMQAwQCAbMwAwQBAbM+AwQCAbNgAwQEOlcAAwQAbu4VAwQBbu4YAwQDbu6QAwQB
bu7wAwQDbu8AMAwDBABu7w8DBAFu7xADBABu7xowDAMEAG7vHwMEAW7vIAMEBG7v
gAMEA27vsAMEA3cMUDALAwMAdw0DBAB3DQoDBAF3DTADBAJ3DZADBAJ3DbADBAF3
DfADBAF5W2ADBAB5W8cwDAMEB3vIgAMEAHvIrDAMAwQBe8iuAwQBe8iwMAwDBAB7
yLMDBAF7yLwDBAF7yMgDBAR7yNADBAF7yPADBAXKU0ADBAXKt2ADBADSOEADBALS
OEQDBADcnUADBAHcnUYDBAHcnUowDAMEANydTwMEA9ydUDAMAwQB3J1aAwQF3J1A
MA0EAgACMAcDBQAkB2gAMA0GCSqGSIb3DQEBCwUAA4IBAQCOt7o3uEQvpog+3JDi
OtP0KUuNjqx3dRuxXnW1NoTCfKTX8VSbdKYmzKK+651paFoItN4qfGuMGzgvS6KV
c8efgvfjV3v1vZOG8wuYGFN0f+ugxGo1QJLBanC2qAecLTP0c3QpNSQVSmBfbRBQ
q6jfewo0FSYLDsbQ58kYhOoWNPPHyp47pRD/uvZD93WLNVYZ/c4d7oz4/BdibDLU
/8KI3RvOdpGU8hoDkrw+/YZ4hTRMf4qtSsk2xKq1enkQypg6yUxv22Ig3yGq+PNB
SgCqe/4lMaol2EpoJZwa8BqA4Ryxk5gvuA59u1qzP20+sgHJEKM7vsbGmFACrj2V
WJlR
-----END CERTIFICATE-----
Generated at Mon May 12 19:47:35 2025 by rpki-client