Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/AB549D62125711EF94D14874C4F9AE02.roa
File: AB549D62125711EF94D14874C4F9AE02.roa (raw, json)
Hash identifier: u7p+nz5w2jpHdQPlyKnwRdRnTG51oOxdLpI/jwgWuSM=
Subject key identifier: 43:87:F9:0F:88:60:C5:BD:7C:E8:2E:69:D3:BF:5B:B1:1C:99:F8:0F
Certificate issuer: /CN=A91EA198/serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD
Certificate serial: 1F12
Authority key identifier: 9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/AB549D62125711EF94D14874C4F9AE02.roa
Signing time: Wed 17 Sep 2025 06:44:30 +0000
ROA not before: Wed 17 Sep 2025 06:44:30 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 45102
IP address blocks: 14.1.112.0/22 maxlen: 24
43.0.0.0/9 maxlen: 15
43.91.0.0/16 maxlen: 24
43.96.0.0/16 maxlen: 24
43.97.0.0/16 maxlen: 24
43.98.0.0/16 maxlen: 24
43.99.0.0/16 maxlen: 24
43.100.0.0/16 maxlen: 24
43.101.0.0/16 maxlen: 24
43.102.0.0/16 maxlen: 24
43.103.0.0/16 maxlen: 24
43.104.0.0/16 maxlen: 24
43.105.0.0/16 maxlen: 24
43.106.0.0/16 maxlen: 24
43.107.0.0/16 maxlen: 16
43.107.0.0/16 maxlen: 24
43.108.0.0/16 maxlen: 24
43.109.0.0/16 maxlen: 24
43.110.0.0/16 maxlen: 24
43.111.0.0/16 maxlen: 16
43.111.0.0/16 maxlen: 24
43.112.0.0/16 maxlen: 16
43.112.0.0/16 maxlen: 24
43.113.0.0/16 maxlen: 24
43.114.0.0/16 maxlen: 24
43.115.0.0/16 maxlen: 24
43.116.0.0/16 maxlen: 24
43.117.0.0/16 maxlen: 24
43.118.0.0/16 maxlen: 24
43.119.0.0/16 maxlen: 24
43.120.0.0/16 maxlen: 24
43.121.0.0/16 maxlen: 24
43.122.0.0/16 maxlen: 24
43.123.0.0/16 maxlen: 24
43.124.0.0/16 maxlen: 24
43.125.0.0/16 maxlen: 24
43.126.0.0/16 maxlen: 24
43.127.0.0/16 maxlen: 24
103.206.40.0/22 maxlen: 24
2404:2280::/32 maxlen: 48
240b:4000::/22 maxlen: 31
240b:4000::/32 maxlen: 40
240b:4001::/32 maxlen: 40
240b:4002::/32 maxlen: 48
240b:4003::/32 maxlen: 48
240b:4004::/32 maxlen: 48
240b:4005::/32 maxlen: 48
240b:4006::/32 maxlen: 48
240b:4007::/32 maxlen: 48
240b:4008::/32 maxlen: 48
240b:4009::/32 maxlen: 48
240b:400a::/32 maxlen: 48
240b:400b::/32 maxlen: 48
240b:400c::/32 maxlen: 48
240b:400d::/32 maxlen: 48
240b:400e::/32 maxlen: 48
240b:400f::/32 maxlen: 48
240b:4010::/32 maxlen: 48
240b:4011::/32 maxlen: 48
240b:4012::/32 maxlen: 48
240b:4013::/32 maxlen: 48
240b:4014::/32 maxlen: 48
240b:4015::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl
rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 16:25:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7954 (0x1f12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA198, serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD
Validity
Not Before: Sep 17 06:44:30 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=68ca58cd-3811
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f4:65:22:9e:6d:52:e4:b2:8d:c6:50:bb:18:
56:ab:fd:48:c6:ef:2d:d5:a8:ee:3c:c5:c2:be:c2:
03:e4:4a:8b:93:f3:45:f0:10:05:68:ff:58:b8:f0:
3d:93:e6:87:64:af:7c:e6:a5:84:5f:17:63:2b:ea:
d6:9a:b9:50:62:d2:59:bd:9f:b5:36:e9:be:43:26:
00:33:ee:66:00:f8:1a:ad:2b:f8:83:32:52:e3:1a:
f6:c0:ff:c3:c9:db:a3:d8:0b:89:38:df:a4:a0:20:
b2:74:cd:4d:99:8a:65:6a:2b:95:c1:0f:b8:c9:ec:
8d:81:41:f2:bf:c5:6a:d6:a5:89:e2:50:34:1f:33:
a7:0a:95:c8:7a:2f:47:51:a4:57:b7:9d:46:6e:5a:
70:be:d3:30:09:23:a0:26:36:69:1d:bd:11:9f:9a:
5e:96:a5:3d:b3:0c:f9:46:62:57:56:c2:01:81:3a:
4a:9b:ad:f3:d8:a8:76:3c:3b:b7:7d:ee:ab:2d:cc:
13:3b:d2:8c:8c:66:84:47:16:f2:34:00:e3:e4:a7:
9e:a9:da:7b:51:0b:1a:de:37:f4:91:81:55:ab:5f:
37:e8:57:54:5f:67:1f:5d:79:85:23:73:bf:e4:da:
3d:68:86:4b:bf:cd:fa:6a:ea:f4:d9:55:e4:87:7a:
55:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:87:F9:0F:88:60:C5:BD:7C:E8:2E:69:D3:BF:5B:B1:1C:99:F8:0F
X509v3 Authority Key Identifier:
keyid:9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/AB549D62125711EF94D14874C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.1.112.0/22
43.0.0.0/9
103.206.40.0/22
IPv6:
2404:2280::/32
240b:4000::/22
Signature Algorithm: sha256WithRSAEncryption
17:83:ea:9a:ea:95:35:14:b5:f1:e5:c7:62:72:2e:21:d0:8a:
8b:ca:78:a5:f1:df:aa:a0:3f:e5:cb:ae:ed:73:eb:05:e4:43:
f3:5d:b9:83:49:de:42:c3:04:5b:57:7c:39:da:28:27:7a:50:
af:ef:95:cb:11:9b:65:5d:35:b5:46:5c:58:61:0d:8a:db:7a:
b1:06:a4:41:f3:ff:5e:29:8f:47:e6:35:50:2d:8c:d2:7a:ff:
77:42:59:3d:c3:cd:6b:33:af:0b:50:65:1b:9f:7c:ff:58:87:
b1:17:a9:01:62:47:0d:d9:60:88:65:25:c0:a1:92:e7:42:1f:
40:eb:b2:6b:ed:55:a8:27:47:4f:d9:56:bc:a9:b8:95:3e:8c:
63:d9:be:16:5b:3d:24:07:d2:40:92:69:0a:72:3d:6f:d1:7f:
74:46:aa:0d:82:63:59:2a:4d:5a:92:b7:ab:bd:2b:bf:9c:1a:
e3:11:13:f7:5b:27:12:fb:9a:4e:26:61:59:48:0d:6c:eb:df:
7f:e9:80:91:62:68:1f:79:c3:3c:74:94:b5:d2:1d:27:79:17:
6c:15:42:48:8e:e2:29:36:ef:c6:fa:f8:2b:2d:3f:c8:bc:83:
8d:e8:88:43:25:4c:ce:e7:9f:43:91:cd:31:26:08:ae:47:0f:
9f:94:4f:85
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICHxIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUExOTgxMTAvBgNVBAUTKDlFMUMzNTMxRDAwNDVFQTM4OUI2OENGRjkyODZBMDhG
QkNCQkQ4QkQwHhcNMjUwOTE3MDY0NDMwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGNhNThjZC0zODExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAufRlIp5tUuSyjcZQuxhWq/1Ixu8t1ajuPMXCvsID5EqLk/NF8BAFaP9YuPA9
k+aHZK985qWEXxdjK+rWmrlQYtJZvZ+1Num+QyYAM+5mAPgarSv4gzJS4xr2wP/D
yduj2AuJON+koCCydM1NmYplaiuVwQ+4yeyNgUHyv8Vq1qWJ4lA0HzOnCpXIei9H
UaRXt51GblpwvtMwCSOgJjZpHb0Rn5pelqU9swz5RmJXVsIBgTpKm63z2Kh2PDu3
fe6rLcwTO9KMjGaERxbyNADj5Keeqdp7UQsa3jf0kYFVq1836FdUX2cfXXmFI3O/
5No9aIZLv836aur02VXkh3pV9wIDAQABo4ICtTCCArEwHQYDVR0OBBYEFEOH+Q+I
YMW9fOguadO/W7EcmfgPMB8GA1UdIwQYMBaAFJ4cNTHQBF6jibaM/5KGoI+8u9i9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTE5OC85OTNGMjA5MEFC
QzQxMUU2QkQ2QkVEMTRDNEY5QUUwMi9uaHcxTWRBRVhxT0p0b3pfa29hZ2o3eTcy
TDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25odzFNZEFFWHFPSnRvel9rb2Fnajd5NzJMMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUExOTgvOTkzRjIwOTBBQkM0MTFFNkJENkJFRDE0QzRGOUFFMDIvQUI1NDlENjIx
MjU3MTFFRjk0RDE0ODc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMBcEAgABMBEDBAIOAXADAwcrAAMEAmfOKDATBAIAAjANAwUAJAQigAMEAiQL
QDANBgkqhkiG9w0BAQsFAAOCAQEAF4PqmuqVNRS18eXHYnIuIdCKi8p4pfHfqqA/
5cuu7XPrBeRD8125g0neQsMEW1d8OdooJ3pQr++VyxGbZV01tUZcWGENitt6sQak
QfP/XimPR+Y1UC2M0nr/d0JZPcPNazOvC1BlG598/1iHsRepAWJHDdlgiGUlwKGS
50IfQOuya+1VqCdHT9lWvKm4lT6MY9m+Fls9JAfSQJJpCnI9b9F/dEaqDYJjWSpN
WpK3q70rv5wa4xET91snEvuaTiZhWUgNbOvff+mAkWJoH3nDPHSUtdIdJ3kXbBVC
SI7iKTbvxvr4Ky0/yLyDjeiIQyVMzuefQ5HNMSYIrkcPn5RPhQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:15:32 2025 by rpki-client