Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
File: B32F80267BD111EBBB223C84C4F9AE02.roa (raw, json)
Hash identifier: MVBkwVSktZRTOF45hF8mA3mut6U85hWvy02kahXdUxI=
Subject key identifier: 6D:76:F8:41:6A:DE:5B:2B:A9:48:FA:FB:1C:E4:56:89:7A:74:45:2C
Certificate issuer: /CN=A91EDB37/serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Certificate serial: 0772
Authority key identifier: 95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
Signing time: Fri 22 Aug 2025 06:32:22 +0000
ROA not before: Fri 22 Aug 2025 06:32:22 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 21859
IP address blocks: 129.227.17.0/24 maxlen: 24
129.227.18.0/24 maxlen: 24
129.227.19.0/24 maxlen: 24
129.227.29.0/24 maxlen: 24
129.227.30.0/24 maxlen: 24
129.227.31.0/24 maxlen: 24
129.227.63.0/24 maxlen: 24
129.227.176.0/23 maxlen: 24
129.227.192.0/24 maxlen: 24
129.227.193.0/24 maxlen: 24
129.227.194.0/23 maxlen: 24
156.59.16.0/22 maxlen: 24
156.59.48.0/23 maxlen: 24
156.59.50.0/23 maxlen: 24
156.59.52.0/22 maxlen: 24
156.59.73.0/24 maxlen: 24
156.59.80.0/21 maxlen: 24
156.59.94.0/23 maxlen: 24
156.59.108.0/24 maxlen: 24
156.59.123.0/24 maxlen: 24
156.59.128.0/21 maxlen: 24
156.59.136.0/21 maxlen: 24
156.59.146.0/24 maxlen: 24
156.59.216.0/24 maxlen: 24
156.59.224.0/24 maxlen: 24
156.59.225.0/24 maxlen: 24
156.59.241.0/24 maxlen: 24
156.59.255.0/24 maxlen: 24
162.128.43.0/24 maxlen: 24
162.128.44.0/24 maxlen: 24
162.128.53.0/24 maxlen: 24
162.128.54.0/24 maxlen: 24
162.128.55.0/24 maxlen: 24
162.128.56.0/24 maxlen: 24
162.128.57.0/24 maxlen: 24
162.128.140.0/24 maxlen: 24
162.128.149.0/24 maxlen: 24
162.128.150.0/24 maxlen: 24
162.128.151.0/24 maxlen: 24
162.128.186.0/24 maxlen: 24
162.128.196.0/24 maxlen: 24
162.128.197.0/24 maxlen: 24
162.128.198.0/24 maxlen: 24
162.128.199.0/24 maxlen: 24
162.128.200.0/24 maxlen: 24
162.128.201.0/24 maxlen: 24
162.128.202.0/24 maxlen: 24
162.128.204.0/24 maxlen: 24
162.128.205.0/24 maxlen: 24
162.128.206.0/24 maxlen: 24
162.128.207.0/24 maxlen: 24
162.128.208.0/24 maxlen: 24
162.128.209.0/24 maxlen: 24
162.128.210.0/24 maxlen: 24
162.128.211.0/24 maxlen: 24
162.128.213.0/24 maxlen: 24
162.128.214.0/24 maxlen: 24
162.128.218.0/24 maxlen: 24
162.128.219.0/24 maxlen: 24
162.128.220.0/24 maxlen: 24
162.128.221.0/24 maxlen: 24
162.128.222.0/24 maxlen: 24
162.128.223.0/24 maxlen: 24
162.128.224.0/24 maxlen: 24
162.128.225.0/24 maxlen: 24
162.128.226.0/24 maxlen: 24
162.128.227.0/24 maxlen: 24
162.128.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 22:19:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1906 (0x772)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EDB37, serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Validity
Not Before: Aug 22 06:32:22 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=68a80ef6-1f34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7c:ea:3f:df:1d:57:40:8c:4d:da:78:76:bc:
d1:22:33:bb:f7:93:8f:04:38:a1:7c:b2:7f:27:3c:
20:bb:f5:6c:c9:04:01:a3:cc:4e:a8:e5:fa:5f:d1:
10:66:01:89:e4:33:4f:6a:af:be:e3:98:02:fb:6c:
b2:e0:c2:46:5b:d0:13:ff:44:28:3f:41:5c:bf:78:
32:49:79:ef:8b:08:34:a8:be:de:b5:6a:95:3b:5d:
49:a4:b2:f8:df:a8:b7:ae:26:e8:39:3f:2e:09:e1:
97:7c:ac:25:cb:c1:a0:f2:b1:4f:74:e1:ca:3b:0c:
41:7f:5c:ff:b6:3c:5c:07:16:df:76:92:9c:a0:4a:
a7:52:c5:a4:7e:5c:5a:c0:34:1e:e2:44:bd:63:80:
b0:fb:26:04:40:de:ac:99:06:9d:65:67:3c:b9:df:
a8:4b:75:8d:10:8d:c2:10:d7:6b:8c:a6:e4:7b:69:
95:e0:e9:9a:23:48:5b:63:25:c8:35:ae:6a:a4:43:
e6:3e:46:50:4e:82:f1:f4:c8:02:11:ff:dc:33:b9:
d3:1c:e0:b5:fd:4a:14:0b:49:43:3d:c6:27:67:fd:
f0:26:6d:cf:bd:33:10:3e:e5:b3:a9:ce:43:bd:da:
fb:14:b2:aa:6b:d2:e5:28:c4:0b:06:ea:39:53:c4:
82:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:76:F8:41:6A:DE:5B:2B:A9:48:FA:FB:1C:E4:56:89:7A:74:45:2C
X509v3 Authority Key Identifier:
keyid:95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.227.17.0-129.227.19.255
129.227.29.0-129.227.31.255
129.227.63.0/24
129.227.176.0/23
129.227.192.0/22
156.59.16.0/22
156.59.48.0/21
156.59.73.0/24
156.59.80.0/21
156.59.94.0/23
156.59.108.0/24
156.59.123.0/24
156.59.128.0/20
156.59.146.0/24
156.59.216.0/24
156.59.224.0/23
156.59.241.0/24
156.59.255.0/24
162.128.43.0-162.128.44.255
162.128.53.0-162.128.57.255
162.128.140.0/24
162.128.149.0-162.128.151.255
162.128.186.0/24
162.128.196.0-162.128.202.255
162.128.204.0-162.128.211.255
162.128.213.0-162.128.214.255
162.128.218.0-162.128.227.255
162.128.254.0/24
Signature Algorithm: sha256WithRSAEncryption
12:64:a8:17:36:e7:b5:52:af:bb:21:10:c9:42:51:26:94:70:
4e:46:4d:fc:86:d0:cc:9f:1c:6c:9c:fd:56:7a:3e:57:35:06:
22:cf:23:ae:6b:1d:f6:07:f5:92:4b:61:93:ba:de:be:a1:c0:
04:8d:ba:da:0d:55:e2:70:8d:9d:5c:ac:b3:0d:55:c7:29:41:
44:97:85:fb:ab:37:4c:d9:fb:60:97:e7:cb:47:6f:3e:3f:e2:
6a:ab:8e:b0:96:57:fd:eb:5e:07:3e:ef:19:37:05:77:66:84:
2c:b2:51:0c:a6:8d:c1:fc:cf:1c:01:a7:39:3a:c6:55:a1:50:
2d:2b:54:e7:74:63:65:c3:fe:fe:70:52:04:7e:c5:af:d0:1f:
86:22:52:57:7e:f4:9d:40:e6:14:28:7c:b9:48:2f:f7:33:12:
1e:a6:3a:ee:e2:25:12:ce:bd:13:63:e9:1d:dc:ea:0d:bb:79:
7e:4b:40:a7:15:ae:47:d9:ee:1c:df:71:50:84:ff:85:aa:27:
c6:dd:1e:35:24:a4:16:ee:aa:1d:5e:36:7a:4c:54:93:3d:93:
71:a3:f4:a4:8e:80:8e:4d:cd:d0:8e:a7:45:30:aa:86:52:0d:
32:de:fc:db:9d:d8:0a:64:c5:75:48:44:39:91:bd:60:31:8a:
78:43:47:2a
-----BEGIN CERTIFICATE-----
MIIGYTCCBUmgAwIBAgICB3IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RURCMzcxMTAvBgNVBAUTKDk1RkVCRTkzQTMzQTMzOTRCRDFGNjBEQ0JCRERCOUZE
RTA3MkI3RjMwHhcNMjUwODIyMDYzMjIyWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGE4MGVmNi0xZjM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs3zqP98dV0CMTdp4drzRIjO795OPBDihfLJ/Jzwgu/VsyQQBo8xOqOX6X9EQ
ZgGJ5DNPaq++45gC+2yy4MJGW9AT/0QoP0Fcv3gySXnviwg0qL7etWqVO11JpLL4
36i3riboOT8uCeGXfKwly8Gg8rFPdOHKOwxBf1z/tjxcBxbfdpKcoEqnUsWkflxa
wDQe4kS9Y4Cw+yYEQN6smQadZWc8ud+oS3WNEI3CENdrjKbke2mV4OmaI0hbYyXI
Na5qpEPmPkZQToLx9MgCEf/cM7nTHOC1/UoUC0lDPcYnZ/3wJm3PvTMQPuWzqc5D
vdr7FLKqa9LlKMQLBuo5U8SCqwIDAQABo4IDhTCCA4EwHQYDVR0OBBYEFG12+EFq
3lsrqUj6+xzkVol6dEUsMB8GA1UdIwQYMBaAFJX+vpOjOjOUvR9g3Lvduf3gcrfz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFREIzNy80REU2MzVFMDc4
QTAxMUVCOTUwRDMxNzVDNEY5QUUwMi9sZjYtazZNNk01UzlIMkRjdTkyNV9lQnl0
X00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2xmNi1rNk02TTVTOUgyRGN1OTI1X2VCeXRfTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RURCMzcvNERFNjM1RTA3OEEwMTFFQjk1MEQzMTc1QzRGOUFFMDIvQjMyRjgwMjY3
QkQxMTFFQkJCMjIzQzg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggENBggrBgEFBQcBBwEB
/wSB/TCB+jCB9wQCAAEwgfAwDAMEAIHjEQMEAoHjEDAMAwQAgeMdAwQFgeMAAwQA
geM/AwQBgeOwAwQCgePAAwQCnDsQAwQDnDswAwQAnDtJAwQDnDtQAwQBnDteAwQA
nDtsAwQAnDt7AwQEnDuAAwQAnDuSAwQAnDvYAwQBnDvgAwQAnDvxAwQAnDv/MAwD
BACigCsDBACigCwwDAMEAKKANQMEAaKAOAMEAKKAjDAMAwQAooCVAwQDooCQAwQA
ooC6MAwDBAKigMQDBACigMowDAMEAqKAzAMEAqKA0DAMAwQAooDVAwQAooDWMAwD
BAGigNoDBAKigOADBACigP4wDQYJKoZIhvcNAQELBQADggEBABJkqBc257VSr7sh
EMlCUSaUcE5GTfyG0MyfHGyc/VZ6Plc1BiLPI65rHfYH9ZJLYZO63r6hwASNutoN
VeJwjZ1crLMNVccpQUSXhfurN0zZ+2CX58tHbz4/4mqrjrCWV/3rXgc+7xk3BXdm
hCyyUQymjcH8zxwBpzk6xlWhUC0rVOd0Y2XD/v5wUgR+xa/QH4YiUld+9J1A5hQo
fLlIL/czEh6mOu7iJRLOvRNj6R3c6g27eX5LQKcVrkfZ7hzfcVCE/4WqJ8bdHjUk
pBbuqh1eNnpMVJM9k3Gj9KSOgI5NzdCOp0UwqoZSDTLe/Nud2ApkxXVIRDmRvWAx
inhDRyo=
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:44:23 2025 by rpki-client