Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/84B96CA6904111EF8D11A381C4F9AE02.roa
File: 84B96CA6904111EF8D11A381C4F9AE02.roa (raw, json)
Hash identifier: bp4jWdbgFBJj7qXPWgiCGUliXYnrbIsNlkes3iQSxxc=
Subject key identifier: 40:62:A5:B8:32:EF:83:C9:16:C8:44:BB:0B:B7:86:B8:41:79:5B:FB
Certificate issuer: /CN=A91EF24F/serialNumber=1EB7AD2352F7C6EA4A62F784CE5FBB116DF26EC2
Certificate serial: 082E
Authority key identifier: 1E:B7:AD:23:52:F7:C6:EA:4A:62:F7:84:CE:5F:BB:11:6D:F2:6E:C2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HretI1L3xupKYveEzl-7EW3ybsI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/84B96CA6904111EF8D11A381C4F9AE02.roa
Signing time: Mon 06 Oct 2025 21:22:53 +0000
ROA not before: Mon 06 Oct 2025 21:22:53 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 55705
IP address blocks: 45.124.108.0/24 maxlen: 24
45.124.109.0/24 maxlen: 24
103.10.76.0/24 maxlen: 24
103.10.77.0/24 maxlen: 24
103.18.140.0/24 maxlen: 24
103.18.141.0/24 maxlen: 24
103.18.142.0/24 maxlen: 24
103.18.143.0/24 maxlen: 24
103.36.156.0/24 maxlen: 24
103.36.157.0/24 maxlen: 24
103.36.158.0/24 maxlen: 24
103.36.159.0/24 maxlen: 24
103.225.60.0/24 maxlen: 24
103.225.61.0/24 maxlen: 24
103.225.62.0/24 maxlen: 24
103.225.63.0/24 maxlen: 24
103.238.100.0/24 maxlen: 24
103.238.101.0/24 maxlen: 24
103.238.102.0/24 maxlen: 24
103.238.103.0/24 maxlen: 24
202.41.22.0/24 maxlen: 24
202.41.23.0/24 maxlen: 24
202.41.24.0/24 maxlen: 24
202.41.25.0/24 maxlen: 24
202.41.26.0/24 maxlen: 24
202.41.27.0/24 maxlen: 24
202.41.28.0/24 maxlen: 24
202.41.29.0/24 maxlen: 24
202.41.30.0/24 maxlen: 24
202.41.31.0/24 maxlen: 24
203.55.102.0/24 maxlen: 24
203.55.103.0/24 maxlen: 24
223.165.24.0/24 maxlen: 24
223.165.25.0/24 maxlen: 24
223.165.26.0/24 maxlen: 24
223.165.27.0/24 maxlen: 24
223.165.28.0/24 maxlen: 24
223.165.29.0/24 maxlen: 24
223.165.30.0/24 maxlen: 24
223.165.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.crl
rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HretI1L3xupKYveEzl-7EW3ybsI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 22:17:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2094 (0x82e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EF24F, serialNumber=1EB7AD2352F7C6EA4A62F784CE5FBB116DF26EC2
Validity
Not Before: Oct 6 21:22:53 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=68e4332d-df61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:60:28:e1:44:8c:bd:1c:76:f6:1f:f4:a8:26:
f2:88:47:83:20:4a:2c:21:c4:af:4a:b5:28:78:51:
f5:29:c2:26:bd:34:4d:1f:26:96:f6:c3:dd:64:31:
79:45:eb:dd:e9:bf:a8:c1:84:e6:a6:d1:29:8f:bb:
86:65:b1:44:11:7a:cc:af:b6:08:43:53:6b:46:43:
fb:6d:55:b3:31:5a:ac:f1:aa:9a:c0:20:8d:a6:aa:
fb:70:3b:51:30:4e:77:5c:03:f8:4d:18:bf:a2:75:
75:ab:57:12:ec:81:79:7d:18:36:c3:8a:cf:15:c2:
22:33:4f:ab:67:94:21:3b:38:50:86:e9:ff:98:08:
94:80:92:53:42:6a:fb:15:58:f2:59:70:2e:84:31:
9b:bd:c3:dc:26:29:5a:a9:dd:a6:4a:b3:ae:1f:8f:
73:13:85:7f:35:11:48:af:f0:7c:7d:fb:8f:9a:25:
ff:57:14:e3:c5:3c:7e:38:0a:d7:53:c9:b3:cc:a8:
43:52:9d:ae:ad:d4:f8:48:66:e7:37:1e:79:7f:3d:
ab:3a:75:85:6d:9f:6f:df:6f:91:56:16:1d:2d:71:
a4:86:1f:67:8d:d8:e0:6e:f0:99:eb:b9:d0:1f:b1:
3c:9c:e7:af:0d:60:68:9a:12:ea:58:18:f2:dd:40:
6e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:62:A5:B8:32:EF:83:C9:16:C8:44:BB:0B:B7:86:B8:41:79:5B:FB
X509v3 Authority Key Identifier:
keyid:1E:B7:AD:23:52:F7:C6:EA:4A:62:F7:84:CE:5F:BB:11:6D:F2:6E:C2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HretI1L3xupKYveEzl-7EW3ybsI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/84B96CA6904111EF8D11A381C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.124.108.0/23
103.10.76.0/23
103.18.140.0/22
103.36.156.0/22
103.225.60.0/22
103.238.100.0/22
202.41.22.0-202.41.31.255
203.55.102.0/23
223.165.24.0/21
Signature Algorithm: sha256WithRSAEncryption
41:93:91:5b:db:e2:75:31:87:7d:45:bd:e5:fb:c6:46:87:20:
2a:44:43:f3:2a:44:4e:6f:fe:c7:eb:80:85:36:ce:ed:30:cb:
ac:58:a1:32:b0:f0:0a:ec:79:51:9b:4e:36:d1:d8:0a:76:5a:
6f:0f:41:46:e6:65:b3:ac:8b:f9:5f:7d:5e:14:2a:7c:53:55:
07:12:73:30:a5:aa:82:dc:88:66:98:f2:bb:05:43:db:88:87:
1a:3c:1a:5e:33:93:0f:b2:c1:39:35:0e:15:dd:d5:3e:52:29:
2a:d4:77:9a:83:96:a1:bd:91:72:f7:05:10:be:f1:6d:eb:89:
b1:ae:19:40:9b:02:f0:60:f9:b1:3d:af:f3:f8:af:b4:7b:5d:
ba:48:3e:d6:5e:13:e2:64:ae:29:51:67:43:42:aa:10:e5:da:
89:12:2f:27:e8:a5:bf:04:6c:29:f4:e4:25:55:cd:6e:8d:cd:
c0:11:30:b2:62:1d:43:e6:0a:b5:b1:03:82:eb:c0:fe:a1:e1:
f7:6b:db:78:f9:a9:1f:af:cd:b5:86:ab:d9:0a:60:12:4f:fa:
57:83:f7:5e:08:3d:a3:ee:78:50:f2:9f:9a:4c:f8:58:18:c4:
a0:52:bf:20:9f:94:4e:c1:5a:a8:98:35:58:28:78:25:b7:7f:
f1:86:2e:ee
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgICCC4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUYyNEYxMTAvBgNVBAUTKDFFQjdBRDIzNTJGN0M2RUE0QTYyRjc4NENFNUZCQjEx
NkRGMjZFQzIwHhcNMjUxMDA2MjEyMjUzWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGU0MzMyZC1kZjYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArGAo4USMvRx29h/0qCbyiEeDIEosIcSvSrUoeFH1KcImvTRNHyaW9sPdZDF5
Revd6b+owYTmptEpj7uGZbFEEXrMr7YIQ1NrRkP7bVWzMVqs8aqawCCNpqr7cDtR
ME53XAP4TRi/onV1q1cS7IF5fRg2w4rPFcIiM0+rZ5QhOzhQhun/mAiUgJJTQmr7
FVjyWXAuhDGbvcPcJilaqd2mSrOuH49zE4V/NRFIr/B8ffuPmiX/VxTjxTx+OArX
U8mzzKhDUp2urdT4SGbnNx55fz2rOnWFbZ9v32+RVhYdLXGkhh9njdjgbvCZ67nQ
H7E8nOevDWBomhLqWBjy3UBu3QIDAQABo4ICzTCCAskwHQYDVR0OBBYEFEBipbgy
74PJFshEuwu3hrhBeVv7MB8GA1UdIwQYMBaAFB63rSNS98bqSmL3hM5fuxFt8m7C
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjI0Ri82NURERkFCNDAy
RkExMUVCQTNBMEEyMzFDNEY5QUUwMi9IcmV0STFMM3h1cEtZdmVFemwtN0VXM3li
c0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hyZXRJMUwzeHVwS1l2ZUV6bC03RVczeWJzSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUYyNEYvNjVEREZBQjQwMkZBMTFFQkEzQTBBMjMxQzRGOUFFMDIvODRCOTZDQTY5
MDQxMTFFRjhEMTFBMzgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVwYIKwYBBQUHAQcBAf8E
SDBGMEQEAgABMD4DBAEtfGwDBAFnCkwDBAJnEowDBAJnJJwDBAJn4TwDBAJn7mQw
DAMEAcopFgMEBcopAAMEAcs3ZgMEA9+lGDANBgkqhkiG9w0BAQsFAAOCAQEAQZOR
W9vidTGHfUW95fvGRocgKkRD8ypETm/+x+uAhTbO7TDLrFihMrDwCux5UZtONtHY
CnZabw9BRuZls6yL+V99XhQqfFNVBxJzMKWqgtyIZpjyuwVD24iHGjwaXjOTD7LB
OTUOFd3VPlIpKtR3moOWob2RcvcFEL7xbeuJsa4ZQJsC8GD5sT2v8/ivtHtdukg+
1l4T4mSuKVFnQ0KqEOXaiRIvJ+ilvwRsKfTkJVXNbo3NwBEwsmIdQ+YKtbEDguvA
/qHh92vbePmpH6/NtYar2QpgEk/6V4P3Xgg9o+54UPKfmkz4WBjEoFK/IJ+UTsFa
qJg1WCh4Jbd/8YYu7g==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:42:47 2025 by rpki-client