Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/566800AE193C11F094773636C4F9AE02.roa
File: 566800AE193C11F094773636C4F9AE02.roa (raw, json)
Hash identifier: pLiZ6X9+7xN8ORYHJB7J1Ldu51VYpjaMx4LhmXbS55Y=
Subject key identifier: D9:84:C6:86:B5:BA:61:D7:D6:2D:B2:0E:26:0D:33:12:E0:91:EB:CD
Certificate issuer: /CN=A911D75C/serialNumber=1A1A40AD93A4A4307ED7264D47D252CAF62DEFFD
Certificate serial: 0CE3
Authority key identifier: 1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/566800AE193C11F094773636C4F9AE02.roa
Signing time: Thu 17 Jul 2025 13:46:56 +0000
ROA not before: Thu 17 Jul 2025 13:46:56 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 141030
IP address blocks: 2400:3dc0:41::/48 maxlen: 48
2400:3dc0:42::/48 maxlen: 48
2400:3dc0:44::/48 maxlen: 48
2400:3dc0:47::/48 maxlen: 48
2400:3dc0:48::/48 maxlen: 48
2400:3dc0:4d::/48 maxlen: 48
2400:3dc0:4e::/48 maxlen: 48
2400:3dc0:4f::/48 maxlen: 48
2400:3dc0:50::/48 maxlen: 48
2400:3dc0:51::/48 maxlen: 48
2400:3dc0:53::/48 maxlen: 48
2400:3dc0:55::/48 maxlen: 48
2400:3dc0:59::/48 maxlen: 48
2400:3dc0:5f::/48 maxlen: 48
2400:3dc0:63::/48 maxlen: 48
2400:3dc0:65::/48 maxlen: 48
2400:3dc0:66::/48 maxlen: 48
2400:3dc0:67::/48 maxlen: 48
2400:3dc0:6b::/48 maxlen: 48
2400:3dc0:6d::/48 maxlen: 48
2400:3dc0:73::/48 maxlen: 48
2400:3dc0:74::/48 maxlen: 48
2400:3dc0:75::/48 maxlen: 48
2400:3dc0:81::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.crl
rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 27 Jul 2025 18:29:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3299 (0xce3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D75C, serialNumber=1A1A40AD93A4A4307ED7264D47D252CAF62DEFFD
Validity
Not Before: Jul 17 13:46:56 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=6878fed0-5e24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:68:e4:c7:9b:4d:c8:d3:a7:d5:6d:36:5d:a7:
ef:ab:57:05:14:25:a0:f3:5d:4d:01:76:a8:3a:e6:
75:2a:74:c6:e8:a0:f7:42:78:5f:e5:1f:b5:06:42:
aa:0c:93:43:24:bf:2c:60:df:61:09:38:6f:ce:d7:
01:8a:22:fa:db:64:09:f8:32:80:82:63:d6:a1:9d:
e6:cc:26:0a:55:01:ba:97:ab:27:81:39:1a:dd:e5:
1b:05:3c:d9:a5:af:97:d4:42:64:62:92:f8:68:5c:
8a:3d:73:ef:a2:05:78:c0:16:a2:29:b6:86:85:85:
2b:06:f9:7e:ea:45:99:c0:f9:0d:45:5d:48:fe:36:
90:16:67:bf:9d:28:85:30:82:78:4a:5c:a8:87:16:
73:78:8a:82:31:ec:24:b8:43:54:12:58:43:96:f5:
86:9c:ba:31:c0:97:ff:88:52:09:7f:a4:d0:e6:f8:
52:3f:5d:72:39:37:79:19:08:6d:13:e2:2d:56:79:
35:35:23:83:63:e5:5e:9e:76:1e:59:f5:cc:16:6f:
a3:c1:86:0a:2b:a9:86:2e:72:c3:27:8f:51:4c:1d:
e1:41:3b:8f:e9:49:22:08:90:96:74:dd:21:f8:49:
aa:00:5a:0e:31:35:87:41:5d:2b:7c:ce:b9:b6:5b:
9e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:84:C6:86:B5:BA:61:D7:D6:2D:B2:0E:26:0D:33:12:E0:91:EB:CD
X509v3 Authority Key Identifier:
keyid:1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/566800AE193C11F094773636C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:3dc0:41::-2400:3dc0:42:ffff:ffff:ffff:ffff:ffff
2400:3dc0:44::/48
2400:3dc0:47::-2400:3dc0:48:ffff:ffff:ffff:ffff:ffff
2400:3dc0:4d::-2400:3dc0:51:ffff:ffff:ffff:ffff:ffff
2400:3dc0:53::/48
2400:3dc0:55::/48
2400:3dc0:59::/48
2400:3dc0:5f::/48
2400:3dc0:63::/48
2400:3dc0:65::-2400:3dc0:67:ffff:ffff:ffff:ffff:ffff
2400:3dc0:6b::/48
2400:3dc0:6d::/48
2400:3dc0:73::-2400:3dc0:75:ffff:ffff:ffff:ffff:ffff
2400:3dc0:81::/48
Signature Algorithm: sha256WithRSAEncryption
14:c7:80:63:19:a0:58:eb:50:8e:72:13:c7:45:78:d7:b5:8e:
b8:f3:4c:d6:93:32:d3:e8:13:9a:f9:ef:8d:21:8c:a1:a6:7e:
c5:b9:ff:cb:51:6b:c6:1c:61:f0:83:7d:ec:fe:7f:27:fa:55:
ec:87:d8:67:50:51:bb:e0:a2:30:65:ff:16:3d:84:f0:b2:4e:
29:e3:c2:35:5e:af:0f:6a:dd:54:27:1d:9b:82:9c:9f:10:b5:
1c:02:48:ec:fe:53:0d:8b:ff:0e:91:13:1f:6f:49:bd:e8:cf:
07:4c:e3:5f:3f:ac:1b:d2:48:85:04:f5:67:1f:4d:dc:df:d5:
1d:da:90:a5:18:0f:90:76:f3:2f:51:f0:ab:4c:08:73:d3:68:
df:d8:ed:9b:8a:b9:b6:de:e9:47:8c:37:ae:99:f4:e9:99:fe:
99:17:bd:bf:15:f1:85:df:6b:f7:34:c4:21:d9:21:e8:c5:a4:
cb:c1:a7:7f:5d:61:a6:b8:04:c8:3e:25:c8:ea:2f:54:ea:c5:
e2:b4:9b:cc:b5:c1:cc:2e:05:1f:ae:eb:89:07:73:e8:c9:87:
b3:80:cd:f3:8a:e7:54:62:c3:20:01:07:ab:42:10:2c:22:b4:
43:ce:cc:ea:c5:76:86:f5:df:23:0b:c8:d1:4c:2a:c1:91:9b:
e9:84:b3:5d
-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgICDOMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQ3NUMxMTAvBgNVBAUTKDFBMUE0MEFEOTNBNEE0MzA3RUQ3MjY0RDQ3RDI1MkNB
RjYyREVGRkQwHhcNMjUwNzE3MTM0NjU2WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODc4ZmVkMC01ZTI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA12jkx5tNyNOn1W02Xafvq1cFFCWg811NAXaoOuZ1KnTG6KD3Qnhf5R+1BkKq
DJNDJL8sYN9hCThvztcBiiL622QJ+DKAgmPWoZ3mzCYKVQG6l6sngTka3eUbBTzZ
pa+X1EJkYpL4aFyKPXPvogV4wBaiKbaGhYUrBvl+6kWZwPkNRV1I/jaQFme/nSiF
MIJ4SlyohxZzeIqCMewkuENUElhDlvWGnLoxwJf/iFIJf6TQ5vhSP11yOTd5GQht
E+ItVnk1NSODY+VennYeWfXMFm+jwYYKK6mGLnLDJ49RTB3hQTuP6UkiCJCWdN0h
+EmqAFoOMTWHQV0rfM65tluekwIDAQABo4IDSTCCA0UwHQYDVR0OBBYEFNmExoa1
umHX1i2yDiYNMxLgkevNMB8GA1UdIwQYMBaAFBoaQK2TpKQwftcmTUfSUsr2Le/9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDc1Qy8yQkM1RkQ0MDA2
QzAxMUVBQkM0M0I3MDlDNEY5QUUwMi9HaHBBclpPa3BEQi0xeVpOUjlKU3l2WXQ3
XzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0docEFyWk9rcERCLTF5Wk5SOUpTeXZZdDdfMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQ3NUMvMkJDNUZENDAwNkMwMTFFQUJDNDNCNzA5QzRGOUFFMDIvNTY2ODAwQUUx
OTNDMTFGMDk0NzczNjM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgdIGCCsGAQUFBwEHAQH/
BIHCMIG/MIG8BAIAAjCBtTASAwcAJAA9wABBAwcAJAA9wABCAwcAJAA9wABEMBID
BwAkAD3AAEcDBwAkAD3AAEgwEgMHACQAPcAATQMHASQAPcAAUAMHACQAPcAAUwMH
ACQAPcAAVQMHACQAPcAAWQMHACQAPcAAXwMHACQAPcAAYzASAwcAJAA9wABlAwcD
JAA9wABgAwcAJAA9wABrAwcAJAA9wABtMBIDBwAkAD3AAHMDBwEkAD3AAHQDBwAk
AD3AAIEwDQYJKoZIhvcNAQELBQADggEBABTHgGMZoFjrUI5yE8dFeNe1jrjzTNaT
MtPoE5r5740hjKGmfsW5/8tRa8YcYfCDfez+fyf6VeyH2GdQUbvgojBl/xY9hPCy
TinjwjVerw9q3VQnHZuCnJ8QtRwCSOz+Uw2L/w6REx9vSb3ozwdM418/rBvSSIUE
9WcfTdzf1R3akKUYD5B28y9R8KtMCHPTaN/Y7ZuKubbe6UeMN66Z9OmZ/pkXvb8V
8YXfa/c0xCHZIejFpMvBp39dYaa4BMg+JcjqL1TqxeK0m8y1wcwuBR+u64kHc+jJ
h7OAzfOK51RiwyABB6tCECwitEPOzOrFdob13yMLyNFMKsGRm+mEs10=
-----END CERTIFICATE-----
Generated at Mon Jul 21 07:14:07 2025 by rpki-client