Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC31B/D0ECCD48893D11EB916DF022C4F9AE02/2AECA58494EE11EE84F9D73CC4F9AE02.roa
File: 2AECA58494EE11EE84F9D73CC4F9AE02.roa (raw, json)
Hash identifier: I8a2tYdChMy0m+hYeHyoEloBcDOZ+JhPIXTugtfIp8g=
Subject key identifier: 96:02:5D:18:05:29:5D:DE:DE:81:B3:C8:3E:74:C0:7B:F9:14:7F:FB
Certificate issuer: /CN=A91DC31B/serialNumber=8B8AD5CA1C3E8B8CF468B5F496A91ABB0E48CFA8
Certificate serial: 0760
Authority key identifier: 8B:8A:D5:CA:1C:3E:8B:8C:F4:68:B5:F4:96:A9:1A:BB:0E:48:CF:A8
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i4rVyhw-i4z0aLX0lqkauw5Iz6g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DC31B/D0ECCD48893D11EB916DF022C4F9AE02/2AECA58494EE11EE84F9D73CC4F9AE02.roa
Signing time: Tue 08 Jul 2025 11:22:08 +0000
ROA not before: Tue 08 Jul 2025 11:22:08 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 19551
IP address blocks: 166.81.2.0/24 maxlen: 24
166.81.5.0/24 maxlen: 24
166.81.6.0/24 maxlen: 24
166.81.32.0/24 maxlen: 24
166.81.33.0/24 maxlen: 24
166.81.34.0/24 maxlen: 24
166.81.39.0/24 maxlen: 24
166.81.40.0/24 maxlen: 24
166.81.51.0/24 maxlen: 24
166.81.52.0/24 maxlen: 24
166.81.53.0/24 maxlen: 24
166.81.54.0/24 maxlen: 24
166.81.56.0/24 maxlen: 24
166.81.57.0/24 maxlen: 24
166.81.61.0/24 maxlen: 24
166.81.62.0/24 maxlen: 24
166.81.63.0/24 maxlen: 24
166.81.81.0/24 maxlen: 24
166.81.83.0/24 maxlen: 24
166.81.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91DC31B/D0ECCD48893D11EB916DF022C4F9AE02/i4rVyhw-i4z0aLX0lqkauw5Iz6g.crl
rsync://rpki.apnic.net/member_repository/A91DC31B/D0ECCD48893D11EB916DF022C4F9AE02/i4rVyhw-i4z0aLX0lqkauw5Iz6g.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i4rVyhw-i4z0aLX0lqkauw5Iz6g.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 29 Jul 2025 22:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1888 (0x760)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DC31B, serialNumber=8B8AD5CA1C3E8B8CF468B5F496A91ABB0E48CFA8
Validity
Not Before: Jul 8 11:22:08 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=686cff5f-4a9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e8:bf:43:03:89:7f:3e:10:0b:28:13:e0:29:
84:0f:99:69:f9:70:35:e0:0f:20:e9:7e:61:0d:5f:
2d:c6:1c:7d:3d:f8:44:5c:c1:a6:08:f2:62:ce:03:
51:f5:7b:24:ea:ec:f1:ca:b5:77:62:d6:24:c9:39:
70:9f:63:e2:95:63:be:d5:e9:33:38:48:42:c7:8d:
6f:2c:c3:0f:4d:80:9c:b8:98:1a:3e:d5:9d:f7:dd:
1c:1d:c8:9b:33:0a:c2:66:20:47:ef:dc:ab:47:1f:
54:f0:29:e5:31:ec:a2:42:31:5f:64:e4:04:c8:8f:
48:0d:f4:03:df:b1:c6:09:4e:87:9b:05:2f:ec:11:
67:fa:a9:6d:37:09:99:d4:5e:40:03:4d:7e:b3:f7:
ae:f9:79:1f:d5:d6:02:c6:42:72:ca:5b:2c:6c:73:
3c:2a:9a:41:32:43:9c:01:fd:34:91:ec:54:b7:67:
e0:bd:ff:04:54:a9:8c:74:f6:52:8d:f8:70:a4:65:
d5:92:1e:b4:5c:92:67:5b:f5:03:75:1b:cc:65:38:
e7:3e:41:bc:3f:1b:f4:4d:03:3c:93:f7:3d:38:eb:
62:d8:a6:04:0e:08:23:8d:4f:bc:51:86:9b:46:12:
23:08:4c:fa:0e:75:8c:a4:b1:20:df:d6:94:73:b5:
ce:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:02:5D:18:05:29:5D:DE:DE:81:B3:C8:3E:74:C0:7B:F9:14:7F:FB
X509v3 Authority Key Identifier:
keyid:8B:8A:D5:CA:1C:3E:8B:8C:F4:68:B5:F4:96:A9:1A:BB:0E:48:CF:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DC31B/D0ECCD48893D11EB916DF022C4F9AE02/i4rVyhw-i4z0aLX0lqkauw5Iz6g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i4rVyhw-i4z0aLX0lqkauw5Iz6g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC31B/D0ECCD48893D11EB916DF022C4F9AE02/2AECA58494EE11EE84F9D73CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
166.81.2.0/24
166.81.5.0-166.81.6.255
166.81.32.0-166.81.34.255
166.81.39.0-166.81.40.255
166.81.51.0-166.81.54.255
166.81.56.0/23
166.81.61.0-166.81.63.255
166.81.81.0/24
166.81.83.0-166.81.84.255
Signature Algorithm: sha256WithRSAEncryption
20:90:5a:aa:fc:49:ba:95:d5:c4:c7:a1:52:85:6c:72:60:1a:
ec:58:ea:74:fd:f1:bf:f2:94:b2:8a:5f:5f:e7:c4:44:5b:8c:
b7:01:91:27:c8:86:38:27:ea:a3:47:36:86:f8:e8:30:50:02:
c8:70:19:9e:9e:86:a3:fb:72:70:ba:09:be:08:7d:13:3d:63:
59:25:a6:3a:17:6a:52:00:b1:56:28:4a:44:d2:2d:d1:64:74:
c4:45:a7:37:34:83:0b:13:db:55:d1:ae:1f:39:77:41:02:d8:
88:70:7f:47:07:bc:50:14:99:af:38:cc:23:da:7e:c6:db:2f:
69:5b:56:24:89:a8:4e:e3:3e:eb:79:1f:3b:08:16:87:69:e7:
0a:1e:f8:7e:4a:53:3e:d4:32:69:fe:42:0c:5b:7a:38:b2:04:
83:7a:37:8f:c4:19:b4:8e:63:ff:b6:af:29:a8:ac:5c:f6:d8:
a0:36:0b:37:7b:36:3d:07:d7:99:c0:58:82:eb:e1:b2:ce:cf:
4d:7a:a6:d7:96:0b:8e:db:a1:05:f1:c3:ee:51:cb:fc:f2:fd:
c5:79:98:75:d3:47:2a:5f:98:2a:d5:ae:da:c5:f8:c7:48:51:
40:8a:51:86:98:ca:03:73:bb:90:08:63:46:96:08:9d:74:f4:
c4:fd:32:84
-----BEGIN CERTIFICATE-----
MIIF0TCCBLmgAwIBAgICB2AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REMzMUIxMTAvBgNVBAUTKDhCOEFENUNBMUMzRThCOENGNDY4QjVGNDk2QTkxQUJC
MEU0OENGQTgwHhcNMjUwNzA4MTEyMjA4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODZjZmY1Zi00YTlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyei/QwOJfz4QCygT4CmED5lp+XA14A8g6X5hDV8txhx9PfhEXMGmCPJizgNR
9Xsk6uzxyrV3YtYkyTlwn2PilWO+1ekzOEhCx41vLMMPTYCcuJgaPtWd990cHcib
MwrCZiBH79yrRx9U8CnlMeyiQjFfZOQEyI9IDfQD37HGCU6HmwUv7BFn+qltNwmZ
1F5AA01+s/eu+Xkf1dYCxkJyylssbHM8KppBMkOcAf00kexUt2fgvf8EVKmMdPZS
jfhwpGXVkh60XJJnW/UDdRvMZTjnPkG8Pxv0TQM8k/c9OOti2KYEDggjjU+8UYab
RhIjCEz6DnWMpLEg39aUc7XO0wIDAQABo4IC9TCCAvEwHQYDVR0OBBYEFJYCXRgF
KV3e3oGzyD50wHv5FH/7MB8GA1UdIwQYMBaAFIuK1cocPouM9Gi19JapGrsOSM+o
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzMxQi9EMEVDQ0Q0ODg5
M0QxMUVCOTE2REYwMjJDNEY5QUUwMi9pNHJWeWh3LWk0ejBhTFgwbHFrYXV3NUl6
NmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2k0clZ5aHctaTR6MGFMWDBscWthdXc1SXo2Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REMzMUIvRDBFQ0NENDg4OTNEMTFFQjkxNkRGMDIyQzRGOUFFMDIvMkFFQ0E1ODQ5
NEVFMTFFRTg0RjlENzNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfwYIKwYBBQUHAQcBAf8E
cDBuMGwEAgABMGYDBACmUQIwDAMEAKZRBQMEAKZRBjAMAwQFplEgAwQAplEiMAwD
BACmUScDBACmUSgwDAMEAKZRMwMEAKZRNgMEAaZRODAMAwQAplE9AwQGplEAAwQA
plFRMAwDBACmUVMDBACmUVQwDQYJKoZIhvcNAQELBQADggEBACCQWqr8SbqV1cTH
oVKFbHJgGuxY6nT98b/ylLKKX1/nxERbjLcBkSfIhjgn6qNHNob46DBQAshwGZ6e
hqP7cnC6Cb4IfRM9Y1klpjoXalIAsVYoSkTSLdFkdMRFpzc0gwsT21XRrh85d0EC
2Ihwf0cHvFAUma84zCPafsbbL2lbViSJqE7jPut5HzsIFodp5woe+H5KUz7UMmn+
QgxbejiyBIN6N4/EGbSOY/+2rymorFz22KA2Czd7Nj0H15nAWILr4bLOz016pteW
C47boQXxw+5Ry/zy/cV5mHXTRypfmCrVrtrF+MdIUUCKUYaYygNzu5AIY0aWCJ10
9MT9MoQ=
-----END CERTIFICATE-----
Generated at Thu Jul 24 12:04:45 2025 by rpki-client