Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6304/19E4DF06DB0711EC9922D70FC4F9AE02/095A440652B311F0B25AA911C4F9AE02.roa
File: 095A440652B311F0B25AA911C4F9AE02.roa (raw, json)
Hash identifier: boxMqVE8q46us+PFvAGR6ljVcVX9wIOjIMY9dIoSWLY=
Subject key identifier: 4E:2E:9B:FB:57:E1:34:BE:FE:C2:97:72:03:5B:BA:68:E6:4D:06:E1
Certificate issuer: /CN=A91E6304/serialNumber=2596AED0C0CB3BCFE31804B239CF4657712E276A
Certificate serial: 0366
Authority key identifier: 25:96:AE:D0:C0:CB:3B:CF:E3:18:04:B2:39:CF:46:57:71:2E:27:6A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JZau0MDLO8_jGASyOc9GV3EuJ2o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6304/19E4DF06DB0711EC9922D70FC4F9AE02/095A440652B311F0B25AA911C4F9AE02.roa
Signing time: Thu 26 Jun 2025 17:28:56 +0000
ROA not before: Thu 26 Jun 2025 17:28:56 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 31898
IP address blocks: 2407:30c0:200::/48 maxlen: 48
2407:30c0:201::/48 maxlen: 48
2407:30c0:202::/48 maxlen: 48
2407:30c0:203::/48 maxlen: 48
2407:30c0:204::/48 maxlen: 48
2407:30c0:205::/48 maxlen: 48
2407:30c0:206::/48 maxlen: 48
2407:30c0:207::/48 maxlen: 48
2407:30c0:208::/48 maxlen: 48
2407:30c0:20a::/48 maxlen: 48
2407:30c0:20b::/48 maxlen: 48
2407:30c0:20c::/48 maxlen: 48
2407:30c0:20d::/48 maxlen: 48
2407:30c0:20e::/48 maxlen: 48
2407:30c0:20f::/48 maxlen: 48
2407:30c0:211::/48 maxlen: 48
2407:30c0:212::/48 maxlen: 48
2407:30c0:213::/48 maxlen: 48
2407:30c0:214::/48 maxlen: 48
2407:30c0:215::/48 maxlen: 48
2407:30c0:216::/48 maxlen: 48
2407:30c0:217::/48 maxlen: 48
2407:30c0:218::/48 maxlen: 48
2407:30c0:219::/48 maxlen: 48
2407:30c0:21a::/48 maxlen: 48
2407:30c0:21b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E6304/19E4DF06DB0711EC9922D70FC4F9AE02/JZau0MDLO8_jGASyOc9GV3EuJ2o.crl
rsync://rpki.apnic.net/member_repository/A91E6304/19E4DF06DB0711EC9922D70FC4F9AE02/JZau0MDLO8_jGASyOc9GV3EuJ2o.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JZau0MDLO8_jGASyOc9GV3EuJ2o.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 08 Jul 2025 01:50:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 870 (0x366)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6304, serialNumber=2596AED0C0CB3BCFE31804B239CF4657712E276A
Validity
Not Before: Jun 26 17:28:56 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=685d8358-5ae2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:51:1f:b7:02:34:b6:5b:00:9d:4d:20:b8:b9:
b9:7f:ed:99:a7:55:6f:1a:04:da:37:f1:91:7e:da:
09:97:9e:e9:03:8b:b7:d5:59:79:7f:f4:1b:89:f0:
1c:c2:c6:89:64:b4:a0:82:fe:0d:15:f0:c8:8c:08:
f1:11:1d:05:41:2a:53:3e:f0:75:3a:e8:c7:04:f7:
1c:a5:d7:70:4b:1e:39:70:3b:42:0b:9a:31:ae:7c:
66:3b:9b:59:05:e8:07:a3:f1:4d:82:1a:fe:59:bb:
da:39:51:62:3d:47:8c:50:a4:ea:45:0e:ca:0e:78:
4f:7b:c5:08:11:1a:25:96:14:7c:1a:f7:ec:d1:98:
68:8d:05:9f:e4:31:b6:9b:06:98:da:bb:a7:55:a1:
af:9b:44:83:de:3a:0d:dd:85:e6:4d:2b:b7:07:41:
1d:17:1d:e1:d7:5b:35:f8:2e:87:db:84:46:52:55:
f1:87:a9:d8:b0:b9:47:34:67:3b:7b:87:a8:df:21:
ac:2c:ca:0d:45:52:1b:36:09:59:d8:30:61:6f:82:
bd:c5:a9:33:0b:b2:f6:e3:f5:b2:74:56:a0:6f:68:
4f:ab:86:fa:22:6d:fa:a4:06:68:be:73:e1:81:61:
98:db:64:d0:75:4a:ab:17:9a:b6:5b:83:9c:89:af:
e4:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:2E:9B:FB:57:E1:34:BE:FE:C2:97:72:03:5B:BA:68:E6:4D:06:E1
X509v3 Authority Key Identifier:
keyid:25:96:AE:D0:C0:CB:3B:CF:E3:18:04:B2:39:CF:46:57:71:2E:27:6A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6304/19E4DF06DB0711EC9922D70FC4F9AE02/JZau0MDLO8_jGASyOc9GV3EuJ2o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JZau0MDLO8_jGASyOc9GV3EuJ2o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6304/19E4DF06DB0711EC9922D70FC4F9AE02/095A440652B311F0B25AA911C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:30c0:200::-2407:30c0:208:ffff:ffff:ffff:ffff:ffff
2407:30c0:20a::-2407:30c0:20f:ffff:ffff:ffff:ffff:ffff
2407:30c0:211::-2407:30c0:21b:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3a:78:85:96:10:c3:31:bc:65:1d:86:4f:80:79:dc:23:bf:bb:
a6:99:17:f9:32:ff:43:1e:e6:76:95:3b:70:28:39:6f:df:08:
9e:4a:62:7e:bf:08:41:20:96:bf:3f:41:ce:65:50:85:78:ad:
cb:c0:0e:c7:f9:56:be:7b:c1:f6:61:9f:48:37:00:3f:62:2a:
c4:26:bf:e2:32:9b:99:c1:65:f2:bd:c1:05:71:42:2d:54:30:
cd:3b:85:d5:48:b4:e5:9c:10:0b:85:32:7b:f0:80:e8:50:01:
56:43:fc:b0:d7:26:45:9d:84:19:b2:11:9b:99:69:1a:e4:cc:
cf:61:52:75:24:d0:8a:3d:12:6d:0e:bd:dd:2d:e2:98:8f:22:
a5:88:8c:b5:cb:b4:01:d7:b1:05:d2:b4:62:6a:65:f9:10:74:
ae:75:b3:5d:7d:35:30:05:2c:06:8f:1c:75:a7:58:bd:a4:ab:
21:79:ad:47:7a:78:a6:b6:30:de:01:3f:7e:df:fe:c5:4a:2b:
7c:d2:c1:e6:82:72:a9:5c:69:c3:91:82:53:f5:d7:9a:3c:1a:
74:c2:e4:a7:6b:d6:50:f5:6a:d5:bb:6a:ac:76:e3:39:75:e5:
58:39:0b:a4:dd:b5:e6:16:7d:e7:7e:a3:0c:53:df:76:71:83:
e7:79:4c:74
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgICA2YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYzMDQxMTAvBgNVBAUTKDI1OTZBRUQwQzBDQjNCQ0ZFMzE4MDRCMjM5Q0Y0NjU3
NzEyRTI3NkEwHhcNMjUwNjI2MTcyODU2WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODVkODM1OC01YWUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAm1EftwI0tlsAnU0guLm5f+2Zp1VvGgTaN/GRftoJl57pA4u31Vl5f/QbifAc
wsaJZLSggv4NFfDIjAjxER0FQSpTPvB1OujHBPccpddwSx45cDtCC5oxrnxmO5tZ
BegHo/FNghr+WbvaOVFiPUeMUKTqRQ7KDnhPe8UIERollhR8Gvfs0ZhojQWf5DG2
mwaY2runVaGvm0SD3joN3YXmTSu3B0EdFx3h11s1+C6H24RGUlXxh6nYsLlHNGc7
e4eo3yGsLMoNRVIbNglZ2DBhb4K9xakzC7L24/WydFagb2hPq4b6Im36pAZovnPh
gWGY22TQdUqrF5q2W4Ocia/kPwIDAQABo4ICyjCCAsYwHQYDVR0OBBYEFE4um/tX
4TS+/sKXcgNbumjmTQbhMB8GA1UdIwQYMBaAFCWWrtDAyzvP4xgEsjnPRldxLidq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjMwNC8xOUU0REYwNkRC
MDcxMUVDOTkyMkQ3MEZDNEY5QUUwMi9KWmF1ME1ETE84X2pHQVN5T2M5R1YzRXVK
Mm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0paYXUwTURMTzhfakdBU3lPYzlHVjNFdUoyby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYzMDQvMTlFNERGMDZEQjA3MTFFQzk5MjJENzBGQzRGOUFFMDIvMDk1QTQ0MDY1
MkIzMTFGMEIyNUFBOTExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVAYIKwYBBQUHAQcBAf8E
RTBDMEEEAgACMDswEQMGASQHMMACAwcAJAcwwAIIMBIDBwEkBzDAAgoDBwQkBzDA
AgAwEgMHACQHMMACEQMHAiQHMMACGDANBgkqhkiG9w0BAQsFAAOCAQEAOniFlhDD
MbxlHYZPgHncI7+7ppkX+TL/Qx7mdpU7cCg5b98Inkpifr8IQSCWvz9BzmVQhXit
y8AOx/lWvnvB9mGfSDcAP2IqxCa/4jKbmcFl8r3BBXFCLVQwzTuF1Ui05ZwQC4Uy
e/CA6FABVkP8sNcmRZ2EGbIRm5lpGuTMz2FSdSTQij0SbQ693S3imI8ipYiMtcu0
AdexBdK0Ympl+RB0rnWzXX01MAUsBo8cdadYvaSrIXmtR3p4prYw3gE/ft/+xUor
fNLB5oJyqVxpw5GCU/XXmjwadMLkp2vWUPVq1btqrHbjOXXlWDkLpN215hZ9536j
DFPfdnGD53lMdA==
-----END CERTIFICATE-----
Generated at Tue Jul 1 08:06:42 2025 by rpki-client