Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/566800AE193C11F094773636C4F9AE02.roa
File: 566800AE193C11F094773636C4F9AE02.roa (raw, json)
Hash identifier: klNEh0iBDmlYHaqprksR4hJ0HMUi4umtQtEjhFTsAmM=
Subject key identifier: 6F:F5:6E:25:37:C5:4A:FE:AC:3A:34:29:86:D6:03:3D:4A:0F:58:30
Certificate issuer: /CN=A911D75C/serialNumber=1A1A40AD93A4A4307ED7264D47D252CAF62DEFFD
Certificate serial: 0D18
Authority key identifier: 1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/566800AE193C11F094773636C4F9AE02.roa
Signing time: Mon 08 Sep 2025 11:37:41 +0000
ROA not before: Mon 08 Sep 2025 11:37:40 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 141030
IP address blocks: 2400:3dc0:41::/48 maxlen: 48
2400:3dc0:42::/48 maxlen: 48
2400:3dc0:44::/48 maxlen: 48
2400:3dc0:47::/48 maxlen: 48
2400:3dc0:48::/48 maxlen: 48
2400:3dc0:4d::/48 maxlen: 48
2400:3dc0:4e::/48 maxlen: 48
2400:3dc0:4f::/48 maxlen: 48
2400:3dc0:50::/48 maxlen: 48
2400:3dc0:51::/48 maxlen: 48
2400:3dc0:52::/48 maxlen: 48
2400:3dc0:53::/48 maxlen: 48
2400:3dc0:54::/48 maxlen: 48
2400:3dc0:55::/48 maxlen: 48
2400:3dc0:59::/48 maxlen: 48
2400:3dc0:5c::/48 maxlen: 48
2400:3dc0:5d::/48 maxlen: 48
2400:3dc0:5f::/48 maxlen: 48
2400:3dc0:63::/48 maxlen: 48
2400:3dc0:65::/48 maxlen: 48
2400:3dc0:66::/48 maxlen: 48
2400:3dc0:67::/48 maxlen: 48
2400:3dc0:6b::/48 maxlen: 48
2400:3dc0:6d::/48 maxlen: 48
2400:3dc0:73::/48 maxlen: 48
2400:3dc0:74::/48 maxlen: 48
2400:3dc0:75::/48 maxlen: 48
2400:3dc0:76::/48 maxlen: 48
2400:3dc0:81::/48 maxlen: 48
2400:3dc0:82::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.crl
rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 15 Sep 2025 11:58:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3352 (0xd18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D75C, serialNumber=1A1A40AD93A4A4307ED7264D47D252CAF62DEFFD
Validity
Not Before: Sep 8 11:37:40 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=68bec004-1eb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:56:fe:a4:f9:ad:b0:91:c2:a9:43:35:fd:da:
44:dd:3f:08:66:04:66:a1:11:2c:6b:bf:db:1e:e6:
af:10:d7:dc:fa:3d:18:cb:ee:51:45:ef:9f:69:22:
6a:11:f1:13:e3:95:59:29:f1:30:3c:b7:db:2f:44:
a7:f9:ba:2b:0d:91:09:07:b3:8f:e0:94:d9:7b:bf:
a3:34:62:76:15:9e:35:23:ba:af:f2:37:46:9b:e9:
bb:85:c3:82:ba:b7:6e:e6:7f:94:cb:dc:46:4d:fe:
54:7f:9a:7c:d4:5f:9a:56:c8:08:76:07:4a:ad:95:
ec:96:1c:ec:6a:dc:26:d7:76:65:a1:8d:89:76:08:
97:39:54:a7:56:85:75:22:f5:12:6e:4e:bb:37:94:
a9:f5:c9:de:68:b4:ec:ad:e3:27:98:2b:6e:bf:e0:
30:07:4e:a4:79:87:6a:30:b6:00:77:a9:ac:d0:57:
39:33:57:97:68:8f:b3:ca:a2:1e:9a:8b:02:ee:7c:
08:12:6c:e8:4e:51:a3:bd:ce:41:c2:ae:37:2a:d6:
d0:f3:a3:9c:7b:af:54:15:a2:08:cc:97:d1:cf:1a:
d8:b0:f7:d5:b0:d2:da:23:de:3d:fa:eb:e2:10:31:
8e:43:95:1c:73:74:44:97:4b:05:55:9d:2a:72:61:
69:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:F5:6E:25:37:C5:4A:FE:AC:3A:34:29:86:D6:03:3D:4A:0F:58:30
X509v3 Authority Key Identifier:
keyid:1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/566800AE193C11F094773636C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:3dc0:41::-2400:3dc0:42:ffff:ffff:ffff:ffff:ffff
2400:3dc0:44::/48
2400:3dc0:47::-2400:3dc0:48:ffff:ffff:ffff:ffff:ffff
2400:3dc0:4d::-2400:3dc0:55:ffff:ffff:ffff:ffff:ffff
2400:3dc0:59::/48
2400:3dc0:5c::/47
2400:3dc0:5f::/48
2400:3dc0:63::/48
2400:3dc0:65::-2400:3dc0:67:ffff:ffff:ffff:ffff:ffff
2400:3dc0:6b::/48
2400:3dc0:6d::/48
2400:3dc0:73::-2400:3dc0:76:ffff:ffff:ffff:ffff:ffff
2400:3dc0:81::-2400:3dc0:82:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
11:8f:db:41:4d:a8:c9:07:cb:b5:29:95:28:1e:bf:d4:b0:e3:
bf:69:5c:34:d7:30:b3:03:72:9f:4f:88:f8:9d:c7:ef:5e:d4:
eb:62:c9:e9:cb:8e:36:07:b5:55:c4:f2:92:30:63:c7:d1:1a:
c5:98:5b:ec:15:cc:76:9a:26:78:88:7e:cb:90:83:60:79:b6:
31:d8:09:55:e8:8f:6d:a2:82:37:42:4e:f7:26:e8:98:11:04:
16:93:7a:36:51:93:ca:8a:75:ec:4f:0d:9c:15:eb:ec:2b:df:
3b:c1:6e:22:e8:1c:d7:03:94:09:77:e4:80:65:d8:96:16:aa:
af:10:9f:17:f7:af:1a:da:46:44:90:4a:38:87:82:b6:30:67:
2b:18:40:f2:23:b7:41:62:ff:db:fe:17:c0:f2:78:dd:fa:99:
23:ec:47:27:dc:23:be:66:91:1f:9e:6a:ab:5c:f3:be:78:ad:
dc:63:2e:82:1e:c2:75:3d:e8:49:ba:fc:70:1c:91:b3:f3:e3:
27:b4:bc:cd:41:c8:61:6c:00:90:5e:31:73:46:bf:be:e2:0a:
28:15:0a:13:ed:4e:65:44:4e:0a:09:21:88:93:66:73:d8:5e:
00:25:fe:1e:63:b0:48:3a:6b:93:28:b4:51:e3:ea:44:b0:4a:
ea:57:15:a7
-----BEGIN CERTIFICATE-----
MIIGJzCCBQ+gAwIBAgICDRgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQ3NUMxMTAvBgNVBAUTKDFBMUE0MEFEOTNBNEE0MzA3RUQ3MjY0RDQ3RDI1MkNB
RjYyREVGRkQwHhcNMjUwOTA4MTEzNzQwWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGJlYzAwNC0xZWI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6Fb+pPmtsJHCqUM1/dpE3T8IZgRmoREsa7/bHuavENfc+j0Yy+5RRe+faSJq
EfET45VZKfEwPLfbL0Sn+borDZEJB7OP4JTZe7+jNGJ2FZ41I7qv8jdGm+m7hcOC
urdu5n+Uy9xGTf5Uf5p81F+aVsgIdgdKrZXslhzsatwm13ZloY2JdgiXOVSnVoV1
IvUSbk67N5Sp9cneaLTsreMnmCtuv+AwB06keYdqMLYAd6ms0Fc5M1eXaI+zyqIe
mosC7nwIEmzoTlGjvc5Bwq43KtbQ86Oce69UFaIIzJfRzxrYsPfVsNLaI949+uvi
EDGOQ5Ucc3REl0sFVZ0qcmFpGwIDAQABo4IDSzCCA0cwHQYDVR0OBBYEFG/1biU3
xUr+rDo0KYbWAz1KD1gwMB8GA1UdIwQYMBaAFBoaQK2TpKQwftcmTUfSUsr2Le/9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDc1Qy8yQkM1RkQ0MDA2
QzAxMUVBQkM0M0I3MDlDNEY5QUUwMi9HaHBBclpPa3BEQi0xeVpOUjlKU3l2WXQ3
XzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0docEFyWk9rcERCLTF5Wk5SOUpTeXZZdDdfMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQ3NUMvMkJDNUZENDAwNkMwMTFFQUJDNDNCNzA5QzRGOUFFMDIvNTY2ODAwQUUx
OTNDMTFGMDk0NzczNjM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgdQGCCsGAQUFBwEHAQH/
BIHEMIHBMIG+BAIAAjCBtzASAwcAJAA9wABBAwcAJAA9wABCAwcAJAA9wABEMBID
BwAkAD3AAEcDBwAkAD3AAEgwEgMHACQAPcAATQMHASQAPcAAVAMHACQAPcAAWQMH
ASQAPcAAXAMHACQAPcAAXwMHACQAPcAAYzASAwcAJAA9wABlAwcDJAA9wABgAwcA
JAA9wABrAwcAJAA9wABtMBIDBwAkAD3AAHMDBwAkAD3AAHYwEgMHACQAPcAAgQMH
ACQAPcAAgjANBgkqhkiG9w0BAQsFAAOCAQEAEY/bQU2oyQfLtSmVKB6/1LDjv2lc
NNcwswNyn0+I+J3H717U62LJ6cuONge1VcTykjBjx9EaxZhb7BXMdpomeIh+y5CD
YHm2MdgJVeiPbaKCN0JO9ybomBEEFpN6NlGTyop17E8NnBXr7CvfO8FuIugc1wOU
CXfkgGXYlhaqrxCfF/evGtpGRJBKOIeCtjBnKxhA8iO3QWL/2/4XwPJ43fqZI+xH
J9wjvmaRH55qq1zzvnit3GMugh7CdT3oSbr8cByRs/PjJ7S8zUHIYWwAkF4xc0a/
vuIKKBUKE+1OZUROCgkhiJNmc9heACX+HmOwSDprkyi0UePqRLBK6lcVpw==
-----END CERTIFICATE-----
Generated at Mon Sep 8 15:54:48 2025 by rpki-client