Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/86C8EBA2B12A11EF985A2D32C4F9AE02.roa
File: 86C8EBA2B12A11EF985A2D32C4F9AE02.roa (raw, json)
Hash identifier: BId9IUS1+4nSQcy9VYkqTv0EYMTtK2hCnt14fFjrgA0=
Subject key identifier: 43:D8:A3:7C:0C:19:B8:A3:16:BD:99:EB:EB:4E:F7:2D:4C:3D:C5:AB
Certificate issuer: /CN=A91262CA/serialNumber=D63DE82A759F9657F8F073B251251AAE67BA4BA6
Certificate serial: 049A
Authority key identifier: D6:3D:E8:2A:75:9F:96:57:F8:F0:73:B2:51:25:1A:AE:67:BA:4B:A6
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1j3oKnWfllf48HOyUSUarme6S6Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/86C8EBA2B12A11EF985A2D32C4F9AE02.roa
Signing time: Wed 27 Aug 2025 01:05:31 +0000
ROA not before: Wed 27 Aug 2025 01:05:31 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 4750
IP address blocks: 147.50.0.0/22 maxlen: 22
147.50.4.0/22 maxlen: 22
147.50.8.0/22 maxlen: 22
147.50.12.0/22 maxlen: 22
147.50.16.0/22 maxlen: 22
147.50.20.0/22 maxlen: 22
147.50.24.0/22 maxlen: 22
147.50.28.0/22 maxlen: 22
147.50.34.0/24 maxlen: 24
147.50.35.0/24 maxlen: 24
147.50.36.0/22 maxlen: 22
147.50.41.0/24 maxlen: 24
147.50.42.0/24 maxlen: 24
147.50.43.0/24 maxlen: 24
147.50.44.0/24 maxlen: 24
147.50.45.0/24 maxlen: 24
147.50.46.0/24 maxlen: 24
147.50.47.0/24 maxlen: 24
147.50.48.0/24 maxlen: 24
147.50.49.0/24 maxlen: 24
147.50.50.0/24 maxlen: 24
147.50.51.0/24 maxlen: 24
147.50.52.0/24 maxlen: 24
147.50.53.0/24 maxlen: 24
147.50.54.0/24 maxlen: 24
147.50.55.0/24 maxlen: 24
147.50.56.0/24 maxlen: 24
147.50.57.0/24 maxlen: 24
147.50.58.0/24 maxlen: 24
147.50.59.0/24 maxlen: 24
147.50.60.0/24 maxlen: 24
147.50.61.0/24 maxlen: 24
147.50.64.0/22 maxlen: 22
147.50.68.0/22 maxlen: 22
147.50.73.0/24 maxlen: 24
147.50.75.0/24 maxlen: 24
147.50.76.0/24 maxlen: 24
147.50.77.0/24 maxlen: 24
147.50.78.0/24 maxlen: 24
147.50.128.0/19 maxlen: 19
147.50.128.0/22 maxlen: 22
147.50.128.0/24 maxlen: 24
147.50.132.0/22 maxlen: 22
147.50.144.0/22 maxlen: 22
147.50.148.0/22 maxlen: 22
147.50.156.0/22 maxlen: 22
147.50.160.0/20 maxlen: 20
147.50.162.0/23 maxlen: 23
147.50.164.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/1j3oKnWfllf48HOyUSUarme6S6Y.crl
rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/1j3oKnWfllf48HOyUSUarme6S6Y.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1j3oKnWfllf48HOyUSUarme6S6Y.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 14 Sep 2025 00:52:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1178 (0x49a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91262CA, serialNumber=D63DE82A759F9657F8F073B251251AAE67BA4BA6
Validity
Not Before: Aug 27 01:05:31 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=68ae59db-cee3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c7:57:80:b0:46:47:6b:55:32:ba:97:a9:39:
28:fd:14:e2:3a:dc:a5:18:27:07:1a:40:73:13:62:
8c:30:1d:86:a1:e0:e6:24:2a:38:88:53:44:7e:e6:
61:2c:43:56:3e:28:d5:d9:3e:07:45:e6:0b:02:1e:
61:d9:f1:82:3d:34:83:05:54:36:fc:ff:6e:af:68:
3f:88:bb:3a:09:64:94:24:52:e0:8b:1e:d8:34:d8:
3f:71:9e:29:22:59:78:b1:9d:be:7a:75:8a:b3:71:
9b:cf:6f:4c:57:62:be:4a:ae:30:04:93:be:13:fc:
d6:95:d1:96:10:63:d3:52:26:2a:e5:f3:f0:43:e1:
04:dc:1a:25:60:6b:89:3c:bd:fd:1a:2b:d2:58:a5:
d2:a4:49:f1:20:2a:2a:4e:f3:55:5c:69:f4:4f:08:
b8:02:32:d1:48:ee:17:56:dc:8f:3c:f3:c2:f1:22:
bd:5e:af:ee:53:06:48:fa:3c:be:4b:ac:dd:e2:ab:
e2:27:f8:68:df:8d:4c:25:f5:06:5b:49:d3:5d:25:
f5:a0:9c:59:35:f7:f2:af:93:13:7f:28:25:f5:55:
b9:42:b2:d3:bb:e5:98:b4:f9:6e:f8:de:af:ed:16:
bd:78:4c:90:2d:af:99:a0:f0:6d:0a:31:3e:70:cb:
8b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D8:A3:7C:0C:19:B8:A3:16:BD:99:EB:EB:4E:F7:2D:4C:3D:C5:AB
X509v3 Authority Key Identifier:
keyid:D6:3D:E8:2A:75:9F:96:57:F8:F0:73:B2:51:25:1A:AE:67:BA:4B:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/1j3oKnWfllf48HOyUSUarme6S6Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1j3oKnWfllf48HOyUSUarme6S6Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/86C8EBA2B12A11EF985A2D32C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
147.50.0.0/19
147.50.34.0-147.50.39.255
147.50.41.0-147.50.61.255
147.50.64.0/21
147.50.73.0/24
147.50.75.0-147.50.78.255
147.50.128.0-147.50.175.255
Signature Algorithm: sha256WithRSAEncryption
64:53:ab:f7:cf:11:4b:98:30:58:e6:e2:ae:84:ca:b0:7c:8b:
a6:fb:ec:8f:a4:0c:b6:0d:3e:9a:e5:22:ae:10:75:c1:59:ed:
2e:62:2c:c6:88:0b:c1:51:f5:58:c1:32:c5:85:89:5f:47:f7:
97:ed:3b:34:02:15:67:00:9d:5b:57:d4:bb:f6:85:c7:5a:cc:
76:d3:77:cc:d6:93:13:59:f1:1e:15:56:b4:9e:46:2d:9a:96:
1c:ed:89:ed:5f:00:d4:2c:82:09:46:27:ce:34:a9:ff:27:6c:
cf:ca:5d:6c:c4:f8:46:a7:c2:97:fb:6f:2d:d2:01:41:b3:97:
ed:41:72:47:81:c5:c5:77:f2:95:51:cf:4f:8c:ac:26:40:13:
02:87:28:fc:f1:30:49:27:ae:f7:ed:56:b2:24:04:e7:2a:69:
c0:39:b9:70:fb:29:59:22:71:1c:8f:78:0a:ef:21:bb:8d:30:
66:d9:27:bd:a8:24:6b:ca:96:71:10:58:2e:d1:55:91:38:c2:
5b:c5:48:17:c7:ad:e9:7b:d3:a9:55:92:51:c6:e2:a3:3b:b9:
d8:4a:1b:95:f7:b9:8d:7b:f2:c8:db:30:7c:d7:a0:e1:b0:ad:
0f:40:14:b7:6c:86:cd:7a:78:e6:f7:31:6f:5d:a0:cf:e9:8c:
3d:bd:70:04
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgICBJowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjYyQ0ExMTAvBgNVBAUTKEQ2M0RFODJBNzU5Rjk2NTdGOEYwNzNCMjUxMjUxQUFF
NjdCQTRCQTYwHhcNMjUwODI3MDEwNTMxWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGFlNTlkYi1jZWUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt8dXgLBGR2tVMrqXqTko/RTiOtylGCcHGkBzE2KMMB2GoeDmJCo4iFNEfuZh
LENWPijV2T4HReYLAh5h2fGCPTSDBVQ2/P9ur2g/iLs6CWSUJFLgix7YNNg/cZ4p
Ill4sZ2+enWKs3Gbz29MV2K+Sq4wBJO+E/zWldGWEGPTUiYq5fPwQ+EE3BolYGuJ
PL39GivSWKXSpEnxICoqTvNVXGn0Twi4AjLRSO4XVtyPPPPC8SK9Xq/uUwZI+jy+
S6zd4qviJ/ho341MJfUGW0nTXSX1oJxZNffyr5MTfygl9VW5QrLTu+WYtPlu+N6v
7Ra9eEyQLa+ZoPBtCjE+cMuLUQIDAQABo4IC2TCCAtUwHQYDVR0OBBYEFEPYo3wM
GbijFr2Z6+tO9y1MPcWrMB8GA1UdIwQYMBaAFNY96Cp1n5ZX+PBzslElGq5nukum
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNjJDQS9FQzFFRTY1MjhB
NTcxMUVDOTZFQkMwMTRDNEY5QUUwMi8xajNvS25XZmxsZjQ4SE95VVNVYXJtZTZT
NlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzFqM29LbldmbGxmNDhIT3lVU1Vhcm1lNlM2WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjYyQ0EvRUMxRUU2NTI4QTU3MTFFQzk2RUJDMDE0QzRGOUFFMDIvODZDOEVCQTJC
MTJBMTFFRjk4NUEyRDMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYwYIKwYBBQUHAQcBAf8E
VDBSMFAEAgABMEoDBAWTMgAwDAMEAZMyIgMEA5MyIDAMAwQAkzIpAwQBkzI8AwQD
kzJAAwQAkzJJMAwDBACTMksDBACTMk4wDAMEB5MygAMEBJMyoDANBgkqhkiG9w0B
AQsFAAOCAQEAZFOr988RS5gwWObiroTKsHyLpvvsj6QMtg0+muUirhB1wVntLmIs
xogLwVH1WMEyxYWJX0f3l+07NAIVZwCdW1fUu/aFx1rMdtN3zNaTE1nxHhVWtJ5G
LZqWHO2J7V8A1CyCCUYnzjSp/ydsz8pdbMT4RqfCl/tvLdIBQbOX7UFyR4HFxXfy
lVHPT4ysJkATAoco/PEwSSeu9+1WsiQE5yppwDm5cPspWSJxHI94Cu8hu40wZtkn
vagka8qWcRBYLtFVkTjCW8VIF8et6XvTqVWSUcbiozu52Eoblfe5jXvyyNswfNeg
4bCtD0AUt2yGzXp45vcxb12gz+mMPb1wBA==
-----END CERTIFICATE-----
Generated at Mon Sep 8 16:16:35 2025 by rpki-client