Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/89E1ED764CC111EE87453D77C4F9AE02.roa
File: 89E1ED764CC111EE87453D77C4F9AE02.roa (raw, json)
Hash identifier: lGL0VdzbPRk7U+2MSj/Z4BFvq55DtucvPe+Abmi+lZo=
Subject key identifier: C5:4B:A4:09:26:85:E2:3A:5B:65:AB:A2:4A:91:1F:12:DF:C2:F6:80
Certificate issuer: /CN=A91304A9/serialNumber=580553B883DEC3DDB24F688E6C2D1BFA93C263AA
Certificate serial: 0B89
Authority key identifier: 58:05:53:B8:83:DE:C3:DD:B2:4F:68:8E:6C:2D:1B:FA:93:C2:63:AA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAVTuIPew92yT2iObC0b-pPCY6o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/89E1ED764CC111EE87453D77C4F9AE02.roa
Signing time: Thu 28 Aug 2025 19:40:45 +0000
ROA not before: Thu 28 Aug 2025 19:40:45 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 3491
IP address blocks: 14.192.160.0/19 maxlen: 24
103.17.28.0/22 maxlen: 22
116.66.208.0/20 maxlen: 20
116.66.210.0/23 maxlen: 24
116.66.212.0/22 maxlen: 22
116.66.216.0/22 maxlen: 22
116.66.217.0/24 maxlen: 24
116.66.220.0/22 maxlen: 22
2400:8800::/32 maxlen: 32
2400:8800::/35 maxlen: 35
2400:8800:1::/48 maxlen: 48
2400:8800:101::/48 maxlen: 48
2400:8800:102::/48 maxlen: 48
2400:8800:301::/48 maxlen: 48
2400:8800:1000::/37 maxlen: 37
2400:8800:2000::/35 maxlen: 35
2400:8800:4000::/35 maxlen: 35
2400:8800:4081::/48 maxlen: 48
2400:8800:4201::/48 maxlen: 48
2400:8800:6000::/35 maxlen: 35
2400:8800:8000::/35 maxlen: 35
2400:8800:a000::/35 maxlen: 35
2400:8800:c000::/35 maxlen: 35
2400:8800:e000::/35 maxlen: 35
2400:8800:f804::/48 maxlen: 48
2400:8800:f805::/48 maxlen: 48
2400:8800:f806::/48 maxlen: 48
2400:8800:f807::/48 maxlen: 48
2400:8800:f80a::/48 maxlen: 48
2400:8800:f80d::/48 maxlen: 48
2400:8800:f80e::/48 maxlen: 48
2400:8800:f80f::/48 maxlen: 48
2400:8800:f810::/48 maxlen: 48
2400:8800:f811::/48 maxlen: 48
2400:8800:f81f::/48 maxlen: 48
2400:8800:f822::/48 maxlen: 48
2400:8800:fc00::/48 maxlen: 48
2400:8800:fc02::/48 maxlen: 48
2400:8800:fc03::/48 maxlen: 48
2400:8800:fc05::/48 maxlen: 48
2400:8800:fc06::/48 maxlen: 48
2400:8800:fc07::/48 maxlen: 48
2400:8800:fc0a::/48 maxlen: 48
2400:8800:fc0b::/48 maxlen: 48
2400:8800:fc0e::/48 maxlen: 48
2400:8800:fc0f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/WAVTuIPew92yT2iObC0b-pPCY6o.crl
rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/WAVTuIPew92yT2iObC0b-pPCY6o.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAVTuIPew92yT2iObC0b-pPCY6o.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 13 Sep 2025 19:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2953 (0xb89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91304A9, serialNumber=580553B883DEC3DDB24F688E6C2D1BFA93C263AA
Validity
Not Before: Aug 28 19:40:45 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=68b0b0bd-cdc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e3:b2:c7:d5:50:f4:01:b9:2a:b3:1c:46:76:
7e:25:77:9c:2f:94:11:de:43:0b:4b:7b:0a:43:d5:
5b:24:f9:a7:90:ff:04:c4:b7:49:7d:eb:66:26:fb:
93:52:cb:48:fe:c6:0f:a9:fa:57:f8:21:3e:b5:54:
f6:61:66:78:e0:2e:f1:5c:1d:19:08:c9:f7:44:05:
2d:1a:c2:a4:22:1c:12:fc:69:b0:30:d6:8f:8a:1a:
dc:11:f0:f1:be:29:bd:c1:d2:84:ca:e2:3c:b2:a8:
55:d9:cc:d4:31:15:5e:23:61:c5:2d:6a:b6:1b:2e:
d1:83:b7:80:94:17:18:5b:6e:67:33:fb:fe:1d:e3:
e8:e4:b4:1e:c6:2e:60:66:c9:c0:56:89:80:69:af:
99:eb:0a:fc:4c:7b:b6:ed:12:75:d1:2e:85:04:c8:
c9:fb:6b:93:89:94:a9:08:10:83:75:05:15:36:7f:
91:8c:c9:a6:0f:eb:7e:20:38:3c:9d:aa:29:0c:58:
88:9c:a7:26:c9:5d:e2:f3:68:60:fc:8e:56:bd:9a:
2b:72:06:20:09:00:77:9e:e1:53:99:ce:5a:03:44:
f3:1c:40:11:30:2c:e7:89:ac:46:c8:db:94:1b:39:
d1:37:41:ec:36:9f:d6:77:ba:16:be:54:8a:79:0e:
65:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:4B:A4:09:26:85:E2:3A:5B:65:AB:A2:4A:91:1F:12:DF:C2:F6:80
X509v3 Authority Key Identifier:
keyid:58:05:53:B8:83:DE:C3:DD:B2:4F:68:8E:6C:2D:1B:FA:93:C2:63:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/WAVTuIPew92yT2iObC0b-pPCY6o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAVTuIPew92yT2iObC0b-pPCY6o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/89E1ED764CC111EE87453D77C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.160.0/19
103.17.28.0/22
116.66.208.0/20
IPv6:
2400:8800::/32
Signature Algorithm: sha256WithRSAEncryption
43:b1:a0:07:44:3d:16:7b:59:14:55:82:b5:ce:06:21:43:1a:
82:c3:3c:0c:d0:36:09:96:c7:8f:8c:56:64:33:8c:5d:1e:6a:
00:15:17:56:20:1d:b7:3d:18:ce:a4:5d:cb:e3:b1:a0:fd:d4:
9a:61:a5:cf:9c:5a:6d:7a:cf:f2:8a:fe:5a:ab:32:13:c9:ab:
8c:62:46:26:c1:5d:ae:79:e1:18:fc:46:dc:ba:4f:a6:7d:06:
ab:59:94:68:3c:20:49:15:f8:c4:f0:f7:04:e3:4e:b5:36:af:
e8:c1:ad:e1:11:16:49:19:68:a6:ba:d4:26:ee:74:a5:31:99:
cf:19:86:a2:2c:c3:58:58:dd:8e:82:93:48:40:78:e3:e7:70:
f0:63:b0:20:32:79:b3:8c:0c:5b:2a:7f:0f:c4:61:7d:3a:91:
71:42:fb:e7:54:a4:1c:0d:4c:6f:b5:57:46:d2:c2:f3:ba:dd:
98:13:6b:0f:1c:ec:8d:e3:63:20:0d:24:e2:c4:77:ce:f4:83:
a9:f4:e2:a2:88:7b:30:78:bd:1f:b2:cd:b3:41:37:57:e3:ab:
1e:e3:6b:5e:35:da:77:a6:60:78:03:a5:11:1f:2c:0f:f3:29:
9d:8d:ec:b1:fe:3e:fd:11:20:77:1a:56:15:54:07:26:e1:41:
f4:4e:25:0a
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICC4kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzA0QTkxMTAvBgNVBAUTKDU4MDU1M0I4ODNERUMzRERCMjRGNjg4RTZDMkQxQkZB
OTNDMjYzQUEwHhcNMjUwODI4MTk0MDQ1WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGIwYjBiZC1jZGMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuuOyx9VQ9AG5KrMcRnZ+JXecL5QR3kMLS3sKQ9VbJPmnkP8ExLdJfetmJvuT
UstI/sYPqfpX+CE+tVT2YWZ44C7xXB0ZCMn3RAUtGsKkIhwS/GmwMNaPihrcEfDx
vim9wdKEyuI8sqhV2czUMRVeI2HFLWq2Gy7Rg7eAlBcYW25nM/v+HePo5LQexi5g
ZsnAVomAaa+Z6wr8THu27RJ10S6FBMjJ+2uTiZSpCBCDdQUVNn+RjMmmD+t+IDg8
naopDFiInKcmyV3i82hg/I5WvZorcgYgCQB3nuFTmc5aA0TzHEARMCzniaxGyNuU
GznRN0HsNp/Wd7oWvlSKeQ5l+wIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFMVLpAkm
heI6W2WrokqRHxLfwvaAMB8GA1UdIwQYMBaAFFgFU7iD3sPdsk9ojmwtG/qTwmOq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMDRBOS9BMzc0QTFCNjQ2
NzExMUVBODFBQkIyNUZDNEY5QUUwMi9XQVZUdUlQZXc5MnlUMmlPYkMwYi1wUENZ
Nm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dBVlR1SVBldzkyeVQyaU9iQzBiLXBQQ1k2by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzA0QTkvQTM3NEExQjY0NjcxMTFFQTgxQUJCMjVGQzRGOUFFMDIvODlFMUVENzY0
Q0MxMTFFRTg3NDUzRDc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAUOwKADBAJnERwDBAR0QtAwDQQCAAIwBwMFACQAiAAwDQYJ
KoZIhvcNAQELBQADggEBAEOxoAdEPRZ7WRRVgrXOBiFDGoLDPAzQNgmWx4+MVmQz
jF0eagAVF1YgHbc9GM6kXcvjsaD91Jphpc+cWm16z/KK/lqrMhPJq4xiRibBXa55
4Rj8Rty6T6Z9BqtZlGg8IEkV+MTw9wTjTrU2r+jBreERFkkZaKa61CbudKUxmc8Z
hqIsw1hY3Y6Ck0hAeOPncPBjsCAyebOMDFsqfw/EYX06kXFC++dUpBwNTG+1V0bS
wvO63ZgTaw8c7I3jYyANJOLEd870g6n04qKIezB4vR+yzbNBN1fjqx7ja1412nem
YHgDpREfLA/zKZ2N7LH+Pv0RIHcaVhVUBybhQfROJQo=
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:41:41 2025 by rpki-client