Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/876FDB56D90211EFB7CAB32BC4F9AE02.roa
File: 876FDB56D90211EFB7CAB32BC4F9AE02.roa (raw, json)
Hash identifier: uvO/CzkPGI0HzADwRd25zfwUj6a8GOKCkkl2Zk2HIeM=
Subject key identifier: F5:32:86:8E:5B:E6:28:23:6E:3B:BD:6A:7B:A1:55:68:88:2E:54:5A
Certificate issuer: /CN=A916BDA4/serialNumber=04E6C9249EE348DCF764DF0B9A40D3E854066444
Certificate serial: 1859
Authority key identifier: 04:E6:C9:24:9E:E3:48:DC:F7:64:DF:0B:9A:40:D3:E8:54:06:64:44
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/876FDB56D90211EFB7CAB32BC4F9AE02.roa
Signing time: Tue 28 Oct 2025 17:04:21 +0000
ROA not before: Tue 28 Oct 2025 17:04:21 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 14789
IP address blocks: 2400:cb00:41::/48 maxlen: 48
2400:cb00:60::/48 maxlen: 48
2400:cb00:161::/48 maxlen: 48
2400:cb00:179::/48 maxlen: 48
2400:cb00:230::/48 maxlen: 48
2400:cb00:258::/48 maxlen: 48
2400:cb00:292::/48 maxlen: 48
2400:cb00:303::/48 maxlen: 48
2400:cb00:439::/48 maxlen: 48
2400:cb00:477::/48 maxlen: 48
2400:cb00:480::/48 maxlen: 48
2400:cb00:526::/48 maxlen: 48
2400:cb00:529::/48 maxlen: 48
2400:cb00:566::/48 maxlen: 48
2400:cb00:596::/48 maxlen: 48
2400:cb00:610::/48 maxlen: 48
2400:cb00:611::/48 maxlen: 48
2400:cb00:614::/48 maxlen: 48
2400:cb00:616::/48 maxlen: 48
2400:cb00:621::/48 maxlen: 48
2400:cb00:638::/48 maxlen: 48
2400:cb00:651::/48 maxlen: 48
2400:cb00:661::/48 maxlen: 48
2400:cb00:685::/48 maxlen: 48
2400:cb00:695::/48 maxlen: 48
2400:cb00:710::/48 maxlen: 48
2400:cb00:738::/48 maxlen: 48
2400:cb00:750::/48 maxlen: 48
2400:cb00:770::/48 maxlen: 48
2400:cb00:771::/48 maxlen: 48
2400:cb00:776::/48 maxlen: 48
2400:cb00:794::/48 maxlen: 48
2400:cb00:902::/48 maxlen: 48
2400:cb00:909::/48 maxlen: 48
2400:cb00:934::/48 maxlen: 48
2400:cb00:946::/48 maxlen: 48
2400:cb00:1015::/48 maxlen: 48
2400:cb00:1051::/48 maxlen: 48
2400:cb00:1052::/48 maxlen: 48
2400:cb00:1059::/48 maxlen: 48
2400:cb00:1060::/48 maxlen: 48
2400:cb00:1062::/48 maxlen: 48
2400:cb00:1095::/48 maxlen: 48
2400:cb00:1096::/48 maxlen: 48
2400:cb00:1172::/48 maxlen: 48
2400:cb00:1185::/48 maxlen: 48
2400:cb00:1224::/48 maxlen: 48
2400:cb00:c950::/48 maxlen: 48
2400:cb00:c951::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.crl
rsync://rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 04 Nov 2025 17:05:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6233 (0x1859)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916BDA4, serialNumber=04E6C9249EE348DCF764DF0B9A40D3E854066444
Validity
Not Before: Oct 28 17:04:21 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=6900f794-1fa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:00:87:01:cf:a5:b6:80:c8:48:fd:17:5a:b8:
6c:c1:3c:c9:e3:1e:61:94:99:5e:db:55:56:0a:f5:
6d:38:da:54:7c:c6:9f:9d:7e:6c:ba:6b:02:ea:0c:
a3:6f:c7:2a:86:a3:31:68:d4:42:81:16:d5:79:26:
53:f4:c9:d1:7b:db:6d:57:c6:a1:0c:75:12:fb:a8:
65:db:f3:d6:69:f7:36:0b:46:0e:c9:c8:b4:7c:c5:
64:5e:b5:06:f1:25:75:35:82:9f:88:b2:6b:4a:86:
72:f5:92:3a:24:81:61:73:12:3a:38:02:1f:b6:d0:
a0:ca:b8:7f:0d:d1:b1:51:da:82:fc:c0:7b:b4:5c:
49:48:93:54:5e:67:f7:f6:35:67:b1:8b:9a:ca:77:
52:ab:9d:d6:da:d2:c9:22:d1:3c:6a:92:ce:70:c3:
59:8e:35:d4:df:80:ca:78:de:91:2a:3b:b5:1d:31:
be:08:88:e4:f2:3d:5a:3a:9f:01:a9:fe:46:85:2f:
bb:0a:c0:8a:08:98:02:00:bd:aa:e7:c7:ef:fc:e2:
cd:14:59:cf:de:07:d6:72:91:c8:3e:5d:94:09:5d:
46:eb:da:cd:15:5d:7d:79:73:37:ff:03:40:a2:7e:
02:fe:e5:bb:13:c9:88:80:cd:11:4f:2d:6f:95:cd:
41:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:32:86:8E:5B:E6:28:23:6E:3B:BD:6A:7B:A1:55:68:88:2E:54:5A
X509v3 Authority Key Identifier:
keyid:04:E6:C9:24:9E:E3:48:DC:F7:64:DF:0B:9A:40:D3:E8:54:06:64:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/876FDB56D90211EFB7CAB32BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:cb00:41::/48
2400:cb00:60::/48
2400:cb00:161::/48
2400:cb00:179::/48
2400:cb00:230::/48
2400:cb00:258::/48
2400:cb00:292::/48
2400:cb00:303::/48
2400:cb00:439::/48
2400:cb00:477::/48
2400:cb00:480::/48
2400:cb00:526::/48
2400:cb00:529::/48
2400:cb00:566::/48
2400:cb00:596::/48
2400:cb00:610::/47
2400:cb00:614::/48
2400:cb00:616::/48
2400:cb00:621::/48
2400:cb00:638::/48
2400:cb00:651::/48
2400:cb00:661::/48
2400:cb00:685::/48
2400:cb00:695::/48
2400:cb00:710::/48
2400:cb00:738::/48
2400:cb00:750::/48
2400:cb00:770::/47
2400:cb00:776::/48
2400:cb00:794::/48
2400:cb00:902::/48
2400:cb00:909::/48
2400:cb00:934::/48
2400:cb00:946::/48
2400:cb00:1015::/48
2400:cb00:1051::-2400:cb00:1052:ffff:ffff:ffff:ffff:ffff
2400:cb00:1059::/48
2400:cb00:1060::/48
2400:cb00:1062::/48
2400:cb00:1095::-2400:cb00:1096:ffff:ffff:ffff:ffff:ffff
2400:cb00:1172::/48
2400:cb00:1185::/48
2400:cb00:1224::/48
2400:cb00:c950::/47
Signature Algorithm: sha256WithRSAEncryption
2b:d6:d1:d7:81:9e:01:83:ad:0a:1c:00:1f:e4:d0:90:89:52:
63:9f:02:7e:21:82:68:5f:9a:3c:11:70:1c:f0:48:b2:ac:da:
1c:c2:e4:7a:e0:42:f0:84:51:f9:70:01:b4:72:dd:5a:1e:5e:
4d:70:91:27:51:b3:48:ba:a4:f5:18:cf:e4:52:84:8f:1c:34:
c0:f3:b0:77:7e:48:c6:af:79:e0:c0:f8:b3:d3:93:98:8e:fb:
7b:e6:77:10:66:b3:db:10:1b:b2:2a:72:d2:1b:23:75:f8:11:
d7:1f:ac:b0:d4:f6:32:c4:49:3e:0e:d2:7b:05:53:c2:c9:54:
6d:7c:7d:e2:a8:3d:22:f2:5b:26:22:e7:c6:f5:6d:27:db:c5:
09:4c:42:5e:ff:73:d8:d0:3c:f0:cc:db:7d:af:54:80:9f:78:
9d:a3:53:18:a8:ae:31:27:73:9b:91:80:fd:2a:78:1e:7a:2e:
de:21:36:4b:67:6c:2c:9d:7b:0f:02:18:10:32:e5:3d:c8:9f:
c3:bf:d1:a4:e0:7d:25:ce:de:ba:c7:0b:ea:02:4a:20:ec:50:
d3:93:d1:3d:79:8e:fd:ba:3d:e9:ff:b9:fe:c4:c7:da:91:d2:
78:35:64:97:5a:14:80:0d:d9:e3:ae:1f:ab:ab:fa:23:d3:44:
68:f4:a6:2a
-----BEGIN CERTIFICATE-----
MIIHFzCCBf+gAwIBAgICGFkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkJEQTQxMTAvBgNVBAUTKDA0RTZDOTI0OUVFMzQ4RENGNzY0REYwQjlBNDBEM0U4
NTQwNjY0NDQwHhcNMjUxMDI4MTcwNDIxWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OTAwZjc5NC0xZmExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAywCHAc+ltoDISP0XWrhswTzJ4x5hlJle21VWCvVtONpUfMafnX5sumsC6gyj
b8cqhqMxaNRCgRbVeSZT9MnRe9ttV8ahDHUS+6hl2/PWafc2C0YOyci0fMVkXrUG
8SV1NYKfiLJrSoZy9ZI6JIFhcxI6OAIfttCgyrh/DdGxUdqC/MB7tFxJSJNUXmf3
9jVnsYuayndSq53W2tLJItE8apLOcMNZjjXU34DKeN6RKju1HTG+CIjk8j1aOp8B
qf5GhS+7CsCKCJgCAL2q58fv/OLNFFnP3gfWcpHIPl2UCV1G69rNFV19eXM3/wNA
on4C/uW7E8mIgM0RTy1vlc1BaQIDAQABo4IEOzCCBDcwHQYDVR0OBBYEFPUyho5b
5igjbju9anuhVWiILlRaMB8GA1UdIwQYMBaAFATmySSe40jc92TfC5pA0+hUBmRE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QkRBNC8xRUM3MDJCQ0Yx
QTcxMUU4OTBGMDY2NTBDNEY5QUUwMi9CT2JKSko3alNOejNaTjhMbWtEVDZGUUda
RVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0JPYkpKSjdqU056M1pOOExta0RUNkZRR1pFUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkJEQTQvMUVDNzAyQkNGMUE3MTFFODkwRjA2NjUwQzRGOUFFMDIvODc2RkRCNTZE
OTAyMTFFRkI3Q0FCMzJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggHDBggrBgEFBQcBBwEB
/wSCAbIwggGuMIIBqgQCAAIwggGiAwcAJADLAABBAwcAJADLAABgAwcAJADLAAFh
AwcAJADLAAF5AwcAJADLAAIwAwcAJADLAAJYAwcAJADLAAKSAwcAJADLAAMDAwcA
JADLAAQ5AwcAJADLAAR3AwcAJADLAASAAwcAJADLAAUmAwcAJADLAAUpAwcAJADL
AAVmAwcAJADLAAWWAwcBJADLAAYQAwcAJADLAAYUAwcAJADLAAYWAwcAJADLAAYh
AwcAJADLAAY4AwcAJADLAAZRAwcAJADLAAZhAwcAJADLAAaFAwcAJADLAAaVAwcA
JADLAAcQAwcAJADLAAc4AwcAJADLAAdQAwcBJADLAAdwAwcAJADLAAd2AwcAJADL
AAeUAwcAJADLAAkCAwcAJADLAAkJAwcAJADLAAk0AwcAJADLAAlGAwcAJADLABAV
MBIDBwAkAMsAEFEDBwAkAMsAEFIDBwAkAMsAEFkDBwAkAMsAEGADBwAkAMsAEGIw
EgMHACQAywAQlQMHACQAywAQlgMHACQAywARcgMHACQAywARhQMHACQAywASJAMH
ASQAywDJUDANBgkqhkiG9w0BAQsFAAOCAQEAK9bR14GeAYOtChwAH+TQkIlSY58C
fiGCaF+aPBFwHPBIsqzaHMLkeuBC8IRR+XABtHLdWh5eTXCRJ1GzSLqk9RjP5FKE
jxw0wPOwd35Ixq954MD4s9OTmI77e+Z3EGaz2xAbsipy0hsjdfgR1x+ssNT2MsRJ
Pg7SewVTwslUbXx94qg9IvJbJiLnxvVtJ9vFCUxCXv9z2NA88Mzbfa9UgJ94naNT
GKiuMSdzm5GA/Sp4Hnou3iE2S2dsLJ17DwIYEDLlPcifw7/RpOB9Jc7euscL6gJK
IOxQ05PRPXmO/bo96f+5/sTH2pHSeDVkl1oUgA3Z464fq6v6I9NEaPSmKg==
-----END CERTIFICATE-----
Generated at Wed Oct 29 00:57:13 2025 by rpki-client