Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/D26DDCB6F36C11E88E372D61C4F9AE02.roa
File: D26DDCB6F36C11E88E372D61C4F9AE02.roa (raw, json)
Hash identifier: 01GRE88klqRtpUQjt3HlR4NOfDaQxEKnYlzo//41TJA=
Subject key identifier: 63:C6:23:15:11:69:3E:5E:CB:2D:D3:ED:FA:69:ED:B3:41:BD:EA:66
Certificate issuer: /CN=A916BDA4/serialNumber=04E6C9249EE348DCF764DF0B9A40D3E854066444
Certificate serial: 1715
Authority key identifier: 04:E6:C9:24:9E:E3:48:DC:F7:64:DF:0B:9A:40:D3:E8:54:06:64:44
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/D26DDCB6F36C11E88E372D61C4F9AE02.roa
Signing time: Fri 30 May 2025 17:39:59 +0000
ROA not before: Fri 30 May 2025 17:39:59 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 395747
IP address blocks: 2400:cb00:131::/48 maxlen: 48
2400:cb00:133::/48 maxlen: 48
2400:cb00:164::/48 maxlen: 48
2400:cb00:171::/48 maxlen: 48
2400:cb00:251::/48 maxlen: 48
2400:cb00:302::/48 maxlen: 48
2400:cb00:517::/48 maxlen: 48
2400:cb00:518::/48 maxlen: 48
2400:cb00:531::/48 maxlen: 48
2400:cb00:539::/48 maxlen: 48
2400:cb00:692::/48 maxlen: 48
2400:cb00:693::/48 maxlen: 48
2400:cb00:748::/48 maxlen: 48
2400:cb00:922::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.crl
rsync://rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Jun 2025 17:22:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5909 (0x1715)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916BDA4, serialNumber=04E6C9249EE348DCF764DF0B9A40D3E854066444
Validity
Not Before: May 30 17:39:59 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=6839ed6e-c81a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:2a:2f:f1:4d:65:22:98:0d:a1:a4:36:7e:72:
48:8f:7e:86:e3:b7:63:24:38:b5:a5:37:f2:d7:0d:
b0:c0:85:20:49:4b:18:3b:bf:53:47:84:d6:fb:6c:
f6:6f:40:5f:2d:20:93:0f:52:af:b8:07:79:9e:5b:
12:d5:9d:8a:cc:0c:d5:69:13:85:32:4f:45:e4:45:
3b:28:43:72:4d:4d:be:57:a4:ba:8e:7e:97:24:63:
6e:0c:94:14:06:da:d2:87:67:50:f6:c5:3d:33:f8:
62:c9:25:54:53:f8:7c:01:e6:8a:64:ea:ab:0d:73:
79:f9:64:dd:4d:54:42:3e:ed:a0:77:9e:2a:a2:61:
34:29:36:a9:f2:88:6c:f6:63:b3:8e:82:98:d6:9b:
e6:d5:ee:a3:b8:b6:d6:54:63:5a:f9:47:59:51:65:
d7:68:85:66:cc:d4:ee:7b:7e:89:a9:f9:03:cf:fe:
4c:c0:73:62:f5:50:70:ad:98:c6:3b:88:6c:18:94:
69:ed:20:a0:da:2e:25:7a:6e:cf:7d:99:4e:87:dd:
01:79:ab:5f:be:aa:7d:6e:de:61:74:f1:07:1b:be:
ce:c4:10:b0:b0:9c:e4:8c:ef:11:d4:0b:fd:e0:b9:
f2:5d:63:34:a2:e3:b0:05:61:a6:57:55:33:17:0c:
f8:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:C6:23:15:11:69:3E:5E:CB:2D:D3:ED:FA:69:ED:B3:41:BD:EA:66
X509v3 Authority Key Identifier:
keyid:04:E6:C9:24:9E:E3:48:DC:F7:64:DF:0B:9A:40:D3:E8:54:06:64:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/D26DDCB6F36C11E88E372D61C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:cb00:131::/48
2400:cb00:133::/48
2400:cb00:164::/48
2400:cb00:171::/48
2400:cb00:251::/48
2400:cb00:302::/48
2400:cb00:517::-2400:cb00:518:ffff:ffff:ffff:ffff:ffff
2400:cb00:531::/48
2400:cb00:539::/48
2400:cb00:692::/47
2400:cb00:748::/48
2400:cb00:922::/48
Signature Algorithm: sha256WithRSAEncryption
4b:c9:90:6f:8e:78:92:c7:f2:5c:7a:14:a5:f2:8f:be:16:b4:
6a:3e:f6:6e:cc:84:0f:7b:7f:cb:9a:e7:97:9d:da:c7:b0:08:
df:c1:2c:bb:a7:b0:19:4b:df:d6:8b:15:af:ca:98:4a:64:6c:
8f:4a:e2:6a:cf:e9:8f:f3:a7:91:30:f2:7a:6d:b9:8d:e5:32:
92:ec:0a:d0:83:e9:f3:1e:47:5f:a1:b2:59:b9:96:3e:ed:3d:
63:d2:75:d9:d2:d3:a8:01:82:83:24:13:e1:ba:da:e6:4d:2b:
c6:9d:22:b7:45:92:cd:8b:9e:72:c6:a4:eb:3c:f4:be:7a:3f:
ef:6b:91:83:5c:c2:be:01:54:51:31:6c:b6:f9:7b:fa:a3:26:
82:9a:e0:1d:52:8f:f3:3a:39:60:3b:99:a7:81:00:c4:3d:4f:
00:dc:b9:26:51:03:9f:65:8c:13:f5:65:f1:e6:43:2a:43:8d:
de:bf:44:cb:9d:74:87:5e:e5:38:6b:fd:ad:9a:9b:61:de:74:
9e:c1:6b:4d:77:18:1c:04:90:7b:68:69:01:12:6e:57:99:18:
cf:dc:60:e3:33:44:f3:24:b7:a6:b9:c5:be:f3:4d:5f:77:f6:
a5:9c:e4:75:07:38:7a:08:bf:dd:e9:78:1b:ff:ec:52:ef:61:
85:c3:3d:d7
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgICFxUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkJEQTQxMTAvBgNVBAUTKDA0RTZDOTI0OUVFMzQ4RENGNzY0REYwQjlBNDBEM0U4
NTQwNjY0NDQwHhcNMjUwNTMwMTczOTU5WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODM5ZWQ2ZS1jODFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyCov8U1lIpgNoaQ2fnJIj36G47djJDi1pTfy1w2wwIUgSUsYO79TR4TW+2z2
b0BfLSCTD1KvuAd5nlsS1Z2KzAzVaROFMk9F5EU7KENyTU2+V6S6jn6XJGNuDJQU
BtrSh2dQ9sU9M/hiySVUU/h8AeaKZOqrDXN5+WTdTVRCPu2gd54qomE0KTap8ohs
9mOzjoKY1pvm1e6juLbWVGNa+UdZUWXXaIVmzNTue36JqfkDz/5MwHNi9VBwrZjG
O4hsGJRp7SCg2i4lem7PfZlOh90Beatfvqp9bt5hdPEHG77OxBCwsJzkjO8R1Av9
4LnyXWM0ouOwBWGmV1UzFwz4QwIDAQABo4IDCDCCAwQwHQYDVR0OBBYEFGPGIxUR
aT5eyy3T7fpp7bNBvepmMB8GA1UdIwQYMBaAFATmySSe40jc92TfC5pA0+hUBmRE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QkRBNC8xRUM3MDJCQ0Yx
QTcxMUU4OTBGMDY2NTBDNEY5QUUwMi9CT2JKSko3alNOejNaTjhMbWtEVDZGUUda
RVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0JPYkpKSjdqU056M1pOOExta0RUNkZRR1pFUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkJEQTQvMUVDNzAyQkNGMUE3MTFFODkwRjA2NjUwQzRGOUFFMDIvRDI2RERDQjZG
MzZDMTFFODhFMzcyRDYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZEGCCsGAQUFBwEHAQH/
BIGBMH8wfQQCAAIwdwMHACQAywABMQMHACQAywABMwMHACQAywABZAMHACQAywAB
cQMHACQAywACUQMHACQAywADAjASAwcAJADLAAUXAwcAJADLAAUYAwcAJADLAAUx
AwcAJADLAAU5AwcBJADLAAaSAwcAJADLAAdIAwcAJADLAAkiMA0GCSqGSIb3DQEB
CwUAA4IBAQBLyZBvjniSx/JcehSl8o++FrRqPvZuzIQPe3/LmueXndrHsAjfwSy7
p7AZS9/WixWvyphKZGyPSuJqz+mP86eRMPJ6bbmN5TKS7ArQg+nzHkdfobJZuZY+
7T1j0nXZ0tOoAYKDJBPhutrmTSvGnSK3RZLNi55yxqTrPPS+ej/va5GDXMK+AVRR
MWy2+Xv6oyaCmuAdUo/zOjlgO5mngQDEPU8A3LkmUQOfZYwT9WXx5kMqQ43ev0TL
nXSHXuU4a/2tmpth3nSewWtNdxgcBJB7aGkBEm5XmRjP3GDjM0TzJLemucW+801f
d/alnOR1Bzh6CL/d6Xgb/+xS72GFwz3X
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:00:24 2025 by rpki-client