Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/D26DDCB6F36C11E88E372D61C4F9AE02.roa
File: D26DDCB6F36C11E88E372D61C4F9AE02.roa (raw, json)
Hash identifier: dKYtICER5+Vrv6r3o9V0PfpxWh5ROGS5ONF+u9Xmzy4=
Subject key identifier: 8F:A5:19:8A:92:79:B5:DA:C4:9C:DC:47:1A:35:58:49:43:03:4D:7D
Certificate issuer: /CN=A916BDA4/serialNumber=04E6C9249EE348DCF764DF0B9A40D3E854066444
Certificate serial: 184B
Authority key identifier: 04:E6:C9:24:9E:E3:48:DC:F7:64:DF:0B:9A:40:D3:E8:54:06:64:44
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/D26DDCB6F36C11E88E372D61C4F9AE02.roa
Signing time: Thu 23 Oct 2025 16:50:33 +0000
ROA not before: Thu 23 Oct 2025 16:50:33 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 395747
IP address blocks: 2400:cb00:131::/48 maxlen: 48
2400:cb00:133::/48 maxlen: 48
2400:cb00:164::/48 maxlen: 48
2400:cb00:171::/48 maxlen: 48
2400:cb00:251::/48 maxlen: 48
2400:cb00:302::/48 maxlen: 48
2400:cb00:517::/48 maxlen: 48
2400:cb00:518::/48 maxlen: 48
2400:cb00:531::/48 maxlen: 48
2400:cb00:539::/48 maxlen: 48
2400:cb00:692::/48 maxlen: 48
2400:cb00:693::/48 maxlen: 48
2400:cb00:748::/48 maxlen: 48
2400:cb00:922::/48 maxlen: 48
2400:cb00:1057::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.crl
rsync://rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 04 Nov 2025 17:05:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6219 (0x184b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916BDA4, serialNumber=04E6C9249EE348DCF764DF0B9A40D3E854066444
Validity
Not Before: Oct 23 16:50:33 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=68fa5cd8-0594
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:dd:c9:16:14:ba:46:5b:28:a7:49:2f:31:73:
54:a1:5d:52:e6:f9:26:9d:e2:d0:8b:38:2f:87:3e:
b3:73:47:81:9e:5d:c3:5d:9c:11:d0:f3:4e:5e:8a:
ca:07:b3:c4:87:81:2d:c0:13:af:7e:29:96:66:1e:
b9:01:80:12:a2:fc:3b:04:e0:2e:10:4e:28:04:37:
3f:36:de:f3:52:11:8a:2d:cd:7b:1a:1b:83:d7:2a:
cc:a1:2c:07:a3:58:df:7b:af:b1:ae:c0:a3:42:56:
ee:1f:69:c2:01:52:56:3b:85:50:17:c0:89:13:c0:
5f:00:b7:02:c4:66:01:44:95:c8:70:38:77:b6:34:
4c:77:eb:59:76:20:8e:61:b4:46:5d:f3:a8:f8:35:
d5:5b:72:17:02:63:ae:2b:08:0f:8a:6b:8b:f2:a7:
17:9b:50:fa:ba:27:e3:93:51:cf:0d:00:7c:9c:31:
da:76:6d:b7:d8:37:be:dc:b5:a3:98:f9:bd:b1:4f:
9e:1d:b1:45:9b:13:d7:32:75:53:bf:98:f4:c2:20:
98:3b:d5:0d:86:a8:45:67:e1:09:bb:87:e9:20:dd:
85:4b:c2:4d:1a:4d:f4:52:ee:4b:f0:35:7b:00:5a:
60:bf:14:91:73:a7:2d:18:0e:7f:21:d2:43:b6:b3:
50:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:A5:19:8A:92:79:B5:DA:C4:9C:DC:47:1A:35:58:49:43:03:4D:7D
X509v3 Authority Key Identifier:
keyid:04:E6:C9:24:9E:E3:48:DC:F7:64:DF:0B:9A:40:D3:E8:54:06:64:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/D26DDCB6F36C11E88E372D61C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:cb00:131::/48
2400:cb00:133::/48
2400:cb00:164::/48
2400:cb00:171::/48
2400:cb00:251::/48
2400:cb00:302::/48
2400:cb00:517::-2400:cb00:518:ffff:ffff:ffff:ffff:ffff
2400:cb00:531::/48
2400:cb00:539::/48
2400:cb00:692::/47
2400:cb00:748::/48
2400:cb00:922::/48
2400:cb00:1057::/48
Signature Algorithm: sha256WithRSAEncryption
4a:c9:58:5f:66:3a:51:f8:5b:6a:ef:ad:1d:55:fe:b4:50:64:
16:69:a9:c9:85:24:5b:f5:bb:fe:29:45:c4:c6:b8:82:a3:01:
2d:9a:07:a7:0d:27:b5:2b:06:53:11:44:7c:8f:a2:5b:4c:05:
b3:5e:09:a5:a6:00:25:58:29:b9:28:21:03:05:45:89:a9:5d:
36:0a:2c:22:49:43:e9:e5:1e:db:b4:f4:5a:ff:d1:82:b1:3a:
82:ac:b9:1a:03:9b:ab:8e:68:cd:a2:63:5a:67:c3:26:1b:e2:
5b:1d:e6:2c:ca:ce:1c:8a:fd:61:82:56:4f:ea:d1:8a:43:08:
74:c3:6a:98:b4:8a:c4:35:e9:ce:6a:c6:24:f0:60:04:23:77:
73:21:2d:79:d3:81:bc:3d:47:c1:64:14:7a:2d:1c:0a:b8:2e:
f1:ea:cd:b3:d5:b0:0a:5b:5f:c7:0f:e7:59:88:8e:72:3f:95:
ec:37:1c:33:3a:03:3a:ea:80:2f:51:b9:47:d3:ed:58:87:23:
d3:af:cf:25:62:50:76:9e:37:48:9c:fa:49:95:52:7b:fc:a1:
b9:be:d3:c6:16:d2:65:91:dc:7b:7d:69:66:14:d3:3c:30:f4:
ed:48:f0:35:d3:57:ab:55:5c:10:17:16:01:82:0b:e2:dc:55:
60:45:ad:69
-----BEGIN CERTIFICATE-----
MIIF8DCCBNigAwIBAgICGEswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkJEQTQxMTAvBgNVBAUTKDA0RTZDOTI0OUVFMzQ4RENGNzY0REYwQjlBNDBEM0U4
NTQwNjY0NDQwHhcNMjUxMDIzMTY1MDMzWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGZhNWNkOC0wNTk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1d3JFhS6Rlsop0kvMXNUoV1S5vkmneLQizgvhz6zc0eBnl3DXZwR0PNOXorK
B7PEh4EtwBOvfimWZh65AYASovw7BOAuEE4oBDc/Nt7zUhGKLc17GhuD1yrMoSwH
o1jfe6+xrsCjQlbuH2nCAVJWO4VQF8CJE8BfALcCxGYBRJXIcDh3tjRMd+tZdiCO
YbRGXfOo+DXVW3IXAmOuKwgPimuL8qcXm1D6uifjk1HPDQB8nDHadm232De+3LWj
mPm9sU+eHbFFmxPXMnVTv5j0wiCYO9UNhqhFZ+EJu4fpIN2FS8JNGk30Uu5L8DV7
AFpgvxSRc6ctGA5/IdJDtrNQLwIDAQABo4IDFDCCAxAwHQYDVR0OBBYEFI+lGYqS
ebXaxJzcRxo1WElDA019MB8GA1UdIwQYMBaAFATmySSe40jc92TfC5pA0+hUBmRE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QkRBNC8xRUM3MDJCQ0Yx
QTcxMUU4OTBGMDY2NTBDNEY5QUUwMi9CT2JKSko3alNOejNaTjhMbWtEVDZGUUda
RVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0JPYkpKSjdqU056M1pOOExta0RUNkZRR1pFUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkJEQTQvMUVDNzAyQkNGMUE3MTFFODkwRjA2NjUwQzRGOUFFMDIvRDI2RERDQjZG
MzZDMTFFODhFMzcyRDYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZ0GCCsGAQUFBwEHAQH/
BIGNMIGKMIGHBAIAAjCBgAMHACQAywABMQMHACQAywABMwMHACQAywABZAMHACQA
ywABcQMHACQAywACUQMHACQAywADAjASAwcAJADLAAUXAwcAJADLAAUYAwcAJADL
AAUxAwcAJADLAAU5AwcBJADLAAaSAwcAJADLAAdIAwcAJADLAAkiAwcAJADLABBX
MA0GCSqGSIb3DQEBCwUAA4IBAQBKyVhfZjpR+Ftq760dVf60UGQWaanJhSRb9bv+
KUXExriCowEtmgenDSe1KwZTEUR8j6JbTAWzXgmlpgAlWCm5KCEDBUWJqV02Ciwi
SUPp5R7btPRa/9GCsTqCrLkaA5urjmjNomNaZ8MmG+JbHeYsys4civ1hglZP6tGK
Qwh0w2qYtIrENenOasYk8GAEI3dzIS1504G8PUfBZBR6LRwKuC7x6s2z1bAKW1/H
D+dZiI5yP5XsNxwzOgM66oAvUblH0+1YhyPTr88lYlB2njdInPpJlVJ7/KG5vtPG
FtJlkdx7fWlmFNM8MPTtSPA101erVVwQFxYBggvi3FVgRa1p
-----END CERTIFICATE-----
Generated at Wed Oct 29 00:57:13 2025 by rpki-client