Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/8092DB4C718011EF8BEC2931C4F9AE02.roa
File: 8092DB4C718011EF8BEC2931C4F9AE02.roa (raw, json)
Hash identifier: PhRXdlF2k+0YYl2nP66nwMA485+V1AaApTPhMk1K3Mc=
Subject key identifier: 9F:75:BB:94:9F:CC:50:A6:F8:31:54:4D:07:04:E4:0E:A4:87:F7:D6
Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Certificate serial: 0673
Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/8092DB4C718011EF8BEC2931C4F9AE02.roa
Signing time: Thu 28 Aug 2025 14:50:54 +0000
ROA not before: Thu 28 Aug 2025 14:50:54 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 140822
IP address blocks: 160.30.254.0/23 maxlen: 23
160.187.88.0/23 maxlen: 23
160.187.90.0/23 maxlen: 23
160.187.242.0/23 maxlen: 23
160.187.244.0/23 maxlen: 23
160.191.36.0/23 maxlen: 23
160.191.90.0/23 maxlen: 23
160.191.92.0/23 maxlen: 23
160.191.94.0/23 maxlen: 23
160.191.96.0/23 maxlen: 23
160.191.98.0/23 maxlen: 23
160.191.216.0/23 maxlen: 23
160.191.218.0/23 maxlen: 23
160.191.222.0/23 maxlen: 23
160.191.252.0/23 maxlen: 23
160.191.254.0/23 maxlen: 23
160.250.0.0/23 maxlen: 23
160.250.2.0/23 maxlen: 23
160.250.30.0/23 maxlen: 23
160.250.32.0/23 maxlen: 23
161.248.34.0/23 maxlen: 23
161.248.72.0/23 maxlen: 23
161.248.76.0/23 maxlen: 23
161.248.182.0/23 maxlen: 23
161.248.236.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 13 Sep 2025 14:33:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1651 (0x673)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Validity
Not Before: Aug 28 14:50:54 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=68b06cce-3164
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:23:b7:90:c0:cf:05:cc:08:3f:55:fd:f2:52:
93:a9:b9:b7:49:55:50:2e:0b:0f:d6:4c:c7:db:08:
c9:7b:19:3d:54:09:e6:84:61:06:24:92:f1:92:42:
4e:de:b3:f5:ce:c3:b8:38:e4:d9:c9:9e:02:08:bf:
79:c5:a8:26:b1:eb:0c:9b:94:cf:df:a8:3f:0c:ae:
b7:e6:39:3c:72:a0:68:af:07:24:1f:03:98:29:f9:
c3:f7:1e:0e:fa:2a:47:59:aa:23:c0:83:81:e3:6e:
5a:f5:51:dd:17:a4:27:e9:2b:b6:b8:9b:a2:aa:ff:
39:d2:b1:fd:8c:a4:6d:c3:53:8b:85:b3:bd:ab:48:
2d:34:6c:30:ca:50:f6:9a:c7:bc:21:78:a0:37:27:
e1:32:b9:d4:71:08:9c:d9:b8:71:77:cd:6b:16:83:
db:ca:b5:dd:fa:5b:ab:db:ae:23:2d:d4:30:c2:d4:
0f:3a:bf:17:a4:e4:fb:81:90:28:57:92:e1:20:7c:
64:d6:e7:d7:23:eb:7a:16:6b:b8:87:86:22:4f:a9:
2a:85:0d:87:fa:23:54:7d:6f:8b:5d:06:46:57:b1:
95:21:13:a6:f3:f9:e9:43:d5:5f:28:02:2f:34:64:
1f:a8:d7:6d:19:6b:22:83:d3:8b:3c:60:8d:2a:e8:
3d:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:75:BB:94:9F:CC:50:A6:F8:31:54:4D:07:04:E4:0E:A4:87:F7:D6
X509v3 Authority Key Identifier:
keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/8092DB4C718011EF8BEC2931C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.30.254.0/23
160.187.88.0/22
160.187.242.0-160.187.245.255
160.191.36.0/23
160.191.90.0-160.191.99.255
160.191.216.0/22
160.191.222.0/23
160.191.252.0/22
160.250.0.0/22
160.250.30.0-160.250.33.255
161.248.34.0/23
161.248.72.0/23
161.248.76.0/23
161.248.182.0/23
161.248.236.0/23
Signature Algorithm: sha256WithRSAEncryption
52:d7:2d:37:b4:01:f9:fc:e6:52:82:b1:5f:0a:56:e3:d1:d8:
1e:be:e0:b3:9a:94:c4:f7:6d:2c:bf:3b:66:cf:1b:0b:a8:b6:
8b:62:f7:e1:5f:5e:4a:65:e8:15:28:44:e5:79:f0:47:cb:0a:
13:9d:65:e4:87:a8:98:7d:e9:d7:49:0a:1e:30:49:ab:86:85:
a2:68:06:c5:e8:15:c9:5b:f4:b0:3a:25:2c:29:13:fc:ae:be:
07:6a:22:7d:86:2f:f5:e8:7c:1c:58:1f:fa:e2:2a:f9:64:bd:
5f:a4:95:6d:ab:a7:13:23:1a:4d:73:19:ea:57:8c:b3:f4:a0:
9d:df:b3:73:3e:b9:67:dc:86:b2:fa:1b:85:ec:c3:76:f3:61:
dd:b6:89:e4:a4:98:35:05:47:aa:56:dc:dd:c9:df:21:7e:06:
50:1c:28:78:91:b5:4c:75:a1:7b:55:19:6e:af:50:f8:69:33:
a1:d6:24:ed:cc:fe:1a:cd:4a:e4:4e:a6:a3:15:22:50:1e:6c:
63:6f:0d:38:e0:7a:d0:80:f5:5d:13:fc:9c:ec:55:99:52:e5:
ae:d4:53:0c:9a:23:a1:bb:2f:15:0f:13:01:22:69:d4:8c:f6:
12:fe:f3:20:16:d3:ee:d4:0e:d5:db:bc:6c:fe:be:6a:df:07:
69:47:54:e7
-----BEGIN CERTIFICATE-----
MIIF3jCCBMagAwIBAgICBnMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy
ODRGODBFMTIwHhcNMjUwODI4MTQ1MDU0WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGIwNmNjZS0zMTY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvCO3kMDPBcwIP1X98lKTqbm3SVVQLgsP1kzH2wjJexk9VAnmhGEGJJLxkkJO
3rP1zsO4OOTZyZ4CCL95xagmsesMm5TP36g/DK635jk8cqBorwckHwOYKfnD9x4O
+ipHWaojwIOB425a9VHdF6Qn6Su2uJuiqv850rH9jKRtw1OLhbO9q0gtNGwwylD2
mse8IXigNyfhMrnUcQic2bhxd81rFoPbyrXd+lur264jLdQwwtQPOr8XpOT7gZAo
V5LhIHxk1ufXI+t6Fmu4h4YiT6kqhQ2H+iNUfW+LXQZGV7GVIROm8/npQ9VfKAIv
NGQfqNdtGWsig9OLPGCNKug9VwIDAQABo4IDAjCCAv4wHQYDVR0OBBYEFJ91u5Sf
zFCm+DFUTQcE5A6kh/fWMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5
REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE
aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvODA5MkRCNEM3
MTgwMTFFRjhCRUMyOTMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYsGCCsGAQUFBwEHAQH/
BHwwejB4BAIAATByAwQBoB7+AwQCoLtYMAwDBAGgu/IDBAGgu/QDBAGgvyQwDAME
AaC/WgMEAqC/YAMEAqC/2AMEAaC/3gMEAqC//AMEAqD6ADAMAwQBoPoeAwQBoPog
AwQBofgiAwQBofhIAwQBofhMAwQBofi2AwQBofjsMA0GCSqGSIb3DQEBCwUAA4IB
AQBS1y03tAH5/OZSgrFfClbj0dgevuCzmpTE920svztmzxsLqLaLYvfhX15KZegV
KETlefBHywoTnWXkh6iYfenXSQoeMEmrhoWiaAbF6BXJW/SwOiUsKRP8rr4HaiJ9
hi/16HwcWB/64ir5ZL1fpJVtq6cTIxpNcxnqV4yz9KCd37NzPrln3Iay+huF7MN2
82HdtonkpJg1BUeqVtzdyd8hfgZQHCh4kbVMdaF7VRlur1D4aTOh1iTtzP4azUrk
TqajFSJQHmxjbw044HrQgPVdE/yc7FWZUuWu1FMMmiOhuy8VDxMBImnUjPYS/vMg
FtPu1A7V27xs/r5q3wdpR1Tn
-----END CERTIFICATE-----
Generated at Sun Sep 7 00:35:04 2025 by rpki-client