Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/B10F5E8E557511EF9F54A83AC4F9AE02.roa
File: B10F5E8E557511EF9F54A83AC4F9AE02.roa (raw, json)
Hash identifier: AVaA1WMj8AdkfOdcqRV2gAp8ccZ0e/N6t0Y3fVIKk50=
Subject key identifier: 6D:BF:F4:29:4A:32:48:E1:37:E4:1E:CB:B3:16:84:9C:B8:2E:4A:24
Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Certificate serial: 0629
Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/B10F5E8E557511EF9F54A83AC4F9AE02.roa
Signing time: Thu 17 Jul 2025 09:45:01 +0000
ROA not before: Thu 17 Jul 2025 09:45:01 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 135918
IP address blocks: 157.10.198.0/23 maxlen: 23
157.66.81.0/24 maxlen: 24
157.66.100.0/23 maxlen: 23
157.66.218.0/23 maxlen: 23
160.22.122.0/23 maxlen: 23
160.25.232.0/23 maxlen: 23
160.30.44.0/23 maxlen: 23
160.30.112.0/23 maxlen: 23
160.191.48.0/23 maxlen: 23
160.191.50.0/23 maxlen: 23
160.191.236.0/23 maxlen: 23
160.250.130.0/23 maxlen: 23
160.250.134.0/23 maxlen: 23
160.250.136.0/23 maxlen: 23
160.250.246.0/23 maxlen: 23
161.248.146.0/23 maxlen: 23
165.101.92.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 27 Jul 2025 14:35:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1577 (0x629)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Validity
Not Before: Jul 17 09:45:01 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=6878c61d-9969
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:4e:52:7e:11:53:07:54:c1:66:a2:91:0c:94:
85:25:22:48:25:c9:5c:4f:ee:00:f3:16:e3:b5:d2:
79:b4:0c:46:df:c0:36:fd:9a:3e:66:cd:1b:8d:58:
1a:76:55:86:3b:79:f6:f2:f6:4b:03:85:73:b9:40:
29:4a:1d:1a:63:8b:6d:1f:03:db:11:83:cb:6b:b9:
f6:84:ad:de:31:45:a1:3e:5b:35:55:98:fa:dd:5a:
ca:4d:fc:fa:54:80:18:b2:2b:9b:e1:1f:2f:51:fe:
b9:09:16:70:40:b0:4d:8b:5f:ca:5e:0a:80:65:65:
79:16:f0:64:9d:36:7c:c8:6c:9b:9a:3e:30:81:ea:
39:7a:99:3a:6b:3f:75:a3:29:c6:1c:60:ca:d8:26:
ba:60:8e:41:c8:b9:4f:08:85:a8:0f:4b:3e:29:11:
85:9f:92:06:6e:eb:5a:a0:2a:86:d7:29:7d:c2:4b:
f5:0c:c9:5e:37:0a:d4:ea:17:ab:8c:8e:1c:57:a6:
bf:2d:3d:51:6c:78:bd:45:f7:2a:84:c0:95:de:9a:
29:8d:0b:f4:8b:d5:a3:6e:03:e0:e1:a4:bf:0a:52:
49:38:e0:9a:b6:57:08:4b:cd:1d:ab:78:92:cf:fc:
82:98:54:50:71:59:65:c5:a2:00:06:e8:a7:bc:20:
03:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:BF:F4:29:4A:32:48:E1:37:E4:1E:CB:B3:16:84:9C:B8:2E:4A:24
X509v3 Authority Key Identifier:
keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/B10F5E8E557511EF9F54A83AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.198.0/23
157.66.81.0/24
157.66.100.0/23
157.66.218.0/23
160.22.122.0/23
160.25.232.0/23
160.30.44.0/23
160.30.112.0/23
160.191.48.0/22
160.191.236.0/23
160.250.130.0/23
160.250.134.0-160.250.137.255
160.250.246.0/23
161.248.146.0/23
165.101.92.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:9a:cc:c5:65:51:50:ad:08:13:10:0b:bd:a5:b8:39:65:62:
f8:8d:24:52:9f:83:c2:b5:17:58:e8:0e:9c:06:02:e9:08:5e:
2f:94:14:36:b6:85:b6:15:98:20:7c:84:e0:19:8b:4e:e8:59:
93:c7:f9:1b:9d:02:8c:8c:f5:64:79:e4:45:64:4f:6b:4f:24:
9e:e8:f7:97:28:68:ed:0f:b1:02:2b:3c:eb:c6:31:33:5e:f6:
33:92:ca:6d:b2:7e:08:d2:23:1f:35:61:ff:8e:19:b3:84:92:
f6:72:0e:f9:9f:68:d4:26:d7:88:19:14:53:d9:c0:cb:9c:3e:
43:40:cb:e1:b9:06:73:98:96:72:8b:ce:44:44:2f:8f:58:c4:
37:ea:01:13:5a:bf:07:77:d7:47:50:90:b8:d0:6e:ec:5e:75:
82:59:7c:a6:79:42:71:c1:e1:e2:98:99:d3:4f:8b:12:51:d1:
5f:98:0a:90:0a:ae:2e:6b:74:b6:88:47:54:40:ed:f0:69:3c:
cd:51:0d:93:18:9e:0c:02:a9:50:a5:5e:47:3f:69:0b:0e:d6:
f5:b0:28:43:8c:2b:62:2c:1f:d3:df:84:9b:77:ce:f0:ab:fc:
22:56:ed:88:bc:27:78:fc:ec:66:a7:38:8f:e9:19:93:d7:7b:
4d:38:db:8b
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgICBikwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy
ODRGODBFMTIwHhcNMjUwNzE3MDk0NTAxWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODc4YzYxZC05OTY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0k5SfhFTB1TBZqKRDJSFJSJIJclcT+4A8xbjtdJ5tAxG38A2/Zo+Zs0bjVga
dlWGO3n28vZLA4VzuUApSh0aY4ttHwPbEYPLa7n2hK3eMUWhPls1VZj63VrKTfz6
VIAYsiub4R8vUf65CRZwQLBNi1/KXgqAZWV5FvBknTZ8yGybmj4wgeo5epk6az91
oynGHGDK2Ca6YI5ByLlPCIWoD0s+KRGFn5IGbutaoCqG1yl9wkv1DMleNwrU6her
jI4cV6a/LT1RbHi9RfcqhMCV3popjQv0i9WjbgPg4aS/ClJJOOCatlcIS80dq3iS
z/yCmFRQcVllxaIABuinvCAD/wIDAQABo4IC8TCCAu0wHQYDVR0OBBYEFG2/9ClK
MkjhN+Qey7MWhJy4LkokMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5
REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE
aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvQjEwRjVFOEU1
NTc1MTFFRjlGNTRBODNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwewYIKwYBBQUHAQcBAf8E
bDBqMGgEAgABMGIDBAGdCsYDBACdQlEDBAGdQmQDBAGdQtoDBAGgFnoDBAGgGegD
BAGgHiwDBAGgHnADBAKgvzADBAGgv+wDBAGg+oIwDAMEAaD6hgMEAaD6iAMEAaD6
9gMEAaH4kgMEAaVlXDANBgkqhkiG9w0BAQsFAAOCAQEAH5rMxWVRUK0IExALvaW4
OWVi+I0kUp+DwrUXWOgOnAYC6QheL5QUNraFthWYIHyE4BmLTuhZk8f5G50CjIz1
ZHnkRWRPa08knuj3lyho7Q+xAis868YxM172M5LKbbJ+CNIjHzVh/44Zs4SS9nIO
+Z9o1CbXiBkUU9nAy5w+Q0DL4bkGc5iWcovOREQvj1jEN+oBE1q/B3fXR1CQuNBu
7F51gll8pnlCccHh4piZ00+LElHRX5gKkAquLmt0tohHVEDt8Gk8zVENkxieDAKp
UKVeRz9pCw7W9bAoQ4wrYiwf09+Em3fO8Kv8IlbtiLwnePzsZqc4j+kZk9d7TTjb
iw==
-----END CERTIFICATE-----
Generated at Tue Jul 22 12:11:37 2025 by rpki-client