Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/B10F5E8E557511EF9F54A83AC4F9AE02.roa
File: B10F5E8E557511EF9F54A83AC4F9AE02.roa (raw, json)
Hash identifier: 6czEYxR7jAnRnEXnBoK3sAdoSglzYI32H5pev+7NDWw=
Subject key identifier: 74:CC:7E:B3:7F:69:BD:1B:54:5D:60:E5:04:EB:BE:EB:1D:62:B7:C1
Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Certificate serial: 0669
Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/B10F5E8E557511EF9F54A83AC4F9AE02.roa
Signing time: Thu 28 Aug 2025 14:50:47 +0000
ROA not before: Thu 28 Aug 2025 14:50:47 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 135918
IP address blocks: 157.10.198.0/23 maxlen: 23
157.66.81.0/24 maxlen: 24
157.66.100.0/23 maxlen: 23
157.66.218.0/23 maxlen: 23
160.22.122.0/23 maxlen: 23
160.25.232.0/23 maxlen: 23
160.30.44.0/23 maxlen: 23
160.30.112.0/23 maxlen: 23
160.191.48.0/23 maxlen: 23
160.191.50.0/23 maxlen: 23
160.191.236.0/23 maxlen: 23
160.250.130.0/23 maxlen: 23
160.250.134.0/23 maxlen: 23
160.250.136.0/23 maxlen: 23
160.250.246.0/23 maxlen: 23
161.248.146.0/23 maxlen: 23
165.101.92.0/23 maxlen: 23
165.101.252.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 13 Sep 2025 14:33:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1641 (0x669)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Validity
Not Before: Aug 28 14:50:47 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=68b06cc7-7519
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:5d:bc:0e:79:28:50:38:2d:bb:bb:09:cd:ae:
94:c3:a6:f7:19:83:b5:09:ab:51:63:19:e3:b2:2a:
cd:9c:c8:28:7e:b3:2e:ba:c9:f9:83:9f:16:7c:e0:
43:06:13:c2:0e:f0:29:9c:bf:46:dc:fb:f3:9c:3a:
48:e4:0b:24:1c:14:d4:15:45:5b:77:fb:b8:34:fa:
2a:82:48:bb:3a:be:47:49:7c:ec:5c:4c:9e:53:c6:
3e:03:be:9f:23:01:0e:39:27:ec:aa:e6:9f:14:b0:
62:a3:55:5d:87:64:5e:53:46:25:e4:ae:35:d2:41:
c6:9f:04:5a:5e:03:cc:fe:94:b6:9b:e4:ac:5f:47:
30:f4:3b:a8:c4:8f:44:95:c5:a2:a2:45:0a:34:bc:
6e:db:5e:fe:48:21:32:5c:0f:62:10:f2:43:4e:94:
21:71:48:54:37:25:a1:4b:02:52:34:4c:13:5c:b9:
b0:44:20:f0:d7:cd:bc:2e:fb:7c:c6:50:95:74:0f:
12:2c:b0:7c:8a:66:14:67:9a:e0:86:9f:3c:88:80:
1a:3e:1a:03:05:43:66:ab:e1:f8:44:90:28:d5:38:
3d:ed:db:e5:9a:8b:5c:ec:9e:b1:01:66:60:44:57:
08:77:3e:a1:5b:a9:63:d6:b8:48:14:c9:6e:0b:d6:
47:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:CC:7E:B3:7F:69:BD:1B:54:5D:60:E5:04:EB:BE:EB:1D:62:B7:C1
X509v3 Authority Key Identifier:
keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/B10F5E8E557511EF9F54A83AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.198.0/23
157.66.81.0/24
157.66.100.0/23
157.66.218.0/23
160.22.122.0/23
160.25.232.0/23
160.30.44.0/23
160.30.112.0/23
160.191.48.0/22
160.191.236.0/23
160.250.130.0/23
160.250.134.0-160.250.137.255
160.250.246.0/23
161.248.146.0/23
165.101.92.0/23
165.101.252.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:6f:ae:d7:d5:95:43:b1:0a:e7:fa:44:35:46:6f:cc:92:ba:
46:45:9b:be:93:97:e7:92:21:25:e2:c7:21:4d:81:8a:23:b9:
07:34:73:ee:b9:54:48:91:08:19:30:f7:c4:c1:e4:c9:c4:e2:
8e:e1:94:f7:e0:19:bc:1e:39:51:7c:89:85:9f:df:f6:8d:91:
5c:e0:dc:06:03:7b:51:11:63:7e:79:56:c4:a3:62:cf:71:8c:
d7:f1:e7:ba:19:92:ff:96:70:3a:8c:db:ba:db:68:84:2f:f5:
63:4e:32:36:d9:12:a0:ab:6f:b5:42:0b:f7:57:0d:6f:34:9c:
91:a0:d4:89:c4:9b:56:e7:b9:ab:23:a1:b1:fa:74:3e:b9:35:
2e:39:f1:dd:f3:09:49:0e:4d:3a:51:b7:c0:56:b7:d0:19:99:
00:d2:8b:ff:79:46:e8:72:55:4c:b0:6a:72:30:35:c2:92:e8:
53:e3:6f:50:f9:c7:83:34:96:7e:d7:b9:59:a1:82:db:71:91:
60:7c:1f:54:35:9e:b2:d2:cc:58:dc:39:45:65:1a:96:b3:41:
ae:b6:c6:18:a6:3a:79:5c:e5:de:99:3d:da:11:52:df:fc:67:
71:00:9b:d2:7d:36:d3:07:c7:ed:4a:53:44:62:55:66:09:9a:
47:28:07:ba
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgICBmkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy
ODRGODBFMTIwHhcNMjUwODI4MTQ1MDQ3WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGIwNmNjNy03NTE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9V28DnkoUDgtu7sJza6Uw6b3GYO1CatRYxnjsirNnMgofrMuusn5g58WfOBD
BhPCDvApnL9G3PvznDpI5AskHBTUFUVbd/u4NPoqgki7Or5HSXzsXEyeU8Y+A76f
IwEOOSfsquafFLBio1Vdh2ReU0Yl5K410kHGnwRaXgPM/pS2m+SsX0cw9DuoxI9E
lcWiokUKNLxu217+SCEyXA9iEPJDTpQhcUhUNyWhSwJSNEwTXLmwRCDw1828Lvt8
xlCVdA8SLLB8imYUZ5rghp88iIAaPhoDBUNmq+H4RJAo1Tg97dvlmotc7J6xAWZg
RFcIdz6hW6lj1rhIFMluC9ZHHwIDAQABo4IC+DCCAvQwHQYDVR0OBBYEFHTMfrN/
ab0bVF1g5QTrvusdYrfBMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5
REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE
aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvQjEwRjVFOEU1
NTc1MTFFRjlGNTRBODNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYEGCCsGAQUFBwEHAQH/
BHIwcDBuBAIAATBoAwQBnQrGAwQAnUJRAwQBnUJkAwQBnULaAwQBoBZ6AwQBoBno
AwQBoB4sAwQBoB5wAwQCoL8wAwQBoL/sAwQBoPqCMAwDBAGg+oYDBAGg+ogDBAGg
+vYDBAGh+JIDBAGlZVwDBAGlZfwwDQYJKoZIhvcNAQELBQADggEBAKdvrtfVlUOx
Cuf6RDVGb8ySukZFm76Tl+eSISXixyFNgYojuQc0c+65VEiRCBkw98TB5MnE4o7h
lPfgGbweOVF8iYWf3/aNkVzg3AYDe1ERY355VsSjYs9xjNfx57oZkv+WcDqM27rb
aIQv9WNOMjbZEqCrb7VCC/dXDW80nJGg1InEm1bnuasjobH6dD65NS458d3zCUkO
TTpRt8BWt9AZmQDSi/95RuhyVUywanIwNcKS6FPjb1D5x4M0ln7XuVmhgttxkWB8
H1Q1nrLSzFjcOUVlGpazQa62xhimOnlc5d6ZPdoRUt/8Z3EAm9J9NtMHx+1KU0Ri
VWYJmkcoB7o=
-----END CERTIFICATE-----
Generated at Sun Sep 7 00:30:34 2025 by rpki-client