Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1136/CF3281C8215B11E5A7BF890EC4F9AE02/4A479BB45A7911E998A6BE80C4F9AE02.roa
File: 4A479BB45A7911E998A6BE80C4F9AE02.roa (raw, json)
Hash identifier: CuSJKhwFQb+hfMj84NKrDKsK04kxlYtYkdcmO6stGaQ=
Subject key identifier: 5B:A3:C3:65:80:99:D0:B8:9B:45:E2:CE:C4:61:84:37:52:10:8D:E9
Certificate issuer: /CN=A91D1136/serialNumber=B7B73E89B621081609CD689AB0AEF7FAF148926C
Certificate serial: 2678
Authority key identifier: B7:B7:3E:89:B6:21:08:16:09:CD:68:9A:B0:AE:F7:FA:F1:48:92:6C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t7c-ibYhCBYJzWiasK73-vFIkmw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D1136/CF3281C8215B11E5A7BF890EC4F9AE02/4A479BB45A7911E998A6BE80C4F9AE02.roa
Signing time: Tue 02 Sep 2025 16:04:08 +0000
ROA not before: Tue 02 Sep 2025 16:04:08 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 133543
IP address blocks: 115.67.8.0/21 maxlen: 21
115.67.8.0/24 maxlen: 24
115.67.9.0/24 maxlen: 24
115.67.10.0/24 maxlen: 24
115.67.11.0/24 maxlen: 24
115.67.12.0/24 maxlen: 24
115.67.13.0/24 maxlen: 24
115.67.14.0/24 maxlen: 24
115.67.15.0/24 maxlen: 24
2404:8d06::/31 maxlen: 32
2404:8d06::/36 maxlen: 36
2404:8d06:1000::/36 maxlen: 36
2404:8d06:2000::/36 maxlen: 36
2404:8d06:2000::/40 maxlen: 40
2404:8d06:3000::/36 maxlen: 36
2404:8d06:4000::/36 maxlen: 36
2404:8d06:4000::/40 maxlen: 40
2404:8d06:5000::/36 maxlen: 36
2404:8d06:6000::/36 maxlen: 36
2404:8d06:6000::/40 maxlen: 48
2404:8d06:7000::/36 maxlen: 36
2404:8d06:7000::/40 maxlen: 40
2404:8d06:8000::/36 maxlen: 36
2404:8d06:8000::/40 maxlen: 40
2404:8d06:9000::/36 maxlen: 36
2404:8d06:9000::/40 maxlen: 40
2404:8d06:a000::/36 maxlen: 36
2404:8d06:a000::/40 maxlen: 40
2404:8d06:b000::/36 maxlen: 36
2404:8d06:b000::/40 maxlen: 40
2404:8d06:c000::/36 maxlen: 36
2404:8d06:d000::/36 maxlen: 36
2404:8d06:e000::/36 maxlen: 36
2404:8d06:f000::/36 maxlen: 36
2404:8d07::/36 maxlen: 36
2404:8d07:1000::/36 maxlen: 36
2404:8d07:2000::/36 maxlen: 36
2404:8d07:3000::/36 maxlen: 36
2404:8d07:4000::/36 maxlen: 36
2404:8d07:5000::/36 maxlen: 36
2404:8d07:6000::/36 maxlen: 36
2404:8d07:7000::/36 maxlen: 36
2404:8d07:8000::/36 maxlen: 36
2404:8d07:9000::/36 maxlen: 36
2404:8d07:a000::/36 maxlen: 36
2404:8d07:b000::/36 maxlen: 36
2404:8d07:c000::/36 maxlen: 36
2404:8d07:d000::/36 maxlen: 36
2404:8d07:e000::/36 maxlen: 36
2404:8d07:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D1136/CF3281C8215B11E5A7BF890EC4F9AE02/t7c-ibYhCBYJzWiasK73-vFIkmw.crl
rsync://rpki.apnic.net/member_repository/A91D1136/CF3281C8215B11E5A7BF890EC4F9AE02/t7c-ibYhCBYJzWiasK73-vFIkmw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t7c-ibYhCBYJzWiasK73-vFIkmw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 13 Sep 2025 15:46:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9848 (0x2678)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D1136, serialNumber=B7B73E89B621081609CD689AB0AEF7FAF148926C
Validity
Not Before: Sep 2 16:04:08 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=68b71578-ded8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:5c:f0:54:f2:25:c3:79:74:5b:eb:37:0e:90:
b7:b5:36:24:12:97:74:f3:48:1c:c3:f7:d9:fc:51:
05:3a:e3:f8:92:b2:6d:dc:5a:2e:ac:76:4c:76:d4:
57:32:68:a3:00:28:fe:d8:33:4f:a0:91:5a:de:7a:
69:86:78:3e:3f:20:5c:d2:4e:a5:a0:70:48:15:8e:
fd:38:5d:1f:f4:50:8b:66:02:8a:19:a0:83:d4:45:
ec:de:a7:52:72:eb:85:a8:bf:ad:68:ac:67:46:26:
78:d0:b0:bc:9c:21:16:d0:af:16:38:6f:e3:dd:76:
c2:1c:0c:f6:95:20:e1:c4:2f:10:6b:45:62:ce:15:
d3:3c:3a:13:56:d0:0e:28:f4:f3:d4:43:fd:af:2d:
22:09:25:32:18:e3:d4:7f:8e:15:d8:26:f6:13:08:
99:0d:67:ba:cf:dd:41:c8:be:b4:7c:62:ab:53:d8:
5e:34:88:ee:da:1a:62:d4:d1:59:88:ce:4f:d8:14:
1d:65:76:62:f2:3b:a3:07:9b:5d:0f:e4:27:c6:7d:
82:20:f3:0c:04:36:5f:79:5f:f5:6d:39:99:37:dd:
ef:34:e6:a9:aa:ce:6d:51:f4:5f:29:5e:98:4e:36:
d2:68:f2:a6:26:ce:36:97:d3:12:e6:a1:e3:02:c9:
59:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:A3:C3:65:80:99:D0:B8:9B:45:E2:CE:C4:61:84:37:52:10:8D:E9
X509v3 Authority Key Identifier:
keyid:B7:B7:3E:89:B6:21:08:16:09:CD:68:9A:B0:AE:F7:FA:F1:48:92:6C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D1136/CF3281C8215B11E5A7BF890EC4F9AE02/t7c-ibYhCBYJzWiasK73-vFIkmw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t7c-ibYhCBYJzWiasK73-vFIkmw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1136/CF3281C8215B11E5A7BF890EC4F9AE02/4A479BB45A7911E998A6BE80C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
115.67.8.0/21
IPv6:
2404:8d06::/31
Signature Algorithm: sha256WithRSAEncryption
8e:31:89:d0:9f:9a:91:7a:08:02:d9:19:49:d9:4c:0b:81:cd:
a6:ed:aa:ce:46:ed:61:07:77:62:e6:71:39:12:36:5e:37:ba:
f3:df:0e:b5:84:11:f0:10:f7:0a:99:5d:f5:54:e5:a7:7e:cd:
21:6a:a3:8c:1d:92:7e:39:44:a0:30:75:f7:e5:fb:c4:f3:d9:
62:7b:ac:37:64:93:2d:ae:d0:26:bd:d0:8e:71:78:fe:c3:e0:
a7:22:13:13:6e:a4:8c:f4:01:d5:01:fd:5f:06:63:7f:d1:58:
ea:51:b8:d1:6a:7a:24:20:51:b6:2f:97:58:e7:78:a9:56:52:
bc:03:50:cb:0f:9b:16:6c:03:b8:13:ae:d8:0a:f9:52:bc:23:
df:f0:ad:c1:10:78:69:48:6e:50:da:8b:2b:c4:db:8c:98:cb:
2f:f4:70:f8:d3:cd:22:41:2c:d2:41:c6:5b:78:45:22:08:7a:
14:94:9a:2f:04:e7:a9:36:cd:6c:30:56:96:d9:0d:68:ad:f2:
a4:0f:d5:07:df:89:4c:b2:75:34:e2:ec:cb:cb:70:1a:50:e6:
6a:c6:eb:08:af:2c:77:0b:1c:54:e0:b7:ed:fd:9c:5b:b4:15:
a2:6d:0c:c4:59:ac:7f:9c:67:ae:87:33:05:c2:ad:3d:92:5c:
9b:b1:8d:ed
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICJngwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDExMzYxMTAvBgNVBAUTKEI3QjczRTg5QjYyMTA4MTYwOUNENjg5QUIwQUVGN0ZB
RjE0ODkyNkMwHhcNMjUwOTAyMTYwNDA4WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGI3MTU3OC1kZWQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwFzwVPIlw3l0W+s3DpC3tTYkEpd080gcw/fZ/FEFOuP4krJt3FourHZMdtRX
MmijACj+2DNPoJFa3npphng+PyBc0k6loHBIFY79OF0f9FCLZgKKGaCD1EXs3qdS
cuuFqL+taKxnRiZ40LC8nCEW0K8WOG/j3XbCHAz2lSDhxC8Qa0VizhXTPDoTVtAO
KPTz1EP9ry0iCSUyGOPUf44V2Cb2EwiZDWe6z91ByL60fGKrU9heNIju2hpi1NFZ
iM5P2BQdZXZi8jujB5tdD+Qnxn2CIPMMBDZfeV/1bTmZN93vNOapqs5tUfRfKV6Y
TjbSaPKmJs42l9MS5qHjAslZ2wIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFFujw2WA
mdC4m0XizsRhhDdSEI3pMB8GA1UdIwQYMBaAFLe3Pom2IQgWCc1omrCu9/rxSJJs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTEzNi9DRjMyODFDODIx
NUIxMUU1QTdCRjg5MEVDNEY5QUUwMi90N2MtaWJZaENCWUp6V2lhc0s3My12Rklr
bXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Q3Yy1pYlloQ0JZSnpXaWFzSzczLXZGSWttdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDExMzYvQ0YzMjgxQzgyMTVCMTFFNUE3QkY4OTBFQzRGOUFFMDIvNEE0NzlCQjQ1
QTc5MTFFOTk4QTZCRTgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBANzQwgwDQQCAAIwBwMFASQEjQYwDQYJKoZIhvcNAQELBQAD
ggEBAI4xidCfmpF6CALZGUnZTAuBzabtqs5G7WEHd2LmcTkSNl43uvPfDrWEEfAQ
9wqZXfVU5ad+zSFqo4wdkn45RKAwdffl+8Tz2WJ7rDdkky2u0Ca90I5xeP7D4Kci
ExNupIz0AdUB/V8GY3/RWOpRuNFqeiQgUbYvl1jneKlWUrwDUMsPmxZsA7gTrtgK
+VK8I9/wrcEQeGlIblDaiyvE24yYyy/0cPjTzSJBLNJBxlt4RSIIehSUmi8E56k2
zWwwVpbZDWit8qQP1QffiUyydTTi7MvLcBpQ5mrG6wivLHcLHFTgt+39nFu0FaJt
DMRZrH+cZ66HMwXCrT2SXJuxje0=
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:58:00 2025 by rpki-client