Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912B600/C0B57422097511EB9D461B30C4F9AE02/5DE12890180311EBA311E181C4F9AE02.roa
File: 5DE12890180311EBA311E181C4F9AE02.roa (raw, json)
Hash identifier: 26p3NboETp7Nj+Pkns8h4o9kiHbewrSxU2XrnHDgX4E=
Subject key identifier: 99:F8:C4:1B:92:26:5F:7B:F9:7B:41:63:60:EE:A6:6F:91:E8:C6:F6
Certificate issuer: /CN=A912B600/serialNumber=11940BB58344AA2C79C49539D6DF915196EFE826
Certificate serial: 07ED
Authority key identifier: 11:94:0B:B5:83:44:AA:2C:79:C4:95:39:D6:DF:91:51:96:EF:E8:26
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EZQLtYNEqix5xJU51t-RUZbv6CY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912B600/C0B57422097511EB9D461B30C4F9AE02/5DE12890180311EBA311E181C4F9AE02.roa
Signing time: Wed 24 Sep 2025 15:01:00 +0000
ROA not before: Wed 24 Sep 2025 15:01:00 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 38466
IP address blocks: 66.23.160.0/19 maxlen: 19
66.23.160.0/24 maxlen: 24
66.23.161.0/24 maxlen: 24
66.23.162.0/24 maxlen: 24
66.23.163.0/24 maxlen: 24
66.23.164.0/24 maxlen: 24
66.23.165.0/24 maxlen: 24
66.23.166.0/24 maxlen: 24
66.23.167.0/24 maxlen: 24
66.23.168.0/24 maxlen: 24
66.23.169.0/24 maxlen: 24
66.23.170.0/24 maxlen: 24
66.23.171.0/24 maxlen: 24
66.23.172.0/24 maxlen: 24
66.23.173.0/24 maxlen: 24
66.23.174.0/24 maxlen: 24
66.23.175.0/24 maxlen: 24
66.23.176.0/24 maxlen: 24
66.23.177.0/24 maxlen: 24
66.23.178.0/24 maxlen: 24
66.23.179.0/24 maxlen: 24
66.23.180.0/24 maxlen: 24
66.23.181.0/24 maxlen: 24
66.23.182.0/24 maxlen: 24
66.23.183.0/24 maxlen: 24
66.23.184.0/24 maxlen: 24
66.23.185.0/24 maxlen: 24
66.23.186.0/24 maxlen: 24
66.23.187.0/24 maxlen: 24
66.23.188.0/24 maxlen: 24
66.23.189.0/24 maxlen: 24
66.23.190.0/24 maxlen: 24
66.23.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A912B600/C0B57422097511EB9D461B30C4F9AE02/EZQLtYNEqix5xJU51t-RUZbv6CY.crl
rsync://rpki.apnic.net/member_repository/A912B600/C0B57422097511EB9D461B30C4F9AE02/EZQLtYNEqix5xJU51t-RUZbv6CY.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EZQLtYNEqix5xJU51t-RUZbv6CY.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 27 Oct 2025 14:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2029 (0x7ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912B600, serialNumber=11940BB58344AA2C79C49539D6DF915196EFE826
Validity
Not Before: Sep 24 15:01:00 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=68d407ac-d667
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:58:ee:f7:38:ea:eb:d9:b3:ac:2f:79:35:de:
0f:da:b2:3d:c7:71:20:c7:1b:f7:78:c3:9f:90:77:
2c:bb:a5:94:54:6b:54:d5:9c:60:04:08:03:93:f8:
5f:23:8d:e6:e0:bb:8c:cc:d7:89:0e:7c:f9:7d:84:
0e:6a:7e:33:36:7b:92:6b:01:b3:d3:4a:a7:e1:50:
80:bd:e2:ca:f7:5c:69:9f:d6:1e:69:c6:4e:7c:83:
e2:73:f5:1a:37:af:9c:94:36:54:6a:e9:1c:99:0b:
bb:b3:b0:cf:48:a0:04:34:9b:4b:ba:6c:11:71:db:
0c:cb:e3:ee:c5:c8:4a:dd:76:be:5b:f2:3a:9c:fb:
5b:e5:0f:18:c3:63:2a:aa:e7:4b:98:54:b6:c0:7c:
4b:f6:b5:82:80:5e:e9:e6:aa:c2:19:73:55:bd:43:
41:5f:20:2b:9c:1a:79:71:df:c3:1e:93:34:96:ea:
70:a2:74:51:98:d6:b0:be:8e:14:7d:d8:b5:f2:b4:
e9:45:e0:e7:ea:ab:18:bb:a7:ad:41:45:71:85:0f:
b2:db:50:c9:d7:64:6c:e8:79:6a:3e:e8:72:fd:fa:
5a:1c:ad:84:48:b1:72:2a:ae:57:72:60:1a:bd:f9:
0a:66:6b:d3:17:22:45:b1:55:6a:3f:c7:ab:42:20:
04:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:F8:C4:1B:92:26:5F:7B:F9:7B:41:63:60:EE:A6:6F:91:E8:C6:F6
X509v3 Authority Key Identifier:
keyid:11:94:0B:B5:83:44:AA:2C:79:C4:95:39:D6:DF:91:51:96:EF:E8:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912B600/C0B57422097511EB9D461B30C4F9AE02/EZQLtYNEqix5xJU51t-RUZbv6CY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EZQLtYNEqix5xJU51t-RUZbv6CY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912B600/C0B57422097511EB9D461B30C4F9AE02/5DE12890180311EBA311E181C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
66.23.160.0/19
Signature Algorithm: sha256WithRSAEncryption
7d:ee:c9:a3:f0:f6:9d:cd:cd:8c:54:99:12:dd:de:00:2d:d8:
b8:34:d6:cc:0a:40:9a:4e:89:24:6f:29:05:87:20:91:b1:10:
ed:b5:16:fe:fc:01:c7:a0:e0:34:e6:3d:14:d3:a1:10:75:00:
32:dd:77:b2:58:81:3d:ab:82:ed:ee:07:f5:e7:2e:6f:a9:14:
20:6a:31:02:8d:02:14:77:0c:cb:7c:91:5e:9e:1c:3c:1f:17:
06:7f:93:65:b8:ab:ea:90:a4:b1:3d:12:3a:18:ab:99:03:2c:
6b:d6:66:71:69:83:72:0e:6a:f9:57:73:b9:98:27:af:d2:0e:
de:ca:9b:56:76:52:64:72:a4:1d:1b:6e:8a:8d:15:32:30:d7:
82:0a:a1:c1:e0:33:f2:96:7a:6d:43:7f:95:fe:e4:fb:a2:fd:
bd:0e:ac:fe:14:d5:b8:9c:7c:0c:a0:65:5e:5d:81:16:d3:f3:
a7:e1:31:92:56:48:f8:5e:86:c4:ee:4f:c4:9f:0b:9c:be:8e:
38:5a:af:47:14:20:c1:95:dd:66:76:ea:3c:4d:37:ef:af:81:
65:ae:9e:f4:64:b3:82:33:5c:a8:b7:b6:32:bf:f6:8a:40:ee:
f9:cc:65:26:8e:19:d9:2d:d6:9e:d8:72:a2:68:75:f6:d5:38:
35:55:8d:75
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB+0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkI2MDAxMTAvBgNVBAUTKDExOTQwQkI1ODM0NEFBMkM3OUM0OTUzOUQ2REY5MTUx
OTZFRkU4MjYwHhcNMjUwOTI0MTUwMTAwWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGQ0MDdhYy1kNjY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2Vju9zjq69mzrC95Nd4P2rI9x3Egxxv3eMOfkHcsu6WUVGtU1ZxgBAgDk/hf
I43m4LuMzNeJDnz5fYQOan4zNnuSawGz00qn4VCAveLK91xpn9YeacZOfIPic/Ua
N6+clDZUaukcmQu7s7DPSKAENJtLumwRcdsMy+PuxchK3Xa+W/I6nPtb5Q8Yw2Mq
qudLmFS2wHxL9rWCgF7p5qrCGXNVvUNBXyArnBp5cd/DHpM0lupwonRRmNawvo4U
fdi18rTpReDn6qsYu6etQUVxhQ+y21DJ12Rs6HlqPuhy/fpaHK2ESLFyKq5XcmAa
vfkKZmvTFyJFsVVqP8erQiAE5wIDAQABo4IClTCCApEwHQYDVR0OBBYEFJn4xBuS
Jl97+XtBY2Dupm+R6Mb2MB8GA1UdIwQYMBaAFBGUC7WDRKosecSVOdbfkVGW7+gm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQjYwMC9DMEI1NzQyMjA5
NzUxMUVCOUQ0NjFCMzBDNEY5QUUwMi9FWlFMdFlORXFpeDV4SlU1MXQtUlVaYnY2
Q1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0VaUUx0WU5FcWl4NXhKVTUxdC1SVVpidjZDWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkI2MDAvQzBCNTc0MjIwOTc1MTFFQjlENDYxQjMwQzRGOUFFMDIvNURFMTI4OTAx
ODAzMTFFQkEzMTFFMTgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAVCF6AwDQYJKoZIhvcNAQELBQADggEBAH3uyaPw9p3NzYxU
mRLd3gAt2Lg01swKQJpOiSRvKQWHIJGxEO21Fv78Aceg4DTmPRTToRB1ADLdd7JY
gT2rgu3uB/XnLm+pFCBqMQKNAhR3DMt8kV6eHDwfFwZ/k2W4q+qQpLE9EjoYq5kD
LGvWZnFpg3IOavlXc7mYJ6/SDt7Km1Z2UmRypB0bboqNFTIw14IKocHgM/KWem1D
f5X+5Pui/b0OrP4U1bicfAygZV5dgRbT86fhMZJWSPhehsTuT8SfC5y+jjhar0cU
IMGV3WZ26jxNN++vgWWunvRks4IzXKi3tjK/9opA7vnMZSaOGdkt1p7YcqJodfbV
ODVVjXU=
-----END CERTIFICATE-----
Generated at Tue Oct 21 12:18:01 2025 by rpki-client