Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9134B4A/EB393D4E2F8911EFA3D04A6BC4F9AE02/E51087D6F1A011EF8BCCFE7BC4F9AE02.roa
File: E51087D6F1A011EF8BCCFE7BC4F9AE02.roa (raw, json)
Hash identifier: /VsZS9ufttBO1fjkHbj0xKp60CqOiBgm395Efx5G+zc=
Subject key identifier: B5:A9:EE:28:45:4F:E5:1C:51:D2:F0:8E:FE:68:04:B9:BE:FA:04:73
Certificate issuer: /CN=A9134B4A/serialNumber=ACCBF26A19D9E14C31F5F37E1B966D86A504B46B
Certificate serial: E6
Authority key identifier: AC:CB:F2:6A:19:D9:E1:4C:31:F5:F3:7E:1B:96:6D:86:A5:04:B4:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rMvyahnZ4Uwx9fN-G5ZthqUEtGs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9134B4A/EB393D4E2F8911EFA3D04A6BC4F9AE02/E51087D6F1A011EF8BCCFE7BC4F9AE02.roa
Signing time: Tue 01 Jul 2025 06:44:31 +0000
ROA not before: Tue 01 Jul 2025 06:44:31 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 63150
IP address blocks: 2401:a660:200::/40 maxlen: 48
2401:a660:901::/48 maxlen: 48
2401:a660:902::/48 maxlen: 48
2401:a660:903::/48 maxlen: 48
2401:a660:904::/48 maxlen: 48
2401:a660:905::/48 maxlen: 48
2401:a660:906::/48 maxlen: 48
2401:a660:907::/48 maxlen: 48
2401:a660:908::/48 maxlen: 48
2401:a660:909::/48 maxlen: 48
2401:a660:1000::/48 maxlen: 48
2401:a660:1001::/48 maxlen: 48
2401:a660:1002::/48 maxlen: 48
2401:a660:1003::/48 maxlen: 48
2401:a660:1004::/48 maxlen: 48
2401:a660:1005::/48 maxlen: 48
2401:a660:1006::/48 maxlen: 48
2401:a660:1007::/48 maxlen: 48
2401:a660:1008::/48 maxlen: 48
2401:a660:1009::/48 maxlen: 48
2401:a660:1100::/40 maxlen: 40
2401:a660:1101::/48 maxlen: 48
2401:a660:1102::/48 maxlen: 48
2401:a660:1103::/48 maxlen: 48
2401:a660:1104::/48 maxlen: 48
2401:a660:1105::/48 maxlen: 48
2401:a660:1106::/48 maxlen: 48
2401:a660:1107::/48 maxlen: 48
2401:a660:1108::/48 maxlen: 48
2401:a660:1109::/48 maxlen: 48
2401:a660:110a::/48 maxlen: 48
2401:a660:110b::/48 maxlen: 48
2401:a660:1200::/40 maxlen: 40
2401:a660:1200::/48 maxlen: 48
2401:a660:1201::/48 maxlen: 48
2401:a660:1202::/48 maxlen: 48
2401:a660:1203::/48 maxlen: 48
2401:a660:1204::/48 maxlen: 48
2401:a660:1205::/48 maxlen: 48
2401:a660:1206::/48 maxlen: 48
2401:a660:1207::/48 maxlen: 48
2401:a660:1208::/48 maxlen: 48
2401:a660:1209::/48 maxlen: 48
2401:a660:120a::/48 maxlen: 48
2401:a660:120b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9134B4A/EB393D4E2F8911EFA3D04A6BC4F9AE02/rMvyahnZ4Uwx9fN-G5ZthqUEtGs.crl
rsync://rpki.apnic.net/member_repository/A9134B4A/EB393D4E2F8911EFA3D04A6BC4F9AE02/rMvyahnZ4Uwx9fN-G5ZthqUEtGs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rMvyahnZ4Uwx9fN-G5ZthqUEtGs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 08 Jul 2025 06:44:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 230 (0xe6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9134B4A, serialNumber=ACCBF26A19D9E14C31F5F37E1B966D86A504B46B
Validity
Not Before: Jul 1 06:44:31 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=686383cf-b8a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:73:fc:1d:ca:1d:0e:f2:46:07:fd:02:64:8e:
15:c5:54:7d:11:e9:27:dc:c8:7c:8a:15:d5:d7:ec:
e8:07:c6:88:40:c2:43:29:7b:b4:57:26:51:2a:a2:
ce:28:8c:66:c4:7c:19:f6:36:08:48:fe:bb:01:fc:
6c:04:ef:ae:09:86:ba:54:8b:b0:f6:2d:42:f3:cb:
6d:15:f8:78:0e:5a:69:23:f2:c1:3b:67:ab:9b:30:
2a:29:d8:fa:a2:54:ce:25:f3:df:c1:56:a6:84:1a:
00:a2:76:9b:62:32:c1:76:63:f8:69:b4:c2:3f:94:
8d:af:11:31:34:e3:d3:4d:cd:1a:e8:dd:ba:3c:d0:
f8:2b:a5:57:fc:fc:c8:b6:89:bc:8b:44:59:06:0c:
f2:f1:4f:32:f4:32:7c:4a:6f:2b:6f:13:78:2f:37:
ed:c0:97:9e:60:4a:f9:c1:56:66:d6:8a:2c:d2:cb:
bd:95:c0:2a:57:31:4a:5b:6f:a7:c7:53:86:ff:90:
1e:96:89:5c:a0:05:fe:5a:cb:66:b0:2a:8a:a2:8e:
af:46:ac:53:48:5b:10:83:1c:99:1a:96:56:d5:a3:
8a:80:ca:15:74:b7:e3:62:14:ca:11:3d:d1:bd:82:
36:60:b0:bf:25:3e:22:c1:a5:c9:8d:1e:1d:15:b3:
f3:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:A9:EE:28:45:4F:E5:1C:51:D2:F0:8E:FE:68:04:B9:BE:FA:04:73
X509v3 Authority Key Identifier:
keyid:AC:CB:F2:6A:19:D9:E1:4C:31:F5:F3:7E:1B:96:6D:86:A5:04:B4:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9134B4A/EB393D4E2F8911EFA3D04A6BC4F9AE02/rMvyahnZ4Uwx9fN-G5ZthqUEtGs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rMvyahnZ4Uwx9fN-G5ZthqUEtGs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9134B4A/EB393D4E2F8911EFA3D04A6BC4F9AE02/E51087D6F1A011EF8BCCFE7BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:a660:200::/40
2401:a660:901::-2401:a660:909:ffff:ffff:ffff:ffff:ffff
2401:a660:1000::-2401:a660:1009:ffff:ffff:ffff:ffff:ffff
2401:a660:1100::-2401:a660:12ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9e:a2:14:0d:d0:74:bd:f1:c9:ed:0b:88:e0:e2:59:04:02:c6:
fb:cf:74:06:3d:ea:0e:ec:b3:8c:c9:35:1b:72:76:47:ce:e2:
7c:4d:a7:99:86:d4:29:71:75:6f:11:62:94:a2:4b:02:cc:0b:
13:1a:b5:c0:f2:c6:78:29:c2:a1:df:8f:96:e7:1c:a5:08:91:
e2:8e:ca:50:45:55:04:ff:93:d5:70:db:58:4e:2c:54:40:c6:
58:b3:cc:2a:27:eb:6d:d0:46:90:de:15:31:ac:2f:34:a3:d9:
02:e3:fb:aa:9a:e6:e9:3b:5f:fc:d9:dc:b0:31:cb:e1:23:8b:
5e:ea:85:8d:76:84:54:f6:85:f7:87:bb:f7:d7:55:f3:7e:ad:
43:f1:92:16:9a:a3:08:8a:86:58:28:8a:31:4f:04:09:21:19:
e1:e8:d9:83:c4:dc:4a:f9:88:a5:db:96:2c:95:c0:8f:d2:d4:
c9:aa:9d:92:c8:b7:53:a0:8d:ab:f9:26:a7:79:1b:f5:8f:31:
01:49:60:66:f6:27:0d:a3:7d:a1:be:30:90:41:a4:fb:66:fe:
b8:dc:4d:e3:3d:7c:fd:12:25:86:39:54:d3:5f:16:24:08:46:
e0:46:0a:b2:9e:45:ad:2f:bd:59:08:34:20:1f:2d:31:a1:d8:
0c:46:94:cb
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgICAOYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzRCNEExMTAvBgNVBAUTKEFDQ0JGMjZBMTlEOUUxNEMzMUY1RjM3RTFCOTY2RDg2
QTUwNEI0NkIwHhcNMjUwNzAxMDY0NDMxWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODYzODNjZi1iOGE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtHP8HcodDvJGB/0CZI4VxVR9Eekn3Mh8ihXV1+zoB8aIQMJDKXu0VyZRKqLO
KIxmxHwZ9jYISP67AfxsBO+uCYa6VIuw9i1C88ttFfh4DlppI/LBO2ermzAqKdj6
olTOJfPfwVamhBoAonabYjLBdmP4abTCP5SNrxExNOPTTc0a6N26PND4K6VX/PzI
tom8i0RZBgzy8U8y9DJ8Sm8rbxN4LzftwJeeYEr5wVZm1oos0su9lcAqVzFKW2+n
x1OG/5AelolcoAX+WstmsCqKoo6vRqxTSFsQgxyZGpZW1aOKgMoVdLfjYhTKET3R
vYI2YLC/JT4iwaXJjR4dFbPziwIDAQABo4IC0DCCAswwHQYDVR0OBBYEFLWp7ihF
T+UcUdLwjv5oBLm++gRzMB8GA1UdIwQYMBaAFKzL8moZ2eFMMfXzfhuWbYalBLRr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNEI0QS9FQjM5M0Q0RTJG
ODkxMUVGQTNEMDRBNkJDNEY5QUUwMi9yTXZ5YWhuWjRVd3g5Zk4tRzVadGhxVUV0
R3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JNdnlhaG5aNFV3eDlmTi1HNVp0aHFVRXRHcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzRCNEEvRUIzOTNENEUyRjg5MTFFRkEzRDA0QTZCQzRGOUFFMDIvRTUxMDg3RDZG
MUEwMTFFRjhCQ0NGRTdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWgYIKwYBBQUHAQcBAf8E
SzBJMEcEAgACMEEDBgAkAaZgAjASAwcAJAGmYAkBAwcBJAGmYAkIMBEDBgQkAaZg
EAMHASQBpmAQCDAQAwYAJAGmYBEDBgAkAaZgEjANBgkqhkiG9w0BAQsFAAOCAQEA
nqIUDdB0vfHJ7QuI4OJZBALG+890Bj3qDuyzjMk1G3J2R87ifE2nmYbUKXF1bxFi
lKJLAswLExq1wPLGeCnCod+PluccpQiR4o7KUEVVBP+T1XDbWE4sVEDGWLPMKifr
bdBGkN4VMawvNKPZAuP7qprm6Ttf/NncsDHL4SOLXuqFjXaEVPaF94e799dV836t
Q/GSFpqjCIqGWCiKMU8ECSEZ4ejZg8TcSvmIpduWLJXAj9LUyaqdksi3U6CNq/km
p3kb9Y8xAUlgZvYnDaN9ob4wkEGk+2b+uNxN4z18/RIlhjlU018WJAhG4EYKsp5F
rS+9WQg0IB8tMaHYDEaUyw==
-----END CERTIFICATE-----
Generated at Thu Jul 3 00:56:42 2025 by rpki-client