Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/087D2D80C4A711EB917EC55EC4F9AE02.roa
File: 087D2D80C4A711EB917EC55EC4F9AE02.roa (raw, json)
Hash identifier: JTvl8U3RWCnUN10nfObiok3Mo+lFaXJW18PZyesoW7g=
Subject key identifier: 06:22:10:11:2E:05:B0:75:C0:E7:FB:3E:53:B7:D6:4B:E0:6D:FB:4E
Certificate issuer: /CN=A91402DC/serialNumber=C2B9F5F3C68C576727239B92A93B36297D1B1653
Certificate serial: 134B
Authority key identifier: C2:B9:F5:F3:C6:8C:57:67:27:23:9B:92:A9:3B:36:29:7D:1B:16:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/087D2D80C4A711EB917EC55EC4F9AE02.roa
Signing time: Thu 14 Aug 2025 17:26:50 +0000
ROA not before: Thu 14 Aug 2025 17:26:50 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 4657
IP address blocks: 27.54.0.0/18 maxlen: 24
27.125.128.0/18 maxlen: 24
39.109.128.0/17 maxlen: 24
45.65.0.0/22 maxlen: 24
58.96.192.0/18 maxlen: 24
61.8.192.0/19 maxlen: 24
61.8.224.0/19 maxlen: 24
101.127.0.0/16 maxlen: 24
103.17.144.0/22 maxlen: 24
111.223.64.0/18 maxlen: 18
111.223.64.0/19 maxlen: 24
111.223.96.0/19 maxlen: 24
113.10.64.0/18 maxlen: 24
117.20.128.0/18 maxlen: 24
122.11.128.0/17 maxlen: 24
124.155.192.0/19 maxlen: 24
171.0.0.0/15 maxlen: 15
171.0.0.0/16 maxlen: 24
171.1.0.0/16 maxlen: 24
171.207.0.0/16 maxlen: 24
182.19.128.0/17 maxlen: 24
182.55.0.0/16 maxlen: 24
183.90.0.0/17 maxlen: 24
203.116.0.0/16 maxlen: 24
203.117.0.0/16 maxlen: 24
203.118.0.0/18 maxlen: 24
2406:3000::/30 maxlen: 32
2406:3000::/40 maxlen: 48
2406:3000:2::/56 maxlen: 64
2406:3000:2:100::/56 maxlen: 64
2406:3000:3::/56 maxlen: 64
2406:3000:a::/56 maxlen: 64
2406:3000:c::/56 maxlen: 56
2406:3000:c:100::/56 maxlen: 56
2406:3000:11::/56 maxlen: 64
2406:3000:11:1000::/56 maxlen: 64
2406:3000:11:2000::/56 maxlen: 64
2406:3000:12::/48 maxlen: 56
2406:3000:12::/56 maxlen: 64
2406:3000:12:100::/56 maxlen: 64
2406:3000:20::/56 maxlen: 64
2406:3000:22::/56 maxlen: 64
2406:3000:35::/56 maxlen: 64
2406:3000:36::/56 maxlen: 64
2406:3000:36:100::/56 maxlen: 64
2406:3000:38::/56 maxlen: 64
2406:3000:4f::/56 maxlen: 64
2406:3000:4f:100::/56 maxlen: 64
2406:3000:1000::/56 maxlen: 64
2406:3000:1000:100::/56 maxlen: 56
2406:3000:ad53::/49 maxlen: 49
2406:3001:20::/56 maxlen: 64
2406:3001:22::/56 maxlen: 64
2406:3001:23::/56 maxlen: 64
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.crl
rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Aug 2025 17:19:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4939 (0x134b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91402DC, serialNumber=C2B9F5F3C68C576727239B92A93B36297D1B1653
Validity
Not Before: Aug 14 17:26:50 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=689e1c5a-d7bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:fd:24:20:de:c3:bf:f6:6d:54:49:78:b2:79:
da:1c:b2:0a:55:ef:f0:de:92:89:a9:d5:5f:c1:c3:
01:3c:10:f0:12:68:10:5a:89:2d:94:7c:80:08:22:
4b:a7:cb:99:54:83:38:48:b2:5a:5c:b9:06:51:b2:
36:36:c0:f5:de:e8:9d:83:e8:20:0d:48:2e:3c:d4:
93:5a:8b:39:0d:3c:67:5d:90:76:25:4c:1e:6b:b1:
02:5b:3f:99:12:e8:3c:7f:9a:ed:36:e4:2b:6c:d4:
32:e1:ae:56:03:17:23:a3:74:5f:ce:a7:b0:7b:0b:
e9:a8:a5:25:58:02:9e:03:88:33:69:b7:07:c5:f8:
79:1b:16:f3:72:ac:b9:33:51:c0:fb:f9:6b:55:e7:
0c:f9:a0:d5:6c:55:5b:e4:28:d6:00:9d:a7:7f:b0:
58:f9:1f:86:c3:08:cf:64:d8:a8:71:4a:7c:cc:a5:
a1:7b:2f:89:4a:bc:13:7d:ee:c7:a9:fc:b7:1c:ad:
11:d9:e8:89:eb:b7:b4:8e:45:2a:06:79:e5:b2:87:
d4:c2:f3:bb:4e:ec:5b:e7:0c:db:9b:9a:2d:16:66:
7f:4b:ac:19:6e:da:ac:c5:31:b9:e1:fb:88:e4:a3:
ea:12:f0:37:03:00:63:8a:b8:3d:bf:42:2d:2c:3b:
26:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:22:10:11:2E:05:B0:75:C0:E7:FB:3E:53:B7:D6:4B:E0:6D:FB:4E
X509v3 Authority Key Identifier:
keyid:C2:B9:F5:F3:C6:8C:57:67:27:23:9B:92:A9:3B:36:29:7D:1B:16:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/087D2D80C4A711EB917EC55EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.54.0.0/18
27.125.128.0/18
39.109.128.0/17
45.65.0.0/22
58.96.192.0/18
61.8.192.0/18
101.127.0.0/16
103.17.144.0/22
111.223.64.0/18
113.10.64.0/18
117.20.128.0/18
122.11.128.0/17
124.155.192.0/19
171.0.0.0/15
171.207.0.0/16
182.19.128.0/17
182.55.0.0/16
183.90.0.0/17
203.116.0.0-203.118.63.255
IPv6:
2406:3000::/30
Signature Algorithm: sha256WithRSAEncryption
8a:c8:7b:27:64:59:aa:89:74:a8:37:c2:bc:79:ab:93:c8:82:
8a:41:84:0b:06:54:f1:0d:86:9b:58:cb:6b:91:46:32:e8:a6:
31:d0:98:55:22:4d:a2:78:bd:d8:a9:88:c6:0a:5f:3f:ff:49:
d0:d4:f2:df:1c:9a:5b:40:fc:97:24:6a:88:59:2d:c8:ac:eb:
5d:69:c3:08:ca:b8:64:80:c7:6c:3c:40:e4:8d:ac:6b:f2:ea:
8e:65:f2:a7:be:9d:40:46:e4:ea:0b:82:12:af:8a:22:ad:82:
d0:e9:1b:9a:74:15:bd:5d:01:db:c8:ff:53:ed:2c:b7:ac:8b:
5c:bc:68:f1:fc:30:b7:2e:17:55:b5:f4:9b:70:34:50:9c:8f:
a1:e6:f4:e4:77:c3:ef:7f:22:1e:a9:73:15:a8:80:6f:d6:6a:
9c:61:ce:c8:1f:51:f9:cc:8e:3e:55:ef:53:cc:ab:b3:b6:f8:
17:14:ef:0f:2d:ed:64:3f:fb:5e:8d:1e:16:46:5c:48:65:6a:
fb:39:52:ce:1d:70:f3:b6:75:7c:31:5b:ad:67:f1:0f:3c:8a:
09:03:5c:00:6d:e8:8f:89:72:0b:69:03:32:a5:df:80:f7:5d:
3f:4b:e1:01:dd:e4:f1:f9:88:34:09:b2:4a:87:43:d4:7e:f6:
f2:81:29:92
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgICE0swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDAyREMxMTAvBgNVBAUTKEMyQjlGNUYzQzY4QzU3NjcyNzIzOUI5MkE5M0IzNjI5
N0QxQjE2NTMwHhcNMjUwODE0MTcyNjUwWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODllMWM1YS1kN2JmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7/0kIN7Dv/ZtVEl4snnaHLIKVe/w3pKJqdVfwcMBPBDwEmgQWoktlHyACCJL
p8uZVIM4SLJaXLkGUbI2NsD13uidg+ggDUguPNSTWos5DTxnXZB2JUwea7ECWz+Z
Eug8f5rtNuQrbNQy4a5WAxcjo3RfzqewewvpqKUlWAKeA4gzabcHxfh5Gxbzcqy5
M1HA+/lrVecM+aDVbFVb5CjWAJ2nf7BY+R+GwwjPZNiocUp8zKWhey+JSrwTfe7H
qfy3HK0R2eiJ67e0jkUqBnnlsofUwvO7Tuxb5wzbm5otFmZ/S6wZbtqsxTG54fuI
5KPqEvA3AwBjirg9v0ItLDsmOQIDAQABo4IDFjCCAxIwHQYDVR0OBBYEFAYiEBEu
BbB1wOf7PlO31kvgbftOMB8GA1UdIwQYMBaAFMK59fPGjFdnJyObkqk7Nil9GxZT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDJEQy8yRDUxQUY0MkZE
M0UxMUU4ODhDNTM5NDRDNEY5QUUwMi93cm4xODhhTVYyY25JNXVTcVRzMktYMGJG
bE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dybjE4OGFNVjJjbkk1dVNxVHMyS1gwYkZsTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDAyREMvMkQ1MUFGNDJGRDNFMTFFODg4QzUzOTQ0QzRGOUFFMDIvMDg3RDJEODBD
NEE3MTFFQjkxN0VDNTVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZ8GCCsGAQUFBwEHAQH/
BIGPMIGMMHsEAgABMHUDBAYbNgADBAYbfYADBAcnbYADBAItQQADBAY6YMADBAY9
CMADAwBlfwMEAmcRkAMEBm/fQAMEBnEKQAMEBnUUgAMEB3oLgAMEBXybwAMDAasA
AwMAq88DBAe2E4ADAwC2NwMEB7daADALAwMCy3QDBAbLdgAwDQQCAAIwBwMFAiQG
MAAwDQYJKoZIhvcNAQELBQADggEBAIrIeydkWaqJdKg3wrx5q5PIgopBhAsGVPEN
hptYy2uRRjLopjHQmFUiTaJ4vdipiMYKXz//SdDU8t8cmltA/JckaohZLcis611p
wwjKuGSAx2w8QOSNrGvy6o5l8qe+nUBG5OoLghKviiKtgtDpG5p0Fb1dAdvI/1Pt
LLesi1y8aPH8MLcuF1W19JtwNFCcj6Hm9OR3w+9/Ih6pcxWogG/WapxhzsgfUfnM
jj5V71PMq7O2+BcU7w8t7WQ/+16NHhZGXEhlavs5Us4dcPO2dXwxW61n8Q88igkD
XABt6I+JcgtpAzKl34D3XT9L4QHd5PH5iDQJskqHQ9R+9vKBKZI=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:51:58 2025 by rpki-client