Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/005CDC821F1411EC85E08546C4F9AE02.roa
File: 005CDC821F1411EC85E08546C4F9AE02.roa (raw, json)
Hash identifier: UjSbQygt5LC2l7V88EjIn2A0ZEggmitZY+iL8OvjiZ8=
Subject key identifier: 9F:69:93:D7:31:CA:9C:E7:D9:57:7D:99:30:E7:4B:39:1E:8D:61:DF
Certificate issuer: /CN=A91406AA/serialNumber=218A8AA050267B0805E3FDC8A939BF8FBCB00101
Certificate serial: 06EF
Authority key identifier: 21:8A:8A:A0:50:26:7B:08:05:E3:FD:C8:A9:39:BF:8F:BC:B0:01:01
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/005CDC821F1411EC85E08546C4F9AE02.roa
Signing time: Wed 08 Oct 2025 22:24:21 +0000
ROA not before: Wed 08 Oct 2025 22:24:21 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 23655
IP address blocks: 151.210.128.0/17 maxlen: 17
151.210.128.0/23 maxlen: 23
151.210.130.0/23 maxlen: 23
151.210.132.0/23 maxlen: 23
151.210.134.0/23 maxlen: 23
151.210.136.0/23 maxlen: 23
151.210.138.0/23 maxlen: 23
151.210.140.0/23 maxlen: 23
151.210.142.0/23 maxlen: 23
151.210.144.0/23 maxlen: 23
151.210.146.0/23 maxlen: 23
151.210.148.0/23 maxlen: 23
151.210.150.0/23 maxlen: 23
151.210.152.0/23 maxlen: 23
151.210.154.0/23 maxlen: 23
151.210.156.0/23 maxlen: 23
151.210.158.0/23 maxlen: 23
151.210.160.0/23 maxlen: 23
151.210.162.0/23 maxlen: 23
151.210.164.0/23 maxlen: 23
151.210.166.0/23 maxlen: 23
151.210.168.0/23 maxlen: 23
151.210.170.0/23 maxlen: 23
151.210.172.0/23 maxlen: 23
151.210.174.0/23 maxlen: 23
151.210.224.0/23 maxlen: 23
151.210.226.0/23 maxlen: 23
151.210.228.0/23 maxlen: 23
151.210.230.0/23 maxlen: 23
151.210.232.0/23 maxlen: 23
151.210.234.0/23 maxlen: 23
151.210.236.0/23 maxlen: 23
151.210.238.0/23 maxlen: 23
151.210.240.0/23 maxlen: 23
151.210.242.0/23 maxlen: 23
151.210.244.0/23 maxlen: 23
151.210.246.0/23 maxlen: 23
151.210.248.0/23 maxlen: 23
151.210.250.0/23 maxlen: 23
151.210.252.0/23 maxlen: 23
151.210.254.0/23 maxlen: 23
165.84.0.0/19 maxlen: 19
165.84.48.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.crl
rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 23:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1775 (0x6ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91406AA, serialNumber=218A8AA050267B0805E3FDC8A939BF8FBCB00101
Validity
Not Before: Oct 8 22:24:21 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=68e6e495-6426
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:11:cc:a5:79:93:44:55:ae:3d:90:81:53:ce:
1f:a8:26:65:a3:4a:8f:f5:e2:d4:e2:30:b0:b2:00:
a1:5c:d2:49:70:c6:3a:c3:d6:98:9d:fd:a5:83:0b:
dc:9c:83:b1:30:b4:1b:cc:62:c9:98:cd:a0:88:e2:
02:84:90:1d:b0:d5:50:c8:46:30:4b:29:69:70:cc:
b3:3b:a2:40:ab:1b:53:4e:60:c7:22:fd:1b:39:9d:
4a:38:f4:9b:6f:ee:62:9e:08:2d:26:c0:f2:9a:76:
57:02:d5:79:72:af:a2:c0:7e:f0:9e:00:a5:70:63:
9e:8e:e0:16:60:84:3b:fd:d6:3e:bb:97:ee:ec:25:
ff:86:b5:c2:13:16:c2:70:42:39:0b:10:cc:48:88:
c6:d7:d0:be:fd:d8:8b:e7:dd:20:97:fc:85:b9:3f:
3a:0b:a8:57:e4:b2:64:20:63:9b:bc:cc:78:a1:5d:
2b:f4:fa:a4:10:3f:b7:b4:df:f5:46:a9:6c:8e:a1:
83:48:bd:f5:86:24:94:b3:be:a8:6c:0c:af:2e:09:
5e:fb:e7:c6:73:71:46:48:b4:0b:6a:13:5b:cd:43:
47:87:7a:c0:5e:35:6c:65:af:cb:03:a0:86:07:4a:
fc:ce:ce:16:76:be:2a:71:1c:cc:02:ff:f7:02:68:
97:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:69:93:D7:31:CA:9C:E7:D9:57:7D:99:30:E7:4B:39:1E:8D:61:DF
X509v3 Authority Key Identifier:
keyid:21:8A:8A:A0:50:26:7B:08:05:E3:FD:C8:A9:39:BF:8F:BC:B0:01:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/005CDC821F1411EC85E08546C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
151.210.128.0/17
165.84.0.0/19
165.84.48.0/20
Signature Algorithm: sha256WithRSAEncryption
74:c1:30:f0:dc:27:53:b0:1a:ad:c9:91:2a:30:66:ce:ba:c1:
45:54:8e:ea:dc:aa:42:82:4d:13:2c:b0:48:88:53:ad:71:27:
b4:5b:b0:98:02:11:cc:ee:be:03:02:e9:80:62:1b:77:13:e0:
44:67:12:69:42:ee:54:4f:64:44:04:20:0a:2e:81:7e:2f:3e:
e3:e0:99:44:d2:15:3c:50:cd:2f:18:42:a7:7b:c3:11:1d:77:
56:84:ce:86:23:29:9c:6e:85:70:aa:04:21:5e:51:da:8b:3d:
4f:d8:e6:83:8b:c7:49:a6:e7:42:25:c6:66:95:fc:66:85:f6:
f4:f4:57:23:e5:32:6d:60:28:15:ea:8c:5b:66:62:79:84:40:
02:2a:49:fa:dc:d8:62:65:ac:8d:70:d6:a2:bf:36:df:2a:06:
d7:76:b4:58:d5:34:c3:32:cf:3c:c7:ba:49:7f:57:65:02:3f:
b3:b9:0e:40:28:ae:ce:ad:06:72:53:86:08:bf:82:1b:b0:d6:
91:a5:21:a9:30:9c:fc:9c:1f:c0:b9:e0:84:37:bb:d2:e0:7d:
9d:69:9c:3a:7f:6f:40:3a:18:8e:ec:8a:29:8a:83:e1:66:c6:
8e:27:5d:6e:24:89:b6:88:8b:0f:b1:58:2e:66:d1:9f:94:2b:
f8:db:09:7f
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBu8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDA2QUExMTAvBgNVBAUTKDIxOEE4QUEwNTAyNjdCMDgwNUUzRkRDOEE5MzlCRjhG
QkNCMDAxMDEwHhcNMjUxMDA4MjIyNDIxWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGU2ZTQ5NS02NDI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsxHMpXmTRFWuPZCBU84fqCZlo0qP9eLU4jCwsgChXNJJcMY6w9aYnf2lgwvc
nIOxMLQbzGLJmM2giOIChJAdsNVQyEYwSylpcMyzO6JAqxtTTmDHIv0bOZ1KOPSb
b+5inggtJsDymnZXAtV5cq+iwH7wngClcGOejuAWYIQ7/dY+u5fu7CX/hrXCExbC
cEI5CxDMSIjG19C+/diL590gl/yFuT86C6hX5LJkIGObvMx4oV0r9PqkED+3tN/1
RqlsjqGDSL31hiSUs76obAyvLgle++fGc3FGSLQLahNbzUNHh3rAXjVsZa/LA6CG
B0r8zs4Wdr4qcRzMAv/3AmiXnQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFJ9pk9cx
ypzn2Vd9mTDnSzkejWHfMB8GA1UdIwQYMBaAFCGKiqBQJnsIBeP9yKk5v4+8sAEB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84NjU4RTQ2Njg2
QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9JWXFLb0ZBbWV3Z0Y0XzNJcVRtX2o3eXdB
UUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0lZcUtvRkFtZXdnRjRfM0lxVG1fajd5d0FRRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDA2QUEvODY1OEU0NjY4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvMDA1Q0RDODIx
RjE0MTFFQzg1RTA4NTQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAeX0oADBAWlVAADBASlVDAwDQYJKoZIhvcNAQELBQADggEB
AHTBMPDcJ1OwGq3JkSowZs66wUVUjurcqkKCTRMssEiIU61xJ7RbsJgCEczuvgMC
6YBiG3cT4ERnEmlC7lRPZEQEIAougX4vPuPgmUTSFTxQzS8YQqd7wxEdd1aEzoYj
KZxuhXCqBCFeUdqLPU/Y5oOLx0mm50IlxmaV/GaF9vT0VyPlMm1gKBXqjFtmYnmE
QAIqSfrc2GJlrI1w1qK/Nt8qBtd2tFjVNMMyzzzHukl/V2UCP7O5DkAors6tBnJT
hgi/ghuw1pGlIakwnPycH8C54IQ3u9LgfZ1pnDp/b0A6GI7siimKg+Fmxo4nXW4k
ibaIiw+xWC5m0Z+UK/jbCX8=
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:25:21 2025 by rpki-client