Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/AC61350A4E3C11EF9286040CC4F9AE02.roa
File: AC61350A4E3C11EF9286040CC4F9AE02.roa (raw, json)
Hash identifier: f761NBuqVy8QZS/G2DKJyXg8yHr9izjybb2tsi+q8yM=
Subject key identifier: F6:7B:6F:11:30:D6:C2:E8:7F:F2:86:D7:AE:9A:68:8A:32:76:A7:07
Certificate issuer: /CN=A915EBC8/serialNumber=C621848151F797BF723107F14D62C67A213A53E3
Certificate serial: 0270
Authority key identifier: C6:21:84:81:51:F7:97:BF:72:31:07:F1:4D:62:C6:7A:21:3A:53:E3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xiGEgVH3l79yMQfxTWLGeiE6U-M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/AC61350A4E3C11EF9286040CC4F9AE02.roa
Signing time: Thu 05 Mar 2026 08:24:25 +0000
ROA not before: Thu 05 Mar 2026 08:24:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 10235
IP address blocks: 164.53.0.0/16 maxlen: 16
164.53.28.0/24 maxlen: 24
164.53.29.0/24 maxlen: 24
164.53.42.0/24 maxlen: 24
164.53.43.0/24 maxlen: 24
164.53.44.0/23 maxlen: 23
164.53.46.0/23 maxlen: 23
164.53.65.0/24 maxlen: 24
164.53.67.0/24 maxlen: 24
164.53.70.0/24 maxlen: 24
164.53.71.0/24 maxlen: 24
164.53.78.0/24 maxlen: 24
164.53.92.0/24 maxlen: 24
164.53.97.0/24 maxlen: 24
164.53.98.0/23 maxlen: 23
164.53.99.254/32 maxlen: 32
164.53.122.0/24 maxlen: 24
164.53.124.0/24 maxlen: 24
164.53.125.0/24 maxlen: 24
164.53.139.0/24 maxlen: 24
164.53.152.0/24 maxlen: 24
164.53.158.0/23 maxlen: 23
164.53.160.0/23 maxlen: 23
164.53.162.0/24 maxlen: 24
164.53.164.0/23 maxlen: 23
164.53.166.0/23 maxlen: 23
164.53.168.0/23 maxlen: 23
164.53.170.0/24 maxlen: 24
164.53.171.0/24 maxlen: 24
164.53.176.16/28 maxlen: 28
164.53.182.0/23 maxlen: 23
164.53.184.0/24 maxlen: 24
164.53.185.0/24 maxlen: 24
164.53.186.0/24 maxlen: 24
164.53.187.0/24 maxlen: 24
164.53.192.0/24 maxlen: 24
164.53.192.254/32 maxlen: 32
164.53.193.0/24 maxlen: 24
164.53.195.0/24 maxlen: 24
164.53.204.0/22 maxlen: 22
164.53.214.0/23 maxlen: 23
164.53.215.254/32 maxlen: 32
164.53.216.0/24 maxlen: 24
164.53.218.0/23 maxlen: 23
164.53.220.0/23 maxlen: 23
164.53.222.0/23 maxlen: 23
164.53.224.0/22 maxlen: 22
164.53.230.0/23 maxlen: 23
164.53.232.0/24 maxlen: 24
164.53.234.0/23 maxlen: 23
164.53.238.0/24 maxlen: 24
164.53.239.0/24 maxlen: 24
164.53.241.0/24 maxlen: 24
164.53.244.0/24 maxlen: 24
164.53.246.0/24 maxlen: 24
164.53.252.0/24 maxlen: 24
164.53.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/xiGEgVH3l79yMQfxTWLGeiE6U-M.crl
rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/xiGEgVH3l79yMQfxTWLGeiE6U-M.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xiGEgVH3l79yMQfxTWLGeiE6U-M.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 01 Apr 2026 02:10:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 624 (0x270)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915EBC8, serialNumber=C621848151F797BF723107F14D62C67A213A53E3
Validity
Not Before: Mar 5 08:24:25 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a93db9-ab1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3b:20:6f:5c:0a:b1:d7:4c:d7:14:3f:7e:6c:
02:0a:86:9e:7c:0f:cf:d8:42:fa:fd:13:a4:45:76:
f0:8a:26:79:6c:c6:49:c3:00:36:46:65:74:35:7c:
78:ce:9a:45:42:20:0d:bb:0b:04:a8:47:3c:f5:ab:
22:c7:78:48:62:d1:25:aa:4d:b5:c1:9e:71:b8:77:
d0:00:23:fe:4a:80:65:5e:77:ac:87:0e:1c:3b:4f:
79:90:08:f8:2a:1a:b6:f0:c5:23:f6:4e:4b:be:50:
6e:5c:bf:44:8c:8b:76:49:38:0c:13:72:5f:bd:79:
1d:db:88:30:15:ea:fc:a0:35:f6:ee:1f:95:a4:7e:
3e:9a:e5:2c:fc:13:ec:15:2f:66:e2:0d:81:9a:be:
ed:61:31:fb:3e:82:9c:e6:57:1a:4d:b6:04:65:22:
e5:17:74:d5:f1:c0:e4:dc:44:50:97:5f:fc:d3:a9:
ef:14:30:b5:b2:c0:3e:7c:10:04:9b:ba:ad:e6:8f:
d9:69:ce:9e:c6:f0:79:0f:2b:a7:13:54:bd:9b:7d:
8a:3d:36:5f:08:b4:8b:cf:38:75:0a:fe:4b:af:97:
0d:ff:18:67:90:40:db:47:e5:25:43:7f:54:6c:b0:
7a:a0:c5:79:7c:43:29:50:8f:97:f5:98:5c:ba:64:
e0:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:7B:6F:11:30:D6:C2:E8:7F:F2:86:D7:AE:9A:68:8A:32:76:A7:07
X509v3 Authority Key Identifier:
keyid:C6:21:84:81:51:F7:97:BF:72:31:07:F1:4D:62:C6:7A:21:3A:53:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/xiGEgVH3l79yMQfxTWLGeiE6U-M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xiGEgVH3l79yMQfxTWLGeiE6U-M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/AC61350A4E3C11EF9286040CC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
164.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9e:1a:3b:32:bd:ae:ce:42:06:f2:79:05:af:c1:5a:9c:67:71:
fb:00:4c:6a:df:05:0f:cf:3a:f3:cb:6d:88:1c:bd:4f:c7:d5:
53:48:51:32:1a:27:61:1e:d0:0b:b7:56:77:3e:cd:c3:32:fa:
2b:2f:58:8a:73:fb:b1:ad:fc:b5:03:b4:c3:fe:0c:aa:ef:11:
6a:c8:29:66:1e:e3:e3:a0:5c:79:b9:b8:70:c1:78:51:0b:13:
80:35:34:4c:e3:ad:c5:e5:57:71:a7:d6:55:99:2e:ff:91:f9:
61:56:e6:23:3e:a9:0c:35:1c:2b:2c:2e:18:93:df:8b:7f:35:
c0:ab:e6:75:40:07:2b:dc:dd:73:bb:7b:7f:77:ee:f3:29:2f:
82:3b:2d:39:0c:e9:50:0f:f6:7a:ff:1f:b6:35:ec:d6:ce:b5:
8f:44:83:af:aa:cd:f8:f8:02:19:6a:e9:c0:3c:76:8c:f7:e3:
93:b8:45:38:a2:aa:4a:eb:8c:5e:eb:73:ab:5d:83:e8:9f:57:
d2:a2:e0:97:59:7e:85:5e:40:2d:50:69:52:79:23:2a:2e:16:
72:6b:df:f9:3d:04:d8:b3:e6:de:fe:9c:0b:b4:00:38:29:af:
ef:19:5f:f7:1c:2c:7f:e6:f9:e5:c8:da:dc:a1:a2:12:35:11:
78:fa:0a:74
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgICAnAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUVCQzgxMTAvBgNVBAUTKEM2MjE4NDgxNTFGNzk3QkY3MjMxMDdGMTRENjJDNjdB
MjEzQTUzRTMwHhcNMjYwMzA1MDgyNDI1WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE5M2RiOS1hYjFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArzsgb1wKsddM1xQ/fmwCCoaefA/P2EL6/ROkRXbwiiZ5bMZJwwA2RmV0NXx4
zppFQiANuwsEqEc89asix3hIYtElqk21wZ5xuHfQACP+SoBlXneshw4cO095kAj4
Khq28MUj9k5LvlBuXL9EjIt2STgME3JfvXkd24gwFer8oDX27h+VpH4+muUs/BPs
FS9m4g2Bmr7tYTH7PoKc5lcaTbYEZSLlF3TV8cDk3ERQl1/806nvFDC1ssA+fBAE
m7qt5o/Zac6exvB5DyunE1S9m32KPTZfCLSLzzh1Cv5Lr5cN/xhnkEDbR+UlQ39U
bLB6oMV5fEMpUI+X9ZhcumTguwIDAQABo4ICXzCCAlswHQYDVR0OBBYEFPZ7bxEw
1sLof/KG166aaIoydqcHMB8GA1UdIwQYMBaAFMYhhIFR95e/cjEH8U1ixnohOlPj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RUJDOC81ODk4MjBDMkVG
MDIxMUVEOEMyREQ5MUZDNEY5QUUwMi94aUdFZ1ZIM2w3OXlNUWZ4VFdMR2VpRTZV
LU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3hpR0VnVkgzbDc5eU1RZnhUV0xHZWlFNlUtTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUVCQzgvNTg5ODIwQzJFRjAyMTFFRDhDMkREOTFGQzRGOUFFMDIvQUM2MTM1MEE0
RTNDMTFFRjkyODYwNDBDQzRGOUFFMDIucm9hMB4GCCsGAQUFBwEHAQH/BA8wDTAL
BAIAATAFAwMApDUwDQYJKoZIhvcNAQELBQADggEBAJ4aOzK9rs5CBvJ5Ba/BWpxn
cfsATGrfBQ/POvPLbYgcvU/H1VNIUTIaJ2Ee0Au3Vnc+zcMy+isvWIpz+7Gt/LUD
tMP+DKrvEWrIKWYe4+OgXHm5uHDBeFELE4A1NEzjrcXlV3Gn1lWZLv+R+WFW5iM+
qQw1HCssLhiT34t/NcCr5nVAByvc3XO7e3937vMpL4I7LTkM6VAP9nr/H7Y17NbO
tY9Eg6+qzfj4Ahlq6cA8doz345O4RTiiqkrrjF7rc6tdg+ifV9Ki4JdZfoVeQC1Q
aVJ5IyouFnJr3/k9BNiz5t7+nAu0ADgpr+8ZX/ccLH/m+eXI2tyhohI1EXj6CnQ=
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:08:23 2026 by rpki-client