Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/AC61350A4E3C11EF9286040CC4F9AE02.roa
File: AC61350A4E3C11EF9286040CC4F9AE02.roa (raw, json)
Hash identifier: xmUdCyM5QiDqgFWRT2zLDTG1JQ+2+BywRs7fgy8s9m8=
Subject key identifier: DA:1D:3F:D0:A2:C0:03:3D:73:1D:0F:65:7A:43:92:6E:51:48:DE:4C
Certificate issuer: /CN=A915EBC8/serialNumber=C621848151F797BF723107F14D62C67A213A53E3
Certificate serial: 0295
Authority key identifier: C6:21:84:81:51:F7:97:BF:72:31:07:F1:4D:62:C6:7A:21:3A:53:E3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xiGEgVH3l79yMQfxTWLGeiE6U-M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/AC61350A4E3C11EF9286040CC4F9AE02.roa
Signing time: Thu 30 Apr 2026 08:06:47 +0000
ROA not before: Thu 30 Apr 2026 08:06:47 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 10235
IP address blocks: 164.53.0.0/16 maxlen: 16
164.53.28.0/24 maxlen: 24
164.53.29.0/24 maxlen: 24
164.53.42.0/24 maxlen: 24
164.53.43.0/24 maxlen: 24
164.53.44.0/23 maxlen: 23
164.53.46.0/23 maxlen: 23
164.53.65.0/24 maxlen: 24
164.53.67.0/24 maxlen: 24
164.53.70.0/24 maxlen: 24
164.53.71.0/24 maxlen: 24
164.53.78.0/24 maxlen: 24
164.53.92.0/24 maxlen: 24
164.53.97.0/24 maxlen: 24
164.53.98.0/23 maxlen: 23
164.53.99.254/32 maxlen: 32
164.53.122.0/24 maxlen: 24
164.53.124.0/24 maxlen: 24
164.53.125.0/24 maxlen: 24
164.53.139.0/24 maxlen: 24
164.53.152.0/24 maxlen: 24
164.53.158.0/23 maxlen: 23
164.53.160.0/23 maxlen: 23
164.53.162.0/24 maxlen: 24
164.53.164.0/23 maxlen: 23
164.53.166.0/23 maxlen: 23
164.53.168.0/23 maxlen: 23
164.53.170.0/24 maxlen: 24
164.53.171.0/24 maxlen: 24
164.53.176.16/28 maxlen: 28
164.53.182.0/23 maxlen: 23
164.53.184.0/24 maxlen: 24
164.53.185.0/24 maxlen: 24
164.53.186.0/24 maxlen: 24
164.53.187.0/24 maxlen: 24
164.53.192.0/24 maxlen: 24
164.53.192.254/32 maxlen: 32
164.53.193.0/24 maxlen: 24
164.53.195.0/24 maxlen: 24
164.53.200.0/24 maxlen: 24
164.53.201.0/24 maxlen: 24
164.53.202.0/24 maxlen: 24
164.53.203.0/24 maxlen: 24
164.53.204.0/22 maxlen: 22
164.53.214.0/23 maxlen: 23
164.53.215.254/32 maxlen: 32
164.53.216.0/24 maxlen: 24
164.53.218.0/23 maxlen: 23
164.53.220.0/23 maxlen: 23
164.53.222.0/23 maxlen: 23
164.53.224.0/22 maxlen: 22
164.53.230.0/23 maxlen: 23
164.53.232.0/24 maxlen: 24
164.53.234.0/23 maxlen: 23
164.53.238.0/24 maxlen: 24
164.53.239.0/24 maxlen: 24
164.53.241.0/24 maxlen: 24
164.53.244.0/24 maxlen: 24
164.53.246.0/24 maxlen: 24
164.53.252.0/24 maxlen: 24
164.53.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/xiGEgVH3l79yMQfxTWLGeiE6U-M.crl
rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/xiGEgVH3l79yMQfxTWLGeiE6U-M.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xiGEgVH3l79yMQfxTWLGeiE6U-M.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 20 May 2026 02:38:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 661 (0x295)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915EBC8, serialNumber=C621848151F797BF723107F14D62C67A213A53E3
Validity
Not Before: Apr 30 08:06:47 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=69f30d96-d0f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:68:92:c3:5e:b1:98:41:8c:fc:e7:67:05:ee:
a5:8e:53:0a:b0:af:cb:40:19:e6:13:5d:ef:5d:c7:
a3:ac:89:04:dc:0c:53:34:6d:6c:a6:5d:7f:57:97:
39:9b:c0:0e:30:5f:10:15:8f:51:bf:84:05:8c:72:
d7:88:46:1c:67:18:f4:60:ee:8b:4b:06:aa:44:b4:
15:9f:85:9a:fa:d4:e0:48:47:be:07:24:85:11:45:
4f:c4:78:15:70:56:1e:e8:d5:0e:37:4c:2a:c3:fd:
c7:99:81:7d:90:0c:25:7c:8f:6d:8c:07:02:f9:14:
0a:7e:d2:7c:e4:57:ee:a5:d8:08:3b:7c:75:7f:07:
c2:27:f6:47:f7:17:6c:37:c2:3e:70:73:16:0a:53:
8c:9a:63:d7:cc:14:52:9b:ec:c1:a8:e2:e1:be:64:
5d:78:45:89:d3:0a:5d:ec:d5:a5:40:36:d1:93:f7:
e3:ff:b2:08:37:51:39:63:39:15:6b:c2:f2:69:53:
46:19:10:1b:f4:a1:f9:e0:2f:4e:4b:10:b0:42:65:
34:e0:2d:ca:e4:47:b5:92:51:9c:43:0d:97:c7:6b:
85:9f:5a:56:57:c9:6f:96:f4:cc:65:9a:d4:be:28:
d9:e8:01:a2:3a:3b:c3:bf:da:36:2b:cc:cd:0e:88:
5d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:1D:3F:D0:A2:C0:03:3D:73:1D:0F:65:7A:43:92:6E:51:48:DE:4C
X509v3 Authority Key Identifier:
keyid:C6:21:84:81:51:F7:97:BF:72:31:07:F1:4D:62:C6:7A:21:3A:53:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/xiGEgVH3l79yMQfxTWLGeiE6U-M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xiGEgVH3l79yMQfxTWLGeiE6U-M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/AC61350A4E3C11EF9286040CC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
164.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
51:9b:a4:a5:33:84:d0:61:88:8c:96:27:c9:05:d2:c7:1f:2c:
26:0b:f5:af:58:e9:56:80:f7:92:3b:5c:2f:1d:4a:0b:01:a0:
03:33:27:95:f3:84:91:2c:ae:6b:bf:30:7e:14:c7:4b:b5:85:
8e:2c:5e:8d:c9:bc:2d:3c:ab:3b:5a:ae:83:5f:5c:cb:bc:67:
bd:48:e2:49:fa:68:f7:42:51:36:7a:29:8c:58:5a:60:72:9a:
69:d2:58:29:90:d5:cd:44:8c:4b:08:4f:1d:2c:f0:f9:ac:ea:
ab:26:db:c9:b3:8d:97:6f:c2:a3:4f:04:52:e3:74:95:09:91:
14:27:99:20:50:67:9f:33:34:83:40:37:e9:bc:33:cc:59:8f:
e6:0b:81:6a:97:06:79:1c:64:73:6f:2b:4b:06:77:1d:a1:9f:
f3:a0:7a:31:71:e1:5e:cb:41:5a:9c:f8:22:2c:db:06:71:a1:
ab:cc:f0:8e:74:9b:87:54:b0:7b:43:3c:ce:b1:40:97:06:50:
6c:4a:79:7f:cd:66:98:b8:21:7c:09:6a:a7:f2:ba:f7:36:7a:
25:40:91:1d:c9:07:d9:62:03:88:08:5e:07:ba:1e:4b:02:4a:
66:c1:da:68:e9:83:e9:88:4f:38:e0:d5:eb:90:eb:51:3a:a8:
91:3f:0e:2d
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgICApUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUVCQzgxMTAvBgNVBAUTKEM2MjE4NDgxNTFGNzk3QkY3MjMxMDdGMTRENjJDNjdB
MjEzQTUzRTMwHhcNMjYwNDMwMDgwNjQ3WhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWYzMGQ5Ni1kMGY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs2iSw16xmEGM/OdnBe6ljlMKsK/LQBnmE13vXcejrIkE3AxTNG1spl1/V5c5
m8AOMF8QFY9Rv4QFjHLXiEYcZxj0YO6LSwaqRLQVn4Wa+tTgSEe+BySFEUVPxHgV
cFYe6NUON0wqw/3HmYF9kAwlfI9tjAcC+RQKftJ85FfupdgIO3x1fwfCJ/ZH9xds
N8I+cHMWClOMmmPXzBRSm+zBqOLhvmRdeEWJ0wpd7NWlQDbRk/fj/7IIN1E5YzkV
a8LyaVNGGRAb9KH54C9OSxCwQmU04C3K5Ee1klGcQw2Xx2uFn1pWV8lvlvTMZZrU
vijZ6AGiOjvDv9o2K8zNDohd+QIDAQABo4ICXzCCAlswHQYDVR0OBBYEFNodP9Ci
wAM9cx0PZXpDkm5RSN5MMB8GA1UdIwQYMBaAFMYhhIFR95e/cjEH8U1ixnohOlPj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RUJDOC81ODk4MjBDMkVG
MDIxMUVEOEMyREQ5MUZDNEY5QUUwMi94aUdFZ1ZIM2w3OXlNUWZ4VFdMR2VpRTZV
LU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3hpR0VnVkgzbDc5eU1RZnhUV0xHZWlFNlUtTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUVCQzgvNTg5ODIwQzJFRjAyMTFFRDhDMkREOTFGQzRGOUFFMDIvQUM2MTM1MEE0
RTNDMTFFRjkyODYwNDBDQzRGOUFFMDIucm9hMB4GCCsGAQUFBwEHAQH/BA8wDTAL
BAIAATAFAwMApDUwDQYJKoZIhvcNAQELBQADggEBAFGbpKUzhNBhiIyWJ8kF0scf
LCYL9a9Y6VaA95I7XC8dSgsBoAMzJ5XzhJEsrmu/MH4Ux0u1hY4sXo3JvC08qzta
roNfXMu8Z71I4kn6aPdCUTZ6KYxYWmBymmnSWCmQ1c1EjEsITx0s8Pms6qsm28mz
jZdvwqNPBFLjdJUJkRQnmSBQZ58zNINAN+m8M8xZj+YLgWqXBnkcZHNvK0sGdx2h
n/OgejFx4V7LQVqc+CIs2wZxoavM8I50m4dUsHtDPM6xQJcGUGxKeX/NZpi4IXwJ
aqfyuvc2eiVAkR3JB9liA4gIXge6HksCSmbB2mjpg+mITzjg1euQ61E6qJE/Di0=
-----END CERTIFICATE-----
Generated at Wed May 13 07:34:31 2026 by rpki-client