Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/7A5A3018369911EEA7B51070C4F9AE02.roa
File: 7A5A3018369911EEA7B51070C4F9AE02.roa (raw, json)
Hash identifier: 6yvR3WdEIl+m0VS2V1qa7J3UvweV10+1ZEVpXrlDYAc=
Subject key identifier: 79:6B:B1:A6:04:FC:B7:20:34:E0:96:C5:78:87:51:9D:12:A7:2C:DF
Certificate issuer: /CN=A9162EE1/serialNumber=6076BD0BA4DB797A72A68FEFF9BFB558C44398B2
Certificate serial: 0455
Authority key identifier: 60:76:BD:0B:A4:DB:79:7A:72:A6:8F:EF:F9:BF:B5:58:C4:43:98:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/7A5A3018369911EEA7B51070C4F9AE02.roa
Signing time: Tue 07 Oct 2025 00:58:07 +0000
ROA not before: Tue 07 Oct 2025 00:58:07 +0000
ROA not after: Wed 30 Dec 2026 00:00:00 +0000
asID: 141039
IP address blocks: 2407:e8c0:10::/48 maxlen: 48
2407:e8c0:14::/48 maxlen: 48
2407:e8c0:15::/48 maxlen: 48
2407:e8c0:16::/48 maxlen: 48
2407:e8c0:17::/48 maxlen: 48
2407:e8c0:18::/48 maxlen: 48
2407:e8c0:19::/48 maxlen: 48
2407:e8c0:1a::/48 maxlen: 48
2407:e8c0:1b::/48 maxlen: 48
2407:e8c0:1c::/48 maxlen: 48
2407:e8c0:1d::/48 maxlen: 48
2407:e8c0:1e::/48 maxlen: 48
2407:e8c0:4000::/40 maxlen: 40
2407:e8c0:4100::/40 maxlen: 40
2407:e8c0:4200::/40 maxlen: 40
2407:e8c0:4300::/40 maxlen: 40
2407:e8c0:4400::/40 maxlen: 40
2407:e8c0:4500::/40 maxlen: 40
2407:e8c0:4600::/40 maxlen: 40
2407:e8c0:4700::/40 maxlen: 40
2407:e8c0:4800::/40 maxlen: 40
2407:e8c0:4900::/40 maxlen: 40
2407:e8c0:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.crl
rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 26 Oct 2025 02:23:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1109 (0x455)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162EE1, serialNumber=6076BD0BA4DB797A72A68FEFF9BFB558C44398B2
Validity
Not Before: Oct 7 00:58:07 2025 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=68e4659f-9163
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2c:ae:35:18:12:8f:29:97:a7:1f:b8:de:d3:
c2:10:2c:44:18:ae:2b:f2:ed:c1:ee:04:2e:56:17:
bb:b1:93:4b:2b:09:7e:c1:a4:6e:3e:c4:14:7b:8b:
5f:4b:c0:72:aa:12:96:48:ce:26:dd:3d:06:4c:3d:
17:d4:c9:9e:f6:3e:fc:87:7e:31:24:59:26:86:c4:
79:89:21:29:68:46:cd:e2:51:32:e5:97:0b:e8:62:
98:87:5c:c9:89:e6:32:bf:ef:36:b7:8b:49:66:59:
fb:97:f0:8d:2b:c2:32:cc:0f:97:72:fe:76:92:65:
95:8f:e5:5b:00:c1:c9:3e:2a:d1:b6:80:51:ba:ce:
dd:29:b5:17:20:78:9a:64:18:72:73:98:db:d6:49:
77:17:7e:9a:44:18:69:4d:4c:4b:2a:4b:e9:f9:ca:
12:4c:a3:c6:a4:fd:9b:80:54:b4:e4:7a:54:6f:6c:
42:51:dd:32:3c:2d:8c:00:0d:ea:56:54:21:d2:32:
32:56:e0:4e:53:2e:ca:94:ea:70:d8:5f:24:b9:79:
db:b1:82:92:ca:cd:37:5c:ce:bd:ba:f6:d0:a0:ae:
84:a5:71:f6:b9:d8:87:da:a7:8f:84:c7:14:e3:e1:
d5:dc:30:77:21:25:fc:c2:92:0a:32:ff:98:a4:3d:
ff:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:6B:B1:A6:04:FC:B7:20:34:E0:96:C5:78:87:51:9D:12:A7:2C:DF
X509v3 Authority Key Identifier:
keyid:60:76:BD:0B:A4:DB:79:7A:72:A6:8F:EF:F9:BF:B5:58:C4:43:98:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/7A5A3018369911EEA7B51070C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:e8c0:10::/48
2407:e8c0:14::-2407:e8c0:1e:ffff:ffff:ffff:ffff:ffff
2407:e8c0:4000::-2407:e8c0:49ff:ffff:ffff:ffff:ffff:ffff
2407:e8c0:6000::/40
Signature Algorithm: sha256WithRSAEncryption
a8:7f:89:4a:82:5f:f0:cc:a6:70:d7:86:30:6f:29:c3:07:fa:
09:47:27:19:24:e0:e2:3a:3b:b0:ff:bd:8e:17:82:4a:26:16:
e5:db:26:c4:c3:1b:64:d3:f5:33:cf:94:cb:a3:88:d8:66:df:
bd:8b:48:9d:53:26:e0:f2:ae:a4:1e:06:ce:10:6e:ff:22:26:
d3:c6:5a:d7:92:04:96:ed:0c:65:1f:99:0b:0c:5f:41:53:32:
87:c3:cc:d5:c6:10:5c:a3:63:d9:87:4b:54:d6:b0:09:ad:43:
b9:20:aa:f9:5a:92:ef:e3:4b:2a:75:d1:69:16:4a:e1:9b:39:
05:ed:d4:6c:50:99:48:98:03:88:5c:da:8b:b5:62:f9:45:b3:
60:55:24:27:91:14:ab:e9:44:95:0a:dd:5f:89:22:62:ef:45:
5e:88:fe:48:5e:cf:96:19:4a:dd:14:d3:c7:d4:50:56:d1:7a:
d6:5d:7c:99:5b:00:c9:b6:03:82:87:ab:a7:fd:b5:c3:b7:26:
90:b9:0d:97:47:b5:f4:07:79:c6:12:23:c7:80:2d:e7:13:d1:
bc:c7:33:8a:b9:e9:dc:c1:d9:32:d4:b7:2f:95:3a:25:fe:e2:
a6:1d:bf:56:29:a3:a7:70:6e:5e:ac:91:40:cb:ac:2f:d1:b4:
aa:93:74:cd
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgICBFUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjJFRTExMTAvBgNVBAUTKDYwNzZCRDBCQTREQjc5N0E3MkE2OEZFRkY5QkZCNTU4
QzQ0Mzk4QjIwHhcNMjUxMDA3MDA1ODA3WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGU0NjU5Zi05MTYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqyyuNRgSjymXpx+43tPCECxEGK4r8u3B7gQuVhe7sZNLKwl+waRuPsQUe4tf
S8ByqhKWSM4m3T0GTD0X1Mme9j78h34xJFkmhsR5iSEpaEbN4lEy5ZcL6GKYh1zJ
ieYyv+82t4tJZln7l/CNK8IyzA+Xcv52kmWVj+VbAMHJPirRtoBRus7dKbUXIHia
ZBhyc5jb1kl3F36aRBhpTUxLKkvp+coSTKPGpP2bgFS05HpUb2xCUd0yPC2MAA3q
VlQh0jIyVuBOUy7KlOpw2F8kuXnbsYKSys03XM69uvbQoK6EpXH2udiH2qePhMcU
4+HV3DB3ISX8wpIKMv+YpD3/6wIDAQABo4ICxjCCAsIwHQYDVR0OBBYEFHlrsaYE
/LcgNOCWxXiHUZ0SpyzfMB8GA1UdIwQYMBaAFGB2vQuk23l6cqaP7/m/tVjEQ5iy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MkVFMS83NTJENDJFODhG
RDIxMUVDOTQ4QTkzN0VDNEY5QUUwMi9ZSGE5QzZUYmVYcHlwb192LWItMVdNUkRt
TEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lIYTlDNlRiZVhweXBvX3YtYi0xV01SRG1MSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjJFRTEvNzUyRDQyRTg4RkQyMTFFQzk0OEE5MzdFQzRGOUFFMDIvN0E1QTMwMTgz
Njk5MTFFRUE3QjUxMDcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUAYIKwYBBQUHAQcBAf8E
QTA/MD0EAgACMDcDBwAkB+jAABAwEgMHAiQH6MAAFAMHACQH6MAAHjAQAwYGJAfo
wEADBgEkB+jASAMGACQH6MBgMA0GCSqGSIb3DQEBCwUAA4IBAQCof4lKgl/wzKZw
14YwbynDB/oJRycZJODiOjuw/72OF4JKJhbl2ybEwxtk0/Uzz5TLo4jYZt+9i0id
Uybg8q6kHgbOEG7/IibTxlrXkgSW7QxlH5kLDF9BUzKHw8zVxhBco2PZh0tU1rAJ
rUO5IKr5WpLv40sqddFpFkrhmzkF7dRsUJlImAOIXNqLtWL5RbNgVSQnkRSr6USV
Ct1fiSJi70VeiP5IXs+WGUrdFNPH1FBW0XrWXXyZWwDJtgOCh6un/bXDtyaQuQ2X
R7X0B3nGEiPHgC3nE9G8xzOKuencwdky1LcvlTol/uKmHb9WKaOncG5erJFAy6wv
0bSqk3TN
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:04:44 2025 by rpki-client