Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/876FDB56D90211EFB7CAB32BC4F9AE02.roa
File: 876FDB56D90211EFB7CAB32BC4F9AE02.roa (raw, json)
Hash identifier: Zu30hOGz4zGNA6TztQtai8I+9CCN9cSuQqxo2dpMFUc=
Subject key identifier: F4:BA:EE:4B:B8:D6:95:B6:10:C4:EE:AB:E6:58:AB:A9:7A:29:ED:5C
Certificate issuer: /CN=A916BDA4/serialNumber=04E6C9249EE348DCF764DF0B9A40D3E854066444
Certificate serial: 1834
Authority key identifier: 04:E6:C9:24:9E:E3:48:DC:F7:64:DF:0B:9A:40:D3:E8:54:06:64:44
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/876FDB56D90211EFB7CAB32BC4F9AE02.roa
Signing time: Fri 17 Oct 2025 13:43:25 +0000
ROA not before: Fri 17 Oct 2025 13:43:25 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 14789
IP address blocks: 2400:cb00:41::/48 maxlen: 48
2400:cb00:60::/48 maxlen: 48
2400:cb00:161::/48 maxlen: 48
2400:cb00:179::/48 maxlen: 48
2400:cb00:230::/48 maxlen: 48
2400:cb00:258::/48 maxlen: 48
2400:cb00:292::/48 maxlen: 48
2400:cb00:303::/48 maxlen: 48
2400:cb00:439::/48 maxlen: 48
2400:cb00:477::/48 maxlen: 48
2400:cb00:480::/48 maxlen: 48
2400:cb00:526::/48 maxlen: 48
2400:cb00:529::/48 maxlen: 48
2400:cb00:566::/48 maxlen: 48
2400:cb00:610::/48 maxlen: 48
2400:cb00:611::/48 maxlen: 48
2400:cb00:614::/48 maxlen: 48
2400:cb00:616::/48 maxlen: 48
2400:cb00:621::/48 maxlen: 48
2400:cb00:638::/48 maxlen: 48
2400:cb00:651::/48 maxlen: 48
2400:cb00:661::/48 maxlen: 48
2400:cb00:685::/48 maxlen: 48
2400:cb00:695::/48 maxlen: 48
2400:cb00:710::/48 maxlen: 48
2400:cb00:750::/48 maxlen: 48
2400:cb00:770::/48 maxlen: 48
2400:cb00:771::/48 maxlen: 48
2400:cb00:776::/48 maxlen: 48
2400:cb00:902::/48 maxlen: 48
2400:cb00:909::/48 maxlen: 48
2400:cb00:934::/48 maxlen: 48
2400:cb00:946::/48 maxlen: 48
2400:cb00:1015::/48 maxlen: 48
2400:cb00:1051::/48 maxlen: 48
2400:cb00:1052::/48 maxlen: 48
2400:cb00:1059::/48 maxlen: 48
2400:cb00:1060::/48 maxlen: 48
2400:cb00:1062::/48 maxlen: 48
2400:cb00:1095::/48 maxlen: 48
2400:cb00:1096::/48 maxlen: 48
2400:cb00:1172::/48 maxlen: 48
2400:cb00:1185::/48 maxlen: 48
2400:cb00:c950::/48 maxlen: 48
2400:cb00:c951::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.crl
rsync://rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 27 Oct 2025 05:26:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6196 (0x1834)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916BDA4, serialNumber=04E6C9249EE348DCF764DF0B9A40D3E854066444
Validity
Not Before: Oct 17 13:43:25 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=68f247fc-47b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:43:ef:e0:df:11:27:f5:2e:3c:73:0a:b0:5d:
33:51:a4:f5:79:2f:55:22:66:ca:78:9b:2d:64:75:
6e:ed:77:b1:e2:09:26:84:e7:84:dc:65:bc:85:52:
6d:0a:52:17:de:5f:94:1c:d2:82:50:58:81:37:bc:
c7:52:3b:a5:6a:0c:40:f6:64:08:60:05:b4:62:42:
de:72:db:ff:cf:65:90:0d:92:f6:ca:55:ff:a6:4d:
20:25:95:c7:7c:04:58:bd:f7:6f:25:fb:f2:09:8e:
db:23:a6:26:26:dc:1e:41:a0:93:67:ee:47:3b:26:
c5:68:60:51:8d:93:bd:f7:fd:87:22:2e:6b:15:1c:
e6:bb:4c:52:e7:ac:36:9f:01:de:47:49:75:c8:b5:
10:f1:6e:87:b2:c1:86:f3:c3:bb:36:d0:71:72:f0:
6b:b1:49:8b:47:a5:ff:cd:95:70:c2:53:92:ea:44:
20:ef:3f:6a:49:74:ac:ad:94:11:fe:40:e1:e6:79:
72:f3:46:4d:56:9e:71:37:5a:c7:e8:e6:7b:93:f8:
52:fb:54:54:1d:b5:c3:60:56:a5:bb:eb:e3:18:64:
20:f6:df:e4:2f:98:ae:bd:fd:e0:14:33:5b:06:62:
4e:4f:19:22:38:ca:da:15:74:0c:e9:9d:8a:7b:d7:
63:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:BA:EE:4B:B8:D6:95:B6:10:C4:EE:AB:E6:58:AB:A9:7A:29:ED:5C
X509v3 Authority Key Identifier:
keyid:04:E6:C9:24:9E:E3:48:DC:F7:64:DF:0B:9A:40:D3:E8:54:06:64:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/876FDB56D90211EFB7CAB32BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:cb00:41::/48
2400:cb00:60::/48
2400:cb00:161::/48
2400:cb00:179::/48
2400:cb00:230::/48
2400:cb00:258::/48
2400:cb00:292::/48
2400:cb00:303::/48
2400:cb00:439::/48
2400:cb00:477::/48
2400:cb00:480::/48
2400:cb00:526::/48
2400:cb00:529::/48
2400:cb00:566::/48
2400:cb00:610::/47
2400:cb00:614::/48
2400:cb00:616::/48
2400:cb00:621::/48
2400:cb00:638::/48
2400:cb00:651::/48
2400:cb00:661::/48
2400:cb00:685::/48
2400:cb00:695::/48
2400:cb00:710::/48
2400:cb00:750::/48
2400:cb00:770::/47
2400:cb00:776::/48
2400:cb00:902::/48
2400:cb00:909::/48
2400:cb00:934::/48
2400:cb00:946::/48
2400:cb00:1015::/48
2400:cb00:1051::-2400:cb00:1052:ffff:ffff:ffff:ffff:ffff
2400:cb00:1059::/48
2400:cb00:1060::/48
2400:cb00:1062::/48
2400:cb00:1095::-2400:cb00:1096:ffff:ffff:ffff:ffff:ffff
2400:cb00:1172::/48
2400:cb00:1185::/48
2400:cb00:c950::/47
Signature Algorithm: sha256WithRSAEncryption
70:f9:d0:ba:0e:ae:a5:06:01:d0:ee:1f:37:c7:d3:03:4a:ae:
07:8d:6a:b9:71:24:83:61:bf:60:65:77:63:76:6f:08:fa:23:
60:8e:3d:68:d0:fd:f2:97:e7:77:bd:91:c6:3e:4e:6d:eb:2b:
5b:76:ed:59:74:38:6d:2d:46:a6:f0:18:97:51:f0:03:60:c8:
a3:65:13:19:e6:61:c4:02:45:89:f6:a9:ec:e0:7f:30:cb:5a:
b7:81:e0:0e:0b:27:1d:e6:b7:9f:a0:64:63:33:77:14:4c:81:
f9:74:1a:c3:ab:36:07:73:ae:7a:2f:38:04:ba:5d:b4:dd:75:
44:ec:0f:14:b1:34:01:26:b4:34:dc:42:ef:74:8c:50:9b:7c:
67:5d:61:b8:7d:95:f4:0b:2d:19:68:a9:e9:7a:15:2d:74:ab:
e8:32:be:23:2e:54:ea:5a:37:d5:ca:d8:e6:a8:ef:bd:fc:17:
79:a8:f5:5d:91:f6:f9:90:20:b4:ae:ec:e7:1b:a3:cd:65:02:
4a:89:70:f4:18:bd:3c:cf:aa:f4:49:0e:08:59:23:2f:d7:4f:
2b:d2:48:c9:bb:80:7f:e4:2d:a2:3d:fa:ca:8c:0d:12:3b:3a:
a6:e5:ff:ed:86:47:88:53:c4:a0:d4:77:85:a8:7d:f5:95:8e:
bf:48:63:ef
-----BEGIN CERTIFICATE-----
MIIG8zCCBdugAwIBAgICGDQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkJEQTQxMTAvBgNVBAUTKDA0RTZDOTI0OUVFMzQ4RENGNzY0REYwQjlBNDBEM0U4
NTQwNjY0NDQwHhcNMjUxMDE3MTM0MzI1WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGYyNDdmYy00N2I2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwkPv4N8RJ/UuPHMKsF0zUaT1eS9VImbKeJstZHVu7Xex4gkmhOeE3GW8hVJt
ClIX3l+UHNKCUFiBN7zHUjulagxA9mQIYAW0YkLectv/z2WQDZL2ylX/pk0gJZXH
fARYvfdvJfvyCY7bI6YmJtweQaCTZ+5HOybFaGBRjZO99/2HIi5rFRzmu0xS56w2
nwHeR0l1yLUQ8W6HssGG88O7NtBxcvBrsUmLR6X/zZVwwlOS6kQg7z9qSXSsrZQR
/kDh5nly80ZNVp5xN1rH6OZ7k/hS+1RUHbXDYFalu+vjGGQg9t/kL5iuvf3gFDNb
BmJOTxkiOMraFXQM6Z2Ke9djLwIDAQABo4IEFzCCBBMwHQYDVR0OBBYEFPS67ku4
1pW2EMTuq+ZYq6l6Ke1cMB8GA1UdIwQYMBaAFATmySSe40jc92TfC5pA0+hUBmRE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QkRBNC8xRUM3MDJCQ0Yx
QTcxMUU4OTBGMDY2NTBDNEY5QUUwMi9CT2JKSko3alNOejNaTjhMbWtEVDZGUUda
RVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0JPYkpKSjdqU056M1pOOExta0RUNkZRR1pFUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkJEQTQvMUVDNzAyQkNGMUE3MTFFODkwRjA2NjUwQzRGOUFFMDIvODc2RkRCNTZE
OTAyMTFFRkI3Q0FCMzJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggGfBggrBgEFBQcBBwEB
/wSCAY4wggGKMIIBhgQCAAIwggF+AwcAJADLAABBAwcAJADLAABgAwcAJADLAAFh
AwcAJADLAAF5AwcAJADLAAIwAwcAJADLAAJYAwcAJADLAAKSAwcAJADLAAMDAwcA
JADLAAQ5AwcAJADLAAR3AwcAJADLAASAAwcAJADLAAUmAwcAJADLAAUpAwcAJADL
AAVmAwcBJADLAAYQAwcAJADLAAYUAwcAJADLAAYWAwcAJADLAAYhAwcAJADLAAY4
AwcAJADLAAZRAwcAJADLAAZhAwcAJADLAAaFAwcAJADLAAaVAwcAJADLAAcQAwcA
JADLAAdQAwcBJADLAAdwAwcAJADLAAd2AwcAJADLAAkCAwcAJADLAAkJAwcAJADL
AAk0AwcAJADLAAlGAwcAJADLABAVMBIDBwAkAMsAEFEDBwAkAMsAEFIDBwAkAMsA
EFkDBwAkAMsAEGADBwAkAMsAEGIwEgMHACQAywAQlQMHACQAywAQlgMHACQAywAR
cgMHACQAywARhQMHASQAywDJUDANBgkqhkiG9w0BAQsFAAOCAQEAcPnQug6upQYB
0O4fN8fTA0quB41quXEkg2G/YGV3Y3ZvCPojYI49aND98pfnd72Rxj5ObesrW3bt
WXQ4bS1GpvAYl1HwA2DIo2UTGeZhxAJFifap7OB/MMtat4HgDgsnHea3n6BkYzN3
FEyB+XQaw6s2B3Ouei84BLpdtN11ROwPFLE0ASa0NNxC73SMUJt8Z11huH2V9Ast
GWip6XoVLXSr6DK+Iy5U6lo31crY5qjvvfwXeaj1XZH2+ZAgtK7s5xujzWUCSolw
9Bi9PM+q9EkOCFkjL9dPK9JIybuAf+Qtoj36yowNEjs6puX/7YZHiFPEoNR3hah9
9ZWOv0hj7w==
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:41:28 2025 by rpki-client