Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918DB4E/77E7F9A00CE511EAA20DDD82C4F9AE02/CF3CF4A2DECD11EFA34A7C66C4F9AE02.roa
File: CF3CF4A2DECD11EFA34A7C66C4F9AE02.roa (raw, json)
Hash identifier: F380vpOPofocBjRftATvo9zddeY6Bmha6wqzogd2g+4=
Subject key identifier: 42:54:6F:F0:D0:EC:DA:46:72:24:5F:64:2B:1E:8C:8E:33:7C:1E:D3
Certificate issuer: /CN=A918DB4E/serialNumber=42758DE0CC0CF62C2AEEE93E0EEE67903A502CCC
Certificate serial: 0C9F
Authority key identifier: 42:75:8D:E0:CC:0C:F6:2C:2A:EE:E9:3E:0E:EE:67:90:3A:50:2C:CC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QnWN4MwM9iwq7uk-Du5nkDpQLMw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918DB4E/77E7F9A00CE511EAA20DDD82C4F9AE02/CF3CF4A2DECD11EFA34A7C66C4F9AE02.roa
Signing time: Thu 28 Aug 2025 19:09:51 +0000
ROA not before: Thu 28 Aug 2025 19:09:51 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 137883
IP address blocks: 2402:f840::/32 maxlen: 32
2402:f840::/48 maxlen: 48
2402:f840:1::/48 maxlen: 48
2402:f840:2::/48 maxlen: 48
2402:f840:3::/48 maxlen: 48
2402:f840:4::/48 maxlen: 48
2402:f840:5::/48 maxlen: 48
2402:f840:6::/48 maxlen: 48
2402:f840:7::/48 maxlen: 48
2402:f840:8::/48 maxlen: 48
2402:f840:9::/48 maxlen: 48
2402:f840:a::/48 maxlen: 48
2402:f840:b::/48 maxlen: 48
2402:f840:c::/48 maxlen: 48
2402:f840:d::/48 maxlen: 48
2402:f840:e::/48 maxlen: 48
2402:f840:f::/48 maxlen: 48
2402:f840:10::/48 maxlen: 48
2402:f840:11::/48 maxlen: 48
2402:f840:12::/48 maxlen: 48
2402:f840:13::/48 maxlen: 48
2402:f840:14::/48 maxlen: 48
2402:f840:15::/48 maxlen: 48
2402:f840:16::/48 maxlen: 48
2402:f840:17::/48 maxlen: 48
2402:f840:18::/48 maxlen: 48
2402:f840:19::/48 maxlen: 48
2402:f840:1a::/48 maxlen: 48
2402:f840:1b::/48 maxlen: 48
2402:f840:1c::/48 maxlen: 48
2402:f840:1d::/48 maxlen: 48
2402:f840:1e::/48 maxlen: 48
2402:f840:1f::/48 maxlen: 48
2402:f840:20::/48 maxlen: 48
2402:f840:21::/48 maxlen: 48
2402:f840:22::/48 maxlen: 48
2402:f840:23::/48 maxlen: 48
2402:f840:24::/48 maxlen: 48
2402:f840:25::/48 maxlen: 48
2402:f840:26::/48 maxlen: 48
2402:f840:27::/48 maxlen: 48
2402:f840:28::/48 maxlen: 48
2402:f840:29::/48 maxlen: 48
2402:f840:2a::/48 maxlen: 48
2402:f840:2b::/48 maxlen: 48
2402:f840:2c::/48 maxlen: 48
2402:f840:2d::/48 maxlen: 48
2402:f840:2e::/48 maxlen: 48
2402:f840:2f::/48 maxlen: 48
2402:f840:30::/48 maxlen: 48
2402:f840:31::/48 maxlen: 48
2402:f840:32::/48 maxlen: 48
2402:f840:33::/48 maxlen: 48
2402:f840:34::/48 maxlen: 48
2402:f840:35::/48 maxlen: 48
2402:f840:36::/48 maxlen: 48
2402:f840:37::/48 maxlen: 48
2402:f840:38::/48 maxlen: 48
2402:f840:39::/48 maxlen: 48
2402:f840:3a::/48 maxlen: 48
2402:f840:3b::/48 maxlen: 48
2402:f840:3c::/48 maxlen: 48
2402:f840:3d::/48 maxlen: 48
2402:f840:3e::/48 maxlen: 48
2402:f840:3f::/48 maxlen: 48
2402:f840:40::/48 maxlen: 48
2402:f840:41::/48 maxlen: 48
2402:f840:42::/48 maxlen: 48
2402:f840:43::/48 maxlen: 48
2402:f840:44::/48 maxlen: 48
2402:f840:45::/48 maxlen: 48
2402:f840:46::/48 maxlen: 48
2402:f840:47::/48 maxlen: 48
2402:f840:48::/48 maxlen: 48
2402:f840:49::/48 maxlen: 48
2402:f840:4a::/48 maxlen: 48
2402:f840:4b::/48 maxlen: 48
2402:f840:4c::/48 maxlen: 48
2402:f840:4d::/48 maxlen: 48
2402:f840:4e::/48 maxlen: 48
2402:f840:4f::/48 maxlen: 48
2402:f840:50::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918DB4E/77E7F9A00CE511EAA20DDD82C4F9AE02/QnWN4MwM9iwq7uk-Du5nkDpQLMw.crl
rsync://rpki.apnic.net/member_repository/A918DB4E/77E7F9A00CE511EAA20DDD82C4F9AE02/QnWN4MwM9iwq7uk-Du5nkDpQLMw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QnWN4MwM9iwq7uk-Du5nkDpQLMw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Oct 2025 19:19:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3231 (0xc9f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918DB4E, serialNumber=42758DE0CC0CF62C2AEEE93E0EEE67903A502CCC
Validity
Not Before: Aug 28 19:09:51 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=68b0a97e-8502
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:83:9e:9e:f7:59:a1:1a:42:e6:6f:d2:13:ce:
0d:17:98:02:e2:50:61:36:a7:83:34:b6:1b:f2:ee:
8a:73:97:f1:05:b5:68:95:12:36:c6:52:40:67:e2:
df:ee:66:94:b5:cd:9b:c9:90:83:aa:43:4d:af:0e:
33:38:d5:ae:4d:9b:77:43:a6:eb:97:39:48:aa:af:
36:20:ca:95:41:88:1d:3b:4d:00:c9:9b:a7:fd:ff:
09:ac:09:ac:23:b4:ba:11:64:85:d9:4e:85:7e:6f:
45:1d:aa:92:f7:1a:5f:40:e6:af:fa:3d:96:38:38:
5d:03:8b:24:e4:11:9a:92:3b:8a:eb:58:8f:da:0a:
2b:e9:a0:ec:24:23:46:55:c8:50:76:b7:a5:5a:77:
c6:a7:81:a6:ef:e4:dd:34:f7:db:74:35:e1:ce:f6:
d0:c9:75:0b:35:a4:bb:90:fd:f3:0e:8d:de:81:b2:
50:d5:be:d7:1e:94:2e:b2:dd:33:15:5f:5b:f3:36:
cd:74:79:79:17:45:e1:52:c6:14:a7:81:b8:2a:a9:
8f:3d:9d:58:bf:5c:73:d8:f5:13:5a:e6:90:70:c2:
8f:96:bf:8f:40:d9:43:69:aa:c0:9b:15:c6:6e:3a:
8c:34:2a:a7:03:29:90:e5:20:d7:1f:c5:cd:3a:41:
fc:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:54:6F:F0:D0:EC:DA:46:72:24:5F:64:2B:1E:8C:8E:33:7C:1E:D3
X509v3 Authority Key Identifier:
keyid:42:75:8D:E0:CC:0C:F6:2C:2A:EE:E9:3E:0E:EE:67:90:3A:50:2C:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918DB4E/77E7F9A00CE511EAA20DDD82C4F9AE02/QnWN4MwM9iwq7uk-Du5nkDpQLMw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QnWN4MwM9iwq7uk-Du5nkDpQLMw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918DB4E/77E7F9A00CE511EAA20DDD82C4F9AE02/CF3CF4A2DECD11EFA34A7C66C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:f840::/32
Signature Algorithm: sha256WithRSAEncryption
7d:2a:47:1f:98:b1:37:69:81:67:ba:f3:96:68:6c:27:5a:66:
82:d4:f2:b3:13:f7:9e:34:3c:8e:ac:d8:f8:22:ec:b5:eb:3b:
e4:fe:97:03:3d:f3:93:ae:1b:c2:46:fd:ba:3f:d3:99:30:62:
8d:e7:9b:75:31:a9:34:83:82:9d:ed:62:ae:ca:56:cb:3e:49:
9d:f9:2c:14:9e:1a:2b:51:53:cc:a2:d5:55:d5:5f:3d:e4:a3:
80:00:db:fb:8c:c1:1c:77:d2:48:c0:e9:14:79:73:3e:0a:9d:
41:d1:9e:99:eb:1c:24:1a:39:26:93:6b:06:15:39:d8:38:85:
24:ea:49:b2:b2:4e:b7:4d:5e:59:30:ab:b7:e9:c4:61:9a:6b:
75:d7:88:32:46:0b:3e:4c:1b:32:70:ce:1f:8e:fd:45:09:74:
cc:a6:a2:53:ec:66:04:ea:e5:30:3e:54:88:eb:93:3d:25:2d:
83:d3:3a:b0:42:af:f1:80:9e:3d:82:72:67:ce:6d:f2:5b:e3:
6f:c5:6e:54:ae:cb:02:98:e3:93:53:3b:fa:1e:26:d7:0b:d4:
03:67:3e:53:b4:41:96:07:d1:9a:6c:cb:a2:44:a0:22:28:3c:
d8:92:a4:5c:f8:db:87:e5:32:bc:3f:4c:a5:65:b2:63:0d:6c:
aa:63:7c:09
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICDJ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OERCNEUxMTAvBgNVBAUTKDQyNzU4REUwQ0MwQ0Y2MkMyQUVFRTkzRTBFRUU2Nzkw
M0E1MDJDQ0MwHhcNMjUwODI4MTkwOTUxWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGIwYTk3ZS04NTAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo4OenvdZoRpC5m/SE84NF5gC4lBhNqeDNLYb8u6Kc5fxBbVolRI2xlJAZ+Lf
7maUtc2byZCDqkNNrw4zONWuTZt3Q6brlzlIqq82IMqVQYgdO00AyZun/f8JrAms
I7S6EWSF2U6Ffm9FHaqS9xpfQOav+j2WODhdA4sk5BGakjuK61iP2gor6aDsJCNG
VchQdrelWnfGp4Gm7+TdNPfbdDXhzvbQyXULNaS7kP3zDo3egbJQ1b7XHpQust0z
FV9b8zbNdHl5F0XhUsYUp4G4KqmPPZ1Yv1xz2PUTWuaQcMKPlr+PQNlDaarAmxXG
bjqMNCqnAymQ5SDXH8XNOkH8swIDAQABo4ICljCCApIwHQYDVR0OBBYEFEJUb/DQ
7NpGciRfZCsejI4zfB7TMB8GA1UdIwQYMBaAFEJ1jeDMDPYsKu7pPg7uZ5A6UCzM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4REI0RS83N0U3RjlBMDBD
RTUxMUVBQTIwREREODJDNEY5QUUwMi9RbldONE13TTlpd3E3dWstRHU1bmtEcFFM
TXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FuV040TXdNOWl3cTd1ay1EdTVua0RwUUxNdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OERCNEUvNzdFN0Y5QTAwQ0U1MTFFQUEyMERERDgyQzRGOUFFMDIvQ0YzQ0Y0QTJE
RUNEMTFFRkEzNEE3QzY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAvhAMA0GCSqGSIb3DQEBCwUAA4IBAQB9KkcfmLE3aYFn
uvOWaGwnWmaC1PKzE/eeNDyOrNj4Iuy16zvk/pcDPfOTrhvCRv26P9OZMGKN55t1
Mak0g4Kd7WKuylbLPkmd+SwUnhorUVPMotVV1V895KOAANv7jMEcd9JIwOkUeXM+
Cp1B0Z6Z6xwkGjkmk2sGFTnYOIUk6kmysk63TV5ZMKu36cRhmmt114gyRgs+TBsy
cM4fjv1FCXTMpqJT7GYE6uUwPlSI65M9JS2D0zqwQq/xgJ49gnJnzm3yW+NvxW5U
rssCmOOTUzv6HibXC9QDZz5TtEGWB9GabMuiRKAiKDzYkqRc+NuH5TK8P0ylZbJj
DWyqY3wJ
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:46:34 2025 by rpki-client