Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/3A8C7518B72111EFA9A92F26C4F9AE02.roa
File: 3A8C7518B72111EFA9A92F26C4F9AE02.roa (raw, json)
Hash identifier: wy1fO8emrrb11LIF29YjzsQF2VR/akidMRTHMxAcTfI=
Subject key identifier: D0:CB:1D:EF:1C:DC:44:E7:D4:48:D5:63:96:70:D7:3D:52:1E:A9:2A
Certificate issuer: /CN=A91982EF/serialNumber=87197FD546DC31523111DD9390B1BA3F3D702656
Certificate serial: 0111
Authority key identifier: 87:19:7F:D5:46:DC:31:52:31:11:DD:93:90:B1:BA:3F:3D:70:26:56
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/3A8C7518B72111EFA9A92F26C4F9AE02.roa
Signing time: Mon 02 Mar 2026 14:10:18 +0000
ROA not before: Wed 09 Jul 2025 08:13:53 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 16509
IP address blocks: 2402:2500:10a0::/44 maxlen: 44
2402:2500:10a0::/48 maxlen: 48
2402:2500:10a1::/48 maxlen: 48
2402:2500:10a2::/48 maxlen: 48
2402:2500:10a3::/48 maxlen: 48
2402:2500:10a4::/48 maxlen: 48
2402:2500:10a5::/48 maxlen: 48
2402:2500:10a6::/48 maxlen: 48
2402:2500:10a7::/48 maxlen: 48
2402:2500:10a8::/48 maxlen: 48
2402:2500:10a9::/48 maxlen: 48
2402:2500:10aa::/48 maxlen: 48
2402:2500:10ab::/48 maxlen: 48
2402:2500:10ac::/48 maxlen: 48
2402:2500:10ad::/48 maxlen: 48
2402:2500:10ae::/48 maxlen: 48
2402:2500:10af::/48 maxlen: 48
2402:2500:20a0::/44 maxlen: 44
2402:2500:20a0::/48 maxlen: 48
2402:2500:20a1::/48 maxlen: 48
2402:2500:20a2::/48 maxlen: 48
2402:2500:20a3::/48 maxlen: 48
2402:2500:20a4::/48 maxlen: 48
2402:2500:20a5::/48 maxlen: 48
2402:2500:20a6::/48 maxlen: 48
2402:2500:20a7::/48 maxlen: 48
2402:2500:20a8::/48 maxlen: 48
2402:2500:20a9::/48 maxlen: 48
2402:2500:20aa::/48 maxlen: 48
2402:2500:20ab::/48 maxlen: 48
2402:2500:20ac::/48 maxlen: 48
2402:2500:20ad::/48 maxlen: 48
2402:2500:20ae::/48 maxlen: 48
2402:2500:20af::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.crl
rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 01 Apr 2026 19:02:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 273 (0x111)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91982EF, serialNumber=87197FD546DC31523111DD9390B1BA3F3D702656
Validity
Not Before: Jul 9 08:13:53 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=69a59a4a-7130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:43:ac:04:bf:29:91:46:c4:17:33:6f:97:fe:
d9:58:72:c8:73:5a:3b:92:0d:7a:25:cb:e3:fd:e2:
36:7a:21:ad:b4:ed:d0:6a:df:7c:5e:b5:73:7c:fb:
2e:ab:6c:60:d7:ee:60:3d:1e:c5:a8:4a:b7:91:f7:
90:63:72:64:0f:d8:f1:34:6e:6a:88:a8:fe:14:68:
b2:d1:e7:84:f7:01:cd:26:1c:bd:a3:15:fe:8e:c8:
56:40:8b:e8:ed:d6:d6:9c:3f:6a:df:01:4e:f0:e9:
5a:8b:71:e9:37:9d:5d:51:a7:7a:26:b9:0d:10:2a:
53:2a:98:41:36:8d:a7:07:9d:40:60:dd:86:16:21:
90:3a:aa:91:f3:fe:95:c2:fe:28:4e:34:9f:0f:12:
2e:6f:5d:63:1a:19:d6:46:e2:9f:a2:c6:63:ef:b3:
47:cc:72:98:4f:ce:8d:04:e1:c2:f7:43:27:37:c1:
66:c8:24:6d:6b:a1:5f:36:cd:8b:23:41:a3:29:82:
9e:54:2e:9b:e6:07:4e:96:a0:b6:46:8c:f4:21:2b:
f1:85:43:1d:13:c5:ef:15:db:c7:f4:9d:27:c6:fd:
0d:df:41:25:a2:d3:f3:80:8e:3d:de:75:87:98:e8:
98:9f:a1:44:ef:68:2a:f5:5f:55:ba:eb:be:4b:dd:
c0:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:CB:1D:EF:1C:DC:44:E7:D4:48:D5:63:96:70:D7:3D:52:1E:A9:2A
X509v3 Authority Key Identifier:
keyid:87:19:7F:D5:46:DC:31:52:31:11:DD:93:90:B1:BA:3F:3D:70:26:56
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/3A8C7518B72111EFA9A92F26C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv6:
2402:2500:10a0::/44
2402:2500:20a0::/44
Signature Algorithm: sha256WithRSAEncryption
b9:39:1a:be:eb:df:07:44:1b:f4:f0:b7:39:2a:31:21:86:2f:
dc:34:8e:37:d9:b0:f1:c4:c8:88:62:b7:34:6a:cf:a7:b2:c8:
af:7a:d9:9b:52:3b:e5:89:8b:fc:fd:bc:17:06:39:ec:bf:fc:
bc:94:90:9f:3e:43:8f:3f:6b:48:3a:92:73:de:ea:72:34:b3:
9a:f1:f8:b2:0a:84:37:e8:c8:44:31:b0:95:ef:d1:3c:c2:f7:
2a:1d:fd:64:17:91:f9:91:58:5b:a4:03:09:a2:dc:f7:b7:2d:
9d:57:12:c5:af:7d:83:37:0f:e0:e3:e7:af:0f:da:6f:81:75:
21:ca:ac:61:c7:11:12:83:7a:73:0c:e4:2d:60:d1:57:da:28:
84:73:85:08:34:9c:cb:d6:2b:8a:26:c5:6f:f5:45:cf:9e:6b:
1c:e2:16:81:30:46:18:82:86:0c:f1:95:9e:35:69:8e:26:c8:
a6:f9:93:f1:00:3b:3b:52:c4:35:75:81:4d:bd:51:a5:20:23:
80:06:c7:80:12:30:dc:66:05:79:cd:4d:b8:98:b7:98:e3:b7:
83:27:4e:f7:06:2c:fe:48:ce:9a:57:bc:ac:e5:b3:e1:79:2b:
be:c6:76:6f:e7:78:4e:db:fe:f6:11:16:32:ad:cc:66:ae:6d:
f2:28:8d:a7
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgICAREwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTgyRUYxMTAvBgNVBAUTKDg3MTk3RkQ1NDZEQzMxNTIzMTExREQ5MzkwQjFCQTNG
M0Q3MDI2NTYwHhcNMjUwNzA5MDgxMzUzWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE1OWE0YS03MTMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAskOsBL8pkUbEFzNvl/7ZWHLIc1o7kg16Jcvj/eI2eiGttO3Qat98XrVzfPsu
q2xg1+5gPR7FqEq3kfeQY3JkD9jxNG5qiKj+FGiy0eeE9wHNJhy9oxX+jshWQIvo
7dbWnD9q3wFO8Olai3HpN51dUad6JrkNECpTKphBNo2nB51AYN2GFiGQOqqR8/6V
wv4oTjSfDxIub11jGhnWRuKfosZj77NHzHKYT86NBOHC90MnN8FmyCRta6FfNs2L
I0GjKYKeVC6b5gdOlqC2Roz0ISvxhUMdE8XvFdvH9J0nxv0N30ElotPzgI493nWH
mOiYn6FE72gq9V9Vuuu+S93AjQIDAQABo4ICbDCCAmgwHQYDVR0OBBYEFNDLHe8c
3ETn1EjVY5Zw1z1SHqkqMB8GA1UdIwQYMBaAFIcZf9VG3DFSMRHdk5Cxuj89cCZW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5ODJFRi9GQzY1MEI3MkI3
MUQxMUVGODk4MkM0MENDNEY5QUUwMi9oeGxfMVViY01WSXhFZDJUa0xHNlB6MXdK
bFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h4bF8xVWJjTVZJeEVkMlRrTEc2UHoxd0psWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTgyRUYvRkM2NTBCNzJCNzFEMTFFRjg5ODJDNDBDQzRGOUFFMDIvM0E4Qzc1MThC
NzIxMTFFRkE5QTkyRjI2QzRGOUFFMDIucm9hMCsGCCsGAQUFBwEHAQH/BBwwGjAY
BAIAAjASAwcEJAIlABCgAwcEJAIlACCgMA0GCSqGSIb3DQEBCwUAA4IBAQC5ORq+
698HRBv08Lc5KjEhhi/cNI432bDxxMiIYrc0as+nssivetmbUjvliYv8/bwXBjns
v/y8lJCfPkOPP2tIOpJz3upyNLOa8fiyCoQ36MhEMbCV79E8wvcqHf1kF5H5kVhb
pAMJotz3ty2dVxLFr32DNw/g4+evD9pvgXUhyqxhxxESg3pzDOQtYNFX2iiEc4UI
NJzL1iuKJsVv9UXPnmsc4haBMEYYgoYM8ZWeNWmOJsim+ZPxADs7UsQ1dYFNvVGl
ICOABseAEjDcZgV5zU24mLeY47eDJ073Biz+SM6aV7ys5bPheSu+xnZv53hO2/72
ERYyrcxmrm3yKI2n
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:55:46 2026 by rpki-client