Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919F0DA/FC61E0081D6711E28C1828A408B02CD2/8272E36003BD11EBB416B77DC4F9AE02.roa
File: 8272E36003BD11EBB416B77DC4F9AE02.roa (raw, json)
Hash identifier: hZakqVHe8O4RVi1dDA3NxvC3rtRxeZVjqvS+/bKAPhU=
Subject key identifier: 82:FC:03:EC:67:28:A6:90:9E:BF:DB:A7:2B:BA:A7:5F:40:17:B6:BC
Certificate issuer: /CN=A919F0DA/serialNumber=082F1EE92FEA6373FDA1D5AEC46E2F2D8AE8AC87
Certificate serial: 081E
Authority key identifier: 08:2F:1E:E9:2F:EA:63:73:FD:A1:D5:AE:C4:6E:2F:2D:8A:E8:AC:87
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CC8e6S_qY3P9odWuxG4vLYrorIc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919F0DA/FC61E0081D6711E28C1828A408B02CD2/8272E36003BD11EBB416B77DC4F9AE02.roa
Signing time: Thu 18 Sep 2025 08:14:33 +0000
ROA not before: Thu 18 Sep 2025 08:14:33 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 55824
IP address blocks: 164.100.81.0/24 maxlen: 24
164.100.96.0/24 maxlen: 24
164.100.125.0/24 maxlen: 24
164.100.126.0/24 maxlen: 24
164.100.130.0/24 maxlen: 24
164.100.131.0/24 maxlen: 24
164.100.132.0/24 maxlen: 24
164.100.133.0/24 maxlen: 24
164.100.134.0/24 maxlen: 24
164.100.138.0/24 maxlen: 24
164.100.142.0/24 maxlen: 24
164.100.145.0/24 maxlen: 24
164.100.146.0/24 maxlen: 24
164.100.181.0/24 maxlen: 24
164.100.189.0/24 maxlen: 24
164.100.196.0/24 maxlen: 24
164.100.201.0/24 maxlen: 24
164.100.217.0/24 maxlen: 24
164.100.222.0/24 maxlen: 24
164.100.223.0/24 maxlen: 24
164.100.224.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919F0DA/FC61E0081D6711E28C1828A408B02CD2/CC8e6S_qY3P9odWuxG4vLYrorIc.crl
rsync://rpki.apnic.net/member_repository/A919F0DA/FC61E0081D6711E28C1828A408B02CD2/CC8e6S_qY3P9odWuxG4vLYrorIc.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CC8e6S_qY3P9odWuxG4vLYrorIc.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 27 Oct 2025 14:15:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2078 (0x81e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919F0DA, serialNumber=082F1EE92FEA6373FDA1D5AEC46E2F2D8AE8AC87
Validity
Not Before: Sep 18 08:14:33 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=68cbbf68-345f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4a:74:76:25:5b:e7:af:8e:28:2c:1a:93:c4:
9d:05:1b:a1:44:9c:e5:48:b3:51:42:a4:62:2f:2f:
1b:7f:45:45:58:b1:f2:67:54:fd:4d:c0:84:4f:d6:
fb:2f:83:ba:86:b3:80:2b:14:92:53:f9:64:14:2e:
f2:88:6f:69:7b:23:95:76:41:9b:7b:77:eb:c1:24:
50:21:97:16:3f:ea:58:fd:90:b4:06:18:92:48:10:
f5:5d:87:55:9b:99:c6:fd:28:33:ee:4d:22:3c:39:
8e:96:db:ca:5e:5c:26:60:2b:a8:79:df:a2:48:fc:
1c:c7:a4:e7:8a:ec:23:01:3f:26:1b:84:7f:85:be:
be:83:51:ef:7f:a8:56:95:68:d8:22:cd:74:1a:1f:
c6:fd:4b:a8:26:a7:2f:a9:c3:f5:e7:d5:66:53:ff:
b5:b6:83:17:5f:eb:af:ee:62:87:e8:45:1c:59:16:
ce:4e:88:a9:dd:8e:d4:5d:99:ba:33:69:de:8c:82:
d5:cc:e1:8d:8b:ce:52:27:39:b0:aa:18:7b:3c:9b:
da:f3:c8:d3:bd:62:83:8c:d4:51:58:1c:84:cb:b9:
a3:35:ff:ee:06:3a:a3:ff:0a:af:57:c2:c5:0a:91:
4a:e8:54:c9:6b:a3:e3:83:95:47:ae:2e:e5:d2:62:
f7:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:FC:03:EC:67:28:A6:90:9E:BF:DB:A7:2B:BA:A7:5F:40:17:B6:BC
X509v3 Authority Key Identifier:
keyid:08:2F:1E:E9:2F:EA:63:73:FD:A1:D5:AE:C4:6E:2F:2D:8A:E8:AC:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919F0DA/FC61E0081D6711E28C1828A408B02CD2/CC8e6S_qY3P9odWuxG4vLYrorIc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CC8e6S_qY3P9odWuxG4vLYrorIc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919F0DA/FC61E0081D6711E28C1828A408B02CD2/8272E36003BD11EBB416B77DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
164.100.81.0/24
164.100.96.0/24
164.100.125.0-164.100.126.255
164.100.130.0-164.100.134.255
164.100.138.0/24
164.100.142.0/24
164.100.145.0-164.100.146.255
164.100.181.0/24
164.100.189.0/24
164.100.196.0/24
164.100.201.0/24
164.100.217.0/24
164.100.222.0-164.100.225.255
Signature Algorithm: sha256WithRSAEncryption
40:7a:bb:f6:36:2e:cc:41:13:d4:34:fa:37:8a:ea:f5:35:e3:
27:d5:80:50:a0:74:25:f7:56:da:42:5d:2e:3c:60:18:bf:dd:
2a:0f:48:4a:e7:47:f3:69:a3:d2:1c:0f:7c:a3:a0:5c:7f:60:
9f:c2:c2:98:5d:05:b4:5a:9b:d7:93:e0:36:9e:c3:cc:21:a0:
12:93:ca:ef:19:73:ff:1d:85:5e:72:28:f9:a8:99:16:80:3b:
08:20:38:a1:65:ea:ea:6f:02:a0:e0:4c:ff:0a:ac:39:84:b9:
ca:31:25:cf:32:b5:15:99:50:de:87:4c:14:1a:fb:3f:97:df:
71:c0:8c:6c:63:36:73:1c:70:73:5e:b9:57:75:70:41:c2:8a:
6a:89:94:b2:26:d7:c2:99:08:cd:6d:4e:4b:f6:ea:94:10:05:
0e:00:76:7c:f3:90:1d:12:5b:02:58:a1:82:eb:05:0c:94:3d:
02:b1:c5:f8:34:f3:9d:1f:9b:c5:a1:11:db:f5:9a:6e:c7:1f:
ca:97:64:98:34:3a:2f:ae:99:d4:fb:65:0c:ba:72:28:06:b7:
0c:19:60:cc:68:2d:33:cb:a7:c5:18:e1:a9:da:e3:ae:ff:50:
1b:c6:96:56:ac:0b:df:31:4e:0a:48:f3:ef:32:21:1e:a8:56:
63:39:af:6e
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgICCB4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUYwREExMTAvBgNVBAUTKDA4MkYxRUU5MkZFQTYzNzNGREExRDVBRUM0NkUyRjJE
OEFFOEFDODcwHhcNMjUwOTE4MDgxNDMzWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGNiYmY2OC0zNDVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt0p0diVb56+OKCwak8SdBRuhRJzlSLNRQqRiLy8bf0VFWLHyZ1T9TcCET9b7
L4O6hrOAKxSSU/lkFC7yiG9peyOVdkGbe3frwSRQIZcWP+pY/ZC0BhiSSBD1XYdV
m5nG/Sgz7k0iPDmOltvKXlwmYCuoed+iSPwcx6TniuwjAT8mG4R/hb6+g1Hvf6hW
lWjYIs10Gh/G/UuoJqcvqcP159VmU/+1toMXX+uv7mKH6EUcWRbOToip3Y7UXZm6
M2nejILVzOGNi85SJzmwqhh7PJva88jTvWKDjNRRWByEy7mjNf/uBjqj/wqvV8LF
CpFK6FTJa6Pjg5VHri7l0mL3pQIDAQABo4IC/jCCAvowHQYDVR0OBBYEFIL8A+xn
KKaQnr/bpyu6p19AF7a8MB8GA1UdIwQYMBaAFAgvHukv6mNz/aHVrsRuLy2K6KyH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RjBEQS9GQzYxRTAwODFE
NjcxMUUyOEMxODI4QTQwOEIwMkNEMi9DQzhlNlNfcVkzUDlvZFd1eEc0dkxZcm9y
SWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0NDOGU2U19xWTNQOW9kV3V4RzR2TFlyb3JJYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUYwREEvRkM2MUUwMDgxRDY3MTFFMjhDMTgyOEE0MDhCMDJDRDIvODI3MkUzNjAw
M0JEMTFFQkI0MTZCNzdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYcGCCsGAQUFBwEHAQH/
BHgwdjB0BAIAATBuAwQApGRRAwQApGRgMAwDBACkZH0DBACkZH4wDAMEAaRkggME
AKRkhgMEAKRkigMEAKRkjjAMAwQApGSRAwQApGSSAwQApGS1AwQApGS9AwQApGTE
AwQApGTJAwQApGTZMAwDBAGkZN4DBAGkZOAwDQYJKoZIhvcNAQELBQADggEBAEB6
u/Y2LsxBE9Q0+jeK6vU14yfVgFCgdCX3VtpCXS48YBi/3SoPSErnR/Npo9IcD3yj
oFx/YJ/CwphdBbRam9eT4Daew8whoBKTyu8Zc/8dhV5yKPmomRaAOwggOKFl6upv
AqDgTP8KrDmEucoxJc8ytRWZUN6HTBQa+z+X33HAjGxjNnMccHNeuVd1cEHCimqJ
lLIm18KZCM1tTkv26pQQBQ4AdnzzkB0SWwJYoYLrBQyUPQKxxfg0850fm8WhEdv1
mm7HH8qXZJg0Oi+umdT7ZQy6cigGtwwZYMxoLTPLp8UY4ana467/UBvGllasC98x
TgpI8+8yIR6oVmM5r24=
-----END CERTIFICATE-----
Generated at Tue Oct 21 00:04:11 2025 by rpki-client