Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/742C40C0AE0A11EF9B1A9B3FC4F9AE02.roa
File: 742C40C0AE0A11EF9B1A9B3FC4F9AE02.roa (raw, json)
Hash identifier: pfm0HzgH4Evs/W9cjN6esXs19Aeq9rrLrOxevoXRt/M=
Subject key identifier: 28:53:91:97:0B:7E:D1:2C:56:08:2D:04:E7:E9:59:9B:D7:D2:F0:64
Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Certificate serial: 06DF
Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/742C40C0AE0A11EF9B1A9B3FC4F9AE02.roa
Signing time: Mon 15 Sep 2025 10:33:59 +0000
ROA not before: Mon 15 Sep 2025 10:33:59 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 150895
IP address blocks: 157.66.48.0/23 maxlen: 23
157.66.222.0/23 maxlen: 23
157.66.224.0/23 maxlen: 23
160.22.120.0/23 maxlen: 23
160.25.72.0/23 maxlen: 23
160.30.50.0/23 maxlen: 23
160.30.136.0/23 maxlen: 23
160.191.86.0/23 maxlen: 24
160.191.214.0/23 maxlen: 23
160.250.4.0/23 maxlen: 23
160.250.128.0/23 maxlen: 23
160.250.132.0/23 maxlen: 23
160.250.180.0/23 maxlen: 24
160.250.186.0/23 maxlen: 24
161.248.4.0/23 maxlen: 23
161.248.178.0/23 maxlen: 23
161.248.238.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 27 Oct 2025 14:35:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1759 (0x6df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Validity
Not Before: Sep 15 10:33:59 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=68c7eb97-2875
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:46:ea:e3:4c:b2:0d:f9:00:33:d7:5d:d3:76:
52:ba:bf:43:f9:38:30:1e:57:d3:57:de:89:2f:8b:
02:f9:65:1e:15:1e:88:e1:c2:40:37:b7:de:78:c0:
07:15:dc:16:78:2b:b5:d0:68:5f:fd:ea:8d:4e:4c:
63:a5:42:88:ee:3c:ff:65:78:26:99:7b:5c:d1:38:
c0:0f:8e:08:cf:f9:93:34:48:9a:a9:08:54:1a:ed:
cd:30:55:b9:23:fd:0a:5c:a3:89:f2:cf:cb:6a:f1:
16:b7:c6:94:85:0f:6b:fa:0d:05:af:d2:0a:2f:74:
6a:50:0e:73:da:d1:3c:23:41:c6:dc:8c:a6:41:34:
3c:03:8d:ae:9e:24:85:3b:e8:d3:e6:90:63:f5:43:
b0:0c:2a:c6:17:4c:f7:9b:36:16:2e:99:61:4c:3a:
50:3d:1b:02:6f:77:e0:96:5e:d2:93:9a:86:ef:bd:
a1:9a:28:7a:d1:35:c1:6f:29:7b:55:87:bd:06:60:
ea:52:01:e2:e5:c1:e0:b0:70:98:17:ef:17:5f:9e:
24:b8:63:8e:9e:b6:3a:f2:1d:7d:10:d2:7f:ca:d3:
7a:a3:66:ea:17:96:2b:07:44:44:4f:27:f7:83:13:
81:20:5e:40:d8:3f:a3:22:47:98:d0:51:7c:21:09:
3f:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:53:91:97:0B:7E:D1:2C:56:08:2D:04:E7:E9:59:9B:D7:D2:F0:64
X509v3 Authority Key Identifier:
keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/742C40C0AE0A11EF9B1A9B3FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.66.48.0/23
157.66.222.0-157.66.225.255
160.22.120.0/23
160.25.72.0/23
160.30.50.0/23
160.30.136.0/23
160.191.86.0/23
160.191.214.0/23
160.250.4.0/23
160.250.128.0/23
160.250.132.0/23
160.250.180.0/23
160.250.186.0/23
161.248.4.0/23
161.248.178.0/23
161.248.238.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:dc:70:14:fe:83:bf:f1:c3:d4:ad:59:b6:d6:8e:2b:d1:94:
69:47:ad:c3:dc:fc:70:21:64:eb:31:8c:34:82:bd:8f:6d:93:
df:d7:65:56:b5:f7:34:dc:8e:79:e0:6d:dc:18:00:48:45:29:
30:aa:fe:4c:6d:97:89:3d:74:82:3f:0f:92:3c:3e:3c:ff:14:
a2:bd:80:ec:68:9f:5e:ec:a3:c8:47:d5:51:a6:e3:48:fb:8b:
ec:5a:c0:70:1b:3a:4a:2a:e4:db:b6:76:e4:6d:ef:26:9a:9d:
dc:9b:91:8f:af:4f:26:a1:ef:76:d8:2e:66:54:af:05:39:9f:
a3:27:74:45:5b:9b:01:7d:e4:0f:2e:14:7e:9a:94:d0:67:31:
e5:cc:a2:99:0e:0e:aa:ec:6f:a7:d0:d2:11:65:a8:fe:4a:02:
09:1c:ed:9c:ea:95:21:07:f6:16:15:a1:bf:84:35:bf:d0:0e:
19:19:d3:52:ca:e0:8e:66:28:ee:bd:f2:0c:12:87:81:21:58:
91:3e:47:14:3d:e0:6e:a2:67:ba:71:2d:61:10:3d:b2:86:03:
a6:97:c0:b5:cf:96:0c:44:08:25:3b:d8:a1:75:83:98:3a:0d:
35:2a:b9:53:fa:64:31:84:8a:7f:4b:98:5a:39:29:4e:84:b4:
49:47:0c:68
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgICBt8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy
ODRGODBFMTIwHhcNMjUwOTE1MTAzMzU5WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGM3ZWI5Ny0yODc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxEbq40yyDfkAM9dd03ZSur9D+TgwHlfTV96JL4sC+WUeFR6I4cJAN7feeMAH
FdwWeCu10Ghf/eqNTkxjpUKI7jz/ZXgmmXtc0TjAD44Iz/mTNEiaqQhUGu3NMFW5
I/0KXKOJ8s/LavEWt8aUhQ9r+g0Fr9IKL3RqUA5z2tE8I0HG3IymQTQ8A42uniSF
O+jT5pBj9UOwDCrGF0z3mzYWLplhTDpQPRsCb3fgll7Sk5qG772hmih60TXBbyl7
VYe9BmDqUgHi5cHgsHCYF+8XX54kuGOOnrY68h19ENJ/ytN6o2bqF5YrB0RETyf3
gxOBIF5A2D+jIkeY0FF8IQk/+wIDAQABo4IC+DCCAvQwHQYDVR0OBBYEFChTkZcL
ftEsVggtBOfpWZvX0vBkMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5
REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE
aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvNzQyQzQwQzBB
RTBBMTFFRjlCMUE5QjNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYEGCCsGAQUFBwEHAQH/
BHIwcDBuBAIAATBoAwQBnUIwMAwDBAGdQt4DBAGdQuADBAGgFngDBAGgGUgDBAGg
HjIDBAGgHogDBAGgv1YDBAGgv9YDBAGg+gQDBAGg+oADBAGg+oQDBAGg+rQDBAGg
+roDBAGh+AQDBAGh+LIDBAGh+O4wDQYJKoZIhvcNAQELBQADggEBAEvccBT+g7/x
w9StWbbWjivRlGlHrcPc/HAhZOsxjDSCvY9tk9/XZVa19zTcjnngbdwYAEhFKTCq
/kxtl4k9dII/D5I8Pjz/FKK9gOxon17so8hH1VGm40j7i+xawHAbOkoq5Nu2duRt
7yaandybkY+vTyah73bYLmZUrwU5n6MndEVbmwF95A8uFH6alNBnMeXMopkODqrs
b6fQ0hFlqP5KAgkc7ZzqlSEH9hYVob+ENb/QDhkZ01LK4I5mKO698gwSh4EhWJE+
RxQ94G6iZ7pxLWEQPbKGA6aXwLXPlgxECCU72KF1g5g6DTUquVP6ZDGEin9LmFo5
KU6EtElHDGg=
-----END CERTIFICATE-----
Generated at Mon Oct 20 17:10:49 2025 by rpki-client