Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/B10F5E8E557511EF9F54A83AC4F9AE02.roa
File: B10F5E8E557511EF9F54A83AC4F9AE02.roa (raw, json)
Hash identifier: u6KQbI+X2kvsYcWUhG8FNH70MlFtuMcbTjdiQYbXzcM=
Subject key identifier: 0C:9E:65:C8:78:08:5A:60:98:0D:00:AE:A5:15:E4:41:A8:F6:DE:F3
Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Certificate serial: 06D4
Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/B10F5E8E557511EF9F54A83AC4F9AE02.roa
Signing time: Wed 10 Sep 2025 02:23:53 +0000
ROA not before: Wed 10 Sep 2025 02:23:53 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 135918
IP address blocks: 157.10.198.0/23 maxlen: 23
157.66.80.0/24 maxlen: 24
157.66.81.0/24 maxlen: 24
157.66.100.0/23 maxlen: 23
157.66.218.0/23 maxlen: 23
160.22.122.0/23 maxlen: 23
160.25.232.0/23 maxlen: 23
160.30.44.0/23 maxlen: 23
160.30.112.0/23 maxlen: 23
160.191.48.0/23 maxlen: 23
160.191.50.0/23 maxlen: 23
160.191.236.0/23 maxlen: 23
160.250.130.0/23 maxlen: 23
160.250.134.0/23 maxlen: 23
160.250.136.0/23 maxlen: 23
160.250.246.0/23 maxlen: 23
161.248.146.0/23 maxlen: 23
165.101.92.0/23 maxlen: 23
165.101.252.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 27 Oct 2025 14:35:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1748 (0x6d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Validity
Not Before: Sep 10 02:23:53 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=68c0e139-13d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:74:3e:95:af:74:cf:ba:59:92:55:f4:dc:17:
8a:02:3f:92:09:4c:b4:38:a5:33:85:bd:6b:62:95:
bf:f2:72:cd:a6:1b:16:66:a7:6e:35:76:88:72:43:
3c:5e:82:34:97:cd:47:51:f9:72:68:62:e3:c4:dd:
7a:3a:e0:93:b8:9b:3c:ab:da:2d:3d:ff:2d:48:62:
c3:6f:f3:63:98:65:4d:58:ff:08:9c:f2:b6:43:a5:
d7:6e:7e:aa:f2:50:4d:6a:0f:37:ce:f3:e1:ca:f8:
3c:57:d9:57:38:4d:b0:b4:58:58:ed:bd:2d:99:f7:
14:e1:ae:91:bf:da:5e:7e:c1:33:a3:67:ce:73:c8:
2a:98:2c:c4:b0:95:6a:20:4b:1a:43:b7:9e:17:72:
5c:26:06:bd:8b:c7:ad:0e:a6:73:76:ea:e3:de:fa:
e9:86:78:f0:5f:e1:4d:a3:88:b8:1e:1e:ad:ec:a1:
28:80:59:68:e5:18:a6:80:ed:65:ee:7e:87:5b:ad:
82:c9:ad:9c:c6:cb:21:66:e4:97:35:ae:59:f6:ae:
7c:76:10:a7:15:35:94:48:ec:a0:80:52:30:66:c2:
7a:63:0a:42:30:64:fe:f3:67:39:b3:23:cc:92:a7:
a4:d6:01:9f:ac:5f:33:0c:5d:40:9a:43:29:cf:1b:
07:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:9E:65:C8:78:08:5A:60:98:0D:00:AE:A5:15:E4:41:A8:F6:DE:F3
X509v3 Authority Key Identifier:
keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/B10F5E8E557511EF9F54A83AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.198.0/23
157.66.80.0/23
157.66.100.0/23
157.66.218.0/23
160.22.122.0/23
160.25.232.0/23
160.30.44.0/23
160.30.112.0/23
160.191.48.0/22
160.191.236.0/23
160.250.130.0/23
160.250.134.0-160.250.137.255
160.250.246.0/23
161.248.146.0/23
165.101.92.0/23
165.101.252.0/23
Signature Algorithm: sha256WithRSAEncryption
55:e3:88:be:29:5a:a9:30:5b:a4:80:45:54:42:42:26:2f:65:
3d:0c:d1:d8:2c:9f:c5:a8:cd:f1:7a:57:07:fd:fa:31:2b:a3:
7f:71:e8:1d:a1:79:5d:f7:aa:fa:17:c4:1a:62:a5:01:fa:06:
50:1b:4c:29:ff:ef:cd:78:f0:1b:8e:cc:72:38:0a:0a:9f:a3:
3f:bc:7b:06:99:20:6e:50:61:5e:9f:f4:4a:bc:4d:e5:f0:b7:
d3:3d:c0:8f:3a:dd:1e:38:e5:01:dd:86:6f:eb:e8:52:f9:1c:
8f:ce:d1:d8:4b:fb:76:8c:de:4e:61:ab:03:64:77:60:84:a2:
79:d1:22:f3:ed:dc:12:8a:64:b0:91:9c:cc:b5:ca:46:2f:72:
ce:f8:55:00:df:a7:db:a0:58:57:d3:84:13:78:aa:62:cb:fe:
49:f0:21:8e:e6:3e:2e:57:92:7c:80:cc:f2:44:04:ed:db:04:
6e:66:ab:9a:9d:d1:77:21:6e:0c:67:19:21:36:d7:4c:99:0f:
cf:df:d4:04:f8:81:c9:2f:b0:e8:42:45:60:ac:60:73:4e:0a:
6b:95:da:11:9f:8f:92:be:aa:6e:8c:f2:12:5e:32:b6:46:70:
43:25:bb:59:ba:e2:28:95:30:d1:46:ce:02:d8:0f:7d:5d:e7:
0b:a6:2f:2d
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgICBtQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy
ODRGODBFMTIwHhcNMjUwOTEwMDIyMzUzWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGMwZTEzOS0xM2Q1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxHQ+la90z7pZklX03BeKAj+SCUy0OKUzhb1rYpW/8nLNphsWZqduNXaIckM8
XoI0l81HUflyaGLjxN16OuCTuJs8q9otPf8tSGLDb/NjmGVNWP8InPK2Q6XXbn6q
8lBNag83zvPhyvg8V9lXOE2wtFhY7b0tmfcU4a6Rv9pefsEzo2fOc8gqmCzEsJVq
IEsaQ7eeF3JcJga9i8etDqZzdurj3vrphnjwX+FNo4i4Hh6t7KEogFlo5RimgO1l
7n6HW62Cya2cxsshZuSXNa5Z9q58dhCnFTWUSOyggFIwZsJ6YwpCMGT+82c5syPM
kqek1gGfrF8zDF1AmkMpzxsHmwIDAQABo4IC+DCCAvQwHQYDVR0OBBYEFAyeZch4
CFpgmA0ArqUV5EGo9t7zMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5
REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE
aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvQjEwRjVFOEU1
NTc1MTFFRjlGNTRBODNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYEGCCsGAQUFBwEHAQH/
BHIwcDBuBAIAATBoAwQBnQrGAwQBnUJQAwQBnUJkAwQBnULaAwQBoBZ6AwQBoBno
AwQBoB4sAwQBoB5wAwQCoL8wAwQBoL/sAwQBoPqCMAwDBAGg+oYDBAGg+ogDBAGg
+vYDBAGh+JIDBAGlZVwDBAGlZfwwDQYJKoZIhvcNAQELBQADggEBAFXjiL4pWqkw
W6SARVRCQiYvZT0M0dgsn8WozfF6Vwf9+jEro39x6B2heV33qvoXxBpipQH6BlAb
TCn/78148BuOzHI4Cgqfoz+8ewaZIG5QYV6f9Eq8TeXwt9M9wI863R445QHdhm/r
6FL5HI/O0dhL+3aM3k5hqwNkd2CEonnRIvPt3BKKZLCRnMy1ykYvcs74VQDfp9ug
WFfThBN4qmLL/knwIY7mPi5XknyAzPJEBO3bBG5mq5qd0XchbgxnGSE210yZD8/f
1AT4gckvsOhCRWCsYHNOCmuV2hGfj5K+qm6M8hJeMrZGcEMlu1m64iiVMNFGzgLY
D31d5wumLy0=
-----END CERTIFICATE-----
Generated at Mon Oct 20 17:08:31 2025 by rpki-client