Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/76C6B0C8105511EC92580578C4F9AE02.roa
File: 76C6B0C8105511EC92580578C4F9AE02.roa (raw, json)
Hash identifier: LC44fJHHnQ6C1qdcTgviflJraqgw2M6qzYFpCJc1HJ8=
Subject key identifier: 7B:31:3B:83:14:90:6F:3A:65:D0:8E:1C:EB:0F:6A:F5:3E:D0:BE:F0
Certificate issuer: /CN=A91E7561/serialNumber=25BC7D4DE77BD01B3D191587696E5AFDD8CECD04
Certificate serial: 0677
Authority key identifier: 25:BC:7D:4D:E7:7B:D0:1B:3D:19:15:87:69:6E:5A:FD:D8:CE:CD:04
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/76C6B0C8105511EC92580578C4F9AE02.roa
Signing time: Wed 15 Oct 2025 06:28:30 +0000
ROA not before: Wed 15 Oct 2025 06:28:30 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 138524
IP address blocks: 27.130.248.0/24 maxlen: 24
27.130.249.0/24 maxlen: 24
27.130.252.0/24 maxlen: 24
103.170.130.0/23 maxlen: 23
180.183.0.0/24 maxlen: 24
180.183.1.0/24 maxlen: 24
180.183.2.0/24 maxlen: 24
180.183.3.0/24 maxlen: 24
180.183.4.0/24 maxlen: 24
180.183.5.0/24 maxlen: 24
180.183.6.0/24 maxlen: 24
180.183.7.0/24 maxlen: 24
180.183.8.0/24 maxlen: 24
180.183.9.0/24 maxlen: 24
180.183.10.0/24 maxlen: 24
180.183.11.0/24 maxlen: 24
180.183.12.0/24 maxlen: 24
180.183.13.0/24 maxlen: 24
180.183.14.0/24 maxlen: 24
180.183.15.0/24 maxlen: 24
183.88.0.0/17 maxlen: 17
183.89.0.0/17 maxlen: 17
2407:b1c0::/32 maxlen: 32
2407:b1c0:b00::/48 maxlen: 48
2407:b1c0:d00::/48 maxlen: 48
2407:b1c0:d10::/44 maxlen: 44
2407:b1c0:d20::/44 maxlen: 44
2407:b1c0:4d10::/44 maxlen: 44
2407:b1c0:4d20::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.crl
rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 26 Oct 2025 01:05:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1655 (0x677)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E7561, serialNumber=25BC7D4DE77BD01B3D191587696E5AFDD8CECD04
Validity
Not Before: Oct 15 06:28:30 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=68ef3f0d-01c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e8:35:89:4e:3a:e1:5e:38:56:41:68:d1:c5:
95:4b:08:2c:0b:1b:e4:a5:d1:78:6f:94:cc:86:3a:
56:5d:5f:f3:45:e9:3d:1b:63:2b:d3:d2:51:cf:c2:
cd:0b:ea:63:26:2e:c6:17:dd:08:0b:ad:53:fb:48:
ff:f2:72:5f:b1:e1:4c:fb:2b:ec:6f:11:a5:d5:a0:
1c:b4:e4:8d:fd:75:c9:8a:cf:fb:4d:f9:11:e2:b3:
59:17:34:e1:fe:71:12:63:71:47:71:a1:cc:95:73:
9b:29:23:e8:ba:a7:02:86:28:21:f8:e4:e2:08:40:
24:5c:4d:d0:60:00:f3:a6:98:72:57:23:ba:97:41:
17:71:96:9e:bd:63:64:d1:80:af:8d:ee:dc:56:36:
e5:e5:e7:b0:8c:6c:93:71:29:6d:73:10:e9:1a:6f:
dd:39:a2:cb:12:bd:db:6b:7b:59:ef:7c:98:9d:75:
e1:66:34:c3:06:c0:3c:a6:23:b1:a4:c1:a4:2a:d3:
d8:e6:84:5a:87:2a:34:13:80:fd:c2:92:ff:6a:4e:
70:7d:53:6f:0f:f2:74:11:48:67:71:c0:d6:46:e1:
73:5d:f5:4b:5d:bb:d6:c8:66:98:70:2c:ed:91:d2:
5a:ed:7b:86:5e:0a:e9:99:b8:70:59:9a:f8:cf:71:
c1:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:31:3B:83:14:90:6F:3A:65:D0:8E:1C:EB:0F:6A:F5:3E:D0:BE:F0
X509v3 Authority Key Identifier:
keyid:25:BC:7D:4D:E7:7B:D0:1B:3D:19:15:87:69:6E:5A:FD:D8:CE:CD:04
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jbx9Ted70Bs9GRWHaW5a_djOzQQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7561/A26E06E0054C11ECBDB4FE46C4F9AE02/76C6B0C8105511EC92580578C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.130.248.0/23
27.130.252.0/24
103.170.130.0/23
180.183.0.0/20
183.88.0.0/17
183.89.0.0/17
IPv6:
2407:b1c0::/32
Signature Algorithm: sha256WithRSAEncryption
6e:87:30:cd:32:ab:76:ab:cf:50:b5:bf:a9:1c:5d:d5:4b:29:
f0:eb:24:8e:98:99:b0:ad:bc:b0:2d:49:ab:8c:68:7d:db:9d:
81:fd:b1:d6:91:75:d6:c1:b3:97:bf:d5:de:a6:12:3d:c3:3a:
dd:b7:7f:8a:da:57:0e:fd:ac:ae:91:81:d5:e4:85:47:59:68:
c9:8f:d0:17:54:05:86:c9:25:e8:66:99:1c:5f:c0:88:d9:a8:
96:ab:dc:93:5c:21:ea:fe:7a:70:0c:d7:e7:a8:48:14:15:13:
88:bc:c5:79:38:9e:b5:3e:7d:51:2f:9a:3f:02:12:fb:30:72:
4e:b2:38:75:22:2d:a2:8b:be:32:ff:8e:26:40:18:f8:ba:c9:
3a:05:a5:2d:e2:56:ba:66:67:77:3e:b9:5f:ff:c4:5f:4f:c0:
23:3c:15:02:5a:f2:6c:5c:ae:67:c4:41:e2:0a:54:54:ce:07:
db:8f:44:8b:b9:cf:3f:3f:cc:cf:c2:f5:68:c3:bd:5c:8d:b1:
06:b6:a4:85:96:b9:2d:53:53:dc:e4:1c:03:41:44:33:92:91:
73:a2:01:2f:5b:be:7b:db:70:b8:b2:da:fe:0d:5f:23:cc:59:
e2:1c:91:f7:f9:f5:45:bf:de:93:35:de:17:39:1c:89:2e:f4:
3f:f6:6a:ac
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICBncwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTc1NjExMTAvBgNVBAUTKDI1QkM3RDRERTc3QkQwMUIzRDE5MTU4NzY5NkU1QUZE
RDhDRUNEMDQwHhcNMjUxMDE1MDYyODMwWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGVmM2YwZC0wMWM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvug1iU464V44VkFo0cWVSwgsCxvkpdF4b5TMhjpWXV/zRek9G2Mr09JRz8LN
C+pjJi7GF90IC61T+0j/8nJfseFM+yvsbxGl1aActOSN/XXJis/7TfkR4rNZFzTh
/nESY3FHcaHMlXObKSPouqcChigh+OTiCEAkXE3QYADzpphyVyO6l0EXcZaevWNk
0YCvje7cVjbl5eewjGyTcSltcxDpGm/dOaLLEr3ba3tZ73yYnXXhZjTDBsA8piOx
pMGkKtPY5oRahyo0E4D9wpL/ak5wfVNvD/J0EUhnccDWRuFzXfVLXbvWyGaYcCzt
kdJa7XuGXgrpmbhwWZr4z3HBCQIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFHsxO4MU
kG86ZdCOHOsPavU+0L7wMB8GA1UdIwQYMBaAFCW8fU3ne9AbPRkVh2luWv3Yzs0E
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNzU2MS9BMjZFMDZFMDA1
NEMxMUVDQkRCNEZFNDZDNEY5QUUwMi9KYng5VGVkNzBCczlHUldIYVc1YV9kak96
UVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pieDlUZWQ3MEJzOUdSV0hhVzVhX2RqT3pRUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTc1NjEvQTI2RTA2RTAwNTRDMTFFQ0JEQjRGRTQ2QzRGOUFFMDIvNzZDNkIwQzgx
MDU1MTFFQzkyNTgwNTc4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E
PTA7MCoEAgABMCQDBAEbgvgDBAAbgvwDBAFnqoIDBAS0twADBAe3WAADBAe3WQAw
DQQCAAIwBwMFACQHscAwDQYJKoZIhvcNAQELBQADggEBAG6HMM0yq3arz1C1v6kc
XdVLKfDrJI6YmbCtvLAtSauMaH3bnYH9sdaRddbBs5e/1d6mEj3DOt23f4raVw79
rK6RgdXkhUdZaMmP0BdUBYbJJehmmRxfwIjZqJar3JNcIer+enAM1+eoSBQVE4i8
xXk4nrU+fVEvmj8CEvswck6yOHUiLaKLvjL/jiZAGPi6yToFpS3iVrpmZ3c+uV//
xF9PwCM8FQJa8mxcrmfEQeIKVFTOB9uPRIu5zz8/zM/C9WjDvVyNsQa2pIWWuS1T
U9zkHANBRDOSkXOiAS9bvnvbcLiy2v4NXyPMWeIckff59UW/3pM13hc5HIku9D/2
aqw=
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:25:53 2025 by rpki-client