Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/485D694A454911EEB8718378C4F9AE02.roa
File: 485D694A454911EEB8718378C4F9AE02.roa (raw, json)
Hash identifier: Y8iJThI3UQs6h5LHq/2D1bpcHDn8+qLI7yAh/AJOyS8=
Subject key identifier: 4D:34:A0:B1:E9:A5:45:E5:93:4A:A9:A1:D2:F8:26:E8:0D:3D:B9:CD
Certificate issuer: /CN=A9125C22/serialNumber=C70B4E047CAA737724B89D584DB5C0C1A858D28E
Certificate serial: 06FD
Authority key identifier: C7:0B:4E:04:7C:AA:73:77:24:B8:9D:58:4D:B5:C0:C1:A8:58:D2:8E
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xwtOBHyqc3ckuJ1YTbXAwahY0o4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/485D694A454911EEB8718378C4F9AE02.roa
Signing time: Sun 01 Mar 2026 12:31:40 +0000
ROA not before: Fri 24 Oct 2025 23:41:25 +0000
ROA not after: Sun 31 Jan 2027 00:00:00 +0000
asID: 133771
IP address blocks: 207.174.176.0/20 maxlen: 20
207.174.176.0/22 maxlen: 22
207.174.176.0/24 maxlen: 24
207.174.177.0/24 maxlen: 24
207.174.178.0/24 maxlen: 24
207.174.179.0/24 maxlen: 24
207.174.180.0/22 maxlen: 22
207.174.180.0/24 maxlen: 24
207.174.181.0/24 maxlen: 24
207.174.182.0/24 maxlen: 24
207.174.183.0/24 maxlen: 24
207.174.184.0/22 maxlen: 22
207.174.184.0/24 maxlen: 24
207.174.185.0/24 maxlen: 24
207.174.186.0/24 maxlen: 24
207.174.187.0/24 maxlen: 24
207.174.188.0/22 maxlen: 22
207.174.188.0/24 maxlen: 24
207.174.189.0/24 maxlen: 24
207.174.190.0/24 maxlen: 24
207.174.191.0/24 maxlen: 24
216.108.240.0/20 maxlen: 20
216.108.240.0/22 maxlen: 24
216.108.244.0/22 maxlen: 22
216.108.244.0/24 maxlen: 24
216.108.245.0/24 maxlen: 24
216.108.246.0/24 maxlen: 24
216.108.247.0/24 maxlen: 24
216.108.248.0/22 maxlen: 22
216.108.248.0/24 maxlen: 24
216.108.249.0/24 maxlen: 24
216.108.250.0/24 maxlen: 24
216.108.251.0/24 maxlen: 24
216.108.252.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.crl
rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xwtOBHyqc3ckuJ1YTbXAwahY0o4.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 23:40:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1789 (0x6fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9125C22, serialNumber=C70B4E047CAA737724B89D584DB5C0C1A858D28E
Validity
Not Before: Oct 24 23:41:25 2025 GMT
Not After : Jan 31 00:00:00 2027 GMT
Subject: CN=69a431ac-eec5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:06:e6:2c:27:05:a2:87:e1:42:ae:a2:be:54:
4d:fd:1d:c5:ba:52:e0:3a:e7:12:c2:4c:c1:d9:a6:
23:b9:2b:5f:8f:b6:a1:cf:f3:72:ed:f6:2d:09:ea:
3e:69:ef:dd:24:17:ac:87:24:7b:eb:52:a7:e8:41:
bb:51:bf:86:fc:a6:ff:e5:60:6f:66:d0:0c:6a:a6:
86:d6:f3:d3:74:ef:ab:8d:97:92:5b:59:9f:21:8b:
0b:a9:9d:19:8d:51:fc:44:80:ca:98:b8:50:3c:5d:
8b:c0:de:dd:9c:04:2b:57:4a:ae:f9:dd:5e:f2:1c:
18:93:ab:94:93:a9:ba:38:65:54:99:24:9e:8a:48:
11:96:be:0e:61:2d:59:78:1c:e4:30:60:8f:9f:cd:
65:ec:06:73:d2:3a:be:05:64:eb:b9:ed:68:29:2d:
30:03:4d:d8:50:dd:eb:80:af:d2:52:e0:fe:92:ec:
cb:64:e2:c8:a1:17:33:52:90:5c:17:39:a9:ee:2c:
38:44:4f:e5:60:21:19:60:2a:82:0b:ca:ad:b2:d9:
50:09:43:2f:29:38:d4:98:2f:6a:ac:eb:5c:62:8e:
46:70:37:1d:b7:f3:95:20:a8:88:6c:f9:d8:bc:2d:
2d:73:7d:fb:b0:8a:9f:e6:cb:9f:1a:37:fb:c1:6f:
b9:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:34:A0:B1:E9:A5:45:E5:93:4A:A9:A1:D2:F8:26:E8:0D:3D:B9:CD
X509v3 Authority Key Identifier:
keyid:C7:0B:4E:04:7C:AA:73:77:24:B8:9D:58:4D:B5:C0:C1:A8:58:D2:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xwtOBHyqc3ckuJ1YTbXAwahY0o4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/485D694A454911EEB8718378C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
207.174.176.0/20
216.108.240.0/20
Signature Algorithm: sha256WithRSAEncryption
77:30:c1:c2:ab:ff:45:74:13:be:dd:c1:56:21:d4:0c:87:d0:
a3:5a:a6:e1:4c:4c:da:40:81:f0:4b:f2:13:89:a2:b1:9c:4f:
41:7d:80:c6:9e:10:7c:f5:e3:90:3a:bc:d5:26:91:ff:92:25:
52:85:65:7b:18:a0:8a:76:e5:66:31:d6:e2:49:f5:1c:d9:2d:
42:1c:92:af:55:d6:05:bf:f8:83:99:7f:85:58:50:5f:6a:da:
f7:a5:32:6f:35:55:b6:60:5d:52:83:c3:90:80:2a:8e:ba:a0:
9a:47:0c:d0:9b:f2:6d:3c:9c:23:8b:d1:bd:c5:44:12:be:f0:
d1:a7:8b:1f:c1:94:a3:0f:a3:e4:59:e2:cd:e6:a9:d7:67:7e:
79:8d:df:00:00:35:66:05:13:ec:12:fd:ec:46:63:f8:3a:8f:
02:4e:f7:63:74:4c:bb:67:e9:89:26:e9:65:c6:ab:a6:fa:d3:
e6:42:f6:91:33:15:18:32:ce:8a:1f:03:23:a8:2d:c7:1b:8f:
a3:39:83:a9:7f:1d:57:4e:19:be:ff:9d:a9:5e:63:b1:df:83:
4c:19:82:73:2a:59:d4:f5:79:33:72:dd:b9:6b:a0:c8:c3:36:
02:54:d3:f3:0e:d4:3a:7f:54:39:15:9e:66:b6:4d:2f:9b:23:
00:89:08:18
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgICBv0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjVDMjIxMTAvBgNVBAUTKEM3MEI0RTA0N0NBQTczNzcyNEI4OUQ1ODREQjVDMEMx
QTg1OEQyOEUwHhcNMjUxMDI0MjM0MTI1WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0MzFhYy1lZWM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1wbmLCcFoofhQq6ivlRN/R3FulLgOucSwkzB2aYjuStfj7ahz/Ny7fYtCeo+
ae/dJBeshyR761Kn6EG7Ub+G/Kb/5WBvZtAMaqaG1vPTdO+rjZeSW1mfIYsLqZ0Z
jVH8RIDKmLhQPF2LwN7dnAQrV0qu+d1e8hwYk6uUk6m6OGVUmSSeikgRlr4OYS1Z
eBzkMGCPn81l7AZz0jq+BWTrue1oKS0wA03YUN3rgK/SUuD+kuzLZOLIoRczUpBc
Fzmp7iw4RE/lYCEZYCqCC8qtstlQCUMvKTjUmC9qrOtcYo5GcDcdt/OVIKiIbPnY
vC0tc337sIqf5sufGjf7wW+5HwIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFE00oLHp
pUXlk0qpodL4JugNPbnNMB8GA1UdIwQYMBaAFMcLTgR8qnN3JLidWE21wMGoWNKO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNUMyMi9GQUNDQkM1QzdG
QUQxMUVCOTc3QjUzMzVDNEY5QUUwMi94d3RPQkh5cWMzY2t1SjFZVGJYQXdhaFkw
bzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3h3dE9CSHlxYzNja3VKMVlUYlhBd2FoWTBvNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjVDMjIvRkFDQ0JDNUM3RkFEMTFFQjk3N0I1MzM1QzRGOUFFMDIvNDg1RDY5NEE0
NTQ5MTFFRUI4NzE4Mzc4QzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS
BAIAATAMAwQEz66wAwQE2GzwMA0GCSqGSIb3DQEBCwUAA4IBAQB3MMHCq/9FdBO+
3cFWIdQMh9CjWqbhTEzaQIHwS/ITiaKxnE9BfYDGnhB89eOQOrzVJpH/kiVShWV7
GKCKduVmMdbiSfUc2S1CHJKvVdYFv/iDmX+FWFBfatr3pTJvNVW2YF1Sg8OQgCqO
uqCaRwzQm/JtPJwji9G9xUQSvvDRp4sfwZSjD6PkWeLN5qnXZ355jd8AADVmBRPs
Ev3sRmP4Oo8CTvdjdEy7Z+mJJullxqum+tPmQvaRMxUYMs6KHwMjqC3HG4+jOYOp
fx1XThm+/52pXmOx34NMGYJzKlnU9Xkzct25a6DIwzYCVNPzDtQ6f1Q5FZ5mtk0v
myMAiQgY
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:38:10 2026 by rpki-client