Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/89E1ED764CC111EE87453D77C4F9AE02.roa
File: 89E1ED764CC111EE87453D77C4F9AE02.roa (raw, json)
Hash identifier: bJICkOqPemUJF5TGuWsSKV7U9E+Ul0qCieaSTwZ43T8=
Subject key identifier: D9:C5:08:AB:A1:E6:62:25:58:52:E7:49:3B:C2:8D:46:6B:91:22:69
Certificate issuer: /CN=A91304A9/serialNumber=580553B883DEC3DDB24F688E6C2D1BFA93C263AA
Certificate serial: 0B72
Authority key identifier: 58:05:53:B8:83:DE:C3:DD:B2:4F:68:8E:6C:2D:1B:FA:93:C2:63:AA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAVTuIPew92yT2iObC0b-pPCY6o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/89E1ED764CC111EE87453D77C4F9AE02.roa
Signing time: Thu 31 Jul 2025 20:30:01 +0000
ROA not before: Thu 31 Jul 2025 20:30:01 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 3491
IP address blocks: 14.192.160.0/19 maxlen: 24
103.17.28.0/22 maxlen: 22
116.66.208.0/20 maxlen: 20
116.66.210.0/23 maxlen: 24
116.66.212.0/22 maxlen: 22
116.66.216.0/22 maxlen: 22
116.66.217.0/24 maxlen: 24
116.66.220.0/22 maxlen: 22
2400:8800::/32 maxlen: 32
2400:8800::/35 maxlen: 35
2400:8800:1::/48 maxlen: 48
2400:8800:101::/48 maxlen: 48
2400:8800:102::/48 maxlen: 48
2400:8800:301::/48 maxlen: 48
2400:8800:1000::/37 maxlen: 37
2400:8800:2000::/35 maxlen: 35
2400:8800:4000::/35 maxlen: 35
2400:8800:4081::/48 maxlen: 48
2400:8800:4201::/48 maxlen: 48
2400:8800:6000::/35 maxlen: 35
2400:8800:8000::/35 maxlen: 35
2400:8800:a000::/35 maxlen: 35
2400:8800:c000::/35 maxlen: 35
2400:8800:e000::/35 maxlen: 35
2400:8800:f804::/48 maxlen: 48
2400:8800:f805::/48 maxlen: 48
2400:8800:f806::/48 maxlen: 48
2400:8800:f807::/48 maxlen: 48
2400:8800:f80a::/48 maxlen: 48
2400:8800:f80d::/48 maxlen: 48
2400:8800:f80e::/48 maxlen: 48
2400:8800:f80f::/48 maxlen: 48
2400:8800:f810::/48 maxlen: 48
2400:8800:f811::/48 maxlen: 48
2400:8800:f81f::/48 maxlen: 48
2400:8800:f822::/48 maxlen: 48
2400:8800:fc00::/48 maxlen: 48
2400:8800:fc02::/48 maxlen: 48
2400:8800:fc03::/48 maxlen: 48
2400:8800:fc05::/48 maxlen: 48
2400:8800:fc06::/48 maxlen: 48
2400:8800:fc07::/48 maxlen: 48
2400:8800:fc0a::/48 maxlen: 48
2400:8800:fc0b::/48 maxlen: 48
2400:8800:fc0e::/48 maxlen: 48
2400:8800:fc0f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/WAVTuIPew92yT2iObC0b-pPCY6o.crl
rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/WAVTuIPew92yT2iObC0b-pPCY6o.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAVTuIPew92yT2iObC0b-pPCY6o.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2930 (0xb72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91304A9, serialNumber=580553B883DEC3DDB24F688E6C2D1BFA93C263AA
Validity
Not Before: Jul 31 20:30:01 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=688bd248-ff4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:9f:c3:82:d8:59:28:73:5a:f1:5c:f6:6b:5b:
9c:d1:c1:c7:12:8a:13:1b:ee:89:12:34:5f:ac:16:
99:6b:d9:2c:05:bd:5a:cf:64:e3:db:47:d4:f6:f3:
96:6b:3f:17:10:d3:44:ab:18:79:ba:be:50:6b:2d:
62:ac:43:fe:15:33:28:7e:7a:31:34:1e:8f:16:0f:
97:b7:f1:d3:1d:7f:a3:fe:8c:73:45:eb:37:56:59:
12:a7:bf:60:61:bc:ae:0b:87:3f:a8:3b:47:1a:ca:
08:61:ef:bd:a5:8a:b5:2b:f2:2d:a8:b3:40:82:b8:
ee:fd:e8:3b:f9:81:c6:1d:90:04:27:3a:b1:08:17:
5c:91:79:4e:63:f8:c4:ba:53:9d:ce:ab:a4:68:0a:
7e:28:30:83:97:04:ef:04:53:59:aa:ed:da:51:c7:
d9:45:94:2f:46:08:c5:5b:4d:45:0a:55:b6:c2:28:
c0:70:ba:e2:47:c6:4a:9a:ab:40:d7:a8:23:2b:26:
d7:49:99:21:03:d1:a1:ea:6e:f8:51:c1:e7:1a:fd:
cd:6c:97:92:74:2b:72:20:aa:29:ff:36:2c:09:09:
72:8e:dc:02:fe:44:19:91:be:86:a6:94:51:97:4f:
49:92:7c:2c:93:eb:ba:6b:ba:6c:70:eb:70:cd:13:
50:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:C5:08:AB:A1:E6:62:25:58:52:E7:49:3B:C2:8D:46:6B:91:22:69
X509v3 Authority Key Identifier:
keyid:58:05:53:B8:83:DE:C3:DD:B2:4F:68:8E:6C:2D:1B:FA:93:C2:63:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/WAVTuIPew92yT2iObC0b-pPCY6o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAVTuIPew92yT2iObC0b-pPCY6o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/89E1ED764CC111EE87453D77C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.160.0/19
103.17.28.0/22
116.66.208.0/20
IPv6:
2400:8800::/32
Signature Algorithm: sha256WithRSAEncryption
7f:35:c3:67:3f:c2:a2:ca:80:02:40:8b:21:5e:74:74:44:c4:
b5:11:f3:45:e6:2d:80:67:13:45:f2:9c:3a:b6:73:13:7c:f9:
2f:f7:27:cb:12:ce:a1:c4:df:b7:d6:e2:a1:85:eb:ea:03:90:
23:d6:08:4b:15:ed:cb:0e:78:0b:18:d3:77:d9:00:2f:7f:a5:
52:2e:4b:dd:8d:f4:b4:8f:fd:a8:1c:87:95:4e:a0:07:cc:5a:
94:4e:eb:ea:c5:2d:d2:8e:34:c1:9b:7a:83:d6:18:3f:85:84:
01:e1:15:ff:c7:ce:54:08:e7:f9:20:e7:79:96:87:91:c7:46:
d2:e4:e4:b1:92:5d:4c:e3:db:8e:ed:33:45:7c:d5:fa:75:37:
a7:13:33:2c:84:48:aa:70:b4:36:fe:d7:d6:69:cb:eb:7b:4e:
c7:42:76:a7:70:a0:21:3d:f3:07:fc:ed:af:c7:6c:22:20:7b:
05:f6:60:89:ef:ff:6d:ad:c8:f4:75:dc:9b:29:da:f0:b3:f8:
4f:7b:1b:ed:28:ae:fa:67:1f:da:71:1a:20:2c:16:9d:0f:b8:
ad:f0:3f:28:97:37:ae:74:c5:2d:ce:e8:8d:b8:82:38:fb:2a:
de:21:fe:8e:1f:fd:2e:27:8f:5c:be:d0:28:89:fd:83:bc:c1:
53:dd:d3:aa
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICC3IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzA0QTkxMTAvBgNVBAUTKDU4MDU1M0I4ODNERUMzRERCMjRGNjg4RTZDMkQxQkZB
OTNDMjYzQUEwHhcNMjUwNzMxMjAzMDAxWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODhiZDI0OC1mZjRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8Z/DgthZKHNa8Vz2a1uc0cHHEooTG+6JEjRfrBaZa9ksBb1az2Tj20fU9vOW
az8XENNEqxh5ur5Qay1irEP+FTMofnoxNB6PFg+Xt/HTHX+j/oxzRes3VlkSp79g
YbyuC4c/qDtHGsoIYe+9pYq1K/ItqLNAgrju/eg7+YHGHZAEJzqxCBdckXlOY/jE
ulOdzqukaAp+KDCDlwTvBFNZqu3aUcfZRZQvRgjFW01FClW2wijAcLriR8ZKmqtA
16gjKybXSZkhA9Gh6m74UcHnGv3NbJeSdCtyIKop/zYsCQlyjtwC/kQZkb6GppRR
l09Jknwsk+u6a7pscOtwzRNQgQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFNnFCKuh
5mIlWFLnSTvCjUZrkSJpMB8GA1UdIwQYMBaAFFgFU7iD3sPdsk9ojmwtG/qTwmOq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMDRBOS9BMzc0QTFCNjQ2
NzExMUVBODFBQkIyNUZDNEY5QUUwMi9XQVZUdUlQZXc5MnlUMmlPYkMwYi1wUENZ
Nm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dBVlR1SVBldzkyeVQyaU9iQzBiLXBQQ1k2by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzA0QTkvQTM3NEExQjY0NjcxMTFFQTgxQUJCMjVGQzRGOUFFMDIvODlFMUVENzY0
Q0MxMTFFRTg3NDUzRDc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAUOwKADBAJnERwDBAR0QtAwDQQCAAIwBwMFACQAiAAwDQYJ
KoZIhvcNAQELBQADggEBAH81w2c/wqLKgAJAiyFedHRExLUR80XmLYBnE0XynDq2
cxN8+S/3J8sSzqHE37fW4qGF6+oDkCPWCEsV7csOeAsY03fZAC9/pVIuS92N9LSP
/agch5VOoAfMWpRO6+rFLdKONMGbeoPWGD+FhAHhFf/HzlQI5/kg53mWh5HHRtLk
5LGSXUzj247tM0V81fp1N6cTMyyESKpwtDb+19Zpy+t7TsdCdqdwoCE98wf87a/H
bCIgewX2YInv/22tyPR13Jsp2vCz+E97G+0orvpnH9pxGiAsFp0PuK3wPyiXN650
xS3O6I24gjj7Kt4h/o4f/S4nj1y+0CiJ/YO8wVPd06o=
-----END CERTIFICATE-----
Generated at Mon Aug 11 01:48:14 2025 by rpki-client