Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/AC61350A4E3C11EF9286040CC4F9AE02.roa
File: AC61350A4E3C11EF9286040CC4F9AE02.roa (raw, json)
Hash identifier: TUo7uv4rXTA0iRyimVV1a57fjFNt5Gy9xOb0XovcHoI=
Subject key identifier: 42:B2:C8:12:F6:A9:64:1D:AB:9C:CA:E1:C9:4A:5D:56:F3:B0:2B:C5
Certificate issuer: /CN=A915EBC8/serialNumber=C621848151F797BF723107F14D62C67A213A53E3
Certificate serial: 01AB
Authority key identifier: C6:21:84:81:51:F7:97:BF:72:31:07:F1:4D:62:C6:7A:21:3A:53:E3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xiGEgVH3l79yMQfxTWLGeiE6U-M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/AC61350A4E3C11EF9286040CC4F9AE02.roa
Signing time: Fri 11 Apr 2025 03:38:58 +0000
ROA not before: Fri 11 Apr 2025 03:38:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 10235
IP address blocks: 164.53.0.0/16 maxlen: 16
164.53.28.0/24 maxlen: 24
164.53.29.0/24 maxlen: 24
164.53.42.0/24 maxlen: 24
164.53.43.0/24 maxlen: 24
164.53.44.0/23 maxlen: 23
164.53.46.0/23 maxlen: 23
164.53.65.0/24 maxlen: 24
164.53.67.0/24 maxlen: 24
164.53.70.0/24 maxlen: 24
164.53.71.0/24 maxlen: 24
164.53.78.0/24 maxlen: 24
164.53.92.0/24 maxlen: 24
164.53.97.0/24 maxlen: 24
164.53.98.0/23 maxlen: 23
164.53.99.254/32 maxlen: 32
164.53.122.0/24 maxlen: 24
164.53.124.0/24 maxlen: 24
164.53.125.0/24 maxlen: 24
164.53.139.0/24 maxlen: 24
164.53.152.0/24 maxlen: 24
164.53.158.0/23 maxlen: 23
164.53.160.0/23 maxlen: 23
164.53.162.0/24 maxlen: 24
164.53.164.0/23 maxlen: 23
164.53.166.0/23 maxlen: 23
164.53.168.0/23 maxlen: 23
164.53.170.0/24 maxlen: 24
164.53.171.0/24 maxlen: 24
164.53.176.16/28 maxlen: 28
164.53.182.0/23 maxlen: 23
164.53.184.0/24 maxlen: 24
164.53.185.0/24 maxlen: 24
164.53.186.0/24 maxlen: 24
164.53.187.0/24 maxlen: 24
164.53.192.0/24 maxlen: 24
164.53.192.254/32 maxlen: 32
164.53.193.0/24 maxlen: 24
164.53.195.0/24 maxlen: 24
164.53.204.0/22 maxlen: 22
164.53.214.0/23 maxlen: 23
164.53.215.254/32 maxlen: 32
164.53.216.0/24 maxlen: 24
164.53.218.0/23 maxlen: 23
164.53.220.0/23 maxlen: 23
164.53.222.0/23 maxlen: 23
164.53.224.0/22 maxlen: 22
164.53.230.0/23 maxlen: 23
164.53.232.0/24 maxlen: 24
164.53.234.0/23 maxlen: 23
164.53.238.0/24 maxlen: 24
164.53.239.0/24 maxlen: 24
164.53.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/xiGEgVH3l79yMQfxTWLGeiE6U-M.crl
rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/xiGEgVH3l79yMQfxTWLGeiE6U-M.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xiGEgVH3l79yMQfxTWLGeiE6U-M.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 02:56:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 427 (0x1ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915EBC8, serialNumber=C621848151F797BF723107F14D62C67A213A53E3
Validity
Not Before: Apr 11 03:38:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67f88ed1-598d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:97:80:e6:a0:40:ac:e2:d6:bb:79:e1:f7:32:
90:d9:63:4e:b2:1f:1b:77:25:ef:4b:70:7e:76:a7:
78:97:8b:89:98:9e:73:37:65:21:a4:56:10:7e:ac:
aa:01:6d:93:da:b2:24:da:2d:cf:e7:b6:57:a0:67:
b4:d0:3c:55:45:53:8d:26:46:f0:17:d1:83:bb:bf:
fb:55:7a:de:25:48:57:15:02:f7:97:83:45:ae:92:
af:fd:33:34:bd:ef:13:52:39:2d:e8:9a:58:0f:a4:
e0:21:be:7f:df:fc:17:18:8a:25:03:8a:29:06:59:
11:cf:e6:4c:6d:b1:27:df:87:9d:b5:00:1a:5b:f1:
9a:2b:01:d9:29:5c:04:50:0a:c5:a9:5b:95:da:c7:
ad:52:d6:ea:db:c4:9e:b5:83:39:76:c5:67:df:c6:
25:fa:b4:99:54:d8:99:e4:d4:6e:72:f4:5e:65:ca:
e1:00:c0:ba:73:5a:cf:fc:b1:b8:25:35:50:49:30:
ef:f0:84:00:ec:59:40:7c:e8:b6:02:16:cd:c6:ce:
14:a5:80:8c:ab:01:7f:e8:0b:cd:0a:54:c0:27:64:
59:44:9c:a5:76:78:38:ea:78:b2:9b:d4:af:4a:8e:
09:47:da:47:a7:82:1f:8f:ed:74:e2:81:a3:3d:9d:
44:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:B2:C8:12:F6:A9:64:1D:AB:9C:CA:E1:C9:4A:5D:56:F3:B0:2B:C5
X509v3 Authority Key Identifier:
keyid:C6:21:84:81:51:F7:97:BF:72:31:07:F1:4D:62:C6:7A:21:3A:53:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/xiGEgVH3l79yMQfxTWLGeiE6U-M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xiGEgVH3l79yMQfxTWLGeiE6U-M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/AC61350A4E3C11EF9286040CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
164.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
34:af:54:0c:dc:e7:33:cb:8f:f1:f3:3a:91:67:5d:6e:7a:06:
8d:f4:c6:dc:66:8f:6a:af:3b:76:a5:81:30:0d:05:83:51:c4:
fc:4e:c2:f6:dd:09:f4:06:6d:f3:33:11:b3:a8:ad:fe:25:18:
3a:b9:a4:64:ea:6b:46:53:f8:9a:7c:79:2f:07:05:a5:fa:c9:
ed:54:cc:8b:25:ef:04:bf:9e:f0:0c:75:18:0c:74:51:da:19:
5e:2b:ee:0a:d6:a6:c8:60:9d:56:0a:65:80:32:b3:f7:f2:03:
62:be:4f:26:58:0c:18:f2:81:69:91:2d:c7:d5:52:e2:32:67:
b5:e9:c8:17:09:19:04:fe:44:a0:8e:56:7f:99:f1:38:e6:18:
ec:f9:f4:7b:ce:af:b8:33:bd:ef:bf:34:47:6a:91:1a:b2:22:
c5:62:a0:c7:fc:65:8e:39:4e:ec:e5:b1:de:75:fd:d8:6a:39:
d3:b4:a4:04:d2:fc:d4:8d:26:ea:8d:72:50:b0:36:4d:10:c8:
08:98:38:00:d6:90:7b:7b:ed:78:d2:be:86:98:3e:3f:59:31:
c3:f2:02:3b:fb:89:3a:45:27:52:9b:50:d7:13:15:0b:80:68:
14:b1:ab:80:39:82:79:3d:dc:61:8e:44:dd:ab:fb:34:d9:09:
3b:9c:ce:45
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgICAaswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUVCQzgxMTAvBgNVBAUTKEM2MjE4NDgxNTFGNzk3QkY3MjMxMDdGMTRENjJDNjdB
MjEzQTUzRTMwHhcNMjUwNDExMDMzODU4WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Y4OGVkMS01OThkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqpeA5qBArOLWu3nh9zKQ2WNOsh8bdyXvS3B+dqd4l4uJmJ5zN2UhpFYQfqyq
AW2T2rIk2i3P57ZXoGe00DxVRVONJkbwF9GDu7/7VXreJUhXFQL3l4NFrpKv/TM0
ve8TUjkt6JpYD6TgIb5/3/wXGIolA4opBlkRz+ZMbbEn34edtQAaW/GaKwHZKVwE
UArFqVuV2setUtbq28SetYM5dsVn38Yl+rSZVNiZ5NRucvReZcrhAMC6c1rP/LG4
JTVQSTDv8IQA7FlAfOi2AhbNxs4UpYCMqwF/6AvNClTAJ2RZRJyldng46niym9Sv
So4JR9pHp4Ifj+104oGjPZ1EYQIDAQABo4IClDCCApAwHQYDVR0OBBYEFEKyyBL2
qWQdq5zK4clKXVbzsCvFMB8GA1UdIwQYMBaAFMYhhIFR95e/cjEH8U1ixnohOlPj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RUJDOC81ODk4MjBDMkVG
MDIxMUVEOEMyREQ5MUZDNEY5QUUwMi94aUdFZ1ZIM2w3OXlNUWZ4VFdMR2VpRTZV
LU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3hpR0VnVkgzbDc5eU1RZnhUV0xHZWlFNlUtTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUVCQzgvNTg5ODIwQzJFRjAyMTFFRDhDMkREOTFGQzRGOUFFMDIvQUM2MTM1MEE0
RTNDMTFFRjkyODYwNDBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E
DzANMAsEAgABMAUDAwCkNTANBgkqhkiG9w0BAQsFAAOCAQEANK9UDNznM8uP8fM6
kWddbnoGjfTG3GaPaq87dqWBMA0Fg1HE/E7C9t0J9AZt8zMRs6it/iUYOrmkZOpr
RlP4mnx5LwcFpfrJ7VTMiyXvBL+e8Ax1GAx0UdoZXivuCtamyGCdVgplgDKz9/ID
Yr5PJlgMGPKBaZEtx9VS4jJntenIFwkZBP5EoI5Wf5nxOOYY7Pn0e86vuDO97780
R2qRGrIixWKgx/xljjlO7OWx3nX92Go507SkBNL81I0m6o1yULA2TRDICJg4ANaQ
e3vteNK+hpg+P1kxw/ICO/uJOkUnUptQ1xMVC4BoFLGrgDmCeT3cYY5E3av7NNkJ
O5zORQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:24:25 2025 by rpki-client