Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/AC61350A4E3C11EF9286040CC4F9AE02.roa
File: AC61350A4E3C11EF9286040CC4F9AE02.roa (raw, json)
Hash identifier: 1OSIVLOG9EnQGHpsmp3NJ2r9NvCbrwrcmlMc0JLlz4w=
Subject key identifier: 55:B3:41:68:B9:B9:D4:BF:51:02:A9:37:45:F0:CA:77:3A:7E:C6:A0
Certificate issuer: /CN=A915EBC8/serialNumber=C621848151F797BF723107F14D62C67A213A53E3
Certificate serial: 0257
Authority key identifier: C6:21:84:81:51:F7:97:BF:72:31:07:F1:4D:62:C6:7A:21:3A:53:E3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xiGEgVH3l79yMQfxTWLGeiE6U-M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/AC61350A4E3C11EF9286040CC4F9AE02.roa
Signing time: Sun 01 Mar 2026 15:07:11 +0000
ROA not before: Fri 11 Apr 2025 03:38:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 10235
IP address blocks: 164.53.0.0/16 maxlen: 16
164.53.28.0/24 maxlen: 24
164.53.29.0/24 maxlen: 24
164.53.42.0/24 maxlen: 24
164.53.43.0/24 maxlen: 24
164.53.44.0/23 maxlen: 23
164.53.46.0/23 maxlen: 23
164.53.65.0/24 maxlen: 24
164.53.67.0/24 maxlen: 24
164.53.70.0/24 maxlen: 24
164.53.71.0/24 maxlen: 24
164.53.78.0/24 maxlen: 24
164.53.92.0/24 maxlen: 24
164.53.97.0/24 maxlen: 24
164.53.98.0/23 maxlen: 23
164.53.99.254/32 maxlen: 32
164.53.122.0/24 maxlen: 24
164.53.124.0/24 maxlen: 24
164.53.125.0/24 maxlen: 24
164.53.139.0/24 maxlen: 24
164.53.152.0/24 maxlen: 24
164.53.158.0/23 maxlen: 23
164.53.160.0/23 maxlen: 23
164.53.162.0/24 maxlen: 24
164.53.164.0/23 maxlen: 23
164.53.166.0/23 maxlen: 23
164.53.168.0/23 maxlen: 23
164.53.170.0/24 maxlen: 24
164.53.171.0/24 maxlen: 24
164.53.176.16/28 maxlen: 28
164.53.182.0/23 maxlen: 23
164.53.184.0/24 maxlen: 24
164.53.185.0/24 maxlen: 24
164.53.186.0/24 maxlen: 24
164.53.187.0/24 maxlen: 24
164.53.192.0/24 maxlen: 24
164.53.192.254/32 maxlen: 32
164.53.193.0/24 maxlen: 24
164.53.195.0/24 maxlen: 24
164.53.204.0/22 maxlen: 22
164.53.214.0/23 maxlen: 23
164.53.215.254/32 maxlen: 32
164.53.216.0/24 maxlen: 24
164.53.218.0/23 maxlen: 23
164.53.220.0/23 maxlen: 23
164.53.222.0/23 maxlen: 23
164.53.224.0/22 maxlen: 22
164.53.230.0/23 maxlen: 23
164.53.232.0/24 maxlen: 24
164.53.234.0/23 maxlen: 23
164.53.238.0/24 maxlen: 24
164.53.239.0/24 maxlen: 24
164.53.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/xiGEgVH3l79yMQfxTWLGeiE6U-M.crl
rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/xiGEgVH3l79yMQfxTWLGeiE6U-M.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xiGEgVH3l79yMQfxTWLGeiE6U-M.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 599 (0x257)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915EBC8, serialNumber=C621848151F797BF723107F14D62C67A213A53E3
Validity
Not Before: Apr 11 03:38:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a4561f-19ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:9b:54:55:84:9a:1e:c7:41:1b:12:5c:c6:be:
41:1b:8f:fe:a8:74:81:79:46:ce:03:52:d4:0d:7e:
48:e0:c7:1e:c9:30:59:2a:e7:4b:72:f2:65:b2:b8:
cd:a8:2a:1c:b7:5e:32:8a:1c:fe:84:da:40:c4:e7:
50:9f:67:06:10:6d:36:9d:66:2e:cb:10:35:0f:11:
07:51:66:4c:07:32:69:ce:2e:f9:28:5e:67:39:bf:
7d:c1:f9:a3:cd:45:11:02:f8:46:2f:2e:12:c0:55:
a7:8f:d8:90:3b:61:ac:0f:a9:2a:75:ae:1c:06:2c:
10:9f:ad:5f:0f:af:fc:b5:64:5b:62:8a:6c:9a:7a:
35:68:4e:d1:ef:51:b0:71:ce:9f:2f:13:e1:fc:02:
ea:2a:a5:8b:29:c8:83:23:7a:e7:e8:9d:ab:0d:23:
cb:57:20:ff:03:46:d0:0d:ae:8d:25:c9:50:e7:bb:
b9:63:63:3d:7b:40:f6:1d:c2:3e:4a:0f:fb:31:7c:
35:8e:f2:4b:17:d9:f3:bb:d1:b4:2f:70:3b:f9:98:
9b:a9:ee:ba:a9:e4:8f:b0:57:0a:1b:c9:e4:b9:bd:
d4:e8:6a:bb:a6:0e:ca:b4:b4:48:6c:31:3a:74:c3:
64:41:7d:d5:b4:32:ec:9d:0a:b4:f5:57:b0:0f:ce:
a2:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:B3:41:68:B9:B9:D4:BF:51:02:A9:37:45:F0:CA:77:3A:7E:C6:A0
X509v3 Authority Key Identifier:
keyid:C6:21:84:81:51:F7:97:BF:72:31:07:F1:4D:62:C6:7A:21:3A:53:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/xiGEgVH3l79yMQfxTWLGeiE6U-M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xiGEgVH3l79yMQfxTWLGeiE6U-M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/AC61350A4E3C11EF9286040CC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
164.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a7:0d:81:0d:ae:84:38:15:ff:2a:5f:64:8b:35:a7:69:54:2f:
2a:84:69:75:97:54:98:b0:4e:ad:7d:dd:27:40:65:d0:d6:f9:
ed:7c:75:68:59:a1:b6:e9:37:61:1d:a9:c2:91:11:5c:19:0e:
68:69:3c:5f:b6:65:d7:ae:8f:43:a1:44:4c:89:ec:3e:82:d8:
33:32:03:1f:e9:04:b0:98:b6:4f:c7:2e:b6:7b:6a:cc:d6:81:
e6:c8:8d:89:45:1e:0a:00:29:16:4b:c8:22:b3:67:f0:5d:01:
cd:bd:ed:b9:69:84:10:1b:08:9b:2a:7a:54:93:ad:11:f5:2f:
69:97:a2:a6:6c:fc:7a:54:ba:ce:16:a5:e7:f7:29:21:41:57:
71:d8:da:97:b8:b1:73:ea:f5:3a:f2:e5:ec:5a:f7:27:ea:bd:
2d:94:47:32:43:29:43:94:d4:74:7e:ce:cc:37:0e:c6:3f:22:
cb:c4:ee:2d:a8:6b:ff:85:5e:65:97:e9:0c:5a:88:22:6b:69:
15:ed:5b:16:47:98:f3:97:59:10:86:98:f9:ea:a9:76:d9:89:
ea:fa:9e:7f:14:36:b6:f5:87:3a:b5:51:bd:e2:fd:fe:26:34:
77:67:b1:0b:f5:74:03:01:4f:d1:31:0d:73:14:9a:2f:96:37:
23:29:58:37
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgICAlcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUVCQzgxMTAvBgNVBAUTKEM2MjE4NDgxNTFGNzk3QkY3MjMxMDdGMTRENjJDNjdB
MjEzQTUzRTMwHhcNMjUwNDExMDMzODU4WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NTYxZi0xOWVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAm5tUVYSaHsdBGxJcxr5BG4/+qHSBeUbOA1LUDX5I4MceyTBZKudLcvJlsrjN
qCoct14yihz+hNpAxOdQn2cGEG02nWYuyxA1DxEHUWZMBzJpzi75KF5nOb99wfmj
zUURAvhGLy4SwFWnj9iQO2GsD6kqda4cBiwQn61fD6/8tWRbYopsmno1aE7R71Gw
cc6fLxPh/ALqKqWLKciDI3rn6J2rDSPLVyD/A0bQDa6NJclQ57u5Y2M9e0D2HcI+
Sg/7MXw1jvJLF9nzu9G0L3A7+Zibqe66qeSPsFcKG8nkub3U6Gq7pg7KtLRIbDE6
dMNkQX3VtDLsnQq09VewD86i2wIDAQABo4ICXzCCAlswHQYDVR0OBBYEFFWzQWi5
udS/UQKpN0Xwync6fsagMB8GA1UdIwQYMBaAFMYhhIFR95e/cjEH8U1ixnohOlPj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RUJDOC81ODk4MjBDMkVG
MDIxMUVEOEMyREQ5MUZDNEY5QUUwMi94aUdFZ1ZIM2w3OXlNUWZ4VFdMR2VpRTZV
LU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3hpR0VnVkgzbDc5eU1RZnhUV0xHZWlFNlUtTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUVCQzgvNTg5ODIwQzJFRjAyMTFFRDhDMkREOTFGQzRGOUFFMDIvQUM2MTM1MEE0
RTNDMTFFRjkyODYwNDBDQzRGOUFFMDIucm9hMB4GCCsGAQUFBwEHAQH/BA8wDTAL
BAIAATAFAwMApDUwDQYJKoZIhvcNAQELBQADggEBAKcNgQ2uhDgV/ypfZIs1p2lU
LyqEaXWXVJiwTq193SdAZdDW+e18dWhZobbpN2EdqcKREVwZDmhpPF+2Zdeuj0Oh
REyJ7D6C2DMyAx/pBLCYtk/HLrZ7aszWgebIjYlFHgoAKRZLyCKzZ/BdAc297blp
hBAbCJsqelSTrRH1L2mXoqZs/HpUus4Wpef3KSFBV3HY2pe4sXPq9Try5exa9yfq
vS2URzJDKUOU1HR+zsw3DsY/IsvE7i2oa/+FXmWX6QxaiCJraRXtWxZHmPOXWRCG
mPnqqXbZier6nn8UNrb1hzq1Ub3i/f4mNHdnsQv1dAMBT9ExDXMUmi+WNyMpWDc=
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:00:15 2026 by rpki-client