Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/AC61350A4E3C11EF9286040CC4F9AE02.roa
File: AC61350A4E3C11EF9286040CC4F9AE02.roa (raw, json)
Hash identifier: UDmkYChAI32+wqoy/BvpF4agSgM4VO3+nGqHuy0dky8=
Subject key identifier: 53:8B:74:1C:13:81:07:9B:32:CC:D7:88:74:6E:BA:0E:C2:4E:65:4D
Certificate issuer: /CN=A915EBC8/serialNumber=C621848151F797BF723107F14D62C67A213A53E3
Certificate serial: 0285
Authority key identifier: C6:21:84:81:51:F7:97:BF:72:31:07:F1:4D:62:C6:7A:21:3A:53:E3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xiGEgVH3l79yMQfxTWLGeiE6U-M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/AC61350A4E3C11EF9286040CC4F9AE02.roa
Signing time: Thu 09 Apr 2026 02:36:15 +0000
ROA not before: Thu 09 Apr 2026 02:36:15 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 10235
IP address blocks: 164.53.0.0/16 maxlen: 16
164.53.28.0/24 maxlen: 24
164.53.29.0/24 maxlen: 24
164.53.42.0/24 maxlen: 24
164.53.43.0/24 maxlen: 24
164.53.44.0/23 maxlen: 23
164.53.46.0/23 maxlen: 23
164.53.65.0/24 maxlen: 24
164.53.67.0/24 maxlen: 24
164.53.70.0/24 maxlen: 24
164.53.71.0/24 maxlen: 24
164.53.78.0/24 maxlen: 24
164.53.92.0/24 maxlen: 24
164.53.97.0/24 maxlen: 24
164.53.98.0/23 maxlen: 23
164.53.99.254/32 maxlen: 32
164.53.122.0/24 maxlen: 24
164.53.124.0/24 maxlen: 24
164.53.125.0/24 maxlen: 24
164.53.139.0/24 maxlen: 24
164.53.152.0/24 maxlen: 24
164.53.158.0/23 maxlen: 23
164.53.160.0/23 maxlen: 23
164.53.162.0/24 maxlen: 24
164.53.164.0/23 maxlen: 23
164.53.166.0/23 maxlen: 23
164.53.168.0/23 maxlen: 23
164.53.170.0/24 maxlen: 24
164.53.171.0/24 maxlen: 24
164.53.176.16/28 maxlen: 28
164.53.182.0/23 maxlen: 23
164.53.184.0/24 maxlen: 24
164.53.185.0/24 maxlen: 24
164.53.186.0/24 maxlen: 24
164.53.187.0/24 maxlen: 24
164.53.192.0/24 maxlen: 24
164.53.192.254/32 maxlen: 32
164.53.193.0/24 maxlen: 24
164.53.195.0/24 maxlen: 24
164.53.204.0/22 maxlen: 22
164.53.214.0/23 maxlen: 23
164.53.215.254/32 maxlen: 32
164.53.216.0/24 maxlen: 24
164.53.218.0/23 maxlen: 23
164.53.220.0/23 maxlen: 23
164.53.222.0/23 maxlen: 23
164.53.224.0/22 maxlen: 22
164.53.230.0/23 maxlen: 23
164.53.232.0/24 maxlen: 24
164.53.234.0/23 maxlen: 23
164.53.238.0/24 maxlen: 24
164.53.239.0/24 maxlen: 24
164.53.241.0/24 maxlen: 24
164.53.244.0/24 maxlen: 24
164.53.246.0/24 maxlen: 24
164.53.252.0/24 maxlen: 24
164.53.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/xiGEgVH3l79yMQfxTWLGeiE6U-M.crl
rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/xiGEgVH3l79yMQfxTWLGeiE6U-M.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xiGEgVH3l79yMQfxTWLGeiE6U-M.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 24 Apr 2026 02:26:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 645 (0x285)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915EBC8, serialNumber=C621848151F797BF723107F14D62C67A213A53E3
Validity
Not Before: Apr 9 02:36:15 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=69d7109f-397f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b4:74:f5:01:89:f0:c1:87:07:1c:77:aa:7d:
c0:07:de:3a:7d:e1:57:e4:39:85:2e:45:fa:07:93:
46:4a:43:cd:0d:b2:c5:e0:be:6f:16:ee:1c:4a:52:
f5:fc:3d:fb:56:74:b9:7a:11:87:25:8e:96:58:ae:
ca:db:c3:01:1f:82:6b:ae:66:e8:d7:16:30:6f:c8:
7c:f8:90:77:6a:9c:00:0f:25:0c:d7:51:73:1c:64:
ae:06:d2:0b:b9:74:87:2e:e4:4c:83:01:43:ca:a3:
b1:fb:dc:16:f7:29:ac:96:69:1a:a3:32:b7:71:20:
7f:3a:f9:38:a9:39:21:3c:0c:2d:12:78:d5:2b:68:
2a:ea:61:84:dd:cc:70:fd:25:43:1c:c6:1b:74:74:
20:5a:60:6c:34:65:74:a9:1d:95:3d:d0:ff:21:66:
e6:1c:0d:8d:88:4c:4f:54:c3:ba:ac:22:23:fe:ce:
9c:fb:5e:16:a0:92:5b:0e:65:64:ae:21:52:d7:36:
d4:2b:0c:83:03:38:2a:19:9f:48:1f:6c:f4:ee:2b:
34:77:5e:68:4a:55:00:2f:d5:3b:9d:1a:6e:8c:e2:
9f:46:ed:00:08:50:61:81:4d:28:eb:1c:1a:39:9a:
55:38:3d:b5:1d:a5:cd:99:3b:47:df:55:96:be:44:
db:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:8B:74:1C:13:81:07:9B:32:CC:D7:88:74:6E:BA:0E:C2:4E:65:4D
X509v3 Authority Key Identifier:
keyid:C6:21:84:81:51:F7:97:BF:72:31:07:F1:4D:62:C6:7A:21:3A:53:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/xiGEgVH3l79yMQfxTWLGeiE6U-M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xiGEgVH3l79yMQfxTWLGeiE6U-M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915EBC8/589820C2EF0211ED8C2DD91FC4F9AE02/AC61350A4E3C11EF9286040CC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
164.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
66:9b:12:75:49:7f:f8:f4:20:b0:12:d5:db:ba:7b:81:84:9a:
3b:fe:07:87:1c:fd:a9:d1:8f:1b:e0:70:43:2c:33:f2:90:3d:
a6:a7:a7:d8:15:10:af:17:bd:ef:33:67:8f:ad:30:60:e1:63:
aa:74:0f:3d:39:17:79:68:92:4c:4a:e8:0b:c4:aa:dc:ab:e8:
86:e6:7e:ed:8f:b1:93:04:e0:c9:35:a3:e3:03:85:13:63:6f:
0c:54:c1:82:06:c6:f6:98:d1:50:3a:ce:ba:a8:e4:c6:d6:d2:
01:1b:57:e0:a3:12:bc:f9:22:84:7a:fe:73:a8:a1:a5:78:93:
92:74:28:3d:44:4b:01:92:d0:96:d9:e1:d6:f6:b5:aa:82:28:
3a:35:5c:56:cf:61:cc:96:15:56:16:62:dc:1d:5d:a0:85:b9:
ee:39:89:63:72:83:fd:a0:06:09:c5:74:2c:bc:12:bd:61:46:
93:38:ae:41:b0:f7:8a:6c:c2:5d:4b:65:a0:15:05:9a:86:88:
0b:30:54:77:fa:f6:04:b4:a6:a7:aa:52:1f:2f:fe:bd:46:1c:
88:9e:37:50:1c:52:bb:b5:76:71:35:bd:9d:11:dc:13:26:f0:
05:5c:d7:12:1c:03:bd:e4:99:87:fb:39:a4:63:d4:89:3a:5b:
84:a8:7c:ca
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgICAoUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUVCQzgxMTAvBgNVBAUTKEM2MjE4NDgxNTFGNzk3QkY3MjMxMDdGMTRENjJDNjdB
MjEzQTUzRTMwHhcNMjYwNDA5MDIzNjE1WhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWQ3MTA5Zi0zOTdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAkrR09QGJ8MGHBxx3qn3AB946feFX5DmFLkX6B5NGSkPNDbLF4L5vFu4cSlL1
/D37VnS5ehGHJY6WWK7K28MBH4Jrrmbo1xYwb8h8+JB3apwADyUM11FzHGSuBtIL
uXSHLuRMgwFDyqOx+9wW9ymslmkaozK3cSB/Ovk4qTkhPAwtEnjVK2gq6mGE3cxw
/SVDHMYbdHQgWmBsNGV0qR2VPdD/IWbmHA2NiExPVMO6rCIj/s6c+14WoJJbDmVk
riFS1zbUKwyDAzgqGZ9IH2z07is0d15oSlUAL9U7nRpujOKfRu0ACFBhgU0o6xwa
OZpVOD21HaXNmTtH31WWvkTbNwIDAQABo4ICXzCCAlswHQYDVR0OBBYEFFOLdBwT
gQebMszXiHRuug7CTmVNMB8GA1UdIwQYMBaAFMYhhIFR95e/cjEH8U1ixnohOlPj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RUJDOC81ODk4MjBDMkVG
MDIxMUVEOEMyREQ5MUZDNEY5QUUwMi94aUdFZ1ZIM2w3OXlNUWZ4VFdMR2VpRTZV
LU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3hpR0VnVkgzbDc5eU1RZnhUV0xHZWlFNlUtTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUVCQzgvNTg5ODIwQzJFRjAyMTFFRDhDMkREOTFGQzRGOUFFMDIvQUM2MTM1MEE0
RTNDMTFFRjkyODYwNDBDQzRGOUFFMDIucm9hMB4GCCsGAQUFBwEHAQH/BA8wDTAL
BAIAATAFAwMApDUwDQYJKoZIhvcNAQELBQADggEBAGabEnVJf/j0ILAS1du6e4GE
mjv+B4cc/anRjxvgcEMsM/KQPaanp9gVEK8Xve8zZ4+tMGDhY6p0Dz05F3lokkxK
6AvEqtyr6Ibmfu2PsZME4Mk1o+MDhRNjbwxUwYIGxvaY0VA6zrqo5MbW0gEbV+Cj
Erz5IoR6/nOooaV4k5J0KD1ESwGS0JbZ4db2taqCKDo1XFbPYcyWFVYWYtwdXaCF
ue45iWNyg/2gBgnFdCy8Er1hRpM4rkGw94pswl1LZaAVBZqGiAswVHf69gS0pqeq
Uh8v/r1GHIieN1AcUru1dnE1vZ0R3BMm8AVc1xIcA73kmYf7OaRj1Ik6W4SofMo=
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:49:22 2026 by rpki-client