Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919F0DA/150D3EF41D6811E28C1828A408B02CD2/58273588C2BD11EBA13EC07AC4F9AE02.roa
File: 58273588C2BD11EBA13EC07AC4F9AE02.roa (raw, json)
Hash identifier: jtuV1s6/BGn6BQi5hM+vtfPvOlHRKTL/7Yy20MlY+mw=
Subject key identifier: 46:D2:8A:60:C6:79:68:B9:7D:25:84:BA:97:ED:6C:E3:C4:4A:60:36
Certificate issuer: /CN=A919F0DA/serialNumber=94D587B6E75BF108AF5B424922C4A8BAAB3EE946
Certificate serial: 0878
Authority key identifier: 94:D5:87:B6:E7:5B:F1:08:AF:5B:42:49:22:C4:A8:BA:AB:3E:E9:46
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lNWHtudb8QivW0JJIsSouqs-6UY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919F0DA/150D3EF41D6811E28C1828A408B02CD2/58273588C2BD11EBA13EC07AC4F9AE02.roa
Signing time: Sun 01 Mar 2026 19:21:51 +0000
ROA not before: Wed 30 Jul 2025 14:20:11 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 4758
IP address blocks: 2001:4408::/32 maxlen: 32
2001:4408:4::/48 maxlen: 48
2001:4408:a::/48 maxlen: 48
2001:4408:b::/48 maxlen: 48
2001:4408:100::/48 maxlen: 48
2001:4408:200::/48 maxlen: 48
2001:4408:1080::/44 maxlen: 44
2001:4408:1100::/48 maxlen: 48
2001:4408:4000::/40 maxlen: 40
2001:4408:4400::/40 maxlen: 40
2001:4408:4800::/40 maxlen: 48
2001:4408:4a00::/40 maxlen: 40
2001:4408:4b00::/40 maxlen: 40
2001:4408:4c00::/40 maxlen: 40
2001:4408:5200::/48 maxlen: 48
2001:4408:5202::/48 maxlen: 48
2001:4408:5205::/48 maxlen: 48
2001:4408:5206::/48 maxlen: 48
2001:4408:520a::/48 maxlen: 48
2001:4408:520b::/48 maxlen: 48
2001:4408:5220::/48 maxlen: 48
2001:4408:5222::/48 maxlen: 48
2001:4408:5223::/48 maxlen: 48
2001:4408:5224::/48 maxlen: 48
2001:4408:5226::/48 maxlen: 48
2001:4408:5240::/48 maxlen: 48
2001:4408:5250::/48 maxlen: 48
2001:4408:5600::/48 maxlen: 48
2001:4408:5800::/40 maxlen: 40
2001:4408:5a00::/40 maxlen: 40
2001:4408:5c00::/40 maxlen: 40
2001:4408:5e00::/40 maxlen: 48
2001:4408:6000::/40 maxlen: 40
2001:4408:6200::/40 maxlen: 40
2001:4408:6600::/40 maxlen: 40
2001:4408:6a00::/40 maxlen: 40
2001:4408:6b00::/40 maxlen: 45
2001:4408:6c00::/40 maxlen: 40
2001:4408:6e00::/40 maxlen: 40
2001:4408:7000::/48 maxlen: 48
2001:4408:7200::/40 maxlen: 40
2001:4408:7600::/40 maxlen: 40
2001:4408:7800::/40 maxlen: 40
2001:4408:7a00::/40 maxlen: 40
2001:4408:7c00::/40 maxlen: 48
2001:4408:7e00::/40 maxlen: 40
2001:4408:7f00::/45 maxlen: 45
2001:4408:7f08::/45 maxlen: 45
2001:4408:8000::/40 maxlen: 40
2001:4408:8100::/48 maxlen: 48
2001:4408:8200::/40 maxlen: 40
2001:4408:8308::/45 maxlen: 45
2001:4408:8400::/40 maxlen: 40
2001:4408:8608::/48 maxlen: 48
2001:4408:c000::/48 maxlen: 48
2001:4408:c002::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919F0DA/150D3EF41D6811E28C1828A408B02CD2/lNWHtudb8QivW0JJIsSouqs-6UY.crl
rsync://rpki.apnic.net/member_repository/A919F0DA/150D3EF41D6811E28C1828A408B02CD2/lNWHtudb8QivW0JJIsSouqs-6UY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lNWHtudb8QivW0JJIsSouqs-6UY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 01:19:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2168 (0x878)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919F0DA, serialNumber=94D587B6E75BF108AF5B424922C4A8BAAB3EE946
Validity
Not Before: Jul 30 14:20:11 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=69a491cf-d4cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:56:ff:a5:b4:14:9e:81:e4:1f:1e:01:73:10:
e6:e8:ee:6e:c6:e9:87:93:7e:ae:39:b0:ef:af:3d:
2d:71:ab:f8:3b:de:2a:54:3f:4d:83:a1:c1:d5:e2:
72:a7:8b:b8:e9:e9:4d:ac:14:2f:16:99:9f:78:61:
65:64:26:fb:1d:8f:9f:ab:43:02:24:b0:e2:4b:42:
d1:26:ec:99:6a:cd:50:1f:aa:32:65:10:1f:1f:b9:
5d:39:6c:79:7b:51:f5:78:19:9f:96:c0:cc:83:74:
b0:8d:b1:79:6e:04:5a:30:ed:25:6e:ea:8a:70:be:
6b:fd:51:a0:73:71:ea:be:e1:ba:f5:83:4b:3f:e7:
15:4a:a8:e4:99:59:5d:8f:6b:5c:ad:50:71:28:cc:
d3:9d:7c:13:f0:b8:3f:85:40:1a:a2:8b:ec:34:f6:
96:7d:17:4d:81:3d:10:14:9f:02:bf:41:61:bf:9c:
2e:7f:f7:ff:9b:be:73:d9:6c:da:3b:93:01:95:d7:
7e:03:bb:27:fd:ed:a1:a7:42:0e:a7:50:53:fb:3c:
80:40:90:4d:07:3d:ab:94:54:db:c5:44:25:1a:43:
59:9a:af:a7:20:2b:86:0c:d1:cf:1c:0e:92:c9:78:
e3:65:ee:e2:a1:3a:b5:84:7d:82:d2:b3:05:7f:3c:
dc:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:D2:8A:60:C6:79:68:B9:7D:25:84:BA:97:ED:6C:E3:C4:4A:60:36
X509v3 Authority Key Identifier:
keyid:94:D5:87:B6:E7:5B:F1:08:AF:5B:42:49:22:C4:A8:BA:AB:3E:E9:46
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919F0DA/150D3EF41D6811E28C1828A408B02CD2/lNWHtudb8QivW0JJIsSouqs-6UY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lNWHtudb8QivW0JJIsSouqs-6UY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919F0DA/150D3EF41D6811E28C1828A408B02CD2/58273588C2BD11EBA13EC07AC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv6:
2001:4408::/32
Signature Algorithm: sha256WithRSAEncryption
76:ad:54:b7:c6:18:e4:ac:3d:85:21:4f:19:6a:de:76:da:79:
cd:2c:ac:d7:fb:42:79:6f:ae:f7:c4:60:bf:55:c8:dc:a3:41:
7f:ed:b8:ca:b8:36:f6:32:6e:1d:06:c8:aa:d7:0d:48:ad:6b:
f6:ce:8d:f6:5b:fb:a3:98:34:8a:ee:10:4a:d5:a4:0e:07:35:
64:31:e0:a4:7b:68:45:f8:e1:8e:6a:fa:4f:f3:c0:7a:f1:e8:
8e:e6:9c:45:23:4a:89:17:f1:89:02:55:62:76:19:a9:7b:ef:
bb:aa:da:40:43:21:c0:18:94:cb:9b:21:4c:29:af:97:eb:d8:
0e:4b:cc:39:1d:7e:6a:c1:ca:0e:80:1d:cb:1d:d6:08:8b:e2:
14:1f:19:df:9a:fc:4f:78:55:a6:31:95:d8:71:57:c8:14:22:
9d:c1:99:06:77:e1:ab:85:a5:93:83:da:a8:50:0e:3f:c0:77:
9b:f7:02:2b:a2:65:b3:be:4f:c4:54:14:cf:fc:6f:e1:13:1b:
08:2b:a1:87:02:88:01:29:ec:42:d9:33:2a:66:d3:e7:77:d1:
8e:e5:ff:16:e3:e3:0f:f4:50:b6:f6:e4:14:ad:2c:f8:01:ad:
ba:6e:71:af:99:99:66:e2:07:b2:90:d7:2c:4d:cf:c8:49:57:
c7:7e:84:92
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgICCHgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUYwREExMTAvBgNVBAUTKDk0RDU4N0I2RTc1QkYxMDhBRjVCNDI0OTIyQzRBOEJB
QUIzRUU5NDYwHhcNMjUwNzMwMTQyMDExWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0OTFjZi1kNGNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArFb/pbQUnoHkHx4BcxDm6O5uxumHk36uObDvrz0tcav4O94qVD9Ng6HB1eJy
p4u46elNrBQvFpmfeGFlZCb7HY+fq0MCJLDiS0LRJuyZas1QH6oyZRAfH7ldOWx5
e1H1eBmflsDMg3SwjbF5bgRaMO0lbuqKcL5r/VGgc3HqvuG69YNLP+cVSqjkmVld
j2tcrVBxKMzTnXwT8Lg/hUAaoovsNPaWfRdNgT0QFJ8Cv0Fhv5wuf/f/m75z2Wza
O5MBldd+A7sn/e2hp0IOp1BT+zyAQJBNBz2rlFTbxUQlGkNZmq+nICuGDNHPHA6S
yXjjZe7ioTq1hH2C0rMFfzzctQIDAQABo4ICYTCCAl0wHQYDVR0OBBYEFEbSimDG
eWi5fSWEupftbOPESmA2MB8GA1UdIwQYMBaAFJTVh7bnW/EIr1tCSSLEqLqrPulG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RjBEQS8xNTBEM0VGNDFE
NjgxMUUyOEMxODI4QTQwOEIwMkNEMi9sTldIdHVkYjhRaXZXMEpKSXNTb3Vxcy02
VVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xOV0h0dWRiOFFpdlcwSkpJc1NvdXFzLTZVWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUYwREEvMTUwRDNFRjQxRDY4MTFFMjhDMTgyOEE0MDhCMDJDRDIvNTgyNzM1ODhD
MkJEMTFFQkExM0VDMDdBQzRGOUFFMDIucm9hMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAIAFECDANBgkqhkiG9w0BAQsFAAOCAQEAdq1Ut8YY5Kw9hSFPGWre
dtp5zSys1/tCeW+u98Rgv1XI3KNBf+24yrg29jJuHQbIqtcNSK1r9s6N9lv7o5g0
iu4QStWkDgc1ZDHgpHtoRfjhjmr6T/PAevHojuacRSNKiRfxiQJVYnYZqXvvu6ra
QEMhwBiUy5shTCmvl+vYDkvMOR1+asHKDoAdyx3WCIviFB8Z35r8T3hVpjGV2HFX
yBQincGZBnfhq4Wlk4PaqFAOP8B3m/cCK6Jls75PxFQUz/xv4RMbCCuhhwKIASns
QtkzKmbT53fRjuX/FuPjD/RQtvbkFK0s+AGtum5xr5mZZuIHspDXLE3PyElXx36E
kg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:32:20 2026 by rpki-client