Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919F0DA/150D3EF41D6811E28C1828A408B02CD2/58273588C2BD11EBA13EC07AC4F9AE02.roa
File: 58273588C2BD11EBA13EC07AC4F9AE02.roa (raw, json)
Hash identifier: 5XIGAWBdKItIK52ECdH5hYRYWf2CTjmbyPBWgm/ArQs=
Subject key identifier: AA:00:FC:F6:EF:8A:73:3A:3B:62:B0:94:96:AC:0E:E6:CE:9B:8B:ED
Certificate issuer: /CN=A919F0DA/serialNumber=94D587B6E75BF108AF5B424922C4A8BAAB3EE946
Certificate serial: 0805
Authority key identifier: 94:D5:87:B6:E7:5B:F1:08:AF:5B:42:49:22:C4:A8:BA:AB:3E:E9:46
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lNWHtudb8QivW0JJIsSouqs-6UY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919F0DA/150D3EF41D6811E28C1828A408B02CD2/58273588C2BD11EBA13EC07AC4F9AE02.roa
Signing time: Wed 30 Jul 2025 14:20:11 +0000
ROA not before: Wed 30 Jul 2025 14:20:11 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 4758
IP address blocks: 2001:4408::/32 maxlen: 32
2001:4408:4::/48 maxlen: 48
2001:4408:a::/48 maxlen: 48
2001:4408:b::/48 maxlen: 48
2001:4408:100::/48 maxlen: 48
2001:4408:200::/48 maxlen: 48
2001:4408:1080::/44 maxlen: 44
2001:4408:1100::/48 maxlen: 48
2001:4408:4000::/40 maxlen: 40
2001:4408:4400::/40 maxlen: 40
2001:4408:4800::/40 maxlen: 48
2001:4408:4a00::/40 maxlen: 40
2001:4408:4b00::/40 maxlen: 40
2001:4408:4c00::/40 maxlen: 40
2001:4408:5200::/48 maxlen: 48
2001:4408:5202::/48 maxlen: 48
2001:4408:5205::/48 maxlen: 48
2001:4408:5206::/48 maxlen: 48
2001:4408:520a::/48 maxlen: 48
2001:4408:520b::/48 maxlen: 48
2001:4408:5220::/48 maxlen: 48
2001:4408:5222::/48 maxlen: 48
2001:4408:5223::/48 maxlen: 48
2001:4408:5224::/48 maxlen: 48
2001:4408:5226::/48 maxlen: 48
2001:4408:5240::/48 maxlen: 48
2001:4408:5250::/48 maxlen: 48
2001:4408:5600::/48 maxlen: 48
2001:4408:5800::/40 maxlen: 40
2001:4408:5a00::/40 maxlen: 40
2001:4408:5c00::/40 maxlen: 40
2001:4408:5e00::/40 maxlen: 48
2001:4408:6000::/40 maxlen: 40
2001:4408:6200::/40 maxlen: 40
2001:4408:6600::/40 maxlen: 40
2001:4408:6a00::/40 maxlen: 40
2001:4408:6b00::/40 maxlen: 45
2001:4408:6c00::/40 maxlen: 40
2001:4408:6e00::/40 maxlen: 40
2001:4408:7000::/48 maxlen: 48
2001:4408:7200::/40 maxlen: 40
2001:4408:7600::/40 maxlen: 40
2001:4408:7800::/40 maxlen: 40
2001:4408:7a00::/40 maxlen: 40
2001:4408:7c00::/40 maxlen: 48
2001:4408:7e00::/40 maxlen: 40
2001:4408:7f00::/45 maxlen: 45
2001:4408:7f08::/45 maxlen: 45
2001:4408:8000::/40 maxlen: 40
2001:4408:8100::/48 maxlen: 48
2001:4408:8200::/40 maxlen: 40
2001:4408:8308::/45 maxlen: 45
2001:4408:8400::/40 maxlen: 40
2001:4408:8608::/48 maxlen: 48
2001:4408:c000::/48 maxlen: 48
2001:4408:c002::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919F0DA/150D3EF41D6811E28C1828A408B02CD2/lNWHtudb8QivW0JJIsSouqs-6UY.crl
rsync://rpki.apnic.net/member_repository/A919F0DA/150D3EF41D6811E28C1828A408B02CD2/lNWHtudb8QivW0JJIsSouqs-6UY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lNWHtudb8QivW0JJIsSouqs-6UY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2053 (0x805)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919F0DA, serialNumber=94D587B6E75BF108AF5B424922C4A8BAAB3EE946
Validity
Not Before: Jul 30 14:20:11 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=688a2a1a-a9a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:54:ff:2f:0d:9e:08:04:62:dc:f6:f6:18:7f:
36:e9:10:ee:27:45:ba:3f:8c:8a:f9:41:8a:67:dc:
1b:af:72:d1:00:bb:b0:26:7b:1b:2a:cb:11:81:1f:
0c:57:be:bb:14:14:19:ca:e0:4f:b6:dc:79:10:df:
26:4e:7c:d7:98:db:f5:a1:40:18:52:19:22:df:2b:
ed:4a:02:8f:e7:d2:18:66:06:a2:1f:9a:98:4f:04:
bf:4d:e4:fe:e2:dd:7f:f1:83:5d:cc:52:69:02:30:
8a:b3:b6:66:9c:c3:7b:5d:1e:79:f0:19:f3:b4:54:
c7:00:87:2f:36:f9:e6:e1:70:66:c2:a0:8b:fc:9d:
cc:07:11:04:8a:34:90:c9:a7:c6:6d:b2:70:5a:81:
a2:29:8b:82:24:95:87:3b:cb:31:00:8d:4a:2d:86:
c6:e1:e3:f7:9c:0b:67:a3:f8:6e:3c:04:f0:e7:91:
cc:d3:4a:04:c8:d3:8a:16:5d:c0:4c:a9:64:31:c9:
ed:76:7f:69:99:c8:38:32:ba:d7:b7:46:4a:59:8e:
cd:fb:fb:8c:a8:37:23:4c:d6:db:a5:ce:0b:0a:da:
33:4c:6e:f9:c0:02:aa:cf:34:fc:94:3a:c9:ca:84:
be:d0:da:36:39:f2:db:45:47:b5:e6:1d:27:9d:c8:
8b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:00:FC:F6:EF:8A:73:3A:3B:62:B0:94:96:AC:0E:E6:CE:9B:8B:ED
X509v3 Authority Key Identifier:
keyid:94:D5:87:B6:E7:5B:F1:08:AF:5B:42:49:22:C4:A8:BA:AB:3E:E9:46
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919F0DA/150D3EF41D6811E28C1828A408B02CD2/lNWHtudb8QivW0JJIsSouqs-6UY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lNWHtudb8QivW0JJIsSouqs-6UY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919F0DA/150D3EF41D6811E28C1828A408B02CD2/58273588C2BD11EBA13EC07AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:4408::/32
Signature Algorithm: sha256WithRSAEncryption
67:92:20:3b:ca:70:da:32:a4:09:25:2e:b1:47:f5:6b:db:ab:
29:6f:48:54:7f:df:37:88:73:36:ed:7b:d2:78:de:64:09:ee:
1a:48:0b:83:1c:4b:cd:10:5b:f2:73:5a:b0:c4:f9:5c:82:8e:
30:ad:a3:6e:41:61:32:0b:52:5d:2e:b6:27:65:84:b8:81:b4:
d2:70:5b:43:f0:57:cb:c6:1b:8c:49:7a:e6:8e:a5:dc:23:4d:
bf:9a:54:a5:b1:f3:86:83:d5:40:ec:3a:e6:db:d7:89:75:e7:
cb:cc:ac:09:6e:f4:eb:4a:e6:4f:bc:2b:a8:f7:5b:17:f1:d3:
47:ad:a1:16:3c:7b:8f:4c:10:4f:5f:3a:06:0e:17:0b:19:76:
d0:f3:70:03:37:60:7a:8d:b0:e7:0d:f0:05:c4:91:c9:af:ac:
20:7f:83:8a:8a:40:96:e5:3a:aa:5e:a7:8d:73:21:ff:41:9e:
41:5a:a3:75:ef:f9:68:a7:6e:6d:a8:e1:ee:7f:02:30:8b:3c:
63:89:d3:98:69:02:24:34:9f:d2:26:79:ef:51:57:f2:05:01:
ad:5a:07:5d:7c:82:1a:c4:2d:55:9d:38:56:58:2c:bf:31:eb:
a9:30:47:ae:63:c9:00:a1:08:f9:b0:a5:40:31:85:e3:c1:9c:
c5:d5:ad:93
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICCAUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUYwREExMTAvBgNVBAUTKDk0RDU4N0I2RTc1QkYxMDhBRjVCNDI0OTIyQzRBOEJB
QUIzRUU5NDYwHhcNMjUwNzMwMTQyMDExWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODhhMmExYS1hOWEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAplT/Lw2eCARi3Pb2GH826RDuJ0W6P4yK+UGKZ9wbr3LRALuwJnsbKssRgR8M
V767FBQZyuBPttx5EN8mTnzXmNv1oUAYUhki3yvtSgKP59IYZgaiH5qYTwS/TeT+
4t1/8YNdzFJpAjCKs7ZmnMN7XR558BnztFTHAIcvNvnm4XBmwqCL/J3MBxEEijSQ
yafGbbJwWoGiKYuCJJWHO8sxAI1KLYbG4eP3nAtno/huPATw55HM00oEyNOKFl3A
TKlkMcntdn9pmcg4MrrXt0ZKWY7N+/uMqDcjTNbbpc4LCtozTG75wAKqzzT8lDrJ
yoS+0No2OfLbRUe15h0nnciLQwIDAQABo4ICljCCApIwHQYDVR0OBBYEFKoA/Pbv
inM6O2KwlJasDubOm4vtMB8GA1UdIwQYMBaAFJTVh7bnW/EIr1tCSSLEqLqrPulG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RjBEQS8xNTBEM0VGNDFE
NjgxMUUyOEMxODI4QTQwOEIwMkNEMi9sTldIdHVkYjhRaXZXMEpKSXNTb3Vxcy02
VVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xOV0h0dWRiOFFpdlcwSkpJc1NvdXFzLTZVWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUYwREEvMTUwRDNFRjQxRDY4MTFFMjhDMTgyOEE0MDhCMDJDRDIvNTgyNzM1ODhD
MkJEMTFFQkExM0VDMDdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAgAUQIMA0GCSqGSIb3DQEBCwUAA4IBAQBnkiA7ynDaMqQJ
JS6xR/Vr26spb0hUf983iHM27XvSeN5kCe4aSAuDHEvNEFvyc1qwxPlcgo4wraNu
QWEyC1JdLrYnZYS4gbTScFtD8FfLxhuMSXrmjqXcI02/mlSlsfOGg9VA7Drm29eJ
defLzKwJbvTrSuZPvCuo91sX8dNHraEWPHuPTBBPXzoGDhcLGXbQ83ADN2B6jbDn
DfAFxJHJr6wgf4OKikCW5TqqXqeNcyH/QZ5BWqN17/lop25tqOHufwIwizxjidOY
aQIkNJ/SJnnvUVfyBQGtWgddfIIaxC1VnThWWCy/MeupMEeuY8kAoQj5sKVAMYXj
wZzF1a2T
-----END CERTIFICATE-----
Generated at Sun Aug 10 05:38:08 2025 by rpki-client