Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919F0DA/FC61E0081D6711E28C1828A408B02CD2/8272E36003BD11EBB416B77DC4F9AE02.roa
File: 8272E36003BD11EBB416B77DC4F9AE02.roa (raw, json)
Hash identifier: X4OMPX5WhFEiV3losSQU55augQ3xzmZi4A6SHbfHKGE=
Subject key identifier: 6C:D3:67:64:2E:05:22:A9:49:8A:D5:63:D1:BA:00:F6:E0:08:54:76
Certificate issuer: /CN=A919F0DA/serialNumber=082F1EE92FEA6373FDA1D5AEC46E2F2D8AE8AC87
Certificate serial: 0802
Authority key identifier: 08:2F:1E:E9:2F:EA:63:73:FD:A1:D5:AE:C4:6E:2F:2D:8A:E8:AC:87
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CC8e6S_qY3P9odWuxG4vLYrorIc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919F0DA/FC61E0081D6711E28C1828A408B02CD2/8272E36003BD11EBB416B77DC4F9AE02.roa
Signing time: Wed 30 Jul 2025 14:20:10 +0000
ROA not before: Wed 30 Jul 2025 14:20:10 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 55824
IP address blocks: 164.100.81.0/24 maxlen: 24
164.100.96.0/24 maxlen: 24
164.100.125.0/24 maxlen: 24
164.100.126.0/24 maxlen: 24
164.100.130.0/24 maxlen: 24
164.100.131.0/24 maxlen: 24
164.100.132.0/24 maxlen: 24
164.100.133.0/24 maxlen: 24
164.100.134.0/24 maxlen: 24
164.100.138.0/24 maxlen: 24
164.100.142.0/24 maxlen: 24
164.100.146.0/24 maxlen: 24
164.100.181.0/24 maxlen: 24
164.100.189.0/24 maxlen: 24
164.100.196.0/24 maxlen: 24
164.100.201.0/24 maxlen: 24
164.100.217.0/24 maxlen: 24
164.100.222.0/24 maxlen: 24
164.100.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919F0DA/FC61E0081D6711E28C1828A408B02CD2/CC8e6S_qY3P9odWuxG4vLYrorIc.crl
rsync://rpki.apnic.net/member_repository/A919F0DA/FC61E0081D6711E28C1828A408B02CD2/CC8e6S_qY3P9odWuxG4vLYrorIc.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CC8e6S_qY3P9odWuxG4vLYrorIc.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 Aug 2025 05:57:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2050 (0x802)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919F0DA, serialNumber=082F1EE92FEA6373FDA1D5AEC46E2F2D8AE8AC87
Validity
Not Before: Jul 30 14:20:10 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=688a2a19-8cc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a5:4b:9a:66:ce:6c:ad:29:d9:3a:7c:14:f9:
54:e8:fd:8f:af:d2:84:ff:22:68:24:65:10:07:fb:
30:38:87:ce:5c:eb:77:aa:14:c9:d4:ba:44:e8:de:
5b:01:17:9f:17:de:06:49:d0:a7:fe:19:8c:ee:57:
b8:99:ab:84:b2:c4:a4:f3:0f:80:83:b5:0b:68:13:
fb:8a:11:e1:16:10:91:72:26:24:43:bc:76:43:82:
20:fd:56:46:19:2a:53:d0:05:a8:f9:e7:38:1b:8d:
5c:da:9a:8d:66:94:d7:2f:b5:71:58:e5:8d:d9:ec:
bb:f5:14:b8:26:83:ce:63:03:65:b5:50:18:92:97:
67:57:1f:df:94:56:fb:00:18:05:21:8e:3a:8a:f3:
40:92:1c:08:d4:04:4d:26:4b:96:b0:15:f9:a5:00:
68:06:ad:06:e0:d5:b1:f3:88:2c:cd:06:9c:b7:af:
e8:68:a9:4e:3b:e4:96:8a:89:f8:15:16:33:69:70:
7a:ab:ac:71:ec:ba:0d:7b:5e:3c:aa:95:84:7e:09:
7e:96:26:11:8d:88:08:c5:7b:10:04:8e:87:12:47:
8f:4f:5d:d2:c5:45:68:9b:39:60:b3:55:5d:f8:ba:
f9:f2:5e:33:85:e2:19:54:6d:2b:8e:1c:d6:01:3b:
55:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:D3:67:64:2E:05:22:A9:49:8A:D5:63:D1:BA:00:F6:E0:08:54:76
X509v3 Authority Key Identifier:
keyid:08:2F:1E:E9:2F:EA:63:73:FD:A1:D5:AE:C4:6E:2F:2D:8A:E8:AC:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919F0DA/FC61E0081D6711E28C1828A408B02CD2/CC8e6S_qY3P9odWuxG4vLYrorIc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CC8e6S_qY3P9odWuxG4vLYrorIc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919F0DA/FC61E0081D6711E28C1828A408B02CD2/8272E36003BD11EBB416B77DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
164.100.81.0/24
164.100.96.0/24
164.100.125.0-164.100.126.255
164.100.130.0-164.100.134.255
164.100.138.0/24
164.100.142.0/24
164.100.146.0/24
164.100.181.0/24
164.100.189.0/24
164.100.196.0/24
164.100.201.0/24
164.100.217.0/24
164.100.222.0/23
Signature Algorithm: sha256WithRSAEncryption
76:4d:ce:5b:c9:5a:8e:54:e3:84:65:d5:6f:ef:7b:65:eb:ce:
2d:79:c7:e2:84:17:35:3c:17:26:7f:36:16:e6:6e:fb:a0:27:
a4:76:63:fb:9e:c8:1d:ab:2f:6c:cc:44:79:1a:cb:d0:97:15:
4d:c2:8c:ea:74:53:4d:0d:d9:4e:44:1e:3d:fb:37:d7:4d:ba:
82:3b:5a:49:4b:4a:bd:c4:84:17:7d:3a:3e:d9:13:ae:b1:b9:
0a:2d:74:51:66:e2:70:fd:1e:05:66:e5:1b:52:41:93:c9:7c:
2d:b7:2b:1a:d3:c9:77:b2:6f:ae:53:c4:0b:13:9b:16:9f:8c:
9f:86:dd:b3:81:08:d5:fe:16:67:bd:45:e6:67:dc:8a:9b:42:
2b:ab:bd:d6:d7:24:6e:19:32:3c:c7:2d:f7:66:9b:68:e2:9d:
5b:c2:09:b7:54:9c:3e:05:c2:73:e7:9a:73:02:f9:8b:36:89:
68:23:32:cf:83:c2:41:57:45:d4:bf:d6:be:03:9a:69:43:12:
0c:88:f9:30:27:2c:4e:bc:69:84:a8:3e:a0:56:55:a6:b1:5b:
05:07:5d:ed:a8:fe:16:20:bf:eb:39:8f:21:f2:c1:65:ab:73:
35:72:00:ea:ae:36:d6:a9:03:22:84:1e:77:84:14:b9:e8:c4:
0e:e6:12:e5
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgICCAIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUYwREExMTAvBgNVBAUTKDA4MkYxRUU5MkZFQTYzNzNGREExRDVBRUM0NkUyRjJE
OEFFOEFDODcwHhcNMjUwNzMwMTQyMDEwWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODhhMmExOS04Y2MwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsqVLmmbObK0p2Tp8FPlU6P2Pr9KE/yJoJGUQB/swOIfOXOt3qhTJ1LpE6N5b
ARefF94GSdCn/hmM7le4mauEssSk8w+Ag7ULaBP7ihHhFhCRciYkQ7x2Q4Ig/VZG
GSpT0AWo+ec4G41c2pqNZpTXL7VxWOWN2ey79RS4JoPOYwNltVAYkpdnVx/flFb7
ABgFIY46ivNAkhwI1ARNJkuWsBX5pQBoBq0G4NWx84gszQact6/oaKlOO+SWion4
FRYzaXB6q6xx7LoNe148qpWEfgl+liYRjYgIxXsQBI6HEkePT13SxUVomzlgs1Vd
+Lr58l4zheIZVG0rjhzWATtVwQIDAQABo4IC7TCCAukwHQYDVR0OBBYEFGzTZ2Qu
BSKpSYrVY9G6APbgCFR2MB8GA1UdIwQYMBaAFAgvHukv6mNz/aHVrsRuLy2K6KyH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RjBEQS9GQzYxRTAwODFE
NjcxMUUyOEMxODI4QTQwOEIwMkNEMi9DQzhlNlNfcVkzUDlvZFd1eEc0dkxZcm9y
SWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0NDOGU2U19xWTNQOW9kV3V4RzR2TFlyb3JJYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUYwREEvRkM2MUUwMDgxRDY3MTFFMjhDMTgyOEE0MDhCMDJDRDIvODI3MkUzNjAw
M0JEMTFFQkI0MTZCNzdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdwYIKwYBBQUHAQcBAf8E
aDBmMGQEAgABMF4DBACkZFEDBACkZGAwDAMEAKRkfQMEAKRkfjAMAwQBpGSCAwQA
pGSGAwQApGSKAwQApGSOAwQApGSSAwQApGS1AwQApGS9AwQApGTEAwQApGTJAwQA
pGTZAwQBpGTeMA0GCSqGSIb3DQEBCwUAA4IBAQB2Tc5byVqOVOOEZdVv73tl684t
ecfihBc1PBcmfzYW5m77oCekdmP7nsgdqy9szER5GsvQlxVNwozqdFNNDdlORB49
+zfXTbqCO1pJS0q9xIQXfTo+2ROusbkKLXRRZuJw/R4FZuUbUkGTyXwttysa08l3
sm+uU8QLE5sWn4yfht2zgQjV/hZnvUXmZ9yKm0Irq73W1yRuGTI8xy33Zpto4p1b
wgm3VJw+BcJz55pzAvmLNoloIzLPg8JBV0XUv9a+A5ppQxIMiPkwJyxOvGmEqD6g
VlWmsVsFB13tqP4WIL/rOY8h8sFlq3M1cgDqrjbWqQMihB53hBS56MQO5hLl
-----END CERTIFICATE-----
Generated at Sun Aug 10 03:53:13 2025 by rpki-client