Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919F0DA/FC61E0081D6711E28C1828A408B02CD2/8272E36003BD11EBB416B77DC4F9AE02.roa
File: 8272E36003BD11EBB416B77DC4F9AE02.roa (raw, json)
Hash identifier: /zXttT1/Z+BZbViTAHk4/AzLjMQjrMWW94BldELHaro=
Subject key identifier: DD:8D:76:C0:E2:3B:47:47:05:4B:77:4E:F5:09:A6:07:94:C0:13:A0
Certificate issuer: /CN=A919F0DA/serialNumber=082F1EE92FEA6373FDA1D5AEC46E2F2D8AE8AC87
Certificate serial: 087A
Authority key identifier: 08:2F:1E:E9:2F:EA:63:73:FD:A1:D5:AE:C4:6E:2F:2D:8A:E8:AC:87
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CC8e6S_qY3P9odWuxG4vLYrorIc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919F0DA/FC61E0081D6711E28C1828A408B02CD2/8272E36003BD11EBB416B77DC4F9AE02.roa
Signing time: Sun 01 Mar 2026 19:06:18 +0000
ROA not before: Thu 18 Sep 2025 08:14:33 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 55824
IP address blocks: 164.100.81.0/24 maxlen: 24
164.100.96.0/24 maxlen: 24
164.100.125.0/24 maxlen: 24
164.100.126.0/24 maxlen: 24
164.100.130.0/24 maxlen: 24
164.100.131.0/24 maxlen: 24
164.100.132.0/24 maxlen: 24
164.100.133.0/24 maxlen: 24
164.100.134.0/24 maxlen: 24
164.100.138.0/24 maxlen: 24
164.100.142.0/24 maxlen: 24
164.100.145.0/24 maxlen: 24
164.100.146.0/24 maxlen: 24
164.100.181.0/24 maxlen: 24
164.100.189.0/24 maxlen: 24
164.100.196.0/24 maxlen: 24
164.100.201.0/24 maxlen: 24
164.100.217.0/24 maxlen: 24
164.100.222.0/24 maxlen: 24
164.100.223.0/24 maxlen: 24
164.100.224.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919F0DA/FC61E0081D6711E28C1828A408B02CD2/CC8e6S_qY3P9odWuxG4vLYrorIc.crl
rsync://rpki.apnic.net/member_repository/A919F0DA/FC61E0081D6711E28C1828A408B02CD2/CC8e6S_qY3P9odWuxG4vLYrorIc.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CC8e6S_qY3P9odWuxG4vLYrorIc.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 01:18:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2170 (0x87a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919F0DA, serialNumber=082F1EE92FEA6373FDA1D5AEC46E2F2D8AE8AC87
Validity
Not Before: Sep 18 08:14:33 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=69a48e29-9ab1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d5:6b:bb:36:d2:29:5d:46:eb:70:f5:58:ad:
dc:0d:69:a3:3d:ee:99:e9:d7:7d:b8:6f:5a:d6:82:
18:68:01:84:6f:a4:85:dc:2c:17:e5:fb:e6:83:19:
55:60:f7:d5:48:30:92:3e:3e:bf:45:4d:8f:e6:04:
a7:ba:92:44:6a:65:2b:60:ee:81:d6:13:98:8c:7c:
19:5c:f1:28:d8:d8:d3:e9:70:03:be:6c:09:c2:0d:
1e:b1:fc:65:20:05:46:49:e2:e7:ed:ac:4b:fd:14:
f5:49:09:d8:7f:08:5f:2e:3f:46:e7:b9:0a:80:0c:
f4:b6:49:05:13:8e:ae:2b:1c:d2:dd:43:77:0f:5d:
b4:1b:d0:0f:d1:9e:00:7a:c0:6b:d3:b5:8c:c6:c9:
6b:a3:a3:f3:f4:e0:41:77:77:bf:d9:95:39:43:cf:
7d:d6:9b:bd:da:3f:12:56:0d:37:bc:04:3a:21:43:
30:3c:45:88:ba:42:ed:83:16:40:55:40:cf:30:71:
a0:6a:ca:b2:17:a0:ca:35:b8:1e:5f:97:84:ee:37:
ea:0a:1d:de:ef:e7:bb:5c:e1:24:7c:ff:80:5c:0b:
75:eb:3c:f5:d9:38:89:ca:43:a8:3f:d1:e5:c4:92:
21:c4:4d:a9:e7:4b:aa:e7:6e:81:72:4e:06:12:78:
65:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:8D:76:C0:E2:3B:47:47:05:4B:77:4E:F5:09:A6:07:94:C0:13:A0
X509v3 Authority Key Identifier:
keyid:08:2F:1E:E9:2F:EA:63:73:FD:A1:D5:AE:C4:6E:2F:2D:8A:E8:AC:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919F0DA/FC61E0081D6711E28C1828A408B02CD2/CC8e6S_qY3P9odWuxG4vLYrorIc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CC8e6S_qY3P9odWuxG4vLYrorIc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919F0DA/FC61E0081D6711E28C1828A408B02CD2/8272E36003BD11EBB416B77DC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
164.100.81.0/24
164.100.96.0/24
164.100.125.0-164.100.126.255
164.100.130.0-164.100.134.255
164.100.138.0/24
164.100.142.0/24
164.100.145.0-164.100.146.255
164.100.181.0/24
164.100.189.0/24
164.100.196.0/24
164.100.201.0/24
164.100.217.0/24
164.100.222.0-164.100.225.255
Signature Algorithm: sha256WithRSAEncryption
7c:ea:05:49:89:c3:45:f2:09:8a:75:e9:c6:19:f8:1d:0d:de:
a2:c9:82:81:ee:80:ac:94:a4:25:2f:40:09:fe:14:0c:85:62:
06:2c:c2:ce:5c:74:61:47:0d:22:31:8a:6d:76:6b:72:95:83:
f5:46:64:6e:78:ae:4c:ed:19:c7:bb:fd:70:55:76:a9:dc:a9:
8e:d4:c9:e7:6b:db:97:58:67:83:26:65:2a:40:59:5a:d9:86:
fc:ab:c4:c6:4a:15:89:92:03:85:96:d0:41:51:74:c4:26:00:
71:6e:9c:86:06:18:59:90:29:e2:2e:96:dd:1f:36:5e:38:4c:
2b:66:ea:6b:98:27:a3:2f:33:0f:16:89:88:2f:b5:6a:78:47:
8c:89:3e:dd:ef:e3:75:fe:59:eb:f3:72:7d:95:c8:ff:98:39:
0d:ac:29:88:6b:18:ec:49:fe:41:e0:41:50:ba:0c:a8:76:4e:
27:af:ff:18:b5:7a:ca:af:34:bd:91:0a:e7:a7:03:75:77:93:
fe:2d:04:01:25:04:42:39:f7:04:a8:ca:36:6f:c9:e2:b4:26:
00:1d:90:24:e8:a7:7f:55:b4:32:0f:65:e1:34:92:f9:10:18:
9d:97:65:eb:f1:4a:14:31:21:77:ed:99:3f:9c:17:17:e4:98:
47:79:db:be
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgICCHowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUYwREExMTAvBgNVBAUTKDA4MkYxRUU5MkZFQTYzNzNGREExRDVBRUM0NkUyRjJE
OEFFOEFDODcwHhcNMjUwOTE4MDgxNDMzWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0OGUyOS05YWIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAstVruzbSKV1G63D1WK3cDWmjPe6Z6dd9uG9a1oIYaAGEb6SF3CwX5fvmgxlV
YPfVSDCSPj6/RU2P5gSnupJEamUrYO6B1hOYjHwZXPEo2NjT6XADvmwJwg0esfxl
IAVGSeLn7axL/RT1SQnYfwhfLj9G57kKgAz0tkkFE46uKxzS3UN3D120G9AP0Z4A
esBr07WMxslro6Pz9OBBd3e/2ZU5Q8991pu92j8SVg03vAQ6IUMwPEWIukLtgxZA
VUDPMHGgasqyF6DKNbgeX5eE7jfqCh3e7+e7XOEkfP+AXAt16zz12TiJykOoP9Hl
xJIhxE2p50uq526Bck4GEnhlEQIDAQABo4ICyTCCAsUwHQYDVR0OBBYEFN2NdsDi
O0dHBUt3TvUJpgeUwBOgMB8GA1UdIwQYMBaAFAgvHukv6mNz/aHVrsRuLy2K6KyH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RjBEQS9GQzYxRTAwODFE
NjcxMUUyOEMxODI4QTQwOEIwMkNEMi9DQzhlNlNfcVkzUDlvZFd1eEc0dkxZcm9y
SWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0NDOGU2U19xWTNQOW9kV3V4RzR2TFlyb3JJYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUYwREEvRkM2MUUwMDgxRDY3MTFFMjhDMTgyOEE0MDhCMDJDRDIvODI3MkUzNjAw
M0JEMTFFQkI0MTZCNzdEQzRGOUFFMDIucm9hMIGHBggrBgEFBQcBBwEB/wR4MHYw
dAQCAAEwbgMEAKRkUQMEAKRkYDAMAwQApGR9AwQApGR+MAwDBAGkZIIDBACkZIYD
BACkZIoDBACkZI4wDAMEAKRkkQMEAKRkkgMEAKRktQMEAKRkvQMEAKRkxAMEAKRk
yQMEAKRk2TAMAwQBpGTeAwQBpGTgMA0GCSqGSIb3DQEBCwUAA4IBAQB86gVJicNF
8gmKdenGGfgdDd6iyYKB7oCslKQlL0AJ/hQMhWIGLMLOXHRhRw0iMYptdmtylYP1
RmRueK5M7RnHu/1wVXap3KmO1Mnna9uXWGeDJmUqQFla2Yb8q8TGShWJkgOFltBB
UXTEJgBxbpyGBhhZkCniLpbdHzZeOEwrZuprmCejLzMPFomIL7VqeEeMiT7d7+N1
/lnr83J9lcj/mDkNrCmIaxjsSf5B4EFQugyodk4nr/8YtXrKrzS9kQrnpwN1d5P+
LQQBJQRCOfcEqMo2b8nitCYAHZAk6Kd/VbQyD2XhNJL5EBidl2Xr8UoUMSF37Zk/
nBcX5JhHedu+
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:04:41 2026 by rpki-client