Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/B10F5E8E557511EF9F54A83AC4F9AE02.roa
File: B10F5E8E557511EF9F54A83AC4F9AE02.roa (raw, json)
Hash identifier: 5XrWxvWFUb3bt51Y/z0rvvzlSmKm4aCSjKVzKklaEig=
Subject key identifier: E8:4D:6E:21:8D:75:5D:35:9E:60:0D:93:84:65:B6:C5:06:21:63:D4
Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Certificate serial: 0641
Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/B10F5E8E557511EF9F54A83AC4F9AE02.roa
Signing time: Thu 31 Jul 2025 08:59:04 +0000
ROA not before: Thu 31 Jul 2025 08:59:04 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 135918
IP address blocks: 157.10.198.0/23 maxlen: 23
157.66.81.0/24 maxlen: 24
157.66.100.0/23 maxlen: 23
157.66.218.0/23 maxlen: 23
160.22.122.0/23 maxlen: 23
160.25.232.0/23 maxlen: 23
160.30.44.0/23 maxlen: 23
160.30.112.0/23 maxlen: 23
160.191.48.0/23 maxlen: 23
160.191.50.0/23 maxlen: 23
160.191.236.0/23 maxlen: 23
160.250.130.0/23 maxlen: 23
160.250.134.0/23 maxlen: 23
160.250.136.0/23 maxlen: 23
160.250.246.0/23 maxlen: 23
161.248.146.0/23 maxlen: 23
165.101.92.0/23 maxlen: 23
165.101.252.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 19 Aug 2025 14:34:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1601 (0x641)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Validity
Not Before: Jul 31 08:59:04 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=688b3057-9bb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:dc:df:42:3b:48:f7:71:13:b0:8c:70:6b:6b:
d7:26:6d:b0:67:d6:1e:75:1a:48:2b:91:f6:f2:1d:
a5:3d:82:0d:13:fb:70:8c:a0:e8:a2:b1:59:bb:89:
95:c3:ad:41:f5:f8:be:6b:a6:a7:2f:6e:0e:51:5e:
7d:3b:40:49:88:a2:87:37:95:f9:22:a7:9c:7b:e8:
d0:e7:5c:45:76:de:b8:cc:77:ce:48:51:60:8b:45:
38:d3:df:b8:21:6d:87:89:eb:1b:e4:a7:30:78:d6:
1e:9d:37:c2:72:ad:3e:c8:53:71:f3:04:cc:9c:17:
e2:e2:86:c1:2a:ed:33:dd:b0:9d:3c:57:30:ad:29:
dd:dd:ad:30:a7:9b:44:73:73:15:ea:65:ef:51:36:
49:ed:cb:c0:37:3b:74:9a:a9:6e:49:a4:d8:9c:1b:
52:43:41:e0:cc:0d:52:2b:d5:97:ef:43:d3:6d:30:
6f:9b:38:83:1e:c4:3d:89:f8:b7:83:b5:29:18:f7:
25:93:1a:29:fe:1f:ab:16:0b:21:20:06:5b:5c:8e:
a3:08:19:b4:49:9b:e9:33:89:52:65:86:63:23:7f:
e1:6c:c6:07:7d:cf:f4:13:48:87:ea:2d:e3:96:2c:
0b:0d:48:dc:de:45:26:7f:2a:ed:67:8b:28:c8:eb:
ad:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:4D:6E:21:8D:75:5D:35:9E:60:0D:93:84:65:B6:C5:06:21:63:D4
X509v3 Authority Key Identifier:
keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/B10F5E8E557511EF9F54A83AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.198.0/23
157.66.81.0/24
157.66.100.0/23
157.66.218.0/23
160.22.122.0/23
160.25.232.0/23
160.30.44.0/23
160.30.112.0/23
160.191.48.0/22
160.191.236.0/23
160.250.130.0/23
160.250.134.0-160.250.137.255
160.250.246.0/23
161.248.146.0/23
165.101.92.0/23
165.101.252.0/23
Signature Algorithm: sha256WithRSAEncryption
49:06:e0:62:bc:0a:57:7f:2e:4e:0c:49:9b:32:28:31:f1:93:
f8:3b:02:76:b2:2c:12:fd:85:e9:20:84:f5:21:9b:73:a9:8d:
97:25:13:e6:4e:bf:3e:37:2e:0d:92:6d:26:6a:c6:1c:1e:a4:
c9:d6:b6:1e:b3:48:57:d0:09:b4:1e:5f:1c:91:c7:af:e0:f6:
ef:2d:9c:83:04:b4:c6:dc:f2:d0:98:33:d5:3f:09:cf:d4:17:
5d:36:6f:73:17:ef:be:aa:d4:38:14:26:f1:35:f8:e8:91:f0:
9c:63:92:a2:99:0f:34:63:f2:42:54:90:77:62:b5:02:91:ef:
07:a9:d2:c0:4e:63:62:dd:dd:66:ea:a3:e7:b9:65:cc:69:e2:
f2:1c:a9:88:4a:28:ef:f5:79:4a:4f:fc:79:88:54:96:a6:b8:
c3:46:68:6c:6d:ea:96:d3:58:54:cb:69:79:25:65:6c:3c:de:
ab:4a:12:c5:45:b4:85:58:c9:ce:ea:fa:ca:03:0b:c5:dc:17:
40:c7:31:30:25:9e:77:80:c3:86:85:39:c6:f2:89:9a:5b:e5:
35:a1:27:c8:68:1c:4a:62:f1:c8:6b:72:79:b2:01:32:70:da:
a0:0a:a4:88:8e:e8:be:f4:d4:53:20:31:4e:32:41:06:90:a7:
36:92:4b:5d
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgICBkEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy
ODRGODBFMTIwHhcNMjUwNzMxMDg1OTA0WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODhiMzA1Ny05YmIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzNzfQjtI93ETsIxwa2vXJm2wZ9YedRpIK5H28h2lPYINE/twjKDoorFZu4mV
w61B9fi+a6anL24OUV59O0BJiKKHN5X5Iqece+jQ51xFdt64zHfOSFFgi0U409+4
IW2Hiesb5KcweNYenTfCcq0+yFNx8wTMnBfi4obBKu0z3bCdPFcwrSnd3a0wp5tE
c3MV6mXvUTZJ7cvANzt0mqluSaTYnBtSQ0HgzA1SK9WX70PTbTBvmziDHsQ9ifi3
g7UpGPclkxop/h+rFgshIAZbXI6jCBm0SZvpM4lSZYZjI3/hbMYHfc/0E0iH6i3j
liwLDUjc3kUmfyrtZ4soyOutmwIDAQABo4IC+DCCAvQwHQYDVR0OBBYEFOhNbiGN
dV01nmANk4RltsUGIWPUMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5
REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE
aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvQjEwRjVFOEU1
NTc1MTFFRjlGNTRBODNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYEGCCsGAQUFBwEHAQH/
BHIwcDBuBAIAATBoAwQBnQrGAwQAnUJRAwQBnUJkAwQBnULaAwQBoBZ6AwQBoBno
AwQBoB4sAwQBoB5wAwQCoL8wAwQBoL/sAwQBoPqCMAwDBAGg+oYDBAGg+ogDBAGg
+vYDBAGh+JIDBAGlZVwDBAGlZfwwDQYJKoZIhvcNAQELBQADggEBAEkG4GK8Cld/
Lk4MSZsyKDHxk/g7AnayLBL9hekghPUhm3OpjZclE+ZOvz43Lg2SbSZqxhwepMnW
th6zSFfQCbQeXxyRx6/g9u8tnIMEtMbc8tCYM9U/Cc/UF102b3MX776q1DgUJvE1
+OiR8JxjkqKZDzRj8kJUkHditQKR7wep0sBOY2Ld3Wbqo+e5Zcxp4vIcqYhKKO/1
eUpP/HmIVJamuMNGaGxt6pbTWFTLaXklZWw83qtKEsVFtIVYyc7q+soDC8XcF0DH
MTAlnneAw4aFOcbyiZpb5TWhJ8hoHEpi8chrcnmyATJw2qAKpIiO6L701FMgMU4y
QQaQpzaSS10=
-----END CERTIFICATE-----
Generated at Wed Aug 13 04:25:47 2025 by rpki-client