Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/A9B6556E064311F0BA61C549C4F9AE02.roa
File: A9B6556E064311F0BA61C549C4F9AE02.roa (raw, json)
Hash identifier: BJoCud12RqYU139X5Hg1YEdiSoJoBorro9yFYj7EiQY=
Subject key identifier: 98:01:DD:83:DD:27:65:8A:D4:91:90:67:5F:EB:CB:30:1A:E7:9A:92
Certificate issuer: /CN=A911C5B0/serialNumber=7A961769549E0AAD0A9BF9925683BAEF733A2F1A
Certificate serial: 35BD
Authority key identifier: 7A:96:17:69:54:9E:0A:AD:0A:9B:F9:92:56:83:BA:EF:73:3A:2F:1A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/A9B6556E064311F0BA61C549C4F9AE02.roa
Signing time: Wed 06 May 2026 10:18:12 +0000
ROA not before: Wed 06 May 2026 10:18:12 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 4741
IP address blocks: 203.149.0.0/18 maxlen: 18
203.149.0.0/19 maxlen: 19
203.149.0.0/20 maxlen: 20
203.149.0.0/22 maxlen: 22
203.149.0.0/24 maxlen: 24
203.149.6.0/24 maxlen: 24
203.149.8.0/24 maxlen: 24
203.149.9.0/24 maxlen: 24
203.149.10.0/24 maxlen: 24
203.149.11.0/24 maxlen: 24
203.149.16.0/20 maxlen: 20
203.149.20.0/24 maxlen: 24
203.149.21.0/24 maxlen: 24
203.149.29.0/24 maxlen: 24
203.149.31.0/24 maxlen: 24
203.149.32.0/19 maxlen: 19
203.149.32.0/24 maxlen: 24
203.149.37.0/24 maxlen: 24
203.149.38.0/24 maxlen: 24
203.149.44.0/24 maxlen: 24
203.149.45.0/24 maxlen: 24
203.149.46.0/23 maxlen: 23
203.149.48.0/20 maxlen: 20
203.149.62.0/24 maxlen: 24
203.149.63.0/24 maxlen: 24
210.246.64.0/18 maxlen: 18
210.246.64.0/19 maxlen: 19
210.246.64.0/20 maxlen: 20
210.246.80.0/20 maxlen: 20
210.246.96.0/19 maxlen: 19
210.246.96.0/20 maxlen: 20
210.246.112.0/20 maxlen: 20
210.246.128.0/17 maxlen: 17
210.246.128.0/18 maxlen: 18
210.246.128.0/20 maxlen: 20
210.246.144.0/20 maxlen: 20
210.246.150.0/24 maxlen: 24
210.246.151.0/24 maxlen: 24
210.246.152.0/24 maxlen: 24
210.246.154.0/24 maxlen: 24
210.246.155.0/24 maxlen: 24
210.246.176.0/20 maxlen: 20
210.246.176.0/21 maxlen: 21
210.246.176.0/24 maxlen: 24
210.246.177.0/24 maxlen: 24
210.246.178.0/24 maxlen: 24
210.246.179.0/24 maxlen: 24
210.246.184.0/21 maxlen: 21
210.246.184.0/24 maxlen: 24
210.246.185.0/24 maxlen: 24
210.246.186.0/24 maxlen: 24
210.246.187.0/24 maxlen: 24
210.246.188.0/24 maxlen: 24
210.246.192.0/18 maxlen: 18
210.246.192.0/20 maxlen: 20
210.246.232.0/22 maxlen: 22
210.246.253.0/24 maxlen: 24
2403:c000::/32 maxlen: 32
2403:c000:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.crl
rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 19 May 2026 14:22:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13757 (0x35bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C5B0, serialNumber=7A961769549E0AAD0A9BF9925683BAEF733A2F1A
Validity
Not Before: May 6 10:18:12 2026 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=69fb1564-8ee7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:5d:2e:a6:86:74:f5:9a:ab:c0:78:c1:d8:68:
8b:e4:a9:61:10:fc:a1:1e:67:93:4d:59:90:8b:07:
11:b9:65:a4:e2:06:ef:df:6e:fa:60:bf:f1:bc:cb:
e0:ac:bd:cd:70:77:44:14:2f:96:86:94:75:de:bf:
ec:0c:eb:44:d7:c7:80:6f:02:92:02:dc:09:7d:34:
13:62:86:7c:01:af:a8:29:7d:da:46:bb:cd:ca:c6:
db:24:c3:13:a0:0e:0f:6b:41:3d:50:ae:f8:f9:3d:
4c:94:6d:fb:65:8e:53:c8:90:cc:19:6f:36:c0:43:
70:ee:aa:9e:92:44:6b:67:10:d6:56:68:7f:db:2e:
bc:8a:c9:62:1d:b9:a9:1d:90:cf:5e:8e:57:1f:93:
83:38:26:8c:b1:39:91:13:a4:2b:ea:92:8a:2e:d6:
3d:41:74:13:af:e5:8c:7b:2e:fa:2f:ae:ba:ec:16:
dd:1d:0f:99:15:6f:0e:e5:73:58:15:64:84:05:a7:
9f:5b:16:fb:4f:22:f5:53:76:24:f3:23:23:2d:97:
a7:c5:f4:e7:e3:65:ab:65:34:3e:af:b6:c5:db:f8:
9c:44:d2:aa:97:07:ab:db:ea:14:c0:1b:80:97:c2:
4c:d1:a5:ba:37:f3:39:a8:2e:8d:39:9e:85:67:04:
0f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:01:DD:83:DD:27:65:8A:D4:91:90:67:5F:EB:CB:30:1A:E7:9A:92
X509v3 Authority Key Identifier:
keyid:7A:96:17:69:54:9E:0A:AD:0A:9B:F9:92:56:83:BA:EF:73:3A:2F:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/A9B6556E064311F0BA61C549C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
203.149.0.0/18
210.246.64.0-210.246.255.255
IPv6:
2403:c000::/32
Signature Algorithm: sha256WithRSAEncryption
7c:e6:73:f0:ee:0e:c8:ad:ac:93:a9:24:58:0d:4d:41:ea:63:
af:af:92:ce:f2:ae:a4:c3:48:90:6b:36:53:43:8d:9d:49:b3:
c5:ef:26:95:38:d9:07:5e:d3:3f:67:8f:9a:85:e5:49:02:f3:
68:40:04:02:40:1a:e7:51:08:c3:b5:2c:42:43:fe:f6:da:5e:
e5:25:c6:81:b6:16:ba:9c:42:58:dc:3a:e5:7b:76:66:6a:68:
04:47:89:2e:51:d9:24:61:d4:55:12:4f:93:a9:87:d2:d1:bd:
d0:f5:2c:d1:58:0b:7d:98:37:36:c0:d2:19:c5:e0:a7:22:1a:
af:81:13:8b:55:4c:39:07:5a:2f:bf:42:f7:ea:af:6f:f2:49:
9b:92:2c:9b:24:09:f7:a6:10:1f:8f:93:da:cd:58:a5:ea:be:
8e:3f:59:89:dd:a7:5e:bb:90:46:2c:3e:40:d7:1d:b4:ad:24:
9c:69:a2:40:c7:91:6b:85:c8:a9:22:2b:be:28:4e:90:be:dd:
6d:df:32:54:6e:e2:ff:e1:75:01:99:24:c7:14:38:9b:b2:98:
f1:6d:a9:3b:d4:c8:73:6c:6d:6f:76:a8:37:75:90:87:b8:9c:
ef:7e:00:7a:2c:4a:c6:5a:7a:dc:f5:c2:73:0e:78:6e:c0:93:
f3:89:dd:81
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgICNb0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUM1QjAxMTAvBgNVBAUTKDdBOTYxNzY5NTQ5RTBBQUQwQTlCRjk5MjU2ODNCQUVG
NzMzQTJGMUEwHhcNMjYwNTA2MTAxODEyWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWZiMTU2NC04ZWU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAiV0upoZ09ZqrwHjB2GiL5KlhEPyhHmeTTVmQiwcRuWWk4gbv3276YL/xvMvg
rL3NcHdEFC+WhpR13r/sDOtE18eAbwKSAtwJfTQTYoZ8Aa+oKX3aRrvNysbbJMMT
oA4Pa0E9UK74+T1MlG37ZY5TyJDMGW82wENw7qqekkRrZxDWVmh/2y68isliHbmp
HZDPXo5XH5ODOCaMsTmRE6Qr6pKKLtY9QXQTr+WMey76L6667BbdHQ+ZFW8O5XNY
FWSEBaefWxb7TyL1U3Yk8yMjLZenxfTn42WrZTQ+r7bF2/icRNKqlwer2+oUwBuA
l8JM0aW6N/M5qC6NOZ6FZwQPjwIDAQABo4ICfDCCAngwHQYDVR0OBBYEFJgB3YPd
J2WK1JGQZ1/ryzAa55qSMB8GA1UdIwQYMBaAFHqWF2lUngqtCpv5klaDuu9zOi8a
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzVCMC80MEM4RDVBNjFE
ODMxMUUyODIzQTVGRDgwOEIwMkNEMi9lcFlYYVZTZUNxMEttX21TVm9PNjczTTZM
eG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VwWVhhVlNlQ3EwS21fbVNWb082NzNNNkx4by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUM1QjAvNDBDOEQ1QTYxRDgzMTFFMjgyM0E1RkQ4MDhCMDJDRDIvQTlCNjU1NkUw
NjQzMTFGMEJBNjFDNTQ5QzRGOUFFMDIucm9hMDsGCCsGAQUFBwEHAQH/BCwwKjAZ
BAIAATATAwQGy5UAMAsDBAbS9kADAwDS9jANBAIAAjAHAwUAJAPAADANBgkqhkiG
9w0BAQsFAAOCAQEAfOZz8O4OyK2sk6kkWA1NQepjr6+SzvKupMNIkGs2U0ONnUmz
xe8mlTjZB17TP2ePmoXlSQLzaEAEAkAa51EIw7UsQkP+9tpe5SXGgbYWupxCWNw6
5Xt2ZmpoBEeJLlHZJGHUVRJPk6mH0tG90PUs0VgLfZg3NsDSGcXgpyIar4ETi1VM
OQdaL79C9+qvb/JJm5IsmyQJ96YQH4+T2s1Ypeq+jj9Zid2nXruQRiw+QNcdtK0k
nGmiQMeRa4XIqSIrvihOkL7dbd8yVG7i/+F1AZkkxxQ4m7KY8W2pO9TIc2xtb3ao
N3WQh7ic734AeixKxlp63PXCcw54bsCT84ndgQ==
-----END CERTIFICATE-----
Generated at Wed May 13 07:50:07 2026 by rpki-client