Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/9B3FF0EC1F6D11F0BBEE756AC4F9AE02.roa
File: 9B3FF0EC1F6D11F0BBEE756AC4F9AE02.roa (raw, json)
Hash identifier: he7IGzuagpt3gHt5joMU126QiNN6pXsb2nxpgt1NBRs=
Subject key identifier: 9F:7F:3A:2C:4E:6C:0D:C1:77:00:98:F8:D2:38:05:5A:14:42:5C:B2
Certificate issuer: /CN=A911CA78/serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6
Certificate serial: 0DB6
Authority key identifier: 40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/9B3FF0EC1F6D11F0BBEE756AC4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:42:06 +0000
ROA not before: Sun 02 Nov 2025 19:08:06 +0000
ROA not after: Tue 02 Mar 2027 00:00:00 +0000
asID: 38322
IP address blocks: 42.152.0.0/14 maxlen: 14
42.153.4.0/24 maxlen: 24
42.153.6.0/24 maxlen: 24
42.153.7.0/24 maxlen: 24
42.153.8.0/24 maxlen: 24
42.153.9.0/24 maxlen: 24
42.153.10.0/24 maxlen: 24
42.153.11.0/24 maxlen: 24
42.153.16.0/24 maxlen: 24
42.153.19.0/24 maxlen: 24
42.153.20.0/24 maxlen: 24
42.153.21.0/24 maxlen: 24
42.153.22.0/24 maxlen: 24
42.153.23.0/24 maxlen: 24
42.153.24.0/24 maxlen: 24
42.153.25.0/24 maxlen: 24
42.153.26.0/24 maxlen: 24
42.153.28.0/24 maxlen: 24
42.153.29.0/24 maxlen: 24
42.153.32.0/24 maxlen: 24
42.153.33.0/24 maxlen: 24
42.153.34.0/24 maxlen: 24
42.153.35.0/24 maxlen: 24
42.153.36.0/24 maxlen: 24
42.153.37.0/24 maxlen: 24
42.153.38.0/24 maxlen: 24
42.153.39.0/24 maxlen: 24
42.153.40.0/24 maxlen: 24
42.153.41.0/24 maxlen: 24
42.153.42.0/24 maxlen: 24
42.153.43.0/24 maxlen: 24
42.153.44.0/24 maxlen: 24
42.153.45.0/24 maxlen: 24
42.153.46.0/24 maxlen: 24
42.153.47.0/24 maxlen: 24
42.153.48.0/24 maxlen: 24
42.153.49.0/24 maxlen: 24
42.153.50.0/24 maxlen: 24
42.153.51.0/24 maxlen: 24
42.153.52.0/24 maxlen: 24
42.153.53.0/24 maxlen: 24
42.153.54.0/24 maxlen: 24
42.153.55.0/24 maxlen: 24
42.153.56.0/24 maxlen: 24
42.153.57.0/24 maxlen: 24
42.153.58.0/24 maxlen: 24
42.153.59.0/24 maxlen: 24
42.153.60.0/24 maxlen: 24
42.153.61.0/24 maxlen: 24
42.153.62.0/24 maxlen: 24
42.153.63.0/24 maxlen: 24
42.153.89.0/24 maxlen: 24
42.153.95.0/24 maxlen: 24
42.153.96.0/24 maxlen: 24
42.153.128.0/24 maxlen: 24
42.153.129.0/24 maxlen: 24
42.153.130.0/24 maxlen: 24
42.153.131.0/24 maxlen: 24
42.153.132.0/24 maxlen: 24
42.153.133.0/24 maxlen: 24
42.153.134.0/24 maxlen: 24
42.153.135.0/24 maxlen: 24
42.153.136.0/24 maxlen: 24
42.153.137.0/24 maxlen: 24
42.153.138.0/24 maxlen: 24
42.153.139.0/24 maxlen: 24
42.153.140.0/24 maxlen: 24
42.153.141.0/24 maxlen: 24
42.153.142.0/24 maxlen: 24
42.153.143.0/24 maxlen: 24
42.153.144.0/24 maxlen: 24
42.153.145.0/24 maxlen: 24
42.153.146.0/24 maxlen: 24
42.153.147.0/24 maxlen: 24
42.153.148.0/24 maxlen: 24
42.153.149.0/24 maxlen: 24
42.153.150.0/24 maxlen: 24
42.153.151.0/24 maxlen: 24
42.153.152.0/24 maxlen: 24
42.153.153.0/24 maxlen: 24
42.153.154.0/24 maxlen: 24
42.153.155.0/24 maxlen: 24
42.153.156.0/24 maxlen: 24
42.153.157.0/24 maxlen: 24
42.153.158.0/24 maxlen: 24
42.153.159.0/24 maxlen: 24
122.255.96.0/19 maxlen: 19
2401:3c00:8::/46 maxlen: 46
2401:3c00:14::/46 maxlen: 46
2401:3c00:18::/46 maxlen: 46
2401:3c00:48::/46 maxlen: 46
2401:3c00:54::/46 maxlen: 46
2401:3c00:58::/46 maxlen: 46
2401:3c00:a4::/48 maxlen: 48
2401:3c00:a5::/48 maxlen: 48
2401:3c00:a6::/48 maxlen: 48
2401:3c00:a7::/48 maxlen: 48
2401:3c00:a8::/48 maxlen: 48
2401:3c00:a9::/48 maxlen: 48
2401:3c00:c0::/46 maxlen: 46
2401:3c00:c0:5::/64 maxlen: 64
2401:3c00:d8::/48 maxlen: 48
2401:3c00:d9::/48 maxlen: 48
2401:3c00:da::/48 maxlen: 48
2401:3c00:db::/48 maxlen: 48
2401:3c00:dc::/48 maxlen: 48
2401:3c00:100::/43 maxlen: 43
2401:3c00:120::/43 maxlen: 43
2401:3c00:180::/43 maxlen: 43
2401:3c00:1a0::/43 maxlen: 43
2401:3c00:250::/48 maxlen: 48
2401:3c00:251::/48 maxlen: 48
2401:3c00:252::/48 maxlen: 48
2401:3c00:253::/48 maxlen: 48
2401:3c00:254::/48 maxlen: 48
2401:3c00:255::/48 maxlen: 48
2401:3c00:256::/48 maxlen: 48
2401:3c00:257::/48 maxlen: 48
2401:3c00:258::/48 maxlen: 48
2401:3c00:259::/48 maxlen: 48
2401:3c00:25a::/48 maxlen: 48
2401:3c00:25c::/48 maxlen: 48
2401:3c00:25d::/48 maxlen: 48
2401:3c00:25f::/48 maxlen: 48
2401:3c00:260::/48 maxlen: 48
2401:3c00:261::/48 maxlen: 48
2401:3c00:262::/48 maxlen: 48
2401:3c00:280::/48 maxlen: 48
2401:3c00:281::/48 maxlen: 48
2401:3c00:290::/48 maxlen: 48
2401:3c00:291::/48 maxlen: 48
2401:3c00:292::/48 maxlen: 48
2401:3c00:293::/48 maxlen: 48
2401:3c00:294::/48 maxlen: 48
2401:3c00:295::/48 maxlen: 48
2401:3c00:2a0::/48 maxlen: 48
2401:3c00:2a1::/48 maxlen: 48
2401:3c00:2a2::/48 maxlen: 48
2401:3c00:2a3::/48 maxlen: 48
2401:3c00:2a4::/48 maxlen: 48
2401:3c00:2a5::/48 maxlen: 48
2401:3c00:2b0::/48 maxlen: 48
2401:3c00:2b1::/48 maxlen: 48
2401:3c00:2b2::/48 maxlen: 48
2401:3c00:2b3::/48 maxlen: 48
2401:3c00:2b4::/48 maxlen: 48
2401:3c00:2b5::/48 maxlen: 48
2401:3c00:2c0::/42 maxlen: 42
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.crl
rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 18:42:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3510 (0xdb6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911CA78, serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6
Validity
Not Before: Nov 2 19:08:06 2025 GMT
Not After : Mar 2 00:00:00 2027 GMT
Subject: CN=69a4887e-440c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:97:d6:15:ca:96:d5:4f:ec:35:ad:73:20:5d:
09:05:41:87:5e:2f:2f:fe:ba:ee:18:ce:08:a3:e3:
22:03:54:2d:6a:06:71:4f:79:b1:3d:11:86:da:28:
7d:f4:05:20:99:a8:a5:6b:d6:80:1c:58:1b:3a:cd:
9a:20:01:31:d5:9c:a8:07:08:ab:8b:33:e7:1b:e6:
e9:c5:22:30:e7:60:24:94:93:d7:3b:ae:71:5c:91:
26:a9:79:23:e3:a1:6e:ec:9e:df:94:b3:a1:55:f0:
31:97:de:02:c3:df:b3:73:9f:5a:05:63:32:3d:b5:
0e:eb:f7:fb:e3:8a:5d:87:c6:66:06:fb:1d:0f:ac:
96:5d:40:15:5d:1c:79:91:79:76:3d:e1:03:8f:33:
6f:cd:c7:e1:71:d1:17:e5:62:17:1a:a8:41:42:5a:
6f:83:c5:20:89:a5:a8:20:42:e6:45:1f:b6:b4:91:
87:76:4e:73:dc:49:2f:86:f5:d7:7f:98:21:89:fa:
1e:8c:fc:2f:78:a3:a1:4f:64:e2:19:97:e1:89:8a:
94:8a:96:e1:a0:1d:be:ea:c0:93:23:f1:5c:2b:35:
9a:82:a8:c3:22:d5:f8:93:ec:bf:10:8d:c1:b7:10:
27:9c:4f:c0:91:f8:db:71:5c:0f:e6:e0:25:d0:b3:
ea:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:7F:3A:2C:4E:6C:0D:C1:77:00:98:F8:D2:38:05:5A:14:42:5C:B2
X509v3 Authority Key Identifier:
keyid:40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/9B3FF0EC1F6D11F0BBEE756AC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
42.152.0.0/14
122.255.96.0/19
IPv6:
2401:3c00:8::/46
2401:3c00:14::-2401:3c00:1b:ffff:ffff:ffff:ffff:ffff
2401:3c00:48::/46
2401:3c00:54::-2401:3c00:5b:ffff:ffff:ffff:ffff:ffff
2401:3c00:a4::-2401:3c00:a9:ffff:ffff:ffff:ffff:ffff
2401:3c00:c0::/46
2401:3c00:d8::-2401:3c00:dc:ffff:ffff:ffff:ffff:ffff
2401:3c00:100::/42
2401:3c00:180::/42
2401:3c00:250::-2401:3c00:25a:ffff:ffff:ffff:ffff:ffff
2401:3c00:25c::/47
2401:3c00:25f::-2401:3c00:262:ffff:ffff:ffff:ffff:ffff
2401:3c00:280::/47
2401:3c00:290::-2401:3c00:295:ffff:ffff:ffff:ffff:ffff
2401:3c00:2a0::-2401:3c00:2a5:ffff:ffff:ffff:ffff:ffff
2401:3c00:2b0::-2401:3c00:2b5:ffff:ffff:ffff:ffff:ffff
2401:3c00:2c0::/42
Signature Algorithm: sha256WithRSAEncryption
2c:bc:2e:85:e8:dd:4a:1d:3d:b7:f7:43:3a:ca:23:81:87:74:
45:69:b7:9d:b1:3d:99:2d:0c:fb:7b:44:bc:53:3b:23:cd:18:
4f:0f:9c:f7:d4:05:a8:35:42:c6:91:6f:47:9b:b0:a8:d8:10:
8c:c0:c7:e6:c7:00:5c:b4:3e:4e:e9:be:e8:ec:4b:2d:3e:40:
dd:57:6c:14:b0:7b:7d:52:9d:79:d4:0f:4f:27:83:6c:70:b6:
27:4c:64:5c:8a:83:a3:cb:7c:94:53:1e:71:48:d0:35:c9:dd:
93:f8:8e:11:bc:cc:bd:1e:e9:dd:eb:c5:13:de:2d:ec:9a:7c:
cc:36:f5:bf:04:36:12:4a:83:56:18:c1:9e:fb:69:1a:e0:06:
05:24:9b:9c:59:ab:33:e6:38:12:8f:35:bb:f7:69:7d:d3:74:
15:6e:37:96:74:f3:2f:7a:84:9f:77:a7:1a:12:ee:52:7a:52:
19:fc:e1:fc:0a:d1:44:af:e5:e9:19:5b:48:e7:01:07:57:f9:
7e:28:29:7d:c5:0e:b0:5d:6c:99:f4:7e:1c:0e:e5:ec:66:72:
0a:0e:ca:60:ae:a7:d1:78:fe:7d:82:39:97:e7:42:d9:6f:69:
84:45:86:1a:57:6d:25:c2:ae:74:c3:36:c5:c8:a5:98:23:5e:
3d:05:e5:ee
-----BEGIN CERTIFICATE-----
MIIGTjCCBTagAwIBAgICDbYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUNBNzgxMTAvBgNVBAUTKDQwNTYyQzE0M0EyOUNCMTlDNzBGRkM5Qjk5QjYwQkJF
Q0QxRDczQjYwHhcNMjUxMTAyMTkwODA2WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODg3ZS00NDBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw5fWFcqW1U/sNa1zIF0JBUGHXi8v/rruGM4Io+MiA1QtagZxT3mxPRGG2ih9
9AUgmaila9aAHFgbOs2aIAEx1ZyoBwirizPnG+bpxSIw52AklJPXO65xXJEmqXkj
46Fu7J7flLOhVfAxl94Cw9+zc59aBWMyPbUO6/f744pdh8ZmBvsdD6yWXUAVXRx5
kXl2PeEDjzNvzcfhcdEX5WIXGqhBQlpvg8UgiaWoIELmRR+2tJGHdk5z3EkvhvXX
f5ghifoejPwveKOhT2TiGZfhiYqUipbhoB2+6sCTI/FcKzWagqjDItX4k+y/EI3B
txAnnE/AkfjbcVwP5uAl0LPqqwIDAQABo4IDcjCCA24wHQYDVR0OBBYEFJ9/OixO
bA3BdwCY+NI4BVoUQlyyMB8GA1UdIwQYMBaAFEBWLBQ6KcsZxw/8m5m2C77NHXO2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0E3OC9CRTg4NDZEMjM1
RDgxMUVBQTczMEVDNDZDNEY5QUUwMi9RRllzRkRvcHl4bkhEX3libWJZTHZzMGRj
N1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FGWXNGRG9weXhuSERfeWJtYllMdnMwZGM3WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUNBNzgvQkU4ODQ2RDIzNUQ4MTFFQUE3MzBFQzQ2QzRGOUFFMDIvOUIzRkYwRUMx
RjZEMTFGMEJCRUU3NTZBQzRGOUFFMDIucm9hMIIBLwYIKwYBBQUHAQcBAf8EggEe
MIIBGjARBAIAATALAwMCKpgDBAV6/2AwggEDBAIAAjCB/AMHAiQBPAAACDASAwcC
JAE8AAAUAwcCJAE8AAAYAwcCJAE8AABIMBIDBwIkATwAAFQDBwIkATwAAFgwEgMH
AiQBPAAApAMHASQBPAAAqAMHAiQBPAAAwDASAwcDJAE8AADYAwcAJAE8AADcAwcG
JAE8AAEAAwcGJAE8AAGAMBIDBwQkATwAAlADBwAkATwAAloDBwEkATwAAlwwEgMH
ACQBPAACXwMHACQBPAACYgMHASQBPAACgDASAwcEJAE8AAKQAwcBJAE8AAKUMBID
BwUkATwAAqADBwEkATwAAqQwEgMHBCQBPAACsAMHASQBPAACtAMHBiQBPAACwDAN
BgkqhkiG9w0BAQsFAAOCAQEALLwuhejdSh09t/dDOsojgYd0RWm3nbE9mS0M+3tE
vFM7I80YTw+c99QFqDVCxpFvR5uwqNgQjMDH5scAXLQ+Tum+6OxLLT5A3VdsFLB7
fVKdedQPTyeDbHC2J0xkXIqDo8t8lFMecUjQNcndk/iOEbzMvR7p3evFE94t7Jp8
zDb1vwQ2EkqDVhjBnvtpGuAGBSSbnFmrM+Y4Eo81u/dpfdN0FW43lnTzL3qEn3en
GhLuUnpSGfzh/ArRRK/l6RlbSOcBB1f5figpfcUOsF1smfR+HA7l7GZyCg7KYK6n
0Xj+fYI5l+dC2W9phEWGGldtJcKudMM2xcilmCNePQXl7g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:00:08 2026 by rpki-client