Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/A0F26482C9F211EF986EE370C4F9AE02.roa
File: A0F26482C9F211EF986EE370C4F9AE02.roa (raw, json)
Hash identifier: sHM4xXld7uDeHu4KE4YRCWi+rdXGTKPH7QzaRU3HxOU=
Subject key identifier: 75:D6:BC:93:73:56:C0:A3:B9:4C:61:41:F8:B8:FB:78:82:7B:F0:2C
Certificate issuer: /CN=A911CA78/serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6
Certificate serial: 0DB3
Authority key identifier: 40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/A0F26482C9F211EF986EE370C4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:42:03 +0000
ROA not before: Sun 02 Nov 2025 19:08:03 +0000
ROA not after: Tue 02 Mar 2027 00:00:00 +0000
asID: 18206
IP address blocks: 49.236.192.0/24 maxlen: 24
49.236.193.0/24 maxlen: 24
49.236.194.0/24 maxlen: 24
49.236.195.0/24 maxlen: 24
49.236.197.0/24 maxlen: 24
49.236.198.0/24 maxlen: 24
49.236.199.0/24 maxlen: 24
49.236.200.0/24 maxlen: 24
49.236.202.0/24 maxlen: 24
49.236.203.0/24 maxlen: 24
49.236.204.0/24 maxlen: 24
49.236.205.0/24 maxlen: 24
112.137.160.0/24 maxlen: 24
112.137.161.0/24 maxlen: 24
112.137.162.0/24 maxlen: 24
112.137.163.0/24 maxlen: 24
112.137.164.0/24 maxlen: 24
112.137.165.0/24 maxlen: 24
112.137.168.0/24 maxlen: 24
112.137.169.0/24 maxlen: 24
112.137.170.0/24 maxlen: 24
112.137.171.0/24 maxlen: 24
112.137.172.0/24 maxlen: 24
112.137.173.0/24 maxlen: 24
112.137.174.0/24 maxlen: 24
112.137.175.0/24 maxlen: 24
119.110.97.0/24 maxlen: 24
119.110.98.0/24 maxlen: 24
119.110.99.0/24 maxlen: 24
119.110.100.0/24 maxlen: 24
119.110.102.0/24 maxlen: 24
119.110.105.0/24 maxlen: 24
119.110.107.0/24 maxlen: 24
119.110.108.0/24 maxlen: 24
124.197.224.0/20 maxlen: 20
124.197.224.0/22 maxlen: 22
124.197.224.0/24 maxlen: 24
124.197.225.0/24 maxlen: 24
124.197.233.0/24 maxlen: 24
124.197.238.0/24 maxlen: 24
124.197.239.0/24 maxlen: 24
202.71.96.0/20 maxlen: 23
202.71.96.0/21 maxlen: 24
202.71.104.0/22 maxlen: 24
202.71.108.0/24 maxlen: 24
202.71.110.0/23 maxlen: 24
202.75.32.0/20 maxlen: 23
202.75.32.0/21 maxlen: 24
202.75.40.0/24 maxlen: 24
202.75.42.0/23 maxlen: 24
202.75.44.0/22 maxlen: 24
202.75.48.0/20 maxlen: 24
202.162.0.0/19 maxlen: 24
202.165.0.0/19 maxlen: 24
203.153.80.0/20 maxlen: 24
210.48.144.0/20 maxlen: 24
2401:b000::/32 maxlen: 32
2401:b000::/48 maxlen: 48
2401:b000:0:5::/64 maxlen: 64
2401:b000:0:6::/64 maxlen: 64
2401:b000:10::/48 maxlen: 48
2404:b8::/32 maxlen: 32
2404:b8::/48 maxlen: 48
2404:b8:0:1::/64 maxlen: 64
2404:b8:1::/48 maxlen: 48
2404:b8:3::/48 maxlen: 48
2404:b8:20::/43 maxlen: 43
2404:b8:2000::/44 maxlen: 44
2404:b8:2020::/43 maxlen: 43
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.crl
rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 18:42:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3507 (0xdb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911CA78, serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6
Validity
Not Before: Nov 2 19:08:03 2025 GMT
Not After : Mar 2 00:00:00 2027 GMT
Subject: CN=69a4887b-1ba0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f0:6c:45:91:7a:36:92:be:9f:1f:82:e7:98:
eb:b9:b2:f2:d0:27:5d:85:5e:05:e8:19:af:10:7d:
ea:2d:90:45:e0:44:6c:23:cd:50:69:8f:dc:72:c4:
29:a4:63:bb:cb:34:8c:2f:a6:da:44:01:6d:be:3a:
de:2c:99:09:15:40:27:a0:9d:22:c6:bb:77:63:4d:
41:2e:20:22:5c:85:fd:39:af:af:9d:0c:2d:ec:a0:
cf:24:34:2f:90:02:a5:3c:4c:2f:1c:a1:01:b9:e5:
b9:bd:4f:c2:6f:58:be:81:b5:80:eb:e0:21:6f:84:
0b:fe:00:74:92:73:f5:75:b0:f6:07:a3:40:71:b6:
cb:54:44:9f:d6:3b:e7:82:cb:8a:f9:11:e6:d0:d6:
a7:33:02:d3:92:07:f2:22:d4:90:1b:6f:73:5a:76:
8c:31:5e:46:69:bb:56:dc:58:d5:20:88:8c:fa:bf:
7b:a1:8d:d2:bc:af:7d:f4:da:08:c0:66:15:17:8a:
9e:5b:6e:5e:c8:7e:d4:8d:fa:41:ac:fe:9e:c6:4b:
4a:c4:0c:cf:18:39:76:7c:09:6d:20:41:60:24:cc:
83:9f:49:61:70:98:9f:a8:7a:3f:d3:fd:1b:20:7c:
96:16:60:ff:29:7f:65:a2:15:f1:4c:7d:48:8e:6a:
8b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:D6:BC:93:73:56:C0:A3:B9:4C:61:41:F8:B8:FB:78:82:7B:F0:2C
X509v3 Authority Key Identifier:
keyid:40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/A0F26482C9F211EF986EE370C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
49.236.192.0/22
49.236.197.0-49.236.200.255
49.236.202.0-49.236.205.255
112.137.160.0-112.137.165.255
112.137.168.0/21
119.110.97.0-119.110.100.255
119.110.102.0/24
119.110.105.0/24
119.110.107.0-119.110.108.255
124.197.224.0/20
202.71.96.0/20
202.75.32.0/19
202.162.0.0/19
202.165.0.0/19
203.153.80.0/20
210.48.144.0/20
IPv6:
2401:b000::/32
2404:b8::/32
Signature Algorithm: sha256WithRSAEncryption
4e:07:ea:18:68:e2:3f:ab:fa:0c:57:8a:16:1a:76:b5:4b:04:
d8:ae:c1:c9:1b:c7:43:40:c6:ac:9b:82:05:90:82:cd:71:ea:
46:bd:67:ab:ab:63:a0:f3:ed:96:42:2b:58:cb:35:12:9b:3b:
20:13:a8:66:cb:8d:c6:cd:bc:06:2d:56:85:cf:5c:ca:d3:e9:
93:28:04:70:7b:be:b4:fb:2a:68:64:77:5a:9c:3a:e0:a5:ff:
0c:26:d3:f6:5c:45:ee:9c:99:a3:5c:e5:36:1f:64:cf:82:2e:
b6:d5:87:f5:f6:72:50:45:55:56:cd:57:eb:11:91:65:4b:6a:
e8:4c:fa:38:8b:6b:8e:74:59:eb:3d:09:ff:91:30:78:98:18:
de:5f:ae:5c:9a:8d:2a:10:b1:4b:df:2f:54:65:6f:10:1a:31:
d5:b8:51:03:3d:4b:c3:09:8c:02:b3:9c:61:b9:2d:3c:39:94:
b5:6a:47:24:10:75:e4:99:c1:89:2e:93:3f:2b:9e:1a:ee:79:
c6:d5:ef:36:20:6d:84:a4:5f:49:8f:d4:af:82:3a:f5:76:80:
30:56:82:ec:14:e4:0c:d1:b9:29:ad:41:1a:91:f4:1b:40:23:
e0:10:db:ec:4d:88:0c:75:ad:2e:38:f5:8a:83:56:5c:9a:19:
0c:ac:b7:93
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgICDbMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUNBNzgxMTAvBgNVBAUTKDQwNTYyQzE0M0EyOUNCMTlDNzBGRkM5Qjk5QjYwQkJF
Q0QxRDczQjYwHhcNMjUxMTAyMTkwODAzWhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODg3Yi0xYmEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwPBsRZF6NpK+nx+C55jrubLy0CddhV4F6BmvEH3qLZBF4ERsI81QaY/ccsQp
pGO7yzSML6baRAFtvjreLJkJFUAnoJ0ixrt3Y01BLiAiXIX9Oa+vnQwt7KDPJDQv
kAKlPEwvHKEBueW5vU/Cb1i+gbWA6+Ahb4QL/gB0knP1dbD2B6NAcbbLVESf1jvn
gsuK+RHm0NanMwLTkgfyItSQG29zWnaMMV5GabtW3FjVIIiM+r97oY3SvK999NoI
wGYVF4qeW25eyH7UjfpBrP6exktKxAzPGDl2fAltIEFgJMyDn0lhcJifqHo/0/0b
IHyWFmD/KX9lohXxTH1IjmqLSwIDAQABo4IC/TCCAvkwHQYDVR0OBBYEFHXWvJNz
VsCjuUxhQfi4+3iCe/AsMB8GA1UdIwQYMBaAFEBWLBQ6KcsZxw/8m5m2C77NHXO2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0E3OC9CRTg4NDZEMjM1
RDgxMUVBQTczMEVDNDZDNEY5QUUwMi9RRllzRkRvcHl4bkhEX3libWJZTHZzMGRj
N1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FGWXNGRG9weXhuSERfeWJtYllMdnMwZGM3WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUNBNzgvQkU4ODQ2RDIzNUQ4MTFFQUE3MzBFQzQ2QzRGOUFFMDIvQTBGMjY0ODJD
OUYyMTFFRjk4NkVFMzcwQzRGOUFFMDIucm9hMIG7BggrBgEFBQcBBwEB/wSBqzCB
qDCBjwQCAAEwgYgDBAIx7MAwDAMEADHsxQMEADHsyDAMAwQBMezKAwQBMezMMAwD
BAVwiaADBAFwiaQDBANwiagwDAMEAHduYQMEAHduZAMEAHduZgMEAHduaTAMAwQA
d25rAwQAd25sAwQEfMXgAwQEykdgAwQFyksgAwQFyqIAAwQFyqUAAwQEy5lQAwQE
0jCQMBQEAgACMA4DBQAkAbAAAwUAJAQAuDANBgkqhkiG9w0BAQsFAAOCAQEATgfq
GGjiP6v6DFeKFhp2tUsE2K7ByRvHQ0DGrJuCBZCCzXHqRr1nq6tjoPPtlkIrWMs1
Eps7IBOoZsuNxs28Bi1Whc9cytPpkygEcHu+tPsqaGR3Wpw64KX/DCbT9lxF7pyZ
o1zlNh9kz4IuttWH9fZyUEVVVs1X6xGRZUtq6Ez6OItrjnRZ6z0J/5EweJgY3l+u
XJqNKhCxS98vVGVvEBox1bhRAz1LwwmMArOcYbktPDmUtWpHJBB15JnBiS6TPyue
Gu55xtXvNiBthKRfSY/Ur4I69XaAMFaC7BTkDNG5Ka1BGpH0G0Aj4BDb7E2IDHWt
Ljj1ioNWXJoZDKy3kw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:59:50 2026 by rpki-client