Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/8A721F4EB10C11E5BB6B2A16C4F9AE02.roa
File: 8A721F4EB10C11E5BB6B2A16C4F9AE02.roa (raw, json)
Hash identifier: stk74SV6j9y9+8KC9a1Q22LQGIi2kHQ11+JPCtMpbPU=
Subject key identifier: 7B:3C:14:26:0C:41:10:B5:90:D1:4F:02:97:06:18:89:30:BC:0A:BA
Certificate issuer: /CN=A91240E6/serialNumber=6DCE52F9A228CBF6F30CD55D43384D1268487B65
Certificate serial: 26AD
Authority key identifier: 6D:CE:52:F9:A2:28:CB:F6:F3:0C:D5:5D:43:38:4D:12:68:48:7B:65
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bc5S-aIoy_bzDNVdQzhNEmhIe2U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/8A721F4EB10C11E5BB6B2A16C4F9AE02.roa
Signing time: Sun 01 Mar 2026 11:27:08 +0000
ROA not before: Thu 28 Aug 2025 16:03:21 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 38203
IP address blocks: 103.4.116.0/22 maxlen: 22
103.4.116.0/22 maxlen: 24
103.4.116.0/24 maxlen: 24
103.4.117.0/24 maxlen: 24
103.4.118.0/24 maxlen: 24
103.4.119.0/24 maxlen: 24
103.234.200.0/22 maxlen: 22
103.234.200.0/24 maxlen: 24
103.234.201.0/24 maxlen: 24
103.234.202.0/24 maxlen: 24
103.234.203.0/24 maxlen: 24
103.251.120.0/22 maxlen: 22
103.251.120.0/22 maxlen: 24
103.251.120.0/24 maxlen: 24
103.251.121.0/24 maxlen: 24
103.251.122.0/24 maxlen: 24
103.251.123.0/24 maxlen: 24
163.47.144.0/22 maxlen: 22
163.47.144.0/22 maxlen: 24
163.47.144.0/24 maxlen: 24
163.47.145.0/24 maxlen: 24
163.47.146.0/24 maxlen: 24
163.47.147.0/24 maxlen: 24
202.51.176.0/20 maxlen: 20
202.51.176.0/20 maxlen: 24
202.51.176.0/24 maxlen: 24
202.51.177.0/24 maxlen: 24
202.51.178.0/24 maxlen: 24
202.51.179.0/24 maxlen: 24
202.51.180.0/24 maxlen: 24
202.51.181.0/24 maxlen: 24
202.51.182.0/24 maxlen: 24
202.51.183.0/24 maxlen: 24
202.51.184.0/24 maxlen: 24
202.51.185.0/24 maxlen: 24
202.51.186.0/24 maxlen: 24
202.51.187.0/24 maxlen: 24
202.51.188.0/24 maxlen: 24
202.51.189.0/24 maxlen: 24
202.51.190.0/24 maxlen: 24
202.51.191.0/24 maxlen: 24
2402:b500::/32 maxlen: 48
2402:b500:1::/48 maxlen: 48
2402:b500:2::/48 maxlen: 48
2402:b500:3::/48 maxlen: 48
2402:b500:4::/48 maxlen: 48
2402:b500:5::/48 maxlen: 48
2402:b500:31::/48 maxlen: 48
2402:b500:1000::/44 maxlen: 44
2402:b500:1000::/48 maxlen: 48
2402:b500:1001::/48 maxlen: 48
2402:b500:1002::/48 maxlen: 48
2402:b500:1003::/48 maxlen: 48
2402:b500:1004::/48 maxlen: 48
2402:b500:1005::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/bc5S-aIoy_bzDNVdQzhNEmhIe2U.crl
rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/bc5S-aIoy_bzDNVdQzhNEmhIe2U.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bc5S-aIoy_bzDNVdQzhNEmhIe2U.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 15:37:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9901 (0x26ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91240E6, serialNumber=6DCE52F9A228CBF6F30CD55D43384D1268487B65
Validity
Not Before: Aug 28 16:03:21 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=69a4228b-d428
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a1:b0:c9:7d:24:3c:60:e2:eb:cd:53:3d:a6:
80:18:e7:14:48:1e:30:ff:36:c4:f7:4f:16:80:ad:
e5:49:8c:54:29:79:ce:91:f6:8f:27:af:41:5a:67:
7a:68:8c:04:d6:50:da:4a:aa:d3:3f:32:54:bf:de:
3f:93:64:cf:42:2b:4f:57:18:ec:56:d9:87:2b:dd:
1b:60:70:d4:8e:96:ee:51:e1:80:25:25:72:a7:c6:
42:3f:cd:13:61:11:94:c6:8e:fd:fe:ff:25:42:cd:
45:1c:e7:12:db:8e:07:0c:6d:61:fa:81:09:f0:e4:
08:b3:a0:ac:ee:7e:63:46:b3:91:b7:1a:e5:a7:11:
d8:6d:f3:20:8f:7b:f5:8b:df:81:a8:e8:d9:48:82:
7b:3f:e0:ed:ef:31:61:fa:bf:e0:4a:e1:56:af:e2:
17:6c:b6:13:be:59:67:1f:77:af:96:49:20:fd:a3:
df:bf:b7:e5:cf:9e:87:c7:77:e1:33:d9:a6:d9:62:
1d:20:4b:e7:14:46:fd:f3:5d:48:72:8a:7c:f3:b0:
a2:18:d5:54:59:c6:e7:b9:fb:22:3c:ab:fb:ab:3e:
ab:a0:03:e3:60:c2:e7:20:34:6b:86:4d:ef:4b:18:
34:04:32:27:48:ff:17:ec:e7:50:ac:74:b7:5c:a7:
25:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:3C:14:26:0C:41:10:B5:90:D1:4F:02:97:06:18:89:30:BC:0A:BA
X509v3 Authority Key Identifier:
keyid:6D:CE:52:F9:A2:28:CB:F6:F3:0C:D5:5D:43:38:4D:12:68:48:7B:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/bc5S-aIoy_bzDNVdQzhNEmhIe2U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bc5S-aIoy_bzDNVdQzhNEmhIe2U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/8A721F4EB10C11E5BB6B2A16C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.4.116.0/22
103.234.200.0/22
103.251.120.0/22
163.47.144.0/22
202.51.176.0/20
IPv6:
2402:b500::/32
Signature Algorithm: sha256WithRSAEncryption
98:44:63:ca:19:16:81:a6:0d:14:a2:e5:01:9b:4e:6e:cf:5f:
94:1a:32:b8:a3:e1:87:c5:85:c4:a4:fa:3f:df:0e:34:3f:23:
1b:c7:c9:89:9d:70:e6:c7:94:e6:29:25:f4:86:db:a5:24:4c:
db:d4:f6:b1:54:74:20:bf:52:80:cb:a5:95:af:84:50:05:f1:
d1:83:c8:4a:1e:7c:32:7f:94:1e:54:58:2c:ca:6d:d6:19:f7:
13:21:59:a7:a4:36:b5:a5:1d:ef:d2:1b:ca:26:96:ab:0f:f3:
97:2b:c6:16:30:ba:d7:15:cf:61:2e:bf:9c:ab:95:bf:74:ba:
76:27:31:ce:5c:5f:8b:9b:63:9d:76:3e:83:04:d8:cc:47:9b:
2f:18:0e:7c:a8:24:94:88:b0:2f:e1:43:a0:b8:01:f5:15:0e:
f7:a6:da:5e:e4:62:95:2d:f6:ad:b1:3e:fc:df:e6:5f:0c:b3:
f1:10:60:09:33:f2:e4:05:32:e1:c9:54:73:d7:88:51:77:6b:
2a:c2:ac:59:f8:fe:b2:6b:f1:8d:9e:e6:2f:80:9a:33:21:b1:
44:56:15:47:e1:8c:27:01:aa:f4:be:17:a3:1e:89:95:f1:ca:
74:8a:c4:ee:d8:84:d7:26:bf:1a:f6:e0:3f:c8:5c:62:14:c6:
20:ef:74:07
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgICJq0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjQwRTYxMTAvBgNVBAUTKDZEQ0U1MkY5QTIyOENCRjZGMzBDRDU1RDQzMzg0RDEy
Njg0ODdCNjUwHhcNMjUwODI4MTYwMzIxWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0MjI4Yi1kNDI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmaGwyX0kPGDi681TPaaAGOcUSB4w/zbE908WgK3lSYxUKXnOkfaPJ69BWmd6
aIwE1lDaSqrTPzJUv94/k2TPQitPVxjsVtmHK90bYHDUjpbuUeGAJSVyp8ZCP80T
YRGUxo79/v8lQs1FHOcS244HDG1h+oEJ8OQIs6Cs7n5jRrORtxrlpxHYbfMgj3v1
i9+BqOjZSIJ7P+Dt7zFh+r/gSuFWr+IXbLYTvllnH3evlkkg/aPfv7flz56Hx3fh
M9mm2WIdIEvnFEb9811Icop887CiGNVUWcbnufsiPKv7qz6roAPjYMLnIDRrhk3v
Sxg0BDInSP8X7OdQrHS3XKclHQIDAQABo4IChzCCAoMwHQYDVR0OBBYEFHs8FCYM
QRC1kNFPApcGGIkwvAq6MB8GA1UdIwQYMBaAFG3OUvmiKMv28wzVXUM4TRJoSHtl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDBFNi82NjA3NDJDOEZE
MjExMUU0ODhBQjBDMzRDNEY5QUUwMi9iYzVTLWFJb3lfYnpETlZkUXpoTkVtaEll
MlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JjNVMtYUlveV9iekROVmRRemhORW1oSWUyVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjQwRTYvNjYwNzQyQzhGRDIxMTFFNDg4QUIwQzM0QzRGOUFFMDIvOEE3MjFGNEVC
MTBDMTFFNUJCNkIyQTE2QzRGOUFFMDIucm9hMEYGCCsGAQUFBwEHAQH/BDcwNTAk
BAIAATAeAwQCZwR0AwQCZ+rIAwQCZ/t4AwQCoy+QAwQEyjOwMA0EAgACMAcDBQAk
ArUAMA0GCSqGSIb3DQEBCwUAA4IBAQCYRGPKGRaBpg0UouUBm05uz1+UGjK4o+GH
xYXEpPo/3w40PyMbx8mJnXDmx5TmKSX0htulJEzb1PaxVHQgv1KAy6WVr4RQBfHR
g8hKHnwyf5QeVFgsym3WGfcTIVmnpDa1pR3v0hvKJparD/OXK8YWMLrXFc9hLr+c
q5W/dLp2JzHOXF+Lm2Oddj6DBNjMR5svGA58qCSUiLAv4UOguAH1FQ73ptpe5GKV
LfatsT783+ZfDLPxEGAJM/LkBTLhyVRz14hRd2sqwqxZ+P6ya/GNnuYvgJozIbFE
VhVH4YwnAar0vhejHomV8cp0isTu2ITXJr8a9uA/yFxiFMYg73QH
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:08:18 2026 by rpki-client