Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/143DD7B61EB411F1BCEF50BD1F3D8C67.roa
File: 143DD7B61EB411F1BCEF50BD1F3D8C67.roa (raw, json)
Hash identifier: 0IuTpckRCU4Q3jTTuR+nuWiQepp3s7lYKom5T1Zo58I=
Subject key identifier: 37:91:A2:EA:8F:3E:6A:42:50:DA:A1:AF:1E:3C:A7:9C:36:6F:E7:58
Certificate issuer: /CN=A9134172/serialNumber=F45C0F4F467CE1576E5EE9E41E5576F0348C46A7
Certificate serial: 0BD8
Authority key identifier: F4:5C:0F:4F:46:7C:E1:57:6E:5E:E9:E4:1E:55:76:F0:34:8C:46:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FwPT0Z84VduXunkHlV28DSMRqc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/143DD7B61EB411F1BCEF50BD1F3D8C67.roa
Signing time: Fri 13 Mar 2026 08:10:21 +0000
ROA not before: Fri 13 Mar 2026 08:10:21 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 9908
IP address blocks: 61.10.0.0/16 maxlen: 16
61.10.0.0/17 maxlen: 17
61.10.0.0/18 maxlen: 20
61.10.64.0/18 maxlen: 18
61.10.64.0/19 maxlen: 20
61.10.96.0/19 maxlen: 20
61.10.128.0/17 maxlen: 20
61.15.0.0/19 maxlen: 20
61.15.32.0/19 maxlen: 19
61.15.32.0/20 maxlen: 20
61.15.48.0/20 maxlen: 20
61.15.64.0/18 maxlen: 18
61.15.64.0/19 maxlen: 19
61.15.64.0/20 maxlen: 20
61.15.64.0/21 maxlen: 21
61.15.80.0/20 maxlen: 20
61.15.84.0/23 maxlen: 23
61.15.87.0/24 maxlen: 24
61.15.96.0/19 maxlen: 19
61.15.96.0/20 maxlen: 20
61.15.104.0/22 maxlen: 22
61.15.106.0/23 maxlen: 23
61.15.112.0/20 maxlen: 20
61.15.128.0/17 maxlen: 20
61.18.0.0/16 maxlen: 16
61.18.0.0/17 maxlen: 20
61.18.128.0/17 maxlen: 20
125.59.0.0/16 maxlen: 20
203.83.64.0/18 maxlen: 18
203.168.220.0/24 maxlen: 24
203.168.222.0/23 maxlen: 24
203.168.236.0/23 maxlen: 24
203.168.254.0/24 maxlen: 24
218.252.0.0/16 maxlen: 16
218.252.0.0/17 maxlen: 20
218.252.128.0/17 maxlen: 20
218.253.0.0/18 maxlen: 20
222.166.0.0/16 maxlen: 20
222.167.0.0/19 maxlen: 20
222.167.41.0/24 maxlen: 24
222.167.42.0/23 maxlen: 23
222.167.44.0/22 maxlen: 22
222.167.48.0/20 maxlen: 20
222.167.64.0/19 maxlen: 24
222.167.128.0/19 maxlen: 24
222.167.160.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/9FwPT0Z84VduXunkHlV28DSMRqc.crl
rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/9FwPT0Z84VduXunkHlV28DSMRqc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FwPT0Z84VduXunkHlV28DSMRqc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 02 Apr 2026 14:54:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3032 (0xbd8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9134172, serialNumber=F45C0F4F467CE1576E5EE9E41E5576F0348C46A7
Validity
Not Before: Mar 13 08:10:21 2026 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=69b3c66d-6690
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:77:a7:1a:04:8e:16:cd:23:ae:39:e2:ba:3d:
f7:c8:aa:09:51:ec:91:6f:72:b3:af:3b:aa:f0:d5:
77:a3:21:de:80:99:33:b2:94:a6:22:75:cd:33:a8:
9a:ec:96:33:f9:26:2a:db:1a:2f:88:56:9f:e2:fa:
39:01:f1:70:73:eb:1c:a2:18:32:44:9a:4a:f2:e8:
73:cb:04:1c:d2:8e:c1:fe:8e:1c:02:f0:1f:ef:90:
70:75:4b:e6:50:ca:60:da:81:fc:a8:70:70:d4:68:
81:b2:c2:9c:a1:e5:6f:3c:81:90:2f:3b:d4:3d:56:
01:e8:a6:79:7a:a4:ce:b2:bd:02:70:b1:eb:4a:b1:
2b:38:92:db:94:b3:43:8f:89:bd:cf:d3:47:7f:4f:
4c:12:67:21:16:ea:af:9e:68:ad:6d:cf:77:02:67:
95:45:22:d0:cb:fa:f4:ba:b1:1a:8b:f8:c0:e5:7b:
9a:68:fa:7c:8f:1c:df:ab:3b:e1:80:b5:00:55:2b:
a3:1b:26:6c:92:fa:7f:00:f6:b4:fa:55:1f:98:c3:
52:a0:51:ed:0d:36:39:24:5f:1a:0c:48:7b:6f:77:
d2:45:7e:d8:86:b5:aa:e5:9d:21:92:35:9c:a6:f9:
01:67:8b:a3:13:66:da:2e:87:42:1d:06:d6:a3:ac:
46:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:91:A2:EA:8F:3E:6A:42:50:DA:A1:AF:1E:3C:A7:9C:36:6F:E7:58
X509v3 Authority Key Identifier:
keyid:F4:5C:0F:4F:46:7C:E1:57:6E:5E:E9:E4:1E:55:76:F0:34:8C:46:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/9FwPT0Z84VduXunkHlV28DSMRqc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FwPT0Z84VduXunkHlV28DSMRqc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/143DD7B61EB411F1BCEF50BD1F3D8C67.roa
sbgp-ipAddrBlock: critical
IPv4:
61.10.0.0/16
61.15.0.0/16
61.18.0.0/16
125.59.0.0/16
203.83.64.0/18
203.168.220.0/24
203.168.222.0/23
203.168.236.0/23
203.168.254.0/24
218.252.0.0-218.253.63.255
222.166.0.0-222.167.31.255
222.167.41.0-222.167.95.255
222.167.128.0/18
Signature Algorithm: sha256WithRSAEncryption
6e:cc:28:3f:8f:41:b6:39:a9:71:57:7f:e3:a1:8f:fd:09:33:
33:72:a4:7d:fe:da:c0:25:bb:40:02:9b:54:66:83:1f:cd:48:
c8:bd:42:c0:70:e6:7e:de:91:28:f0:c1:de:ed:85:ea:7b:e8:
45:d4:af:1c:07:0e:79:f1:da:8e:71:12:fb:5f:8a:5b:87:a6:
2a:f5:1c:40:42:b9:91:69:8c:e3:7f:96:bc:9f:f6:37:da:38:
b9:35:ea:1c:16:5f:bf:45:2c:5e:38:bd:5d:b8:d0:1d:a7:48:
ea:1b:56:98:43:0e:11:2a:76:5f:a0:a7:ec:0c:5f:69:ac:5b:
0b:36:51:c5:35:22:7c:4f:a3:31:c8:f4:06:18:61:c0:80:e3:
91:42:50:a3:fa:53:d3:f0:ae:24:3a:c0:2f:61:4f:62:17:6d:
7b:22:8c:ad:02:64:86:6b:bd:33:2e:fb:12:da:9a:91:f6:4d:
cc:ea:8e:9a:db:19:cd:fb:3c:7d:be:0f:24:2d:0d:1e:b1:de:
68:f5:9f:4c:ac:18:16:ab:0e:bb:7e:bb:e5:4a:61:73:5b:c3:
db:89:be:ee:d8:6a:a7:67:17:8e:b0:00:ac:5e:1f:aa:8e:ce:
b6:b4:d4:1c:77:81:85:b9:07:63:0b:ed:75:9c:bc:e9:41:f3:
37:23:54:4f
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgICC9gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzQxNzIxMTAvBgNVBAUTKEY0NUMwRjRGNDY3Q0UxNTc2RTVFRTlFNDFFNTU3NkYw
MzQ4QzQ2QTcwHhcNMjYwMzEzMDgxMDIxWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWIzYzY2ZC02NjkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA03enGgSOFs0jrjniuj33yKoJUeyRb3Kzrzuq8NV3oyHegJkzspSmInXNM6ia
7JYz+SYq2xoviFaf4vo5AfFwc+scohgyRJpK8uhzywQc0o7B/o4cAvAf75BwdUvm
UMpg2oH8qHBw1GiBssKcoeVvPIGQLzvUPVYB6KZ5eqTOsr0CcLHrSrErOJLblLND
j4m9z9NHf09MEmchFuqvnmitbc93AmeVRSLQy/r0urEai/jA5XuaaPp8jxzfqzvh
gLUAVSujGyZskvp/APa0+lUfmMNSoFHtDTY5JF8aDEh7b3fSRX7YhrWq5Z0hkjWc
pvkBZ4ujE2baLodCHQbWo6xGZwIDAQABo4ICujCCArYwHQYDVR0OBBYEFDeRouqP
PmpCUNqhrx48p5w2b+dYMB8GA1UdIwQYMBaAFPRcD09GfOFXbl7p5B5VdvA0jEan
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDE3Mi81OTc2MTI2NDlF
NEQxMUVBOUMyM0FGMUZDNEY5QUUwMi85RndQVDBaODRWZHVYdW5rSGxWMjhEU01S
cWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlGd1BUMFo4NFZkdVh1bmtIbFYyOERTTVJxYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzQxNzIvNTk3NjEyNjQ5RTREMTFFQTlDMjNBRjFGQzRGOUFFMDIvMTQzREQ3QjYx
RUI0MTFGMUJDRUY1MEJEMUYzRDhDNjcucm9hMHkGCCsGAQUFBwEHAQH/BGowaDBm
BAIAATBgAwMAPQoDAwA9DwMDAD0SAwMAfTsDBAbLU0ADBADLqNwDBAHLqN4DBAHL
qOwDBADLqP4wCwMDAtr8AwQG2v0AMAsDAwHepgMEBd6nADAMAwQA3qcpAwQF3qdA
AwQG3qeAMA0GCSqGSIb3DQEBCwUAA4IBAQBuzCg/j0G2OalxV3/joY/9CTMzcqR9
/trAJbtAAptUZoMfzUjIvULAcOZ+3pEo8MHe7YXqe+hF1K8cBw558dqOcRL7X4pb
h6Yq9RxAQrmRaYzjf5a8n/Y32ji5NeocFl+/RSxeOL1duNAdp0jqG1aYQw4RKnZf
oKfsDF9prFsLNlHFNSJ8T6MxyPQGGGHAgOORQlCj+lPT8K4kOsAvYU9iF217Ioyt
AmSGa70zLvsS2pqR9k3M6o6a2xnN+zx9vg8kLQ0esd5o9Z9MrBgWqw67frvlSmFz
W8Pbib7u2GqnZxeOsACsXh+qjs62tNQcd4GFuQdjC+11nLzpQfM3I1RP
-----END CERTIFICATE-----
Generated at Thu Mar 26 22:47:35 2026 by rpki-client