Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/4F7540B64BE311F096B8CE67C4F9AE02.roa
File: 4F7540B64BE311F096B8CE67C4F9AE02.roa (raw, json)
Hash identifier: lEmewPZEKQ+KAyO91wHJfIDoW8azxEDTYzC0XZdatJs=
Subject key identifier: CD:BD:1E:E4:FB:C4:49:7F:FB:F6:17:C0:FB:86:47:8D:18:14:BC:98
Certificate issuer: /CN=A9134172/serialNumber=F45C0F4F467CE1576E5EE9E41E5576F0348C46A7
Certificate serial: 0BE2
Authority key identifier: F4:5C:0F:4F:46:7C:E1:57:6E:5E:E9:E4:1E:55:76:F0:34:8C:46:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FwPT0Z84VduXunkHlV28DSMRqc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/4F7540B64BE311F096B8CE67C4F9AE02.roa
Signing time: Mon 23 Mar 2026 08:06:34 +0000
ROA not before: Mon 23 Mar 2026 08:06:34 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 149175
IP address blocks: 61.15.64.0/24 maxlen: 24
61.15.65.0/24 maxlen: 24
61.15.66.0/24 maxlen: 24
61.15.67.0/24 maxlen: 24
61.15.68.0/24 maxlen: 24
61.15.72.0/22 maxlen: 22
61.15.76.0/22 maxlen: 22
61.15.80.0/22 maxlen: 22
61.15.86.0/24 maxlen: 24
61.15.88.0/22 maxlen: 24
61.15.97.0/24 maxlen: 24
203.168.221.0/24 maxlen: 24
203.168.238.0/24 maxlen: 24
203.168.244.0/24 maxlen: 24
203.168.245.0/24 maxlen: 24
203.168.246.0/24 maxlen: 24
203.168.247.0/24 maxlen: 24
203.168.248.0/24 maxlen: 24
203.168.249.0/24 maxlen: 24
203.168.250.0/24 maxlen: 24
203.168.251.0/24 maxlen: 24
203.168.253.0/24 maxlen: 24
203.168.255.0/24 maxlen: 24
222.167.36.0/22 maxlen: 22
222.167.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/9FwPT0Z84VduXunkHlV28DSMRqc.crl
rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/9FwPT0Z84VduXunkHlV28DSMRqc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FwPT0Z84VduXunkHlV28DSMRqc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 19:40:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3042 (0xbe2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9134172, serialNumber=F45C0F4F467CE1576E5EE9E41E5576F0348C46A7
Validity
Not Before: Mar 23 08:06:34 2026 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=69c0f48a-1248
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:fe:1e:0f:da:3e:55:ab:e1:fb:2e:67:e9:5c:
90:23:90:73:34:91:d4:db:fd:78:fc:f8:77:f8:5e:
c1:cf:ad:d2:04:4f:7e:cc:58:e3:a5:65:b2:66:8a:
51:a1:ee:79:25:2c:6c:8c:e6:89:5f:4f:9b:2f:1b:
a6:90:54:c3:e6:57:26:4b:66:0c:21:0b:54:c3:4e:
9c:38:ac:e6:7a:4c:1f:9d:8f:40:92:f0:0a:72:c4:
c7:e0:43:32:ce:81:a8:f1:ea:46:b7:0c:0c:0b:c2:
29:76:c4:28:59:01:ca:25:11:46:bf:1a:c9:5e:54:
85:53:85:4c:ee:ee:79:ab:c5:57:ec:e5:5f:3c:36:
58:33:9c:51:c5:01:09:b6:bf:b8:42:0f:a9:93:36:
a3:cd:10:58:1a:ea:bd:6c:18:97:1c:22:90:d2:63:
cd:65:06:ae:1f:86:7b:32:8a:5b:7d:cb:63:05:e2:
a4:88:b2:cd:2f:95:97:0b:58:39:bb:c3:4c:9e:6c:
fd:5b:d3:ee:98:51:c2:d3:d0:0e:0d:24:3c:1b:f9:
76:00:13:4f:a4:b8:49:e1:9e:21:ff:71:2e:75:61:
eb:09:dd:40:5e:f3:f6:5e:83:2a:a7:fb:31:c9:20:
71:39:cd:73:cc:fc:d7:9d:b5:e5:83:ce:9a:c8:2f:
2d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:BD:1E:E4:FB:C4:49:7F:FB:F6:17:C0:FB:86:47:8D:18:14:BC:98
X509v3 Authority Key Identifier:
keyid:F4:5C:0F:4F:46:7C:E1:57:6E:5E:E9:E4:1E:55:76:F0:34:8C:46:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/9FwPT0Z84VduXunkHlV28DSMRqc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FwPT0Z84VduXunkHlV28DSMRqc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/4F7540B64BE311F096B8CE67C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
61.15.64.0-61.15.68.255
61.15.72.0-61.15.83.255
61.15.86.0/24
61.15.88.0/22
61.15.97.0/24
203.168.221.0/24
203.168.238.0/24
203.168.244.0-203.168.251.255
203.168.253.0/24
203.168.255.0/24
222.167.36.0-222.167.40.255
Signature Algorithm: sha256WithRSAEncryption
b2:30:aa:69:11:bc:63:f3:86:1a:52:7c:56:32:1c:43:a1:32:
88:86:ed:bc:1b:9b:87:16:42:9a:79:b7:b2:3a:39:49:f9:ac:
a8:3d:13:3b:1d:72:03:c2:08:45:1f:4d:e6:38:0a:f3:10:c5:
cd:a6:d7:47:a0:d5:5f:83:e3:49:9d:c5:24:d9:b7:ef:b0:76:
1b:32:f1:17:af:0d:00:c2:56:ca:c5:95:0d:47:e5:a1:5c:49:
4c:60:b2:34:eb:da:4a:ff:6d:24:a2:e6:47:f9:0d:f1:26:18:
88:d5:7c:a0:b5:d6:64:c2:9d:3e:ec:4d:02:cd:3b:a4:e8:36:
7c:95:09:d0:36:77:eb:57:df:b5:05:a0:2e:b4:b6:71:86:9a:
93:b0:4a:f8:83:8b:1a:ed:72:15:80:a1:1f:fe:f4:7c:38:5a:
94:cf:69:ab:72:a1:81:9c:8c:3c:1f:65:3e:77:66:8c:d8:68:
fe:aa:92:e6:76:64:2d:0f:fe:c5:b3:4e:9d:8e:74:20:e0:68:
64:4b:52:d1:4b:05:ca:a0:63:2d:1d:8d:62:98:b2:92:2c:bd:
a6:37:1c:e9:cf:e3:73:f1:8e:fd:69:e3:29:6c:71:3b:3f:df:
43:1a:2a:2c:b2:7a:bf:b2:95:29:7a:48:0d:49:0a:44:64:e9:
58:3f:b5:95
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICC+IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzQxNzIxMTAvBgNVBAUTKEY0NUMwRjRGNDY3Q0UxNTc2RTVFRTlFNDFFNTU3NkYw
MzQ4QzQ2QTcwHhcNMjYwMzIzMDgwNjM0WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWMwZjQ4YS0xMjQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmf4eD9o+Vavh+y5n6VyQI5BzNJHU2/14/Ph3+F7Bz63SBE9+zFjjpWWyZopR
oe55JSxsjOaJX0+bLxumkFTD5lcmS2YMIQtUw06cOKzmekwfnY9AkvAKcsTH4EMy
zoGo8epGtwwMC8IpdsQoWQHKJRFGvxrJXlSFU4VM7u55q8VX7OVfPDZYM5xRxQEJ
tr+4Qg+pkzajzRBYGuq9bBiXHCKQ0mPNZQauH4Z7MopbfctjBeKkiLLNL5WXC1g5
u8NMnmz9W9PumFHC09AODSQ8G/l2ABNPpLhJ4Z4h/3EudWHrCd1AXvP2XoMqp/sx
ySBxOc1zzPzXnbXlg86ayC8tiwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFM29HuT7
xEl/+/YXwPuGR40YFLyYMB8GA1UdIwQYMBaAFPRcD09GfOFXbl7p5B5VdvA0jEan
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDE3Mi81OTc2MTI2NDlF
NEQxMUVBOUMyM0FGMUZDNEY5QUUwMi85RndQVDBaODRWZHVYdW5rSGxWMjhEU01S
cWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlGd1BUMFo4NFZkdVh1bmtIbFYyOERTTVJxYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzQxNzIvNTk3NjEyNjQ5RTREMTFFQTlDMjNBRjFGQzRGOUFFMDIvNEY3NTQwQjY0
QkUzMTFGMDk2QjhDRTY3QzRGOUFFMDIucm9hMHsGCCsGAQUFBwEHAQH/BGwwajBo
BAIAATBiMAwDBAY9D0ADBAA9D0QwDAMEAz0PSAMEAj0PUAMEAD0PVgMEAj0PWAME
AD0PYQMEAMuo3QMEAMuo7jAMAwQCy6j0AwQCy6j4AwQAy6j9AwQAy6j/MAwDBALe
pyQDBADepygwDQYJKoZIhvcNAQELBQADggEBALIwqmkRvGPzhhpSfFYyHEOhMoiG
7bwbm4cWQpp5t7I6OUn5rKg9EzsdcgPCCEUfTeY4CvMQxc2m10eg1V+D40mdxSTZ
t++wdhsy8RevDQDCVsrFlQ1H5aFcSUxgsjTr2kr/bSSi5kf5DfEmGIjVfKC11mTC
nT7sTQLNO6ToNnyVCdA2d+tX37UFoC60tnGGmpOwSviDixrtchWAoR/+9Hw4WpTP
aatyoYGcjDwfZT53ZozYaP6qkuZ2ZC0P/sWzTp2OdCDgaGRLUtFLBcqgYy0djWKY
spIsvaY3HOnP43Pxjv1p4ylscTs/30MaKiyyer+ylSl6SA1JCkRk6Vg/tZU=
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:17:12 2026 by rpki-client