Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/3C30815CABB611ED8370AB5DC4F9AE02.roa
File: 3C30815CABB611ED8370AB5DC4F9AE02.roa (raw, json)
Hash identifier: kFSKCAh6ioguWfPU1TwURBM6G7BAtAwhSPRIqoX3VaA=
Subject key identifier: CD:40:DF:88:A8:C3:ED:0B:9E:F8:81:3C:C4:55:60:DA:5D:C3:B7:4A
Certificate issuer: /CN=A91406AA/serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C
Certificate serial: 088D
Authority key identifier: 31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/3C30815CABB611ED8370AB5DC4F9AE02.roa
Signing time: Mon 23 Mar 2026 23:34:08 +0000
ROA not before: Mon 23 Mar 2026 23:34:08 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 140220
IP address blocks: 60.234.7.0/24 maxlen: 24
60.234.8.0/24 maxlen: 24
60.234.10.0/24 maxlen: 24
60.234.11.0/24 maxlen: 24
60.234.12.0/24 maxlen: 24
60.234.13.0/24 maxlen: 24
60.234.14.0/24 maxlen: 24
60.234.15.0/24 maxlen: 24
60.234.31.0/24 maxlen: 24
60.234.32.0/24 maxlen: 24
60.234.33.0/24 maxlen: 24
60.234.39.0/24 maxlen: 24
60.234.40.0/23 maxlen: 24
60.234.46.0/24 maxlen: 24
60.234.50.0/24 maxlen: 24
60.234.51.0/24 maxlen: 24
60.234.52.0/24 maxlen: 24
60.234.53.0/24 maxlen: 24
60.234.63.0/24 maxlen: 24
60.234.68.0/24 maxlen: 24
60.234.72.0/24 maxlen: 24
60.234.73.0/24 maxlen: 24
60.234.75.0/24 maxlen: 24
60.234.82.0/23 maxlen: 24
60.234.84.0/22 maxlen: 24
60.234.88.0/24 maxlen: 24
60.234.89.0/24 maxlen: 24
60.234.90.0/23 maxlen: 24
60.234.92.0/23 maxlen: 24
60.234.94.0/24 maxlen: 24
60.234.95.0/24 maxlen: 24
60.234.96.0/24 maxlen: 24
60.234.98.0/24 maxlen: 24
60.234.99.0/24 maxlen: 24
60.234.100.0/23 maxlen: 24
60.234.102.0/23 maxlen: 24
60.234.104.0/22 maxlen: 24
60.234.108.0/24 maxlen: 24
60.234.109.0/24 maxlen: 24
60.234.110.0/24 maxlen: 24
60.234.111.0/24 maxlen: 24
60.234.112.0/24 maxlen: 24
60.234.113.0/24 maxlen: 24
60.234.114.0/24 maxlen: 24
60.234.115.0/24 maxlen: 24
60.234.116.0/23 maxlen: 24
60.234.118.0/24 maxlen: 24
60.234.119.0/24 maxlen: 24
60.234.120.0/24 maxlen: 24
60.234.121.0/24 maxlen: 24
60.234.122.0/23 maxlen: 24
60.234.124.0/24 maxlen: 24
60.234.125.0/24 maxlen: 24
60.234.126.0/24 maxlen: 24
60.234.127.0/24 maxlen: 24
60.234.128.0/24 maxlen: 24
60.234.129.0/24 maxlen: 24
60.234.130.0/24 maxlen: 24
60.234.131.0/24 maxlen: 24
60.234.132.0/24 maxlen: 24
60.234.133.0/24 maxlen: 24
60.234.134.0/24 maxlen: 24
60.234.135.0/24 maxlen: 24
60.234.136.0/24 maxlen: 24
60.234.137.0/24 maxlen: 24
60.234.138.0/24 maxlen: 24
60.234.139.0/24 maxlen: 24
60.234.140.0/24 maxlen: 24
60.234.141.0/24 maxlen: 24
60.234.142.0/24 maxlen: 24
60.234.143.0/24 maxlen: 24
60.234.144.0/23 maxlen: 24
60.234.146.0/23 maxlen: 24
60.234.148.0/24 maxlen: 24
60.234.149.0/24 maxlen: 24
60.234.150.0/23 maxlen: 24
60.234.152.0/21 maxlen: 24
60.234.160.0/24 maxlen: 24
60.234.161.0/24 maxlen: 24
60.234.162.0/23 maxlen: 24
60.234.164.0/24 maxlen: 24
60.234.165.0/24 maxlen: 24
60.234.166.0/24 maxlen: 24
60.234.167.0/24 maxlen: 24
60.234.168.0/24 maxlen: 24
60.234.169.0/24 maxlen: 24
60.234.170.0/24 maxlen: 24
60.234.171.0/24 maxlen: 24
60.234.172.0/24 maxlen: 24
60.234.173.0/24 maxlen: 24
60.234.174.0/24 maxlen: 24
60.234.175.0/24 maxlen: 24
60.234.176.0/24 maxlen: 24
60.234.178.0/24 maxlen: 24
60.234.181.0/24 maxlen: 24
60.234.182.0/23 maxlen: 24
60.234.184.0/23 maxlen: 24
60.234.186.0/24 maxlen: 24
60.234.187.0/24 maxlen: 24
60.234.188.0/24 maxlen: 24
60.234.189.0/24 maxlen: 24
60.234.190.0/24 maxlen: 24
60.234.191.0/24 maxlen: 24
60.234.192.0/24 maxlen: 24
60.234.193.0/24 maxlen: 24
60.234.194.0/23 maxlen: 24
60.234.196.0/23 maxlen: 24
60.234.198.0/23 maxlen: 24
60.234.201.0/24 maxlen: 24
60.234.202.0/23 maxlen: 24
60.234.204.0/24 maxlen: 24
60.234.205.0/24 maxlen: 24
60.234.206.0/24 maxlen: 24
60.234.207.0/24 maxlen: 24
60.234.208.0/20 maxlen: 24
60.234.224.0/19 maxlen: 24
121.98.32.0/24 maxlen: 24
121.98.33.0/24 maxlen: 24
121.98.34.0/23 maxlen: 24
121.98.124.0/23 maxlen: 24
202.127.8.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl
rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 21:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2189 (0x88d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91406AA, serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C
Validity
Not Before: Mar 23 23:34:08 2026 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=69c1cdf0-52ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:bb:30:7f:84:19:7b:b5:6e:55:e8:55:02:58:
f0:1b:78:a4:ae:f2:2e:e2:bb:18:0e:35:b6:a4:5e:
6c:ac:50:e9:d1:f2:7c:46:61:83:66:d5:71:ee:75:
17:ce:7a:99:15:3e:bf:00:d4:9a:a1:1e:f8:28:43:
d2:0c:5d:01:4e:ff:9c:48:41:94:e2:9b:81:4d:05:
c2:1d:ad:31:74:17:1c:d0:b7:6e:49:e1:65:db:5a:
6b:5c:25:57:b9:8c:71:c3:7b:2e:82:f0:d0:ee:85:
b8:b7:19:b3:03:06:1c:7c:7e:54:cb:24:b5:34:98:
50:d1:58:e4:e5:9e:9d:ba:8a:21:50:7d:e6:54:f0:
1b:7e:fa:ad:27:83:bc:d0:a7:73:47:81:d0:7b:c5:
42:ff:5e:f1:4a:e3:bb:49:26:dc:77:cf:46:24:3d:
bf:d8:6f:9d:75:15:6a:20:32:c5:a1:4c:c8:42:d6:
d2:9b:91:05:32:97:d9:af:56:f2:19:ab:04:c5:3d:
ed:9e:de:3c:35:36:90:0d:cb:04:b3:4f:46:c6:f5:
a5:ed:9f:03:4f:23:a9:ed:92:02:95:71:a0:40:18:
fd:55:8c:3f:d5:c4:3e:1b:ea:47:0d:11:e7:b7:8d:
93:41:0f:b7:fe:29:f9:9c:85:af:87:c9:9c:ad:9b:
e8:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:40:DF:88:A8:C3:ED:0B:9E:F8:81:3C:C4:55:60:DA:5D:C3:B7:4A
X509v3 Authority Key Identifier:
keyid:31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/3C30815CABB611ED8370AB5DC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
60.234.7.0-60.234.8.255
60.234.10.0-60.234.15.255
60.234.31.0-60.234.33.255
60.234.39.0-60.234.41.255
60.234.46.0/24
60.234.50.0-60.234.53.255
60.234.63.0/24
60.234.68.0/24
60.234.72.0/23
60.234.75.0/24
60.234.82.0-60.234.96.255
60.234.98.0-60.234.176.255
60.234.178.0/24
60.234.181.0-60.234.199.255
60.234.201.0-60.234.255.255
121.98.32.0/22
121.98.124.0/23
202.127.8.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:e7:13:90:e2:fc:4b:c1:af:a7:e9:6b:9e:2c:68:dd:b0:b0:
8e:ae:e1:54:5b:8f:99:2c:a4:77:d1:a7:eb:d8:03:93:0f:a4:
31:0e:e1:ad:87:0e:db:d6:75:0b:d9:cd:91:cd:b2:31:da:e7:
8a:25:0c:0c:dc:7d:6d:55:04:01:6f:68:c9:10:a1:e3:e1:5c:
46:04:d6:a5:27:a7:a2:b3:d8:4f:2b:bb:ba:46:6c:91:43:71:
cc:7f:0b:c0:72:eb:b6:23:b7:da:7e:6f:de:58:1b:5c:5a:65:
92:7e:2c:a0:73:2a:78:1f:c9:7f:40:48:1c:c5:21:d0:87:c9:
cf:67:5c:5a:65:29:9a:83:e3:d3:d8:84:d0:29:7d:ff:85:36:
7b:f4:a8:6a:9c:9b:fb:6f:0e:19:c6:ee:a0:33:87:c5:c6:87:
93:6e:d3:e2:52:e6:5d:2e:ca:6c:29:c5:30:60:72:57:d6:5f:
d8:0d:f4:01:1b:fe:fb:4a:11:81:f3:60:90:4e:a3:fa:97:dc:
f4:09:9b:79:a4:48:2d:8e:30:ec:8d:1a:48:41:52:25:6c:66:
02:25:b3:1b:c3:52:44:8d:00:1f:df:3b:e4:44:ae:e4:e8:9e:
a5:96:ea:a5:21:04:42:c8:3a:36:02:e7:22:28:aa:f3:cd:1e:
cf:c5:2a:34
-----BEGIN CERTIFICATE-----
MIIF7jCCBNagAwIBAgICCI0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDA2QUExMTAvBgNVBAUTKDMxNTUxM0U1NEFCMEM5OUI4QkNBODQwNDJFMzgzNThC
NjBEQjFCMkMwHhcNMjYwMzIzMjMzNDA4WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWMxY2RmMC01MmVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAjLswf4QZe7VuVehVAljwG3ikrvIu4rsYDjW2pF5srFDp0fJ8RmGDZtVx7nUX
znqZFT6/ANSaoR74KEPSDF0BTv+cSEGU4puBTQXCHa0xdBcc0LduSeFl21prXCVX
uYxxw3sugvDQ7oW4txmzAwYcfH5UyyS1NJhQ0Vjk5Z6duoohUH3mVPAbfvqtJ4O8
0KdzR4HQe8VC/17xSuO7SSbcd89GJD2/2G+ddRVqIDLFoUzIQtbSm5EFMpfZr1by
GasExT3tnt48NTaQDcsEs09GxvWl7Z8DTyOp7ZIClXGgQBj9VYw/1cQ+G+pHDRHn
t42TQQ+3/in5nIWvh8mcrZvotwIDAQABo4IDEjCCAw4wHQYDVR0OBBYEFM1A34io
w+0LnviBPMRVYNpdw7dKMB8GA1UdIwQYMBaAFDFVE+VKsMmbi8qEBC44NYtg2xss
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84RjVCQjRGODg2
QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9NVlVUNVVxd3ladUx5b1FFTGpnMWkyRGJH
eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01WVVQ1VXF3eVp1THlvUUVMamcxaTJEYkd5dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDA2QUEvOEY1QkI0Rjg4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvM0MzMDgxNUNB
QkI2MTFFRDgzNzBBQjVEQzRGOUFFMDIucm9hMIHQBggrBgEFBQcBBwEB/wSBwDCB
vTCBugQCAAEwgbMwDAMEADzqBwMEADzqCDAMAwQBPOoKAwQEPOoAMAwDBAA86h8D
BAE86iAwDAMEADzqJwMEATzqKAMEADzqLjAMAwQBPOoyAwQBPOo0AwQAPOo/AwQA
POpEAwQBPOpIAwQAPOpLMAwDBAE86lIDBAA86mAwDAMEATzqYgMEADzqsAMEADzq
sjAMAwQAPOq1AwQDPOrAMAsDBAA86skDAwA86gMEAnliIAMEAXlifAMEAsp/CDAN
BgkqhkiG9w0BAQsFAAOCAQEAt+cTkOL8S8Gvp+lrnixo3bCwjq7hVFuPmSykd9Gn
69gDkw+kMQ7hrYcO29Z1C9nNkc2yMdrniiUMDNx9bVUEAW9oyRCh4+FcRgTWpSen
orPYTyu7ukZskUNxzH8LwHLrtiO32n5v3lgbXFplkn4soHMqeB/Jf0BIHMUh0IfJ
z2dcWmUpmoPj09iE0Cl9/4U2e/Soapyb+28OGcbuoDOHxcaHk27T4lLmXS7KbCnF
MGByV9Zf2A30ARv++0oRgfNgkE6j+pfc9AmbeaRILY4w7I0aSEFSJWxmAiWzG8NS
RI0AH9875ESu5OiepZbqpSEEQsg6NgLnIiiq880ez8UqNA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:04:50 2026 by rpki-client