Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9145456/7719C710306611EB85251355C4F9AE02/5EB91EB40F9611F0A2F2830DC4F9AE02.roa
File: 5EB91EB40F9611F0A2F2830DC4F9AE02.roa (raw, json)
Hash identifier: SSYC29tGawUFme3RXhIZyQeg2PtzaX+D5ecktRUmY7I=
Subject key identifier: 9F:ED:91:DF:59:A8:B0:CA:E8:30:00:75:E4:13:45:90:0D:14:6E:02
Certificate issuer: /CN=A9145456/serialNumber=3FB0A56E20F194C7749879D4D225B3F97E9EBECF
Certificate serial: 0842
Authority key identifier: 3F:B0:A5:6E:20:F1:94:C7:74:98:79:D4:D2:25:B3:F9:7E:9E:BE:CF
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/P7ClbiDxlMd0mHnU0iWz-X6evs8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9145456/7719C710306611EB85251355C4F9AE02/5EB91EB40F9611F0A2F2830DC4F9AE02.roa
Signing time: Mon 02 Mar 2026 15:03:16 +0000
ROA not before: Thu 27 Nov 2025 01:07:16 +0000
ROA not after: Tue 02 Mar 2027 00:00:00 +0000
asID: 139831
IP address blocks: 131.226.64.0/18 maxlen: 18
131.226.64.0/22 maxlen: 24
131.226.68.0/22 maxlen: 24
131.226.74.0/23 maxlen: 24
131.226.76.0/23 maxlen: 24
131.226.80.0/22 maxlen: 24
131.226.84.0/22 maxlen: 24
131.226.88.0/22 maxlen: 24
131.226.92.0/22 maxlen: 24
131.226.96.0/22 maxlen: 23
131.226.100.0/22 maxlen: 23
131.226.100.0/24 maxlen: 24
131.226.104.0/22 maxlen: 23
131.226.108.0/22 maxlen: 23
131.226.112.0/22 maxlen: 23
131.226.116.0/23 maxlen: 23
131.226.118.0/23 maxlen: 23
131.226.120.0/23 maxlen: 23
131.226.122.0/23 maxlen: 23
131.226.124.0/23 maxlen: 24
131.226.126.0/24 maxlen: 24
131.226.127.0/24 maxlen: 24
139.135.64.0/18 maxlen: 18
139.135.64.0/22 maxlen: 22
139.135.68.0/22 maxlen: 22
139.135.72.0/22 maxlen: 22
139.135.76.0/22 maxlen: 22
139.135.80.0/22 maxlen: 22
139.135.88.0/22 maxlen: 22
139.135.104.0/22 maxlen: 23
139.135.108.0/22 maxlen: 23
139.135.124.0/23 maxlen: 23
160.84.128.0/18 maxlen: 18
160.84.128.0/24 maxlen: 24
160.84.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9145456/7719C710306611EB85251355C4F9AE02/P7ClbiDxlMd0mHnU0iWz-X6evs8.crl
rsync://rpki.apnic.net/member_repository/A9145456/7719C710306611EB85251355C4F9AE02/P7ClbiDxlMd0mHnU0iWz-X6evs8.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/P7ClbiDxlMd0mHnU0iWz-X6evs8.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 21:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2114 (0x842)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9145456, serialNumber=3FB0A56E20F194C7749879D4D225B3F97E9EBECF
Validity
Not Before: Nov 27 01:07:16 2025 GMT
Not After : Mar 2 00:00:00 2027 GMT
Subject: CN=69a5a6b4-7f91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c7:98:23:0a:45:38:1f:ff:ce:82:01:1a:03:
f1:03:d3:15:ef:82:02:23:7d:c3:ff:78:b3:7e:7c:
9c:05:9b:5b:2a:3e:f4:2c:69:f4:0d:1f:ae:4c:74:
8d:d0:6a:41:67:1e:fb:66:66:8b:e0:63:1a:61:a8:
48:9f:12:25:15:0e:3d:52:86:6c:58:7b:33:59:b6:
f9:22:99:fc:e9:85:bb:1d:fa:86:75:b7:9c:57:0c:
24:4d:c2:fd:f9:f3:fc:59:ee:a9:2d:53:dd:b1:51:
3b:cb:7c:53:a9:b1:c2:69:77:87:5f:3c:2e:18:e7:
9f:19:38:12:2a:0a:44:df:da:7e:df:98:f4:39:e1:
b6:26:f0:24:00:87:39:1e:4a:c3:51:fe:b3:da:0b:
29:23:7e:8a:b9:e7:36:c9:d0:7a:24:9a:62:4e:74:
20:2b:86:f8:c4:cc:99:2a:83:2b:9b:e1:87:b4:b8:
e6:2d:30:62:df:cb:f6:e6:85:e1:25:be:9d:37:a8:
b1:62:06:a6:11:31:72:d8:fe:90:b9:81:f9:cb:25:
2c:ba:31:56:8a:ec:03:2a:b8:22:e8:cc:2f:6e:d3:
d6:e7:49:46:ce:61:3d:45:e8:62:5a:69:91:b6:20:
a6:18:1e:8a:56:cd:07:82:94:6b:e2:a4:a7:70:96:
69:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:ED:91:DF:59:A8:B0:CA:E8:30:00:75:E4:13:45:90:0D:14:6E:02
X509v3 Authority Key Identifier:
keyid:3F:B0:A5:6E:20:F1:94:C7:74:98:79:D4:D2:25:B3:F9:7E:9E:BE:CF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9145456/7719C710306611EB85251355C4F9AE02/P7ClbiDxlMd0mHnU0iWz-X6evs8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/P7ClbiDxlMd0mHnU0iWz-X6evs8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9145456/7719C710306611EB85251355C4F9AE02/5EB91EB40F9611F0A2F2830DC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
131.226.64.0/18
139.135.64.0/18
160.84.128.0/18
Signature Algorithm: sha256WithRSAEncryption
57:ab:c8:35:9f:3d:4e:a8:ce:52:57:4d:d7:a6:52:05:a1:18:
ca:d3:91:70:f5:8c:b5:72:9b:51:a2:9a:a2:2e:88:1e:5d:8c:
c1:88:d6:8e:5e:a8:44:ad:56:9f:c6:2a:d4:0d:a7:61:5b:6f:
64:cb:5b:37:20:d7:ac:0f:8b:31:94:c0:04:9a:18:52:4f:a8:
1d:9f:1c:00:04:77:6f:c0:e4:b2:6d:0c:17:4b:5b:6e:24:f3:
cb:20:26:1d:11:04:a8:08:72:9a:75:72:a3:85:b6:43:ba:d3:
79:48:6f:5d:0c:e0:a8:75:f1:c6:cc:a7:28:6f:dd:c4:da:fd:
c2:f2:16:ca:f3:db:a3:d9:94:60:28:f3:ad:a7:0e:af:84:03:
9b:ec:a3:a0:f8:1a:f9:2b:dc:35:80:e6:d5:6e:3a:70:dd:45:
a2:88:8e:0a:4f:95:cc:70:de:7b:80:59:02:2f:9a:5d:58:9a:
41:5b:ce:a8:4b:a9:36:70:4a:f4:cc:eb:a1:f5:f8:c6:2e:8c:
0b:1d:6c:95:6a:cf:af:10:02:ae:4c:b0:3b:c6:bf:be:13:43:
61:b0:1f:d7:de:ab:16:53:0a:cf:09:d6:60:9b:2d:c2:07:4b:
21:86:74:60:d5:83:ed:18:be:61:0b:10:51:dd:fa:cd:c7:0c:
c9:fa:3d:da
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgICCEIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDU0NTYxMTAvBgNVBAUTKDNGQjBBNTZFMjBGMTk0Qzc3NDk4NzlENEQyMjVCM0Y5
N0U5RUJFQ0YwHhcNMjUxMTI3MDEwNzE2WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE1YTZiNC03ZjkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlseYIwpFOB//zoIBGgPxA9MV74ICI33D/3izfnycBZtbKj70LGn0DR+uTHSN
0GpBZx77ZmaL4GMaYahInxIlFQ49UoZsWHszWbb5Ipn86YW7HfqGdbecVwwkTcL9
+fP8We6pLVPdsVE7y3xTqbHCaXeHXzwuGOefGTgSKgpE39p+35j0OeG2JvAkAIc5
HkrDUf6z2gspI36Kuec2ydB6JJpiTnQgK4b4xMyZKoMrm+GHtLjmLTBi38v25oXh
Jb6dN6ixYgamETFy2P6QuYH5yyUsujFWiuwDKrgi6MwvbtPW50lGzmE9RehiWmmR
tiCmGB6KVs0HgpRr4qSncJZpvQIDAQABo4ICbDCCAmgwHQYDVR0OBBYEFJ/tkd9Z
qLDK6DAAdeQTRZANFG4CMB8GA1UdIwQYMBaAFD+wpW4g8ZTHdJh51NIls/l+nr7P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTQ1Ni83NzE5QzcxMDMw
NjYxMUVCODUyNTEzNTVDNEY5QUUwMi9QN0NsYmlEeGxNZDBtSG5VMGlXei1YNmV2
czguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1A3Q2xiaUR4bE1kMG1IblUwaVd6LVg2ZXZzOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDU0NTYvNzcxOUM3MTAzMDY2MTFFQjg1MjUxMzU1QzRGOUFFMDIvNUVCOTFFQjQw
Rjk2MTFGMEEyRjI4MzBEQzRGOUFFMDIucm9hMCsGCCsGAQUFBwEHAQH/BBwwGjAY
BAIAATASAwQGg+JAAwQGi4dAAwQGoFSAMA0GCSqGSIb3DQEBCwUAA4IBAQBXq8g1
nz1OqM5SV03XplIFoRjK05Fw9Yy1cptRopqiLogeXYzBiNaOXqhErVafxirUDadh
W29ky1s3INesD4sxlMAEmhhST6gdnxwABHdvwOSybQwXS1tuJPPLICYdEQSoCHKa
dXKjhbZDutN5SG9dDOCodfHGzKcob93E2v3C8hbK89uj2ZRgKPOtpw6vhAOb7KOg
+Br5K9w1gObVbjpw3UWiiI4KT5XMcN57gFkCL5pdWJpBW86oS6k2cEr0zOuh9fjG
LowLHWyVas+vEAKuTLA7xr++E0NhsB/X3qsWUwrPCdZgmy3CB0shhnRg1YPtGL5h
CxBR3frNxwzJ+j3a
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:44:38 2026 by rpki-client