Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914A8CB/C8B0F4F221C111E7954E8717C4F9AE02/90C8D27021C211E786829418C4F9AE02.roa
File: 90C8D27021C211E786829418C4F9AE02.roa (raw, json)
Hash identifier: 6tLlav7T5aehzWc+XnkNI6MiVWdGYAaMzT2i5SR388w=
Subject key identifier: DA:0D:8F:AF:33:D3:0D:40:B5:49:FD:0A:18:55:A1:D8:D7:DE:73:68
Certificate issuer: /CN=A914A8CB/serialNumber=FF3278A3AD58B18A546E3FEDCD537840527767A8
Certificate serial: 1BD9
Authority key identifier: FF:32:78:A3:AD:58:B1:8A:54:6E:3F:ED:CD:53:78:40:52:77:67:A8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_zJ4o61YsYpUbj_tzVN4QFJ3Z6g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914A8CB/C8B0F4F221C111E7954E8717C4F9AE02/90C8D27021C211E786829418C4F9AE02.roa
Signing time: Wed 06 May 2026 16:24:02 +0000
ROA not before: Wed 06 May 2026 16:24:02 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 45766
IP address blocks: 45.127.48.0/22 maxlen: 22
45.127.48.0/22 maxlen: 24
45.127.48.0/23 maxlen: 23
45.127.48.0/24 maxlen: 24
45.127.49.0/24 maxlen: 24
45.127.50.0/23 maxlen: 23
45.127.50.0/24 maxlen: 24
45.127.51.0/24 maxlen: 24
103.40.226.0/23 maxlen: 23
103.40.226.0/23 maxlen: 24
103.40.226.0/24 maxlen: 24
103.40.227.0/24 maxlen: 24
103.51.2.0/23 maxlen: 23
103.51.2.0/23 maxlen: 24
103.51.2.0/24 maxlen: 24
103.51.3.0/24 maxlen: 24
113.21.228.0/22 maxlen: 22
113.21.228.0/22 maxlen: 24
113.21.228.0/23 maxlen: 23
113.21.228.0/24 maxlen: 24
113.21.229.0/24 maxlen: 24
113.21.230.0/23 maxlen: 23
113.21.230.0/24 maxlen: 24
113.21.231.0/24 maxlen: 24
2400:f940::/32 maxlen: 32
2400:f940::/32 maxlen: 34
2400:f940::/33 maxlen: 33
2400:f940::/34 maxlen: 34
2400:f940::/48 maxlen: 48
2400:f940:10::/48 maxlen: 48
2400:f940:11::/48 maxlen: 48
2400:f940:12::/48 maxlen: 48
2400:f940:4000::/34 maxlen: 34
2400:f940:8000::/33 maxlen: 33
2400:f940:8000::/34 maxlen: 34
2400:f940:c000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914A8CB/C8B0F4F221C111E7954E8717C4F9AE02/_zJ4o61YsYpUbj_tzVN4QFJ3Z6g.crl
rsync://rpki.apnic.net/member_repository/A914A8CB/C8B0F4F221C111E7954E8717C4F9AE02/_zJ4o61YsYpUbj_tzVN4QFJ3Z6g.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_zJ4o61YsYpUbj_tzVN4QFJ3Z6g.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 19 May 2026 16:15:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7129 (0x1bd9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914A8CB, serialNumber=FF3278A3AD58B18A546E3FEDCD537840527767A8
Validity
Not Before: May 6 16:24:02 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=69fb6b22-567c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ef:eb:a2:00:4c:04:9d:0b:6e:78:fa:63:15:
79:ea:d5:f6:12:21:79:8d:2e:94:f0:06:8e:fb:f5:
08:7b:30:50:cb:01:61:dc:94:8d:ba:27:b0:9b:df:
db:95:db:9c:62:cc:72:7c:40:f4:77:0f:95:2d:ba:
84:b6:23:f2:03:3f:a7:40:92:38:64:99:ee:7d:45:
20:55:9f:b7:db:22:6b:28:a5:89:02:86:9e:72:8d:
d0:c0:7d:14:d5:5b:b7:52:05:40:aa:ad:9e:66:f9:
d6:95:e8:44:44:32:71:90:68:7d:a5:37:f1:8b:12:
55:48:2c:38:db:f9:37:8a:4f:0a:84:9d:08:83:c7:
0e:2f:23:78:44:66:d6:8b:34:3f:b0:3d:6e:be:1f:
c2:15:32:3b:ac:ed:4b:cb:f7:15:f2:7c:ff:9e:97:
13:79:ab:eb:aa:cf:97:9a:d9:52:5d:a3:d4:52:4d:
4b:72:02:2e:57:5b:da:0b:26:fe:be:f0:b1:ea:c6:
e0:fd:da:15:24:49:28:cf:14:8d:40:47:8c:a0:6c:
3d:83:08:4a:38:11:da:fa:b3:19:2b:9c:6d:47:ca:
05:0e:87:9b:ad:21:39:a5:c9:70:ef:a7:fe:2b:1b:
fa:83:64:28:3c:52:35:90:97:96:30:92:7f:89:b5:
2b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:0D:8F:AF:33:D3:0D:40:B5:49:FD:0A:18:55:A1:D8:D7:DE:73:68
X509v3 Authority Key Identifier:
keyid:FF:32:78:A3:AD:58:B1:8A:54:6E:3F:ED:CD:53:78:40:52:77:67:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914A8CB/C8B0F4F221C111E7954E8717C4F9AE02/_zJ4o61YsYpUbj_tzVN4QFJ3Z6g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_zJ4o61YsYpUbj_tzVN4QFJ3Z6g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914A8CB/C8B0F4F221C111E7954E8717C4F9AE02/90C8D27021C211E786829418C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.127.48.0/22
103.40.226.0/23
103.51.2.0/23
113.21.228.0/22
IPv6:
2400:f940::/32
Signature Algorithm: sha256WithRSAEncryption
86:fe:9a:66:73:80:14:a0:e6:bd:66:22:9a:d7:8e:36:c6:dc:
e1:47:52:06:75:47:ab:4e:89:1b:7c:53:1f:67:58:e6:bb:66:
50:5c:22:c0:c5:db:65:4f:3c:ad:c8:4e:42:7b:c0:83:c6:f0:
41:13:f5:2d:19:bd:77:ff:4f:9e:bf:eb:28:1d:6f:ae:dd:52:
90:54:e9:9c:1c:51:fa:b0:5f:49:e4:33:6b:58:2f:38:d5:2a:
94:5d:e3:24:2d:28:5e:25:ac:8b:d0:91:70:ee:84:57:c1:5a:
e4:2f:94:15:3e:6c:ca:8c:e1:bd:5c:d3:bf:64:eb:86:93:c9:
2d:ce:21:d7:5e:1c:9b:f3:f4:74:bd:64:99:c8:33:40:a8:c1:
d3:69:a0:7d:f8:41:65:2b:40:f3:7c:e4:0f:99:5b:c5:78:bf:
14:4e:14:c6:75:53:1d:40:61:ab:84:af:c3:64:11:40:9f:26:
60:c9:e2:75:51:48:38:21:dc:15:d6:58:c2:3f:2f:ca:5b:a0:
7d:87:0d:00:fe:d7:82:31:60:c6:cd:0e:66:82:79:a1:8d:ca:
de:50:85:49:26:1b:77:b8:e2:6e:50:0a:29:85:c2:61:12:11:
be:13:ed:4c:a8:df:2d:10:7d:d2:00:2f:a1:d5:1d:28:b2:c6:
55:df:ea:1e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgICG9kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEE4Q0IxMTAvBgNVBAUTKEZGMzI3OEEzQUQ1OEIxOEE1NDZFM0ZFRENENTM3ODQw
NTI3NzY3QTgwHhcNMjYwNTA2MTYyNDAyWhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWZiNmIyMi01NjdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3+/rogBMBJ0Lbnj6YxV56tX2EiF5jS6U8AaO+/UIezBQywFh3JSNuiewm9/b
lducYsxyfED0dw+VLbqEtiPyAz+nQJI4ZJnufUUgVZ+32yJrKKWJAoaeco3QwH0U
1Vu3UgVAqq2eZvnWlehERDJxkGh9pTfxixJVSCw42/k3ik8KhJ0Ig8cOLyN4RGbW
izQ/sD1uvh/CFTI7rO1Ly/cV8nz/npcTeavrqs+XmtlSXaPUUk1LcgIuV1vaCyb+
vvCx6sbg/doVJEkozxSNQEeMoGw9gwhKOBHa+rMZK5xtR8oFDoebrSE5pclw76f+
Kxv6g2QoPFI1kJeWMJJ/ibUr1QIDAQABo4ICgTCCAn0wHQYDVR0OBBYEFNoNj68z
0w1AtUn9ChhVodjX3nNoMB8GA1UdIwQYMBaAFP8yeKOtWLGKVG4/7c1TeEBSd2eo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QThDQi9DOEIwRjRGMjIx
QzExMUU3OTU0RTg3MTdDNEY5QUUwMi9feko0bzYxWXNZcFVial90elZONFFGSjNa
NmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL196SjRvNjFZc1lwVWJqX3R6Vk40UUZKM1o2Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEE4Q0IvQzhCMEY0RjIyMUMxMTFFNzk1NEU4NzE3QzRGOUFFMDIvOTBDOEQyNzAy
MUMyMTFFNzg2ODI5NDE4QzRGOUFFMDIucm9hMEAGCCsGAQUFBwEHAQH/BDEwLzAe
BAIAATAYAwQCLX8wAwQBZyjiAwQBZzMCAwQCcRXkMA0EAgACMAcDBQAkAPlAMA0G
CSqGSIb3DQEBCwUAA4IBAQCG/ppmc4AUoOa9ZiKa1442xtzhR1IGdUerTokbfFMf
Z1jmu2ZQXCLAxdtlTzytyE5Ce8CDxvBBE/UtGb13/0+ev+soHW+u3VKQVOmcHFH6
sF9J5DNrWC841SqUXeMkLSheJayL0JFw7oRXwVrkL5QVPmzKjOG9XNO/ZOuGk8kt
ziHXXhyb8/R0vWSZyDNAqMHTaaB9+EFlK0DzfOQPmVvFeL8UThTGdVMdQGGrhK/D
ZBFAnyZgyeJ1UUg4IdwV1ljCPy/KW6B9hw0A/teCMWDGzQ5mgnmhjcreUIVJJht3
uOJuUAophcJhEhG+E+1MqN8tEH3SAC+h1R0ossZV3+oe
-----END CERTIFICATE-----
Generated at Wed May 13 09:25:10 2026 by rpki-client