Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/997B7CFADEA011ED84E5D17BC4F9AE02.roa
File: 997B7CFADEA011ED84E5D17BC4F9AE02.roa (raw, json)
Hash identifier: Ss+FUQPG9F9hZM/4lQxz8L820kYuesvHrOBEmXhzsTQ=
Subject key identifier: A9:90:CA:A1:67:E7:74:00:BC:01:BF:45:54:F4:67:72:8B:9A:9B:97
Certificate issuer: /CN=A914CE75/serialNumber=49892537D8B2C0325B7BE081FD9286C79BEA6A85
Certificate serial: 337E
Authority key identifier: 49:89:25:37:D8:B2:C0:32:5B:7B:E0:81:FD:92:86:C7:9B:EA:6A:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SYklN9iywDJbe-CB_ZKGx5vqaoU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/997B7CFADEA011ED84E5D17BC4F9AE02.roa
Signing time: Sat 02 May 2026 16:18:09 +0000
ROA not before: Sat 02 May 2026 16:18:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9238
IP address blocks: 59.160.33.0/24 maxlen: 24
59.162.7.0/24 maxlen: 24
59.163.47.0/24 maxlen: 24
59.163.63.0/24 maxlen: 24
115.112.212.0/22 maxlen: 22
121.241.230.0/24 maxlen: 24
203.124.192.0/18 maxlen: 18
203.124.192.0/24 maxlen: 24
203.124.217.0/24 maxlen: 24
203.124.218.0/24 maxlen: 24
203.124.225.0/24 maxlen: 24
203.124.232.0/24 maxlen: 24
203.124.248.0/22 maxlen: 22
203.124.248.0/24 maxlen: 24
203.196.194.0/24 maxlen: 24
203.196.200.0/24 maxlen: 24
203.196.201.0/24 maxlen: 24
203.196.202.0/24 maxlen: 24
203.196.203.0/24 maxlen: 24
203.196.204.0/24 maxlen: 24
203.196.233.0/24 maxlen: 24
203.196.240.0/24 maxlen: 24
203.196.241.0/24 maxlen: 24
203.196.250.0/24 maxlen: 24
203.201.208.0/24 maxlen: 24
203.201.209.0/24 maxlen: 24
203.201.212.0/24 maxlen: 24
203.201.213.0/24 maxlen: 24
203.201.220.0/24 maxlen: 24
203.201.222.0/24 maxlen: 24
203.201.224.0/24 maxlen: 24
203.201.225.0/24 maxlen: 24
203.201.226.0/24 maxlen: 24
203.201.227.0/24 maxlen: 24
203.201.231.0/24 maxlen: 24
203.201.248.0/24 maxlen: 24
203.201.250.0/24 maxlen: 24
203.201.251.0/24 maxlen: 24
203.201.254.0/24 maxlen: 24
219.64.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/SYklN9iywDJbe-CB_ZKGx5vqaoU.crl
rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/SYklN9iywDJbe-CB_ZKGx5vqaoU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SYklN9iywDJbe-CB_ZKGx5vqaoU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 19 May 2026 15:27:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13182 (0x337e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914CE75, serialNumber=49892537D8B2C0325B7BE081FD9286C79BEA6A85
Validity
Not Before: May 2 16:18:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=69f623c0-4289
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:16:c4:95:18:10:da:1a:05:c9:49:8d:75:6d:
dc:5d:64:28:0f:b6:fc:22:10:0f:70:0b:d3:97:28:
e4:32:1b:db:82:4d:7b:13:58:bb:18:da:fb:ea:f0:
63:7b:a2:db:d4:a4:1e:de:fb:cf:19:98:84:fc:f2:
f3:bb:50:92:7b:ce:d1:a3:6b:a2:67:81:6b:62:57:
f6:fe:42:a6:f4:9d:69:c2:00:c0:9a:36:e5:22:50:
11:54:d6:7e:ca:56:56:c5:72:cb:f5:0f:98:c1:73:
cf:ac:b4:65:b9:58:55:9d:33:ff:65:a5:bb:24:e4:
0c:3b:f9:80:18:48:ac:11:38:36:13:a2:f9:b6:de:
9e:c8:8f:17:e4:4d:e4:5f:57:42:28:fd:41:92:72:
43:fc:c2:bf:72:9d:2b:20:08:fa:b8:d7:8b:ac:45:
8a:5f:12:30:a1:a6:93:64:9f:0c:1c:23:45:46:7e:
4a:32:31:fa:6b:70:6e:cf:d6:61:24:85:a5:58:84:
32:dc:7f:bf:ae:9e:1d:95:99:aa:87:f6:b2:b5:67:
d9:ac:3a:c7:b8:61:7e:4b:2f:40:ce:56:96:d9:2e:
55:bd:67:35:64:84:82:d0:f1:50:db:c9:8a:c2:f5:
1a:54:48:c4:50:58:c5:12:30:81:c8:c6:cd:ca:87:
a0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:90:CA:A1:67:E7:74:00:BC:01:BF:45:54:F4:67:72:8B:9A:9B:97
X509v3 Authority Key Identifier:
keyid:49:89:25:37:D8:B2:C0:32:5B:7B:E0:81:FD:92:86:C7:9B:EA:6A:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/SYklN9iywDJbe-CB_ZKGx5vqaoU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SYklN9iywDJbe-CB_ZKGx5vqaoU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/997B7CFADEA011ED84E5D17BC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
59.160.33.0/24
59.162.7.0/24
59.163.47.0/24
59.163.63.0/24
115.112.212.0/22
121.241.230.0/24
203.124.192.0/18
203.196.194.0/24
203.196.200.0-203.196.204.255
203.196.233.0/24
203.196.240.0/23
203.196.250.0/24
203.201.208.0/23
203.201.212.0/23
203.201.220.0/24
203.201.222.0/24
203.201.224.0/22
203.201.231.0/24
203.201.248.0/24
203.201.250.0/23
203.201.254.0/24
219.64.5.0/24
Signature Algorithm: sha256WithRSAEncryption
63:fa:aa:c9:ac:b6:e9:f7:1b:9f:cc:42:67:d5:68:be:a2:5a:
ff:f9:b9:1d:db:12:35:5c:08:e4:63:76:3c:fd:b3:1d:99:1a:
f8:8f:2b:b8:cf:6d:ad:80:de:0c:97:46:e1:23:c8:f6:37:a2:
9e:bd:37:23:b7:46:ab:b2:c1:9b:d8:d3:ce:6f:db:b1:f3:75:
ee:18:15:b2:1f:12:34:01:7e:fe:65:ee:e3:e6:61:c3:25:f0:
e5:68:a7:dd:20:51:10:b7:42:1a:d4:f1:b2:dd:76:2d:3a:a6:
2c:93:51:19:e6:7d:dd:64:99:07:79:af:ea:c2:e1:cd:ab:cb:
e3:e5:5e:e8:fa:35:f4:75:a9:3d:46:69:cb:be:4f:08:5c:10:
45:a6:23:ba:cd:3e:22:61:8f:b7:cb:17:9b:ac:df:e5:7f:f9:
76:68:72:6e:a0:0d:b9:17:e4:84:22:37:12:90:24:45:91:63:
e4:cf:ff:39:b7:26:b9:ea:55:e0:60:78:83:57:00:4e:7a:36:
17:7b:41:c7:97:ac:ec:c9:91:1e:ca:d1:da:bb:b7:04:eb:30:
ce:e7:2b:92:fe:3e:cc:92:13:8f:9a:14:21:18:5a:38:e6:9c:
4f:cb:4c:02:6f:21:22:aa:53:f9:63:5c:25:8c:ef:17:64:f6:
ae:06:3b:90
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgICM34wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NENFNzUxMTAvBgNVBAUTKDQ5ODkyNTM3RDhCMkMwMzI1QjdCRTA4MUZEOTI4NkM3
OUJFQTZBODUwHhcNMjYwNTAyMTYxODA5WhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWY2MjNjMC00Mjg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0hbElRgQ2hoFyUmNdW3cXWQoD7b8IhAPcAvTlyjkMhvbgk17E1i7GNr76vBj
e6Lb1KQe3vvPGZiE/PLzu1CSe87Ro2uiZ4FrYlf2/kKm9J1pwgDAmjblIlARVNZ+
ylZWxXLL9Q+YwXPPrLRluVhVnTP/ZaW7JOQMO/mAGEisETg2E6L5tt6eyI8X5E3k
X1dCKP1BknJD/MK/cp0rIAj6uNeLrEWKXxIwoaaTZJ8MHCNFRn5KMjH6a3Buz9Zh
JIWlWIQy3H+/rp4dlZmqh/aytWfZrDrHuGF+Sy9AzlaW2S5VvWc1ZISC0PFQ28mK
wvUaVEjEUFjFEjCByMbNyoeg+QIDAQABo4IC6zCCAucwHQYDVR0OBBYEFKmQyqFn
53QAvAG/RVT0Z3KLmpuXMB8GA1UdIwQYMBaAFEmJJTfYssAyW3vggf2Shseb6mqF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Q0U3NS9EMjJFRjNENkZG
NEIxMUUyODFCRTA2NjI1OTExRUEzMi9TWWtsTjlpeXdESmJlLUNCX1pLR3g1dnFh
b1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NZa2xOOWl5d0RKYmUtQ0JfWktHeDV2cWFvVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NENFNzUvRDIyRUYzRDZGRjRCMTFFMjgxQkUwNjYyNTkxMUVBMzIvOTk3QjdDRkFE
RUEwMTFFRDg0RTVEMTdCQzRGOUFFMDIucm9hMIGpBggrBgEFBQcBBwEB/wSBmTCB
ljCBkwQCAAEwgYwDBAA7oCEDBAA7ogcDBAA7oy8DBAA7oz8DBAJzcNQDBAB58eYD
BAbLfMADBADLxMIwDAMEA8vEyAMEAMvEzAMEAMvE6QMEAcvE8AMEAMvE+gMEAcvJ
0AMEAcvJ1AMEAMvJ3AMEAMvJ3gMEAsvJ4AMEAMvJ5wMEAMvJ+AMEAcvJ+gMEAMvJ
/gMEANtABTANBgkqhkiG9w0BAQsFAAOCAQEAY/qqyay26fcbn8xCZ9VovqJa//m5
HdsSNVwI5GN2PP2zHZka+I8ruM9trYDeDJdG4SPI9jeinr03I7dGq7LBm9jTzm/b
sfN17hgVsh8SNAF+/mXu4+ZhwyXw5Win3SBRELdCGtTxst12LTqmLJNRGeZ93WSZ
B3mv6sLhzavL4+Ve6Po19HWpPUZpy75PCFwQRaYjus0+ImGPt8sXm6zf5X/5dmhy
bqANuRfkhCI3EpAkRZFj5M//ObcmuepV4GB4g1cATno2F3tBx5es7MmRHsrR2ru3
BOswzucrkv4+zJITj5oUIRhaOOacT8tMAm8hIqpT+WNcJYzvF2T2rgY7kA==
-----END CERTIFICATE-----
Generated at Wed May 13 15:38:48 2026 by rpki-client