Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/0592D90E02E111F0BFF53A15C4F9AE02.roa
File: 0592D90E02E111F0BFF53A15C4F9AE02.roa (raw, json)
Hash identifier: CtJAvelVbQFW8W7TSlpCNzjF7SjJYzPxCZMSyJhTE1Y=
Subject key identifier: 52:81:B2:33:9C:2B:83:4F:30:4E:20:5C:6A:80:8A:B6:EF:67:05:59
Certificate issuer: /CN=A9152D08/serialNumber=34DC20129EAD6F41A7CA2D99C9BD3E7E6033CB88
Certificate serial: 0D1D
Authority key identifier: 34:DC:20:12:9E:AD:6F:41:A7:CA:2D:99:C9:BD:3E:7E:60:33:CB:88
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/0592D90E02E111F0BFF53A15C4F9AE02.roa
Signing time: Fri 20 Mar 2026 19:23:54 +0000
ROA not before: Fri 20 Mar 2026 19:23:54 +0000
ROA not after: Fri 28 May 2027 00:00:00 +0000
asID: 19324
IP address blocks: 101.99.64.0/24 maxlen: 24
101.99.65.0/24 maxlen: 24
101.99.66.0/24 maxlen: 24
101.99.67.0/24 maxlen: 24
101.99.68.0/24 maxlen: 24
101.99.69.0/24 maxlen: 24
101.99.70.0/24 maxlen: 24
101.99.71.0/24 maxlen: 24
101.99.72.0/24 maxlen: 24
101.99.73.0/24 maxlen: 24
101.99.74.0/24 maxlen: 24
101.99.77.0/24 maxlen: 24
101.99.78.0/24 maxlen: 24
101.99.79.0/24 maxlen: 24
101.99.80.0/24 maxlen: 24
101.99.81.0/24 maxlen: 24
101.99.82.0/24 maxlen: 24
101.99.83.0/24 maxlen: 24
101.99.84.0/24 maxlen: 24
101.99.85.0/24 maxlen: 24
101.99.86.0/24 maxlen: 24
101.99.87.0/24 maxlen: 24
101.99.88.0/24 maxlen: 24
101.99.89.0/24 maxlen: 24
101.99.90.0/24 maxlen: 24
101.99.91.0/24 maxlen: 24
111.90.128.0/24 maxlen: 24
111.90.129.0/24 maxlen: 24
111.90.130.0/24 maxlen: 24
111.90.131.0/24 maxlen: 24
111.90.132.0/24 maxlen: 24
111.90.133.0/24 maxlen: 24
111.90.134.0/24 maxlen: 24
111.90.135.0/24 maxlen: 24
111.90.136.0/24 maxlen: 24
111.90.137.0/24 maxlen: 24
111.90.138.0/24 maxlen: 24
111.90.139.0/24 maxlen: 24
111.90.140.0/24 maxlen: 24
111.90.141.0/24 maxlen: 24
111.90.142.0/24 maxlen: 24
111.90.143.0/24 maxlen: 24
111.90.144.0/24 maxlen: 24
111.90.145.0/24 maxlen: 24
111.90.146.0/24 maxlen: 24
111.90.147.0/24 maxlen: 24
111.90.148.0/24 maxlen: 24
111.90.149.0/24 maxlen: 24
111.90.150.0/24 maxlen: 24
111.90.151.0/24 maxlen: 24
111.90.152.0/24 maxlen: 24
111.90.153.0/24 maxlen: 24
111.90.154.0/24 maxlen: 24
111.90.155.0/24 maxlen: 24
111.90.158.0/24 maxlen: 24
111.90.159.0/24 maxlen: 24
124.217.224.0/24 maxlen: 24
124.217.225.0/24 maxlen: 24
124.217.226.0/24 maxlen: 24
124.217.227.0/24 maxlen: 24
124.217.228.0/24 maxlen: 24
124.217.229.0/24 maxlen: 24
124.217.230.0/24 maxlen: 24
124.217.231.0/24 maxlen: 24
124.217.232.0/24 maxlen: 24
124.217.233.0/24 maxlen: 24
124.217.234.0/24 maxlen: 24
124.217.235.0/24 maxlen: 24
124.217.236.0/24 maxlen: 24
124.217.237.0/24 maxlen: 24
124.217.238.0/24 maxlen: 24
124.217.239.0/24 maxlen: 24
124.217.240.0/24 maxlen: 24
124.217.241.0/24 maxlen: 24
124.217.242.0/24 maxlen: 24
124.217.243.0/24 maxlen: 24
124.217.244.0/24 maxlen: 24
124.217.245.0/24 maxlen: 24
124.217.246.0/24 maxlen: 24
124.217.247.0/24 maxlen: 24
124.217.248.0/24 maxlen: 24
124.217.249.0/24 maxlen: 24
124.217.250.0/24 maxlen: 24
124.217.251.0/24 maxlen: 24
124.217.252.0/24 maxlen: 24
124.217.253.0/24 maxlen: 24
124.217.254.0/24 maxlen: 24
124.217.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.crl
rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 18:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3357 (0xd1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9152D08, serialNumber=34DC20129EAD6F41A7CA2D99C9BD3E7E6033CB88
Validity
Not Before: Mar 20 19:23:54 2026 GMT
Not After : May 28 00:00:00 2027 GMT
Subject: CN=69bd9eca-7236
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6f:73:3d:4a:09:65:f4:7d:3d:56:28:64:69:
0a:0d:ed:e0:d5:a3:d5:7e:e9:a1:f1:1d:8d:ad:5d:
3b:e4:28:bd:a1:53:bd:0a:49:44:7b:37:28:02:0a:
93:17:91:62:c4:2b:22:ec:f9:c3:19:1a:ed:1e:ea:
1c:47:82:77:e2:f3:bb:c7:ad:36:5f:52:06:0c:2b:
7c:11:2a:5c:0b:2b:b9:f2:f7:94:ba:2b:cd:57:00:
61:d3:d0:b1:2f:5e:fa:8a:60:96:9c:1c:d5:bd:cc:
c7:90:df:d9:ee:3c:ea:52:97:58:3a:ff:97:73:24:
d2:19:32:f3:81:e9:3a:fa:fa:05:f3:94:e1:09:d4:
0d:bb:46:97:83:db:e6:3b:ae:43:1d:22:71:70:7c:
f7:0e:d5:8b:ca:e5:7a:04:89:3d:b0:cd:5b:48:33:
8a:e9:66:6c:c2:da:a8:d2:f8:4c:92:d7:45:7a:70:
8f:16:af:75:c5:ab:22:d5:90:7b:61:f1:36:95:ed:
aa:38:aa:2a:5b:e7:04:a9:12:09:3e:6b:aa:53:26:
3b:56:37:6a:10:fa:28:a2:d5:70:5c:e3:14:3b:9b:
79:55:05:54:bc:9b:9d:0e:93:41:b9:88:cd:0c:d9:
27:d6:17:81:2c:dd:2e:18:d5:97:c8:ca:a7:8f:5e:
62:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:81:B2:33:9C:2B:83:4F:30:4E:20:5C:6A:80:8A:B6:EF:67:05:59
X509v3 Authority Key Identifier:
keyid:34:DC:20:12:9E:AD:6F:41:A7:CA:2D:99:C9:BD:3E:7E:60:33:CB:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/0592D90E02E111F0BFF53A15C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
101.99.64.0-101.99.74.255
101.99.77.0-101.99.91.255
111.90.128.0-111.90.155.255
111.90.158.0/23
124.217.224.0/19
Signature Algorithm: sha256WithRSAEncryption
40:4a:0e:54:0a:da:1a:b3:d8:4d:74:da:ba:bf:fe:60:a4:78:
61:ed:e7:0d:e6:cb:66:83:e5:fe:19:21:32:0b:e7:a4:d7:56:
19:d0:8b:e8:4b:a2:77:58:91:3d:58:6f:c2:40:30:d8:d8:42:
79:f1:c2:ec:eb:ae:34:30:88:3c:40:02:1f:90:c3:12:66:0b:
43:7c:cc:a0:79:10:cc:41:eb:a3:f2:3b:0e:90:51:57:7a:b5:
dd:7b:b9:80:ae:28:25:34:26:63:17:e3:36:de:b3:f0:8e:4b:
1e:34:c0:e6:73:4d:12:b1:88:57:92:50:1e:75:73:cf:94:cf:
37:cc:86:88:ad:27:36:3f:22:1e:c1:5d:d8:44:6e:0d:f4:b8:
af:43:e2:72:8d:db:0e:5e:d4:f0:c0:15:5f:bb:81:94:47:9f:
85:ae:1a:66:86:27:a6:7f:35:0f:b3:61:14:a2:10:58:d4:c9:
f5:64:b7:b0:6a:56:bc:b6:9c:cd:96:2e:70:99:64:99:73:94:
ee:1c:54:75:f6:7c:25:1d:87:fa:0f:c1:e1:f7:61:01:5f:56:
8a:fe:16:33:e3:54:cd:12:07:90:40:a1:52:2b:cd:4c:10:04:
d1:6a:9c:b5:49:71:1d:94:5f:96:0a:d0:68:20:10:24:b0:81:
00:e5:1c:0c
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgICDR0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTJEMDgxMTAvBgNVBAUTKDM0REMyMDEyOUVBRDZGNDFBN0NBMkQ5OUM5QkQzRTdF
NjAzM0NCODgwHhcNMjYwMzIwMTkyMzU0WhcNMjcwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWJkOWVjYS03MjM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo29zPUoJZfR9PVYoZGkKDe3g1aPVfumh8R2NrV075Ci9oVO9CklEezcoAgqT
F5FixCsi7PnDGRrtHuocR4J34vO7x602X1IGDCt8ESpcCyu58veUuivNVwBh09Cx
L176imCWnBzVvczHkN/Z7jzqUpdYOv+XcyTSGTLzgek6+voF85ThCdQNu0aXg9vm
O65DHSJxcHz3DtWLyuV6BIk9sM1bSDOK6WZswtqo0vhMktdFenCPFq91xasi1ZB7
YfE2le2qOKoqW+cEqRIJPmuqUyY7VjdqEPoootVwXOMUO5t5VQVUvJudDpNBuYjN
DNkn1heBLN0uGNWXyMqnj15iKQIDAQABo4ICkDCCAowwHQYDVR0OBBYEFFKBsjOc
K4NPME4gXGqAirbvZwVZMB8GA1UdIwQYMBaAFDTcIBKerW9Bp8otmcm9Pn5gM8uI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MkQwOC9GOUMzMzM5MjFE
ODcxMUVBQTlDNUIxNzBDNEY5QUUwMi9OTndnRXA2dGIwR255aTJaeWIwLWZtQXp5
NGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05Od2dFcDZ0YjBHbnlpMlp5YjAtZm1Benk0Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTJEMDgvRjlDMzMzOTIxRDg3MTFFQUE5QzVCMTcwQzRGOUFFMDIvMDU5MkQ5MEUw
MkUxMTFGMEJGRjUzQTE1QzRGOUFFMDIucm9hME8GCCsGAQUFBwEHAQH/BEAwPjA8
BAIAATA2MAwDBAZlY0ADBABlY0owDAMEAGVjTQMEAmVjWDAMAwQHb1qAAwQCb1qY
AwQBb1qeAwQFfNngMA0GCSqGSIb3DQEBCwUAA4IBAQBASg5UCtoas9hNdNq6v/5g
pHhh7ecN5stmg+X+GSEyC+ek11YZ0IvoS6J3WJE9WG/CQDDY2EJ58cLs6640MIg8
QAIfkMMSZgtDfMygeRDMQeuj8jsOkFFXerXde7mAriglNCZjF+M23rPwjkseNMDm
c00SsYhXklAedXPPlM83zIaIrSc2PyIewV3YRG4N9LivQ+JyjdsOXtTwwBVfu4GU
R5+FrhpmhiemfzUPs2EUohBY1Mn1ZLewala8tpzNli5wmWSZc5TuHFR19nwlHYf6
D8Hh92EBX1aK/hYz41TNEgeQQKFSK81MEATRapy1SXEdlF+WCtBoIBAksIEA5RwM
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:07:04 2026 by rpki-client