Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91619BE/752991C61D8511E293861BDC08B02CD2/3AA9ABDAA6C711E9933CF621C4F9AE02.roa
File: 3AA9ABDAA6C711E9933CF621C4F9AE02.roa (raw, json)
Hash identifier: 5xrvwd9wykrQSjJGjbZMcy2tvJM0usXrdwNXmfdom5Y=
Subject key identifier: AC:B1:5E:07:44:6F:14:DF:54:64:B3:D4:84:D4:BA:03:E7:06:F3:9B
Certificate issuer: /CN=A91619BE/serialNumber=C316319585EE2CF247B5350371467DC269DC9CE5
Certificate serial: 355A
Authority key identifier: C3:16:31:95:85:EE:2C:F2:47:B5:35:03:71:46:7D:C2:69:DC:9C:E5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wxYxlYXuLPJHtTUDcUZ9wmncnOU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91619BE/752991C61D8511E293861BDC08B02CD2/3AA9ABDAA6C711E9933CF621C4F9AE02.roa
Signing time: Sun 01 Mar 2026 16:57:55 +0000
ROA not before: Wed 02 Jul 2025 14:50:29 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 9927
IP address blocks: 45.64.120.0/24 maxlen: 24
45.64.121.0/24 maxlen: 24
45.64.122.0/24 maxlen: 24
45.64.123.0/24 maxlen: 24
58.97.160.0/24 maxlen: 24
58.97.161.0/24 maxlen: 24
58.97.163.0/24 maxlen: 24
58.97.164.0/24 maxlen: 24
58.97.165.0/24 maxlen: 24
58.97.166.0/24 maxlen: 24
58.97.167.0/24 maxlen: 24
58.97.168.0/24 maxlen: 24
58.97.169.0/24 maxlen: 24
58.97.170.0/24 maxlen: 24
58.97.171.0/24 maxlen: 24
58.97.172.0/24 maxlen: 24
58.97.173.0/24 maxlen: 24
58.97.174.0/24 maxlen: 24
58.97.175.0/24 maxlen: 24
58.97.176.0/24 maxlen: 24
58.97.177.0/24 maxlen: 24
58.97.178.0/24 maxlen: 24
58.97.179.0/24 maxlen: 24
58.97.180.0/24 maxlen: 24
58.97.181.0/24 maxlen: 24
58.97.182.0/24 maxlen: 24
58.97.183.0/24 maxlen: 24
58.97.184.0/24 maxlen: 24
58.97.185.0/24 maxlen: 24
58.97.186.0/24 maxlen: 24
58.97.187.0/24 maxlen: 24
58.97.188.0/24 maxlen: 24
58.97.189.0/24 maxlen: 24
58.97.190.0/24 maxlen: 24
58.97.191.0/24 maxlen: 24
103.21.12.0/24 maxlen: 24
103.21.13.0/24 maxlen: 24
103.21.14.0/24 maxlen: 24
103.21.15.0/24 maxlen: 24
202.57.32.0/24 maxlen: 24
202.57.33.0/24 maxlen: 24
202.57.34.0/24 maxlen: 24
202.57.35.0/24 maxlen: 24
202.57.36.0/24 maxlen: 24
202.57.37.0/24 maxlen: 24
202.57.38.0/24 maxlen: 24
202.57.39.0/24 maxlen: 24
202.57.40.0/24 maxlen: 24
202.57.41.0/24 maxlen: 24
202.57.42.0/24 maxlen: 24
202.57.43.0/24 maxlen: 24
202.57.44.0/24 maxlen: 24
202.57.45.0/24 maxlen: 24
202.57.46.0/24 maxlen: 24
202.57.47.0/24 maxlen: 24
202.57.48.0/24 maxlen: 24
202.57.49.0/24 maxlen: 24
202.57.50.0/24 maxlen: 24
202.57.51.0/24 maxlen: 24
202.57.52.0/24 maxlen: 24
202.57.53.0/24 maxlen: 24
202.57.54.0/24 maxlen: 24
202.57.55.0/24 maxlen: 24
202.57.57.0/24 maxlen: 24
202.57.58.0/24 maxlen: 24
202.57.61.0/24 maxlen: 24
202.57.62.0/24 maxlen: 24
202.57.63.0/24 maxlen: 24
2405:d400::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91619BE/752991C61D8511E293861BDC08B02CD2/wxYxlYXuLPJHtTUDcUZ9wmncnOU.crl
rsync://rpki.apnic.net/member_repository/A91619BE/752991C61D8511E293861BDC08B02CD2/wxYxlYXuLPJHtTUDcUZ9wmncnOU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wxYxlYXuLPJHtTUDcUZ9wmncnOU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 14:25:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13658 (0x355a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91619BE, serialNumber=C316319585EE2CF247B5350371467DC269DC9CE5
Validity
Not Before: Jul 2 14:50:29 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=69a47013-b4b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3f:7a:aa:2a:ee:88:59:f4:6e:17:5f:ec:26:
1e:a8:4e:ce:4b:21:92:61:5a:1d:cc:8d:58:d9:33:
fe:59:19:c9:9d:4a:6f:75:ae:95:2a:cc:5a:b9:16:
47:52:33:f2:e5:f9:f2:7d:f9:bd:b0:d8:fc:2c:8d:
d3:dd:ec:c8:a2:66:46:77:7e:c7:58:0a:d8:3b:2c:
3b:04:33:2f:fa:b7:75:f1:5c:c8:b1:81:95:01:97:
08:da:31:76:1d:f1:67:67:56:b2:4d:08:20:76:8b:
4b:2a:ee:17:89:8c:dd:3a:5b:94:e9:bd:d6:ca:af:
fb:fb:fb:ad:a3:0d:f2:f0:9d:0e:6d:fc:c8:b8:e5:
43:1f:9b:d0:c1:6b:6a:43:d5:18:47:18:94:38:51:
64:41:c8:85:b5:d8:05:d8:21:ff:ff:f8:19:37:30:
98:2d:1a:2b:b7:8e:1c:a1:c3:4b:11:c2:a0:79:99:
db:29:bc:99:51:70:93:4a:a4:c4:ef:68:19:7f:bd:
13:0c:aa:dc:9e:87:d1:e1:87:8e:10:3b:45:e1:dc:
2d:ec:46:80:52:e6:ba:06:cc:36:f1:18:40:9b:96:
0d:d0:47:07:02:65:22:1a:c1:db:e7:60:3c:f7:68:
5c:86:f2:fe:a8:16:14:35:15:28:38:64:4f:12:bb:
59:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:B1:5E:07:44:6F:14:DF:54:64:B3:D4:84:D4:BA:03:E7:06:F3:9B
X509v3 Authority Key Identifier:
keyid:C3:16:31:95:85:EE:2C:F2:47:B5:35:03:71:46:7D:C2:69:DC:9C:E5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91619BE/752991C61D8511E293861BDC08B02CD2/wxYxlYXuLPJHtTUDcUZ9wmncnOU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wxYxlYXuLPJHtTUDcUZ9wmncnOU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91619BE/752991C61D8511E293861BDC08B02CD2/3AA9ABDAA6C711E9933CF621C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.64.120.0/22
58.97.160.0/23
58.97.163.0-58.97.191.255
103.21.12.0/22
202.57.32.0-202.57.55.255
202.57.57.0-202.57.58.255
202.57.61.0-202.57.63.255
IPv6:
2405:d400::/32
Signature Algorithm: sha256WithRSAEncryption
ab:4c:76:e3:63:32:74:d0:99:17:c6:80:88:f5:61:64:da:98:
08:21:8b:6c:93:d0:62:f0:40:67:bf:37:94:d0:a4:f7:c3:86:
dd:93:19:b4:fd:62:c3:91:fe:c7:97:7e:ee:4a:44:f5:30:0b:
76:96:c1:0e:bd:d8:f7:00:f4:0f:25:72:4b:12:36:61:1b:9a:
89:29:c8:e3:32:34:4c:de:e9:b1:13:07:17:23:94:ab:94:84:
a3:9e:5b:24:3f:9d:cd:dd:39:ae:0a:87:48:87:af:71:1c:fa:
c8:c7:b2:79:6e:b8:38:af:22:f3:43:bf:3d:68:d4:a5:d7:7e:
55:20:96:95:4f:35:a3:d6:fe:14:2d:1d:f0:33:18:11:44:fe:
c5:ee:6b:e9:34:85:90:11:32:52:89:23:2f:aa:2f:81:ec:8a:
df:31:6a:19:46:6d:ef:99:5d:cf:46:29:48:95:5a:f1:c9:5c:
24:bb:00:c5:04:1d:57:67:91:96:e0:ca:48:70:7d:6d:14:ac:
e3:46:cc:72:ed:cb:6a:ed:b5:23:d3:2d:88:4a:66:f8:4f:7c:
50:c7:8d:92:f9:59:87:72:f5:3a:b9:fe:eb:07:00:35:7a:3d:
52:93:a2:79:8a:39:bb:9d:cd:0b:b8:13:a9:99:9b:97:8d:0a:
60:87:f9:31
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICNVowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjE5QkUxMTAvBgNVBAUTKEMzMTYzMTk1ODVFRTJDRjI0N0I1MzUwMzcxNDY3REMy
NjlEQzlDRTUwHhcNMjUwNzAyMTQ1MDI5WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NzAxMy1iNGI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqj96qiruiFn0bhdf7CYeqE7OSyGSYVodzI1Y2TP+WRnJnUpvda6VKsxauRZH
UjPy5fnyffm9sNj8LI3T3ezIomZGd37HWArYOyw7BDMv+rd18VzIsYGVAZcI2jF2
HfFnZ1ayTQggdotLKu4XiYzdOluU6b3Wyq/7+/utow3y8J0ObfzIuOVDH5vQwWtq
Q9UYRxiUOFFkQciFtdgF2CH///gZNzCYLRort44cocNLEcKgeZnbKbyZUXCTSqTE
72gZf70TDKrcnofR4YeOEDtF4dwt7EaAUua6Bsw28RhAm5YN0EcHAmUiGsHb52A8
92hchvL+qBYUNRUoOGRPErtZCwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFKyxXgdE
bxTfVGSz1ITUugPnBvObMB8GA1UdIwQYMBaAFMMWMZWF7izyR7U1A3FGfcJp3Jzl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MTlCRS83NTI5OTFDNjFE
ODUxMUUyOTM4NjFCREMwOEIwMkNEMi93eFl4bFlYdUxQSkh0VFVEY1VaOXdtbmNu
T1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3d4WXhsWVh1TFBKSHRUVURjVVo5d21uY25PVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjE5QkUvNzUyOTkxQzYxRDg1MTFFMjkzODYxQkRDMDhCMDJDRDIvM0FBOUFCREFB
NkM3MTFFOTkzM0NGNjIxQzRGOUFFMDIucm9hMHIGCCsGAQUFBwEHAQH/BGMwYTBQ
BAIAATBKAwQCLUB4AwQBOmGgMAwDBAA6YaMDBAY6YYADBAJnFQwwDAMEBco5IAME
A8o5MDAMAwQAyjk5AwQAyjk6MAwDBADKOT0DBAbKOQAwDQQCAAIwBwMFACQF1AAw
DQYJKoZIhvcNAQELBQADggEBAKtMduNjMnTQmRfGgIj1YWTamAghi2yT0GLwQGe/
N5TQpPfDht2TGbT9YsOR/seXfu5KRPUwC3aWwQ692PcA9A8lcksSNmEbmokpyOMy
NEze6bETBxcjlKuUhKOeWyQ/nc3dOa4Kh0iHr3Ec+sjHsnluuDivIvNDvz1o1KXX
flUglpVPNaPW/hQtHfAzGBFE/sXua+k0hZARMlKJIy+qL4Hsit8xahlGbe+ZXc9G
KUiVWvHJXCS7AMUEHVdnkZbgykhwfW0UrONGzHLty2rttSPTLYhKZvhPfFDHjZL5
WYdy9Tq5/usHADV6PVKTonmKObudzQu4E6mZm5eNCmCH+TE=
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:58:16 2026 by rpki-client