Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/AD3B2582EF9A11EDA4E50366C4F9AE02.roa
File: AD3B2582EF9A11EDA4E50366C4F9AE02.roa (raw, json)
Hash identifier: YdIG+LX9/nSnlUWidUhwdiQq+gtN7y6hQuASQmVjG5Y=
Subject key identifier: 85:F0:99:D1:FD:B4:2B:7F:4D:09:13:A7:37:D4:03:A0:41:19:54:86
Certificate issuer: /CN=A91798AD/serialNumber=7C1A0F48EA43231FA3343D592821EF29E8D2B31B
Certificate serial: 1CFA
Authority key identifier: 7C:1A:0F:48:EA:43:23:1F:A3:34:3D:59:28:21:EF:29:E8:D2:B3:1B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fBoPSOpDIx-jND1ZKCHvKejSsxs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/AD3B2582EF9A11EDA4E50366C4F9AE02.roa
Signing time: Sun 01 Mar 2026 15:54:51 +0000
ROA not before: Tue 09 Sep 2025 07:56:30 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 4761
IP address blocks: 103.105.24.0/24 maxlen: 24
103.105.25.0/24 maxlen: 24
103.105.27.0/24 maxlen: 24
103.108.20.0/24 maxlen: 24
103.108.21.0/24 maxlen: 24
103.108.22.0/24 maxlen: 24
103.108.23.0/24 maxlen: 24
114.0.0.0/16 maxlen: 24
114.1.0.0/16 maxlen: 24
114.2.0.0/16 maxlen: 24
114.3.0.0/16 maxlen: 24
114.4.0.0/16 maxlen: 24
114.5.0.0/16 maxlen: 24
114.6.0.0/16 maxlen: 24
114.7.0.0/16 maxlen: 24
114.8.0.0/16 maxlen: 24
114.9.0.0/16 maxlen: 24
114.10.0.0/16 maxlen: 23
114.10.0.0/19 maxlen: 24
114.10.33.0/24 maxlen: 24
114.10.34.0/23 maxlen: 24
114.10.36.0/22 maxlen: 24
114.10.40.0/21 maxlen: 24
114.10.48.0/20 maxlen: 24
114.10.64.0/18 maxlen: 24
114.10.128.0/17 maxlen: 24
114.11.0.0/16 maxlen: 24
114.12.0.0/16 maxlen: 24
114.13.0.0/16 maxlen: 24
114.14.0.0/16 maxlen: 24
114.15.0.0/16 maxlen: 24
120.160.0.0/11 maxlen: 11
120.188.0.0/21 maxlen: 21
120.188.0.0/22 maxlen: 22
120.188.4.0/22 maxlen: 22
120.188.4.0/24 maxlen: 24
120.188.32.0/21 maxlen: 21
120.188.34.0/23 maxlen: 23
120.188.37.0/24 maxlen: 24
120.188.39.0/24 maxlen: 24
120.188.64.0/22 maxlen: 22
120.188.64.0/23 maxlen: 23
120.188.66.0/23 maxlen: 23
120.188.72.0/21 maxlen: 21
120.188.72.0/22 maxlen: 22
120.188.76.0/22 maxlen: 22
120.188.80.0/21 maxlen: 21
120.188.80.0/22 maxlen: 22
120.188.84.0/22 maxlen: 22
120.188.92.0/22 maxlen: 22
124.195.2.0/24 maxlen: 24
124.195.3.0/24 maxlen: 24
124.195.5.0/24 maxlen: 24
124.195.6.0/23 maxlen: 24
124.195.8.0/23 maxlen: 24
124.195.12.0/22 maxlen: 22
124.195.12.0/23 maxlen: 24
124.195.15.0/24 maxlen: 24
124.195.16.0/24 maxlen: 24
124.195.18.0/24 maxlen: 24
124.195.19.0/24 maxlen: 24
124.195.26.0/23 maxlen: 24
124.195.28.0/23 maxlen: 24
124.195.32.0/23 maxlen: 24
124.195.34.0/23 maxlen: 24
124.195.36.0/23 maxlen: 24
124.195.48.0/22 maxlen: 22
124.195.48.0/23 maxlen: 23
124.195.50.0/24 maxlen: 24
124.195.51.0/24 maxlen: 24
124.195.52.0/22 maxlen: 22
124.195.52.0/24 maxlen: 24
124.195.54.0/23 maxlen: 24
124.195.56.0/22 maxlen: 22
124.195.58.0/23 maxlen: 24
124.195.124.0/23 maxlen: 24
202.93.32.0/20 maxlen: 20
202.93.32.0/24 maxlen: 24
202.93.33.0/24 maxlen: 24
202.93.34.0/24 maxlen: 24
202.93.36.0/24 maxlen: 24
202.93.39.0/24 maxlen: 24
202.93.40.0/23 maxlen: 23
202.93.41.0/24 maxlen: 24
202.93.42.0/24 maxlen: 24
202.93.43.0/24 maxlen: 24
202.93.44.0/24 maxlen: 24
202.93.46.0/24 maxlen: 24
202.93.47.0/24 maxlen: 24
202.152.160.0/20 maxlen: 20
202.152.160.0/24 maxlen: 24
202.152.162.0/24 maxlen: 24
202.152.163.0/24 maxlen: 24
202.152.168.0/24 maxlen: 24
202.152.175.0/24 maxlen: 24
2407::/32 maxlen: 32
2407:0:33bc::/46 maxlen: 46
2407:0:33c0::/43 maxlen: 43
2407:0:3780::/44 maxlen: 44
2407:0:3790::/44 maxlen: 44
2407:0:37a0::/44 maxlen: 44
2407:0:37b0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/fBoPSOpDIx-jND1ZKCHvKejSsxs.crl
rsync://rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/fBoPSOpDIx-jND1ZKCHvKejSsxs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fBoPSOpDIx-jND1ZKCHvKejSsxs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 16:07:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7418 (0x1cfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91798AD, serialNumber=7C1A0F48EA43231FA3343D592821EF29E8D2B31B
Validity
Not Before: Sep 9 07:56:30 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=69a4614b-16bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d9:cf:30:94:d1:3e:9f:56:2a:9d:aa:b6:7b:
97:d3:86:32:87:cc:20:83:6c:14:15:5a:10:6e:a1:
cc:4b:78:a0:1a:9a:f0:2d:ac:46:03:2f:25:17:4d:
c9:30:f9:00:31:ff:1c:83:85:8d:ba:d7:18:7f:93:
6a:09:6c:94:1a:3f:c0:2a:a0:bf:1b:0f:21:36:92:
78:06:22:ce:fe:83:a2:b8:8f:17:67:95:08:62:d4:
58:57:05:46:a8:42:4d:3f:84:61:ff:40:71:13:b6:
8b:06:85:29:0d:38:da:2e:5a:e7:2f:4f:89:4f:5c:
41:31:67:db:fa:2b:55:d6:a6:af:60:9e:d6:16:59:
7f:0d:1e:b1:91:90:f3:92:af:09:87:d8:fe:4c:07:
07:d1:a8:73:e5:75:59:d4:dc:99:a5:a9:51:59:f0:
3b:f9:f1:3c:60:71:59:4f:ab:cf:1c:37:9b:1e:9e:
f2:1c:bd:c1:91:be:72:54:4f:5b:ff:30:fa:21:79:
5d:20:ff:03:96:ad:4f:24:85:d3:79:da:19:1f:34:
c5:09:22:ff:89:b7:5b:2a:e6:fa:40:32:6b:a3:cd:
72:7b:b8:c3:9d:5a:c1:3b:9b:87:59:61:2a:fc:3e:
a6:93:bc:8b:5b:4b:27:b3:97:b3:80:21:2f:10:0d:
90:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:F0:99:D1:FD:B4:2B:7F:4D:09:13:A7:37:D4:03:A0:41:19:54:86
X509v3 Authority Key Identifier:
keyid:7C:1A:0F:48:EA:43:23:1F:A3:34:3D:59:28:21:EF:29:E8:D2:B3:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/fBoPSOpDIx-jND1ZKCHvKejSsxs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fBoPSOpDIx-jND1ZKCHvKejSsxs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/AD3B2582EF9A11EDA4E50366C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.105.24.0/23
103.105.27.0/24
103.108.20.0/22
114.0.0.0/12
120.160.0.0/11
124.195.2.0/23
124.195.5.0-124.195.9.255
124.195.12.0-124.195.16.255
124.195.18.0/23
124.195.26.0-124.195.29.255
124.195.32.0-124.195.37.255
124.195.48.0-124.195.59.255
124.195.124.0/23
202.93.32.0/20
202.152.160.0/20
IPv6:
2407::/32
Signature Algorithm: sha256WithRSAEncryption
a4:32:b0:44:38:a2:c5:88:e9:74:9d:c7:e6:62:d9:2e:3e:94:
56:35:d3:47:70:94:5e:f9:4a:7d:fa:ef:79:6c:50:ab:53:ca:
dc:85:fc:8a:05:f0:57:f7:49:a4:80:a2:dd:82:6a:39:01:d3:
db:31:02:98:63:96:df:96:31:b4:07:8f:5e:a9:8b:b0:48:73:
72:dc:82:85:13:e5:e1:2c:3e:cd:cf:d2:1d:36:af:ff:8a:4d:
4a:df:dd:72:5a:ba:1a:78:e7:bf:7d:6d:0d:62:da:dd:93:69:
0b:9b:94:de:bc:ee:ad:39:1b:c2:ae:32:c4:7a:93:cc:fd:b2:
4f:a8:3f:2a:75:35:e5:79:30:02:fe:2b:26:87:63:a7:46:03:
3b:f1:d1:16:02:92:6a:94:38:bb:06:c7:cb:11:b8:b3:70:e1:
a2:36:a6:51:0b:61:ba:19:70:92:ec:85:e5:57:5b:a0:f3:d3:
12:73:ed:f8:72:ed:b4:cb:91:c6:d7:e5:63:0f:b9:bd:7b:53:
eb:f6:d2:4a:73:c0:63:06:27:38:cf:52:f5:cb:35:3d:8e:13:
09:57:a8:38:6b:4e:f3:13:e6:e0:a8:b5:c5:1c:32:36:1e:bc:
d0:ff:1f:c6:0a:3c:c6:b2:f5:ce:23:a0:ea:cb:98:2d:cd:62:
27:17:93:a8
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgICHPowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Nzk4QUQxMTAvBgNVBAUTKDdDMUEwRjQ4RUE0MzIzMUZBMzM0M0Q1OTI4MjFFRjI5
RThEMkIzMUIwHhcNMjUwOTA5MDc1NjMwWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NjE0Yi0xNmJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAodnPMJTRPp9WKp2qtnuX04Yyh8wgg2wUFVoQbqHMS3igGprwLaxGAy8lF03J
MPkAMf8cg4WNutcYf5NqCWyUGj/AKqC/Gw8hNpJ4BiLO/oOiuI8XZ5UIYtRYVwVG
qEJNP4Rh/0BxE7aLBoUpDTjaLlrnL0+JT1xBMWfb+itV1qavYJ7WFll/DR6xkZDz
kq8Jh9j+TAcH0ahz5XVZ1NyZpalRWfA7+fE8YHFZT6vPHDebHp7yHL3Bkb5yVE9b
/zD6IXldIP8Dlq1PJIXTedoZHzTFCSL/ibdbKub6QDJro81ye7jDnVrBO5uHWWEq
/D6mk7yLW0sns5ezgCEvEA2QYQIDAQABo4IC7jCCAuowHQYDVR0OBBYEFIXwmdH9
tCt/TQkTpzfUA6BBGVSGMB8GA1UdIwQYMBaAFHwaD0jqQyMfozQ9WSgh7yno0rMb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OThBRC83MEVGQjRBQ0ZF
MkExMUU2OEYyQzVBMTNDNEY5QUUwMi9mQm9QU09wREl4LWpORDFaS0NIdktlalNz
eHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZCb1BTT3BESXgtak5EMVpLQ0h2S2VqU3N4cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Nzk4QUQvNzBFRkI0QUNGRTJBMTFFNjhGMkM1QTEzQzRGOUFFMDIvQUQzQjI1ODJF
RjlBMTFFREE0RTUwMzY2QzRGOUFFMDIucm9hMIGsBggrBgEFBQcBBwEB/wSBnDCB
mTCBhwQCAAEwgYADBAFnaRgDBABnaRsDBAJnbBQDAwRyAAMDBXigAwQBfMMCMAwD
BAB8wwUDBAF8wwgwDAMEAnzDDAMEAHzDEAMEAXzDEjAMAwQBfMMaAwQBfMMcMAwD
BAV8wyADBAF8wyQwDAMEBHzDMAMEAnzDOAMEAXzDfAMEBMpdIAMEBMqYoDANBAIA
AjAHAwUAJAcAADANBgkqhkiG9w0BAQsFAAOCAQEApDKwRDiixYjpdJ3H5mLZLj6U
VjXTR3CUXvlKffrveWxQq1PK3IX8igXwV/dJpICi3YJqOQHT2zECmGOW35YxtAeP
XqmLsEhzctyChRPl4Sw+zc/SHTav/4pNSt/dclq6Gnjnv31tDWLa3ZNpC5uU3rzu
rTkbwq4yxHqTzP2yT6g/KnU15XkwAv4rJodjp0YDO/HRFgKSapQ4uwbHyxG4s3Dh
ojamUQthuhlwkuyF5VdboPPTEnPt+HLttMuRxtflYw+5vXtT6/bSSnPAYwYnOM9S
9cs1PY4TCVeoOGtO8xPm4Ki1xRwyNh680P8fxgo8xrL1ziOg6suYLc1iJxeTqA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:55:39 2026 by rpki-client