Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917BB9A/49CD0304CFF311EF9062E521C4F9AE02/3399F4B0211A11F19B671427273D8C67.roa
File: 3399F4B0211A11F19B671427273D8C67.roa (raw, json)
Hash identifier: 6GVvLxBvupxrtITtxXpKKBHll2LPhTtA6qY+dXXMVfw=
Subject key identifier: 49:EE:77:1F:E9:6F:CB:FC:57:A0:A7:F1:BC:00:F3:E5:37:54:8B:C2
Certificate issuer: /CN=A917BB9A/serialNumber=A6172EEBE1FCD1A978CCA467E1B58A30B37951EB
Certificate serial: 0170
Authority key identifier: A6:17:2E:EB:E1:FC:D1:A9:78:CC:A4:67:E1:B5:8A:30:B3:79:51:EB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/phcu6-H80al4zKRn4bWKMLN5Ues.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917BB9A/49CD0304CFF311EF9062E521C4F9AE02/3399F4B0211A11F19B671427273D8C67.roa
Signing time: Mon 16 Mar 2026 13:01:29 +0000
ROA not before: Mon 16 Mar 2026 13:01:29 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 56209
IP address blocks: 150.129.172.0/23 maxlen: 23
150.129.172.0/24 maxlen: 24
150.129.173.0/24 maxlen: 24
150.129.174.0/23 maxlen: 23
150.129.174.0/24 maxlen: 24
150.129.175.0/24 maxlen: 24
202.47.112.0/24 maxlen: 24
202.47.113.0/24 maxlen: 24
202.47.114.0/24 maxlen: 24
202.47.115.0/24 maxlen: 24
202.47.116.0/24 maxlen: 24
202.47.117.0/24 maxlen: 24
202.47.118.0/24 maxlen: 24
202.47.119.0/24 maxlen: 24
202.71.0.0/23 maxlen: 23
202.71.0.0/24 maxlen: 24
202.71.1.0/24 maxlen: 24
202.71.2.0/23 maxlen: 23
202.71.2.0/24 maxlen: 24
202.71.3.0/24 maxlen: 24
202.71.24.0/23 maxlen: 23
202.71.24.0/24 maxlen: 24
202.71.25.0/24 maxlen: 24
202.71.26.0/24 maxlen: 24
202.71.27.0/24 maxlen: 24
202.71.28.0/24 maxlen: 24
202.71.29.0/24 maxlen: 24
202.71.30.0/24 maxlen: 24
202.71.31.0/24 maxlen: 24
2401:a3e0::/48 maxlen: 48
2401:a3e0:1::/48 maxlen: 48
2401:a3e0:2::/48 maxlen: 48
2401:a3e0:3::/48 maxlen: 48
2401:a3e0:4::/48 maxlen: 48
2401:a3e0:5::/48 maxlen: 48
2401:a3e0:6::/48 maxlen: 48
2401:a3e0:7::/48 maxlen: 48
2401:a3e0:8::/48 maxlen: 48
2401:a3e0:9::/48 maxlen: 48
2401:a3e0:a::/48 maxlen: 48
2401:a3e0:b::/48 maxlen: 48
2401:a3e0:c::/48 maxlen: 48
2401:a3e0:d::/48 maxlen: 48
2401:a3e0:e::/48 maxlen: 48
2401:a3e0:f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917BB9A/49CD0304CFF311EF9062E521C4F9AE02/phcu6-H80al4zKRn4bWKMLN5Ues.crl
rsync://rpki.apnic.net/member_repository/A917BB9A/49CD0304CFF311EF9062E521C4F9AE02/phcu6-H80al4zKRn4bWKMLN5Ues.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/phcu6-H80al4zKRn4bWKMLN5Ues.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 01 Apr 2026 05:42:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 368 (0x170)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917BB9A, serialNumber=A6172EEBE1FCD1A978CCA467E1B58A30B37951EB
Validity
Not Before: Mar 16 13:01:29 2026 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=69b7ff29-8217
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4d:3f:a0:2c:0b:7d:59:33:97:40:fd:15:44:
ea:93:00:dc:f6:6e:e9:8a:6e:d1:6a:46:4a:f2:89:
a8:8e:2f:ee:87:33:21:2e:48:03:d8:95:14:9d:71:
dd:dd:11:d3:49:83:4a:e9:f5:ae:47:de:9b:aa:a8:
5c:6c:83:da:50:ca:78:79:66:92:d1:e7:2b:14:1c:
fe:e5:f4:4d:5e:a9:93:37:68:83:02:1d:34:b5:fe:
71:ee:ca:17:ee:80:31:d6:ef:4d:4e:4b:c3:d2:d0:
92:3f:20:50:63:c6:0a:b8:ab:90:bc:eb:ae:c7:c0:
b7:c2:37:12:7c:47:0a:d6:38:1a:0d:aa:04:4c:ab:
0d:57:10:46:c7:76:10:4a:f0:72:85:73:81:aa:fa:
97:38:89:26:9f:98:0a:6c:ba:a8:63:a9:c4:78:ce:
00:14:69:b3:88:87:c7:e8:ae:20:23:25:2e:67:0e:
73:a5:ed:9a:17:12:0b:d0:4d:f3:0a:75:f3:96:ab:
0d:18:be:ed:aa:b5:68:d7:e1:9b:6b:67:18:eb:b2:
9a:db:60:c4:7a:2a:e6:5b:a9:6d:b8:a4:20:27:96:
56:fa:ca:6f:7b:38:a0:a0:c1:b9:1b:5a:2b:bb:d9:
05:11:82:de:0b:38:6f:91:cc:7f:ac:04:08:c4:e4:
b9:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:EE:77:1F:E9:6F:CB:FC:57:A0:A7:F1:BC:00:F3:E5:37:54:8B:C2
X509v3 Authority Key Identifier:
keyid:A6:17:2E:EB:E1:FC:D1:A9:78:CC:A4:67:E1:B5:8A:30:B3:79:51:EB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917BB9A/49CD0304CFF311EF9062E521C4F9AE02/phcu6-H80al4zKRn4bWKMLN5Ues.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/phcu6-H80al4zKRn4bWKMLN5Ues.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917BB9A/49CD0304CFF311EF9062E521C4F9AE02/3399F4B0211A11F19B671427273D8C67.roa
sbgp-ipAddrBlock: critical
IPv4:
150.129.172.0/22
202.47.112.0/21
202.71.0.0/22
202.71.24.0/21
IPv6:
2401:a3e0::/44
Signature Algorithm: sha256WithRSAEncryption
6b:9b:84:44:52:7d:9f:c7:60:c1:d5:bb:fa:f3:55:a8:11:92:
55:e5:dd:46:0c:24:26:85:5a:e7:45:dc:fc:80:35:29:ab:0c:
01:db:b1:eb:24:e2:5e:30:50:d3:42:5c:ab:b4:4d:9f:0e:54:
b6:1e:fa:4a:d7:36:7c:ef:7b:c7:25:8f:a8:9d:e4:39:df:c4:
bb:a5:88:bf:19:3b:6a:57:a4:82:3e:09:bd:37:b5:81:37:8d:
84:ef:6c:a0:01:2d:c6:69:26:94:43:62:e1:d7:73:13:01:2c:
1c:a3:cc:27:8b:74:81:2a:ca:de:fe:3f:e0:6b:56:c3:b7:95:
02:c3:49:45:98:0f:0c:31:68:bc:b8:ed:c1:03:35:79:05:76:
e4:68:ed:10:43:d8:24:8d:e6:20:31:ff:20:13:73:74:c0:78:
9f:8e:5f:5b:96:43:b4:76:6c:f1:83:ef:bb:eb:6c:e9:eb:d1:
e6:e4:8b:36:bf:0e:b9:c8:ef:f9:3d:53:8f:06:83:ef:e1:e5:
7a:49:43:85:55:59:90:48:83:60:4f:e3:e7:31:4a:7a:36:6d:
e8:f7:64:a6:49:21:bb:23:42:d7:ed:d4:10:30:90:00:07:38:
27:6e:8c:cc:98:e7:61:37:6f:60:aa:d5:fa:52:bf:81:a9:dd:
52:f0:0f:51
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgICAXAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0JCOUExMTAvBgNVBAUTKEE2MTcyRUVCRTFGQ0QxQTk3OENDQTQ2N0UxQjU4QTMw
QjM3OTUxRUIwHhcNMjYwMzE2MTMwMTI5WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWI3ZmYyOS04MjE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvU0/oCwLfVkzl0D9FUTqkwDc9m7pim7RakZK8omoji/uhzMhLkgD2JUUnXHd
3RHTSYNK6fWuR96bqqhcbIPaUMp4eWaS0ecrFBz+5fRNXqmTN2iDAh00tf5x7soX
7oAx1u9NTkvD0tCSPyBQY8YKuKuQvOuux8C3wjcSfEcK1jgaDaoETKsNVxBGx3YQ
SvByhXOBqvqXOIkmn5gKbLqoY6nEeM4AFGmziIfH6K4gIyUuZw5zpe2aFxIL0E3z
CnXzlqsNGL7tqrVo1+Gba2cY67Ka22DEeirmW6ltuKQgJ5ZW+spvezigoMG5G1or
u9kFEYLeCzhvkcx/rAQIxOS5EQIDAQABo4ICgzCCAn8wHQYDVR0OBBYEFEnudx/p
b8v8V6Cn8bwA8+U3VIvCMB8GA1UdIwQYMBaAFKYXLuvh/NGpeMykZ+G1ijCzeVHr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QkI5QS80OUNEMDMwNENG
RjMxMUVGOTA2MkU1MjFDNEY5QUUwMi9waGN1Ni1IODBhbDR6S1JuNGJXS01MTjVV
ZXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BoY3U2LUg4MGFsNHpLUm40YldLTUxONVVlcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0JCOUEvNDlDRDAzMDRDRkYzMTFFRjkwNjJFNTIxQzRGOUFFMDIvMzM5OUY0QjAy
MTFBMTFGMTlCNjcxNDI3MjczRDhDNjcucm9hMEIGCCsGAQUFBwEHAQH/BDMwMTAe
BAIAATAYAwQCloGsAwQDyi9wAwQCykcAAwQDykcYMA8EAgACMAkDBwQkAaPgAAAw
DQYJKoZIhvcNAQELBQADggEBAGubhERSfZ/HYMHVu/rzVagRklXl3UYMJCaFWudF
3PyANSmrDAHbsesk4l4wUNNCXKu0TZ8OVLYe+krXNnzve8clj6id5DnfxLuliL8Z
O2pXpII+Cb03tYE3jYTvbKABLcZpJpRDYuHXcxMBLByjzCeLdIEqyt7+P+BrVsO3
lQLDSUWYDwwxaLy47cEDNXkFduRo7RBD2CSN5iAx/yATc3TAeJ+OX1uWQ7R2bPGD
77vrbOnr0ebkiza/DrnI7/k9U48Gg+/h5XpJQ4VVWZBIg2BP4+cxSno2bej3ZKZJ
IbsjQtft1BAwkAAHOCdujMyY52E3b2Cq1fpSv4Gp3VLwD1E=
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:12:48 2026 by rpki-client