Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/DF70A63C6BF111F0A9181236C4F9AE02.roa
File: DF70A63C6BF111F0A9181236C4F9AE02.roa (raw, json)
Hash identifier: 9NjZ97yfcAcC59kufHt/CpdvnTx281jOzn4vAO45hOo=
Subject key identifier: EA:F5:A1:0E:E5:57:BD:28:2E:95:30:47:C9:DA:81:8D:41:E5:CB:DA
Certificate issuer: /CN=A9186E8A/serialNumber=BDD5E9A76F1AC4C8E51797ECE99E3DCEECEE7493
Certificate serial: 0879
Authority key identifier: BD:D5:E9:A7:6F:1A:C4:C8:E5:17:97:EC:E9:9E:3D:CE:EC:EE:74:93
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vdXpp28axMjlF5fs6Z49zuzudJM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/DF70A63C6BF111F0A9181236C4F9AE02.roa
Signing time: Fri 06 Mar 2026 21:28:27 +0000
ROA not before: Fri 06 Mar 2026 21:28:27 +0000
ROA not after: Fri 28 May 2027 00:00:00 +0000
asID: 135377
IP address blocks: 152.32.128.0/24 maxlen: 24
152.32.129.0/24 maxlen: 24
152.32.130.0/24 maxlen: 24
152.32.131.0/24 maxlen: 24
152.32.132.0/24 maxlen: 24
152.32.133.0/24 maxlen: 24
152.32.134.0/24 maxlen: 24
152.32.135.0/24 maxlen: 24
152.32.136.0/24 maxlen: 24
152.32.137.0/24 maxlen: 24
152.32.138.0/24 maxlen: 24
152.32.139.0/24 maxlen: 24
152.32.140.0/24 maxlen: 24
152.32.141.0/24 maxlen: 24
152.32.142.0/24 maxlen: 24
152.32.143.0/24 maxlen: 24
152.32.144.0/24 maxlen: 24
152.32.145.0/24 maxlen: 24
152.32.146.0/24 maxlen: 24
152.32.147.0/24 maxlen: 24
152.32.148.0/24 maxlen: 24
152.32.149.0/24 maxlen: 24
152.32.150.0/24 maxlen: 24
152.32.151.0/24 maxlen: 24
152.32.152.0/24 maxlen: 24
152.32.153.0/24 maxlen: 24
152.32.154.0/24 maxlen: 24
152.32.155.0/24 maxlen: 24
152.32.156.0/24 maxlen: 24
152.32.157.0/24 maxlen: 24
152.32.158.0/24 maxlen: 24
152.32.159.0/24 maxlen: 24
152.32.160.0/24 maxlen: 24
152.32.161.0/24 maxlen: 24
152.32.162.0/24 maxlen: 24
152.32.163.0/24 maxlen: 24
152.32.164.0/24 maxlen: 24
152.32.165.0/24 maxlen: 24
152.32.166.0/24 maxlen: 24
152.32.167.0/24 maxlen: 24
152.32.168.0/24 maxlen: 24
152.32.169.0/24 maxlen: 24
152.32.170.0/24 maxlen: 24
152.32.171.0/24 maxlen: 24
152.32.172.0/24 maxlen: 24
152.32.173.0/24 maxlen: 24
152.32.174.0/24 maxlen: 24
152.32.175.0/24 maxlen: 24
152.32.176.0/24 maxlen: 24
152.32.177.0/24 maxlen: 24
152.32.178.0/24 maxlen: 24
152.32.179.0/24 maxlen: 24
152.32.180.0/24 maxlen: 24
152.32.181.0/24 maxlen: 24
152.32.182.0/24 maxlen: 24
152.32.183.0/24 maxlen: 24
152.32.184.0/24 maxlen: 24
152.32.185.0/24 maxlen: 24
152.32.186.0/24 maxlen: 24
152.32.187.0/24 maxlen: 24
152.32.188.0/24 maxlen: 24
152.32.189.0/24 maxlen: 24
152.32.190.0/24 maxlen: 24
152.32.191.0/24 maxlen: 24
152.32.192.0/24 maxlen: 24
152.32.193.0/24 maxlen: 24
152.32.194.0/24 maxlen: 24
152.32.195.0/24 maxlen: 24
152.32.196.0/24 maxlen: 24
152.32.197.0/24 maxlen: 24
152.32.198.0/24 maxlen: 24
152.32.199.0/24 maxlen: 24
152.32.200.0/24 maxlen: 24
152.32.201.0/24 maxlen: 24
152.32.202.0/24 maxlen: 24
152.32.203.0/24 maxlen: 24
152.32.204.0/24 maxlen: 24
152.32.205.0/24 maxlen: 24
152.32.206.0/24 maxlen: 24
152.32.207.0/24 maxlen: 24
152.32.208.0/24 maxlen: 24
152.32.209.0/24 maxlen: 24
152.32.210.0/24 maxlen: 24
152.32.211.0/24 maxlen: 24
152.32.212.0/24 maxlen: 24
152.32.213.0/24 maxlen: 24
152.32.214.0/24 maxlen: 24
152.32.215.0/24 maxlen: 24
152.32.216.0/24 maxlen: 24
152.32.217.0/24 maxlen: 24
152.32.218.0/24 maxlen: 24
152.32.219.0/24 maxlen: 24
152.32.220.0/24 maxlen: 24
152.32.221.0/24 maxlen: 24
152.32.222.0/24 maxlen: 24
152.32.223.0/24 maxlen: 24
152.32.224.0/24 maxlen: 24
152.32.225.0/24 maxlen: 24
152.32.226.0/24 maxlen: 24
152.32.227.0/24 maxlen: 24
152.32.228.0/24 maxlen: 24
152.32.229.0/24 maxlen: 24
152.32.230.0/24 maxlen: 24
152.32.231.0/24 maxlen: 24
152.32.232.0/24 maxlen: 24
152.32.233.0/24 maxlen: 24
152.32.234.0/24 maxlen: 24
152.32.235.0/24 maxlen: 24
152.32.236.0/24 maxlen: 24
152.32.237.0/24 maxlen: 24
152.32.238.0/24 maxlen: 24
152.32.239.0/24 maxlen: 24
152.32.240.0/24 maxlen: 24
152.32.241.0/24 maxlen: 24
152.32.242.0/24 maxlen: 24
152.32.243.0/24 maxlen: 24
152.32.244.0/24 maxlen: 24
152.32.245.0/24 maxlen: 24
152.32.246.0/24 maxlen: 24
152.32.247.0/24 maxlen: 24
152.32.248.0/24 maxlen: 24
152.32.249.0/24 maxlen: 24
152.32.250.0/24 maxlen: 24
152.32.251.0/24 maxlen: 24
152.32.252.0/24 maxlen: 24
152.32.253.0/24 maxlen: 24
152.32.254.0/24 maxlen: 24
152.32.255.0/24 maxlen: 24
165.154.0.0/17 maxlen: 24
165.154.128.0/18 maxlen: 24
165.154.218.0/23 maxlen: 24
165.154.220.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/vdXpp28axMjlF5fs6Z49zuzudJM.crl
rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/vdXpp28axMjlF5fs6Z49zuzudJM.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vdXpp28axMjlF5fs6Z49zuzudJM.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 21:03:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2169 (0x879)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186E8A, serialNumber=BDD5E9A76F1AC4C8E51797ECE99E3DCEECEE7493
Validity
Not Before: Mar 6 21:28:27 2026 GMT
Not After : May 28 00:00:00 2027 GMT
Subject: CN=69ab46fb-3f53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:43:02:46:9f:33:f4:0b:2b:fa:9b:58:02:17:
4e:1e:8c:21:75:97:96:6f:8b:49:bc:c6:b9:c6:ac:
b9:8a:24:03:44:89:10:1c:cc:85:73:0a:77:96:92:
82:8a:63:4f:25:ee:99:95:bd:7d:86:d6:a8:07:f5:
40:36:32:b5:56:9d:7d:ee:7b:c7:4c:95:64:f5:68:
f1:e7:31:7d:e9:0d:21:05:1b:d9:d1:3b:67:c4:36:
4c:fd:51:b4:bf:19:b8:96:40:2c:11:29:17:e9:5e:
f8:86:3e:51:7b:b7:7b:b9:a4:39:8a:85:76:84:45:
f8:ad:92:26:75:5f:28:fd:1f:64:eb:8c:48:ab:8c:
dd:5c:84:cb:e4:8e:2e:2b:8b:f1:70:fa:15:8e:85:
bd:3f:84:e2:47:75:5f:e5:95:59:88:85:98:70:3c:
a2:7f:e6:1b:a6:f5:09:51:22:21:b0:6a:22:b9:7f:
27:88:c9:49:d8:f1:f6:de:8c:61:1a:91:86:65:32:
e5:fb:37:29:9e:7f:94:8f:96:e9:ff:01:4e:93:be:
7d:ba:66:22:f3:15:c4:34:1f:34:fd:50:22:6b:30:
69:19:19:e3:ce:07:a2:af:38:21:34:45:3e:cf:7f:
a9:e5:fa:a9:38:f7:67:78:16:50:ee:3f:6b:d2:2d:
9f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:F5:A1:0E:E5:57:BD:28:2E:95:30:47:C9:DA:81:8D:41:E5:CB:DA
X509v3 Authority Key Identifier:
keyid:BD:D5:E9:A7:6F:1A:C4:C8:E5:17:97:EC:E9:9E:3D:CE:EC:EE:74:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/vdXpp28axMjlF5fs6Z49zuzudJM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vdXpp28axMjlF5fs6Z49zuzudJM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186E8A/3148DC9E2DFF11EB868A9135C4F9AE02/DF70A63C6BF111F0A9181236C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
152.32.128.0/17
165.154.0.0-165.154.191.255
165.154.218.0-165.154.223.255
Signature Algorithm: sha256WithRSAEncryption
26:a3:bb:7c:6a:43:85:57:af:0e:94:e7:12:c4:49:65:3b:b2:
11:05:6c:f4:35:e0:ec:3f:c7:3e:c2:fe:c2:c9:43:9d:61:1a:
24:62:92:2d:e7:0a:26:74:30:f0:c4:be:9e:4d:0b:09:06:03:
1b:4d:b3:3f:2b:25:dc:bf:ff:a1:10:62:e8:b7:95:6e:be:eb:
b1:be:82:4a:e6:91:a4:d5:4d:e7:16:e8:d7:86:77:1f:2f:78:
4c:17:88:f1:25:77:ed:fa:8b:6c:7f:8d:ed:e5:00:f4:c0:63:
7d:dc:d3:1a:44:ce:71:1d:2a:f6:25:8c:40:b2:fa:f9:d5:d2:
cd:ad:6a:3c:ad:44:5f:6e:74:3d:0e:68:a3:5b:e9:8a:03:47:
64:d9:5b:eb:03:c7:1d:79:9e:9e:01:30:91:35:c5:03:49:d6:
e4:2d:e3:49:79:d4:ec:3f:b4:65:5d:47:2e:fc:84:dd:94:94:
3b:0d:d5:eb:30:3e:d1:4f:85:f6:59:84:b1:79:d6:9b:1a:aa:
93:f3:25:2a:21:79:5e:da:7a:d5:27:39:a8:03:4d:9e:c9:3f:
f4:40:93:bf:96:87:a5:40:1e:2d:8e:f0:75:5f:f7:80:aa:e0:
ed:85:df:73:36:fb:1f:41:bf:89:a7:6c:59:f6:f6:5b:a3:cc:
76:9e:1c:cc
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgICCHkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODZFOEExMTAvBgNVBAUTKEJERDVFOUE3NkYxQUM0QzhFNTE3OTdFQ0U5OUUzRENF
RUNFRTc0OTMwHhcNMjYwMzA2MjEyODI3WhcNMjcwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWFiNDZmYi0zZjUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0UMCRp8z9Asr+ptYAhdOHowhdZeWb4tJvMa5xqy5iiQDRIkQHMyFcwp3lpKC
imNPJe6Zlb19htaoB/VANjK1Vp197nvHTJVk9Wjx5zF96Q0hBRvZ0TtnxDZM/VG0
vxm4lkAsESkX6V74hj5Re7d7uaQ5ioV2hEX4rZImdV8o/R9k64xIq4zdXITL5I4u
K4vxcPoVjoW9P4TiR3Vf5ZVZiIWYcDyif+YbpvUJUSIhsGoiuX8niMlJ2PH23oxh
GpGGZTLl+zcpnn+Uj5bp/wFOk759umYi8xXENB80/VAiazBpGRnjzgeirzghNEU+
z3+p5fqpOPdneBZQ7j9r0i2fnwIDAQABo4ICezCCAncwHQYDVR0OBBYEFOr1oQ7l
V70oLpUwR8nagY1B5cvaMB8GA1UdIwQYMBaAFL3V6advGsTI5ReX7OmePc7s7nST
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NkU4QS8zMTQ4REM5RTJE
RkYxMUVCODY4QTkxMzVDNEY5QUUwMi92ZFhwcDI4YXhNamxGNWZzNlo0OXp1enVk
Sk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3ZkWHBwMjhheE1qbEY1ZnM2WjQ5enV6dWRKTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODZFOEEvMzE0OERDOUUyREZGMTFFQjg2OEE5MTM1QzRGOUFFMDIvREY3MEE2M0M2
QkYxMTFGMEE5MTgxMjM2QzRGOUFFMDIucm9hMDoGCCsGAQUFBwEHAQH/BCswKTAn
BAIAATAhAwQHmCCAMAsDAwGlmgMEBqWagDAMAwQBpZraAwQFpZrAMA0GCSqGSIb3
DQEBCwUAA4IBAQAmo7t8akOFV68OlOcSxEllO7IRBWz0NeDsP8c+wv7CyUOdYRok
YpIt5womdDDwxL6eTQsJBgMbTbM/KyXcv/+hEGLot5VuvuuxvoJK5pGk1U3nFujX
hncfL3hMF4jxJXft+otsf43t5QD0wGN93NMaRM5xHSr2JYxAsvr51dLNrWo8rURf
bnQ9DmijW+mKA0dk2VvrA8cdeZ6eATCRNcUDSdbkLeNJedTsP7RlXUcu/ITdlJQ7
DdXrMD7RT4X2WYSxedabGqqT8yUqIXle2nrVJzmoA02eyT/0QJO/loelQB4tjvB1
X/eAquDthd9zNvsfQb+Jp2xZ9vZbo8x2nhzM
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:40:03 2026 by rpki-client