Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91911EB/EDA972B269A211EFAE3AB35AC4F9AE02/9CF17DD669A911EFBF66800FC4F9AE02.roa
File: 9CF17DD669A911EFBF66800FC4F9AE02.roa (raw, json)
Hash identifier: 0BG+Jz5cTYExQclSKUIrj8rN4X954hpOC9So/bzasFQ=
Subject key identifier: 8D:98:52:94:E8:10:D7:8F:3F:3B:1B:59:C7:0D:08:69:E9:63:F8:1E
Certificate issuer: /CN=A91911EB/serialNumber=BE3F813B202FFB0A382F737968EE166598E0E8AB
Certificate serial: 0144
Authority key identifier: BE:3F:81:3B:20:2F:FB:0A:38:2F:73:79:68:EE:16:65:98:E0:E8:AB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vj-BOyAv-wo4L3N5aO4WZZjg6Ks.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91911EB/EDA972B269A211EFAE3AB35AC4F9AE02/9CF17DD669A911EFBF66800FC4F9AE02.roa
Signing time: Tue 03 Mar 2026 05:47:14 +0000
ROA not before: Tue 03 Mar 2026 05:47:14 +0000
ROA not after: Fri 28 May 2027 00:00:00 +0000
asID: 9903
IP address blocks: 202.44.130.0/23 maxlen: 23
202.44.131.0/24 maxlen: 24
203.158.96.0/19 maxlen: 19
203.158.96.0/21 maxlen: 21
203.158.96.0/24 maxlen: 24
203.158.97.0/24 maxlen: 24
203.158.98.0/24 maxlen: 24
203.158.99.0/24 maxlen: 24
203.158.100.0/24 maxlen: 24
203.158.101.0/24 maxlen: 24
203.158.102.0/24 maxlen: 24
203.158.103.0/24 maxlen: 24
203.158.104.0/22 maxlen: 22
203.158.104.0/24 maxlen: 24
203.158.105.0/24 maxlen: 24
203.158.106.0/24 maxlen: 24
203.158.107.0/24 maxlen: 24
203.158.108.0/23 maxlen: 24
203.158.110.0/23 maxlen: 23
203.158.110.0/24 maxlen: 24
203.158.111.0/24 maxlen: 24
203.158.112.0/20 maxlen: 20
203.158.112.0/24 maxlen: 24
203.158.113.0/24 maxlen: 24
203.158.114.0/24 maxlen: 24
203.158.115.0/24 maxlen: 24
203.158.116.0/24 maxlen: 24
203.158.117.0/24 maxlen: 24
203.158.119.0/24 maxlen: 24
203.158.120.0/24 maxlen: 24
203.158.121.0/24 maxlen: 24
203.158.122.0/24 maxlen: 24
203.158.123.0/24 maxlen: 24
203.158.124.0/24 maxlen: 24
203.158.125.0/24 maxlen: 24
203.158.126.0/24 maxlen: 24
203.158.127.0/24 maxlen: 24
203.158.240.0/20 maxlen: 20
203.158.240.0/21 maxlen: 21
203.158.240.0/24 maxlen: 24
203.158.241.0/24 maxlen: 24
203.158.242.0/24 maxlen: 24
203.158.243.0/24 maxlen: 24
203.158.248.0/22 maxlen: 22
203.158.249.0/24 maxlen: 24
203.158.250.0/24 maxlen: 24
203.158.251.0/24 maxlen: 24
203.158.252.0/24 maxlen: 24
203.158.253.0/24 maxlen: 24
203.158.254.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91911EB/EDA972B269A211EFAE3AB35AC4F9AE02/vj-BOyAv-wo4L3N5aO4WZZjg6Ks.crl
rsync://rpki.apnic.net/member_repository/A91911EB/EDA972B269A211EFAE3AB35AC4F9AE02/vj-BOyAv-wo4L3N5aO4WZZjg6Ks.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vj-BOyAv-wo4L3N5aO4WZZjg6Ks.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 01 Apr 2026 04:53:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 324 (0x144)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91911EB, serialNumber=BE3F813B202FFB0A382F737968EE166598E0E8AB
Validity
Not Before: Mar 3 05:47:14 2026 GMT
Not After : May 28 00:00:00 2027 GMT
Subject: CN=69a675e2-b71c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:3c:a3:e6:90:6a:48:11:28:3f:1e:9f:60:0a:
00:c2:7a:21:9d:d5:2a:3b:77:2d:43:2e:d9:c5:63:
7a:82:e9:72:5c:81:47:aa:1b:20:a3:ba:90:a8:b1:
cc:3d:fe:be:50:b0:0e:2e:96:9b:10:c0:a7:87:9f:
ce:b3:0c:6a:5c:dc:19:d4:3b:c0:b9:16:94:9e:a0:
31:6d:4c:c6:a6:8a:02:f2:24:2b:6c:77:a6:48:e7:
12:c3:b0:51:9b:7c:13:d0:6e:f7:19:02:38:64:c5:
4d:07:ec:1c:4b:26:ac:06:99:24:42:f6:e7:03:87:
e4:71:41:80:cf:36:78:98:15:e8:19:fd:7b:a5:45:
07:48:91:1f:a8:c3:17:e1:50:b6:c7:5c:63:16:7c:
f9:67:de:e0:ec:e4:76:6c:a1:ca:a0:10:b3:4f:3e:
a5:64:84:0f:f8:42:20:03:af:f3:cd:8c:47:d2:83:
bc:0e:26:11:00:6f:6f:ea:6f:26:3c:a8:39:bb:c1:
4e:ff:78:88:f7:f1:d0:43:b3:88:cf:cb:d3:3e:36:
f5:b8:bf:1f:b5:51:6d:ab:5e:88:49:9b:37:61:ff:
f3:a1:cd:c4:1c:d4:d1:a7:6f:34:e3:ea:7c:b0:8c:
34:07:9a:7b:3a:47:e2:a7:46:4c:94:65:ee:72:ad:
d6:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:98:52:94:E8:10:D7:8F:3F:3B:1B:59:C7:0D:08:69:E9:63:F8:1E
X509v3 Authority Key Identifier:
keyid:BE:3F:81:3B:20:2F:FB:0A:38:2F:73:79:68:EE:16:65:98:E0:E8:AB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91911EB/EDA972B269A211EFAE3AB35AC4F9AE02/vj-BOyAv-wo4L3N5aO4WZZjg6Ks.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vj-BOyAv-wo4L3N5aO4WZZjg6Ks.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91911EB/EDA972B269A211EFAE3AB35AC4F9AE02/9CF17DD669A911EFBF66800FC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
202.44.130.0/23
203.158.96.0/19
203.158.240.0/20
Signature Algorithm: sha256WithRSAEncryption
85:1d:12:22:9d:b8:4f:e8:b6:e2:0c:db:4f:6e:d7:72:26:51:
45:d1:cf:ac:31:af:e2:f2:58:4e:47:75:6c:53:a4:30:7e:23:
90:4f:a6:57:77:00:02:f0:e7:6a:67:68:18:9f:c9:d8:85:d7:
57:fd:1b:46:0f:01:72:b5:15:b2:a2:a7:0d:56:3d:15:5b:4c:
ee:14:41:5e:81:00:e8:68:88:18:ab:3a:b2:b8:94:7b:11:23:
2f:49:49:f4:70:7c:bc:bc:17:a9:38:7f:0b:36:fb:11:fd:48:
02:af:3b:a4:ba:e6:1e:d6:8e:01:66:86:d4:c7:2a:c2:cd:26:
6f:bd:07:f1:3c:d8:6a:17:04:3c:60:cf:0e:60:7d:67:e8:12:
89:80:db:de:24:69:a7:cf:ee:3c:aa:2f:6c:b2:c0:b0:7c:ff:
13:49:c8:09:69:ca:c4:70:7d:f6:0f:db:89:d0:0b:bc:0d:e0:
a5:7e:6a:29:75:a5:e6:ff:8f:d4:ba:ce:c9:38:5e:16:8e:54:
8d:83:0b:17:db:f3:a7:0d:17:13:17:dc:3d:ab:91:d4:fb:f7:
3c:51:49:36:31:34:1c:ad:d3:21:6e:aa:ff:3f:b3:a6:03:b0:
3d:35:20:90:8c:34:df:4d:45:27:a8:62:db:d4:de:99:8b:16:
bd:b2:64:72
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgICAUQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTExRUIxMTAvBgNVBAUTKEJFM0Y4MTNCMjAyRkZCMEEzODJGNzM3OTY4RUUxNjY1
OThFMEU4QUIwHhcNMjYwMzAzMDU0NzE0WhcNMjcwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE2NzVlMi1iNzFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAszyj5pBqSBEoPx6fYAoAwnohndUqO3ctQy7ZxWN6gulyXIFHqhsgo7qQqLHM
Pf6+ULAOLpabEMCnh5/OswxqXNwZ1DvAuRaUnqAxbUzGpooC8iQrbHemSOcSw7BR
m3wT0G73GQI4ZMVNB+wcSyasBpkkQvbnA4fkcUGAzzZ4mBXoGf17pUUHSJEfqMMX
4VC2x1xjFnz5Z97g7OR2bKHKoBCzTz6lZIQP+EIgA6/zzYxH0oO8DiYRAG9v6m8m
PKg5u8FO/3iI9/HQQ7OIz8vTPjb1uL8ftVFtq16ISZs3Yf/zoc3EHNTRp2804+p8
sIw0B5p7Okfip0ZMlGXucq3W8QIDAQABo4ICbDCCAmgwHQYDVR0OBBYEFI2YUpTo
ENePPzsbWccNCGnpY/geMB8GA1UdIwQYMBaAFL4/gTsgL/sKOC9zeWjuFmWY4Oir
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTFFQi9FREE5NzJCMjY5
QTIxMUVGQUUzQUIzNUFDNEY5QUUwMi92ai1CT3lBdi13bzRMM041YU80V1paamc2
S3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZqLUJPeUF2LXdvNEwzTjVhTzRXWlpqZzZLcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTExRUIvRURBOTcyQjI2OUEyMTFFRkFFM0FCMzVBQzRGOUFFMDIvOUNGMTdERDY2
OUE5MTFFRkJGNjY4MDBGQzRGOUFFMDIucm9hMCsGCCsGAQUFBwEHAQH/BBwwGjAY
BAIAATASAwQByiyCAwQFy55gAwQEy57wMA0GCSqGSIb3DQEBCwUAA4IBAQCFHRIi
nbhP6LbiDNtPbtdyJlFF0c+sMa/i8lhOR3VsU6QwfiOQT6ZXdwAC8OdqZ2gYn8nY
hddX/RtGDwFytRWyoqcNVj0VW0zuFEFegQDoaIgYqzqyuJR7ESMvSUn0cHy8vBep
OH8LNvsR/UgCrzukuuYe1o4BZobUxyrCzSZvvQfxPNhqFwQ8YM8OYH1n6BKJgNve
JGmnz+48qi9sssCwfP8TScgJacrEcH32D9uJ0Au8DeClfmopdaXm/4/Uus7JOF4W
jlSNgwsX2/OnDRcTF9w9q5HU+/c8UUk2MTQcrdMhbqr/P7OmA7A9NSCQjDTfTUUn
qGLb1N6Zixa9smRy
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:03:41 2026 by rpki-client