Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/A4A3FAEAEDE811EFA5767A5DC4F9AE02.roa
File: A4A3FAEAEDE811EFA5767A5DC4F9AE02.roa (raw, json)
Hash identifier: NR3htRP9a6F2ckA37vX/zVJgydrhk/y6ALKCOIGQr/c=
Subject key identifier: 50:1F:5A:6E:FB:8A:A9:99:23:99:50:A9:7F:F4:6F:AB:A3:C3:C7:D6
Certificate issuer: /CN=A91955C8/serialNumber=C6673D3648F43F4674F5F5EBFCBFA31BB964F64B
Certificate serial: 317F
Authority key identifier: C6:67:3D:36:48:F4:3F:46:74:F5:F5:EB:FC:BF:A3:1B:B9:64:F6:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/A4A3FAEAEDE811EFA5767A5DC4F9AE02.roa
Signing time: Sat 02 May 2026 16:18:42 +0000
ROA not before: Sat 02 May 2026 16:18:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6421
IP address blocks: 43.241.40.0/24 maxlen: 24
103.16.252.0/23 maxlen: 23
103.16.254.0/23 maxlen: 23
116.0.66.0/24 maxlen: 24
180.87.13.0/24 maxlen: 24
180.87.27.0/24 maxlen: 24
180.87.29.0/24 maxlen: 24
180.87.68.0/24 maxlen: 24
180.87.76.0/24 maxlen: 24
180.87.91.0/24 maxlen: 24
180.87.92.0/24 maxlen: 24
180.87.115.0/24 maxlen: 24
180.87.117.0/24 maxlen: 24
180.87.119.0/24 maxlen: 24
180.87.120.0/24 maxlen: 24
180.87.121.0/24 maxlen: 24
180.87.122.0/24 maxlen: 24
180.87.124.0/24 maxlen: 24
180.87.126.0/24 maxlen: 24
180.87.127.0/24 maxlen: 24
180.87.129.0/24 maxlen: 24
180.87.138.0/24 maxlen: 24
180.87.139.0/24 maxlen: 24
180.87.140.0/24 maxlen: 24
180.87.141.0/24 maxlen: 24
180.87.152.0/24 maxlen: 24
180.87.153.0/24 maxlen: 24
180.87.182.0/24 maxlen: 24
180.87.190.0/24 maxlen: 24
180.87.191.0/24 maxlen: 24
202.183.64.0/24 maxlen: 24
202.183.65.0/24 maxlen: 24
202.183.66.0/24 maxlen: 24
202.183.69.0/24 maxlen: 24
202.183.70.0/24 maxlen: 24
202.183.72.0/24 maxlen: 24
202.183.73.0/24 maxlen: 24
202.183.74.0/24 maxlen: 24
202.183.75.0/24 maxlen: 24
202.183.76.0/24 maxlen: 24
202.183.77.0/24 maxlen: 24
202.183.79.0/24 maxlen: 24
2405:2001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.crl
rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 19 May 2026 15:27:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12671 (0x317f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91955C8, serialNumber=C6673D3648F43F4674F5F5EBFCBFA31BB964F64B
Validity
Not Before: May 2 16:18:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=69f623e1-6606
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a1:8e:31:96:83:cd:4d:19:7b:e8:29:2b:45:
68:9c:cb:7a:9f:77:50:65:92:61:c6:2f:2e:b2:db:
3f:7c:f4:79:45:76:32:ac:16:86:20:ff:c6:72:f2:
f8:ad:c2:0d:d5:58:14:0e:fc:2e:06:6d:c7:f3:8c:
07:0c:4d:54:da:8a:63:09:dc:15:db:ad:23:79:37:
af:d4:6b:e4:61:8e:66:c8:73:3a:7f:67:3c:a3:e3:
4d:d0:66:ff:04:ea:43:89:26:ea:d3:d5:fa:5e:2e:
7f:07:bf:da:17:ec:12:8d:56:6a:23:3f:43:2a:f6:
3f:32:37:ee:ac:99:8c:90:c3:e1:86:71:96:f4:5d:
92:b6:7d:3d:b7:b3:5e:de:82:c6:7c:b1:62:b5:ba:
a0:e2:5d:35:3b:6b:ff:64:25:42:79:91:b0:54:e8:
0e:cf:8c:9b:72:f6:7f:d1:21:3a:42:27:91:a5:85:
5a:cd:68:14:94:36:6f:8a:8f:ff:71:4d:88:af:bf:
de:34:b2:4a:ca:fc:50:c1:56:97:87:5d:c5:0a:2e:
a8:ea:d8:15:f7:93:50:f1:6d:46:44:2b:f8:67:bc:
09:48:19:c0:16:44:b2:47:64:31:d5:40:ca:3b:e8:
3b:ca:fc:4e:de:44:96:43:62:52:94:39:5b:b0:24:
74:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:1F:5A:6E:FB:8A:A9:99:23:99:50:A9:7F:F4:6F:AB:A3:C3:C7:D6
X509v3 Authority Key Identifier:
keyid:C6:67:3D:36:48:F4:3F:46:74:F5:F5:EB:FC:BF:A3:1B:B9:64:F6:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/A4A3FAEAEDE811EFA5767A5DC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.241.40.0/24
103.16.252.0/22
116.0.66.0/24
180.87.13.0/24
180.87.27.0/24
180.87.29.0/24
180.87.68.0/24
180.87.76.0/24
180.87.91.0-180.87.92.255
180.87.115.0/24
180.87.117.0/24
180.87.119.0-180.87.122.255
180.87.124.0/24
180.87.126.0/23
180.87.129.0/24
180.87.138.0-180.87.141.255
180.87.152.0/23
180.87.182.0/24
180.87.190.0/23
202.183.64.0-202.183.66.255
202.183.69.0-202.183.70.255
202.183.72.0-202.183.77.255
202.183.79.0/24
IPv6:
2405:2001::/48
Signature Algorithm: sha256WithRSAEncryption
49:f3:9e:ac:85:0e:95:c5:3c:63:a8:cf:ef:34:48:80:94:68:
da:66:9f:b8:f0:13:4d:ac:00:5e:9e:fb:fd:b2:62:0c:13:bb:
08:06:1d:5c:2c:40:15:77:a7:5b:ad:1d:af:6a:8c:7c:de:59:
a8:2f:2c:9c:95:7e:ae:a7:b2:df:0f:cf:0e:33:19:01:29:99:
e8:05:40:b3:ab:fc:b0:45:e3:d2:d7:de:03:7a:b5:0a:00:4a:
2d:e2:a9:bf:87:01:c1:c1:c6:45:5e:b7:87:c3:a7:0b:ea:fe:
81:80:58:55:5a:7f:4f:e1:4f:3d:2b:a0:52:f1:d0:4e:64:08:
35:1e:3f:d3:61:c2:fa:cb:38:72:02:f1:aa:0f:19:d5:11:bc:
0f:e9:08:53:ab:96:c1:14:03:2b:d2:52:22:18:53:73:5b:c7:
71:ea:a5:8b:97:38:4a:a6:c8:73:4a:51:e9:65:8e:ae:fe:96:
8f:54:51:8a:d2:4e:70:50:dc:f2:06:25:ca:44:e0:d7:78:0e:
a5:c3:e4:66:d6:29:56:20:80:3d:06:a0:bf:a3:a6:32:d9:a5:
d8:5b:0d:e1:be:28:49:c8:06:e7:d4:33:42:d6:cc:cc:6f:84:
9c:46:d6:71:55:cc:12:7d:f8:b1:0b:b9:9f:2e:f0:8f:79:d9:
34:3d:ee:2b
-----BEGIN CERTIFICATE-----
MIIGBjCCBO6gAwIBAgICMX8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTU1QzgxMTAvBgNVBAUTKEM2NjczRDM2NDhGNDNGNDY3NEY1RjVFQkZDQkZBMzFC
Qjk2NEY2NEIwHhcNMjYwNTAyMTYxODQyWhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWY2MjNlMS02NjA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxaGOMZaDzU0Ze+gpK0VonMt6n3dQZZJhxi8usts/fPR5RXYyrBaGIP/GcvL4
rcIN1VgUDvwuBm3H84wHDE1U2opjCdwV260jeTev1GvkYY5myHM6f2c8o+NN0Gb/
BOpDiSbq09X6Xi5/B7/aF+wSjVZqIz9DKvY/MjfurJmMkMPhhnGW9F2Stn09t7Ne
3oLGfLFitbqg4l01O2v/ZCVCeZGwVOgOz4ybcvZ/0SE6QieRpYVazWgUlDZvio//
cU2Ir7/eNLJKyvxQwVaXh13FCi6o6tgV95NQ8W1GRCv4Z7wJSBnAFkSyR2Qx1UDK
O+g7yvxO3kSWQ2JSlDlbsCR0PwIDAQABo4IDKjCCAyYwHQYDVR0OBBYEFFAfWm77
iqmZI5lQqX/0b6ujw8fWMB8GA1UdIwQYMBaAFMZnPTZI9D9GdPX16/y/oxu5ZPZL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NTVDOC85Q0QzRThGNkZG
NTgxMUUyQkI0QjJFM0Y1OTExRUEzMi94bWM5TmtqMFAwWjA5ZlhyX0wtakc3bGs5
a3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3htYzlOa2owUDBaMDlmWHJfTC1qRzdsazlrcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTU1QzgvOUNEM0U4RjZGRjU4MTFFMkJCNEIyRTNGNTkxMUVBMzIvQTRBM0ZBRUFF
REU4MTFFRkE1NzY3QTVEQzRGOUFFMDIucm9hMIHoBggrBgEFBQcBBwEB/wSB2DCB
1TCBwQQCAAEwgboDBAAr8SgDBAJnEPwDBAB0AEIDBAC0Vw0DBAC0VxsDBAC0Vx0D
BAC0V0QDBAC0V0wwDAMEALRXWwMEALRXXAMEALRXcwMEALRXdTAMAwQAtFd3AwQA
tFd6AwQAtFd8AwQBtFd+AwQAtFeBMAwDBAG0V4oDBAG0V4wDBAG0V5gDBAC0V7YD
BAG0V74wDAMEBsq3QAMEAMq3QjAMAwQAyrdFAwQAyrdGMAwDBAPKt0gDBAHKt0wD
BADKt08wDwQCAAIwCQMHACQFIAEAADANBgkqhkiG9w0BAQsFAAOCAQEASfOerIUO
lcU8Y6jP7zRIgJRo2mafuPATTawAXp77/bJiDBO7CAYdXCxAFXenW60dr2qMfN5Z
qC8snJV+rqey3w/PDjMZASmZ6AVAs6v8sEXj0tfeA3q1CgBKLeKpv4cBwcHGRV63
h8OnC+r+gYBYVVp/T+FPPSugUvHQTmQINR4/02HC+ss4cgLxqg8Z1RG8D+kIU6uW
wRQDK9JSIhhTc1vHceqli5c4SqbIc0pR6WWOrv6Wj1RRitJOcFDc8gYlykTg13gO
pcPkZtYpViCAPQagv6OmMtml2FsN4b4oScgG59QzQtbMzG+EnEbWcVXMEn34sQu5
ny7wj3nZND3uKw==
-----END CERTIFICATE-----
Generated at Wed May 13 05:34:52 2026 by rpki-client