Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/FBFEBECA10B211EEA9B11345C4F9AE02.roa
File: FBFEBECA10B211EEA9B11345C4F9AE02.roa (raw, json)
Hash identifier: LToWIQ1COMbsBcEbH54cRu/d6HNi0lrBivKKu1OeKJk=
Subject key identifier: F3:B2:D5:45:19:CC:9E:EA:7E:96:57:F6:93:DA:1F:3B:AB:59:6F:BA
Certificate issuer: /CN=A91955C8/serialNumber=C6673D3648F43F4674F5F5EBFCBFA31BB964F64B
Certificate serial: 3180
Authority key identifier: C6:67:3D:36:48:F4:3F:46:74:F5:F5:EB:FC:BF:A3:1B:B9:64:F6:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/FBFEBECA10B211EEA9B11345C4F9AE02.roa
Signing time: Sat 02 May 2026 16:18:44 +0000
ROA not before: Sat 02 May 2026 16:18:44 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6453
IP address blocks: 43.241.40.0/22 maxlen: 22
43.241.40.0/24 maxlen: 25
43.241.41.0/24 maxlen: 25
43.241.42.0/24 maxlen: 25
43.241.43.0/25 maxlen: 25
43.241.43.128/25 maxlen: 25
103.16.252.0/22 maxlen: 22
116.0.64.0/19 maxlen: 19
116.0.68.0/24 maxlen: 24
116.0.70.0/24 maxlen: 24
116.0.76.0/24 maxlen: 24
116.0.82.0/24 maxlen: 24
116.0.93.0/24 maxlen: 24
120.29.192.0/19 maxlen: 19
120.29.195.0/24 maxlen: 24
120.29.209.0/24 maxlen: 24
120.29.216.0/24 maxlen: 24
120.29.219.0/24 maxlen: 24
180.87.0.0/17 maxlen: 24
180.87.128.0/18 maxlen: 18
180.87.128.0/24 maxlen: 24
180.87.129.0/24 maxlen: 24
180.87.130.0/24 maxlen: 24
180.87.131.0/24 maxlen: 24
180.87.132.0/24 maxlen: 24
180.87.133.0/24 maxlen: 24
180.87.134.0/24 maxlen: 24
180.87.135.0/24 maxlen: 24
180.87.136.0/24 maxlen: 24
180.87.137.0/24 maxlen: 24
180.87.138.0/24 maxlen: 24
180.87.139.0/24 maxlen: 24
180.87.140.0/24 maxlen: 24
180.87.141.0/24 maxlen: 24
180.87.142.0/24 maxlen: 24
180.87.143.0/24 maxlen: 24
180.87.144.0/24 maxlen: 24
180.87.145.0/24 maxlen: 24
180.87.146.0/24 maxlen: 24
180.87.147.0/24 maxlen: 24
180.87.148.0/24 maxlen: 24
180.87.149.0/24 maxlen: 24
180.87.150.0/24 maxlen: 24
180.87.151.0/24 maxlen: 24
180.87.152.0/24 maxlen: 24
180.87.153.0/24 maxlen: 24
180.87.154.0/24 maxlen: 24
180.87.155.0/24 maxlen: 24
180.87.156.0/24 maxlen: 24
180.87.157.0/24 maxlen: 24
180.87.158.0/24 maxlen: 24
180.87.159.0/24 maxlen: 24
180.87.160.0/24 maxlen: 24
180.87.161.0/24 maxlen: 24
180.87.162.0/24 maxlen: 24
180.87.163.0/24 maxlen: 24
180.87.164.0/24 maxlen: 24
180.87.165.0/24 maxlen: 24
180.87.166.0/24 maxlen: 24
180.87.167.0/24 maxlen: 24
180.87.168.0/24 maxlen: 24
180.87.169.0/24 maxlen: 24
180.87.170.0/24 maxlen: 24
180.87.171.0/24 maxlen: 24
180.87.172.0/24 maxlen: 24
180.87.173.0/24 maxlen: 24
180.87.174.0/24 maxlen: 24
180.87.175.0/24 maxlen: 24
180.87.176.0/24 maxlen: 24
180.87.177.0/24 maxlen: 24
180.87.178.0/24 maxlen: 24
180.87.179.0/24 maxlen: 24
180.87.180.0/24 maxlen: 24
180.87.181.0/24 maxlen: 24
180.87.182.0/24 maxlen: 24
180.87.183.0/24 maxlen: 24
180.87.184.0/24 maxlen: 24
180.87.185.0/24 maxlen: 24
180.87.186.0/24 maxlen: 24
180.87.187.0/24 maxlen: 24
180.87.188.0/24 maxlen: 24
180.87.189.0/24 maxlen: 24
180.87.190.0/24 maxlen: 24
180.87.191.0/24 maxlen: 24
202.183.64.0/20 maxlen: 24
2405:2000::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.crl
rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 19 May 2026 15:27:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12672 (0x3180)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91955C8, serialNumber=C6673D3648F43F4674F5F5EBFCBFA31BB964F64B
Validity
Not Before: May 2 16:18:44 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=69f623e4-6355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:6b:38:2d:1e:9a:db:7f:d2:c8:59:ba:72:a5:
bb:80:82:4a:db:0b:aa:1f:de:39:fe:b7:8a:9b:fa:
24:d7:b5:e4:48:ca:f1:cd:db:36:e6:c7:ff:d6:17:
f0:be:dc:57:3a:53:0d:81:fd:4d:f0:b9:c4:b2:c5:
ea:a2:93:a5:cd:6a:e6:76:36:49:7c:1f:46:89:3e:
98:79:62:88:cc:a1:4b:d6:1a:db:85:28:47:68:de:
73:57:24:20:4c:18:bc:90:fb:83:44:64:58:7f:e0:
4f:8e:a2:b0:6d:42:40:6e:18:d0:0a:34:e9:af:d9:
64:04:de:15:81:e7:a5:c0:a0:2d:77:b6:20:86:00:
af:0a:82:d8:89:bb:d8:d8:96:a6:06:77:e5:52:6c:
13:05:67:3c:74:2c:ee:33:32:c7:56:e9:fa:9b:2f:
39:13:f9:67:45:fb:35:1b:fa:12:c5:5f:53:cf:b3:
61:59:28:b4:14:fc:a9:30:e7:1b:20:f7:4e:79:e9:
ca:2f:46:4e:4e:d8:2f:ed:30:f1:de:26:ef:d1:63:
fa:3c:c7:57:14:42:0f:dc:80:32:19:fd:84:25:88:
80:6b:32:97:bb:24:13:b1:e6:92:c0:17:16:42:88:
cb:e6:2f:7d:c9:67:e8:4d:6d:5d:82:11:f7:c5:99:
69:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:B2:D5:45:19:CC:9E:EA:7E:96:57:F6:93:DA:1F:3B:AB:59:6F:BA
X509v3 Authority Key Identifier:
keyid:C6:67:3D:36:48:F4:3F:46:74:F5:F5:EB:FC:BF:A3:1B:B9:64:F6:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/FBFEBECA10B211EEA9B11345C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.241.40.0/22
103.16.252.0/22
116.0.64.0/19
120.29.192.0/19
180.87.0.0-180.87.191.255
202.183.64.0/20
IPv6:
2405:2000::/32
Signature Algorithm: sha256WithRSAEncryption
41:fc:1a:20:31:d1:b0:1a:21:9d:90:45:6d:91:b7:7e:bf:46:
f6:a0:02:93:86:3e:9c:3f:f7:48:26:6b:81:a3:5a:ca:bd:84:
69:01:d5:60:4e:f4:a1:cb:f8:68:41:be:fa:ac:18:b5:1d:c5:
35:ab:06:93:52:02:11:d8:21:f5:82:7e:ed:1c:99:5c:39:6b:
a0:70:75:b7:30:f0:87:a4:2b:9c:dc:68:e0:ba:bc:8f:61:63:
c5:81:33:b5:1a:8e:3d:d0:e5:c6:8b:d3:ac:60:0a:b9:c9:0c:
80:e3:2b:76:61:ce:07:a4:ad:6e:85:6a:bc:47:9f:d6:aa:42:
fb:a1:8c:2d:df:f3:7b:77:94:5c:12:c6:8b:7d:dd:13:9d:76:
f5:f9:59:b0:69:74:24:dc:af:4f:95:cc:62:b3:d4:ba:17:10:
08:64:7b:0c:eb:d6:c2:57:c1:24:78:61:72:ce:85:b4:b3:aa:
26:a0:bf:26:54:98:36:91:1e:f0:c7:5f:86:84:77:57:8b:8c:
1c:29:ad:3f:62:c0:a6:e2:9c:39:57:3d:90:5f:37:fd:45:98:
9a:38:38:12:87:20:c3:99:03:66:66:e7:28:ff:e6:66:9b:b7:
d9:ba:9f:9a:a1:79:0f:6c:ab:61:8d:4b:1b:58:26:a0:fb:02:
71:c9:8a:61
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgICMYAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTU1QzgxMTAvBgNVBAUTKEM2NjczRDM2NDhGNDNGNDY3NEY1RjVFQkZDQkZBMzFC
Qjk2NEY2NEIwHhcNMjYwNTAyMTYxODQ0WhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWY2MjNlNC02MzU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz2s4LR6a23/SyFm6cqW7gIJK2wuqH945/reKm/ok17XkSMrxzds25sf/1hfw
vtxXOlMNgf1N8LnEssXqopOlzWrmdjZJfB9GiT6YeWKIzKFL1hrbhShHaN5zVyQg
TBi8kPuDRGRYf+BPjqKwbUJAbhjQCjTpr9lkBN4VgeelwKAtd7YghgCvCoLYibvY
2JamBnflUmwTBWc8dCzuMzLHVun6my85E/lnRfs1G/oSxV9Tz7NhWSi0FPypMOcb
IPdOeenKL0ZOTtgv7TDx3ibv0WP6PMdXFEIP3IAyGf2EJYiAazKXuyQTseaSwBcW
QojL5i99yWfoTW1dghH3xZlpYwIDAQABo4IClDCCApAwHQYDVR0OBBYEFPOy1UUZ
zJ7qfpZX9pPaHzurWW+6MB8GA1UdIwQYMBaAFMZnPTZI9D9GdPX16/y/oxu5ZPZL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NTVDOC85Q0QzRThGNkZG
NTgxMUUyQkI0QjJFM0Y1OTExRUEzMi94bWM5TmtqMFAwWjA5ZlhyX0wtakc3bGs5
a3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3htYzlOa2owUDBaMDlmWHJfTC1qRzdsazlrcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTU1QzgvOUNEM0U4RjZGRjU4MTFFMkJCNEIyRTNGNTkxMUVBMzIvRkJGRUJFQ0Ex
MEIyMTFFRUE5QjExMzQ1QzRGOUFFMDIucm9hMFMGCCsGAQUFBwEHAQH/BEQwQjAx
BAIAATArAwQCK/EoAwQCZxD8AwQFdABAAwQFeB3AMAsDAwC0VwMEBrRXgAMEBMq3
QDANBAIAAjAHAwUAJAUgADANBgkqhkiG9w0BAQsFAAOCAQEAQfwaIDHRsBohnZBF
bZG3fr9G9qACk4Y+nD/3SCZrgaNayr2EaQHVYE70ocv4aEG++qwYtR3FNasGk1IC
Edgh9YJ+7RyZXDlroHB1tzDwh6QrnNxo4Lq8j2FjxYEztRqOPdDlxovTrGAKuckM
gOMrdmHOB6StboVqvEef1qpC+6GMLd/ze3eUXBLGi33dE5129flZsGl0JNyvT5XM
YrPUuhcQCGR7DOvWwlfBJHhhcs6FtLOqJqC/JlSYNpEe8MdfhoR3V4uMHCmtP2LA
puKcOVc9kF83/UWYmjg4Eocgw5kDZmbnKP/mZpu32bqfmqF5D2yrYY1LG1gmoPsC
ccmKYQ==
-----END CERTIFICATE-----
Generated at Wed May 13 03:14:17 2026 by rpki-client