Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/956DEFE80CDB11EAB14B9162C4F9AE02.roa
File: 956DEFE80CDB11EAB14B9162C4F9AE02.roa (raw, json)
Hash identifier: 3M325K9PcHmy3y6ghRr+Gv64zJGXAL4b/FNW6UDE+Hg=
Subject key identifier: 94:18:06:57:4D:C6:68:9F:33:37:C5:C9:F1:F6:1F:BE:28:C6:53:2E
Certificate issuer: /CN=A919EAAD/serialNumber=25099046EB59D645D419A428FC701A57353FBF2C
Certificate serial: 0CDF
Authority key identifier: 25:09:90:46:EB:59:D6:45:D4:19:A4:28:FC:70:1A:57:35:3F:BF:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JQmQRutZ1kXUGaQo_HAaVzU_vyw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/956DEFE80CDB11EAB14B9162C4F9AE02.roa
Signing time: Mon 02 Mar 2026 18:23:04 +0000
ROA not before: Mon 02 Mar 2026 18:23:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 133385
IP address blocks: 45.120.84.0/22 maxlen: 22
45.120.84.0/24 maxlen: 24
45.120.85.0/24 maxlen: 24
45.120.86.0/24 maxlen: 24
45.120.87.0/24 maxlen: 24
103.255.172.0/22 maxlen: 22
103.255.172.0/24 maxlen: 24
103.255.172.64/26 maxlen: 26
103.255.172.128/25 maxlen: 25
103.255.173.0/24 maxlen: 24
103.255.174.0/24 maxlen: 24
103.255.175.0/24 maxlen: 24
2400:8480:1000::/48 maxlen: 48
2400:8480:1100::/48 maxlen: 48
2400:8480:2010::/44 maxlen: 44
2400:8480:2020::/44 maxlen: 44
2400:8480:2030::/44 maxlen: 44
2400:8480:2040::/44 maxlen: 44
2400:8480:2110::/44 maxlen: 44
2400:8480:2120::/44 maxlen: 44
2400:8480:2130::/44 maxlen: 44
2400:8480:2140::/44 maxlen: 44
2400:8480:3010::/44 maxlen: 44
2400:8480:3020::/44 maxlen: 44
2400:8480:3030::/44 maxlen: 44
2400:8480:3040::/44 maxlen: 44
2400:8480:3110::/44 maxlen: 44
2400:8480:3120::/44 maxlen: 44
2400:8480:3130::/44 maxlen: 44
2400:8480:3140::/44 maxlen: 44
2400:8480:4000::/36 maxlen: 36
2400:8480:5000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/JQmQRutZ1kXUGaQo_HAaVzU_vyw.crl
rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/JQmQRutZ1kXUGaQo_HAaVzU_vyw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JQmQRutZ1kXUGaQo_HAaVzU_vyw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 18:13:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3295 (0xcdf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919EAAD, serialNumber=25099046EB59D645D419A428FC701A57353FBF2C
Validity
Not Before: Mar 2 18:23:04 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a5d588-0a58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:70:27:df:86:ac:d6:17:a0:19:e5:4e:0f:74:
5c:9a:d8:c5:e0:72:35:bf:cc:60:b7:e2:8a:a8:da:
5f:7c:d2:1b:b6:bf:2e:56:32:a2:fd:a6:af:94:42:
e6:a9:84:4b:5c:bd:93:81:e0:1f:27:0c:5d:c8:30:
0a:95:cf:c5:e1:9d:33:9f:a5:70:f6:31:f1:33:29:
5f:97:f6:bc:d1:fa:51:50:9d:1f:5a:eb:0c:fc:bf:
25:63:63:bf:6b:33:6f:42:7b:62:8c:8c:8d:0a:9d:
7c:50:7d:be:33:5e:fb:93:67:bd:ff:f2:35:00:45:
df:03:d8:68:52:fc:e2:33:e5:54:14:36:ab:7f:ee:
ac:2c:ec:fc:1c:63:c8:6c:92:cd:78:db:4b:bc:0a:
8f:6b:59:e1:84:c1:99:56:22:e8:3d:cc:9d:01:8f:
01:ba:9b:d8:85:55:e5:6e:13:e4:7d:2c:20:27:dc:
21:13:ae:44:78:0b:dc:34:0a:d6:84:bd:54:07:93:
ff:52:1b:7f:e0:b7:ad:b5:b7:bd:e0:d1:4f:a8:0d:
00:5b:c6:33:7d:87:a1:a9:f2:b4:90:71:17:5c:4b:
7c:2b:59:af:ef:6b:9c:64:04:75:16:c2:92:a9:ec:
9f:ed:97:c6:6b:19:8c:c2:48:28:fe:18:d7:f5:e4:
aa:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:18:06:57:4D:C6:68:9F:33:37:C5:C9:F1:F6:1F:BE:28:C6:53:2E
X509v3 Authority Key Identifier:
keyid:25:09:90:46:EB:59:D6:45:D4:19:A4:28:FC:70:1A:57:35:3F:BF:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/JQmQRutZ1kXUGaQo_HAaVzU_vyw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JQmQRutZ1kXUGaQo_HAaVzU_vyw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/956DEFE80CDB11EAB14B9162C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.120.84.0/22
103.255.172.0/22
IPv6:
2400:8480:1000::/48
2400:8480:1100::/48
2400:8480:2010::-2400:8480:204f:ffff:ffff:ffff:ffff:ffff
2400:8480:2110::-2400:8480:214f:ffff:ffff:ffff:ffff:ffff
2400:8480:3010::-2400:8480:304f:ffff:ffff:ffff:ffff:ffff
2400:8480:3110::-2400:8480:314f:ffff:ffff:ffff:ffff:ffff
2400:8480:4000::/35
Signature Algorithm: sha256WithRSAEncryption
6e:ac:39:ef:38:24:f3:3a:f0:ec:cf:c7:fc:78:26:f3:ce:4e:
18:82:47:c1:a4:8f:47:46:af:07:45:e3:32:43:d9:c5:0d:30:
f1:8a:c3:97:52:5a:d9:90:f3:bc:af:6c:19:a1:6a:83:f6:98:
84:98:1e:6d:e9:a6:bc:ff:70:b2:b8:ed:e1:34:78:a8:31:f3:
4c:c0:61:ec:3d:29:75:fc:57:30:d7:2d:e1:2f:9a:9e:af:fd:
22:f8:9d:d0:97:db:70:09:ac:b6:68:dc:34:63:3d:d3:4b:ac:
bd:d6:a4:26:89:49:4b:4d:86:60:86:81:86:10:2e:68:b8:1f:
a9:8f:42:af:45:63:4e:a4:fe:f2:1b:51:6b:02:be:9f:1f:1e:
27:30:99:a4:85:e4:6c:90:5f:f1:76:b9:9f:93:0b:74:41:e9:
4e:2d:87:7d:6e:3c:9e:b2:68:00:83:46:14:18:93:54:b2:cf:
84:0f:7c:e1:fc:9c:d8:7f:39:8b:2a:41:93:ab:00:0f:a5:1b:
a3:44:3b:c8:18:bb:bf:f1:1e:8e:7b:61:6b:97:5b:7e:a0:6d:
05:dd:70:82:81:3c:27:32:5d:3c:4c:e0:6f:1b:5c:7b:49:f8:
c3:69:9c:9b:cb:c3:0c:61:d5:9c:e8:76:36:df:79:57:b2:77:
24:bd:8c:d2
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgICDN8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUVBQUQxMTAvBgNVBAUTKDI1MDk5MDQ2RUI1OUQ2NDVENDE5QTQyOEZDNzAxQTU3
MzUzRkJGMkMwHhcNMjYwMzAyMTgyMzA0WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE1ZDU4OC0wYTU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvnAn34as1hegGeVOD3RcmtjF4HI1v8xgt+KKqNpffNIbtr8uVjKi/aavlELm
qYRLXL2TgeAfJwxdyDAKlc/F4Z0zn6Vw9jHxMylfl/a80fpRUJ0fWusM/L8lY2O/
azNvQntijIyNCp18UH2+M177k2e9//I1AEXfA9hoUvziM+VUFDarf+6sLOz8HGPI
bJLNeNtLvAqPa1nhhMGZViLoPcydAY8BupvYhVXlbhPkfSwgJ9whE65EeAvcNArW
hL1UB5P/Uht/4Lettbe94NFPqA0AW8YzfYehqfK0kHEXXEt8K1mv72ucZAR1FsKS
qeyf7ZfGaxmMwkgo/hjX9eSqAwIDAQABo4IC2zCCAtcwHQYDVR0OBBYEFJQYBldN
xmifMzfFyfH2H74oxlMuMB8GA1UdIwQYMBaAFCUJkEbrWdZF1BmkKPxwGlc1P78s
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RUFBRC83N0Q5NTBGMjA5
RDUxMUVBQjc2QzczMTdDNEY5QUUwMi9KUW1RUnV0WjFrWFVHYVFvX0hBYVZ6VV92
eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pRbVFSdXRaMWtYVUdhUW9fSEFhVnpVX3Z5dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUVBQUQvNzdEOTUwRjIwOUQ1MTFFQUI3NkM3MzE3QzRGOUFFMDIvOTU2REVGRTgw
Q0RCMTFFQUIxNEI5MTYyQzRGOUFFMDIucm9hMIGZBggrBgEFBQcBBwEB/wSBiTCB
hjASBAIAATAMAwQCLXhUAwQCZ/+sMHAEAgACMGoDBwAkAISAEAADBwAkAISAEQAw
EgMHBCQAhIAgEAMHBCQAhIAgQDASAwcEJACEgCEQAwcEJACEgCFAMBIDBwQkAISA
MBADBwQkAISAMEAwEgMHBCQAhIAxEAMHBCQAhIAxQAMGBSQAhIBAMA0GCSqGSIb3
DQEBCwUAA4IBAQBurDnvOCTzOvDsz8f8eCbzzk4YgkfBpI9HRq8HReMyQ9nFDTDx
isOXUlrZkPO8r2wZoWqD9piEmB5t6aa8/3CyuO3hNHioMfNMwGHsPSl1/Fcw1y3h
L5qer/0i+J3Ql9twCay2aNw0Yz3TS6y91qQmiUlLTYZghoGGEC5ouB+pj0KvRWNO
pP7yG1FrAr6fHx4nMJmkheRskF/xdrmfkwt0QelOLYd9bjyesmgAg0YUGJNUss+E
D3zh/JzYfzmLKkGTqwAPpRujRDvIGLu/8R6Oe2Frl1t+oG0F3XCCgTwnMl08TOBv
G1x7SfjDaZyby8MMYdWc6HY233lXsnckvYzS
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:15:00 2026 by rpki-client