Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4B9D/95AD03881D9E11E2880E868E08B02CD2/C6BCEF8ECF2311F09BE9DF62C4F9AE02.roa
File: C6BCEF8ECF2311F09BE9DF62C4F9AE02.roa (raw, json)
Hash identifier: 3jca7UxaXV6c6olMc9z1yWqeuEFOcKZmp0PXJwoJU88=
Subject key identifier: 3A:2F:94:6B:24:07:59:26:A2:3E:ED:61:45:B4:57:95:8E:B3:B4:F1
Certificate issuer: /CN=A91A4B9D/serialNumber=EF68BDBC072CAB455B6DA3160EDF8FB6C488DD15
Certificate serial: 3543
Authority key identifier: EF:68:BD:BC:07:2C:AB:45:5B:6D:A3:16:0E:DF:8F:B6:C4:88:DD:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/72i9vAcsq0VbbaMWDt-PtsSI3RU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4B9D/95AD03881D9E11E2880E868E08B02CD2/C6BCEF8ECF2311F09BE9DF62C4F9AE02.roa
Signing time: Sun 01 Mar 2026 13:36:17 +0000
ROA not before: Tue 02 Dec 2025 02:08:22 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 133159
IP address blocks: 43.224.180.0/22 maxlen: 22
45.124.52.0/22 maxlen: 22
103.1.184.0/22 maxlen: 22
103.16.128.0/22 maxlen: 22
103.17.56.0/24 maxlen: 24
103.17.57.0/24 maxlen: 24
103.100.36.0/22 maxlen: 23
103.249.236.0/22 maxlen: 22
110.232.112.0/22 maxlen: 22
112.213.32.0/21 maxlen: 21
112.213.36.0/24 maxlen: 24
119.42.52.0/23 maxlen: 23
119.42.54.0/23 maxlen: 23
150.107.72.0/22 maxlen: 22
150.107.75.0/24 maxlen: 24
175.45.180.0/22 maxlen: 23
175.45.182.0/23 maxlen: 24
203.18.30.0/24 maxlen: 24
203.29.240.0/22 maxlen: 22
203.57.50.0/23 maxlen: 24
203.57.114.0/23 maxlen: 23
2404:9400::/48 maxlen: 48
2404:9400:1::/48 maxlen: 48
2404:9400:2::/48 maxlen: 48
2404:9400:3::/48 maxlen: 48
2404:9400:4::/48 maxlen: 48
2404:9400:5::/48 maxlen: 48
2404:9400:e::/48 maxlen: 48
2404:9400:f::/48 maxlen: 48
2404:9400:1000::/36 maxlen: 36
2404:9400:2000::/36 maxlen: 36
2404:9400:3000::/36 maxlen: 36
2404:9400:4000::/36 maxlen: 36
2404:9400:5000::/36 maxlen: 36
2404:9400:e000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A4B9D/95AD03881D9E11E2880E868E08B02CD2/72i9vAcsq0VbbaMWDt-PtsSI3RU.crl
rsync://rpki.apnic.net/member_repository/A91A4B9D/95AD03881D9E11E2880E868E08B02CD2/72i9vAcsq0VbbaMWDt-PtsSI3RU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/72i9vAcsq0VbbaMWDt-PtsSI3RU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 14:59:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13635 (0x3543)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4B9D, serialNumber=EF68BDBC072CAB455B6DA3160EDF8FB6C488DD15
Validity
Not Before: Dec 2 02:08:22 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=69a440d1-1641
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:52:fd:1f:8c:40:47:a3:02:c7:18:0e:2e:c1:
26:62:ed:68:91:c4:0d:5d:b7:e7:16:37:86:8b:f7:
8f:df:9f:93:75:95:20:56:cc:e9:e5:56:99:96:28:
88:7f:b2:72:49:74:82:ae:cc:a5:f8:cb:6b:6c:1b:
a6:2f:ab:47:e3:8b:00:ce:65:a6:04:42:3c:95:9a:
52:11:e9:d8:2d:ae:1a:f5:2f:68:ec:8e:f3:4d:ef:
ae:f5:c8:23:ab:31:0f:ec:fc:d3:9e:5b:f0:41:7c:
61:d9:3a:7a:5a:8d:69:2f:5c:93:7b:8c:92:38:cb:
a0:e9:1e:a5:5c:65:6c:73:27:92:b4:bf:4b:f3:33:
12:09:07:d3:28:c3:22:20:49:21:d5:66:ca:09:71:
3c:2f:68:bd:05:f9:64:a7:ef:13:14:ae:d2:19:aa:
f5:43:02:87:30:f6:d4:62:76:61:3b:0b:2e:0b:36:
8f:7a:be:14:ce:ad:8f:09:cc:35:2b:3f:c5:ef:33:
40:52:39:14:b8:fd:09:9e:08:a1:82:68:ae:d3:74:
27:fe:24:20:97:62:33:e2:4d:b2:ee:90:a5:6f:60:
5d:71:d1:c8:ec:cf:3f:03:d0:8b:79:aa:ea:28:18:
c6:11:63:b9:c2:b3:b4:e5:46:c7:47:50:68:3c:ea:
c6:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:2F:94:6B:24:07:59:26:A2:3E:ED:61:45:B4:57:95:8E:B3:B4:F1
X509v3 Authority Key Identifier:
keyid:EF:68:BD:BC:07:2C:AB:45:5B:6D:A3:16:0E:DF:8F:B6:C4:88:DD:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4B9D/95AD03881D9E11E2880E868E08B02CD2/72i9vAcsq0VbbaMWDt-PtsSI3RU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/72i9vAcsq0VbbaMWDt-PtsSI3RU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4B9D/95AD03881D9E11E2880E868E08B02CD2/C6BCEF8ECF2311F09BE9DF62C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.224.180.0/22
45.124.52.0/22
103.1.184.0/22
103.16.128.0/22
103.17.56.0/23
103.100.36.0/22
103.249.236.0/22
110.232.112.0/22
112.213.32.0/21
119.42.52.0/22
150.107.72.0/22
175.45.180.0/22
203.18.30.0/24
203.29.240.0/22
203.57.50.0/23
203.57.114.0/23
IPv6:
2404:9400::-2404:9400:5:ffff:ffff:ffff:ffff:ffff
2404:9400:e::/47
2404:9400:1000::-2404:9400:5fff:ffff:ffff:ffff:ffff:ffff
2404:9400:e000::/36
Signature Algorithm: sha256WithRSAEncryption
3f:b5:1b:5e:fd:a9:f2:26:10:5c:0f:a3:4d:ce:ce:ef:a1:e3:
bd:b2:7e:29:63:88:1d:07:2f:af:66:d7:71:a8:7f:ce:b0:3e:
8a:b5:53:6f:42:e4:21:0c:f4:5c:39:ee:8e:44:68:a2:ee:c3:
48:81:43:ae:fe:ab:e1:4c:3b:c9:3f:06:5a:b6:8d:b2:90:40:
26:44:d6:73:f2:ee:30:e9:14:f1:f4:3d:e5:80:86:bb:d8:46:
c5:40:95:58:c4:a1:70:91:b1:c2:23:85:d7:46:5b:6c:8b:5a:
a9:53:f3:a2:79:b7:6a:4e:22:7b:a1:d5:53:f9:a8:10:49:bd:
83:52:1c:b5:17:1a:81:2c:a9:9a:17:ff:f2:b3:df:37:52:eb:
c8:48:71:ef:48:82:b2:0f:aa:a1:2a:77:53:0d:ca:6c:bf:81:
65:dc:88:52:76:f5:b2:60:0f:6c:56:d3:ca:40:75:9a:b0:1e:
78:24:47:51:d8:3c:2b:df:4a:15:3a:6d:a3:1a:6a:87:5f:fb:
06:74:d9:9f:b5:82:64:f8:29:eb:f7:ee:3e:e7:f4:d0:82:0b:
39:6d:ff:28:23:15:91:85:be:6f:55:2f:5b:e3:65:ba:01:8b:
8e:04:95:fc:f3:87:4e:26:44:e7:04:6e:98:c4:d3:1a:7c:15:
83:e3:30:c9
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgICNUMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTRCOUQxMTAvBgNVBAUTKEVGNjhCREJDMDcyQ0FCNDU1QjZEQTMxNjBFREY4RkI2
QzQ4OEREMTUwHhcNMjUxMjAyMDIwODIyWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NDBkMS0xNjQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAklL9H4xAR6MCxxgOLsEmYu1okcQNXbfnFjeGi/eP35+TdZUgVszp5VaZliiI
f7JySXSCrsyl+MtrbBumL6tH44sAzmWmBEI8lZpSEenYLa4a9S9o7I7zTe+u9cgj
qzEP7PzTnlvwQXxh2Tp6Wo1pL1yTe4ySOMug6R6lXGVscyeStL9L8zMSCQfTKMMi
IEkh1WbKCXE8L2i9Bflkp+8TFK7SGar1QwKHMPbUYnZhOwsuCzaPer4Uzq2PCcw1
Kz/F7zNAUjkUuP0Jngihgmiu03Qn/iQgl2Iz4k2y7pClb2BdcdHI7M8/A9CLearq
KBjGEWO5wrO05UbHR1BoPOrGfQIDAQABo4IC+TCCAvUwHQYDVR0OBBYEFDovlGsk
B1kmoj7tYUW0V5WOs7TxMB8GA1UdIwQYMBaAFO9ovbwHLKtFW22jFg7fj7bEiN0V
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEI5RC85NUFEMDM4ODFE
OUUxMUUyODgwRTg2OEUwOEIwMkNEMi83Mmk5dkFjc3EwVmJiYU1XRHQtUHRzU0kz
UlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzcyaTl2QWNzcTBWYmJhTVdEdC1QdHNTSTNSVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTRCOUQvOTVBRDAzODgxRDlFMTFFMjg4MEU4NjhFMDhCMDJDRDIvQzZCQ0VGOEVD
RjIzMTFGMDlCRTlERjYyQzRGOUFFMDIucm9hMIG3BggrBgEFBQcBBwEB/wSBpzCB
pDBmBAIAATBgAwQCK+C0AwQCLXw0AwQCZwG4AwQCZxCAAwQBZxE4AwQCZ2QkAwQC
Z/nsAwQCbuhwAwQDcNUgAwQCdyo0AwQClmtIAwQCry20AwQAyxIeAwQCyx3wAwQB
yzkyAwQByzlyMDoEAgACMDQwDwMEAiQElAMHASQElAAABAMHASQElAAADjAQAwYE
JASUABADBgUkBJQAQAMGBCQElADgMA0GCSqGSIb3DQEBCwUAA4IBAQA/tRte/any
JhBcD6NNzs7voeO9sn4pY4gdBy+vZtdxqH/OsD6KtVNvQuQhDPRcOe6ORGii7sNI
gUOu/qvhTDvJPwZato2ykEAmRNZz8u4w6RTx9D3lgIa72EbFQJVYxKFwkbHCI4XX
Rltsi1qpU/OiebdqTiJ7odVT+agQSb2DUhy1FxqBLKmaF//ys983UuvISHHvSIKy
D6qhKndTDcpsv4Fl3IhSdvWyYA9sVtPKQHWasB54JEdR2Dwr30oVOm2jGmqHX/sG
dNmftYJk+Cnr9+4+5/TQggs5bf8oIxWRhb5vVS9b42W6AYuOBJX884dOJkTnBG6Y
xNMafBWD4zDJ
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:59:35 2026 by rpki-client