Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/4AB8D38E178811EF95C8DF41C4F9AE02.roa
File: 4AB8D38E178811EF95C8DF41C4F9AE02.roa (raw, json)
Hash identifier: 1Kz1vE1HOF5/kl+i8Rr4tSzcXBMpG4BgFwTZXnp4/e4=
Subject key identifier: 6C:F8:56:AA:31:6B:B4:12:BE:78:8B:98:B7:E0:58:CF:83:CA:93:02
Certificate issuer: /CN=A91ADE0A/serialNumber=BE488B4E60AC6A73A656EFDBC5FA67A1A8DE812A
Certificate serial: 231F
Authority key identifier: BE:48:8B:4E:60:AC:6A:73:A6:56:EF:DB:C5:FA:67:A1:A8:DE:81:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vkiLTmCsanOmVu_bxfpnoajegSo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/4AB8D38E178811EF95C8DF41C4F9AE02.roa
Signing time: Sun 01 Mar 2026 16:23:57 +0000
ROA not before: Fri 06 Feb 2026 16:13:20 +0000
ROA not after: Sat 01 May 2027 00:00:00 +0000
asID: 133334
IP address blocks: 45.124.56.0/22 maxlen: 22
45.124.56.0/24 maxlen: 24
45.124.57.0/24 maxlen: 24
45.124.58.0/24 maxlen: 24
45.124.59.0/24 maxlen: 24
103.31.72.0/22 maxlen: 22
103.31.72.0/24 maxlen: 24
103.31.73.0/24 maxlen: 24
103.31.74.0/24 maxlen: 24
103.31.75.0/24 maxlen: 24
103.61.220.0/22 maxlen: 22
103.61.220.0/24 maxlen: 24
103.61.221.0/24 maxlen: 24
103.61.222.0/24 maxlen: 24
103.61.223.0/24 maxlen: 24
103.197.84.0/22 maxlen: 22
103.197.84.0/24 maxlen: 24
103.197.85.0/24 maxlen: 24
103.197.86.0/24 maxlen: 24
103.197.87.0/24 maxlen: 24
103.200.32.0/22 maxlen: 22
103.200.32.0/24 maxlen: 24
103.200.33.0/24 maxlen: 24
103.200.34.0/24 maxlen: 24
103.200.35.0/24 maxlen: 24
103.203.52.0/22 maxlen: 22
103.203.52.0/24 maxlen: 24
103.203.53.0/24 maxlen: 24
103.203.54.0/24 maxlen: 24
103.203.55.0/24 maxlen: 24
103.225.136.0/22 maxlen: 22
103.225.136.0/24 maxlen: 24
103.225.137.0/24 maxlen: 24
103.225.138.0/24 maxlen: 24
103.225.139.0/24 maxlen: 24
2401:b80::/32 maxlen: 32
2401:b80:1000::/36 maxlen: 36
2401:b80:2000::/36 maxlen: 36
2401:b80:3000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/vkiLTmCsanOmVu_bxfpnoajegSo.crl
rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/vkiLTmCsanOmVu_bxfpnoajegSo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vkiLTmCsanOmVu_bxfpnoajegSo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 15:47:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8991 (0x231f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ADE0A, serialNumber=BE488B4E60AC6A73A656EFDBC5FA67A1A8DE812A
Validity
Not Before: Feb 6 16:13:20 2026 GMT
Not After : May 1 00:00:00 2027 GMT
Subject: CN=69a4681c-ac45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:1f:69:3f:18:5d:93:7a:cb:08:8f:9e:e4:3f:
ed:0f:b2:33:31:53:af:be:43:e7:04:27:0c:ed:65:
cf:d9:e5:8c:8f:1f:a1:4a:89:07:1a:28:77:04:a8:
e2:67:35:33:3d:56:72:89:3d:7e:fe:84:c1:74:af:
3f:06:a5:38:8d:ca:9a:f9:b7:6c:38:db:dd:9d:65:
6b:c6:8c:4e:fc:9e:ae:85:09:72:14:00:56:6a:87:
fe:8d:1a:63:7d:6d:4f:75:fa:5b:0d:7f:20:4e:9b:
52:18:c1:4e:5b:3a:a1:59:5e:ab:3f:53:a2:49:9f:
39:3d:a7:ff:8e:8d:b1:ab:9f:23:24:ce:5b:99:d7:
68:a9:d4:fa:c4:c5:a2:8e:df:a8:31:65:fd:30:e6:
12:d8:6a:fa:c9:68:02:60:41:ab:fa:03:32:d9:c1:
a7:42:32:2a:8d:3f:b6:8c:58:08:39:81:2d:e1:88:
da:57:c5:64:41:e3:10:e8:31:b3:ed:72:b0:da:c4:
c0:aa:25:d3:7e:6e:a7:01:79:b7:18:72:c4:5e:ae:
72:92:f6:46:b2:e3:e9:8f:8d:d6:20:73:ea:42:25:
9c:8f:6d:7e:ea:ed:df:4c:27:0e:e3:e9:b8:d9:a0:
23:f1:de:32:41:f7:25:da:82:3e:90:da:23:6e:0c:
31:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:F8:56:AA:31:6B:B4:12:BE:78:8B:98:B7:E0:58:CF:83:CA:93:02
X509v3 Authority Key Identifier:
keyid:BE:48:8B:4E:60:AC:6A:73:A6:56:EF:DB:C5:FA:67:A1:A8:DE:81:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/vkiLTmCsanOmVu_bxfpnoajegSo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vkiLTmCsanOmVu_bxfpnoajegSo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/4AB8D38E178811EF95C8DF41C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.124.56.0/22
103.31.72.0/22
103.61.220.0/22
103.197.84.0/22
103.200.32.0/22
103.203.52.0/22
103.225.136.0/22
IPv6:
2401:b80::/32
Signature Algorithm: sha256WithRSAEncryption
a1:5f:df:a1:d3:48:ad:b9:a2:c7:84:55:27:de:6e:9b:f2:e5:
d7:79:3d:21:a1:62:ae:d2:ee:c7:e9:9d:e6:b3:8d:57:0e:58:
43:98:1d:4e:38:31:bc:4d:6e:3b:73:4c:36:a7:9f:2d:d7:7e:
3a:73:bb:7d:de:e9:1c:0c:3f:99:2c:6a:02:59:50:22:0a:8d:
c0:34:58:34:50:ba:55:7c:82:5e:7a:d5:05:7f:e8:91:e3:53:
54:ee:75:35:0c:fd:2c:25:a0:f2:5b:c3:5f:a3:b3:ac:8f:9d:
31:0b:b7:a9:f3:7b:bf:20:79:3c:e9:ce:cc:73:fe:91:44:26:
9b:75:31:b8:40:61:a8:58:69:17:81:a5:1d:19:99:52:88:8f:
d3:30:43:0e:82:da:cc:7b:c7:0e:3c:50:50:df:b1:6b:2c:ff:
1d:57:8b:0d:97:08:38:4f:a8:b3:f8:b6:a9:e8:7b:a1:7d:88:
4d:63:62:c7:30:bf:38:69:61:84:87:32:2e:05:6a:4a:eb:4f:
91:6e:53:1b:e9:02:7f:c3:60:ae:85:f6:66:4f:51:0d:90:d5:
29:a7:e8:ba:4a:eb:49:fe:be:47:1e:50:b3:a9:f0:31:7f:09:
3e:7e:58:07:f3:b8:04:55:81:f0:82:96:96:a5:51:dc:f6:d1:
c1:dd:4e:a2
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgICIx8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QURFMEExMTAvBgNVBAUTKEJFNDg4QjRFNjBBQzZBNzNBNjU2RUZEQkM1RkE2N0Ex
QThERTgxMkEwHhcNMjYwMjA2MTYxMzIwWhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NjgxYy1hYzQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0B9pPxhdk3rLCI+e5D/tD7IzMVOvvkPnBCcM7WXP2eWMjx+hSokHGih3BKji
ZzUzPVZyiT1+/oTBdK8/BqU4jcqa+bdsONvdnWVrxoxO/J6uhQlyFABWaof+jRpj
fW1PdfpbDX8gTptSGMFOWzqhWV6rP1OiSZ85Paf/jo2xq58jJM5bmddoqdT6xMWi
jt+oMWX9MOYS2Gr6yWgCYEGr+gMy2cGnQjIqjT+2jFgIOYEt4YjaV8VkQeMQ6DGz
7XKw2sTAqiXTfm6nAXm3GHLEXq5ykvZGsuPpj43WIHPqQiWcj21+6u3fTCcO4+m4
2aAj8d4yQfcl2oI+kNojbgwxKwIDAQABo4ICkzCCAo8wHQYDVR0OBBYEFGz4Vqox
a7QSvniLmLfgWM+DypMCMB8GA1UdIwQYMBaAFL5Ii05grGpzplbv28X6Z6Go3oEq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBREUwQS8zMEQ4MDEyNkMx
MTMxMUU1QjAxQTcyNjlDNEY5QUUwMi92a2lMVG1Dc2FuT21WdV9ieGZwbm9hamVn
U28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZraUxUbUNzYW5PbVZ1X2J4ZnBub2FqZWdTby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QURFMEEvMzBEODAxMjZDMTEzMTFFNUIwMUE3MjY5QzRGOUFFMDIvNEFCOEQzOEUx
Nzg4MTFFRjk1QzhERjQxQzRGOUFFMDIucm9hMFIGCCsGAQUFBwEHAQH/BEMwQTAw
BAIAATAqAwQCLXw4AwQCZx9IAwQCZz3cAwQCZ8VUAwQCZ8ggAwQCZ8s0AwQCZ+GI
MA0EAgACMAcDBQAkAQuAMA0GCSqGSIb3DQEBCwUAA4IBAQChX9+h00ituaLHhFUn
3m6b8uXXeT0hoWKu0u7H6Z3ms41XDlhDmB1OODG8TW47c0w2p58t1346c7t93ukc
DD+ZLGoCWVAiCo3ANFg0ULpVfIJeetUFf+iR41NU7nU1DP0sJaDyW8Nfo7Osj50x
C7ep83u/IHk86c7Mc/6RRCabdTG4QGGoWGkXgaUdGZlSiI/TMEMOgtrMe8cOPFBQ
37FrLP8dV4sNlwg4T6iz+Lap6HuhfYhNY2LHML84aWGEhzIuBWpK60+RblMb6QJ/
w2CuhfZmT1ENkNUpp+i6SutJ/r5HHlCzqfAxfwk+flgH87gEVYHwgpaWpVHc9tHB
3U6i
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:29:40 2026 by rpki-client