Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE954/B1F6BCC2C14A11ED882BE329C4F9AE02/79A169387CA811EFA20CC941C4F9AE02.roa
File: 79A169387CA811EFA20CC941C4F9AE02.roa (raw, json)
Hash identifier: 9ozWVIXUwiXZmU/nPeO4cLScINsh4/rFSWiAq4EnosA=
Subject key identifier: 82:40:26:3C:AD:BA:7B:67:68:92:AA:ED:B5:4C:CA:0A:8F:4D:08:F9
Certificate issuer: /CN=A91AE954/serialNumber=83AC168E49FB25EB76945A0BD146EA8B57BF09CC
Certificate serial: 023F
Authority key identifier: 83:AC:16:8E:49:FB:25:EB:76:94:5A:0B:D1:46:EA:8B:57:BF:09:CC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g6wWjkn7Jet2lFoL0Ubqi1e_Ccw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AE954/B1F6BCC2C14A11ED882BE329C4F9AE02/79A169387CA811EFA20CC941C4F9AE02.roa
Signing time: Sun 01 Mar 2026 07:28:13 +0000
ROA not before: Sat 31 May 2025 03:11:21 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 4817
IP address blocks: 210.10.0.0/20 maxlen: 20
210.10.0.0/22 maxlen: 22
210.10.0.0/24 maxlen: 24
210.10.1.0/24 maxlen: 24
210.10.2.0/24 maxlen: 24
210.10.3.0/24 maxlen: 24
210.10.4.0/22 maxlen: 22
210.10.4.0/24 maxlen: 24
210.10.5.0/24 maxlen: 24
210.10.6.0/24 maxlen: 24
210.10.7.0/24 maxlen: 24
210.10.10.0/24 maxlen: 24
210.10.11.0/24 maxlen: 24
210.10.12.0/23 maxlen: 24
210.10.64.0/23 maxlen: 24
210.10.66.0/23 maxlen: 23
210.10.76.0/23 maxlen: 23
210.10.76.0/24 maxlen: 24
210.10.77.0/24 maxlen: 24
210.10.78.0/24 maxlen: 24
210.10.79.0/24 maxlen: 24
2400:79e0::/32 maxlen: 32
2400:79e0:8000::/40 maxlen: 40
2400:79e0:8030::/44 maxlen: 44
2400:79e0:8040::/44 maxlen: 44
2400:79e0:8050::/44 maxlen: 44
2400:79e0:8070::/44 maxlen: 44
2400:79e0:9000::/40 maxlen: 40
2400:79e0:9030::/44 maxlen: 44
2400:79e0:9040::/44 maxlen: 44
2400:79e0:9050::/44 maxlen: 44
2400:79e0:9070::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91AE954/B1F6BCC2C14A11ED882BE329C4F9AE02/g6wWjkn7Jet2lFoL0Ubqi1e_Ccw.crl
rsync://rpki.apnic.net/member_repository/A91AE954/B1F6BCC2C14A11ED882BE329C4F9AE02/g6wWjkn7Jet2lFoL0Ubqi1e_Ccw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g6wWjkn7Jet2lFoL0Ubqi1e_Ccw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 03 Apr 2026 02:02:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 575 (0x23f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AE954, serialNumber=83AC168E49FB25EB76945A0BD146EA8B57BF09CC
Validity
Not Before: May 31 03:11:21 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=69a3ea8d-e015
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c0:d1:76:92:b4:1f:b0:da:17:31:a5:1e:b0:
c9:d5:50:58:ab:54:62:4b:bf:94:bc:6d:85:56:eb:
d7:38:f5:24:3d:ef:15:61:f4:67:57:d1:b5:bc:61:
52:3a:14:ee:91:cc:d8:69:df:8a:86:bb:9a:78:4e:
fc:d9:32:ec:5c:5e:57:af:1d:cc:20:36:ec:00:db:
c9:3d:3b:f3:c3:81:99:78:c0:25:89:5c:91:8f:62:
d9:a7:a7:7a:00:f0:e9:f0:07:87:4e:87:f9:2f:24:
28:f6:ea:04:f2:7d:b1:31:50:9d:c0:0a:2e:e8:75:
6f:3d:b4:57:53:79:5a:56:39:13:a6:d1:1c:fd:b1:
28:dd:47:25:ff:db:42:59:ce:85:56:eb:f2:cf:86:
21:2a:81:15:73:a4:af:e4:a8:29:24:f6:bd:ae:78:
c0:3b:c3:a1:8b:a0:8a:54:41:44:e4:ca:24:9c:d7:
6e:7e:76:e8:e4:d4:e4:cc:20:f3:c8:a9:2c:7b:c4:
f4:90:47:e1:aa:6b:8f:b3:0c:7a:aa:bb:33:6d:bf:
01:36:46:97:b5:6a:44:37:a2:37:42:89:1c:77:fa:
1c:ae:6e:c8:28:37:eb:e7:1a:5b:5f:c6:ab:eb:e8:
10:63:b0:e8:49:79:60:50:63:79:b7:02:09:c3:ce:
b2:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:40:26:3C:AD:BA:7B:67:68:92:AA:ED:B5:4C:CA:0A:8F:4D:08:F9
X509v3 Authority Key Identifier:
keyid:83:AC:16:8E:49:FB:25:EB:76:94:5A:0B:D1:46:EA:8B:57:BF:09:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AE954/B1F6BCC2C14A11ED882BE329C4F9AE02/g6wWjkn7Jet2lFoL0Ubqi1e_Ccw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g6wWjkn7Jet2lFoL0Ubqi1e_Ccw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE954/B1F6BCC2C14A11ED882BE329C4F9AE02/79A169387CA811EFA20CC941C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
210.10.0.0/20
210.10.64.0/22
210.10.76.0/22
IPv6:
2400:79e0::/32
Signature Algorithm: sha256WithRSAEncryption
21:fa:f2:66:0f:66:49:2e:fa:54:7a:40:a7:b3:3a:35:f3:7d:
df:95:12:c0:c6:4e:dc:3f:a5:ad:e9:8d:2e:f2:e0:15:4a:7d:
73:e5:6f:4c:70:8e:44:6a:56:5d:ea:d6:71:ac:00:3d:0c:9a:
71:a7:5d:e9:70:5c:35:1e:bf:04:68:b9:9a:b9:f6:77:77:19:
04:bd:6d:d5:1e:d3:a5:e0:85:8e:6f:94:15:32:ce:58:4c:b2:
e7:0c:eb:b4:b6:3e:38:fe:40:a2:03:d3:45:3b:63:b7:ac:ff:
1c:37:32:8f:6b:5f:2d:c7:13:34:b0:d4:10:76:3c:e7:62:e8:
99:e4:4a:c1:bd:bc:4f:6c:51:6b:b7:43:0c:68:7e:4e:2b:9a:
56:90:93:7f:98:9c:9f:3f:f6:67:f5:d6:02:b6:15:1a:09:25:
b1:c0:0d:67:24:10:07:3d:2d:65:f1:4e:6d:ad:ee:f4:d6:56:
19:12:cf:85:7a:a7:0e:ab:73:e3:bf:cc:9d:ee:5e:2d:4e:80:
50:16:8a:ee:15:e9:70:b9:05:ab:97:16:be:e4:2f:fe:f2:43:
58:19:c6:73:65:dc:eb:8d:9f:84:cf:34:46:c6:44:2c:8a:ee:
30:cc:3a:07:06:cc:95:9d:d3:ed:82:cc:d6:95:e5:3a:02:48:
1b:8c:c3:28
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgICAj8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUU5NTQxMTAvBgNVBAUTKDgzQUMxNjhFNDlGQjI1RUI3Njk0NUEwQkQxNDZFQThC
NTdCRjA5Q0MwHhcNMjUwNTMxMDMxMTIxWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWEzZWE4ZC1lMDE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArcDRdpK0H7DaFzGlHrDJ1VBYq1RiS7+UvG2FVuvXOPUkPe8VYfRnV9G1vGFS
OhTukczYad+KhruaeE782TLsXF5Xrx3MIDbsANvJPTvzw4GZeMAliVyRj2LZp6d6
APDp8AeHTof5LyQo9uoE8n2xMVCdwAou6HVvPbRXU3laVjkTptEc/bEo3Ucl/9tC
Wc6FVuvyz4YhKoEVc6Sv5KgpJPa9rnjAO8Ohi6CKVEFE5MoknNdufnbo5NTkzCDz
yKkse8T0kEfhqmuPswx6qrszbb8BNkaXtWpEN6I3Qokcd/ocrm7IKDfr5xpbX8ar
6+gQY7DoSXlgUGN5twIJw86y4wIDAQABo4ICezCCAncwHQYDVR0OBBYEFIJAJjyt
untnaJKq7bVMygqPTQj5MB8GA1UdIwQYMBaAFIOsFo5J+yXrdpRaC9FG6otXvwnM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTk1NC9CMUY2QkNDMkMx
NEExMUVEODgyQkUzMjlDNEY5QUUwMi9nNndXamtuN0pldDJsRm9MMFVicWkxZV9D
Y3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2c2d1dqa243SmV0MmxGb0wwVWJxaTFlX0Njdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUU5NTQvQjFGNkJDQzJDMTRBMTFFRDg4MkJFMzI5QzRGOUFFMDIvNzlBMTY5Mzg3
Q0E4MTFFRkEyMENDOTQxQzRGOUFFMDIucm9hMDoGCCsGAQUFBwEHAQH/BCswKTAY
BAIAATASAwQE0goAAwQC0gpAAwQC0gpMMA0EAgACMAcDBQAkAHngMA0GCSqGSIb3
DQEBCwUAA4IBAQAh+vJmD2ZJLvpUekCnszo1833flRLAxk7cP6Wt6Y0u8uAVSn1z
5W9McI5EalZd6tZxrAA9DJpxp13pcFw1Hr8EaLmaufZ3dxkEvW3VHtOl4IWOb5QV
Ms5YTLLnDOu0tj44/kCiA9NFO2O3rP8cNzKPa18txxM0sNQQdjznYuiZ5ErBvbxP
bFFrt0MMaH5OK5pWkJN/mJyfP/Zn9dYCthUaCSWxwA1nJBAHPS1l8U5tre701lYZ
Es+FeqcOq3Pjv8yd7l4tToBQForuFelwuQWrlxa+5C/+8kNYGcZzZdzrjZ+EzzRG
xkQsiu4wzDoHBsyVndPtgszWleU6AkgbjMMo
-----END CERTIFICATE-----
Generated at Fri Mar 27 06:21:26 2026 by rpki-client