Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AEB42/1AD97B646A6E11EDBB990363C4F9AE02/7F12211CB57611EF8568F73EC4F9AE02.roa
File: 7F12211CB57611EF8568F73EC4F9AE02.roa (raw, json)
Hash identifier: pLOQ+EfJsrTumBXzksWxgOZTuOF5k35EqMzbJXr7Chw=
Subject key identifier: 7C:50:35:73:CA:60:3E:D4:81:FB:15:0B:BD:D7:2C:1D:8F:A0:87:C2
Certificate issuer: /CN=A91AEB42/serialNumber=56237928548B082F5B13C16EDC3E6A7C2F80FCF1
Certificate serial: 029B
Authority key identifier: 56:23:79:28:54:8B:08:2F:5B:13:C1:6E:DC:3E:6A:7C:2F:80:FC:F1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ViN5KFSLCC9bE8Fu3D5qfC-A_PE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AEB42/1AD97B646A6E11EDBB990363C4F9AE02/7F12211CB57611EF8568F73EC4F9AE02.roa
Signing time: Sun 01 Mar 2026 10:57:44 +0000
ROA not before: Fri 03 Oct 2025 02:28:17 +0000
ROA not after: Wed 30 Dec 2026 00:00:00 +0000
asID: 132839
IP address blocks: 43.229.212.0/22 maxlen: 24
43.230.168.0/22 maxlen: 24
43.240.48.0/22 maxlen: 24
43.241.44.0/22 maxlen: 24
43.249.24.0/22 maxlen: 24
43.251.104.0/22 maxlen: 24
45.64.108.0/22 maxlen: 24
45.114.168.0/22 maxlen: 24
45.115.124.0/22 maxlen: 24
45.120.80.0/22 maxlen: 24
45.127.36.0/22 maxlen: 24
45.127.124.0/22 maxlen: 24
45.250.196.0/22 maxlen: 24
103.36.20.0/22 maxlen: 24
103.37.40.0/22 maxlen: 24
103.40.112.0/22 maxlen: 24
103.42.176.0/22 maxlen: 24
103.49.8.0/22 maxlen: 24
103.49.248.0/22 maxlen: 24
103.54.124.0/22 maxlen: 24
103.55.128.0/22 maxlen: 24
103.60.148.0/22 maxlen: 24
103.75.12.0/22 maxlen: 24
103.75.44.0/22 maxlen: 24
103.80.16.0/22 maxlen: 24
103.85.188.0/22 maxlen: 24
103.151.250.0/23 maxlen: 24
103.195.192.0/22 maxlen: 24
103.196.60.0/22 maxlen: 24
103.200.124.0/22 maxlen: 24
103.204.76.0/22 maxlen: 24
103.214.164.0/22 maxlen: 24
103.215.212.0/22 maxlen: 24
103.219.104.0/22 maxlen: 24
103.233.248.0/22 maxlen: 24
116.193.168.0/22 maxlen: 24
117.120.60.0/22 maxlen: 24
120.89.68.0/22 maxlen: 24
121.54.160.0/22 maxlen: 24
144.48.124.0/22 maxlen: 24
157.119.92.0/22 maxlen: 24
182.161.68.0/22 maxlen: 24
202.165.120.0/22 maxlen: 24
2401:f940::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91AEB42/1AD97B646A6E11EDBB990363C4F9AE02/ViN5KFSLCC9bE8Fu3D5qfC-A_PE.crl
rsync://rpki.apnic.net/member_repository/A91AEB42/1AD97B646A6E11EDBB990363C4F9AE02/ViN5KFSLCC9bE8Fu3D5qfC-A_PE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ViN5KFSLCC9bE8Fu3D5qfC-A_PE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 01 Apr 2026 01:23:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 667 (0x29b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AEB42, serialNumber=56237928548B082F5B13C16EDC3E6A7C2F80FCF1
Validity
Not Before: Oct 3 02:28:17 2025 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=69a41ba8-a716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:32:cb:f9:d2:80:2c:71:5e:3d:37:e1:76:6c:
f1:28:cf:3e:84:09:da:1f:00:29:40:ca:25:a3:2f:
5a:56:8c:3d:84:8f:77:92:69:9f:e8:a1:78:de:62:
d2:16:68:65:18:ab:e6:ac:68:3a:43:5a:af:b9:3a:
52:43:50:b4:cb:3b:0a:f2:e8:05:38:62:1a:5d:d8:
97:52:a6:38:29:b5:10:80:0a:3d:59:71:c4:23:54:
b0:ff:5b:ac:2b:74:b1:00:10:b7:1b:d8:e5:83:9b:
2f:8c:a1:ff:c6:f9:03:b5:39:cf:af:98:bb:e4:16:
4d:4c:73:01:5a:3d:68:d5:ff:79:32:ee:fa:07:81:
31:fb:4c:16:0f:24:2d:b5:f1:b7:ec:34:2e:15:31:
0e:4c:1f:6f:a0:8a:bf:b8:a3:91:58:b1:a6:72:e0:
8c:b4:ff:40:5d:29:ba:5a:75:2f:21:c1:da:7d:6c:
8f:ab:d7:f4:df:81:0b:bf:77:72:de:fc:3b:fb:8a:
1d:f0:67:d9:5c:4d:a0:33:9e:23:ed:20:ea:93:2f:
e8:dc:34:1f:b9:25:c2:ea:1c:ba:a4:ed:18:ed:15:
6a:b0:41:39:5f:da:1c:b7:6a:74:81:79:89:16:06:
5a:cb:7d:90:ae:e0:72:b7:47:93:21:d2:82:b5:2e:
b8:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:50:35:73:CA:60:3E:D4:81:FB:15:0B:BD:D7:2C:1D:8F:A0:87:C2
X509v3 Authority Key Identifier:
keyid:56:23:79:28:54:8B:08:2F:5B:13:C1:6E:DC:3E:6A:7C:2F:80:FC:F1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AEB42/1AD97B646A6E11EDBB990363C4F9AE02/ViN5KFSLCC9bE8Fu3D5qfC-A_PE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ViN5KFSLCC9bE8Fu3D5qfC-A_PE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AEB42/1AD97B646A6E11EDBB990363C4F9AE02/7F12211CB57611EF8568F73EC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.229.212.0/22
43.230.168.0/22
43.240.48.0/22
43.241.44.0/22
43.249.24.0/22
43.251.104.0/22
45.64.108.0/22
45.114.168.0/22
45.115.124.0/22
45.120.80.0/22
45.127.36.0/22
45.127.124.0/22
45.250.196.0/22
103.36.20.0/22
103.37.40.0/22
103.40.112.0/22
103.42.176.0/22
103.49.8.0/22
103.49.248.0/22
103.54.124.0/22
103.55.128.0/22
103.60.148.0/22
103.75.12.0/22
103.75.44.0/22
103.80.16.0/22
103.85.188.0/22
103.151.250.0/23
103.195.192.0/22
103.196.60.0/22
103.200.124.0/22
103.204.76.0/22
103.214.164.0/22
103.215.212.0/22
103.219.104.0/22
103.233.248.0/22
116.193.168.0/22
117.120.60.0/22
120.89.68.0/22
121.54.160.0/22
144.48.124.0/22
157.119.92.0/22
182.161.68.0/22
202.165.120.0/22
IPv6:
2401:f940::/32
Signature Algorithm: sha256WithRSAEncryption
19:8e:e1:6f:f2:2b:44:ef:77:58:d4:4f:95:a3:49:85:5b:7d:
74:d5:34:5a:e9:67:c4:00:d3:49:e6:b3:2c:c0:1c:41:32:f5:
db:03:a6:db:7d:a6:22:5a:2c:28:bb:b1:56:65:13:f4:81:3e:
38:c5:f6:4e:9e:2e:0b:59:6e:f1:ff:7c:8f:dd:cb:0f:95:57:
d3:c6:c8:56:61:86:18:b0:4d:35:d5:e1:d4:58:ce:2f:d0:10:
59:40:7c:7f:a7:ee:e2:5c:7f:a2:d1:6e:7e:19:01:a4:fd:d6:
39:6f:ef:d8:a4:87:6c:f2:ea:aa:00:63:7e:15:5b:49:f9:0b:
39:57:6e:a5:ac:cc:4e:93:7d:e7:90:2b:eb:79:f6:bb:b4:24:
bf:2d:4c:96:40:d2:f3:ba:02:23:9c:b2:e4:c8:27:8b:7a:fa:
18:57:0c:88:d9:a4:d7:c9:58:cf:0a:4a:e3:fa:7d:1f:d1:c7:
49:49:de:c2:5b:de:b2:33:ca:a8:a4:d8:5c:e8:f4:ba:cd:1a:
d9:7c:a1:f7:b9:1f:3c:3f:c3:46:a1:c3:08:9e:15:87:29:de:
22:13:6e:b0:da:df:dd:d0:21:b2:63:4e:1c:e1:23:18:71:32:
6e:ff:dd:61:a4:62:45:32:e9:6f:1e:82:79:55:3e:23:f7:c7:
16:14:c4:d7
-----BEGIN CERTIFICATE-----
MIIGUTCCBTmgAwIBAgICApswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUVCNDIxMTAvBgNVBAUTKDU2MjM3OTI4NTQ4QjA4MkY1QjEzQzE2RURDM0U2QTdD
MkY4MEZDRjEwHhcNMjUxMDAzMDIyODE3WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0MWJhOC1hNzE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0TLL+dKALHFePTfhdmzxKM8+hAnaHwApQMoloy9aVow9hI93kmmf6KF43mLS
FmhlGKvmrGg6Q1qvuTpSQ1C0yzsK8ugFOGIaXdiXUqY4KbUQgAo9WXHEI1Sw/1us
K3SxABC3G9jlg5svjKH/xvkDtTnPr5i75BZNTHMBWj1o1f95Mu76B4Ex+0wWDyQt
tfG37DQuFTEOTB9voIq/uKORWLGmcuCMtP9AXSm6WnUvIcHafWyPq9f034ELv3dy
3vw7+4od8GfZXE2gM54j7SDqky/o3DQfuSXC6hy6pO0Y7RVqsEE5X9oct2p0gXmJ
FgZay32QruByt0eTIdKCtS64pwIDAQABo4IDdTCCA3EwHQYDVR0OBBYEFHxQNXPK
YD7UgfsVC73XLB2PoIfCMB8GA1UdIwQYMBaAFFYjeShUiwgvWxPBbtw+anwvgPzx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRUI0Mi8xQUQ5N0I2NDZB
NkUxMUVEQkI5OTAzNjNDNEY5QUUwMi9WaU41S0ZTTENDOWJFOEZ1M0Q1cWZDLUFf
UEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZpTjVLRlNMQ0M5YkU4RnUzRDVxZkMtQV9QRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUVCNDIvMUFEOTdCNjQ2QTZFMTFFREJCOTkwMzYzQzRGOUFFMDIvN0YxMjIxMUNC
NTc2MTFFRjg1NjhGNzNFQzRGOUFFMDIucm9hMIIBMgYIKwYBBQUHAQcBAf8EggEh
MIIBHTCCAQoEAgABMIIBAgMEAivl1AMEAivmqAMEAivwMAMEAivxLAMEAiv5GAME
Aiv7aAMEAi1AbAMEAi1yqAMEAi1zfAMEAi14UAMEAi1/JAMEAi1/fAMEAi36xAME
AmckFAMEAmclKAMEAmcocAMEAmcqsAMEAmcxCAMEAmcx+AMEAmc2fAMEAmc3gAME
Amc8lAMEAmdLDAMEAmdLLAMEAmdQEAMEAmdVvAMEAWeX+gMEAmfDwAMEAmfEPAME
AmfIfAMEAmfMTAMEAmfWpAMEAmfX1AMEAmfbaAMEAmfp+AMEAnTBqAMEAnV4PAME
AnhZRAMEAnk2oAMEApAwfAMEAp13XAMEArahRAMEAsqleDANBAIAAjAHAwUAJAH5
QDANBgkqhkiG9w0BAQsFAAOCAQEAGY7hb/IrRO93WNRPlaNJhVt9dNU0WulnxADT
SeazLMAcQTL12wOm232mIlosKLuxVmUT9IE+OMX2Tp4uC1lu8f98j93LD5VX08bI
VmGGGLBNNdXh1FjOL9AQWUB8f6fu4lx/otFufhkBpP3WOW/v2KSHbPLqqgBjfhVb
SfkLOVdupazMTpN955Ar63n2u7Qkvy1MlkDS87oCI5yy5Mgni3r6GFcMiNmk18lY
zwpK4/p9H9HHSUnewlvesjPKqKTYXOj0us0a2Xyh97kfPD/DRqHDCJ4VhyneIhNu
sNrf3dAhsmNOHOEjGHEybv/dYaRiRTLpbx6CeVU+I/fHFhTE1w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:29:15 2026 by rpki-client