Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C2168/24C62C061D9111E2924430F308B02CD2/A7098B604A5411F0A2CC9015C4F9AE02.roa
File: A7098B604A5411F0A2CC9015C4F9AE02.roa (raw, json)
Hash identifier: b12I5DSwhN0Bm2MDcv3H2tx6IO2KcAPD+wYWdyKS7tU=
Subject key identifier: BE:50:B2:55:3F:5B:16:42:A8:86:EB:3A:59:67:59:FA:7A:E8:E8:62
Certificate issuer: /CN=A91C2168/serialNumber=9D346E6DB39C3D330C1AFF94060E15055FF4ED1C
Certificate serial: 3574
Authority key identifier: 9D:34:6E:6D:B3:9C:3D:33:0C:1A:FF:94:06:0E:15:05:5F:F4:ED:1C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nTRubbOcPTMMGv-UBg4VBV_07Rw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C2168/24C62C061D9111E2924430F308B02CD2/A7098B604A5411F0A2CC9015C4F9AE02.roa
Signing time: Wed 06 May 2026 15:12:55 +0000
ROA not before: Wed 06 May 2026 15:12:55 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 24324
IP address blocks: 122.200.176.0/20 maxlen: 20
122.200.176.0/24 maxlen: 24
122.200.177.0/24 maxlen: 24
122.200.178.0/24 maxlen: 24
122.200.179.0/24 maxlen: 24
122.200.180.0/24 maxlen: 24
122.200.181.0/24 maxlen: 24
122.200.182.0/24 maxlen: 24
122.200.183.0/24 maxlen: 24
122.200.184.0/24 maxlen: 24
122.200.185.0/24 maxlen: 24
122.200.186.0/24 maxlen: 24
122.200.187.0/24 maxlen: 24
122.200.188.0/24 maxlen: 24
122.200.189.0/24 maxlen: 24
122.200.190.0/24 maxlen: 24
122.200.191.0/24 maxlen: 24
124.157.64.0/19 maxlen: 19
124.157.64.0/24 maxlen: 24
124.157.65.0/24 maxlen: 24
124.157.66.0/24 maxlen: 24
124.157.67.0/24 maxlen: 24
124.157.68.0/22 maxlen: 22
124.157.68.0/24 maxlen: 24
124.157.69.0/24 maxlen: 24
124.157.70.0/24 maxlen: 24
124.157.71.0/24 maxlen: 24
124.157.72.0/24 maxlen: 24
124.157.73.0/24 maxlen: 24
124.157.74.0/24 maxlen: 24
124.157.75.0/24 maxlen: 24
124.157.76.0/24 maxlen: 24
124.157.77.0/24 maxlen: 24
124.157.78.0/24 maxlen: 24
124.157.79.0/24 maxlen: 24
124.157.80.0/24 maxlen: 24
124.157.81.0/24 maxlen: 24
124.157.82.0/24 maxlen: 24
124.157.83.0/24 maxlen: 24
124.157.84.0/24 maxlen: 24
124.157.85.0/24 maxlen: 24
124.157.86.0/24 maxlen: 24
124.157.87.0/24 maxlen: 24
124.157.88.0/24 maxlen: 24
124.157.89.0/24 maxlen: 24
124.157.90.0/24 maxlen: 24
124.157.91.0/24 maxlen: 24
124.157.92.0/24 maxlen: 24
124.157.93.0/24 maxlen: 24
124.157.94.0/24 maxlen: 24
124.157.95.0/24 maxlen: 24
124.157.96.0/19 maxlen: 19
124.157.96.0/24 maxlen: 24
124.157.97.0/24 maxlen: 24
124.157.98.0/24 maxlen: 24
124.157.99.0/24 maxlen: 24
124.157.100.0/24 maxlen: 24
124.157.101.0/24 maxlen: 24
124.157.102.0/24 maxlen: 24
124.157.103.0/24 maxlen: 24
124.157.104.0/24 maxlen: 24
124.157.105.0/24 maxlen: 24
124.157.106.0/24 maxlen: 24
124.157.107.0/24 maxlen: 24
124.157.108.0/24 maxlen: 24
124.157.109.0/24 maxlen: 24
124.157.110.0/24 maxlen: 24
124.157.111.0/24 maxlen: 24
124.157.112.0/24 maxlen: 24
124.157.113.0/24 maxlen: 24
124.157.114.0/24 maxlen: 24
124.157.115.0/24 maxlen: 24
124.157.116.0/24 maxlen: 24
124.157.117.0/24 maxlen: 24
124.157.118.0/24 maxlen: 24
124.157.119.0/24 maxlen: 24
124.157.120.0/24 maxlen: 24
124.157.121.0/24 maxlen: 24
124.157.122.0/24 maxlen: 24
124.157.123.0/24 maxlen: 24
124.157.124.0/24 maxlen: 24
124.157.125.0/24 maxlen: 24
124.157.126.0/24 maxlen: 24
124.157.127.0/24 maxlen: 24
202.36.132.0/24 maxlen: 24
202.49.128.0/21 maxlen: 21
202.49.128.0/24 maxlen: 24
202.49.129.0/24 maxlen: 24
202.49.130.0/24 maxlen: 24
202.49.131.0/24 maxlen: 24
202.49.132.0/24 maxlen: 24
202.49.133.0/24 maxlen: 24
202.49.134.0/24 maxlen: 24
202.49.135.0/24 maxlen: 24
203.14.20.0/24 maxlen: 24
203.161.187.0/24 maxlen: 24
203.195.124.0/24 maxlen: 24
2404:6c00::/32 maxlen: 32
2404:6c00:1::/48 maxlen: 48
2404:6c00:a000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C2168/24C62C061D9111E2924430F308B02CD2/nTRubbOcPTMMGv-UBg4VBV_07Rw.crl
rsync://rpki.apnic.net/member_repository/A91C2168/24C62C061D9111E2924430F308B02CD2/nTRubbOcPTMMGv-UBg4VBV_07Rw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nTRubbOcPTMMGv-UBg4VBV_07Rw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 19 May 2026 14:43:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13684 (0x3574)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C2168, serialNumber=9D346E6DB39C3D330C1AFF94060E15055FF4ED1C
Validity
Not Before: May 6 15:12:55 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=69fb5a77-08da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:19:28:0f:ab:c8:e6:da:98:41:50:e1:08:0b:
d0:12:1a:ef:23:94:a0:85:af:f6:14:0d:9b:5f:9d:
02:23:ea:a8:7b:ad:49:c2:b1:40:11:2a:f1:ca:75:
3d:0f:0d:a5:05:a5:de:03:92:a3:b0:39:e1:d2:42:
3c:2a:86:05:16:98:85:75:34:b2:87:3d:c9:db:7e:
aa:e7:65:79:97:13:19:6b:d3:fa:07:91:44:50:ee:
cb:74:fa:22:08:a4:a8:f6:f7:55:c5:27:c7:b5:ef:
da:38:d7:0f:a2:eb:00:23:9e:a1:c4:f4:cc:56:2d:
eb:8a:1e:43:1c:04:d5:84:b4:9b:0f:24:51:35:10:
c3:c4:b6:bf:97:f8:dc:f8:f2:c2:5f:be:f6:ca:27:
12:eb:16:c6:55:e7:0b:26:00:2a:c4:f1:1b:ee:94:
13:ec:e4:fe:83:db:ed:44:bc:49:f2:08:ee:cb:bf:
b0:77:d8:a7:63:e9:e3:25:de:0a:16:ba:dc:c5:14:
5f:dc:5d:bc:dd:cf:60:10:40:7a:df:f4:eb:6c:6b:
af:b0:db:f5:d8:4c:ca:30:5d:f8:49:37:5c:47:46:
b2:68:86:8a:fb:07:5e:59:31:35:31:4f:d2:fa:44:
74:39:8f:6a:14:f3:9a:55:66:d2:96:bd:d2:2e:fa:
b9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:50:B2:55:3F:5B:16:42:A8:86:EB:3A:59:67:59:FA:7A:E8:E8:62
X509v3 Authority Key Identifier:
keyid:9D:34:6E:6D:B3:9C:3D:33:0C:1A:FF:94:06:0E:15:05:5F:F4:ED:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C2168/24C62C061D9111E2924430F308B02CD2/nTRubbOcPTMMGv-UBg4VBV_07Rw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nTRubbOcPTMMGv-UBg4VBV_07Rw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C2168/24C62C061D9111E2924430F308B02CD2/A7098B604A5411F0A2CC9015C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
122.200.176.0/20
124.157.64.0/18
202.36.132.0/24
202.49.128.0/21
203.14.20.0/24
203.161.187.0/24
203.195.124.0/24
IPv6:
2404:6c00::/32
Signature Algorithm: sha256WithRSAEncryption
be:8d:91:02:04:11:8f:d5:f6:81:35:1f:1d:91:0b:b7:b6:96:
e9:2d:3c:18:b7:7d:f6:ce:e4:ed:19:4e:b9:ab:76:85:aa:87:
19:02:73:72:39:b5:48:52:bd:45:61:f7:ac:14:d6:f2:0a:2a:
9b:a8:17:ab:fe:96:e6:cf:da:eb:4b:ff:cc:05:6f:63:55:ac:
82:dd:59:3a:ee:3e:22:97:47:99:ca:26:c2:99:20:03:d3:b8:
ee:bc:87:87:c9:1c:24:59:5e:63:3b:9c:cb:15:4c:14:c5:55:
9d:cc:05:08:9e:d8:d4:f0:56:51:ea:0c:fa:aa:88:44:f9:1b:
6f:69:eb:14:e2:f6:d8:2b:77:64:84:54:0a:84:0c:1c:0f:e4:
99:f8:8d:12:89:d4:cb:79:7d:ed:1b:50:9f:d7:8f:f6:27:42:
7e:b3:c6:c6:65:48:9b:d8:d1:9a:12:67:df:88:eb:f4:6c:fb:
11:e5:07:f1:4e:e1:0b:54:d5:02:d0:96:62:1c:9e:2d:2e:23:
ed:c9:b0:31:c7:cc:ee:c2:2d:fa:e5:d5:0c:74:89:ad:e2:1d:
7e:9c:61:af:12:92:0d:78:d2:c3:0a:4a:f1:48:ce:dc:7b:30:
d2:6d:26:42:00:bd:9c:a4:08:45:ea:a1:0d:e5:aa:5f:40:42:
f3:3f:69:c4
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgICNXQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzIxNjgxMTAvBgNVBAUTKDlEMzQ2RTZEQjM5QzNEMzMwQzFBRkY5NDA2MEUxNTA1
NUZGNEVEMUMwHhcNMjYwNTA2MTUxMjU1WhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWZiNWE3Ny0wOGRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtxkoD6vI5tqYQVDhCAvQEhrvI5Sgha/2FA2bX50CI+qoe61JwrFAESrxynU9
Dw2lBaXeA5KjsDnh0kI8KoYFFpiFdTSyhz3J236q52V5lxMZa9P6B5FEUO7LdPoi
CKSo9vdVxSfHte/aONcPousAI56hxPTMVi3rih5DHATVhLSbDyRRNRDDxLa/l/jc
+PLCX772yicS6xbGVecLJgAqxPEb7pQT7OT+g9vtRLxJ8gjuy7+wd9inY+njJd4K
FrrcxRRf3F283c9gEEB63/TrbGuvsNv12EzKMF34STdcR0ayaIaK+wdeWTE1MU/S
+kR0OY9qFPOaVWbSlr3SLvq5BwIDAQABo4ICkzCCAo8wHQYDVR0OBBYEFL5QslU/
WxZCqIbrOllnWfp66OhiMB8GA1UdIwQYMBaAFJ00bm2znD0zDBr/lAYOFQVf9O0c
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMjE2OC8yNEM2MkMwNjFE
OTExMUUyOTI0NDMwRjMwOEIwMkNEMi9uVFJ1YmJPY1BUTU1Hdi1VQmc0VkJWXzA3
UncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25UUnViYk9jUFRNTUd2LVVCZzRWQlZfMDdSdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzIxNjgvMjRDNjJDMDYxRDkxMTFFMjkyNDQzMEYzMDhCMDJDRDIvQTcwOThCNjA0
QTU0MTFGMEEyQ0M5MDE1QzRGOUFFMDIucm9hMFIGCCsGAQUFBwEHAQH/BEMwQTAw
BAIAATAqAwQEesiwAwQGfJ1AAwQAyiSEAwQDyjGAAwQAyw4UAwQAy6G7AwQAy8N8
MA0EAgACMAcDBQAkBGwAMA0GCSqGSIb3DQEBCwUAA4IBAQC+jZECBBGP1faBNR8d
kQu3tpbpLTwYt332zuTtGU65q3aFqocZAnNyObVIUr1FYfesFNbyCiqbqBer/pbm
z9rrS//MBW9jVayC3Vk67j4il0eZyibCmSAD07juvIeHyRwkWV5jO5zLFUwUxVWd
zAUIntjU8FZR6gz6qohE+RtvaesU4vbYK3dkhFQKhAwcD+SZ+I0SidTLeX3tG1Cf
14/2J0J+s8bGZUib2NGaEmffiOv0bPsR5QfxTuELVNUC0JZiHJ4tLiPtybAxx8zu
wi365dUMdImt4h1+nGGvEpINeNLDCkrxSM7cezDSbSZCAL2cpAhF6qEN5apfQELz
P2nE
-----END CERTIFICATE-----
Generated at Wed May 13 03:03:37 2026 by rpki-client