Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/B2A71CE2334111EF9770A542C4F9AE02.roa
File: B2A71CE2334111EF9770A542C4F9AE02.roa (raw, json)
Hash identifier: OWu1YAjMPxdpWq7sK40yFmTZBw771CrDLDYch9c7srQ=
Subject key identifier: 68:EE:CF:2D:80:8A:FD:83:90:87:B4:3F:EC:E8:F3:1F:DA:35:E3:DF
Certificate issuer: /CN=A91C2CC7/serialNumber=77486B610D333AEBDA8F255C501411B01F18FF49
Certificate serial: 109B
Authority key identifier: 77:48:6B:61:0D:33:3A:EB:DA:8F:25:5C:50:14:11:B0:1F:18:FF:49
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/B2A71CE2334111EF9770A542C4F9AE02.roa
Signing time: Mon 20 Apr 2026 18:21:45 +0000
ROA not before: Mon 20 Apr 2026 18:21:45 +0000
ROA not after: Fri 28 May 2027 00:00:00 +0000
asID: 203
IP address blocks: 103.30.186.0/23 maxlen: 23
202.53.197.0/24 maxlen: 24
202.53.204.0/23 maxlen: 23
202.53.206.0/23 maxlen: 23
2401:df00:1::/48 maxlen: 48
2401:df00:2::/48 maxlen: 48
2401:df00:7::/48 maxlen: 48
2401:df00:11::/48 maxlen: 48
2401:df00:12::/48 maxlen: 48
2401:df00:21::/48 maxlen: 48
2401:df00:22::/48 maxlen: 48
2401:df00:27::/48 maxlen: 48
2401:df00:31::/48 maxlen: 48
2401:df00:32::/48 maxlen: 48
2401:df00:41::/48 maxlen: 48
2401:df00:42::/48 maxlen: 48
2401:df00:47::/48 maxlen: 48
2401:df00:51::/48 maxlen: 48
2401:df00:52::/48 maxlen: 48
2401:df00:57::/48 maxlen: 48
2401:df00:61::/48 maxlen: 48
2401:df00:62::/48 maxlen: 48
2401:df00:181::/48 maxlen: 48
2401:df00:182::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.crl
rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 19 May 2026 17:32:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4251 (0x109b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C2CC7, serialNumber=77486B610D333AEBDA8F255C501411B01F18FF49
Validity
Not Before: Apr 20 18:21:45 2026 GMT
Not After : May 28 00:00:00 2027 GMT
Subject: CN=69e66eb9-e7b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:3f:d3:e3:b5:db:e7:24:60:41:78:07:28:34:
7e:f9:f7:93:8b:ec:e8:b2:b9:e8:f2:aa:0b:bc:05:
5d:fc:2b:db:14:15:81:50:ae:81:dc:c6:1a:10:92:
27:ee:6d:8e:6e:44:0e:29:02:05:55:61:6b:9f:7b:
e4:0a:e5:c8:d1:ee:c3:9e:00:61:c3:58:ca:02:6f:
75:ed:2b:01:af:d7:07:3c:36:6d:67:ae:51:97:49:
7e:68:cc:23:06:1a:4f:fb:b2:89:0e:e0:73:80:b8:
70:6f:0e:5d:f5:1a:fb:11:31:1d:37:86:eb:3e:f3:
9d:ce:8d:08:60:2d:33:ff:84:3b:69:eb:3a:e3:d6:
e9:20:c7:43:eb:1d:da:9c:3e:e8:21:3b:b8:b7:25:
0f:5e:cc:f4:54:f2:c0:0a:f3:b3:63:15:6b:3d:b2:
35:70:ee:ef:83:44:d4:be:c0:e9:b4:25:ca:55:57:
5b:42:28:4b:c7:33:32:98:d8:eb:8b:fc:4b:7c:ac:
91:3c:f8:8a:01:34:7d:52:39:78:0f:ff:bf:9c:10:
7e:cb:10:d5:19:97:2a:86:3a:e3:ee:93:34:51:9d:
a6:18:70:b0:fb:f6:fe:e0:c6:1b:f1:c0:3f:38:91:
c9:9c:73:55:b8:5f:9a:1b:3d:63:c2:70:b4:8c:c3:
1f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:EE:CF:2D:80:8A:FD:83:90:87:B4:3F:EC:E8:F3:1F:DA:35:E3:DF
X509v3 Authority Key Identifier:
keyid:77:48:6B:61:0D:33:3A:EB:DA:8F:25:5C:50:14:11:B0:1F:18:FF:49
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/B2A71CE2334111EF9770A542C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.30.186.0/23
202.53.197.0/24
202.53.204.0/22
IPv6:
2401:df00:1::-2401:df00:2:ffff:ffff:ffff:ffff:ffff
2401:df00:7::/48
2401:df00:11::-2401:df00:12:ffff:ffff:ffff:ffff:ffff
2401:df00:21::-2401:df00:22:ffff:ffff:ffff:ffff:ffff
2401:df00:27::/48
2401:df00:31::-2401:df00:32:ffff:ffff:ffff:ffff:ffff
2401:df00:41::-2401:df00:42:ffff:ffff:ffff:ffff:ffff
2401:df00:47::/48
2401:df00:51::-2401:df00:52:ffff:ffff:ffff:ffff:ffff
2401:df00:57::/48
2401:df00:61::-2401:df00:62:ffff:ffff:ffff:ffff:ffff
2401:df00:181::-2401:df00:182:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
01:0e:50:0c:31:81:28:f4:0f:19:ba:9b:b0:b5:07:b5:45:d7:
8d:6c:60:05:71:6e:6b:e1:70:42:d1:dd:a1:4d:dd:fd:54:e9:
85:b2:d5:46:9a:84:a7:b9:24:e6:8e:b8:95:bb:36:28:50:9a:
ec:b7:2a:7c:c5:8d:de:a7:9c:6b:f8:e7:e7:20:e1:ff:d5:1d:
0b:0f:e5:4d:46:de:a8:1a:f7:e1:ac:1c:74:5c:04:d7:8a:7a:
ce:52:18:05:14:ee:d7:46:2c:52:9e:bf:61:41:e1:41:6f:0d:
3e:b9:88:1d:7a:a1:d1:3d:27:0c:64:bc:33:8b:09:f3:f6:c2:
04:f2:0f:41:21:5e:0f:62:4b:b2:62:3e:63:13:ef:e9:c7:5c:
ea:09:04:0d:77:e1:79:3e:67:a9:c2:a5:4f:14:39:16:e3:e0:
b4:62:2a:ad:1f:29:c8:f0:69:a8:13:10:4c:eb:73:e0:f6:28:
9e:4b:3e:6f:34:e5:7a:dc:1b:ad:8c:db:88:be:25:23:71:2b:
d5:55:ef:64:fa:f4:ca:72:83:25:02:76:93:01:ff:51:1f:a5:
d7:80:9e:bc:1d:6f:07:2f:3e:29:d5:57:2e:d7:a5:d1:97:12:
7e:19:67:29:40:71:ff:85:ae:ac:d5:d4:25:f4:e7:19:2c:d2:
ee:2b:a3:4a
-----BEGIN CERTIFICATE-----
MIIGGTCCBQGgAwIBAgICEJswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzJDQzcxMTAvBgNVBAUTKDc3NDg2QjYxMEQzMzNBRUJEQThGMjU1QzUwMTQxMUIw
MUYxOEZGNDkwHhcNMjYwNDIwMTgyMTQ1WhcNMjcwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWU2NmViOS1lN2IwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9z/T47Xb5yRgQXgHKDR++feTi+zosrno8qoLvAVd/CvbFBWBUK6B3MYaEJIn
7m2ObkQOKQIFVWFrn3vkCuXI0e7DngBhw1jKAm917SsBr9cHPDZtZ65Rl0l+aMwj
BhpP+7KJDuBzgLhwbw5d9Rr7ETEdN4brPvOdzo0IYC0z/4Q7aes649bpIMdD6x3a
nD7oITu4tyUPXsz0VPLACvOzYxVrPbI1cO7vg0TUvsDptCXKVVdbQihLxzMymNjr
i/xLfKyRPPiKATR9Ujl4D/+/nBB+yxDVGZcqhjrj7pM0UZ2mGHCw+/b+4MYb8cA/
OJHJnHNVuF+aGz1jwnC0jMMfwwIDAQABo4IDPTCCAzkwHQYDVR0OBBYEFGjuzy2A
iv2DkIe0P+zo8x/aNePfMB8GA1UdIwQYMBaAFHdIa2ENMzrr2o8lXFAUEbAfGP9J
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMkNDNy83OTFDNkEzNDdC
MzgxMUU5QkMwRDNCMzJDNEY5QUUwMi9kMGhyWVEwek91dmFqeVZjVUJRUnNCOFlf
MGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2QwaHJZUTB6T3V2YWp5VmNVQlFSc0I4WV8way5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzJDQzcvNzkxQzZBMzQ3QjM4MTFFOUJDMEQzQjMyQzRGOUFFMDIvQjJBNzFDRTIz
MzQxMTFFRjk3NzBBNTQyQzRGOUFFMDIucm9hMIH7BggrBgEFBQcBBwEB/wSB6zCB
6DAYBAIAATASAwQBZx66AwQAyjXFAwQCyjXMMIHLBAIAAjCBxDASAwcAJAHfAAAB
AwcAJAHfAAACAwcAJAHfAAAHMBIDBwAkAd8AABEDBwAkAd8AABIwEgMHACQB3wAA
IQMHACQB3wAAIgMHACQB3wAAJzASAwcAJAHfAAAxAwcAJAHfAAAyMBIDBwAkAd8A
AEEDBwAkAd8AAEIDBwAkAd8AAEcwEgMHACQB3wAAUQMHACQB3wAAUgMHACQB3wAA
VzASAwcAJAHfAABhAwcAJAHfAABiMBIDBwAkAd8AAYEDBwAkAd8AAYIwDQYJKoZI
hvcNAQELBQADggEBAAEOUAwxgSj0Dxm6m7C1B7VF141sYAVxbmvhcELR3aFN3f1U
6YWy1UaahKe5JOaOuJW7NihQmuy3KnzFjd6nnGv45+cg4f/VHQsP5U1G3qga9+Gs
HHRcBNeKes5SGAUU7tdGLFKev2FB4UFvDT65iB16odE9JwxkvDOLCfP2wgTyD0Eh
Xg9iS7JiPmMT7+nHXOoJBA134Xk+Z6nCpU8UORbj4LRiKq0fKcjwaagTEEzrc+D2
KJ5LPm805XrcG62M24i+JSNxK9VV72T69MpygyUCdpMB/1EfpdeAnrwdbwcvPinV
Vy7XpdGXEn4ZZylAcf+FrqzV1CX05xks0u4ro0o=
-----END CERTIFICATE-----
Generated at Wed May 13 05:07:28 2026 by rpki-client