Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/B2A71CE2334111EF9770A542C4F9AE02.roa
File: B2A71CE2334111EF9770A542C4F9AE02.roa (raw, json)
Hash identifier: CAc0lSCqkmGaHO8KNNEhlMOK99LXlZrr2QvZXGpcJRg=
Subject key identifier: C6:9E:C0:B5:79:B4:A5:1D:EA:F2:B8:B6:95:FA:DD:F8:41:3D:08:FD
Certificate issuer: /CN=A91C2CC7/serialNumber=77486B610D333AEBDA8F255C501411B01F18FF49
Certificate serial: 1077
Authority key identifier: 77:48:6B:61:0D:33:3A:EB:DA:8F:25:5C:50:14:11:B0:1F:18:FF:49
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/B2A71CE2334111EF9770A542C4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:39:34 +0000
ROA not before: Fri 03 Oct 2025 11:52:24 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 203
IP address blocks: 103.30.186.0/23 maxlen: 23
202.53.197.0/24 maxlen: 24
202.53.204.0/23 maxlen: 23
202.53.206.0/23 maxlen: 23
2401:df00:1::/48 maxlen: 48
2401:df00:2::/48 maxlen: 48
2401:df00:7::/48 maxlen: 48
2401:df00:11::/48 maxlen: 48
2401:df00:12::/48 maxlen: 48
2401:df00:21::/48 maxlen: 48
2401:df00:22::/48 maxlen: 48
2401:df00:27::/48 maxlen: 48
2401:df00:31::/48 maxlen: 48
2401:df00:32::/48 maxlen: 48
2401:df00:41::/48 maxlen: 48
2401:df00:42::/48 maxlen: 48
2401:df00:47::/48 maxlen: 48
2401:df00:51::/48 maxlen: 48
2401:df00:52::/48 maxlen: 48
2401:df00:57::/48 maxlen: 48
2401:df00:61::/48 maxlen: 48
2401:df00:62::/48 maxlen: 48
2401:df00:181::/48 maxlen: 48
2401:df00:182::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.crl
rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 17:24:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4215 (0x1077)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C2CC7, serialNumber=77486B610D333AEBDA8F255C501411B01F18FF49
Validity
Not Before: Oct 3 11:52:24 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=69a479d5-1f94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:06:19:ae:0c:6e:31:06:70:ca:1f:e0:97:08:
f9:63:d2:c5:de:13:e8:39:d7:e7:d2:23:8a:cc:1b:
b2:f2:74:a3:6d:5a:c2:43:cf:70:8e:2c:e7:4b:53:
ea:7b:20:94:6d:83:f2:3b:e5:a0:88:6f:e2:6c:03:
4e:90:68:89:c7:f0:21:7f:2b:e6:06:f9:7a:c5:e8:
73:c6:b3:db:d1:b4:85:76:ff:0c:fb:11:9d:91:9e:
b9:c8:82:01:3d:75:ba:c9:44:21:a5:7f:c4:e9:d4:
5e:a5:3f:7e:87:56:fb:87:75:a2:e2:29:2c:b2:f6:
8f:f5:9e:6a:6b:fc:74:af:66:ac:66:04:ce:f6:02:
78:19:d6:59:9b:de:78:47:b3:52:92:be:f8:1d:66:
98:d4:7f:bb:a2:98:a9:ff:56:59:51:2f:45:0e:0c:
77:af:31:dc:66:86:48:7f:6f:42:29:4e:0b:25:e6:
62:0f:2c:dc:e2:92:56:77:a0:be:93:03:8c:94:c6:
5f:de:15:a1:f4:78:62:c8:6f:60:4f:15:23:a7:bc:
29:8c:98:7d:e0:94:f7:ea:59:41:04:da:44:31:9a:
e3:5a:7d:36:3d:5e:30:27:7b:4f:03:5d:4a:4c:dd:
ea:a9:ca:d6:0b:3f:a2:15:a3:f3:cd:16:a2:24:59:
ac:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:9E:C0:B5:79:B4:A5:1D:EA:F2:B8:B6:95:FA:DD:F8:41:3D:08:FD
X509v3 Authority Key Identifier:
keyid:77:48:6B:61:0D:33:3A:EB:DA:8F:25:5C:50:14:11:B0:1F:18:FF:49
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/B2A71CE2334111EF9770A542C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.30.186.0/23
202.53.197.0/24
202.53.204.0/22
IPv6:
2401:df00:1::-2401:df00:2:ffff:ffff:ffff:ffff:ffff
2401:df00:7::/48
2401:df00:11::-2401:df00:12:ffff:ffff:ffff:ffff:ffff
2401:df00:21::-2401:df00:22:ffff:ffff:ffff:ffff:ffff
2401:df00:27::/48
2401:df00:31::-2401:df00:32:ffff:ffff:ffff:ffff:ffff
2401:df00:41::-2401:df00:42:ffff:ffff:ffff:ffff:ffff
2401:df00:47::/48
2401:df00:51::-2401:df00:52:ffff:ffff:ffff:ffff:ffff
2401:df00:57::/48
2401:df00:61::-2401:df00:62:ffff:ffff:ffff:ffff:ffff
2401:df00:181::-2401:df00:182:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
82:2e:72:94:9b:31:00:5b:fe:72:19:99:01:d8:87:34:50:ca:
3b:1c:59:8f:e9:35:ea:9e:06:ac:56:9e:76:82:c1:0a:6f:4f:
dc:da:eb:ab:75:f8:60:86:a2:a6:a3:b4:af:c8:c8:75:24:f8:
47:d1:d3:90:f3:61:33:3f:42:74:56:01:be:48:ad:13:4a:c2:
39:32:50:da:33:aa:69:f3:0f:81:04:24:dd:9d:aa:12:01:15:
3e:64:6d:3e:f5:2d:bf:9f:29:cb:db:44:cc:7d:c0:f2:e6:d6:
05:2c:4b:7a:f5:51:83:ca:04:87:20:e2:93:eb:55:f1:3c:d6:
83:bd:33:96:03:06:d1:61:b0:47:32:4c:33:ff:a7:c0:38:04:
cb:5a:c8:fd:5c:d0:12:70:d0:4e:02:3c:0a:7f:8a:42:21:7c:
43:06:13:7c:b4:c4:bd:39:76:74:c5:4b:58:80:66:89:98:86:
ad:83:73:57:ad:51:4e:e6:7a:da:59:27:2e:37:dd:a3:72:4d:
4e:25:fd:c6:bb:ca:1a:25:df:62:70:fe:e6:95:9d:77:34:0b:
51:32:d3:d5:ba:8f:15:5d:03:0a:6b:c9:db:e6:cd:8d:4e:2e:
67:67:e7:60:4a:02:7c:1f:3d:2b:6a:fb:8c:04:c9:ca:fb:00:
6f:7d:3b:8b
-----BEGIN CERTIFICATE-----
MIIGGTCCBQGgAwIBAgICEHcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzJDQzcxMTAvBgNVBAUTKDc3NDg2QjYxMEQzMzNBRUJEQThGMjU1QzUwMTQxMUIw
MUYxOEZGNDkwHhcNMjUxMDAzMTE1MjI0WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NzlkNS0xZjk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqAYZrgxuMQZwyh/glwj5Y9LF3hPoOdfn0iOKzBuy8nSjbVrCQ89wjiznS1Pq
eyCUbYPyO+WgiG/ibANOkGiJx/AhfyvmBvl6xehzxrPb0bSFdv8M+xGdkZ65yIIB
PXW6yUQhpX/E6dRepT9+h1b7h3Wi4ikssvaP9Z5qa/x0r2asZgTO9gJ4GdZZm954
R7NSkr74HWaY1H+7opip/1ZZUS9FDgx3rzHcZoZIf29CKU4LJeZiDyzc4pJWd6C+
kwOMlMZf3hWh9HhiyG9gTxUjp7wpjJh94JT36llBBNpEMZrjWn02PV4wJ3tPA11K
TN3qqcrWCz+iFaPzzRaiJFmsowIDAQABo4IDPTCCAzkwHQYDVR0OBBYEFMaewLV5
tKUd6vK4tpX63fhBPQj9MB8GA1UdIwQYMBaAFHdIa2ENMzrr2o8lXFAUEbAfGP9J
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMkNDNy83OTFDNkEzNDdC
MzgxMUU5QkMwRDNCMzJDNEY5QUUwMi9kMGhyWVEwek91dmFqeVZjVUJRUnNCOFlf
MGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2QwaHJZUTB6T3V2YWp5VmNVQlFSc0I4WV8way5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzJDQzcvNzkxQzZBMzQ3QjM4MTFFOUJDMEQzQjMyQzRGOUFFMDIvQjJBNzFDRTIz
MzQxMTFFRjk3NzBBNTQyQzRGOUFFMDIucm9hMIH7BggrBgEFBQcBBwEB/wSB6zCB
6DAYBAIAATASAwQBZx66AwQAyjXFAwQCyjXMMIHLBAIAAjCBxDASAwcAJAHfAAAB
AwcAJAHfAAACAwcAJAHfAAAHMBIDBwAkAd8AABEDBwAkAd8AABIwEgMHACQB3wAA
IQMHACQB3wAAIgMHACQB3wAAJzASAwcAJAHfAAAxAwcAJAHfAAAyMBIDBwAkAd8A
AEEDBwAkAd8AAEIDBwAkAd8AAEcwEgMHACQB3wAAUQMHACQB3wAAUgMHACQB3wAA
VzASAwcAJAHfAABhAwcAJAHfAABiMBIDBwAkAd8AAYEDBwAkAd8AAYIwDQYJKoZI
hvcNAQELBQADggEBAIIucpSbMQBb/nIZmQHYhzRQyjscWY/pNeqeBqxWnnaCwQpv
T9za66t1+GCGoqajtK/IyHUk+EfR05DzYTM/QnRWAb5IrRNKwjkyUNozqmnzD4EE
JN2dqhIBFT5kbT71Lb+fKcvbRMx9wPLm1gUsS3r1UYPKBIcg4pPrVfE81oO9M5YD
BtFhsEcyTDP/p8A4BMtayP1c0BJw0E4CPAp/ikIhfEMGE3y0xL05dnTFS1iAZomY
hq2Dc1etUU7metpZJy433aNyTU4l/ca7yhol32Jw/uaVnXc0C1Ey09W6jxVdAwpr
ydvmzY1OLmdn52BKAnwfPStq+4wEycr7AG99O4s=
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:18:27 2026 by rpki-client