Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/373C0EEEAFB011EC9688644FC4F9AE02.roa
File: 373C0EEEAFB011EC9688644FC4F9AE02.roa (raw, json)
Hash identifier: CxWoJR6Se2jSwedaoRYTtf5Ccc+rdHyvf5qIYgnZC84=
Subject key identifier: BB:B1:32:1C:C5:8E:76:0E:D6:57:9C:11:BD:95:6A:28:33:45:CB:BC
Certificate issuer: /CN=A91C9B08/serialNumber=614CCD24F785E9299215916408294042F1463294
Certificate serial: 048A
Authority key identifier: 61:4C:CD:24:F7:85:E9:29:92:15:91:64:08:29:40:42:F1:46:32:94
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YUzNJPeF6SmSFZFkCClAQvFGMpQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/373C0EEEAFB011EC9688644FC4F9AE02.roa
Signing time: Fri 13 Mar 2026 00:32:44 +0000
ROA not before: Fri 13 Mar 2026 00:32:44 +0000
ROA not after: Sat 01 May 2027 00:00:00 +0000
asID: 200325
IP address blocks: 103.180.114.0/23 maxlen: 24
2400:52e0::/32 maxlen: 32
2400:52e0:1::/48 maxlen: 48
2400:52e0:2::/48 maxlen: 48
2400:52e0:1500::/48 maxlen: 48
2400:52e0:1501::/48 maxlen: 48
2400:52e0:1502::/48 maxlen: 48
2400:52e0:1690::/48 maxlen: 48
2400:52e0:1a00::/48 maxlen: 48
2400:52e0:1a01::/48 maxlen: 48
2400:52e0:1a02::/48 maxlen: 48
2400:52e0:1a03::/48 maxlen: 48
2400:52e0:1a04::/48 maxlen: 48
2400:52e0:1a05::/48 maxlen: 48
2400:52e0:1a06::/48 maxlen: 48
2400:52e0:1a07::/48 maxlen: 48
2400:52e0:1a08::/48 maxlen: 48
2400:52e0:1a09::/48 maxlen: 48
2400:52e0:1e00::/48 maxlen: 48
2400:52e0:1e01::/48 maxlen: 48
2400:52e0:1e02::/48 maxlen: 48
2400:52e0:1e03::/48 maxlen: 48
2400:52e0:1e04::/48 maxlen: 48
2400:52e0:1e05::/48 maxlen: 48
2400:52e0:1e06::/48 maxlen: 48
2400:52e0:1e07::/48 maxlen: 48
2400:52e0:1e08::/48 maxlen: 48
2400:52e0:1e09::/48 maxlen: 48
2400:52e0:1e10::/48 maxlen: 48
2400:52e0:2500::/48 maxlen: 48
2400:52e0:2a00::/48 maxlen: 48
2400:52e0:4000::/48 maxlen: 48
2400:52e0:fff0::/48 maxlen: 48
2400:52e0:fff1::/48 maxlen: 48
2400:52e0:fff2::/48 maxlen: 48
2400:52e0:fff3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/YUzNJPeF6SmSFZFkCClAQvFGMpQ.crl
rsync://rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/YUzNJPeF6SmSFZFkCClAQvFGMpQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YUzNJPeF6SmSFZFkCClAQvFGMpQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 23:49:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1162 (0x48a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C9B08, serialNumber=614CCD24F785E9299215916408294042F1463294
Validity
Not Before: Mar 13 00:32:44 2026 GMT
Not After : May 1 00:00:00 2027 GMT
Subject: CN=69b35b2c-c0c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:c5:db:35:06:60:fc:11:ee:09:ab:ff:28:b1:
33:3e:18:ea:32:5c:e9:3b:60:f2:fa:28:8e:cb:10:
eb:bc:62:81:18:8b:70:29:25:b4:84:8a:c4:8f:c4:
25:bf:3c:da:84:25:21:41:63:57:4b:a6:87:8f:6a:
8b:6c:c1:fe:2b:e2:e5:77:fb:58:53:0f:98:81:d2:
c6:90:50:63:9f:c0:a7:8c:92:e5:ba:73:30:eb:5c:
c5:a5:fa:dd:b3:d0:ab:60:91:02:35:2b:f2:b8:74:
8c:df:65:73:c3:5e:b3:25:6b:94:89:1c:a6:62:35:
38:85:2b:71:e2:42:cd:79:d9:71:e7:a8:d7:3b:23:
61:05:30:f8:ad:c9:72:f3:f4:6c:9d:8c:2c:24:b1:
ed:67:07:4f:c4:da:83:bc:5c:d1:5f:b0:3e:09:63:
d7:f2:43:f1:00:08:b8:19:28:45:76:7a:03:9c:da:
0d:d2:64:3f:67:15:a2:ee:6d:6b:52:48:1c:7d:a1:
1e:ff:ac:c1:57:c7:e6:70:75:7c:86:54:2e:52:8d:
44:7d:1a:d2:ff:d7:72:2d:0c:25:59:a5:8d:b9:e8:
1c:f7:0d:e6:30:3f:e4:d4:fb:d6:4a:83:7b:77:57:
f5:4f:22:d0:fd:9d:5d:3f:df:e5:c7:7d:39:d9:55:
74:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:B1:32:1C:C5:8E:76:0E:D6:57:9C:11:BD:95:6A:28:33:45:CB:BC
X509v3 Authority Key Identifier:
keyid:61:4C:CD:24:F7:85:E9:29:92:15:91:64:08:29:40:42:F1:46:32:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/YUzNJPeF6SmSFZFkCClAQvFGMpQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YUzNJPeF6SmSFZFkCClAQvFGMpQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/373C0EEEAFB011EC9688644FC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.180.114.0/23
IPv6:
2400:52e0::/32
Signature Algorithm: sha256WithRSAEncryption
95:19:b0:5c:3a:08:c5:65:ff:b2:d3:78:45:8b:34:cc:14:3b:
fb:d8:ed:68:0f:fe:fc:ca:4b:93:bc:cb:9d:70:21:bd:6f:84:
af:49:c1:e6:2c:86:83:e2:65:5b:d6:a8:0f:80:41:48:9f:6f:
4a:60:8f:e2:e4:90:fa:34:7b:40:58:96:ce:5b:bf:fd:68:eb:
18:b0:f7:27:d9:e8:8b:ea:fd:f0:90:eb:92:da:da:ea:ae:00:
f1:c5:26:d2:ed:ab:f4:b6:4d:fd:46:1d:54:cc:de:ac:5b:3a:
33:5a:5f:4e:60:ec:98:e4:9d:fb:90:2d:65:5f:82:3d:ae:a5:
73:d4:9d:13:c3:d3:11:ae:92:9c:d5:d9:e6:cb:39:7b:ad:30:
66:dc:eb:f4:14:d6:67:31:be:52:8c:81:b0:fc:f1:c8:ea:b0:
ac:39:ac:ec:32:b1:1a:40:31:f6:a7:cf:d6:cb:fc:45:1f:d7:
37:48:e5:75:68:ef:df:63:a5:e0:9c:a5:65:be:a3:5d:70:ff:
f4:83:0c:7e:ba:76:42:7d:4f:d3:00:b0:5c:54:8e:9a:6b:7b:
f0:6b:53:f5:de:c9:19:2f:f7:9a:01:b0:a3:b3:0f:a4:43:12:
ed:6a:6d:c3:04:17:6a:35:69:56:75:77:df:45:04:4a:4f:2e:
c1:c8:ee:19
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgICBIowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzlCMDgxMTAvBgNVBAUTKDYxNENDRDI0Rjc4NUU5Mjk5MjE1OTE2NDA4Mjk0MDQy
RjE0NjMyOTQwHhcNMjYwMzEzMDAzMjQ0WhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWIzNWIyYy1jMGMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1sXbNQZg/BHuCav/KLEzPhjqMlzpO2Dy+iiOyxDrvGKBGItwKSW0hIrEj8Ql
vzzahCUhQWNXS6aHj2qLbMH+K+Lld/tYUw+YgdLGkFBjn8CnjJLlunMw61zFpfrd
s9CrYJECNSvyuHSM32Vzw16zJWuUiRymYjU4hStx4kLNedlx56jXOyNhBTD4rcly
8/RsnYwsJLHtZwdPxNqDvFzRX7A+CWPX8kPxAAi4GShFdnoDnNoN0mQ/ZxWi7m1r
UkgcfaEe/6zBV8fmcHV8hlQuUo1EfRrS/9dyLQwlWaWNuegc9w3mMD/k1PvWSoN7
d1f1TyLQ/Z1dP9/lx3052VV0kwIDAQABo4ICbzCCAmswHQYDVR0OBBYEFLuxMhzF
jnYO1lecEb2VaigzRcu8MB8GA1UdIwQYMBaAFGFMzST3hekpkhWRZAgpQELxRjKU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOUIwOC8zNzU1M0E1Njg5
OUQxMUVDOEI0MjRFMEJDNEY5QUUwMi9ZVXpOSlBlRjZTbVNGWkZrQ0NsQVF2RkdN
cFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lVek5KUGVGNlNtU0ZaRmtDQ2xBUXZGR01wUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzlCMDgvMzc1NTNBNTY4OTlEMTFFQzhCNDI0RTBCQzRGOUFFMDIvMzczQzBFRUVB
RkIwMTFFQzk2ODg2NDRGQzRGOUFFMDIucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQBZ7RyMA0EAgACMAcDBQAkAFLgMA0GCSqGSIb3DQEBCwUAA4IBAQCV
GbBcOgjFZf+y03hFizTMFDv72O1oD/78ykuTvMudcCG9b4SvScHmLIaD4mVb1qgP
gEFIn29KYI/i5JD6NHtAWJbOW7/9aOsYsPcn2eiL6v3wkOuS2trqrgDxxSbS7av0
tk39Rh1UzN6sWzozWl9OYOyY5J37kC1lX4I9rqVz1J0Tw9MRrpKc1dnmyzl7rTBm
3Ov0FNZnMb5SjIGw/PHI6rCsOazsMrEaQDH2p8/Wy/xFH9c3SOV1aO/fY6XgnKVl
vqNdcP/0gwx+unZCfU/TALBcVI6aa3vwa1P13skZL/eaAbCjsw+kQxLtam3DBBdq
NWlWdXffRQRKTy7ByO4Z
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:55:25 2026 by rpki-client