Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD4DB/3A315DCECD0211E7B0442D28C4F9AE02/9BAC2C9C32D911F09D7CBD0AC4F9AE02.roa
File: 9BAC2C9C32D911F09D7CBD0AC4F9AE02.roa (raw, json)
Hash identifier: /M+8Szvo2Z8co7xe10IK9U6U8NobiAtLYwtMswOgNeg=
Subject key identifier: 6D:6D:9D:E7:F0:6E:A8:F1:63:68:84:CF:EE:C6:61:CB:31:DE:7B:EB
Certificate issuer: /CN=A91CD4DB/serialNumber=3FB7855EF330BA77D9F3B72DFFDEC20712AC1407
Certificate serial: 1856
Authority key identifier: 3F:B7:85:5E:F3:30:BA:77:D9:F3:B7:2D:FF:DE:C2:07:12:AC:14:07
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P7eFXvMwunfZ87ct_97CBxKsFAc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CD4DB/3A315DCECD0211E7B0442D28C4F9AE02/9BAC2C9C32D911F09D7CBD0AC4F9AE02.roa
Signing time: Sun 01 Mar 2026 13:43:49 +0000
ROA not before: Thu 14 Aug 2025 16:55:12 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 38614
IP address blocks: 103.158.39.0/24 maxlen: 24
117.103.80.0/24 maxlen: 24
117.103.81.0/24 maxlen: 24
117.103.82.0/24 maxlen: 24
117.103.83.0/24 maxlen: 24
117.103.84.0/24 maxlen: 24
117.103.85.0/24 maxlen: 24
117.103.86.0/24 maxlen: 24
117.103.87.0/24 maxlen: 24
2404:f380::/32 maxlen: 32
2404:f380::/36 maxlen: 36
2404:f380::/48 maxlen: 48
2404:f380:1::/48 maxlen: 48
2404:f380:2::/48 maxlen: 48
2404:f380:3::/48 maxlen: 48
2404:f380:4::/48 maxlen: 48
2404:f380:5::/48 maxlen: 48
2404:f380:6::/48 maxlen: 48
2404:f380:7::/48 maxlen: 48
2404:f380:8::/48 maxlen: 48
2404:f380:9::/48 maxlen: 48
2404:f380:a::/48 maxlen: 48
2404:f380:b::/48 maxlen: 48
2404:f380:c::/48 maxlen: 48
2404:f380:d::/48 maxlen: 48
2404:f380:e::/48 maxlen: 48
2404:f380:f::/48 maxlen: 48
2404:f380:1000::/36 maxlen: 36
2404:f380:2000::/36 maxlen: 36
2404:f380:3000::/36 maxlen: 36
2404:f380:4000::/36 maxlen: 36
2404:f380:5000::/36 maxlen: 36
2404:f380:6000::/36 maxlen: 36
2404:f380:7000::/36 maxlen: 36
2404:f380:8000::/36 maxlen: 36
2404:f380:9000::/36 maxlen: 36
2404:f380:a000::/36 maxlen: 36
2404:f380:b000::/36 maxlen: 36
2404:f380:c000::/36 maxlen: 36
2404:f380:d000::/36 maxlen: 36
2404:f380:e000::/36 maxlen: 36
2404:f380:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91CD4DB/3A315DCECD0211E7B0442D28C4F9AE02/P7eFXvMwunfZ87ct_97CBxKsFAc.crl
rsync://rpki.apnic.net/member_repository/A91CD4DB/3A315DCECD0211E7B0442D28C4F9AE02/P7eFXvMwunfZ87ct_97CBxKsFAc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P7eFXvMwunfZ87ct_97CBxKsFAc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 02 Apr 2026 16:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6230 (0x1856)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD4DB, serialNumber=3FB7855EF330BA77D9F3B72DFFDEC20712AC1407
Validity
Not Before: Aug 14 16:55:12 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=69a44295-9bad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:64:79:e4:d8:5c:da:d3:ca:59:86:6b:48:57:
6a:75:9c:c6:d4:fb:9a:d4:a6:ca:19:cf:0c:85:0b:
4e:eb:60:84:03:cf:db:b3:3f:24:4d:57:b4:71:5a:
70:4f:63:dd:96:f0:44:7d:10:08:f3:1e:50:81:db:
ef:4c:a8:68:ab:4b:fd:1d:4c:92:54:81:6f:01:9a:
12:d5:65:04:40:94:66:7f:40:3d:a1:67:00:3d:19:
65:a1:84:bb:31:97:bb:15:09:bc:8e:96:35:01:f2:
d4:f2:de:5c:05:ce:94:77:ab:c4:b4:38:af:f3:0e:
f8:68:2a:5d:6f:3e:3d:64:d5:28:3c:27:ae:d0:c2:
ed:52:da:84:26:3f:6d:00:18:0e:da:c6:70:f4:eb:
4e:53:85:20:a8:d8:f0:ec:80:48:cb:8a:16:25:6c:
78:f7:20:91:c6:71:92:8f:d2:bc:bc:38:91:ca:ca:
f3:a5:d9:da:c1:82:2e:cf:32:61:6e:4d:8c:c7:f6:
1b:00:0b:7c:43:cc:f0:4b:15:2a:97:46:b9:27:1c:
1f:05:45:32:6a:ac:9e:df:51:c3:39:4b:0f:1a:21:
52:0c:9e:d9:b4:79:03:1e:c9:be:88:f0:d2:d2:15:
df:93:36:03:cb:45:f8:0c:1d:f8:b0:1f:72:91:14:
d1:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:6D:9D:E7:F0:6E:A8:F1:63:68:84:CF:EE:C6:61:CB:31:DE:7B:EB
X509v3 Authority Key Identifier:
keyid:3F:B7:85:5E:F3:30:BA:77:D9:F3:B7:2D:FF:DE:C2:07:12:AC:14:07
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CD4DB/3A315DCECD0211E7B0442D28C4F9AE02/P7eFXvMwunfZ87ct_97CBxKsFAc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P7eFXvMwunfZ87ct_97CBxKsFAc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD4DB/3A315DCECD0211E7B0442D28C4F9AE02/9BAC2C9C32D911F09D7CBD0AC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.158.39.0/24
117.103.80.0/21
IPv6:
2404:f380::/32
Signature Algorithm: sha256WithRSAEncryption
02:f2:9d:9c:94:57:2a:2d:83:d4:62:2c:bd:75:ab:27:79:61:
f6:ad:a3:d2:4c:8c:ab:e9:0b:47:97:36:13:ca:62:02:d6:c9:
ef:18:37:85:4d:23:f1:a0:03:5e:7d:bc:80:13:7e:ec:d0:4f:
c9:71:e2:26:33:7a:7d:17:09:83:cc:11:71:38:23:cb:0d:e7:
4d:1e:53:1d:fa:19:f2:9f:ef:a4:74:33:15:06:f0:1c:7c:21:
a4:aa:98:b9:da:8f:0d:a7:98:3b:39:4e:c9:fc:0a:55:ca:d3:
94:77:df:20:1d:8e:de:02:3a:be:77:78:ca:90:6c:bb:24:96:
8f:e8:67:e5:90:92:39:86:ab:62:3f:91:06:4c:90:ef:d7:7b:
b1:15:08:3e:ec:99:36:d6:b7:5c:44:b5:d7:10:69:6c:15:7d:
6a:dd:2c:54:f7:fa:62:3f:ad:66:cc:ee:01:da:2c:94:94:e5:
1f:27:d0:7b:70:c8:91:2a:c4:bc:af:67:64:bd:5f:87:07:0f:
0a:35:12:b0:03:4f:61:1b:e2:00:e2:98:c7:66:f4:2a:40:ae:
8e:9c:63:f0:d1:b0:22:07:da:2e:aa:eb:c8:f2:63:16:33:dc:
5c:22:cb:52:95:ec:54:52:3c:9f:72:c7:97:83:6c:a2:c1:35:
0f:50:0e:5f
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgICGFYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0Q0REIxMTAvBgNVBAUTKDNGQjc4NTVFRjMzMEJBNzdEOUYzQjcyREZGREVDMjA3
MTJBQzE0MDcwHhcNMjUwODE0MTY1NTEyWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NDI5NS05YmFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApWR55Nhc2tPKWYZrSFdqdZzG1Pua1KbKGc8MhQtO62CEA8/bsz8kTVe0cVpw
T2PdlvBEfRAI8x5QgdvvTKhoq0v9HUySVIFvAZoS1WUEQJRmf0A9oWcAPRlloYS7
MZe7FQm8jpY1AfLU8t5cBc6Ud6vEtDiv8w74aCpdbz49ZNUoPCeu0MLtUtqEJj9t
ABgO2sZw9OtOU4UgqNjw7IBIy4oWJWx49yCRxnGSj9K8vDiRysrzpdnawYIuzzJh
bk2Mx/YbAAt8Q8zwSxUql0a5JxwfBUUyaqye31HDOUsPGiFSDJ7ZtHkDHsm+iPDS
0hXfkzYDy0X4DB34sB9ykRTRrQIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFG1tnefw
bqjxY2iEz+7GYcsx3nvrMB8GA1UdIwQYMBaAFD+3hV7zMLp32fO3Lf/ewgcSrBQH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRDREQi8zQTMxNURDRUNE
MDIxMUU3QjA0NDJEMjhDNEY5QUUwMi9QN2VGWHZNd3VuZlo4N2N0Xzk3Q0J4S3NG
QWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1A3ZUZYdk13dW5mWjg3Y3RfOTdDQnhLc0ZBYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0Q0REIvM0EzMTVEQ0VDRDAyMTFFN0IwNDQyRDI4QzRGOUFFMDIvOUJBQzJDOUMz
MkQ5MTFGMDlEN0NCRDBBQzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS
BAIAATAMAwQAZ54nAwQDdWdQMA0EAgACMAcDBQAkBPOAMA0GCSqGSIb3DQEBCwUA
A4IBAQAC8p2clFcqLYPUYiy9dasneWH2raPSTIyr6QtHlzYTymIC1snvGDeFTSPx
oANefbyAE37s0E/JceImM3p9FwmDzBFxOCPLDedNHlMd+hnyn++kdDMVBvAcfCGk
qpi52o8Np5g7OU7J/ApVytOUd98gHY7eAjq+d3jKkGy7JJaP6GflkJI5hqtiP5EG
TJDv13uxFQg+7Jk21rdcRLXXEGlsFX1q3SxU9/piP61mzO4B2iyUlOUfJ9B7cMiR
KsS8r2dkvV+HBw8KNRKwA09hG+IA4pjHZvQqQK6OnGPw0bAiB9ouquvI8mMWM9xc
IstSlexUUjyfcseXg2yiwTUPUA5f
-----END CERTIFICATE-----
Generated at Sat Mar 28 11:49:02 2026 by rpki-client