Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEBCA/B588B4A61D8811E28CAE8FE108B02CD2/BFABA2D6BECE11F0B218C045C4F9AE02.roa
File: BFABA2D6BECE11F0B218C045C4F9AE02.roa (raw, json)
Hash identifier: /QkgzfATlH/sUZdlcC1kixai5w0E/QTcB6zQhhCEKdA=
Subject key identifier: 87:D4:58:DF:B4:EA:45:E2:44:02:D3:C5:99:2F:64:FE:13:7C:C3:CF
Certificate issuer: /CN=A91CEBCA/serialNumber=FE826EE9BC12DAAD3B197471B0413F1EB2082635
Certificate serial: 355C
Authority key identifier: FE:82:6E:E9:BC:12:DA:AD:3B:19:74:71:B0:41:3F:1E:B2:08:26:35
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_oJu6bwS2q07GXRxsEE_HrIIJjU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CEBCA/B588B4A61D8811E28CAE8FE108B02CD2/BFABA2D6BECE11F0B218C045C4F9AE02.roa
Signing time: Sat 14 Mar 2026 15:10:44 +0000
ROA not before: Sat 14 Mar 2026 15:10:44 +0000
ROA not after: Fri 28 May 2027 00:00:00 +0000
asID: 17666
IP address blocks: 43.246.164.0/24 maxlen: 24
43.246.166.0/24 maxlen: 24
43.246.167.0/24 maxlen: 24
111.67.32.0/24 maxlen: 24
111.67.33.0/24 maxlen: 24
111.67.34.0/24 maxlen: 24
111.67.35.0/24 maxlen: 24
111.67.38.0/24 maxlen: 24
111.67.39.0/24 maxlen: 24
111.67.42.0/24 maxlen: 24
111.67.43.0/24 maxlen: 24
111.67.44.0/24 maxlen: 24
111.67.45.0/24 maxlen: 24
111.67.46.0/24 maxlen: 24
111.67.47.0/24 maxlen: 24
202.9.96.0/22 maxlen: 22
202.9.100.0/24 maxlen: 24
202.9.101.0/24 maxlen: 24
202.9.102.0/24 maxlen: 24
202.9.103.0/24 maxlen: 24
202.9.104.0/23 maxlen: 24
202.9.106.0/24 maxlen: 24
202.9.107.0/24 maxlen: 24
202.87.96.0/22 maxlen: 22
202.87.96.0/24 maxlen: 24
202.87.97.0/24 maxlen: 24
202.87.98.0/24 maxlen: 24
202.87.99.0/24 maxlen: 24
202.87.104.0/24 maxlen: 24
202.87.105.0/24 maxlen: 24
202.87.106.0/24 maxlen: 24
202.87.107.0/24 maxlen: 24
202.87.108.0/24 maxlen: 24
202.87.109.0/24 maxlen: 24
202.87.110.0/24 maxlen: 24
202.87.111.0/24 maxlen: 24
202.87.124.0/24 maxlen: 24
202.87.125.0/24 maxlen: 24
202.87.126.0/24 maxlen: 24
202.87.127.0/24 maxlen: 24
2401:200::/32 maxlen: 32
2401:200::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91CEBCA/B588B4A61D8811E28CAE8FE108B02CD2/_oJu6bwS2q07GXRxsEE_HrIIJjU.crl
rsync://rpki.apnic.net/member_repository/A91CEBCA/B588B4A61D8811E28CAE8FE108B02CD2/_oJu6bwS2q07GXRxsEE_HrIIJjU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_oJu6bwS2q07GXRxsEE_HrIIJjU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 02 Apr 2026 14:33:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13660 (0x355c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CEBCA, serialNumber=FE826EE9BC12DAAD3B197471B0413F1EB2082635
Validity
Not Before: Mar 14 15:10:44 2026 GMT
Not After : May 28 00:00:00 2027 GMT
Subject: CN=69b57a74-e648
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:e0:cb:f6:ed:35:5a:85:92:f8:8d:ea:1f:d0:
ec:c0:50:00:32:c3:97:10:eb:36:44:2e:7f:ed:8f:
ef:db:10:bf:a9:a1:bd:0a:97:dd:89:da:24:6a:58:
25:a3:4f:9a:2f:73:a4:29:6e:0d:15:b0:a2:e7:2e:
51:ea:a9:a4:a9:a3:6f:05:00:96:1e:68:44:68:4d:
1f:8e:c1:75:74:82:ec:c6:27:cf:13:c8:c1:bb:b4:
94:84:de:7e:6c:0f:ce:87:69:ca:84:4d:33:86:d0:
54:a6:13:2f:e3:6f:55:e8:7b:14:5d:d8:f3:9e:ff:
2c:b1:60:4c:cb:bb:cf:6a:69:10:bb:8f:5d:da:fd:
ec:55:7e:8b:70:37:24:a0:80:86:ab:6e:41:06:67:
78:e3:e7:70:7c:03:db:3c:9e:61:f8:e6:4b:11:28:
b8:11:32:de:6d:61:7b:87:3b:cd:6d:96:7d:9b:1e:
da:f1:fd:61:1e:43:b5:d1:47:f2:3f:ea:18:e3:10:
d4:90:b7:f7:52:48:09:97:45:ac:e9:b0:00:d0:27:
9b:dd:d6:14:13:71:60:9d:6c:cd:ea:08:ab:91:99:
1b:73:6d:bb:fe:a4:ea:cc:19:e9:17:8a:e3:a1:a8:
e2:87:5d:d0:16:cf:2d:eb:40:7f:55:6c:d4:56:ec:
36:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:D4:58:DF:B4:EA:45:E2:44:02:D3:C5:99:2F:64:FE:13:7C:C3:CF
X509v3 Authority Key Identifier:
keyid:FE:82:6E:E9:BC:12:DA:AD:3B:19:74:71:B0:41:3F:1E:B2:08:26:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CEBCA/B588B4A61D8811E28CAE8FE108B02CD2/_oJu6bwS2q07GXRxsEE_HrIIJjU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_oJu6bwS2q07GXRxsEE_HrIIJjU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEBCA/B588B4A61D8811E28CAE8FE108B02CD2/BFABA2D6BECE11F0B218C045C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.246.164.0/24
43.246.166.0/23
111.67.32.0/22
111.67.38.0/23
111.67.42.0-111.67.47.255
202.9.96.0-202.9.107.255
202.87.96.0/22
202.87.104.0/21
202.87.124.0/22
IPv6:
2401:200::/32
Signature Algorithm: sha256WithRSAEncryption
bc:0b:3c:a9:12:b5:92:8a:6d:aa:f4:79:1d:97:fc:3e:02:79:
89:0f:eb:ce:32:e0:66:46:8d:93:c1:c9:d1:7d:1b:c9:42:64:
b9:42:e4:87:b9:21:b3:da:2b:84:cd:25:24:a1:93:a6:59:03:
ce:71:a9:4b:a5:e0:f5:aa:57:70:50:f6:84:85:2a:ed:4c:5f:
38:e5:12:cb:30:d4:39:cf:bf:8e:83:3a:80:6b:76:1a:d7:e0:
14:48:b3:d2:fa:d7:9a:f3:7c:53:29:de:37:a9:1f:6e:0e:56:
6c:49:88:dc:54:c9:b9:41:ab:e1:8e:b3:ca:05:a1:f4:e6:ac:
aa:64:9b:3b:e1:51:62:67:5e:2b:f1:81:30:e1:ee:75:a2:35:
62:3e:dd:cd:fb:91:a4:78:a9:93:cc:71:1a:f6:47:7c:e0:2d:
dc:ec:c0:e6:4d:64:30:68:60:6d:2b:b5:27:e3:c9:b9:09:fd:
7b:ce:b9:ce:3f:31:0f:fe:66:e2:f0:ea:d1:9b:8d:35:ec:6e:
37:99:5b:81:54:4c:a5:5c:6d:01:64:b1:ec:64:f4:78:8e:11:
3f:27:bd:f6:cd:02:f2:e8:b3:07:b0:f7:37:f8:a9:37:81:7f:
45:5f:1e:61:5e:e8:63:85:dd:32:1b:b7:73:7c:63:b3:97:5c:
da:3c:ee:90
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICNVwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0VCQ0ExMTAvBgNVBAUTKEZFODI2RUU5QkMxMkRBQUQzQjE5NzQ3MUIwNDEzRjFF
QjIwODI2MzUwHhcNMjYwMzE0MTUxMDQ0WhcNMjcwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWI1N2E3NC1lNjQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1eDL9u01WoWS+I3qH9DswFAAMsOXEOs2RC5/7Y/v2xC/qaG9Cpfdidokalgl
o0+aL3OkKW4NFbCi5y5R6qmkqaNvBQCWHmhEaE0fjsF1dILsxifPE8jBu7SUhN5+
bA/Oh2nKhE0zhtBUphMv429V6HsUXdjznv8ssWBMy7vPamkQu49d2v3sVX6LcDck
oICGq25BBmd44+dwfAPbPJ5h+OZLESi4ETLebWF7hzvNbZZ9mx7a8f1hHkO10Ufy
P+oY4xDUkLf3UkgJl0Ws6bAA0Ceb3dYUE3FgnWzN6girkZkbc227/qTqzBnpF4rj
oajih13QFs8t60B/VWzUVuw2FQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFIfUWN+0
6kXiRALTxZkvZP4TfMPPMB8GA1UdIwQYMBaAFP6Cbum8EtqtOxl0cbBBPx6yCCY1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRUJDQS9CNTg4QjRBNjFE
ODgxMUUyOENBRThGRTEwOEIwMkNEMi9fb0p1NmJ3UzJxMDdHWFJ4c0VFX0hySUlK
alUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19vSnU2YndTMnEwN0dYUnhzRUVfSHJJSUpqVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0VCQ0EvQjU4OEI0QTYxRDg4MTFFMjhDQUU4RkUxMDhCMDJDRDIvQkZBQkEyRDZC
RUNFMTFGMEIyMThDMDQ1QzRGOUFFMDIucm9hMG4GCCsGAQUFBwEHAQH/BF8wXTBM
BAIAATBGAwQAK/akAwQBK/amAwQCb0MgAwQBb0MmMAwDBAFvQyoDBARvQyAwDAME
BcoJYAMEAsoJaAMEAspXYAMEA8pXaAMEAspXfDANBAIAAjAHAwUAJAECADANBgkq
hkiG9w0BAQsFAAOCAQEAvAs8qRK1koptqvR5HZf8PgJ5iQ/rzjLgZkaNk8HJ0X0b
yUJkuULkh7khs9orhM0lJKGTplkDznGpS6Xg9apXcFD2hIUq7UxfOOUSyzDUOc+/
joM6gGt2GtfgFEiz0vrXmvN8UyneN6kfbg5WbEmI3FTJuUGr4Y6zygWh9OasqmSb
O+FRYmdeK/GBMOHudaI1Yj7dzfuRpHipk8xxGvZHfOAt3OzA5k1kMGhgbSu1J+PJ
uQn9e865zj8xD/5m4vDq0ZuNNexuN5lbgVRMpVxtAWSx7GT0eI4RPye99s0C8uiz
B7D3N/ipN4F/RV8eYV7oY4XdMhu3c3xjs5dc2jzukA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 21:14:57 2026 by rpki-client