Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D176D/F02A35E8A91411EEB2712D3FC4F9AE02/E13D8940342E11EF84328672C4F9AE02.roa
File: E13D8940342E11EF84328672C4F9AE02.roa (raw, json)
Hash identifier: i946rkKnIPD36Fiz0DiuBSlPgc8OVRMaBixyXUc/SDA=
Subject key identifier: 71:16:A1:6E:26:91:08:2A:18:F4:81:98:2A:D7:FD:C9:2F:F5:6D:7D
Certificate issuer: /CN=A91D176D/serialNumber=AA0178EA78511A15B1470EBFC0C5721A70E2769F
Certificate serial: 01C5
Authority key identifier: AA:01:78:EA:78:51:1A:15:B1:47:0E:BF:C0:C5:72:1A:70:E2:76:9F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qgF46nhRGhWxRw6_wMVyGnDidp8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D176D/F02A35E8A91411EEB2712D3FC4F9AE02/E13D8940342E11EF84328672C4F9AE02.roa
Signing time: Mon 02 Mar 2026 13:46:13 +0000
ROA not before: Fri 06 Feb 2026 02:13:09 +0000
ROA not after: Sat 01 May 2027 00:00:00 +0000
asID: 134078
IP address blocks: 45.112.76.0/22 maxlen: 22
61.13.0.0/23 maxlen: 24
61.13.2.0/24 maxlen: 24
61.13.16.0/20 maxlen: 21
61.13.32.0/21 maxlen: 21
61.13.32.0/22 maxlen: 22
61.13.36.0/22 maxlen: 22
61.13.128.0/22 maxlen: 22
61.13.128.0/24 maxlen: 24
61.13.132.0/22 maxlen: 22
61.13.132.0/24 maxlen: 24
61.13.133.0/24 maxlen: 24
61.13.134.0/24 maxlen: 24
61.13.135.0/24 maxlen: 24
61.13.136.0/23 maxlen: 23
61.13.138.0/23 maxlen: 23
61.14.64.0/19 maxlen: 19
61.14.90.0/24 maxlen: 24
61.14.91.0/24 maxlen: 24
61.14.95.0/24 maxlen: 24
61.16.0.0/22 maxlen: 22
61.16.4.0/22 maxlen: 22
61.16.8.0/22 maxlen: 22
61.16.12.0/22 maxlen: 22
61.16.16.0/22 maxlen: 22
61.16.32.0/22 maxlen: 22
103.51.160.0/22 maxlen: 22
103.51.160.0/24 maxlen: 24
103.51.163.0/24 maxlen: 24
103.227.88.0/22 maxlen: 22
103.227.88.0/23 maxlen: 23
103.227.90.0/23 maxlen: 23
103.250.56.0/22 maxlen: 22
103.250.58.0/24 maxlen: 24
202.52.64.0/22 maxlen: 22
202.52.64.0/23 maxlen: 23
202.52.66.0/23 maxlen: 23
202.52.68.0/22 maxlen: 22
202.52.72.0/21 maxlen: 21
202.52.80.0/21 maxlen: 21
202.52.88.0/22 maxlen: 22
202.52.92.0/22 maxlen: 22
202.52.96.0/19 maxlen: 19
202.52.104.0/22 maxlen: 22
202.52.112.0/20 maxlen: 20
202.136.16.0/20 maxlen: 20
202.148.160.0/20 maxlen: 20
203.31.234.0/24 maxlen: 24
203.149.128.0/24 maxlen: 24
203.149.140.0/22 maxlen: 22
203.149.168.0/22 maxlen: 22
203.149.184.0/21 maxlen: 21
2404:1100::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D176D/F02A35E8A91411EEB2712D3FC4F9AE02/qgF46nhRGhWxRw6_wMVyGnDidp8.crl
rsync://rpki.apnic.net/member_repository/A91D176D/F02A35E8A91411EEB2712D3FC4F9AE02/qgF46nhRGhWxRw6_wMVyGnDidp8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qgF46nhRGhWxRw6_wMVyGnDidp8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 01 Apr 2026 03:25:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 453 (0x1c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D176D, serialNumber=AA0178EA78511A15B1470EBFC0C5721A70E2769F
Validity
Not Before: Feb 6 02:13:09 2026 GMT
Not After : May 1 00:00:00 2027 GMT
Subject: CN=69a594a5-d3ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d2:35:3d:86:d9:04:f4:72:0e:78:2c:38:61:
a9:f8:5b:d8:10:3f:ea:7d:f1:61:2a:3b:5b:3f:8a:
e5:bf:dd:3d:96:9d:4a:04:eb:5a:b5:ac:e4:8f:a6:
e7:1a:c7:9c:45:f4:0d:99:ee:00:87:f0:73:6f:21:
e8:57:5d:92:6d:a5:99:fb:f0:7b:e8:48:f1:02:65:
b9:54:08:9a:6e:6e:34:6f:6a:14:2c:55:c6:29:84:
90:95:19:fc:22:b5:65:1e:56:e0:b8:65:21:dd:57:
cb:02:b8:dd:c9:9e:62:b1:ee:ae:ea:32:ee:70:cf:
9e:56:a8:17:77:bb:51:88:77:d9:f6:cb:4d:34:7a:
aa:65:6d:2e:9c:15:29:57:19:fe:cf:5e:e2:68:e5:
1e:6a:fa:97:9a:1b:b3:c8:a1:69:62:fd:ea:2f:df:
dc:78:7f:70:2b:0c:e2:67:e2:ec:63:2a:d9:07:24:
18:84:ed:99:9e:51:31:57:a6:f3:3c:8e:3a:cc:56:
97:e9:5b:73:b7:80:50:b0:40:dd:00:82:3b:71:ee:
45:55:62:a9:89:35:72:22:07:92:71:a9:d0:79:8c:
6d:c8:ca:b5:4d:f7:13:54:f6:50:03:74:cf:bc:21:
d6:a4:90:e0:cb:89:74:c1:c2:a4:5c:22:97:09:be:
f1:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:16:A1:6E:26:91:08:2A:18:F4:81:98:2A:D7:FD:C9:2F:F5:6D:7D
X509v3 Authority Key Identifier:
keyid:AA:01:78:EA:78:51:1A:15:B1:47:0E:BF:C0:C5:72:1A:70:E2:76:9F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D176D/F02A35E8A91411EEB2712D3FC4F9AE02/qgF46nhRGhWxRw6_wMVyGnDidp8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qgF46nhRGhWxRw6_wMVyGnDidp8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D176D/F02A35E8A91411EEB2712D3FC4F9AE02/E13D8940342E11EF84328672C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.112.76.0/22
61.13.0.0-61.13.2.255
61.13.16.0-61.13.39.255
61.13.128.0-61.13.139.255
61.14.64.0/19
61.16.0.0-61.16.19.255
61.16.32.0/22
103.51.160.0/22
103.227.88.0/22
103.250.56.0/22
202.52.64.0/18
202.136.16.0/20
202.148.160.0/20
203.31.234.0/24
203.149.128.0/24
203.149.140.0/22
203.149.168.0/22
203.149.184.0/21
IPv6:
2404:1100::/32
Signature Algorithm: sha256WithRSAEncryption
b1:85:58:64:77:10:d3:8f:b2:bb:d8:82:ea:c8:0e:97:68:94:
1f:e4:fc:3b:53:a9:89:02:a6:9e:11:c2:86:d4:98:3d:14:59:
c2:e2:87:52:4f:64:f2:1e:1e:53:51:f4:f9:96:47:f0:0e:83:
9e:ac:84:a8:53:2c:25:e5:87:a2:ae:85:d9:64:e3:04:15:97:
38:67:11:bd:d7:2d:90:0a:e2:3d:97:62:85:6c:b1:db:c3:16:
7f:d5:79:dc:4b:a4:cc:a1:6c:ed:5c:37:ea:bc:db:9b:96:de:
f9:da:0c:97:8a:3b:5f:30:67:1e:b5:18:57:f3:86:b0:33:3f:
31:72:09:4a:50:5c:c3:ff:7f:c1:6f:2d:55:22:c5:71:bd:d3:
1d:83:0c:38:96:6c:9c:cd:5b:f8:92:8f:9a:40:bf:08:fa:7e:
bf:72:4a:9a:89:c5:28:08:09:75:dc:9b:e5:08:e0:cb:c6:f3:
26:7a:1a:de:f0:36:89:7b:b6:47:7d:c4:b4:86:56:81:07:e5:
61:0e:ed:2e:b1:d0:a7:7e:b6:b5:8e:00:f7:64:bb:62:8c:85:
e1:ee:cc:c3:27:82:59:4d:e4:64:0d:a1:df:fe:76:1e:d3:42:
c6:07:f9:d1:52:da:d7:6b:20:c9:ba:40:b5:de:62:b4:bd:78:
ba:f1:95:21
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgICAcUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE3NkQxMTAvBgNVBAUTKEFBMDE3OEVBNzg1MTFBMTVCMTQ3MEVCRkMwQzU3MjFB
NzBFMjc2OUYwHhcNMjYwMjA2MDIxMzA5WhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE1OTRhNS1kM2VmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAotI1PYbZBPRyDngsOGGp+FvYED/qffFhKjtbP4rlv909lp1KBOtatazkj6bn
GsecRfQNme4Ah/BzbyHoV12SbaWZ+/B76EjxAmW5VAiabm40b2oULFXGKYSQlRn8
IrVlHlbguGUh3VfLArjdyZ5ise6u6jLucM+eVqgXd7tRiHfZ9stNNHqqZW0unBUp
Vxn+z17iaOUeavqXmhuzyKFpYv3qL9/ceH9wKwziZ+LsYyrZByQYhO2ZnlExV6bz
PI46zFaX6Vtzt4BQsEDdAII7ce5FVWKpiTVyIgeScanQeYxtyMq1TfcTVPZQA3TP
vCHWpJDgy4l0wcKkXCKXCb7xkQIDAQABo4IC+DCCAvQwHQYDVR0OBBYEFHEWoW4m
kQgqGPSBmCrX/ckv9W19MB8GA1UdIwQYMBaAFKoBeOp4URoVsUcOv8DFchpw4naf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTc2RC9GMDJBMzVFOEE5
MTQxMUVFQjI3MTJEM0ZDNEY5QUUwMi9xZ0Y0Nm5oUkdoV3hSdzZfd01WeUduRGlk
cDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FnRjQ2bmhSR2hXeFJ3Nl93TVZ5R25EaWRwOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE3NkQvRjAyQTM1RThBOTE0MTFFRUIyNzEyRDNGQzRGOUFFMDIvRTEzRDg5NDAz
NDJFMTFFRjg0MzI4NjcyQzRGOUFFMDIucm9hMIG2BggrBgEFBQcBBwEB/wSBpjCB
ozCBkQQCAAEwgYoDBAItcEwwCwMDAD0NAwQAPQ0CMAwDBAQ9DRADBAM9DSAwDAME
Bz0NgAMEAj0NiAMEBT0OQDALAwMEPRADBAI9EBADBAI9ECADBAJnM6ADBAJn41gD
BAJn+jgDBAbKNEADBATKiBADBATKlKADBADLH+oDBADLlYADBALLlYwDBALLlagD
BAPLlbgwDQQCAAIwBwMFACQEEQAwDQYJKoZIhvcNAQELBQADggEBALGFWGR3ENOP
srvYgurIDpdolB/k/DtTqYkCpp4RwobUmD0UWcLih1JPZPIeHlNR9PmWR/AOg56s
hKhTLCXlh6Kuhdlk4wQVlzhnEb3XLZAK4j2XYoVssdvDFn/VedxLpMyhbO1cN+q8
25uW3vnaDJeKO18wZx61GFfzhrAzPzFyCUpQXMP/f8FvLVUixXG90x2DDDiWbJzN
W/iSj5pAvwj6fr9ySpqJxSgICXXcm+UI4MvG8yZ6Gt7wNol7tkd9xLSGVoEH5WEO
7S6x0Kd+trWOAPdku2KMheHuzMMngllN5GQNod/+dh7TQsYH+dFS2tdrIMm6QLXe
YrS9eLrxlSE=
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:58:27 2026 by rpki-client