Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/65519ACC506C11EC99354984C4F9AE02.roa
File: 65519ACC506C11EC99354984C4F9AE02.roa (raw, json)
Hash identifier: bKALx6YD+Z5QL+SPXX75fMgztzxC7lFsCyk2pATWF3g=
Subject key identifier: ED:CA:D4:A6:90:7D:B2:08:D1:25:0D:C2:D8:49:86:FA:01:FA:9B:77
Certificate issuer: /CN=A91D298D/serialNumber=FEF2C1C4EA0964477514C1AA946E6C41778D06BF
Certificate serial: 0939
Authority key identifier: FE:F2:C1:C4:EA:09:64:47:75:14:C1:AA:94:6E:6C:41:77:8D:06:BF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_vLBxOoJZEd1FMGqlG5sQXeNBr8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/65519ACC506C11EC99354984C4F9AE02.roa
Signing time: Wed 22 Apr 2026 14:46:47 +0000
ROA not before: Wed 22 Apr 2026 14:46:47 +0000
ROA not after: Tue 02 Mar 2027 00:00:00 +0000
asID: 59257
IP address blocks: 43.243.132.0/22 maxlen: 24
45.116.232.0/22 maxlen: 24
103.255.4.0/22 maxlen: 22
103.255.4.0/23 maxlen: 24
103.255.6.0/23 maxlen: 24
111.119.168.0/21 maxlen: 24
111.119.176.0/20 maxlen: 20
111.119.176.0/21 maxlen: 21
111.119.176.0/22 maxlen: 24
111.119.180.0/22 maxlen: 24
111.119.184.0/21 maxlen: 21
111.119.184.0/22 maxlen: 24
111.119.188.0/22 maxlen: 24
121.91.32.0/19 maxlen: 24
144.48.0.0/22 maxlen: 24
203.189.224.0/22 maxlen: 24
223.123.0.0/17 maxlen: 24
2402:ad80::/36 maxlen: 36
2402:ad80::/44 maxlen: 48
2402:ad80:10::/44 maxlen: 48
2402:ad80:20::/44 maxlen: 48
2402:ad80:60::/44 maxlen: 48
2402:ad80:70::/44 maxlen: 48
2402:ad80:80::/44 maxlen: 48
2402:ad80:90::/44 maxlen: 48
2402:ad80:a0::/44 maxlen: 48
2402:ad80:b0::/44 maxlen: 48
2402:ad80:f0::/44 maxlen: 48
2402:ad80:100::/44 maxlen: 48
2402:ad80:110::/44 maxlen: 48
2402:ad80:120::/44 maxlen: 48
2402:ad80:130::/44 maxlen: 48
2402:ad80:140::/44 maxlen: 48
2402:ad80:1b0::/44 maxlen: 48
2402:ad80:1f0::/44 maxlen: 48
2402:ad80:330::/44 maxlen: 48
2402:ad80:340::/44 maxlen: 48
2402:ad80:350::/44 maxlen: 48
2402:ad80:360::/44 maxlen: 48
2402:ad80:370::/44 maxlen: 48
2402:ad80:380::/44 maxlen: 48
2402:ad80:1000::/36 maxlen: 36
2402:ad80:2000::/36 maxlen: 36
2402:ad80:3000::/36 maxlen: 36
2402:ad80:4000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/_vLBxOoJZEd1FMGqlG5sQXeNBr8.crl
rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/_vLBxOoJZEd1FMGqlG5sQXeNBr8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_vLBxOoJZEd1FMGqlG5sQXeNBr8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 19 May 2026 20:40:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2361 (0x939)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D298D, serialNumber=FEF2C1C4EA0964477514C1AA946E6C41778D06BF
Validity
Not Before: Apr 22 14:46:47 2026 GMT
Not After : Mar 2 00:00:00 2027 GMT
Subject: CN=69e8df57-d283
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:46:5a:a9:48:6f:28:ff:b3:c4:41:fa:65:8a:
5a:77:33:a2:9b:70:a3:35:9e:da:14:b9:d5:27:48:
22:d1:c4:f9:68:2e:f9:35:aa:05:7e:0e:5c:55:f7:
36:5c:19:59:ef:20:67:e4:b1:7f:ed:ee:36:e2:30:
c9:85:27:dc:bf:d9:b8:3b:f5:6a:51:b3:d0:db:aa:
c8:78:1b:e5:0f:7f:6f:86:96:bb:27:bc:d7:d8:81:
55:44:9f:0e:93:7a:8b:a2:ca:89:37:3f:4d:13:c1:
01:c0:b7:c4:e5:35:40:89:d1:5b:6a:60:84:e5:14:
01:3a:7d:4f:36:f7:e8:a3:9c:84:07:2a:d7:02:75:
90:76:77:7c:20:98:78:47:bb:93:31:a1:28:aa:5d:
44:da:f5:44:cb:19:e7:c0:f4:42:7d:35:ab:61:e6:
c0:a1:b5:74:87:e9:15:a9:ea:13:13:bb:17:10:14:
61:06:77:3f:10:65:ad:50:26:eb:ed:15:dd:84:57:
80:75:25:b9:fb:0d:0a:af:6a:7b:0c:a4:63:87:1d:
7d:7d:5b:a8:54:eb:42:26:8d:97:6f:9d:cb:d7:9b:
64:96:19:02:db:f4:1e:67:20:f0:28:ff:79:7d:23:
e8:7f:62:03:56:f5:d9:4e:fe:5e:7c:3e:44:83:d8:
03:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:CA:D4:A6:90:7D:B2:08:D1:25:0D:C2:D8:49:86:FA:01:FA:9B:77
X509v3 Authority Key Identifier:
keyid:FE:F2:C1:C4:EA:09:64:47:75:14:C1:AA:94:6E:6C:41:77:8D:06:BF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/_vLBxOoJZEd1FMGqlG5sQXeNBr8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_vLBxOoJZEd1FMGqlG5sQXeNBr8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/65519ACC506C11EC99354984C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.243.132.0/22
45.116.232.0/22
103.255.4.0/22
111.119.168.0-111.119.191.255
121.91.32.0/19
144.48.0.0/22
203.189.224.0/22
223.123.0.0/17
IPv6:
2402:ad80::-2402:ad80:4fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
74:0b:b3:2f:8a:1a:af:c7:f1:1f:ca:0a:13:12:c5:3c:01:b2:
ac:48:b9:05:6e:a6:00:99:04:fc:a7:ce:c1:bd:66:a4:00:8c:
b8:fc:e1:99:a3:52:bc:8d:20:40:dc:2d:79:81:ca:af:b5:8f:
58:1d:b0:1d:71:81:4e:5e:43:d6:a4:2f:67:58:42:3f:c0:af:
e3:84:68:3e:00:57:e0:99:91:d6:e7:26:ea:d8:a0:be:a6:50:
1c:31:df:ce:aa:93:85:b1:06:bb:62:f9:5e:a0:cf:47:f9:58:
31:a4:43:bc:26:25:fd:c4:b7:6f:fb:68:88:13:07:31:c6:bb:
0a:b7:e1:65:f8:66:54:bf:f7:2f:36:fe:8e:fc:76:e4:49:36:
20:aa:e2:83:24:90:ff:9c:c3:8d:71:aa:ae:aa:80:16:fb:bc:
dc:4f:56:ed:bf:f0:0c:7e:6b:48:ca:fc:ae:66:6e:9b:82:36:
b6:09:b4:9c:91:51:3f:6d:dc:bf:75:5c:5d:d3:f5:c3:cd:9a:
ea:c9:79:73:f4:ee:7b:1d:b7:08:0b:52:22:87:ec:00:7c:85:
31:0a:0e:8a:d6:36:cd:e2:0f:70:27:79:f2:29:ff:57:9c:94:
e9:e6:e1:60:a3:5c:8b:87:be:7d:ed:2c:77:5e:b5:c4:63:62:
ca:65:2d:00
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICCTkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDI5OEQxMTAvBgNVBAUTKEZFRjJDMUM0RUEwOTY0NDc3NTE0QzFBQTk0NkU2QzQx
Nzc4RDA2QkYwHhcNMjYwNDIyMTQ0NjQ3WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWU4ZGY1Ny1kMjgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApkZaqUhvKP+zxEH6ZYpadzOim3CjNZ7aFLnVJ0gi0cT5aC75NaoFfg5cVfc2
XBlZ7yBn5LF/7e424jDJhSfcv9m4O/VqUbPQ26rIeBvlD39vhpa7J7zX2IFVRJ8O
k3qLosqJNz9NE8EBwLfE5TVAidFbamCE5RQBOn1PNvfoo5yEByrXAnWQdnd8IJh4
R7uTMaEoql1E2vVEyxnnwPRCfTWrYebAobV0h+kVqeoTE7sXEBRhBnc/EGWtUCbr
7RXdhFeAdSW5+w0Kr2p7DKRjhx19fVuoVOtCJo2Xb53L15tklhkC2/QeZyDwKP95
fSPof2IDVvXZTv5efD5Eg9gD+QIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFO3K1KaQ
fbII0SUNwthJhvoB+pt3MB8GA1UdIwQYMBaAFP7ywcTqCWRHdRTBqpRubEF3jQa/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMjk4RC8zMzdBNjQzMkYx
QTYxMUVBQjk1QzBFMkZDNEY5QUUwMi9fdkxCeE9vSlpFZDFGTUdxbEc1c1FYZU5C
cjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL192TEJ4T29KWkVkMUZNR3FsRzVzUVhlTkJyOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDI5OEQvMzM3QTY0MzJGMUE2MTFFQUI5NUMwRTJGQzRGOUFFMDIvNjU1MTlBQ0M1
MDZDMTFFQzk5MzU0OTg0QzRGOUFFMDIucm9hMGoGCCsGAQUFBwEHAQH/BFswWTA+
BAIAATA4AwQCK/OEAwQCLXToAwQCZ/8EMAwDBANvd6gDBAZvd4ADBAV5WyADBAKQ
MAADBALLveADBAffewAwFwQCAAIwETAPAwUHJAKtgAMGBCQCrYBAMA0GCSqGSIb3
DQEBCwUAA4IBAQB0C7Mvihqvx/EfygoTEsU8AbKsSLkFbqYAmQT8p87BvWakAIy4
/OGZo1K8jSBA3C15gcqvtY9YHbAdcYFOXkPWpC9nWEI/wK/jhGg+AFfgmZHW5ybq
2KC+plAcMd/OqpOFsQa7YvleoM9H+VgxpEO8JiX9xLdv+2iIEwcxxrsKt+Fl+GZU
v/cvNv6O/HbkSTYgquKDJJD/nMONcaquqoAW+7zcT1btv/AMfmtIyvyuZm6bgja2
CbSckVE/bdy/dVxd0/XDzZrqyXlz9O57HbcIC1Iih+wAfIUxCg6K1jbN4g9wJ3ny
Kf9XnJTp5uFgo1yLh7597Sx3XrXEY2LKZS0A
-----END CERTIFICATE-----
Generated at Wed May 13 05:41:59 2026 by rpki-client