Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9785/47DF9CEC56EC11E7BAD48D3BC4F9AE02/CBCD905AA6E811EFB43BBB4EC4F9AE02.roa
File: CBCD905AA6E811EFB43BBB4EC4F9AE02.roa (raw, json)
Hash identifier: P3itnqAI1hjQnV+fMMGletZWZFTHkB/4hVkmtiZye0I=
Subject key identifier: 15:E3:44:3F:FF:A9:57:39:4F:CB:84:98:C6:11:49:54:BC:EC:33:A3
Certificate issuer: /CN=A91D9785/serialNumber=7EDEFAD656FD88326F6DFAE2487010580402A35F
Certificate serial: 1A9E
Authority key identifier: 7E:DE:FA:D6:56:FD:88:32:6F:6D:FA:E2:48:70:10:58:04:02:A3:5F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ft761lb9iDJvbfriSHAQWAQCo18.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D9785/47DF9CEC56EC11E7BAD48D3BC4F9AE02/CBCD905AA6E811EFB43BBB4EC4F9AE02.roa
Signing time: Sun 01 Mar 2026 09:15:22 +0000
ROA not before: Sat 14 Jun 2025 16:26:36 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 17726
IP address blocks: 45.127.152.0/22 maxlen: 22
45.127.152.0/24 maxlen: 24
45.127.153.0/24 maxlen: 24
45.127.154.0/24 maxlen: 24
45.127.155.0/24 maxlen: 24
103.6.8.0/22 maxlen: 22
103.6.8.0/24 maxlen: 24
103.6.9.0/24 maxlen: 24
103.6.10.0/24 maxlen: 24
103.6.11.0/24 maxlen: 24
103.101.156.0/22 maxlen: 22
103.101.156.0/24 maxlen: 24
103.101.157.0/24 maxlen: 24
103.101.158.0/24 maxlen: 24
103.101.159.0/24 maxlen: 24
103.248.40.0/22 maxlen: 22
103.248.40.0/24 maxlen: 24
103.248.41.0/24 maxlen: 24
103.248.42.0/24 maxlen: 24
103.248.43.0/24 maxlen: 24
202.150.8.0/24 maxlen: 24
202.150.9.0/24 maxlen: 24
202.150.10.0/24 maxlen: 24
202.150.11.0/24 maxlen: 24
203.223.32.0/20 maxlen: 20
203.223.32.0/24 maxlen: 24
203.223.33.0/24 maxlen: 24
203.223.34.0/24 maxlen: 24
203.223.35.0/24 maxlen: 24
203.223.36.0/24 maxlen: 24
203.223.37.0/24 maxlen: 24
203.223.38.0/24 maxlen: 24
203.223.39.0/24 maxlen: 24
203.223.40.0/24 maxlen: 24
203.223.41.0/24 maxlen: 24
203.223.42.0/24 maxlen: 24
203.223.43.0/24 maxlen: 24
203.223.44.0/24 maxlen: 24
203.223.45.0/24 maxlen: 24
203.223.46.0/24 maxlen: 24
203.223.47.0/24 maxlen: 24
2401:a700::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D9785/47DF9CEC56EC11E7BAD48D3BC4F9AE02/ft761lb9iDJvbfriSHAQWAQCo18.crl
rsync://rpki.apnic.net/member_repository/A91D9785/47DF9CEC56EC11E7BAD48D3BC4F9AE02/ft761lb9iDJvbfriSHAQWAQCo18.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ft761lb9iDJvbfriSHAQWAQCo18.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 02 Apr 2026 16:18:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6814 (0x1a9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D9785, serialNumber=7EDEFAD656FD88326F6DFAE2487010580402A35F
Validity
Not Before: Jun 14 16:26:36 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=69a403a9-7ced
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:4d:64:73:9c:63:b0:43:f9:79:d3:bf:48:06:
b9:ec:6b:5e:73:23:5f:ff:3f:d4:ca:a7:a2:9e:88:
0d:19:6b:62:a3:89:34:5f:ba:73:a3:15:dd:70:bb:
16:1b:87:37:3e:bd:70:ef:e3:ac:26:20:cf:ee:39:
5b:9b:7b:5d:61:8f:21:55:53:a6:b3:24:fc:c9:ca:
de:ef:df:d4:2d:2d:0c:8d:b3:80:e5:a2:11:d7:0c:
44:8b:87:44:e0:b4:6d:3e:1f:93:ba:aa:32:03:84:
9b:02:6e:5e:c4:30:93:c6:45:9c:ce:1b:38:1c:4f:
78:1a:fb:95:6a:66:42:04:95:09:1a:e1:3c:93:3b:
16:a8:c4:ae:e8:45:e6:33:c2:d7:a5:f7:ac:d2:a8:
07:ae:23:7d:d2:af:29:17:8b:fe:2a:3f:bc:03:64:
ac:f2:76:7c:14:ef:27:c4:af:bb:26:9c:bd:4e:4e:
34:1f:52:06:df:84:7e:74:99:4c:20:f0:c6:74:c0:
8e:38:2d:34:b1:24:ba:22:d0:76:14:15:3e:a4:d0:
df:87:d6:f9:99:9b:01:d9:12:5f:11:c3:30:0c:25:
0a:77:5a:ad:76:97:16:12:02:8c:9d:70:e3:2d:94:
68:1a:56:65:e7:0b:58:3d:04:25:c1:fd:d9:e0:d2:
a4:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:E3:44:3F:FF:A9:57:39:4F:CB:84:98:C6:11:49:54:BC:EC:33:A3
X509v3 Authority Key Identifier:
keyid:7E:DE:FA:D6:56:FD:88:32:6F:6D:FA:E2:48:70:10:58:04:02:A3:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D9785/47DF9CEC56EC11E7BAD48D3BC4F9AE02/ft761lb9iDJvbfriSHAQWAQCo18.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ft761lb9iDJvbfriSHAQWAQCo18.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9785/47DF9CEC56EC11E7BAD48D3BC4F9AE02/CBCD905AA6E811EFB43BBB4EC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.127.152.0/22
103.6.8.0/22
103.101.156.0/22
103.248.40.0/22
202.150.8.0/22
203.223.32.0/20
IPv6:
2401:a700::/32
Signature Algorithm: sha256WithRSAEncryption
78:a2:b0:e5:7d:0f:f4:a0:10:14:e2:ea:1d:ab:38:1c:3d:c1:
f2:97:85:33:68:c9:86:cb:b5:49:1f:a8:5d:40:19:1e:38:d8:
62:62:b4:4f:5e:94:55:a6:b3:0e:ff:c6:cc:b9:74:9d:54:65:
b3:70:aa:3c:49:6b:64:ed:b7:d7:3e:2b:fe:32:f1:8d:a4:a8:
b2:81:77:a6:bb:42:5f:84:17:33:5d:51:cd:ab:f5:8a:69:99:
f3:4a:04:08:54:22:5e:f1:b8:df:20:cc:e1:2e:25:59:2f:8a:
56:6d:5d:72:01:cb:16:96:ce:54:66:0e:9f:c4:bc:c3:a4:98:
ac:a2:42:ff:03:08:a3:b0:f4:91:31:bc:f9:eb:94:ba:fe:bf:
3c:b4:31:7c:96:03:2d:92:b7:f2:9a:48:0f:0f:58:35:b1:e4:
24:68:2b:60:9b:bf:58:8d:96:33:bc:d9:e4:11:81:54:e0:48:
9a:02:f7:cc:6d:90:f4:de:97:ba:d5:77:be:93:d9:a5:aa:23:
8b:d3:7d:aa:57:32:af:50:54:8e:19:29:1e:0d:78:c3:23:56:
89:43:29:4d:42:2d:73:7d:d1:06:52:b2:f3:26:17:02:ce:ed:
dc:b7:ff:62:11:91:3a:48:07:f2:10:72:ae:5d:88:14:69:51:
a8:46:95:cc
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgICGp4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDk3ODUxMTAvBgNVBAUTKDdFREVGQUQ2NTZGRDg4MzI2RjZERkFFMjQ4NzAxMDU4
MDQwMkEzNUYwHhcNMjUwNjE0MTYyNjM2WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0MDNhOS03Y2VkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4U1kc5xjsEP5edO/SAa57GtecyNf/z/UyqeinogNGWtio4k0X7pzoxXdcLsW
G4c3Pr1w7+OsJiDP7jlbm3tdYY8hVVOmsyT8ycre79/ULS0MjbOA5aIR1wxEi4dE
4LRtPh+TuqoyA4SbAm5exDCTxkWczhs4HE94GvuVamZCBJUJGuE8kzsWqMSu6EXm
M8LXpfes0qgHriN90q8pF4v+Kj+8A2Ss8nZ8FO8nxK+7Jpy9Tk40H1IG34R+dJlM
IPDGdMCOOC00sSS6ItB2FBU+pNDfh9b5mZsB2RJfEcMwDCUKd1qtdpcWEgKMnXDj
LZRoGlZl5wtYPQQlwf3Z4NKkSQIDAQABo4ICjTCCAokwHQYDVR0OBBYEFBXjRD//
qVc5T8uEmMYRSVS87DOjMB8GA1UdIwQYMBaAFH7e+tZW/Ygyb2364khwEFgEAqNf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOTc4NS80N0RGOUNFQzU2
RUMxMUU3QkFENDhEM0JDNEY5QUUwMi9mdDc2MWxiOWlESnZiZnJpU0hBUVdBUUNv
MTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Z0NzYxbGI5aURKdmJmcmlTSEFRV0FRQ28xOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDk3ODUvNDdERjlDRUM1NkVDMTFFN0JBRDQ4RDNCQzRGOUFFMDIvQ0JDRDkwNUFB
NkU4MTFFRkI0M0JCQjRFQzRGOUFFMDIucm9hMEwGCCsGAQUFBwEHAQH/BD0wOzAq
BAIAATAkAwQCLX+YAwQCZwYIAwQCZ2WcAwQCZ/goAwQCypYIAwQEy98gMA0EAgAC
MAcDBQAkAacAMA0GCSqGSIb3DQEBCwUAA4IBAQB4orDlfQ/0oBAU4uodqzgcPcHy
l4UzaMmGy7VJH6hdQBkeONhiYrRPXpRVprMO/8bMuXSdVGWzcKo8SWtk7bfXPiv+
MvGNpKiygXemu0JfhBczXVHNq/WKaZnzSgQIVCJe8bjfIMzhLiVZL4pWbV1yAcsW
ls5UZg6fxLzDpJisokL/AwijsPSRMbz565S6/r88tDF8lgMtkrfymkgPD1g1seQk
aCtgm79YjZYzvNnkEYFU4EiaAvfMbZD03pe61Xe+k9mlqiOL032qVzKvUFSOGSke
DXjDI1aJQylNQi1zfdEGUrLzJhcCzu3ct/9iEZE6SAfyEHKuXYgUaVGoRpXM
-----END CERTIFICATE-----
Generated at Sat Mar 28 12:07:34 2026 by rpki-client