Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/95EC5BBE0DC811F0A0561D5AC4F9AE02.roa
File: 95EC5BBE0DC811F0A0561D5AC4F9AE02.roa (raw, json)
Hash identifier: OdJAAHZapPghT4UQJjL0KEqUGshRp+J7t4bZFZ0nS3Q=
Subject key identifier: 71:8F:B7:52:38:9C:30:7D:F0:5E:4E:C2:D1:BF:53:22:8B:63:25:F4
Certificate issuer: /CN=A91DB4FE/serialNumber=7F6BE1D5A2730FC227FAFC896D13433241783179
Certificate serial: 0948
Authority key identifier: 7F:6B:E1:D5:A2:73:0F:C2:27:FA:FC:89:6D:13:43:32:41:78:31:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f2vh1aJzD8In-vyJbRNDMkF4MXk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/95EC5BBE0DC811F0A0561D5AC4F9AE02.roa
Signing time: Mon 11 May 2026 01:52:33 +0000
ROA not before: Mon 11 May 2026 01:52:33 +0000
ROA not after: Sun 31 Jan 2027 00:00:00 +0000
asID: 9723
IP address blocks: 1.178.2.0/23 maxlen: 24
1.178.66.0/23 maxlen: 24
1.178.80.0/24 maxlen: 24
1.178.82.0/23 maxlen: 24
1.178.84.0/23 maxlen: 24
1.178.96.0/22 maxlen: 24
1.178.175.0/24 maxlen: 24
1.178.176.0/22 maxlen: 24
1.179.0.0/23 maxlen: 24
1.179.4.0/22 maxlen: 24
1.179.8.0/22 maxlen: 24
1.179.12.0/23 maxlen: 24
1.179.16.0/21 maxlen: 24
1.179.48.0/22 maxlen: 24
1.179.62.0/23 maxlen: 24
1.179.96.0/22 maxlen: 24
58.87.0.0/20 maxlen: 20
58.87.0.0/23 maxlen: 23
58.87.2.0/23 maxlen: 23
58.87.6.0/23 maxlen: 23
58.87.8.0/23 maxlen: 23
58.87.10.0/23 maxlen: 23
58.87.12.0/23 maxlen: 23
58.87.14.0/24 maxlen: 24
58.87.15.0/24 maxlen: 24
110.238.21.0/24 maxlen: 24
110.238.24.0/24 maxlen: 24
110.238.25.0/24 maxlen: 24
110.238.144.0/21 maxlen: 21
110.238.144.0/22 maxlen: 24
110.238.240.0/23 maxlen: 24
110.239.0.0/21 maxlen: 21
110.239.15.0/24 maxlen: 24
110.239.16.0/23 maxlen: 23
110.239.26.0/24 maxlen: 24
110.239.31.0/24 maxlen: 24
110.239.32.0/22 maxlen: 22
110.239.32.0/23 maxlen: 23
110.239.128.0/20 maxlen: 20
110.239.128.0/21 maxlen: 21
110.239.176.0/21 maxlen: 21
110.239.176.0/24 maxlen: 24
110.239.178.0/24 maxlen: 24
119.12.80.0/21 maxlen: 24
119.13.0.0/23 maxlen: 23
119.13.2.0/23 maxlen: 23
119.13.2.0/24 maxlen: 24
119.13.3.0/24 maxlen: 24
119.13.4.0/23 maxlen: 23
119.13.6.0/23 maxlen: 23
119.13.8.0/23 maxlen: 23
119.13.10.0/24 maxlen: 24
119.13.48.0/23 maxlen: 23
119.13.48.0/24 maxlen: 24
119.13.49.0/24 maxlen: 24
119.13.144.0/22 maxlen: 24
119.13.176.0/22 maxlen: 23
119.13.176.0/23 maxlen: 24
119.13.178.0/24 maxlen: 24
119.13.240.0/23 maxlen: 24
121.91.96.0/23 maxlen: 24
121.91.199.0/24 maxlen: 24
123.200.128.0/20 maxlen: 20
123.200.128.0/22 maxlen: 22
123.200.133.0/24 maxlen: 24
123.200.134.0/23 maxlen: 23
123.200.136.0/22 maxlen: 22
123.200.140.0/22 maxlen: 22
123.200.144.0/22 maxlen: 22
123.200.148.0/22 maxlen: 22
123.200.152.0/21 maxlen: 21
123.200.160.0/23 maxlen: 23
123.200.162.0/23 maxlen: 23
123.200.164.0/23 maxlen: 23
123.200.165.0/24 maxlen: 24
123.200.166.0/23 maxlen: 23
123.200.168.0/23 maxlen: 23
123.200.170.0/23 maxlen: 23
123.200.172.0/24 maxlen: 24
123.200.174.0/24 maxlen: 24
123.200.175.0/24 maxlen: 24
123.200.176.0/23 maxlen: 23
123.200.179.0/24 maxlen: 24
123.200.180.0/23 maxlen: 23
123.200.182.0/23 maxlen: 23
123.200.184.0/22 maxlen: 22
123.200.186.0/23 maxlen: 23
123.200.187.0/24 maxlen: 24
123.200.188.0/23 maxlen: 23
123.200.200.0/23 maxlen: 24
123.200.208.0/21 maxlen: 21
123.200.216.0/21 maxlen: 21
123.200.240.0/23 maxlen: 24
202.83.64.0/19 maxlen: 19
202.83.64.0/22 maxlen: 22
202.83.68.0/23 maxlen: 23
202.83.70.0/23 maxlen: 23
202.83.72.0/24 maxlen: 24
202.83.73.0/24 maxlen: 24
202.83.74.0/23 maxlen: 23
202.83.76.0/22 maxlen: 22
202.83.80.0/23 maxlen: 23
202.83.82.0/24 maxlen: 24
202.83.83.0/24 maxlen: 24
202.83.84.0/22 maxlen: 22
202.83.88.0/23 maxlen: 23
202.83.90.0/23 maxlen: 23
202.83.92.0/23 maxlen: 23
202.83.94.0/24 maxlen: 24
202.83.95.0/24 maxlen: 24
202.183.96.0/20 maxlen: 20
202.183.96.0/24 maxlen: 24
202.183.97.0/24 maxlen: 24
202.183.98.0/24 maxlen: 24
202.183.100.0/23 maxlen: 23
202.183.102.0/23 maxlen: 23
202.183.102.0/24 maxlen: 24
202.183.104.0/22 maxlen: 22
202.183.108.0/24 maxlen: 24
202.183.110.0/24 maxlen: 24
202.183.111.0/24 maxlen: 24
202.183.112.0/20 maxlen: 20
202.183.112.0/23 maxlen: 23
202.183.114.0/23 maxlen: 23
202.183.116.0/23 maxlen: 23
202.183.118.0/24 maxlen: 24
202.183.119.0/24 maxlen: 24
202.183.120.0/22 maxlen: 22
202.183.124.0/23 maxlen: 23
202.183.126.0/24 maxlen: 24
202.183.127.0/24 maxlen: 24
210.56.64.0/24 maxlen: 24
210.56.68.0/23 maxlen: 24
210.56.70.0/23 maxlen: 24
220.157.64.0/24 maxlen: 24
220.157.70.0/24 maxlen: 24
220.157.71.0/24 maxlen: 24
220.157.74.0/23 maxlen: 24
220.157.79.0/24 maxlen: 24
220.157.80.0/23 maxlen: 24
220.157.82.0/23 maxlen: 24
220.157.84.0/23 maxlen: 24
220.157.86.0/23 maxlen: 24
220.157.90.0/24 maxlen: 24
220.157.91.0/24 maxlen: 24
220.157.92.0/24 maxlen: 24
220.157.93.0/24 maxlen: 24
220.157.94.0/24 maxlen: 24
220.157.95.0/24 maxlen: 24
2407:6800::/32 maxlen: 32
2407:6800:0:200::/56 maxlen: 56
2407:6800:0:300::/56 maxlen: 56
2407:6800:0:400::/56 maxlen: 56
2407:6800:0:500::/56 maxlen: 56
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/f2vh1aJzD8In-vyJbRNDMkF4MXk.crl
rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/f2vh1aJzD8In-vyJbRNDMkF4MXk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f2vh1aJzD8In-vyJbRNDMkF4MXk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 19 May 2026 22:04:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2376 (0x948)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DB4FE, serialNumber=7F6BE1D5A2730FC227FAFC896D13433241783179
Validity
Not Before: May 11 01:52:33 2026 GMT
Not After : Jan 31 00:00:00 2027 GMT
Subject: CN=6a013661-62fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e6:fb:2e:d7:f2:85:29:bd:69:36:ac:04:d8:
80:3b:29:c5:1f:36:9f:ad:aa:99:6a:aa:34:f0:e8:
ed:e9:40:e4:b3:bf:62:03:78:89:4a:5f:47:21:e8:
f6:50:fe:74:46:4b:5c:ff:49:80:30:62:bd:be:00:
ed:55:1b:36:38:8b:0b:28:07:9f:5a:3c:c9:c4:f2:
2c:d7:be:01:ea:8b:af:ad:09:c3:02:ac:0f:7d:40:
8f:b8:a9:2a:ed:71:a1:06:21:3c:01:9a:e1:2e:b2:
61:59:ca:87:e0:88:61:65:59:2c:02:43:a8:dd:b6:
49:ed:6e:55:02:2f:ae:5c:95:fa:3a:3a:c9:a9:2b:
75:40:b6:d3:aa:14:2c:ab:34:ff:8e:f2:8e:0b:36:
8c:16:a5:39:3e:0e:10:b3:4c:24:bf:b2:17:06:a3:
30:9f:72:05:73:aa:58:e8:07:64:aa:58:01:e6:64:
46:76:06:ef:9b:41:42:a3:22:9f:32:ae:e6:35:1a:
68:40:ef:23:c8:55:9b:77:11:9b:65:f2:46:ee:dc:
85:4d:35:ad:7c:70:bb:8e:ed:45:42:46:3f:25:d4:
d0:8e:63:ba:ed:b5:57:f1:2b:32:4e:67:88:82:4f:
1a:6a:1b:32:e1:8e:9f:35:20:93:31:ad:b3:19:4d:
b6:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:8F:B7:52:38:9C:30:7D:F0:5E:4E:C2:D1:BF:53:22:8B:63:25:F4
X509v3 Authority Key Identifier:
keyid:7F:6B:E1:D5:A2:73:0F:C2:27:FA:FC:89:6D:13:43:32:41:78:31:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/f2vh1aJzD8In-vyJbRNDMkF4MXk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f2vh1aJzD8In-vyJbRNDMkF4MXk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DB4FE/CF4A10EA85E111EBAFB51E84C4F9AE02/95EC5BBE0DC811F0A0561D5AC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
1.178.2.0/23
1.178.66.0/23
1.178.80.0/24
1.178.82.0-1.178.85.255
1.178.96.0/22
1.178.175.0-1.178.179.255
1.179.0.0/23
1.179.4.0-1.179.13.255
1.179.16.0/21
1.179.48.0/22
1.179.62.0/23
1.179.96.0/22
58.87.0.0/20
110.238.21.0/24
110.238.24.0/23
110.238.144.0/21
110.238.240.0/23
110.239.0.0/21
110.239.15.0-110.239.17.255
110.239.26.0/24
110.239.31.0-110.239.35.255
110.239.128.0/20
110.239.176.0/21
119.12.80.0/21
119.13.0.0-119.13.10.255
119.13.48.0/23
119.13.144.0/22
119.13.176.0/22
119.13.240.0/23
121.91.96.0/23
121.91.199.0/24
123.200.128.0-123.200.172.255
123.200.174.0-123.200.177.255
123.200.179.0-123.200.189.255
123.200.200.0/23
123.200.208.0/20
123.200.240.0/23
202.83.64.0/19
202.183.96.0/19
210.56.64.0/24
210.56.68.0/22
220.157.64.0/24
220.157.70.0/23
220.157.74.0/23
220.157.79.0-220.157.87.255
220.157.90.0-220.157.95.255
IPv6:
2407:6800::/32
Signature Algorithm: sha256WithRSAEncryption
53:e7:7c:27:d6:75:e4:f6:d7:ba:27:76:ff:16:09:be:0e:be:
6d:84:6b:26:91:da:dd:be:18:91:5f:45:9e:a6:77:41:cb:88:
c2:9e:b8:41:4d:38:0a:3b:ae:34:cf:8b:be:b5:cc:d4:f0:a9:
e9:a9:d4:47:ac:fc:67:10:db:68:dc:85:80:66:bc:37:36:15:
14:1b:f6:c1:d9:ec:f6:e8:ca:ed:89:e7:03:ae:1c:29:93:bb:
c0:d2:0d:e9:39:93:01:2c:b3:33:5d:94:ae:b4:8f:e5:d8:b0:
12:ed:c9:6c:06:3b:54:85:a1:9d:e2:e2:79:08:46:25:c5:41:
3f:f0:d5:8e:34:60:dd:7e:b1:83:0e:e6:68:cb:60:f2:56:8c:
0a:5e:0e:99:00:a3:2d:3d:d0:b6:77:2e:ef:f0:31:3e:c6:0d:
07:27:71:f9:1f:6b:29:6e:2d:02:5d:07:3e:ed:25:2d:2d:5b:
bc:64:39:51:3d:dc:16:6e:d5:e4:8f:06:24:c5:62:d3:ac:e5:
c9:6a:27:e2:49:0f:b2:b5:cc:de:d2:ce:bb:8e:69:38:dc:77:
ba:97:f4:95:44:22:f7:a8:1e:e8:46:f8:2f:cb:fa:16:13:70:
c2:fd:b1:53:4e:a5:4f:e7:d2:a5:2b:82:41:cb:6f:0e:2c:a5:
26:27:54:0f
-----BEGIN CERTIFICATE-----
MIIGujCCBaKgAwIBAgICCUgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REI0RkUxMTAvBgNVBAUTKDdGNkJFMUQ1QTI3MzBGQzIyN0ZBRkM4OTZEMTM0MzMy
NDE3ODMxNzkwHhcNMjYwNTExMDE1MjMzWhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTAxMzY2MS02MmZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuub7LtfyhSm9aTasBNiAOynFHzafraqZaqo08Ojt6UDks79iA3iJSl9HIej2
UP50Rktc/0mAMGK9vgDtVRs2OIsLKAefWjzJxPIs174B6ouvrQnDAqwPfUCPuKkq
7XGhBiE8AZrhLrJhWcqH4IhhZVksAkOo3bZJ7W5VAi+uXJX6OjrJqSt1QLbTqhQs
qzT/jvKOCzaMFqU5Pg4Qs0wkv7IXBqMwn3IFc6pY6AdkqlgB5mRGdgbvm0FCoyKf
Mq7mNRpoQO8jyFWbdxGbZfJG7tyFTTWtfHC7ju1FQkY/JdTQjmO67bVX8SsyTmeI
gk8aahsy4Y6fNSCTMa2zGU22zwIDAQABo4ID3jCCA9owHQYDVR0OBBYEFHGPt1I4
nDB98F5OwtG/UyKLYyX0MB8GA1UdIwQYMBaAFH9r4dWicw/CJ/r8iW0TQzJBeDF5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQjRGRS9DRjRBMTBFQTg1
RTExMUVCQUZCNTFFODRDNEY5QUUwMi9mMnZoMWFKekQ4SW4tdnlKYlJORE1rRjRN
WGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2YydmgxYUp6RDhJbi12eUpiUk5ETWtGNE1Yay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REI0RkUvQ0Y0QTEwRUE4NUUxMTFFQkFGQjUxRTg0QzRGOUFFMDIvOTVFQzVCQkUw
REM4MTFGMEEwNTYxRDVBQzRGOUFFMDIucm9hMIIBmwYIKwYBBQUHAQcBAf8EggGK
MIIBhjCCAXMEAgABMIIBawMEAQGyAgMEAQGyQgMEAAGyUDAMAwQBAbJSAwQBAbJU
AwQCAbJgMAwDBAABsq8DBAIBsrADBAEBswAwDAMEAgGzBAMEAQGzDAMEAwGzEAME
AgGzMAMEAQGzPgMEAgGzYAMEBDpXAAMEAG7uFQMEAW7uGAMEA27ukAMEAW7u8AME
A27vADAMAwQAbu8PAwQBbu8QAwQAbu8aMAwDBABu7x8DBAJu7yADBARu74ADBANu
77ADBAN3DFAwCwMDAHcNAwQAdw0KAwQBdw0wAwQCdw2QAwQCdw2wAwQBdw3wAwQB
eVtgAwQAeVvHMAwDBAd7yIADBAB7yKwwDAMEAXvIrgMEAXvIsDAMAwQAe8izAwQB
e8i8AwQBe8jIAwQEe8jQAwQBe8jwAwQFylNAAwQFyrdgAwQA0jhAAwQC0jhEAwQA
3J1AAwQB3J1GAwQB3J1KMAwDBADcnU8DBAPcnVAwDAMEAdydWgMEBdydQDANBAIA
AjAHAwUAJAdoADANBgkqhkiG9w0BAQsFAAOCAQEAU+d8J9Z15PbXuid2/xYJvg6+
bYRrJpHa3b4YkV9FnqZ3QcuIwp64QU04CjuuNM+LvrXM1PCp6anUR6z8ZxDbaNyF
gGa8NzYVFBv2wdns9ujK7YnnA64cKZO7wNIN6TmTASyzM12UrrSP5diwEu3JbAY7
VIWhneLieQhGJcVBP/DVjjRg3X6xgw7maMtg8laMCl4OmQCjLT3Qtncu7/AxPsYN
Bydx+R9rKW4tAl0HPu0lLS1bvGQ5UT3cFm7V5I8GJMVi06zlyWon4kkPsrXM3tLO
u45pONx3upf0lUQi96ge6Eb4L8v6FhNwwv2xU06lT+fSpSuCQctvDiylJidUDw==
-----END CERTIFICATE-----
Generated at Wed May 13 03:39:37 2026 by rpki-client