Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DCAE8/8B6ADE141D9311E292CB23F708B02CD2/56F533B4A63011EEA6054D52C4F9AE02.roa
File: 56F533B4A63011EEA6054D52C4F9AE02.roa (raw, json)
Hash identifier: 0iMCnY3705MLKSQeDX6iv1qsWDcFTiwdaLS+CFP3lvY=
Subject key identifier: 3D:7B:BD:AA:6D:41:05:67:79:90:3C:8A:51:BD:EE:AA:65:DF:A3:1A
Certificate issuer: /CN=A91DCAE8/serialNumber=AAB0E2B62F6343895730C05488E7FC4E26C51A6C
Certificate serial: 3591
Authority key identifier: AA:B0:E2:B6:2F:63:43:89:57:30:C0:54:88:E7:FC:4E:26:C5:1A:6C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qrDiti9jQ4lXMMBUiOf8TibFGmw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DCAE8/8B6ADE141D9311E292CB23F708B02CD2/56F533B4A63011EEA6054D52C4F9AE02.roa
Signing time: Mon 02 Mar 2026 12:40:11 +0000
ROA not before: Thu 22 Jan 2026 07:01:15 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 38235
IP address blocks: 103.90.148.0/22 maxlen: 24
103.120.132.0/22 maxlen: 24
103.141.164.0/23 maxlen: 24
103.206.76.0/22 maxlen: 24
116.212.128.0/19 maxlen: 24
150.107.4.0/22 maxlen: 22
150.107.4.0/24 maxlen: 24
150.107.5.0/24 maxlen: 24
150.107.6.0/24 maxlen: 24
150.107.7.0/24 maxlen: 24
160.202.32.0/24 maxlen: 24
160.202.33.0/24 maxlen: 24
160.202.34.0/24 maxlen: 24
160.202.35.0/24 maxlen: 24
202.37.179.0/24 maxlen: 24
202.57.208.0/24 maxlen: 24
202.57.209.0/24 maxlen: 24
202.57.210.0/23 maxlen: 23
202.57.210.0/24 maxlen: 24
202.57.211.0/24 maxlen: 24
203.147.128.0/20 maxlen: 24
203.171.252.0/22 maxlen: 24
203.176.128.0/21 maxlen: 22
203.176.128.0/23 maxlen: 24
203.176.130.0/24 maxlen: 24
203.176.131.0/24 maxlen: 24
203.176.132.0/24 maxlen: 24
203.176.133.0/24 maxlen: 24
203.176.134.0/24 maxlen: 24
203.176.135.0/24 maxlen: 24
203.176.136.0/21 maxlen: 22
203.176.136.0/24 maxlen: 24
203.176.137.0/24 maxlen: 24
203.176.138.0/23 maxlen: 24
203.176.140.0/22 maxlen: 24
210.247.192.0/20 maxlen: 24
2405:da00::/32 maxlen: 36
2405:da00::/40 maxlen: 40
2405:da00::/48 maxlen: 48
2405:da00:1::/48 maxlen: 48
2405:da00:10::/44 maxlen: 44
2405:da00:99::/48 maxlen: 48
2405:da00:100::/40 maxlen: 40
2405:da00:200::/40 maxlen: 40
2405:da00:300::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91DCAE8/8B6ADE141D9311E292CB23F708B02CD2/qrDiti9jQ4lXMMBUiOf8TibFGmw.crl
rsync://rpki.apnic.net/member_repository/A91DCAE8/8B6ADE141D9311E292CB23F708B02CD2/qrDiti9jQ4lXMMBUiOf8TibFGmw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qrDiti9jQ4lXMMBUiOf8TibFGmw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 14:45:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13713 (0x3591)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DCAE8, serialNumber=AAB0E2B62F6343895730C05488E7FC4E26C51A6C
Validity
Not Before: Jan 22 07:01:15 2026 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=69a5852b-4c3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:df:11:c1:c6:80:16:d6:84:bf:8d:10:94:2f:
2b:ae:a6:c1:9f:8b:1e:e8:8f:4f:56:78:1a:75:d9:
c3:9d:3f:bd:d5:f9:7e:cc:d1:0e:d2:50:7d:71:0e:
f4:b2:a3:b7:e1:77:85:92:5d:85:7f:4a:9b:f6:45:
62:bd:fe:c0:f8:04:17:43:6e:7f:14:03:cd:d9:9e:
fe:f8:ec:42:48:bd:d0:03:ad:ae:c1:a6:89:a9:af:
f5:45:56:a0:5f:a1:a7:f0:a0:17:2e:b7:d4:43:cd:
d3:e1:46:6c:93:e1:b4:58:b2:e0:14:07:01:26:67:
5f:84:d0:c2:21:e1:4f:86:8a:30:e7:11:51:60:3a:
c7:54:57:cc:6e:11:57:40:0e:7c:3e:40:3c:e8:83:
69:5a:2c:06:da:7c:f2:bb:bb:57:02:f5:70:00:d0:
1c:84:a0:24:54:0a:b3:71:db:ef:01:dc:8f:54:62:
ad:1d:0c:a3:83:0b:14:66:80:b7:7a:62:4b:bc:6c:
4b:4b:a4:30:81:dd:6a:3f:6e:c5:ce:9b:8d:75:83:
89:21:45:3e:05:cb:d2:d2:ec:45:5a:fb:27:75:0e:
35:29:ed:bb:b1:13:0e:11:ce:32:18:78:4b:b6:78:
35:d9:32:75:a1:6e:41:68:3f:ea:6f:68:1e:43:97:
d2:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:7B:BD:AA:6D:41:05:67:79:90:3C:8A:51:BD:EE:AA:65:DF:A3:1A
X509v3 Authority Key Identifier:
keyid:AA:B0:E2:B6:2F:63:43:89:57:30:C0:54:88:E7:FC:4E:26:C5:1A:6C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DCAE8/8B6ADE141D9311E292CB23F708B02CD2/qrDiti9jQ4lXMMBUiOf8TibFGmw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qrDiti9jQ4lXMMBUiOf8TibFGmw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DCAE8/8B6ADE141D9311E292CB23F708B02CD2/56F533B4A63011EEA6054D52C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.90.148.0/22
103.120.132.0/22
103.141.164.0/23
103.206.76.0/22
116.212.128.0/19
150.107.4.0/22
160.202.32.0/22
202.37.179.0/24
202.57.208.0/22
203.147.128.0/20
203.171.252.0/22
203.176.128.0/20
210.247.192.0/20
IPv6:
2405:da00::/32
Signature Algorithm: sha256WithRSAEncryption
b1:0d:ac:cf:67:61:34:f5:5e:1a:5b:bd:1b:29:6e:9d:27:f4:
dc:43:bc:c6:14:a1:1c:43:6f:4d:a3:3c:e9:4f:07:9b:e2:94:
a3:f9:55:64:5d:5d:1d:79:2a:0e:c9:46:9e:31:a6:07:9f:90:
86:7c:ff:c6:8c:ec:90:3c:4a:ac:c9:f9:86:02:ca:7b:19:87:
e2:b8:fc:90:23:d0:99:09:8b:cb:8f:54:72:a4:11:10:78:a4:
49:4f:cd:81:ea:2c:c6:b5:2c:72:f5:a8:9c:0a:9b:bf:fb:5a:
ab:98:7b:73:e5:c8:27:41:fb:8d:42:d3:4c:76:fe:6c:df:e8:
c0:f2:75:38:a8:ff:2f:78:03:76:d6:fb:07:b4:3e:77:97:d8:
4d:e9:74:b8:de:0b:db:e0:81:67:2d:1d:80:87:3d:5a:9a:1a:
34:0a:4d:8f:c4:68:0b:31:92:e3:69:76:83:91:34:bf:53:fd:
0e:e0:b7:59:cd:59:46:4b:ff:d2:61:0d:67:14:b1:3a:6c:57:
11:fe:c4:1d:2a:59:6f:8b:fc:4a:75:38:df:2c:0e:84:b8:65:
4c:ec:e9:5c:35:7a:4c:28:aa:60:bf:14:ae:ce:86:1b:74:95:
87:2b:f1:75:61:01:40:eb:f9:fd:58:9c:38:99:f2:f7:95:35:
48:be:ae:0f
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICNZEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RENBRTgxMTAvBgNVBAUTKEFBQjBFMkI2MkY2MzQzODk1NzMwQzA1NDg4RTdGQzRF
MjZDNTFBNkMwHhcNMjYwMTIyMDcwMTE1WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE1ODUyYi00YzNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2N8RwcaAFtaEv40QlC8rrqbBn4se6I9PVngaddnDnT+91fl+zNEO0lB9cQ70
sqO34XeFkl2Ff0qb9kVivf7A+AQXQ25/FAPN2Z7++OxCSL3QA62uwaaJqa/1RVag
X6Gn8KAXLrfUQ83T4UZsk+G0WLLgFAcBJmdfhNDCIeFPhoow5xFRYDrHVFfMbhFX
QA58PkA86INpWiwG2nzyu7tXAvVwANAchKAkVAqzcdvvAdyPVGKtHQyjgwsUZoC3
emJLvGxLS6Qwgd1qP27FzpuNdYOJIUU+BcvS0uxFWvsndQ41Ke27sRMOEc4yGHhL
tng12TJ1oW5BaD/qb2geQ5fSYwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFD17vapt
QQVneZA8ilG97qpl36MaMB8GA1UdIwQYMBaAFKqw4rYvY0OJVzDAVIjn/E4mxRps
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQ0FFOC84QjZBREUxNDFE
OTMxMUUyOTJDQjIzRjcwOEIwMkNEMi9xckRpdGk5alE0bFhNTUJVaU9mOFRpYkZH
bXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FyRGl0aTlqUTRsWE1NQlVpT2Y4VGliRkdtdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RENBRTgvOEI2QURFMTQxRDkzMTFFMjkyQ0IyM0Y3MDhCMDJDRDIvNTZGNTMzQjRB
NjMwMTFFRUE2MDU0RDUyQzRGOUFFMDIucm9hMHYGCCsGAQUFBwEHAQH/BGcwZTBU
BAIAATBOAwQCZ1qUAwQCZ3iEAwQBZ42kAwQCZ85MAwQFdNSAAwQClmsEAwQCoMog
AwQAyiWzAwQCyjnQAwQEy5OAAwQCy6v8AwQEy7CAAwQE0vfAMA0EAgACMAcDBQAk
BdoAMA0GCSqGSIb3DQEBCwUAA4IBAQCxDazPZ2E09V4aW70bKW6dJ/TcQ7zGFKEc
Q29NozzpTweb4pSj+VVkXV0deSoOyUaeMaYHn5CGfP/GjOyQPEqsyfmGAsp7GYfi
uPyQI9CZCYvLj1RypBEQeKRJT82B6izGtSxy9aicCpu/+1qrmHtz5cgnQfuNQtNM
dv5s3+jA8nU4qP8veAN21vsHtD53l9hN6XS43gvb4IFnLR2Ahz1amho0Ck2PxGgL
MZLjaXaDkTS/U/0O4LdZzVlGS//SYQ1nFLE6bFcR/sQdKllvi/xKdTjfLA6EuGVM
7OlcNXpMKKpgvxSuzoYbdJWHK/F1YQFA6/n9WJw4mfL3lTVIvq4P
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:39:20 2026 by rpki-client