Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF26F/846EC62EA78E11E580241B62C4F9AE02/FD36E81421D811F1A613849C243D8C67.roa
File: FD36E81421D811F1A613849C243D8C67.roa (raw, json)
Hash identifier: xMe3uTHM6tqBKB0NQkZcL82NKKdrgjOH/7M5sQ6r9pY=
Subject key identifier: 9B:E1:30:2C:0C:CC:08:1F:25:EC:D1:3C:E8:37:4D:5C:9C:EF:D4:F3
Certificate issuer: /CN=A91DF26F/serialNumber=695C45DA42453B4E0B062BF17DBF44725C788387
Certificate serial: 2334
Authority key identifier: 69:5C:45:DA:42:45:3B:4E:0B:06:2B:F1:7D:BF:44:72:5C:78:83:87
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aVxF2kJFO04LBivxfb9Eclx4g4c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DF26F/846EC62EA78E11E580241B62C4F9AE02/FD36E81421D811F1A613849C243D8C67.roa
Signing time: Thu 26 Mar 2026 06:12:45 +0000
ROA not before: Thu 26 Mar 2026 06:12:45 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 55330
IP address blocks: 149.54.1.0/24 maxlen: 24
149.54.2.0/24 maxlen: 24
149.54.3.0/24 maxlen: 24
149.54.4.0/24 maxlen: 24
149.54.6.0/24 maxlen: 24
149.54.7.0/24 maxlen: 24
149.54.8.0/24 maxlen: 24
149.54.9.0/24 maxlen: 24
149.54.10.0/24 maxlen: 24
149.54.11.0/24 maxlen: 24
149.54.12.0/24 maxlen: 24
149.54.13.0/24 maxlen: 24
149.54.14.0/24 maxlen: 24
149.54.15.0/24 maxlen: 24
149.54.16.0/24 maxlen: 24
149.54.17.0/24 maxlen: 24
149.54.18.0/24 maxlen: 24
149.54.19.0/24 maxlen: 24
149.54.20.0/24 maxlen: 24
149.54.21.0/24 maxlen: 24
149.54.22.0/24 maxlen: 24
149.54.23.0/24 maxlen: 24
149.54.24.0/24 maxlen: 24
149.54.25.0/24 maxlen: 24
149.54.26.0/24 maxlen: 24
149.54.27.0/24 maxlen: 24
149.54.28.0/24 maxlen: 24
149.54.29.0/24 maxlen: 24
149.54.30.0/24 maxlen: 24
149.54.31.0/24 maxlen: 24
149.54.32.0/24 maxlen: 24
149.54.33.0/24 maxlen: 24
149.54.34.0/24 maxlen: 24
149.54.35.0/24 maxlen: 24
149.54.36.0/24 maxlen: 24
149.54.37.0/24 maxlen: 24
149.54.38.0/24 maxlen: 24
149.54.39.0/24 maxlen: 24
149.54.40.0/24 maxlen: 24
149.54.41.0/24 maxlen: 24
149.54.42.0/24 maxlen: 24
149.54.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91DF26F/846EC62EA78E11E580241B62C4F9AE02/aVxF2kJFO04LBivxfb9Eclx4g4c.crl
rsync://rpki.apnic.net/member_repository/A91DF26F/846EC62EA78E11E580241B62C4F9AE02/aVxF2kJFO04LBivxfb9Eclx4g4c.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aVxF2kJFO04LBivxfb9Eclx4g4c.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 02 Apr 2026 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9012 (0x2334)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DF26F, serialNumber=695C45DA42453B4E0B062BF17DBF44725C788387
Validity
Not Before: Mar 26 06:12:45 2026 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=69c4ce5d-5a23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:85:e8:0e:0f:a3:81:c4:87:e2:d5:68:81:c2:
00:4a:61:d9:04:95:93:c7:da:77:56:d3:69:ef:ea:
cb:7b:0c:eb:97:3f:9b:df:67:bc:ea:1e:65:77:1c:
43:b3:45:47:be:84:03:6d:9a:26:37:ab:c2:4a:53:
80:b9:dd:ac:bd:ef:3c:77:a2:51:53:50:40:d9:ed:
64:c6:01:50:31:5e:57:1a:08:6d:c7:d7:ca:27:4a:
ef:68:f1:72:aa:4e:a7:a9:82:90:1c:3d:30:25:52:
86:c9:c7:c0:c8:43:75:70:75:95:64:40:e6:dd:26:
86:90:7d:41:e6:f6:d2:6d:0f:2f:1f:3d:6d:8f:45:
24:c3:f8:27:8e:84:78:c2:01:59:71:01:5f:b3:b5:
8e:36:2f:83:8d:fd:e8:93:fe:53:e7:ae:f5:80:54:
ac:bc:f5:ae:54:6b:a9:c2:dc:53:7a:f3:69:a6:10:
09:af:6f:d0:78:98:a9:ce:5c:0f:d5:69:b1:2e:43:
6b:84:46:b9:f9:ab:46:88:8b:9a:a2:59:02:6c:df:
c4:d1:43:dd:5d:79:04:a8:da:53:af:bd:02:6c:c2:
a3:24:03:e8:69:7f:fb:ff:87:15:2f:bc:fc:6d:01:
39:15:b1:c8:23:e4:06:71:7c:cf:b2:44:51:b1:ab:
2a:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:E1:30:2C:0C:CC:08:1F:25:EC:D1:3C:E8:37:4D:5C:9C:EF:D4:F3
X509v3 Authority Key Identifier:
keyid:69:5C:45:DA:42:45:3B:4E:0B:06:2B:F1:7D:BF:44:72:5C:78:83:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DF26F/846EC62EA78E11E580241B62C4F9AE02/aVxF2kJFO04LBivxfb9Eclx4g4c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aVxF2kJFO04LBivxfb9Eclx4g4c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF26F/846EC62EA78E11E580241B62C4F9AE02/FD36E81421D811F1A613849C243D8C67.roa
sbgp-ipAddrBlock: critical
IPv4:
149.54.1.0-149.54.4.255
149.54.6.0-149.54.43.255
Signature Algorithm: sha256WithRSAEncryption
bb:17:c1:7c:69:da:d7:5d:d0:1d:76:eb:8f:af:0e:b0:bc:e0:
a4:2f:10:36:00:c7:ee:ba:3b:92:79:a1:81:f3:e1:3f:02:63:
38:ec:fa:6a:e7:4a:bd:bd:0a:f8:d3:4a:50:c2:99:92:21:19:
a9:3d:c7:28:cc:5f:6a:0a:b8:e2:6e:52:84:b5:2f:8a:41:db:
b3:a1:ef:b9:a1:a3:b7:75:11:57:6e:c1:b7:b4:64:3e:d8:1d:
fe:2b:10:69:5d:c0:8d:3d:88:f6:dc:fa:39:b9:91:08:f2:68:
c7:74:fc:ad:89:a8:68:93:03:4c:5f:94:81:5c:dc:04:63:dd:
25:cb:01:68:a0:58:e9:2a:dc:33:d2:eb:81:ea:fe:96:af:58:
13:97:fc:8f:b6:df:fd:3a:ce:2e:59:b1:88:79:81:7b:6f:1e:
35:1f:e2:cf:29:59:3e:c3:57:bb:fd:28:c9:bc:b3:d8:0a:cb:
e2:35:b6:55:69:2c:25:23:67:a6:e0:9c:2e:4a:3f:d0:b7:14:
c4:34:96:7e:60:65:ef:44:f1:b9:96:7d:3b:88:d8:69:6d:a1:
1b:ea:e0:10:b0:85:ef:37:24:f3:b1:85:6b:84:b5:d3:48:fa:
8c:4d:17:ae:1b:01:5d:f9:54:35:3d:3e:40:b5:29:73:05:24:
aa:1f:a4:9a
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgICIzQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REYyNkYxMTAvBgNVBAUTKDY5NUM0NURBNDI0NTNCNEUwQjA2MkJGMTdEQkY0NDcy
NUM3ODgzODcwHhcNMjYwMzI2MDYxMjQ1WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWM0Y2U1ZC01YTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx4XoDg+jgcSH4tVogcIASmHZBJWTx9p3VtNp7+rLewzrlz+b32e86h5ldxxD
s0VHvoQDbZomN6vCSlOAud2sve88d6JRU1BA2e1kxgFQMV5XGghtx9fKJ0rvaPFy
qk6nqYKQHD0wJVKGycfAyEN1cHWVZEDm3SaGkH1B5vbSbQ8vHz1tj0Ukw/gnjoR4
wgFZcQFfs7WONi+Djf3ok/5T5671gFSsvPWuVGupwtxTevNpphAJr2/QeJipzlwP
1WmxLkNrhEa5+atGiIuaolkCbN/E0UPdXXkEqNpTr70CbMKjJAPoaX/7/4cVL7z8
bQE5FbHII+QGcXzPskRRsasquQIDAQABo4ICdjCCAnIwHQYDVR0OBBYEFJvhMCwM
zAgfJezRPOg3TVyc79TzMB8GA1UdIwQYMBaAFGlcRdpCRTtOCwYr8X2/RHJceIOH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjI2Ri84NDZFQzYyRUE3
OEUxMUU1ODAyNDFCNjJDNEY5QUUwMi9hVnhGMmtKRk8wNExCaXZ4ZmI5RWNseDRn
NGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2FWeEYya0pGTzA0TEJpdnhmYjlFY2x4NGc0Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REYyNkYvODQ2RUM2MkVBNzhFMTFFNTgwMjQxQjYyQzRGOUFFMDIvRkQzNkU4MTQy
MUQ4MTFGMUE2MTM4NDlDMjQzRDhDNjcucm9hMDUGCCsGAQUFBwEHAQH/BCYwJDAi
BAIAATAcMAwDBACVNgEDBACVNgQwDAMEAZU2BgMEApU2KDANBgkqhkiG9w0BAQsF
AAOCAQEAuxfBfGna113QHXbrj68OsLzgpC8QNgDH7ro7knmhgfPhPwJjOOz6audK
vb0K+NNKUMKZkiEZqT3HKMxfagq44m5ShLUvikHbs6HvuaGjt3URV27Bt7RkPtgd
/isQaV3AjT2I9tz6ObmRCPJox3T8rYmoaJMDTF+UgVzcBGPdJcsBaKBY6SrcM9Lr
ger+lq9YE5f8j7bf/TrOLlmxiHmBe28eNR/izylZPsNXu/0oybyz2ArL4jW2VWks
JSNnpuCcLko/0LcUxDSWfmBl70TxuZZ9O4jYaW2hG+rgELCF7zck87GFa4S100j6
jE0XrhsBXflUNT0+QLUpcwUkqh+kmg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:48:54 2026 by rpki-client