Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2364/8FE71786FF9B11E9B7F4A772C4F9AE02/FED80F56E19811EC860C6F38C4F9AE02.roa
File: FED80F56E19811EC860C6F38C4F9AE02.roa (raw, json)
Hash identifier: tYrptTReRqZO1YPDqoVNFDI5YhGz7SlI6PvwAcljtcA=
Subject key identifier: 45:B6:9B:57:7B:F7:9C:D4:C6:3B:FF:41:1B:1B:20:03:E7:63:72:77
Certificate issuer: /CN=A91E2364/serialNumber=647B149EF016CC5356A7ED730F133E002C0E7FAA
Certificate serial: 0D34
Authority key identifier: 64:7B:14:9E:F0:16:CC:53:56:A7:ED:73:0F:13:3E:00:2C:0E:7F:AA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZHsUnvAWzFNWp-1zDxM-ACwOf6o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E2364/8FE71786FF9B11E9B7F4A772C4F9AE02/FED80F56E19811EC860C6F38C4F9AE02.roa
Signing time: Sun 01 Mar 2026 15:34:59 +0000
ROA not before: Fri 28 Nov 2025 17:50:25 +0000
ROA not after: Sun 31 Jan 2027 00:00:00 +0000
asID: 45498
IP address blocks: 27.109.112.0/22 maxlen: 22
27.109.112.0/23 maxlen: 23
27.109.112.0/24 maxlen: 24
27.109.113.0/24 maxlen: 24
27.109.114.0/23 maxlen: 23
27.109.114.0/24 maxlen: 24
27.109.115.0/24 maxlen: 24
103.145.136.0/23 maxlen: 23
103.145.136.0/24 maxlen: 24
103.145.137.0/24 maxlen: 24
117.20.112.0/21 maxlen: 21
117.20.112.0/22 maxlen: 24
117.20.116.0/22 maxlen: 24
202.93.153.0/24 maxlen: 24
202.129.236.0/24 maxlen: 24
203.118.242.0/24 maxlen: 24
2401:9700:1000::/40 maxlen: 42
2401:9700:1010::/48 maxlen: 48
2401:9700:2000::/40 maxlen: 42
2401:9700:2100::/40 maxlen: 42
2401:9700:2200::/40 maxlen: 42
2401:9700:2300::/40 maxlen: 42
2401:9700:2400::/40 maxlen: 42
2401:9700:2500::/40 maxlen: 42
2401:9700:3000::/40 maxlen: 42
2401:9700:4000::/40 maxlen: 42
2401:9700:5000::/40 maxlen: 42
2401:9700:6000::/40 maxlen: 42
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E2364/8FE71786FF9B11E9B7F4A772C4F9AE02/ZHsUnvAWzFNWp-1zDxM-ACwOf6o.crl
rsync://rpki.apnic.net/member_repository/A91E2364/8FE71786FF9B11E9B7F4A772C4F9AE02/ZHsUnvAWzFNWp-1zDxM-ACwOf6o.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZHsUnvAWzFNWp-1zDxM-ACwOf6o.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 02 Apr 2026 18:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3380 (0xd34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E2364, serialNumber=647B149EF016CC5356A7ED730F133E002C0E7FAA
Validity
Not Before: Nov 28 17:50:25 2025 GMT
Not After : Jan 31 00:00:00 2027 GMT
Subject: CN=69a45ca3-fdf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:aa:6c:ad:78:2f:25:fa:21:e8:7b:69:76:8e:
f7:20:55:23:c0:99:f0:d5:95:94:82:9e:6e:4c:06:
22:80:0b:3a:03:89:57:07:15:04:58:9d:67:de:1b:
06:73:a1:ce:c4:c5:63:a2:fa:3d:86:c4:37:79:c3:
57:e3:e1:18:14:07:82:77:b5:5b:78:b0:22:1e:83:
28:6d:0d:d8:bf:24:49:8c:35:50:45:2c:f5:5f:d8:
b8:31:a8:36:01:4a:ce:f8:d8:70:27:e0:e4:d9:e2:
44:cc:22:25:11:62:26:48:68:7f:0a:f8:28:00:b9:
d3:0f:a3:8d:72:f1:44:3f:2e:7c:e8:b4:d5:c0:ca:
08:02:59:f2:fe:d1:32:79:04:72:98:76:4d:0e:eb:
68:71:9b:26:de:a3:22:b2:24:4f:21:34:e7:04:aa:
42:05:14:2b:d5:47:ac:4f:1b:08:c2:41:ee:ef:35:
36:76:57:cd:6b:73:61:83:05:5b:c7:67:8f:c5:2f:
c4:c6:04:4a:f7:6b:38:b0:db:e8:4b:9d:e5:b0:41:
06:bf:51:ae:7c:1f:e4:e2:c6:2d:c0:6b:a3:61:a5:
54:8a:38:0d:c4:bb:a8:8f:eb:18:bc:e2:1b:b1:ad:
15:9c:c6:75:03:00:ed:cb:31:db:b5:75:22:7c:82:
76:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:B6:9B:57:7B:F7:9C:D4:C6:3B:FF:41:1B:1B:20:03:E7:63:72:77
X509v3 Authority Key Identifier:
keyid:64:7B:14:9E:F0:16:CC:53:56:A7:ED:73:0F:13:3E:00:2C:0E:7F:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E2364/8FE71786FF9B11E9B7F4A772C4F9AE02/ZHsUnvAWzFNWp-1zDxM-ACwOf6o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZHsUnvAWzFNWp-1zDxM-ACwOf6o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2364/8FE71786FF9B11E9B7F4A772C4F9AE02/FED80F56E19811EC860C6F38C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
27.109.112.0/22
103.145.136.0/23
117.20.112.0/21
202.93.153.0/24
202.129.236.0/24
203.118.242.0/24
IPv6:
2401:9700:1000::/40
2401:9700:2000::-2401:9700:25ff:ffff:ffff:ffff:ffff:ffff
2401:9700:3000::/40
2401:9700:4000::/40
2401:9700:5000::/40
2401:9700:6000::/40
Signature Algorithm: sha256WithRSAEncryption
a4:94:c3:9a:3d:e2:23:74:5a:1a:87:b7:e4:44:8b:50:d6:73:
ec:f3:33:82:97:35:37:0d:fd:8d:7a:38:b0:b9:62:73:19:6b:
1e:d6:a2:27:14:5f:73:5d:cd:18:5a:59:2d:f9:df:7a:24:3b:
23:5d:a2:78:af:e8:92:bc:f0:bf:76:0c:55:7c:0a:15:b6:d3:
c5:de:63:0f:6e:44:9c:27:5b:b0:17:19:90:af:07:68:ba:47:
f6:a8:39:57:6e:50:fd:12:83:cf:ba:ff:bf:37:95:62:33:d1:
f3:a2:2c:09:3a:b8:f0:16:46:c2:e0:07:01:dd:b4:83:8b:f3:
66:a0:ba:28:a3:f6:d6:e0:11:ee:1a:e7:45:d9:ba:82:b1:c8:
8f:5d:d5:98:89:be:99:c8:4c:90:bb:b4:29:6f:87:cb:b8:10:
b3:0f:3d:ff:67:39:7e:77:b7:7d:08:25:93:c5:f2:03:cc:32:
bd:af:a4:55:1b:8c:46:70:2f:4e:51:48:ab:ff:08:ea:1c:20:
91:cd:82:b5:79:95:6f:cc:ef:6c:c3:49:e8:e2:05:2b:39:2d:
9a:03:25:b2:18:40:b4:3c:d8:37:9c:61:c4:1a:ee:eb:c9:6a:
97:70:86:48:06:37:d4:5d:a4:82:79:f1:08:a4:14:20:81:42:
62:99:ce:95
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgICDTQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTIzNjQxMTAvBgNVBAUTKDY0N0IxNDlFRjAxNkNDNTM1NkE3RUQ3MzBGMTMzRTAw
MkMwRTdGQUEwHhcNMjUxMTI4MTc1MDI1WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NWNhMy1mZGY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn6psrXgvJfoh6Htpdo73IFUjwJnw1ZWUgp5uTAYigAs6A4lXBxUEWJ1n3hsG
c6HOxMVjovo9hsQ3ecNX4+EYFAeCd7VbeLAiHoMobQ3YvyRJjDVQRSz1X9i4Mag2
AUrO+NhwJ+Dk2eJEzCIlEWImSGh/CvgoALnTD6ONcvFEPy586LTVwMoIAlny/tEy
eQRymHZNDutocZsm3qMisiRPITTnBKpCBRQr1UesTxsIwkHu7zU2dlfNa3NhgwVb
x2ePxS/ExgRK92s4sNvoS53lsEEGv1GufB/k4sYtwGujYaVUijgNxLuoj+sYvOIb
sa0VnMZ1AwDtyzHbtXUifIJ2IQIDAQABo4ICwDCCArwwHQYDVR0OBBYEFEW2m1d7
95zUxjv/QRsbIAPnY3J3MB8GA1UdIwQYMBaAFGR7FJ7wFsxTVqftcw8TPgAsDn+q
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjM2NC84RkU3MTc4NkZG
OUIxMUU5QjdGNEE3NzJDNEY5QUUwMi9aSHNVbnZBV3pGTldwLTF6RHhNLUFDd09m
Nm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pIc1VudkFXekZOV3AtMXpEeE0tQUN3T2Y2by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTIzNjQvOEZFNzE3ODZGRjlCMTFFOUI3RjRBNzcyQzRGOUFFMDIvRkVEODBGNTZF
MTk4MTFFQzg2MEM2RjM4QzRGOUFFMDIucm9hMH8GCCsGAQUFBwEHAQH/BHAwbjAq
BAIAATAkAwQCG21wAwQBZ5GIAwQDdRRwAwQAyl2ZAwQAyoHsAwQAy3byMEAEAgAC
MDoDBgAkAZcAEDAQAwYFJAGXACADBgEkAZcAJAMGACQBlwAwAwYAJAGXAEADBgAk
AZcAUAMGACQBlwBgMA0GCSqGSIb3DQEBCwUAA4IBAQCklMOaPeIjdFoah7fkRItQ
1nPs8zOClzU3Df2NejiwuWJzGWse1qInFF9zXc0YWlkt+d96JDsjXaJ4r+iSvPC/
dgxVfAoVttPF3mMPbkScJ1uwFxmQrwdoukf2qDlXblD9EoPPuv+/N5ViM9HzoiwJ
OrjwFkbC4AcB3bSDi/NmoLooo/bW4BHuGudF2bqCsciPXdWYib6ZyEyQu7Qpb4fL
uBCzDz3/Zzl+d7d9CCWTxfIDzDK9r6RVG4xGcC9OUUir/wjqHCCRzYK1eZVvzO9s
w0no4gUrOS2aAyWyGEC0PNg3nGHEGu7ryWqXcIZIBjfUXaSCefEIpBQggUJimc6V
-----END CERTIFICATE-----
Generated at Sat Mar 28 13:40:53 2026 by rpki-client