Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/6954A6281D1811F1BB26F0200F3D8C67.roa
File: 6954A6281D1811F1BB26F0200F3D8C67.roa (raw, json)
Hash identifier: KMQkYHwxx5aSS7rydydLWp6dwej9Nv7JCvCAwY0nrqA=
Subject key identifier: 81:F3:20:60:A0:9A:C8:4C:83:13:40:ED:AA:28:D7:FC:5E:91:66:73
Certificate issuer: /CN=A91E4D3D/serialNumber=C8070FD061A851FF8AEDE0DE0C3607EEB98FF701
Certificate serial: 06A1
Authority key identifier: C8:07:0F:D0:61:A8:51:FF:8A:ED:E0:DE:0C:36:07:EE:B9:8F:F7:01
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/6954A6281D1811F1BB26F0200F3D8C67.roa
Signing time: Mon 11 May 2026 14:20:23 +0000
ROA not before: Mon 11 May 2026 14:20:22 +0000
ROA not after: Wed 31 Mar 2027 00:00:00 +0000
asID: 13150
IP address blocks: 103.203.220.0/24 maxlen: 24
103.203.221.0/24 maxlen: 24
103.203.222.0/24 maxlen: 24
103.203.223.0/24 maxlen: 24
113.30.128.0/24 maxlen: 24
113.30.130.0/24 maxlen: 24
113.30.131.0/24 maxlen: 24
113.30.132.0/24 maxlen: 24
113.30.133.0/24 maxlen: 24
113.30.134.0/24 maxlen: 24
113.30.135.0/24 maxlen: 24
113.30.136.0/24 maxlen: 24
113.30.137.0/24 maxlen: 24
123.253.152.0/24 maxlen: 24
123.253.153.0/24 maxlen: 24
123.253.154.0/24 maxlen: 24
123.253.155.0/24 maxlen: 24
150.195.208.0/24 maxlen: 24
150.195.209.0/24 maxlen: 24
150.195.210.0/24 maxlen: 24
150.195.211.0/24 maxlen: 24
150.195.212.0/24 maxlen: 24
150.195.214.0/24 maxlen: 24
150.195.217.0/24 maxlen: 24
150.195.218.0/24 maxlen: 24
150.195.219.0/24 maxlen: 24
150.195.220.0/24 maxlen: 24
150.195.221.0/24 maxlen: 24
150.195.222.0/24 maxlen: 24
150.195.223.0/24 maxlen: 24
202.75.240.0/24 maxlen: 24
202.75.242.0/24 maxlen: 24
202.75.243.0/24 maxlen: 24
202.75.244.0/24 maxlen: 24
202.75.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.crl
rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 19 May 2026 22:48:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1697 (0x6a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4D3D, serialNumber=C8070FD061A851FF8AEDE0DE0C3607EEB98FF701
Validity
Not Before: May 11 14:20:22 2026 GMT
Not After : Mar 31 00:00:00 2027 GMT
Subject: CN=6a01e5a6-85cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:64:71:e7:5a:87:c5:c8:cb:c7:0e:8b:22:83:
45:53:36:3f:94:f6:a1:0d:aa:d5:9c:01:85:27:44:
8d:8a:9b:e8:8a:f9:ec:ac:7e:6c:1c:3a:7a:de:d8:
73:bc:c2:0c:57:64:4c:3d:a8:d0:f9:50:a7:44:48:
d6:65:55:a5:bf:5a:9b:f1:68:3d:be:15:d7:07:92:
aa:a7:76:06:c9:82:ee:72:7e:c1:41:a5:6c:d6:9f:
36:b5:a9:e2:b2:fe:c2:1e:25:cb:30:21:a9:42:fe:
ac:82:e4:a5:e1:9e:5f:ef:23:6b:10:31:6d:2b:21:
07:26:66:04:66:a8:14:ed:f1:06:e6:ca:07:51:a1:
f5:33:eb:a3:e1:7e:27:73:b7:55:d3:93:b5:3f:31:
08:ca:47:db:2a:b6:10:41:1e:f3:d7:2b:b1:46:35:
4c:70:4d:39:2c:c1:5c:c7:35:8d:30:13:62:29:57:
17:65:f7:3d:fc:2b:34:36:ed:4f:de:10:98:1d:db:
73:a3:01:03:c6:2a:ed:d7:fc:7c:b2:25:e2:fd:6c:
79:b0:5a:fa:4a:dc:16:ea:cc:1b:86:c1:fa:6c:e8:
c7:53:5a:58:df:af:5f:81:74:53:51:52:fc:52:56:
9d:95:ab:a4:01:b4:4d:92:87:76:73:1c:25:ae:a9:
38:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:F3:20:60:A0:9A:C8:4C:83:13:40:ED:AA:28:D7:FC:5E:91:66:73
X509v3 Authority Key Identifier:
keyid:C8:07:0F:D0:61:A8:51:FF:8A:ED:E0:DE:0C:36:07:EE:B9:8F:F7:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/6954A6281D1811F1BB26F0200F3D8C67.roa
sbgp-ipAddrBlock: critical
IPv4:
103.203.220.0/22
113.30.128.0/24
113.30.130.0-113.30.137.255
123.253.152.0/22
150.195.208.0-150.195.212.255
150.195.214.0/24
150.195.217.0-150.195.223.255
202.75.240.0/24
202.75.242.0-202.75.244.255
202.75.246.0/24
Signature Algorithm: sha256WithRSAEncryption
71:78:d5:2a:55:65:d3:a3:af:31:4d:09:9c:28:4b:d5:a1:ff:
b8:f0:d1:0c:62:b5:b8:a4:73:bf:a4:7c:fc:e7:10:0b:e9:cf:
4b:04:b1:fb:68:41:5b:fe:29:75:35:73:a4:49:d6:91:de:00:
20:50:f8:11:ca:2d:c1:87:f3:97:59:3e:20:9e:a6:a3:c4:4d:
01:a3:0c:ba:9e:f2:65:d5:c7:81:9a:e5:09:ea:1a:5f:ab:6b:
fe:99:8b:e2:8d:48:eb:09:57:e0:73:48:de:ab:6f:9f:1d:b3:
ab:de:00:0b:a0:97:72:41:ff:2d:11:f8:85:9c:a2:12:82:d1:
e2:a4:f1:87:b8:14:6a:3d:f4:2e:d4:59:45:8e:b9:60:19:b2:
97:21:da:54:06:d9:25:98:74:b0:a5:68:14:ea:00:b6:18:e9:
1b:a5:21:47:de:ec:55:3f:39:00:5d:2c:fe:c3:5c:bf:f6:c2:
c9:06:bb:51:83:cf:5d:87:f2:af:39:f8:c8:54:64:ff:4d:75:
86:dc:ba:5a:d1:e8:91:ed:11:09:fd:62:29:97:e2:5e:20:d4:
a6:89:4a:47:87:83:e8:ea:85:a2:37:2a:cb:4e:6d:d0:3c:46:
ad:78:d3:ae:86:c8:63:3b:e6:00:b1:f6:f1:10:87:95:b6:8d:
03:e6:52:50
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICBqEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTREM0QxMTAvBgNVBAUTKEM4MDcwRkQwNjFBODUxRkY4QUVERTBERTBDMzYwN0VF
Qjk4RkY3MDEwHhcNMjYwNTExMTQyMDIyWhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTAxZTVhNi04NWNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsmRx51qHxcjLxw6LIoNFUzY/lPahDarVnAGFJ0SNipvoivnsrH5sHDp63thz
vMIMV2RMPajQ+VCnREjWZVWlv1qb8Wg9vhXXB5Kqp3YGyYLucn7BQaVs1p82tani
sv7CHiXLMCGpQv6sguSl4Z5f7yNrEDFtKyEHJmYEZqgU7fEG5soHUaH1M+uj4X4n
c7dV05O1PzEIykfbKrYQQR7z1yuxRjVMcE05LMFcxzWNMBNiKVcXZfc9/Cs0Nu1P
3hCYHdtzowEDxirt1/x8siXi/Wx5sFr6StwW6swbhsH6bOjHU1pY369fgXRTUVL8
UladlaukAbRNkod2cxwlrqk45QIDAQABo4ICtjCCArIwHQYDVR0OBBYEFIHzIGCg
mshMgxNA7aoo1/xekWZzMB8GA1UdIwQYMBaAFMgHD9BhqFH/iu3g3gw2B+65j/cB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEQzRC9CMDIwMkQzMkQ4
QjkxMUVCQUJDMUY0ODVDNEY5QUUwMi95QWNQMEdHb1VmLUs3ZURlRERZSDdybVA5
d0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lBY1AwR0dvVWYtSzdlRGVERFlIN3JtUDl3RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTREM0QvQjAyMDJEMzJEOEI5MTFFQkFCQzFGNDg1QzRGOUFFMDIvNjk1NEE2Mjgx
RDE4MTFGMUJCMjZGMDIwMEYzRDhDNjcucm9hMHUGCCsGAQUFBwEHAQH/BGYwZDBi
BAIAATBcAwQCZ8vcAwQAcR6AMAwDBAFxHoIDBAFxHogDBAJ7/ZgwDAMEBJbD0AME
AJbD1AMEAJbD1jAMAwQAlsPZAwQFlsPAAwQAykvwMAwDBAHKS/IDBADKS/QDBADK
S/YwDQYJKoZIhvcNAQELBQADggEBAHF41SpVZdOjrzFNCZwoS9Wh/7jw0Qxitbik
c7+kfPznEAvpz0sEsftoQVv+KXU1c6RJ1pHeACBQ+BHKLcGH85dZPiCepqPETQGj
DLqe8mXVx4Ga5QnqGl+ra/6Zi+KNSOsJV+BzSN6rb58ds6veAAugl3JB/y0R+IWc
ohKC0eKk8Ye4FGo99C7UWUWOuWAZspch2lQG2SWYdLClaBTqALYY6RulIUfe7FU/
OQBdLP7DXL/2wskGu1GDz12H8q85+MhUZP9NdYbculrR6JHtEQn9YimX4l4g1KaJ
SkeHg+jqhaI3KstObdA8Rq14066GyGM75gCx9vEQh5W2jQPmUlA=
-----END CERTIFICATE-----
Generated at Wed May 13 04:07:44 2026 by rpki-client