Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/39574A98960D11ECAAC81D60C4F9AE02.roa
File: 39574A98960D11ECAAC81D60C4F9AE02.roa (raw, json)
Hash identifier: rMZ/eL7Ct3fn9wQpOxP0LaOUQqMdK4drCnBgZLgiToY=
Subject key identifier: EF:CE:0A:D7:22:12:4E:8E:98:04:1B:BD:6D:92:24:C9:F3:7E:A9:94
Certificate issuer: /CN=A91E504E/serialNumber=A3F272752EC5D9E129E4DFCA080B88D39B794944
Certificate serial: 047E
Authority key identifier: A3:F2:72:75:2E:C5:D9:E1:29:E4:DF:CA:08:0B:88:D3:9B:79:49:44
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o_JydS7F2eEp5N_KCAuI05t5SUQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/39574A98960D11ECAAC81D60C4F9AE02.roa
Signing time: Fri 24 Apr 2026 06:20:52 +0000
ROA not before: Fri 24 Apr 2026 06:20:52 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 133199
IP address blocks: 43.225.44.0/24 maxlen: 24
43.225.45.0/24 maxlen: 24
43.225.46.0/24 maxlen: 24
43.225.47.0/24 maxlen: 24
43.240.28.0/22 maxlen: 22
43.240.28.0/24 maxlen: 24
43.240.29.0/24 maxlen: 24
43.240.30.0/24 maxlen: 24
43.240.31.0/24 maxlen: 24
43.242.32.0/22 maxlen: 22
43.242.32.0/24 maxlen: 24
43.242.33.0/24 maxlen: 24
43.242.34.0/24 maxlen: 24
43.242.35.0/24 maxlen: 24
45.119.96.0/24 maxlen: 24
45.119.97.0/24 maxlen: 24
45.119.98.0/24 maxlen: 24
45.119.99.0/24 maxlen: 24
103.44.28.0/24 maxlen: 24
103.44.29.0/24 maxlen: 24
103.44.30.0/24 maxlen: 24
103.44.31.0/24 maxlen: 24
103.59.144.0/24 maxlen: 24
103.59.145.0/24 maxlen: 24
103.59.146.0/24 maxlen: 24
103.59.147.0/24 maxlen: 24
103.142.190.0/23 maxlen: 23
103.142.190.0/24 maxlen: 24
103.249.108.0/24 maxlen: 24
103.249.109.0/24 maxlen: 24
103.249.110.0/24 maxlen: 24
103.249.111.0/24 maxlen: 24
103.254.148.0/24 maxlen: 24
103.254.149.0/24 maxlen: 24
103.254.150.0/24 maxlen: 24
103.254.151.0/24 maxlen: 24
2404:da80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/o_JydS7F2eEp5N_KCAuI05t5SUQ.crl
rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/o_JydS7F2eEp5N_KCAuI05t5SUQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o_JydS7F2eEp5N_KCAuI05t5SUQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 20 May 2026 00:16:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1150 (0x47e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E504E, serialNumber=A3F272752EC5D9E129E4DFCA080B88D39B794944
Validity
Not Before: Apr 24 06:20:52 2026 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=69eb0bc4-e457
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:07:e3:ed:b0:6a:c9:bf:95:1e:a3:8e:fa:de:
11:cd:9e:03:07:fc:0c:3d:13:1a:b1:d5:79:e9:5c:
df:7d:4b:4e:2e:4e:16:75:e7:2e:62:6d:e7:31:8d:
f8:2a:d8:b4:4a:5f:3f:9d:32:c3:cf:24:35:68:91:
54:51:b0:68:9a:ad:9f:98:a5:b5:cb:e1:f1:de:f3:
8a:23:12:51:4c:3c:2b:fa:32:9a:48:9b:1c:40:74:
af:65:b6:e9:23:95:fc:34:28:fc:0d:73:a9:a0:73:
4f:05:d2:69:06:87:c5:4c:54:a8:b6:69:a1:7e:45:
25:c4:8f:a3:3f:1b:15:5a:a0:36:bb:d0:c7:06:a6:
af:33:f3:c1:d7:89:4e:08:c2:91:73:d9:04:06:9e:
7d:81:96:10:d9:cb:9d:15:f9:52:9b:70:8d:58:20:
7c:28:da:6e:c9:b7:2b:74:1c:3f:e3:04:ca:b6:5e:
dd:5d:b7:eb:91:56:b7:16:28:ba:2c:dc:63:87:9e:
9d:0a:c1:ad:83:6c:aa:4d:6f:61:bb:b2:5f:4e:11:
61:c9:55:be:be:af:92:af:1c:24:52:1d:8c:22:1e:
24:e8:31:7c:9d:d2:27:b8:ed:f0:ea:c9:61:60:c8:
96:df:69:53:38:29:50:8a:3d:2d:2b:64:28:b9:9b:
29:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:CE:0A:D7:22:12:4E:8E:98:04:1B:BD:6D:92:24:C9:F3:7E:A9:94
X509v3 Authority Key Identifier:
keyid:A3:F2:72:75:2E:C5:D9:E1:29:E4:DF:CA:08:0B:88:D3:9B:79:49:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/o_JydS7F2eEp5N_KCAuI05t5SUQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o_JydS7F2eEp5N_KCAuI05t5SUQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/39574A98960D11ECAAC81D60C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.225.44.0/22
43.240.28.0/22
43.242.32.0/22
45.119.96.0/22
103.44.28.0/22
103.59.144.0/22
103.142.190.0/23
103.249.108.0/22
103.254.148.0/22
IPv6:
2404:da80::/32
Signature Algorithm: sha256WithRSAEncryption
44:c9:0c:06:f8:6b:61:35:d2:a5:9d:fc:87:bb:9a:d3:39:50:
2c:af:c5:c6:cb:b4:a6:a2:67:81:b5:10:d6:57:a0:1b:b5:55:
d0:43:15:d1:49:52:21:8c:f5:bf:4b:66:6c:08:16:f4:dc:c3:
55:00:36:c0:b2:c8:90:e5:b6:d1:ac:65:c4:78:65:8a:dd:a8:
6c:e6:66:59:08:e4:97:db:1f:bb:40:a0:2c:90:5b:c1:8f:52:
fb:b8:c3:c6:f5:1d:9e:bc:98:8b:e1:92:46:21:8a:8b:27:37:
0e:64:ca:7c:cc:9e:7b:df:d7:30:36:22:6f:24:d3:5b:81:44:
bf:5e:24:80:cc:e6:62:26:03:41:86:63:21:26:df:a5:2d:db:
93:66:24:98:50:ff:2a:e6:f6:00:a8:0e:e3:ad:a3:b3:f3:c9:
05:5f:92:b1:d4:25:f8:d0:0b:c6:8e:ad:af:71:9f:92:f5:e8:
10:a5:97:eb:2f:07:34:7c:ab:41:ba:3b:03:cc:ae:62:11:ad:
65:88:25:c3:6e:e5:7b:d5:7d:68:70:b8:52:13:32:6b:f6:21:
6b:9f:63:70:4b:ae:cc:18:d8:92:ce:e9:bc:e2:05:11:c6:b3:
30:15:a8:f7:c3:bd:d2:90:53:94:66:73:c4:41:b4:c1:89:00:
6a:bd:ec:52
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgICBH4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTUwNEUxMTAvBgNVBAUTKEEzRjI3Mjc1MkVDNUQ5RTEyOUU0REZDQTA4MEI4OEQz
OUI3OTQ5NDQwHhcNMjYwNDI0MDYyMDUyWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWViMGJjNC1lNDU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAkQfj7bBqyb+VHqOO+t4RzZ4DB/wMPRMasdV56VzffUtOLk4WdecuYm3nMY34
Kti0Sl8/nTLDzyQ1aJFUUbBomq2fmKW1y+Hx3vOKIxJRTDwr+jKaSJscQHSvZbbp
I5X8NCj8DXOpoHNPBdJpBofFTFSotmmhfkUlxI+jPxsVWqA2u9DHBqavM/PB14lO
CMKRc9kEBp59gZYQ2cudFflSm3CNWCB8KNpuybcrdBw/4wTKtl7dXbfrkVa3Fii6
LNxjh56dCsGtg2yqTW9hu7JfThFhyVW+vq+SrxwkUh2MIh4k6DF8ndInuO3w6slh
YMiW32lTOClQij0tK2QouZspZwIDAQABo4ICnzCCApswHQYDVR0OBBYEFO/OCtci
Ek6OmAQbvW2SJMnzfqmUMB8GA1UdIwQYMBaAFKPycnUuxdnhKeTfyggLiNObeUlE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTA0RS81OTA5NDk5MDk2
MDgxMUVDQTA0QTAwODZDNEY5QUUwMi9vX0p5ZFM3RjJlRXA1Tl9LQ0F1STA1dDVT
VVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29fSnlkUzdGMmVFcDVOX0tDQXVJMDV0NVNVUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTUwNEUvNTkwOTQ5OTA5NjA4MTFFQ0EwNEEwMDg2QzRGOUFFMDIvMzk1NzRBOTg5
NjBEMTFFQ0FBQzgxRDYwQzRGOUFFMDIucm9hMF4GCCsGAQUFBwEHAQH/BE8wTTA8
BAIAATA2AwQCK+EsAwQCK/AcAwQCK/IgAwQCLXdgAwQCZywcAwQCZzuQAwQBZ46+
AwQCZ/lsAwQCZ/6UMA0EAgACMAcDBQAkBNqAMA0GCSqGSIb3DQEBCwUAA4IBAQBE
yQwG+GthNdKlnfyHu5rTOVAsr8XGy7SmomeBtRDWV6AbtVXQQxXRSVIhjPW/S2Zs
CBb03MNVADbAssiQ5bbRrGXEeGWK3ahs5mZZCOSX2x+7QKAskFvBj1L7uMPG9R2e
vJiL4ZJGIYqLJzcOZMp8zJ5739cwNiJvJNNbgUS/XiSAzOZiJgNBhmMhJt+lLduT
ZiSYUP8q5vYAqA7jraOz88kFX5Kx1CX40AvGjq2vcZ+S9egQpZfrLwc0fKtBujsD
zK5iEa1liCXDbuV71X1ocLhSEzJr9iFrn2NwS67MGNiSzum84gURxrMwFaj3w73S
kFOUZnPEQbTBiQBqvexS
-----END CERTIFICATE-----
Generated at Wed May 13 04:46:34 2026 by rpki-client