Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E5770/92D58DF83D6311F1814CAA38AD833773/352D320E3D6411F19E142980AD833773.roa
File: 352D320E3D6411F19E142980AD833773.roa (raw, json)
Hash identifier: b9pEmQYeXoEvXcUHQWi3fHnQxMX2lT2vWA6aVsvzLk8=
Subject key identifier: 6A:18:C0:10:7D:EE:B9:F4:31:17:A9:B6:08:2D:C1:70:D1:ED:6A:FF
Certificate issuer: /CN=A91E5770/serialNumber=BD43603F4CA68391A73D667DF6650E52369B7854
Certificate serial: 07
Authority key identifier: BD:43:60:3F:4C:A6:83:91:A7:3D:66:7D:F6:65:0E:52:36:9B:78:54
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vUNgP0ymg5GnPWZ99mUOUjabeFQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E5770/92D58DF83D6311F1814CAA38AD833773/352D320E3D6411F19E142980AD833773.roa
Signing time: Tue 21 Apr 2026 10:45:41 +0000
ROA not before: Tue 21 Apr 2026 10:45:41 +0000
ROA not after: Sat 01 May 2027 00:00:00 +0000
asID: 63888
IP address blocks: 43.229.52.0/22 maxlen: 22
43.229.52.0/24 maxlen: 24
43.229.53.0/24 maxlen: 24
43.229.54.0/24 maxlen: 24
43.229.55.0/24 maxlen: 24
43.230.144.0/22 maxlen: 22
43.230.144.0/24 maxlen: 24
43.230.145.0/24 maxlen: 24
43.230.146.0/24 maxlen: 24
43.230.147.0/24 maxlen: 24
43.231.196.0/22 maxlen: 22
43.231.196.0/24 maxlen: 24
43.231.197.0/24 maxlen: 24
43.231.198.0/24 maxlen: 24
43.231.199.0/24 maxlen: 24
43.247.0.0/22 maxlen: 22
43.247.0.0/24 maxlen: 24
43.247.1.0/24 maxlen: 24
43.247.2.0/24 maxlen: 24
43.247.3.0/24 maxlen: 24
103.41.184.0/22 maxlen: 22
103.41.184.0/24 maxlen: 24
103.41.185.0/24 maxlen: 24
103.41.186.0/24 maxlen: 24
103.41.187.0/24 maxlen: 24
103.49.212.0/22 maxlen: 22
103.49.212.0/24 maxlen: 24
103.49.213.0/24 maxlen: 24
103.49.214.0/24 maxlen: 24
103.49.215.0/24 maxlen: 24
103.51.12.0/22 maxlen: 22
103.51.14.0/24 maxlen: 24
103.51.15.0/24 maxlen: 24
103.224.248.0/22 maxlen: 22
103.224.248.0/24 maxlen: 24
103.224.249.0/24 maxlen: 24
103.224.250.0/24 maxlen: 24
103.224.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E5770/92D58DF83D6311F1814CAA38AD833773/vUNgP0ymg5GnPWZ99mUOUjabeFQ.crl
rsync://rpki.apnic.net/member_repository/A91E5770/92D58DF83D6311F1814CAA38AD833773/vUNgP0ymg5GnPWZ99mUOUjabeFQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vUNgP0ymg5GnPWZ99mUOUjabeFQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 18 May 2026 09:17:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7 (0x7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E5770, serialNumber=BD43603F4CA68391A73D667DF6650E52369B7854
Validity
Not Before: Apr 21 10:45:41 2026 GMT
Not After : May 1 00:00:00 2027 GMT
Subject: CN=69e75555-96ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:20:33:3f:a7:c2:a6:c7:59:94:1c:dd:2b:5d:
f1:ad:62:16:41:97:80:64:9d:0a:46:c5:a7:a8:1b:
95:c0:7a:11:80:ff:8c:0a:48:66:42:a0:79:d9:58:
93:9f:43:3f:af:e0:26:0f:28:15:91:b3:21:b4:93:
2a:af:b6:6d:0a:26:25:d6:9e:98:fd:de:11:8a:f1:
0b:09:15:26:00:00:d7:f1:90:9e:35:77:33:ed:71:
8f:2e:6e:b8:7f:4a:bf:64:c9:b5:85:1f:ae:a7:e7:
9a:ed:f6:df:81:b7:d5:c1:7b:e1:ad:af:bf:eb:c7:
70:47:22:0b:d2:96:d4:75:6d:f1:c6:e5:b1:3a:a9:
6f:f7:73:6e:0f:32:eb:75:a0:df:5d:1f:41:ae:8c:
99:d4:7c:d2:f4:e2:c7:72:71:f8:42:ab:19:53:ab:
0e:8b:11:f6:3c:bb:5d:80:72:9d:50:2c:62:b3:c4:
ae:12:a0:9e:dd:bf:e0:3a:06:b6:a7:f6:d6:16:0b:
5f:d9:0d:d4:31:4c:f1:23:97:a7:4b:2e:39:ec:05:
a5:66:fa:64:87:3a:7b:8c:ff:9c:cc:44:29:66:9f:
d0:ac:89:ba:63:e2:3b:77:b0:ce:70:95:9a:e2:1b:
d9:ad:f3:5d:c3:5f:1f:93:0c:7d:74:15:81:ea:21:
39:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:18:C0:10:7D:EE:B9:F4:31:17:A9:B6:08:2D:C1:70:D1:ED:6A:FF
X509v3 Authority Key Identifier:
keyid:BD:43:60:3F:4C:A6:83:91:A7:3D:66:7D:F6:65:0E:52:36:9B:78:54
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E5770/92D58DF83D6311F1814CAA38AD833773/vUNgP0ymg5GnPWZ99mUOUjabeFQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vUNgP0ymg5GnPWZ99mUOUjabeFQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E5770/92D58DF83D6311F1814CAA38AD833773/352D320E3D6411F19E142980AD833773.roa
sbgp-ipAddrBlock: critical
IPv4:
43.229.52.0/22
43.230.144.0/22
43.231.196.0/22
43.247.0.0/22
103.41.184.0/22
103.49.212.0/22
103.51.12.0/22
103.224.248.0/22
Signature Algorithm: sha256WithRSAEncryption
b5:cf:38:58:a5:42:b0:07:9e:f1:58:2f:97:32:0a:35:c6:4e:
01:d9:d3:af:6b:b0:13:be:a1:41:26:be:fb:fc:36:38:46:ea:
a9:bc:b2:6d:2a:7d:1f:19:38:be:3b:91:a0:20:21:65:4b:45:
6d:2d:ec:11:22:e7:c0:af:dd:3e:24:5f:d7:fd:3e:2f:ee:58:
a8:ac:5b:2a:c7:8d:0a:df:dd:e2:58:61:75:f2:c6:e8:da:61:
86:48:03:8c:08:94:34:ad:1d:e5:5c:19:92:9d:7f:98:6d:29:
d6:11:4b:b7:f5:cb:f8:f8:e0:6f:33:4d:f0:06:80:fe:83:60:
05:53:1b:7f:d7:ce:f9:f3:6f:f4:a1:b3:c9:47:54:a4:79:1d:
88:03:cf:f6:3d:c8:55:3b:65:36:c6:61:20:7a:73:ec:f9:71:
c8:62:95:c2:39:fb:02:45:c3:be:c4:c5:8e:bd:9c:95:cc:42:
b7:a3:96:e6:f7:0f:30:59:6e:c7:54:38:16:3c:48:8f:b5:e7:
59:81:8d:31:77:ba:04:00:94:fd:eb:91:e4:07:46:29:31:bb:
49:eb:ea:fc:53:98:79:b4:78:23:2e:a0:2d:b3:5f:00:81:4a:
9c:0b:19:fa:1d:ad:01:6b:21:38:8a:5d:c0:d1:01:78:c7:40:
5a:d3:93:f1
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgIBBzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
NTc3MDExMC8GA1UEBRMoQkQ0MzYwM0Y0Q0E2ODM5MUE3M0Q2NjdERjY2NTBFNTIz
NjlCNzg1NDAeFw0yNjA0MjExMDQ1NDFaFw0yNzA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY5ZTc1NTU1LTk2YWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCPIDM/p8Kmx1mUHN0rXfGtYhZBl4BknQpGxaeoG5XAehGA/4wKSGZCoHnZWJOf
Qz+v4CYPKBWRsyG0kyqvtm0KJiXWnpj93hGK8QsJFSYAANfxkJ41dzPtcY8ubrh/
Sr9kybWFH66n55rt9t+Bt9XBe+Gtr7/rx3BHIgvSltR1bfHG5bE6qW/3c24PMut1
oN9dH0GujJnUfNL04sdycfhCqxlTqw6LEfY8u12Acp1QLGKzxK4SoJ7dv+A6Bran
9tYWC1/ZDdQxTPEjl6dLLjnsBaVm+mSHOnuM/5zMRClmn9Csibpj4jt3sM5wlZri
G9mt813DXx+TDH10FYHqITkNAgMBAAGjggKKMIIChjAdBgNVHQ4EFgQUahjAEH3u
ufQxF6m2CC3BcNHtav8wHwYDVR0jBBgwFoAUvUNgP0ymg5GnPWZ99mUOUjabeFQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU1NzcwLzkyRDU4REY4M0Q2
MzExRjE4MTRDQUEzOEFEODMzNzczL3ZVTmdQMHltZzVHblBXWjk5bVVPVWphYmVG
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdlVOZ1AweW1nNUduUFdaOTltVU9VamFiZUZRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgZYGCCsGAQUFBwELBIGJMIGGMIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
NTc3MC85MkQ1OERGODNENjMxMUYxODE0Q0FBMzhBRDgzMzc3My8zNTJEMzIwRTNE
NjQxMUYxOUUxNDI5ODBBRDgzMzc3My5yb2EwSQYIKwYBBQUHAQcBAf8EOjA4MDYE
AgABMDADBAIr5TQDBAIr5pADBAIr58QDBAIr9wADBAJnKbgDBAJnMdQDBAJnMwwD
BAJn4PgwDQYJKoZIhvcNAQELBQADggEBALXPOFilQrAHnvFYL5cyCjXGTgHZ069r
sBO+oUEmvvv8NjhG6qm8sm0qfR8ZOL47kaAgIWVLRW0t7BEi58Cv3T4kX9f9Pi/u
WKisWyrHjQrf3eJYYXXyxujaYYZIA4wIlDStHeVcGZKdf5htKdYRS7f1y/j44G8z
TfAGgP6DYAVTG3/Xzvnzb/Shs8lHVKR5HYgDz/Y9yFU7ZTbGYSB6c+z5cchilcI5
+wJFw77ExY69nJXMQrejlub3DzBZbsdUOBY8SI+151mBjTF3ugQAlP3rkeQHRikx
u0nr6vxTmHm0eCMuoC2zXwCBSpwLGfodrQFrITiKXcDRAXjHQFrTk/E=
-----END CERTIFICATE-----
Generated at Wed May 13 05:14:23 2026 by rpki-client