Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7363/FF8B4B6C1D8411E28CD33DDB08B02CD2/2CDDCAB868AC11EDAA6C8F2AC4F9AE02.roa
File: 2CDDCAB868AC11EDAA6C8F2AC4F9AE02.roa (raw, json)
Hash identifier: u9kZzqte8G5R67x31+sR3q0YHM2V76JLvdvpfY5M4UA=
Subject key identifier: AD:B0:3E:64:4F:C8:85:53:1A:D6:B4:4A:6C:17:61:8B:D7:D5:40:BD
Certificate issuer: /CN=A91E7363/serialNumber=A897C04DE12F0A6F59C1AD1509F0B209FA5438B3
Certificate serial: 358F
Authority key identifier: A8:97:C0:4D:E1:2F:0A:6F:59:C1:AD:15:09:F0:B2:09:FA:54:38:B3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qJfATeEvCm9Zwa0VCfCyCfpUOLM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E7363/FF8B4B6C1D8411E28CD33DDB08B02CD2/2CDDCAB868AC11EDAA6C8F2AC4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:07:17 +0000
ROA not before: Fri 30 Jan 2026 15:10:22 +0000
ROA not after: Wed 31 Mar 2027 00:00:00 +0000
asID: 9329
IP address blocks: 112.134.0.0/15 maxlen: 15
112.134.0.0/19 maxlen: 24
112.134.32.0/19 maxlen: 24
112.134.64.0/19 maxlen: 24
112.134.96.0/19 maxlen: 24
112.134.128.0/19 maxlen: 24
112.134.160.0/19 maxlen: 24
112.134.192.0/19 maxlen: 24
112.134.224.0/19 maxlen: 24
112.135.0.0/19 maxlen: 24
112.135.32.0/19 maxlen: 24
112.135.64.0/19 maxlen: 24
112.135.96.0/19 maxlen: 24
112.135.128.0/19 maxlen: 24
112.135.160.0/19 maxlen: 24
112.135.192.0/19 maxlen: 24
112.135.224.0/19 maxlen: 24
119.235.4.0/24 maxlen: 24
119.235.5.0/24 maxlen: 24
119.235.6.0/24 maxlen: 24
119.235.7.0/24 maxlen: 24
119.235.8.0/24 maxlen: 24
119.235.9.0/24 maxlen: 24
119.235.10.0/24 maxlen: 24
119.235.12.0/24 maxlen: 24
124.43.0.0/16 maxlen: 16
124.43.0.0/17 maxlen: 17
124.43.0.0/19 maxlen: 24
124.43.32.0/19 maxlen: 24
124.43.64.0/18 maxlen: 18
124.43.64.0/19 maxlen: 24
124.43.96.0/19 maxlen: 24
124.43.128.0/17 maxlen: 17
124.43.128.0/18 maxlen: 18
124.43.128.0/19 maxlen: 24
124.43.160.0/19 maxlen: 24
124.43.192.0/19 maxlen: 24
124.43.224.0/19 maxlen: 24
203.81.99.0/24 maxlen: 24
203.81.100.0/24 maxlen: 24
203.81.101.0/24 maxlen: 24
203.81.102.0/24 maxlen: 24
203.94.64.0/18 maxlen: 18
203.94.65.0/24 maxlen: 24
203.94.69.0/24 maxlen: 24
203.94.70.0/24 maxlen: 24
203.94.71.0/24 maxlen: 24
203.94.72.0/24 maxlen: 24
203.94.74.0/24 maxlen: 24
203.94.84.0/24 maxlen: 24
203.94.89.0/24 maxlen: 24
203.94.95.0/24 maxlen: 24
203.115.0.0/18 maxlen: 18
203.115.0.0/24 maxlen: 24
203.115.11.0/24 maxlen: 24
203.115.21.0/24 maxlen: 24
203.115.28.0/24 maxlen: 24
203.115.31.0/24 maxlen: 24
220.247.192.0/18 maxlen: 23
220.247.192.0/19 maxlen: 24
220.247.224.0/24 maxlen: 24
220.247.226.0/23 maxlen: 24
220.247.228.0/22 maxlen: 24
220.247.232.0/21 maxlen: 24
220.247.240.0/20 maxlen: 24
222.165.128.0/18 maxlen: 24
2402:d000::/32 maxlen: 40
2402:d000:20::/48 maxlen: 48
2402:d000:21::/48 maxlen: 48
2402:d000:140::/48 maxlen: 48
2402:d000:141::/48 maxlen: 48
2402:d000:142::/48 maxlen: 48
2402:d000:100c::/48 maxlen: 48
2402:d000:1060::/48 maxlen: 48
2402:d000:1064::/48 maxlen: 48
2402:d000:1068::/48 maxlen: 48
2402:d000:106c::/48 maxlen: 48
2402:d000:1074::/48 maxlen: 48
2402:d000:1088::/48 maxlen: 48
2402:d000:7000::/48 maxlen: 48
2402:d000:8100::/48 maxlen: 48
2402:d000:8104::/48 maxlen: 48
2402:d000:8108::/48 maxlen: 48
2402:d000:810c::/48 maxlen: 48
2402:d000:8110::/48 maxlen: 48
2402:d000:8114::/48 maxlen: 48
2402:d000:8118::/48 maxlen: 48
2402:d000:811c::/48 maxlen: 48
2402:d000:8120::/48 maxlen: 48
2402:d000:8124::/48 maxlen: 48
2402:d000:8128::/48 maxlen: 48
2402:d000:812c::/48 maxlen: 48
2402:d000:8130::/48 maxlen: 48
2402:d000:8134::/48 maxlen: 48
2402:d000:8138::/48 maxlen: 48
2402:d000:813c::/48 maxlen: 48
2402:d000:8140::/48 maxlen: 48
2402:d000:8f00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E7363/FF8B4B6C1D8411E28CD33DDB08B02CD2/qJfATeEvCm9Zwa0VCfCyCfpUOLM.crl
rsync://rpki.apnic.net/member_repository/A91E7363/FF8B4B6C1D8411E28CD33DDB08B02CD2/qJfATeEvCm9Zwa0VCfCyCfpUOLM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qJfATeEvCm9Zwa0VCfCyCfpUOLM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 14:24:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13711 (0x358f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E7363, serialNumber=A897C04DE12F0A6F59C1AD1509F0B209FA5438B3
Validity
Not Before: Jan 30 15:10:22 2026 GMT
Not After : Mar 31 00:00:00 2027 GMT
Subject: CN=69a47245-8175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1e:84:08:63:57:11:5a:c7:9b:19:e0:28:ad:
ec:c8:6c:1a:b5:07:54:e8:46:33:2c:a4:2d:69:8c:
d9:38:82:5e:8e:5b:21:3c:72:20:c7:38:5f:cd:38:
e5:a1:38:3d:ba:83:01:ac:83:c5:01:39:ac:5c:0c:
41:cf:1f:79:d6:66:1f:53:c1:d8:82:93:8d:60:2e:
3f:1c:99:a7:42:8e:ef:7e:6a:aa:78:39:49:63:2f:
56:8d:a0:2a:3b:76:5d:6f:1e:68:be:ee:90:1d:91:
8e:81:1d:03:d4:eb:19:d1:19:14:d0:a6:42:26:4e:
12:24:4d:5e:9a:77:da:e3:eb:59:bd:6a:8e:e8:c2:
c2:c5:84:70:e0:47:9b:51:30:22:53:cd:c6:cb:9f:
29:b4:d2:05:3c:7a:86:14:93:72:d8:8c:d3:a2:35:
ba:e0:3d:e4:ac:67:17:eb:34:da:03:62:d3:19:20:
f5:57:0c:0f:c8:e7:aa:44:b0:2e:b0:ea:51:08:f4:
c5:bb:dd:0b:56:b8:26:87:a2:6b:59:ab:b4:9d:aa:
ed:fc:68:96:1e:82:7a:50:b2:f9:79:dc:a0:60:ae:
bf:3f:f1:76:8b:09:c6:bc:9b:39:50:89:ef:cf:e4:
ab:cf:f9:11:d7:45:fa:df:8c:bf:17:22:95:f3:b3:
7b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:B0:3E:64:4F:C8:85:53:1A:D6:B4:4A:6C:17:61:8B:D7:D5:40:BD
X509v3 Authority Key Identifier:
keyid:A8:97:C0:4D:E1:2F:0A:6F:59:C1:AD:15:09:F0:B2:09:FA:54:38:B3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E7363/FF8B4B6C1D8411E28CD33DDB08B02CD2/qJfATeEvCm9Zwa0VCfCyCfpUOLM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qJfATeEvCm9Zwa0VCfCyCfpUOLM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7363/FF8B4B6C1D8411E28CD33DDB08B02CD2/2CDDCAB868AC11EDAA6C8F2AC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
112.134.0.0/15
119.235.4.0-119.235.10.255
119.235.12.0/24
124.43.0.0/16
203.81.99.0-203.81.102.255
203.94.64.0/18
203.115.0.0/18
220.247.192.0/18
222.165.128.0/18
IPv6:
2402:d000::/32
Signature Algorithm: sha256WithRSAEncryption
28:bc:8b:e8:d6:2a:24:78:48:df:a7:6c:9e:b2:93:1e:68:3f:
bf:8b:6a:8e:64:3f:93:78:4d:18:a8:31:1b:db:b8:12:cd:1c:
e8:b0:aa:4a:d4:3b:9a:49:5d:76:9f:db:62:36:bd:59:74:17:
08:7a:34:db:f2:58:ab:70:f5:9d:0c:b5:d9:37:e3:0c:31:8c:
2e:97:10:14:19:d0:bf:05:42:94:18:80:0c:86:98:f9:34:52:
1a:3a:a0:94:c3:f5:16:c0:98:50:7d:49:c9:58:21:31:1c:5c:
00:01:26:6e:53:30:0f:1a:ef:fc:23:01:a4:28:b4:9c:8a:4e:
40:e2:af:9e:bf:31:09:70:e8:0c:6d:51:51:46:18:ee:50:cc:
bc:b9:b4:93:cf:57:4a:04:81:b6:be:f4:1e:ca:8b:5f:4e:50:
7a:b2:01:dd:96:9a:b4:ba:0d:54:25:2e:a8:6e:b8:76:c2:96:
cd:a2:3a:d3:85:f8:e2:84:d5:1a:76:6d:4a:c2:11:dc:cc:65:
3a:81:cc:20:c9:85:63:fd:b9:a6:46:d0:e7:ad:1a:ba:75:4c:
b0:5d:ee:f7:0a:97:71:08:61:04:26:4d:43:18:be:85:bc:89:
ea:9d:2c:25:78:5c:78:ad:6d:4d:f8:1d:a0:ca:79:e4:94:f5:
c4:00:a4:a5
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICNY8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTczNjMxMTAvBgNVBAUTKEE4OTdDMDRERTEyRjBBNkY1OUMxQUQxNTA5RjBCMjA5
RkE1NDM4QjMwHhcNMjYwMTMwMTUxMDIyWhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NzI0NS04MTc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApB6ECGNXEVrHmxngKK3syGwatQdU6EYzLKQtaYzZOIJejlshPHIgxzhfzTjl
oTg9uoMBrIPFATmsXAxBzx951mYfU8HYgpONYC4/HJmnQo7vfmqqeDlJYy9WjaAq
O3Zdbx5ovu6QHZGOgR0D1OsZ0RkU0KZCJk4SJE1emnfa4+tZvWqO6MLCxYRw4Eeb
UTAiU83Gy58ptNIFPHqGFJNy2IzTojW64D3krGcX6zTaA2LTGSD1VwwPyOeqRLAu
sOpRCPTFu90LVrgmh6JrWau0nart/GiWHoJ6ULL5edygYK6/P/F2iwnGvJs5UInv
z+Srz/kR10X634y/FyKV87N7xQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFK2wPmRP
yIVTGta0SmwXYYvX1UC9MB8GA1UdIwQYMBaAFKiXwE3hLwpvWcGtFQnwsgn6VDiz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNzM2My9GRjhCNEI2QzFE
ODQxMUUyOENEMzNEREIwOEIwMkNEMi9xSmZBVGVFdkNtOVp3YTBWQ2ZDeUNmcFVP
TE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FKZkFUZUV2Q205WndhMFZDZkN5Q2ZwVU9MTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTczNjMvRkY4QjRCNkMxRDg0MTFFMjhDRDMzRERCMDhCMDJDRDIvMkNERENBQjg2
OEFDMTFFREFBNkM4RjJBQzRGOUFFMDIucm9hMGwGCCsGAQUFBwEHAQH/BF0wWzBK
BAIAATBEAwMBcIYwDAMEAnfrBAMEAHfrCgMEAHfrDAMDAHwrMAwDBADLUWMDBADL
UWYDBAbLXkADBAbLcwADBAbc98ADBAbepYAwDQQCAAIwBwMFACQC0AAwDQYJKoZI
hvcNAQELBQADggEBACi8i+jWKiR4SN+nbJ6ykx5oP7+Lao5kP5N4TRioMRvbuBLN
HOiwqkrUO5pJXXaf22I2vVl0Fwh6NNvyWKtw9Z0Mtdk34wwxjC6XEBQZ0L8FQpQY
gAyGmPk0Uho6oJTD9RbAmFB9SclYITEcXAABJm5TMA8a7/wjAaQotJyKTkDir56/
MQlw6AxtUVFGGO5QzLy5tJPPV0oEgba+9B7Ki19OUHqyAd2WmrS6DVQlLqhuuHbC
ls2iOtOF+OKE1Rp2bUrCEdzMZTqBzCDJhWP9uaZG0OetGrp1TLBd7vcKl3EIYQQm
TUMYvoW8ieqdLCV4XHitbU34HaDKeeSU9cQApKU=
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:02:39 2026 by rpki-client