Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/EE375CF036BD11E7B9B7251EC4F9AE02.roa
File: EE375CF036BD11E7B9B7251EC4F9AE02.roa (raw, json)
Hash identifier: 2xXR7lh6PvhBbrH3PRAl3hHCxBoJam2EkOnQ34182QM=
Subject key identifier: DD:4E:4E:32:57:7F:3B:CB:0C:BF:9F:7D:8C:15:04:F4:D5:71:68:00
Certificate issuer: /CN=A91EA198/serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD
Certificate serial: 1F8B
Authority key identifier: 9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/EE375CF036BD11E7B9B7251EC4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:25:00 +0000
ROA not before: Sat 28 Feb 2026 05:49:37 +0000
ROA not after: Tue 02 Mar 2027 00:00:00 +0000
asID: 134963
IP address blocks: 14.1.112.0/22 maxlen: 24
43.96.0.0/16 maxlen: 24
43.97.0.0/16 maxlen: 24
43.98.0.0/16 maxlen: 24
43.99.0.0/16 maxlen: 24
43.100.0.0/16 maxlen: 24
43.101.0.0/16 maxlen: 24
43.102.0.0/16 maxlen: 24
43.103.0.0/16 maxlen: 24
43.104.0.0/16 maxlen: 24
43.105.0.0/16 maxlen: 24
43.106.0.0/16 maxlen: 24
43.107.0.0/16 maxlen: 24
43.108.0.0/16 maxlen: 24
43.109.0.0/16 maxlen: 24
43.110.0.0/16 maxlen: 24
43.111.0.0/16 maxlen: 24
43.112.0.0/16 maxlen: 24
43.113.0.0/16 maxlen: 24
43.114.0.0/16 maxlen: 24
43.115.0.0/16 maxlen: 24
43.116.0.0/16 maxlen: 24
43.117.0.0/16 maxlen: 24
43.118.0.0/16 maxlen: 24
43.119.0.0/16 maxlen: 24
43.120.0.0/16 maxlen: 24
43.121.0.0/16 maxlen: 24
43.122.0.0/16 maxlen: 24
43.123.0.0/16 maxlen: 24
43.124.0.0/16 maxlen: 24
43.125.0.0/16 maxlen: 24
43.126.0.0/16 maxlen: 24
43.127.0.0/16 maxlen: 16
43.127.0.0/16 maxlen: 24
103.206.40.0/22 maxlen: 24
240b:4000::/32 maxlen: 48
240b:4001::/32 maxlen: 48
240b:4002::/32 maxlen: 48
240b:4003::/32 maxlen: 48
240b:4004::/32 maxlen: 48
240b:4005::/32 maxlen: 48
240b:4006::/32 maxlen: 48
240b:4007::/32 maxlen: 48
240b:4008::/32 maxlen: 48
240b:4009::/32 maxlen: 48
240b:400a::/32 maxlen: 48
240b:400b::/32 maxlen: 48
240b:400c::/32 maxlen: 48
240b:400d::/32 maxlen: 48
240b:400e::/32 maxlen: 48
240b:400f::/32 maxlen: 48
240b:4010::/32 maxlen: 48
240b:4011::/32 maxlen: 48
240b:4012::/32 maxlen: 48
240b:4013::/32 maxlen: 48
240b:4014::/32 maxlen: 48
240b:4015::/32 maxlen: 48
240b:4016::/32 maxlen: 48
240b:4017::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl
rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 16:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8075 (0x1f8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA198, serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD
Validity
Not Before: Feb 28 05:49:37 2026 GMT
Not After : Mar 2 00:00:00 2027 GMT
Subject: CN=69a4847c-7e28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:47:b2:2f:b6:2c:60:82:55:20:8c:4c:4c:e3:
77:63:e8:93:d0:b7:f0:de:78:bc:1a:15:c9:5f:10:
5f:6e:6e:20:28:ef:c5:d8:76:c8:f9:f0:78:89:b1:
75:be:2f:a4:83:62:87:40:f0:4e:a5:dd:6d:47:cf:
86:9c:56:06:c7:32:d0:58:9c:61:9e:06:7b:f6:a3:
99:6f:f3:a8:e2:dc:1c:0f:3d:ab:c0:3d:7c:26:39:
c3:2d:34:da:41:9c:17:1d:c7:f9:94:ec:d2:9c:22:
ae:fd:4b:ab:da:a2:17:2f:54:86:dd:60:20:02:a8:
df:de:34:42:4f:7a:db:92:75:b6:a1:0a:e9:24:58:
be:99:8c:6c:0f:ed:bb:c6:19:9e:e1:5b:b2:12:fb:
fe:b5:15:f9:ff:c8:32:b7:0e:e5:16:b1:bf:00:e9:
45:62:c7:73:1b:c7:86:8c:e0:b1:cd:e4:64:90:d2:
3c:82:98:90:10:8e:aa:8c:2b:79:b1:ef:3f:ee:14:
ae:f9:73:0c:86:57:dc:a5:57:9d:13:4a:da:2b:b2:
19:f4:c7:d6:b8:f3:7c:16:b2:65:1e:cb:5c:11:38:
ea:76:b1:d1:2b:84:2e:a0:89:f0:ee:97:a1:a7:6b:
c9:35:7c:8f:43:18:32:73:f7:d1:b4:c0:8d:d2:a9:
88:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:4E:4E:32:57:7F:3B:CB:0C:BF:9F:7D:8C:15:04:F4:D5:71:68:00
X509v3 Authority Key Identifier:
keyid:9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/EE375CF036BD11E7B9B7251EC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
14.1.112.0/22
43.96.0.0/11
103.206.40.0/22
IPv6:
240b:4000::-240b:4017:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
60:82:3b:ef:96:f0:fa:14:39:3c:25:3e:88:ab:e9:ad:cd:0f:
4d:c1:d3:4f:ae:ed:b2:4d:86:1b:be:86:a2:df:09:9c:0a:d8:
63:09:51:96:38:ba:a1:2f:38:d9:9d:4a:0d:89:78:27:2f:5d:
b6:d3:78:96:8d:fd:94:8c:12:a2:20:8a:5c:58:47:b8:73:70:
85:7e:1b:7e:af:e7:b2:e1:09:69:05:9e:22:b7:aa:25:d0:a9:
64:06:5c:ed:c4:52:93:09:32:63:df:a1:0d:4a:5f:1d:cf:15:
a8:08:f8:f7:a3:7b:74:42:1f:20:ae:38:dc:57:4c:a1:ab:79:
0c:68:14:22:ee:82:cb:dd:b5:bb:0f:e1:73:fc:af:48:b9:8a:
2a:a4:95:ae:b2:f1:06:bb:e9:dd:a1:36:b5:95:f0:b8:97:e3:
34:1d:1c:9b:fb:e6:af:c8:6f:8e:f2:cd:4e:ac:50:69:e4:28:
ed:e2:de:d6:ae:4b:62:09:31:ea:d6:24:24:bf:e7:d9:2b:c1:
35:c7:5c:20:ac:02:f3:d0:95:fb:63:c8:dc:93:ae:cd:be:c2:
7b:04:e0:87:2d:7f:44:d9:94:9f:b6:ac:2a:44:1a:c4:66:7c:
d6:a5:27:26:0c:04:ff:ca:3c:43:e8:e7:3b:cb:c2:88:7f:3f:
c4:36:3a:9b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgICH4swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUExOTgxMTAvBgNVBAUTKDlFMUMzNTMxRDAwNDVFQTM4OUI2OENGRjkyODZBMDhG
QkNCQkQ4QkQwHhcNMjYwMjI4MDU0OTM3WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODQ3Yy03ZTI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1UeyL7YsYIJVIIxMTON3Y+iT0Lfw3ni8GhXJXxBfbm4gKO/F2HbI+fB4ibF1
vi+kg2KHQPBOpd1tR8+GnFYGxzLQWJxhngZ79qOZb/Oo4twcDz2rwD18JjnDLTTa
QZwXHcf5lOzSnCKu/Uur2qIXL1SG3WAgAqjf3jRCT3rbknW2oQrpJFi+mYxsD+27
xhme4VuyEvv+tRX5/8gytw7lFrG/AOlFYsdzG8eGjOCxzeRkkNI8gpiQEI6qjCt5
se8/7hSu+XMMhlfcpVedE0raK7IZ9MfWuPN8FrJlHstcETjqdrHRK4QuoInw7peh
p2vJNXyPQxgyc/fRtMCN0qmIIwIDAQABo4ICgjCCAn4wHQYDVR0OBBYEFN1OTjJX
fzvLDL+ffYwVBPTVcWgAMB8GA1UdIwQYMBaAFJ4cNTHQBF6jibaM/5KGoI+8u9i9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTE5OC85OTNGMjA5MEFC
QzQxMUU2QkQ2QkVEMTRDNEY5QUUwMi9uaHcxTWRBRVhxT0p0b3pfa29hZ2o3eTcy
TDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25odzFNZEFFWHFPSnRvel9rb2Fnajd5NzJMMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUExOTgvOTkzRjIwOTBBQkM0MTFFNkJENkJFRDE0QzRGOUFFMDIvRUUzNzVDRjAz
NkJEMTFFN0I5QjcyNTFFQzRGOUFFMDIucm9hMEEGCCsGAQUFBwEHAQH/BDIwMDAX
BAIAATARAwQCDgFwAwMFK2ADBAJnzigwFQQCAAIwDzANAwQGJAtAAwUDJAtAEDAN
BgkqhkiG9w0BAQsFAAOCAQEAYII775bw+hQ5PCU+iKvprc0PTcHTT67tsk2GG76G
ot8JnArYYwlRlji6oS842Z1KDYl4Jy9dttN4lo39lIwSoiCKXFhHuHNwhX4bfq/n
suEJaQWeIreqJdCpZAZc7cRSkwkyY9+hDUpfHc8VqAj496N7dEIfIK443FdMoat5
DGgUIu6Cy921uw/hc/yvSLmKKqSVrrLxBrvp3aE2tZXwuJfjNB0cm/vmr8hvjvLN
TqxQaeQo7eLe1q5LYgkx6tYkJL/n2SvBNcdcIKwC89CV+2PI3JOuzb7CewTghy1/
RNmUn7asKkQaxGZ81qUnJgwE/8o8Q+jnO8vCiH8/xDY6mw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:37:15 2026 by rpki-client