Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/EE375CF036BD11E7B9B7251EC4F9AE02.roa
File: EE375CF036BD11E7B9B7251EC4F9AE02.roa (raw, json)
Hash identifier: E8KCulpW5x2sAiN2CA+1RrMgxss5nyN9/hSLHOWwHsE=
Subject key identifier: A5:72:B0:AB:91:3C:9A:B1:D8:3E:34:FD:9B:06:2D:C2:FC:24:16:3A
Certificate issuer: /CN=A91EA198/serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD
Certificate serial: 1FC2
Authority key identifier: 9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/EE375CF036BD11E7B9B7251EC4F9AE02.roa
Signing time: Wed 13 May 2026 02:23:40 +0000
ROA not before: Wed 13 May 2026 02:23:40 +0000
ROA not after: Tue 02 Mar 2027 00:00:00 +0000
asID: 134963
IP address blocks: 14.1.112.0/22 maxlen: 24
43.96.0.0/16 maxlen: 24
43.97.0.0/16 maxlen: 24
43.98.0.0/16 maxlen: 24
43.99.0.0/16 maxlen: 24
43.100.0.0/16 maxlen: 24
43.101.0.0/16 maxlen: 24
43.102.0.0/16 maxlen: 24
43.103.0.0/16 maxlen: 24
43.104.0.0/16 maxlen: 24
43.105.0.0/16 maxlen: 24
43.106.0.0/16 maxlen: 24
43.107.0.0/16 maxlen: 24
43.108.0.0/16 maxlen: 24
43.109.0.0/16 maxlen: 24
43.110.0.0/16 maxlen: 24
43.111.0.0/16 maxlen: 24
43.112.0.0/16 maxlen: 24
43.113.0.0/16 maxlen: 24
43.114.0.0/16 maxlen: 24
43.115.0.0/16 maxlen: 24
43.116.0.0/16 maxlen: 24
43.117.0.0/16 maxlen: 24
43.118.0.0/16 maxlen: 24
43.119.0.0/16 maxlen: 24
43.120.0.0/16 maxlen: 24
43.121.0.0/16 maxlen: 24
43.122.0.0/16 maxlen: 24
43.123.0.0/16 maxlen: 24
43.124.0.0/16 maxlen: 24
43.125.0.0/16 maxlen: 24
43.126.0.0/16 maxlen: 24
43.127.0.0/16 maxlen: 16
43.127.0.0/16 maxlen: 24
103.206.40.0/22 maxlen: 24
240b:4000::/32 maxlen: 48
240b:4001::/32 maxlen: 48
240b:4002::/32 maxlen: 48
240b:4003::/32 maxlen: 48
240b:4004::/32 maxlen: 48
240b:4005::/32 maxlen: 48
240b:4006::/32 maxlen: 48
240b:4007::/32 maxlen: 48
240b:4008::/32 maxlen: 48
240b:4009::/32 maxlen: 48
240b:400a::/32 maxlen: 48
240b:400b::/32 maxlen: 48
240b:400c::/32 maxlen: 48
240b:400d::/32 maxlen: 48
240b:400e::/32 maxlen: 48
240b:400f::/32 maxlen: 48
240b:4010::/32 maxlen: 48
240b:4011::/32 maxlen: 48
240b:4012::/32 maxlen: 48
240b:4013::/32 maxlen: 48
240b:4014::/32 maxlen: 48
240b:4015::/32 maxlen: 48
240b:4016::/32 maxlen: 48
240b:4017::/32 maxlen: 48
240b:4018::/32 maxlen: 48
240b:4019::/32 maxlen: 48
240b:401a::/32 maxlen: 48
240b:401b::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl
rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 20 May 2026 02:23:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8130 (0x1fc2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA198, serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD
Validity
Not Before: May 13 02:23:40 2026 GMT
Not After : Mar 2 00:00:00 2027 GMT
Subject: CN=6a03e0ac-e38d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:da:f6:78:d5:e8:a0:dc:e3:62:82:f0:67:96:
23:8e:03:d3:ce:88:71:e3:72:9a:2f:a9:a1:50:f1:
1d:1c:32:37:77:e4:6e:8b:d4:aa:70:c2:f8:8b:d5:
19:21:a0:e7:3e:30:77:1d:f4:c5:cb:50:6d:2c:40:
95:31:0d:38:d0:b7:3f:02:1f:6f:ec:d7:7f:e4:ab:
de:32:fa:ed:9c:1d:57:51:6a:e6:ce:d5:ca:45:3d:
ce:6a:1a:8a:a8:c6:34:a4:e1:c3:e4:ee:9f:6d:21:
9f:cc:4e:e7:a2:da:80:b8:e7:77:f7:38:fc:bb:23:
b3:e9:8f:e1:53:d4:fe:e5:e5:7c:34:69:4f:9a:f0:
71:a1:b9:ab:30:ea:a8:a4:87:ec:c0:6a:0f:34:9f:
7d:04:9c:ec:51:d2:f8:bc:37:cf:88:ab:0c:be:b3:
21:66:ec:3b:a2:df:5e:ff:14:8d:41:40:c9:1a:a1:
e6:c4:f9:78:e5:96:a0:07:ea:d1:93:93:58:26:8a:
b6:c3:53:c1:2b:54:99:bd:25:10:b1:1f:26:7b:f4:
11:6c:c9:0c:9c:f7:12:31:d6:f7:18:ef:98:3a:26:
27:d8:0d:ef:7e:39:f9:a7:5a:0a:69:0d:db:35:67:
8c:e9:96:19:22:c3:b4:6e:e4:e6:ce:50:57:e1:98:
dc:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:72:B0:AB:91:3C:9A:B1:D8:3E:34:FD:9B:06:2D:C2:FC:24:16:3A
X509v3 Authority Key Identifier:
keyid:9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/EE375CF036BD11E7B9B7251EC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
14.1.112.0/22
43.96.0.0/11
103.206.40.0/22
IPv6:
240b:4000::-240b:401b:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8a:29:bf:cf:76:5d:47:f7:15:61:35:d6:25:26:e5:c3:ca:a1:
00:56:12:09:b6:e9:6b:4e:b0:26:2b:8f:5d:07:fe:52:26:a2:
38:8a:57:f5:96:f5:c5:ff:b9:9c:8a:6c:01:09:77:b8:84:5a:
d8:f1:c0:32:0b:41:0e:6d:86:d2:45:d7:45:3e:2d:ba:d4:4c:
37:f2:38:f8:ef:90:60:c8:74:f2:de:36:99:5c:7e:b0:4d:2c:
bb:66:3a:d6:90:40:62:11:82:2b:7e:67:68:1b:21:b4:61:45:
ac:d3:a6:e1:e5:e5:37:3a:0f:c9:59:52:c8:dd:c2:f0:62:a1:
9a:e4:a7:32:e3:ca:42:e9:57:61:30:ff:9a:f0:d3:ca:8a:ac:
fd:4c:b3:4d:09:08:16:1e:de:f3:24:c2:d3:fc:be:88:0e:06:
df:1c:13:98:d2:13:c0:8a:22:58:6e:3d:35:5b:36:84:88:21:
ee:fd:b4:6b:b2:5f:b3:c6:1b:b3:32:f3:a7:ea:81:9b:5d:64:
81:ec:ba:c6:a5:69:52:9d:8f:25:9d:e6:0c:9a:93:e6:30:53:
07:dd:66:cc:47:7c:03:2f:c6:b3:70:00:c3:36:f9:8a:98:6c:
38:d0:17:5e:b1:16:44:02:da:29:8c:78:b7:37:6c:b5:86:51:
1b:f7:0a:14
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgICH8IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUExOTgxMTAvBgNVBAUTKDlFMUMzNTMxRDAwNDVFQTM4OUI2OENGRjkyODZBMDhG
QkNCQkQ4QkQwHhcNMjYwNTEzMDIyMzQwWhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTAzZTBhYy1lMzhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApNr2eNXooNzjYoLwZ5YjjgPTzohx43KaL6mhUPEdHDI3d+Rui9SqcML4i9UZ
IaDnPjB3HfTFy1BtLECVMQ040Lc/Ah9v7Nd/5KveMvrtnB1XUWrmztXKRT3OahqK
qMY0pOHD5O6fbSGfzE7notqAuOd39zj8uyOz6Y/hU9T+5eV8NGlPmvBxobmrMOqo
pIfswGoPNJ99BJzsUdL4vDfPiKsMvrMhZuw7ot9e/xSNQUDJGqHmxPl45ZagB+rR
k5NYJoq2w1PBK1SZvSUQsR8me/QRbMkMnPcSMdb3GO+YOiYn2A3vfjn5p1oKaQ3b
NWeM6ZYZIsO0buTmzlBX4ZjcqwIDAQABo4ICgjCCAn4wHQYDVR0OBBYEFKVysKuR
PJqx2D40/ZsGLcL8JBY6MB8GA1UdIwQYMBaAFJ4cNTHQBF6jibaM/5KGoI+8u9i9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTE5OC85OTNGMjA5MEFC
QzQxMUU2QkQ2QkVEMTRDNEY5QUUwMi9uaHcxTWRBRVhxT0p0b3pfa29hZ2o3eTcy
TDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25odzFNZEFFWHFPSnRvel9rb2Fnajd5NzJMMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUExOTgvOTkzRjIwOTBBQkM0MTFFNkJENkJFRDE0QzRGOUFFMDIvRUUzNzVDRjAz
NkJEMTFFN0I5QjcyNTFFQzRGOUFFMDIucm9hMEEGCCsGAQUFBwEHAQH/BDIwMDAX
BAIAATARAwQCDgFwAwMFK2ADBAJnzigwFQQCAAIwDzANAwQGJAtAAwUCJAtAGDAN
BgkqhkiG9w0BAQsFAAOCAQEAiim/z3ZdR/cVYTXWJSblw8qhAFYSCbbpa06wJiuP
XQf+UiaiOIpX9Zb1xf+5nIpsAQl3uIRa2PHAMgtBDm2G0kXXRT4tutRMN/I4+O+Q
YMh08t42mVx+sE0su2Y61pBAYhGCK35naBshtGFFrNOm4eXlNzoPyVlSyN3C8GKh
muSnMuPKQulXYTD/mvDTyoqs/UyzTQkIFh7e8yTC0/y+iA4G3xwTmNITwIoiWG49
NVs2hIgh7v20a7Jfs8YbszLzp+qBm11kgey6xqVpUp2PJZ3mDJqT5jBTB91mzEd8
Ay/Gs3AAwzb5iphsONAXXrEWRALaKYx4tzdstYZRG/cKFA==
-----END CERTIFICATE-----
Generated at Wed May 13 06:13:21 2026 by rpki-client