Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
File: B32F80267BD111EBBB223C84C4F9AE02.roa (raw, json)
Hash identifier: whKOU9wMBVhAXIGEfDVrauGFxBhYQd1yWxEXLCBruMM=
Subject key identifier: 83:57:EA:F6:68:D8:29:0D:22:1E:A4:FD:AC:8B:F1:F9:28:D2:38:F0
Certificate issuer: /CN=A91EDB37/serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Certificate serial: 0843
Authority key identifier: 95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
Signing time: Tue 24 Mar 2026 06:13:16 +0000
ROA not before: Tue 24 Mar 2026 06:13:16 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 21859
IP address blocks: 129.227.17.0/24 maxlen: 24
129.227.18.0/24 maxlen: 24
129.227.19.0/24 maxlen: 24
129.227.29.0/24 maxlen: 24
129.227.30.0/24 maxlen: 24
129.227.31.0/24 maxlen: 24
129.227.63.0/24 maxlen: 24
129.227.176.0/23 maxlen: 24
129.227.192.0/24 maxlen: 24
129.227.193.0/24 maxlen: 24
129.227.194.0/23 maxlen: 24
156.59.16.0/22 maxlen: 24
156.59.37.0/24 maxlen: 24
156.59.48.0/23 maxlen: 24
156.59.50.0/23 maxlen: 24
156.59.52.0/22 maxlen: 24
156.59.73.0/24 maxlen: 24
156.59.80.0/21 maxlen: 24
156.59.94.0/23 maxlen: 24
156.59.108.0/24 maxlen: 24
156.59.123.0/24 maxlen: 24
156.59.128.0/21 maxlen: 24
156.59.136.0/21 maxlen: 24
156.59.146.0/24 maxlen: 24
156.59.216.0/24 maxlen: 24
156.59.224.0/24 maxlen: 24
156.59.225.0/24 maxlen: 24
156.59.241.0/24 maxlen: 24
156.59.255.0/24 maxlen: 24
162.128.43.0/24 maxlen: 24
162.128.44.0/24 maxlen: 24
162.128.53.0/24 maxlen: 24
162.128.54.0/24 maxlen: 24
162.128.55.0/24 maxlen: 24
162.128.56.0/24 maxlen: 24
162.128.57.0/24 maxlen: 24
162.128.58.0/24 maxlen: 24
162.128.59.0/24 maxlen: 24
162.128.60.0/24 maxlen: 24
162.128.61.0/24 maxlen: 24
162.128.62.0/24 maxlen: 24
162.128.63.0/24 maxlen: 24
162.128.140.0/24 maxlen: 24
162.128.149.0/24 maxlen: 24
162.128.150.0/24 maxlen: 24
162.128.151.0/24 maxlen: 24
162.128.183.0/24 maxlen: 24
162.128.186.0/24 maxlen: 24
162.128.196.0/24 maxlen: 24
162.128.197.0/24 maxlen: 24
162.128.198.0/24 maxlen: 24
162.128.199.0/24 maxlen: 24
162.128.200.0/24 maxlen: 24
162.128.201.0/24 maxlen: 24
162.128.202.0/24 maxlen: 24
162.128.203.0/24 maxlen: 24
162.128.204.0/24 maxlen: 24
162.128.205.0/24 maxlen: 24
162.128.206.0/24 maxlen: 24
162.128.207.0/24 maxlen: 24
162.128.208.0/24 maxlen: 24
162.128.209.0/24 maxlen: 24
162.128.210.0/24 maxlen: 24
162.128.211.0/24 maxlen: 24
162.128.213.0/24 maxlen: 24
162.128.214.0/24 maxlen: 24
162.128.215.0/24 maxlen: 24
162.128.216.0/24 maxlen: 24
162.128.217.0/24 maxlen: 24
162.128.218.0/24 maxlen: 24
162.128.219.0/24 maxlen: 24
162.128.220.0/24 maxlen: 24
162.128.221.0/24 maxlen: 24
162.128.222.0/24 maxlen: 24
162.128.223.0/24 maxlen: 24
162.128.224.0/24 maxlen: 24
162.128.225.0/24 maxlen: 24
162.128.226.0/24 maxlen: 24
162.128.227.0/24 maxlen: 24
162.128.228.0/24 maxlen: 24
162.128.229.0/24 maxlen: 24
162.128.230.0/24 maxlen: 24
162.128.231.0/24 maxlen: 24
162.128.232.0/24 maxlen: 24
162.128.233.0/24 maxlen: 24
162.128.234.0/24 maxlen: 24
162.128.235.0/24 maxlen: 24
162.128.236.0/24 maxlen: 24
162.128.237.0/24 maxlen: 24
162.128.238.0/24 maxlen: 24
162.128.239.0/24 maxlen: 24
162.128.240.0/24 maxlen: 24
162.128.241.0/24 maxlen: 24
162.128.242.0/24 maxlen: 24
162.128.243.0/24 maxlen: 24
162.128.244.0/24 maxlen: 24
162.128.245.0/24 maxlen: 24
162.128.246.0/24 maxlen: 24
162.128.247.0/24 maxlen: 24
162.128.248.0/24 maxlen: 24
162.128.249.0/24 maxlen: 24
162.128.250.0/24 maxlen: 24
162.128.251.0/24 maxlen: 24
162.128.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 21:35:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2115 (0x843)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EDB37, serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Validity
Not Before: Mar 24 06:13:16 2026 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=69c22b7c-ceeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:8b:ed:03:4a:25:9b:3e:9d:74:a4:55:dc:08:
e5:4c:45:8c:f5:64:5f:22:ab:5d:a8:38:28:c1:e0:
35:73:6d:5d:f0:c5:bd:df:af:4a:07:5c:e1:ca:19:
b8:fc:1e:2a:58:41:91:44:59:0b:1f:05:e6:c7:c2:
fb:07:9e:79:26:e1:85:5c:48:6b:96:48:15:7a:b9:
82:e5:7a:f9:f5:22:d7:d7:e1:68:20:a0:08:15:36:
52:05:bb:e5:72:8e:e6:43:91:63:2b:de:55:29:fa:
32:09:0f:26:2e:d5:5a:70:5d:00:cb:08:b1:12:0e:
e8:b5:96:d4:24:be:71:00:fc:41:ba:b4:8f:7a:ce:
4c:45:67:27:65:90:6d:ab:1e:06:9a:4a:1f:3e:e3:
08:44:dd:1d:13:66:5c:4a:7f:22:74:73:9e:34:71:
59:8c:8c:e9:1f:5a:aa:80:b1:32:35:f8:25:0a:b3:
37:75:5a:0e:67:e4:4d:33:47:6f:14:ad:16:9d:d9:
a2:59:49:44:09:6b:b7:55:2b:cd:c2:08:06:16:11:
ca:3b:83:dc:05:ed:f4:7c:0c:06:19:b3:e5:66:ea:
e0:ac:46:ee:00:83:65:07:6a:fa:2a:69:dc:0f:ff:
cf:8c:fb:1c:8e:1e:4f:3f:3a:05:87:7e:12:56:f6:
81:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:57:EA:F6:68:D8:29:0D:22:1E:A4:FD:AC:8B:F1:F9:28:D2:38:F0
X509v3 Authority Key Identifier:
keyid:95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
129.227.17.0-129.227.19.255
129.227.29.0-129.227.31.255
129.227.63.0/24
129.227.176.0/23
129.227.192.0/22
156.59.16.0/22
156.59.37.0/24
156.59.48.0/21
156.59.73.0/24
156.59.80.0/21
156.59.94.0/23
156.59.108.0/24
156.59.123.0/24
156.59.128.0/20
156.59.146.0/24
156.59.216.0/24
156.59.224.0/23
156.59.241.0/24
156.59.255.0/24
162.128.43.0-162.128.44.255
162.128.53.0-162.128.63.255
162.128.140.0/24
162.128.149.0-162.128.151.255
162.128.183.0/24
162.128.186.0/24
162.128.196.0-162.128.211.255
162.128.213.0-162.128.251.255
162.128.254.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:3b:23:ff:6c:4b:06:68:ca:90:82:83:eb:bc:0e:21:90:5b:
c4:ec:e8:32:6b:6a:d8:24:87:19:eb:2a:69:c6:9b:d6:02:7c:
4a:09:4c:d4:76:c1:5a:d2:ca:44:8d:7a:19:5f:bd:17:ce:4d:
2e:01:40:9f:23:9c:29:d0:2e:da:4e:bc:82:ea:b3:cf:c4:9b:
74:cd:0b:03:4a:ab:0c:01:50:ce:fe:28:04:7e:f8:1a:9d:50:
23:30:08:29:26:b1:75:70:d5:47:b2:f0:b3:3a:5d:fc:86:19:
08:bb:21:7f:48:60:4c:5b:55:9d:44:0a:24:fc:6e:eb:cc:7a:
d0:07:07:82:45:a5:63:42:4d:e5:1e:43:b9:3a:c3:ec:f9:f9:
a3:df:13:89:31:d0:5f:a8:3e:54:55:e6:f6:b8:0a:64:2c:ab:
b2:c8:04:3e:d0:cc:ea:8b:96:fc:33:a3:93:79:78:99:da:91:
a3:89:bb:b1:19:8d:0d:54:cb:56:2d:07:8c:06:5e:74:cf:a2:
78:e9:3b:49:ec:d2:9b:b0:fe:88:1c:a7:9c:51:0e:7d:aa:26:
70:82:2b:29:db:2f:c6:a7:b8:06:60:37:e6:44:2c:7e:7e:53:
56:3a:2f:c3:d8:b9:9b:0a:a8:e1:88:53:f4:7a:8e:5d:1c:3d:
b5:75:a6:56
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgICCEMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RURCMzcxMTAvBgNVBAUTKDk1RkVCRTkzQTMzQTMzOTRCRDFGNjBEQ0JCRERCOUZE
RTA3MkI3RjMwHhcNMjYwMzI0MDYxMzE2WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWMyMmI3Yy1jZWViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmYvtA0olmz6ddKRV3AjlTEWM9WRfIqtdqDgoweA1c21d8MW9369KB1zhyhm4
/B4qWEGRRFkLHwXmx8L7B555JuGFXEhrlkgVermC5Xr59SLX1+FoIKAIFTZSBbvl
co7mQ5FjK95VKfoyCQ8mLtVacF0AywixEg7otZbUJL5xAPxBurSPes5MRWcnZZBt
qx4GmkofPuMIRN0dE2ZcSn8idHOeNHFZjIzpH1qqgLEyNfglCrM3dVoOZ+RNM0dv
FK0WndmiWUlECWu3VSvNwggGFhHKO4PcBe30fAwGGbPlZurgrEbuAINlB2r6Kmnc
D//PjPscjh5PPzoFh34SVvaBfwIDAQABo4IDPzCCAzswHQYDVR0OBBYEFINX6vZo
2CkNIh6k/ayL8fko0jjwMB8GA1UdIwQYMBaAFJX+vpOjOjOUvR9g3Lvduf3gcrfz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFREIzNy80REU2MzVFMDc4
QTAxMUVCOTUwRDMxNzVDNEY5QUUwMi9sZjYtazZNNk01UzlIMkRjdTkyNV9lQnl0
X00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2xmNi1rNk02TTVTOUgyRGN1OTI1X2VCeXRfTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RURCMzcvNERFNjM1RTA3OEEwMTFFQjk1MEQzMTc1QzRGOUFFMDIvQjMyRjgwMjY3
QkQxMTFFQkJCMjIzQzg0QzRGOUFFMDIucm9hMIH9BggrBgEFBQcBBwEB/wSB7TCB
6jCB5wQCAAEwgeAwDAMEAIHjEQMEAoHjEDAMAwQAgeMdAwQFgeMAAwQAgeM/AwQB
geOwAwQCgePAAwQCnDsQAwQAnDslAwQDnDswAwQAnDtJAwQDnDtQAwQBnDteAwQA
nDtsAwQAnDt7AwQEnDuAAwQAnDuSAwQAnDvYAwQBnDvgAwQAnDvxAwQAnDv/MAwD
BACigCsDBACigCwwDAMEAKKANQMEBqKAAAMEAKKAjDAMAwQAooCVAwQDooCQAwQA
ooC3AwQAooC6MAwDBAKigMQDBAKigNAwDAMEAKKA1QMEAqKA+AMEAKKA/jANBgkq
hkiG9w0BAQsFAAOCAQEApDsj/2xLBmjKkIKD67wOIZBbxOzoMmtq2CSHGesqacab
1gJ8SglM1HbBWtLKRI16GV+9F85NLgFAnyOcKdAu2k68guqzz8SbdM0LA0qrDAFQ
zv4oBH74Gp1QIzAIKSaxdXDVR7Lwszpd/IYZCLshf0hgTFtVnUQKJPxu68x60AcH
gkWlY0JN5R5DuTrD7Pn5o98TiTHQX6g+VFXm9rgKZCyrssgEPtDM6ouW/DOjk3l4
mdqRo4m7sRmNDVTLVi0HjAZedM+ieOk7SezSm7D+iBynnFEOfaomcIIrKdsvxqe4
BmA35kQsfn5TVjovw9i5mwqo4YhT9HqOXRw9tXWmVg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 22:40:06 2026 by rpki-client