Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
File: B32F80267BD111EBBB223C84C4F9AE02.roa (raw, json)
Hash identifier: 9ATgScnXRRCae0xLAN/oC0Nsc5Un4O4AKZyNpZsovaI=
Subject key identifier: D3:9B:3F:C1:A4:F6:FD:43:AF:BC:E3:54:BE:D3:1E:DF:66:A9:0C:77
Certificate issuer: /CN=A91EDB37/serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Certificate serial: 086C
Authority key identifier: 95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
Signing time: Wed 06 May 2026 07:35:18 +0000
ROA not before: Wed 06 May 2026 07:35:18 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 21859
IP address blocks: 129.227.17.0/24 maxlen: 24
129.227.18.0/24 maxlen: 24
129.227.19.0/24 maxlen: 24
129.227.29.0/24 maxlen: 24
129.227.30.0/24 maxlen: 24
129.227.31.0/24 maxlen: 24
129.227.63.0/24 maxlen: 24
129.227.176.0/23 maxlen: 24
129.227.192.0/24 maxlen: 24
129.227.193.0/24 maxlen: 24
129.227.194.0/23 maxlen: 24
156.59.16.0/22 maxlen: 24
156.59.37.0/24 maxlen: 24
156.59.48.0/23 maxlen: 24
156.59.50.0/23 maxlen: 24
156.59.52.0/22 maxlen: 24
156.59.73.0/24 maxlen: 24
156.59.80.0/21 maxlen: 24
156.59.94.0/23 maxlen: 24
156.59.108.0/24 maxlen: 24
156.59.123.0/24 maxlen: 24
156.59.128.0/21 maxlen: 24
156.59.136.0/21 maxlen: 24
156.59.146.0/24 maxlen: 24
156.59.216.0/24 maxlen: 24
156.59.224.0/24 maxlen: 24
156.59.225.0/24 maxlen: 24
156.59.241.0/24 maxlen: 24
156.59.255.0/24 maxlen: 24
162.128.43.0/24 maxlen: 24
162.128.44.0/24 maxlen: 24
162.128.53.0/24 maxlen: 24
162.128.54.0/24 maxlen: 24
162.128.55.0/24 maxlen: 24
162.128.56.0/24 maxlen: 24
162.128.57.0/24 maxlen: 24
162.128.58.0/24 maxlen: 24
162.128.59.0/24 maxlen: 24
162.128.60.0/24 maxlen: 24
162.128.61.0/24 maxlen: 24
162.128.62.0/24 maxlen: 24
162.128.63.0/24 maxlen: 24
162.128.96.0/24 maxlen: 24
162.128.97.0/24 maxlen: 24
162.128.98.0/24 maxlen: 24
162.128.134.0/24 maxlen: 24
162.128.135.0/24 maxlen: 24
162.128.140.0/24 maxlen: 24
162.128.149.0/24 maxlen: 24
162.128.150.0/24 maxlen: 24
162.128.151.0/24 maxlen: 24
162.128.156.0/24 maxlen: 24
162.128.183.0/24 maxlen: 24
162.128.186.0/24 maxlen: 24
162.128.196.0/24 maxlen: 24
162.128.197.0/24 maxlen: 24
162.128.198.0/24 maxlen: 24
162.128.199.0/24 maxlen: 24
162.128.200.0/24 maxlen: 24
162.128.201.0/24 maxlen: 24
162.128.202.0/24 maxlen: 24
162.128.203.0/24 maxlen: 24
162.128.204.0/24 maxlen: 24
162.128.205.0/24 maxlen: 24
162.128.206.0/24 maxlen: 24
162.128.207.0/24 maxlen: 24
162.128.208.0/24 maxlen: 24
162.128.209.0/24 maxlen: 24
162.128.210.0/24 maxlen: 24
162.128.211.0/24 maxlen: 24
162.128.213.0/24 maxlen: 24
162.128.214.0/24 maxlen: 24
162.128.215.0/24 maxlen: 24
162.128.216.0/24 maxlen: 24
162.128.217.0/24 maxlen: 24
162.128.218.0/24 maxlen: 24
162.128.219.0/24 maxlen: 24
162.128.220.0/24 maxlen: 24
162.128.221.0/24 maxlen: 24
162.128.222.0/24 maxlen: 24
162.128.223.0/24 maxlen: 24
162.128.224.0/24 maxlen: 24
162.128.225.0/24 maxlen: 24
162.128.226.0/24 maxlen: 24
162.128.227.0/24 maxlen: 24
162.128.228.0/24 maxlen: 24
162.128.229.0/24 maxlen: 24
162.128.230.0/24 maxlen: 24
162.128.231.0/24 maxlen: 24
162.128.232.0/24 maxlen: 24
162.128.233.0/24 maxlen: 24
162.128.234.0/24 maxlen: 24
162.128.235.0/24 maxlen: 24
162.128.236.0/24 maxlen: 24
162.128.237.0/24 maxlen: 24
162.128.238.0/24 maxlen: 24
162.128.239.0/24 maxlen: 24
162.128.240.0/24 maxlen: 24
162.128.241.0/24 maxlen: 24
162.128.242.0/24 maxlen: 24
162.128.243.0/24 maxlen: 24
162.128.244.0/24 maxlen: 24
162.128.245.0/24 maxlen: 24
162.128.246.0/24 maxlen: 24
162.128.247.0/24 maxlen: 24
162.128.248.0/24 maxlen: 24
162.128.249.0/24 maxlen: 24
162.128.250.0/24 maxlen: 24
162.128.251.0/24 maxlen: 24
162.128.252.0/24 maxlen: 24
162.128.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 19 May 2026 14:50:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2156 (0x86c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EDB37, serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Validity
Not Before: May 6 07:35:18 2026 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=69faef36-33be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:df:5d:aa:86:d6:86:e0:a9:40:d3:fb:a8:3c:
ba:9b:47:20:de:a6:4e:8d:d2:d8:dc:c8:ed:76:72:
f4:58:c2:7e:08:06:3f:61:f6:23:6e:f6:2f:9d:b9:
b3:41:4f:c1:41:e7:fb:d5:86:2a:d2:1e:7b:7e:79:
d1:29:05:5c:89:e3:12:12:19:cc:cc:39:dc:1f:4f:
81:c8:c7:c6:36:6a:31:9f:87:47:85:ab:39:76:52:
ba:a6:e5:89:36:91:85:48:ba:a7:44:7a:6d:10:ff:
70:f9:23:f5:9a:00:68:25:df:e2:fc:0c:5c:6e:73:
8d:63:04:a7:a2:24:fe:92:33:ed:58:06:77:ea:38:
de:67:d5:08:9b:87:ea:6d:8d:56:07:bd:42:7e:b6:
c8:b4:93:e4:07:a0:b3:b2:83:84:0e:40:38:91:91:
46:84:48:ba:81:90:f9:72:47:2a:3e:b8:e2:35:00:
53:1e:cd:a3:97:db:c9:d8:19:17:a3:95:e8:ff:93:
ed:65:52:ba:2c:ef:11:b5:8f:9b:b5:df:d3:e5:a5:
e0:90:80:2e:01:0b:6e:32:56:b1:0b:25:af:3f:c3:
02:02:10:b8:50:fb:13:53:a4:34:4c:4d:c1:3c:97:
71:b7:96:03:f2:64:a0:05:ca:c9:65:d3:06:14:17:
62:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:9B:3F:C1:A4:F6:FD:43:AF:BC:E3:54:BE:D3:1E:DF:66:A9:0C:77
X509v3 Authority Key Identifier:
keyid:95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
129.227.17.0-129.227.19.255
129.227.29.0-129.227.31.255
129.227.63.0/24
129.227.176.0/23
129.227.192.0/22
156.59.16.0/22
156.59.37.0/24
156.59.48.0/21
156.59.73.0/24
156.59.80.0/21
156.59.94.0/23
156.59.108.0/24
156.59.123.0/24
156.59.128.0/20
156.59.146.0/24
156.59.216.0/24
156.59.224.0/23
156.59.241.0/24
156.59.255.0/24
162.128.43.0-162.128.44.255
162.128.53.0-162.128.63.255
162.128.96.0-162.128.98.255
162.128.134.0/23
162.128.140.0/24
162.128.149.0-162.128.151.255
162.128.156.0/24
162.128.183.0/24
162.128.186.0/24
162.128.196.0-162.128.211.255
162.128.213.0-162.128.252.255
162.128.254.0/24
Signature Algorithm: sha256WithRSAEncryption
46:d3:1a:14:1c:09:15:23:97:aa:18:61:cb:0c:70:81:bb:0a:
8f:1d:47:e6:a8:cc:1c:1d:dc:61:b7:33:00:44:82:3b:c3:48:
35:3b:29:6e:7a:7a:f0:24:d3:35:ed:e1:51:ca:0f:b3:b4:ed:
c0:c9:81:8a:6c:93:38:b9:89:b6:21:cb:16:91:05:4f:68:13:
95:f1:3d:f2:a1:ec:8e:e3:4e:b5:ed:dc:42:98:ab:aa:71:99:
4e:55:73:ef:8d:bd:1e:59:d4:ca:9a:e5:b6:95:ac:c6:8b:5d:
61:0d:00:91:75:6f:14:34:26:71:f7:bf:ca:96:03:b4:b9:39:
75:21:93:cf:c9:93:b7:60:05:b3:f0:de:32:0b:f0:32:68:cd:
fd:a1:c8:3e:2b:e9:d2:98:6c:a7:84:65:c7:12:4f:d9:77:64:
e0:76:b7:28:f6:db:93:90:b5:c6:c5:c4:17:89:a3:fd:4b:9b:
91:49:1d:d8:ed:dd:cd:ad:52:4d:e8:c2:3d:f9:b9:aa:8a:c6:
e5:49:b0:c2:9b:90:f2:69:e3:2b:af:75:0c:c7:f8:77:14:ed:
81:99:3f:47:2a:9f:9d:f0:15:0d:61:8c:25:22:21:cf:53:9c:
10:9d:d4:50:dd:59:a5:de:81:0e:6e:e0:a7:1e:25:f2:26:e9:
3f:78:56:f7
-----BEGIN CERTIFICATE-----
MIIGOTCCBSGgAwIBAgICCGwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RURCMzcxMTAvBgNVBAUTKDk1RkVCRTkzQTMzQTMzOTRCRDFGNjBEQ0JCRERCOUZE
RTA3MkI3RjMwHhcNMjYwNTA2MDczNTE4WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWZhZWYzNi0zM2JlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApt9dqobWhuCpQNP7qDy6m0cg3qZOjdLY3MjtdnL0WMJ+CAY/YfYjbvYvnbmz
QU/BQef71YYq0h57fnnRKQVcieMSEhnMzDncH0+ByMfGNmoxn4dHhas5dlK6puWJ
NpGFSLqnRHptEP9w+SP1mgBoJd/i/AxcbnONYwSnoiT+kjPtWAZ36jjeZ9UIm4fq
bY1WB71CfrbItJPkB6CzsoOEDkA4kZFGhEi6gZD5ckcqPrjiNQBTHs2jl9vJ2BkX
o5Xo/5PtZVK6LO8RtY+btd/T5aXgkIAuAQtuMlaxCyWvP8MCAhC4UPsTU6Q0TE3B
PJdxt5YD8mSgBcrJZdMGFBdiNwIDAQABo4IDXTCCA1kwHQYDVR0OBBYEFNObP8Gk
9v1Dr7zjVL7THt9mqQx3MB8GA1UdIwQYMBaAFJX+vpOjOjOUvR9g3Lvduf3gcrfz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFREIzNy80REU2MzVFMDc4
QTAxMUVCOTUwRDMxNzVDNEY5QUUwMi9sZjYtazZNNk01UzlIMkRjdTkyNV9lQnl0
X00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2xmNi1rNk02TTVTOUgyRGN1OTI1X2VCeXRfTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RURCMzcvNERFNjM1RTA3OEEwMTFFQjk1MEQzMTc1QzRGOUFFMDIvQjMyRjgwMjY3
QkQxMTFFQkJCMjIzQzg0QzRGOUFFMDIucm9hMIIBGgYIKwYBBQUHAQcBAf8EggEJ
MIIBBTCCAQEEAgABMIH6MAwDBACB4xEDBAKB4xAwDAMEAIHjHQMEBYHjAAMEAIHj
PwMEAYHjsAMEAoHjwAMEApw7EAMEAJw7JQMEA5w7MAMEAJw7SQMEA5w7UAMEAZw7
XgMEAJw7bAMEAJw7ewMEBJw7gAMEAJw7kgMEAJw72AMEAZw74AMEAJw78QMEAJw7
/zAMAwQAooArAwQAooAsMAwDBACigDUDBAaigAAwDAMEBaKAYAMEAKKAYgMEAaKA
hgMEAKKAjDAMAwQAooCVAwQDooCQAwQAooCcAwQAooC3AwQAooC6MAwDBAKigMQD
BAKigNAwDAMEAKKA1QMEAKKA/AMEAKKA/jANBgkqhkiG9w0BAQsFAAOCAQEARtMa
FBwJFSOXqhhhywxwgbsKjx1H5qjMHB3cYbczAESCO8NINTspbnp68CTTNe3hUcoP
s7TtwMmBimyTOLmJtiHLFpEFT2gTlfE98qHsjuNOte3cQpirqnGZTlVz7429HlnU
yprltpWsxotdYQ0AkXVvFDQmcfe/ypYDtLk5dSGTz8mTt2AFs/DeMgvwMmjN/aHI
Pivp0phsp4RlxxJP2Xdk4Ha3KPbbk5C1xsXEF4mj/UubkUkd2O3dza1STejCPfm5
qorG5UmwwpuQ8mnjK691DMf4dxTtgZk/RyqfnfAVDWGMJSIhz1OcEJ3UUN1Zpd6B
Dm7gpx4l8ibpP3hW9w==
-----END CERTIFICATE-----
Generated at Wed May 13 05:21:43 2026 by rpki-client