Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EFC72/075F6968E60D11EBB09F6A61C4F9AE02/42DB2A2A4E6511ECA2CED527C4F9AE02.roa
File: 42DB2A2A4E6511ECA2CED527C4F9AE02.roa (raw, json)
Hash identifier: QmbK+GEFj9l9VtwhhEw8EATsB9n6got5ov9q1qTGzdo=
Subject key identifier: 26:74:B9:78:67:02:08:66:83:93:BF:67:CB:84:E7:9E:B4:C1:50:87
Certificate issuer: /CN=A91EFC72/serialNumber=B7A7A9FFBEC713F84E0B5180AF76DEB16E729229
Certificate serial: 0623
Authority key identifier: B7:A7:A9:FF:BE:C7:13:F8:4E:0B:51:80:AF:76:DE:B1:6E:72:92:29
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t6ep_77HE_hOC1GAr3besW5ykik.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EFC72/075F6968E60D11EBB09F6A61C4F9AE02/42DB2A2A4E6511ECA2CED527C4F9AE02.roa
Signing time: Thu 12 Mar 2026 07:04:06 +0000
ROA not before: Thu 12 Mar 2026 07:04:06 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 10132
IP address blocks: 61.4.0.0/18 maxlen: 18
61.4.9.0/24 maxlen: 24
61.4.10.0/24 maxlen: 24
61.4.11.0/24 maxlen: 24
61.4.12.0/24 maxlen: 24
61.4.13.0/24 maxlen: 24
61.4.14.0/24 maxlen: 24
61.4.15.0/24 maxlen: 24
61.4.16.0/24 maxlen: 24
61.4.23.0/24 maxlen: 24
61.4.24.0/24 maxlen: 24
61.4.25.0/24 maxlen: 24
61.4.26.0/24 maxlen: 24
61.4.27.0/24 maxlen: 24
61.4.28.0/24 maxlen: 24
61.4.29.0/24 maxlen: 24
61.4.30.0/24 maxlen: 24
61.4.31.0/24 maxlen: 24
61.4.32.0/23 maxlen: 23
61.4.36.0/24 maxlen: 24
61.4.37.0/24 maxlen: 24
61.4.39.0/24 maxlen: 24
61.4.40.0/24 maxlen: 24
61.4.42.0/23 maxlen: 23
61.4.44.0/24 maxlen: 24
61.4.48.0/22 maxlen: 22
61.4.52.0/22 maxlen: 22
61.4.56.0/23 maxlen: 23
61.4.58.0/23 maxlen: 23
113.212.192.0/18 maxlen: 18
113.212.196.0/23 maxlen: 23
113.212.198.0/23 maxlen: 23
113.212.200.0/23 maxlen: 23
113.212.202.0/23 maxlen: 23
113.212.208.0/22 maxlen: 22
113.212.212.0/22 maxlen: 22
113.212.216.0/21 maxlen: 21
113.212.216.0/24 maxlen: 24
113.212.217.0/24 maxlen: 24
113.212.219.0/24 maxlen: 24
113.212.220.0/23 maxlen: 23
113.212.222.0/23 maxlen: 23
113.212.224.0/21 maxlen: 21
113.212.224.0/24 maxlen: 24
113.212.225.0/24 maxlen: 24
113.212.229.0/24 maxlen: 24
113.212.230.0/24 maxlen: 24
113.212.231.0/24 maxlen: 24
113.212.232.0/21 maxlen: 21
113.212.232.0/22 maxlen: 22
113.212.232.0/24 maxlen: 24
113.212.233.0/24 maxlen: 24
113.212.234.0/24 maxlen: 24
113.212.235.0/24 maxlen: 24
113.212.236.0/24 maxlen: 24
113.212.237.0/24 maxlen: 24
113.212.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EFC72/075F6968E60D11EBB09F6A61C4F9AE02/t6ep_77HE_hOC1GAr3besW5ykik.crl
rsync://rpki.apnic.net/member_repository/A91EFC72/075F6968E60D11EBB09F6A61C4F9AE02/t6ep_77HE_hOC1GAr3besW5ykik.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t6ep_77HE_hOC1GAr3besW5ykik.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 22:36:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1571 (0x623)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EFC72, serialNumber=B7A7A9FFBEC713F84E0B5180AF76DEB16E729229
Validity
Not Before: Mar 12 07:04:06 2026 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=69b26566-973d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:1a:11:55:3a:f6:a2:f5:17:ee:78:ae:3d:1e:
ec:25:45:66:37:36:3f:7f:7c:97:ae:df:5e:4a:d2:
e0:24:64:b4:2b:cc:16:7a:ae:ab:78:1a:8a:8c:43:
16:33:6a:fa:df:7c:ea:51:3a:7e:d3:0b:0b:ec:25:
a5:c0:0b:af:0a:ca:28:74:64:c6:87:53:67:93:0a:
a2:f6:1c:9f:4e:17:a2:f8:12:f4:68:0b:a8:7e:e9:
e0:82:36:b0:5b:b6:6b:ed:61:b9:ae:10:e6:99:0c:
9d:08:77:e4:5b:29:c7:04:e6:7d:3e:3c:8f:52:d2:
86:a3:59:de:23:87:d1:be:94:8c:8d:19:f4:a2:29:
91:e4:86:fd:35:ea:ce:2b:94:67:14:c9:86:99:79:
03:6c:82:c4:3e:c8:37:93:ad:86:f8:38:75:45:a0:
95:b5:db:02:b8:1b:8c:ce:66:68:77:d0:0c:03:5f:
40:01:38:fb:5d:3d:ed:ca:de:ab:8d:b0:5c:57:de:
e2:fb:04:2c:4b:72:05:32:66:df:16:eb:b9:b7:c4:
4a:32:d6:1b:22:03:95:0a:2d:17:c2:c6:6a:92:94:
99:3f:3d:f0:cd:d1:e3:cf:4c:b6:d4:fb:17:6a:db:
d3:17:e0:42:e9:91:28:be:86:e2:0c:c1:6b:d2:4d:
d8:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:74:B9:78:67:02:08:66:83:93:BF:67:CB:84:E7:9E:B4:C1:50:87
X509v3 Authority Key Identifier:
keyid:B7:A7:A9:FF:BE:C7:13:F8:4E:0B:51:80:AF:76:DE:B1:6E:72:92:29
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EFC72/075F6968E60D11EBB09F6A61C4F9AE02/t6ep_77HE_hOC1GAr3besW5ykik.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t6ep_77HE_hOC1GAr3besW5ykik.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EFC72/075F6968E60D11EBB09F6A61C4F9AE02/42DB2A2A4E6511ECA2CED527C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
61.4.0.0/18
113.212.192.0/18
Signature Algorithm: sha256WithRSAEncryption
73:51:5a:bb:7d:d9:e4:a5:10:6d:8d:20:7f:20:90:fa:26:37:
80:95:ba:d6:6d:1c:6f:ea:93:2f:a2:b1:80:8e:fa:4d:7b:83:
b2:0a:bd:f1:1b:9d:f2:aa:87:4e:63:81:1d:eb:dc:b7:b8:d6:
41:23:2c:62:7c:83:e7:b6:86:0a:3e:0b:50:98:c1:b1:1e:39:
a9:1c:d2:ac:7f:f6:3a:35:dd:3d:91:b8:45:42:ee:81:a1:92:
d9:ee:5a:73:2c:70:45:a7:68:b7:56:72:69:ea:d4:e6:fb:5c:
7e:bd:28:85:a9:1f:35:b7:e1:e1:fd:37:19:ca:fb:70:9c:62:
3c:2c:2f:77:1d:2b:81:a4:f7:b0:22:f3:fe:f4:02:b3:80:b7:
07:bd:a5:5c:7a:de:29:ce:f9:0d:cc:89:dd:f3:ad:a5:bb:60:
24:e8:f6:de:cf:e2:d9:6c:64:48:b9:11:af:8a:a5:a2:a0:05:
55:76:e3:80:c5:0c:37:79:db:20:73:86:0f:43:a3:9f:7b:13:
f7:b0:4d:96:8b:01:64:68:49:3f:23:b8:68:e5:a3:a4:ec:53:
f2:f2:67:e4:fd:ee:9c:2e:53:b6:69:53:37:0c:e8:9c:26:35:
f4:0f:f5:84:62:1c:2a:ad:00:f1:55:0b:36:39:46:2d:20:f6:
19:6a:2d:55
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgICBiMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUZDNzIxMTAvBgNVBAUTKEI3QTdBOUZGQkVDNzEzRjg0RTBCNTE4MEFGNzZERUIx
NkU3MjkyMjkwHhcNMjYwMzEyMDcwNDA2WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWIyNjU2Ni05NzNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1BoRVTr2ovUX7niuPR7sJUVmNzY/f3yXrt9eStLgJGS0K8wWeq6reBqKjEMW
M2r633zqUTp+0wsL7CWlwAuvCsoodGTGh1Nnkwqi9hyfThei+BL0aAuofunggjaw
W7Zr7WG5rhDmmQydCHfkWynHBOZ9PjyPUtKGo1neI4fRvpSMjRn0oimR5Ib9NerO
K5RnFMmGmXkDbILEPsg3k62G+Dh1RaCVtdsCuBuMzmZod9AMA19AATj7XT3tyt6r
jbBcV97i+wQsS3IFMmbfFuu5t8RKMtYbIgOVCi0XwsZqkpSZPz3wzdHjz0y21PsX
atvTF+BC6ZEovobiDMFr0k3YvQIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFCZ0uXhn
Aghmg5O/Z8uE5560wVCHMB8GA1UdIwQYMBaAFLenqf++xxP4TgtRgK923rFucpIp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRkM3Mi8wNzVGNjk2OEU2
MEQxMUVCQjA5RjZBNjFDNEY5QUUwMi90NmVwXzc3SEVfaE9DMUdBcjNiZXNXNXlr
aWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Q2ZXBfNzdIRV9oT0MxR0FyM2Jlc1c1eWtpay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUZDNzIvMDc1RjY5NjhFNjBEMTFFQkIwOUY2QTYxQzRGOUFFMDIvNDJEQjJBMkE0
RTY1MTFFQ0EyQ0VENTI3QzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS
BAIAATAMAwQGPQQAAwQGcdTAMA0GCSqGSIb3DQEBCwUAA4IBAQBzUVq7fdnkpRBt
jSB/IJD6JjeAlbrWbRxv6pMvorGAjvpNe4OyCr3xG53yqodOY4Ed69y3uNZBIyxi
fIPntoYKPgtQmMGxHjmpHNKsf/Y6Nd09kbhFQu6BoZLZ7lpzLHBFp2i3VnJp6tTm
+1x+vSiFqR81t+Hh/TcZyvtwnGI8LC93HSuBpPewIvP+9AKzgLcHvaVcet4pzvkN
zInd862lu2Ak6Pbez+LZbGRIuRGviqWioAVVduOAxQw3edsgc4YPQ6OfexP3sE2W
iwFkaEk/I7ho5aOk7FPy8mfk/e6cLlO2aVM3DOicJjX0D/WEYhwqrQDxVQs2OUYt
IPYZai1V
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:12:08 2026 by rpki-client