Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8928/4DA7BB200B5B11EAA3EBC650C4F9AE02/93840DE204E611ED89D3B27BC4F9AE02.roa
File: 93840DE204E611ED89D3B27BC4F9AE02.roa (raw, json)
Hash identifier: QWsyMOMdVLm1yhdOxVTccCy4xdf3sx3MmQZgFSTUVkc=
Subject key identifier: F9:94:7A:4A:88:CC:F5:D1:48:2C:61:7F:EC:73:81:E9:56:71:67:B5
Certificate issuer: /CN=A91F8928/serialNumber=F5C9D30E9D0771CD07E51B2E4A52B52253ABD026
Certificate serial: 0D18
Authority key identifier: F5:C9:D3:0E:9D:07:71:CD:07:E5:1B:2E:4A:52:B5:22:53:AB:D0:26
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9cnTDp0Hcc0H5RsuSlK1IlOr0CY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F8928/4DA7BB200B5B11EAA3EBC650C4F9AE02/93840DE204E611ED89D3B27BC4F9AE02.roa
Signing time: Wed 06 May 2026 09:37:03 +0000
ROA not before: Wed 06 May 2026 09:37:03 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 55492
IP address blocks: 27.131.12.0/22 maxlen: 22
27.131.12.0/24 maxlen: 24
27.131.13.0/24 maxlen: 24
27.131.14.0/24 maxlen: 24
27.131.15.0/24 maxlen: 24
45.127.244.0/22 maxlen: 22
45.127.244.0/24 maxlen: 24
45.127.245.0/24 maxlen: 24
45.127.246.0/24 maxlen: 24
45.127.247.0/24 maxlen: 24
103.196.232.0/22 maxlen: 22
103.196.232.0/24 maxlen: 24
103.196.233.0/24 maxlen: 24
103.196.234.0/23 maxlen: 23
103.196.234.0/24 maxlen: 24
103.196.235.0/24 maxlen: 24
2401:c5c0::/35 maxlen: 35
2401:c5c0::/48 maxlen: 48
2401:c5c0:1::/48 maxlen: 48
2401:c5c0:2::/48 maxlen: 48
2401:c5c0:3::/48 maxlen: 48
2401:c5c0:4::/48 maxlen: 48
2401:c5c0:5::/48 maxlen: 48
2401:c5c0:6::/48 maxlen: 48
2401:c5c0:7::/48 maxlen: 48
2401:c5c0:d::/48 maxlen: 48
2401:c5c0:11::/48 maxlen: 48
2401:c5c0:12::/48 maxlen: 48
2401:c5c0:13::/48 maxlen: 48
2401:c5c0:14::/48 maxlen: 48
2401:c5c0:15::/48 maxlen: 48
2401:c5c0:16::/48 maxlen: 48
2401:c5c0:50::/48 maxlen: 48
2401:c5c0:60::/48 maxlen: 48
2401:c5c0:d1::/48 maxlen: 48
2401:c5c0:d2::/48 maxlen: 48
2401:c5c0:d3::/48 maxlen: 48
2401:c5c0:d4::/48 maxlen: 48
2401:c5c0:d5::/48 maxlen: 48
2401:c5c0:d6::/48 maxlen: 48
2401:c5c0:100::/48 maxlen: 48
2401:c5c0:200::/48 maxlen: 48
2401:c5c0:400::/42 maxlen: 42
2401:c5c0:400::/48 maxlen: 48
2401:c5c0:440::/42 maxlen: 42
2401:c5c0:440::/48 maxlen: 48
2401:c5c0:da0::/44 maxlen: 44
2401:c5c0:dfa::/48 maxlen: 48
2401:c5c0:dfb::/48 maxlen: 48
2401:c5c0:dfc::/48 maxlen: 48
2401:c5c0:dfd::/48 maxlen: 48
2401:c5c0:dfe::/48 maxlen: 48
2401:c5c0:3000::/36 maxlen: 36
2401:c5c0:4000::/34 maxlen: 34
2401:c5c0:8000::/34 maxlen: 34
2401:c5c0:c000::/34 maxlen: 34
2401:c5c0:dfb2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91F8928/4DA7BB200B5B11EAA3EBC650C4F9AE02/9cnTDp0Hcc0H5RsuSlK1IlOr0CY.crl
rsync://rpki.apnic.net/member_repository/A91F8928/4DA7BB200B5B11EAA3EBC650C4F9AE02/9cnTDp0Hcc0H5RsuSlK1IlOr0CY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9cnTDp0Hcc0H5RsuSlK1IlOr0CY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 19 May 2026 18:25:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3352 (0xd18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F8928, serialNumber=F5C9D30E9D0771CD07E51B2E4A52B52253ABD026
Validity
Not Before: May 6 09:37:03 2026 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=69fb0bbf-e72a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:b4:95:fc:42:67:55:72:69:40:69:ee:41:fa:
21:bf:6e:22:ca:92:4d:ee:4a:ab:37:5d:fd:25:4a:
eb:46:e8:d0:a1:59:06:3c:26:b6:7e:86:41:8e:00:
8a:11:5b:68:3c:40:c8:2e:ca:f7:6f:3f:03:16:70:
eb:ce:cd:3f:52:97:50:eb:ad:a5:14:33:30:4f:97:
c3:39:b6:2e:04:7e:07:7c:e1:41:80:bf:07:18:0f:
7f:ce:bf:e0:14:b9:f4:2a:37:6e:a3:24:0b:b4:41:
fa:76:89:e3:1d:ba:5b:29:ab:af:86:2e:b3:39:11:
e5:94:b3:8e:d8:94:14:be:6f:36:81:54:b8:f4:be:
d4:b6:89:4b:21:7b:e9:f6:13:38:74:c1:78:1a:d9:
3d:9f:94:12:53:26:f9:f9:7a:6e:1e:10:05:71:2d:
2e:23:e9:2a:66:e0:2d:26:4b:e2:05:c3:98:ba:6f:
0c:65:fc:b0:71:1c:ef:81:a0:40:9f:8f:83:33:f9:
1a:bd:7d:ba:0c:20:1a:bb:84:18:9b:98:e0:bf:08:
fe:68:a9:7f:ef:1f:d0:34:2e:2c:27:6b:a5:b0:0c:
85:ff:a6:38:85:27:18:73:a2:7c:a5:de:8e:5e:38:
6f:27:67:51:eb:1f:16:77:a8:ee:b1:72:c9:40:4f:
7a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:94:7A:4A:88:CC:F5:D1:48:2C:61:7F:EC:73:81:E9:56:71:67:B5
X509v3 Authority Key Identifier:
keyid:F5:C9:D3:0E:9D:07:71:CD:07:E5:1B:2E:4A:52:B5:22:53:AB:D0:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F8928/4DA7BB200B5B11EAA3EBC650C4F9AE02/9cnTDp0Hcc0H5RsuSlK1IlOr0CY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9cnTDp0Hcc0H5RsuSlK1IlOr0CY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8928/4DA7BB200B5B11EAA3EBC650C4F9AE02/93840DE204E611ED89D3B27BC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
27.131.12.0/22
45.127.244.0/22
103.196.232.0/22
IPv6:
2401:c5c0::/35
2401:c5c0:3000::-2401:c5c0:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
75:9c:2f:45:76:e3:74:87:9f:15:fd:7a:37:78:37:1b:14:2c:
d7:aa:8c:ba:5f:62:9c:26:d4:3f:af:b1:63:79:80:fa:9a:48:
c4:37:20:1b:5e:d6:b2:04:4a:2e:04:67:6f:ee:50:db:14:f1:
0a:52:66:33:bc:18:6a:b4:e1:80:c6:15:62:29:ea:c4:02:20:
1d:06:44:95:6a:76:69:31:63:a3:95:ef:e6:4a:59:b1:b3:7d:
4e:2a:5a:12:91:ff:5a:83:0d:51:36:cc:22:3f:d6:db:51:8a:
f4:75:5e:92:ff:96:a2:b8:b6:b7:8a:3c:66:7b:dc:8a:6b:a8:
af:e7:75:f0:56:c4:47:9a:4d:71:05:fc:72:2d:97:fe:e7:61:
4e:79:5b:a7:43:0b:67:f0:dd:63:f6:6a:27:dd:e5:d2:30:6f:
34:69:4c:b6:6c:71:c0:65:a3:fa:60:0b:71:50:f4:f4:84:c5:
98:00:ca:ef:9f:1b:4b:f5:b3:9a:94:7e:40:94:a0:2d:f5:03:
9c:52:7a:ab:8d:c8:02:c8:a3:20:43:93:40:37:8b:cf:1f:2f:
bc:02:c4:a4:ee:7d:03:39:eb:b8:28:29:f1:3f:09:65:a7:19:
e4:12:ad:c1:5d:c6:60:f7:7c:c9:f0:1b:f9:2f:ee:a6:c0:5b:
e4:e4:9a:72
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgICDRgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Rjg5MjgxMTAvBgNVBAUTKEY1QzlEMzBFOUQwNzcxQ0QwN0U1MUIyRTRBNTJCNTIy
NTNBQkQwMjYwHhcNMjYwNTA2MDkzNzAzWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWZiMGJiZi1lNzJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5LSV/EJnVXJpQGnuQfohv24iypJN7kqrN139JUrrRujQoVkGPCa2foZBjgCK
EVtoPEDILsr3bz8DFnDrzs0/UpdQ662lFDMwT5fDObYuBH4HfOFBgL8HGA9/zr/g
FLn0KjduoyQLtEH6donjHbpbKauvhi6zORHllLOO2JQUvm82gVS49L7UtolLIXvp
9hM4dMF4Gtk9n5QSUyb5+XpuHhAFcS0uI+kqZuAtJkviBcOYum8MZfywcRzvgaBA
n4+DM/kavX26DCAau4QYm5jgvwj+aKl/7x/QNC4sJ2ulsAyF/6Y4hScYc6J8pd6O
XjhvJ2dR6x8Wd6jusXLJQE96MQIDAQABo4ICjTCCAokwHQYDVR0OBBYEFPmUekqI
zPXRSCxhf+xzgelWcWe1MB8GA1UdIwQYMBaAFPXJ0w6dB3HNB+UbLkpStSJTq9Am
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODkyOC80REE3QkIyMDBC
NUIxMUVBQTNFQkM2NTBDNEY5QUUwMi85Y25URHAwSGNjMEg1UnN1U2xLMUlsT3Iw
Q1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzljblREcDBIY2MwSDVSc3VTbEsxSWxPcjBDWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Rjg5MjgvNERBN0JCMjAwQjVCMTFFQUEzRUJDNjUwQzRGOUFFMDIvOTM4NDBERTIw
NEU2MTFFRDg5RDNCMjdCQzRGOUFFMDIucm9hMEwGCCsGAQUFBwEHAQH/BD0wOzAY
BAIAATASAwQCG4MMAwQCLX/0AwQCZ8ToMB8EAgACMBkDBgUkAcXAADAPAwYEJAHF
wDADBQAkAcXAMA0GCSqGSIb3DQEBCwUAA4IBAQB1nC9FduN0h58V/Xo3eDcbFCzX
qoy6X2KcJtQ/r7FjeYD6mkjENyAbXtayBEouBGdv7lDbFPEKUmYzvBhqtOGAxhVi
KerEAiAdBkSVanZpMWOjle/mSlmxs31OKloSkf9agw1RNswiP9bbUYr0dV6S/5ai
uLa3ijxme9yKa6iv53XwVsRHmk1xBfxyLZf+52FOeVunQwtn8N1j9mon3eXSMG80
aUy2bHHAZaP6YAtxUPT0hMWYAMrvnxtL9bOalH5AlKAt9QOcUnqrjcgCyKMgQ5NA
N4vPHy+8AsSk7n0DOeu4KCnxPwllpxnkEq3BXcZg93zJ8Bv5L+6mwFvk5Jpy
-----END CERTIFICATE-----
Generated at Wed May 13 10:53:22 2026 by rpki-client