Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9196172/E867CB100F1B11E9A5DBDB1BC4F9AE02/2D9B5B380F1D11E991F4271EC4F9AE02.roa
File: 2D9B5B380F1D11E991F4271EC4F9AE02.roa (raw, json)
Hash identifier: lxeqKAfftp8l/+8oi24pZrtZUmLlEQFjxUoLqXtuEV0=
Subject key identifier: B3:8A:2B:20:BC:44:B6:D0:0F:57:C5:0A:62:30:F1:39:FC:F1:CE:10
Certificate issuer: /CN=A9196172/serialNumber=6C3A7E02ACBB73A6635BDAFE022D785D00C447DB
Certificate serial: 11BB
Authority key identifier: 6C:3A:7E:02:AC:BB:73:A6:63:5B:DA:FE:02:2D:78:5D:00:C4:47:DB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bDp-Aqy7c6ZjW9r-Ai14XQDER9s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9196172/E867CB100F1B11E9A5DBDB1BC4F9AE02/2D9B5B380F1D11E991F4271EC4F9AE02.roa
Signing time: Tue 10 Feb 2026 17:15:10 +0000
ROA not before: Tue 10 Feb 2026 17:15:10 +0000
ROA not after: Sat 01 May 2027 00:00:00 +0000
asID: 56300
IP address blocks: 101.100.160.0/24 maxlen: 24
101.100.161.0/24 maxlen: 24
101.100.162.0/24 maxlen: 24
101.100.163.0/24 maxlen: 24
101.100.164.0/24 maxlen: 24
101.100.165.0/24 maxlen: 24
101.100.166.0/24 maxlen: 24
101.100.167.0/24 maxlen: 24
101.100.168.0/24 maxlen: 24
101.100.169.0/24 maxlen: 24
101.100.170.0/24 maxlen: 24
101.100.171.0/24 maxlen: 24
101.100.172.0/24 maxlen: 24
101.100.173.0/24 maxlen: 24
101.100.174.0/24 maxlen: 24
101.100.175.0/24 maxlen: 24
101.100.176.0/24 maxlen: 24
101.100.177.0/24 maxlen: 24
101.100.178.0/24 maxlen: 24
101.100.179.0/24 maxlen: 24
101.100.180.0/24 maxlen: 24
101.100.181.0/24 maxlen: 24
101.100.182.0/24 maxlen: 24
101.100.183.0/24 maxlen: 24
101.100.184.0/24 maxlen: 24
101.100.185.0/24 maxlen: 24
101.100.186.0/24 maxlen: 24
101.100.188.0/24 maxlen: 24
101.100.189.0/24 maxlen: 24
101.100.190.0/24 maxlen: 24
103.247.133.0/24 maxlen: 24
103.247.134.0/24 maxlen: 24
103.247.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9196172/E867CB100F1B11E9A5DBDB1BC4F9AE02/bDp-Aqy7c6ZjW9r-Ai14XQDER9s.crl
rsync://rpki.apnic.net/member_repository/A9196172/E867CB100F1B11E9A5DBDB1BC4F9AE02/bDp-Aqy7c6ZjW9r-Ai14XQDER9s.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bDp-Aqy7c6ZjW9r-Ai14XQDER9s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 25 Feb 2026 16:56:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4539 (0x11bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9196172, serialNumber=6C3A7E02ACBB73A6635BDAFE022D785D00C447DB
Validity
Not Before: Feb 10 17:15:10 2026 GMT
Not After : May 1 00:00:00 2027 GMT
Subject: CN=698b679e-7355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:24:cb:08:2d:bb:a7:ff:af:58:d2:2f:55:63:
c3:32:c5:f3:41:5b:40:67:e9:97:c1:f2:39:a8:ae:
5a:f7:b5:35:0e:17:70:90:56:e5:22:bc:3d:7c:b5:
ed:6b:9a:fa:f4:e9:00:92:dc:d1:9e:c3:65:bc:28:
27:28:be:31:78:97:1d:20:81:32:73:32:89:54:f4:
7c:7d:fc:c6:a0:a6:5a:c6:0e:fd:f9:9d:e3:63:39:
b6:b3:71:46:40:09:4e:16:52:ba:8f:4c:7f:7c:30:
91:da:20:af:97:db:f0:22:c4:1b:2f:b0:0f:32:c9:
4d:3a:ff:9d:a6:8f:ec:57:06:ac:87:d7:8b:18:60:
f5:4e:f3:c8:d6:9a:da:4b:87:f6:79:24:e8:bd:db:
45:ae:26:2a:7d:54:22:85:7b:02:15:96:9e:4c:a4:
58:cb:f8:1d:45:dd:64:4e:f3:eb:13:aa:b6:8d:fa:
c1:7f:5d:a5:49:74:dd:46:09:97:3f:24:95:ae:4a:
b1:ac:71:b6:88:31:33:95:f2:cb:31:14:7c:f8:cd:
4e:e8:27:e6:7c:41:0a:22:bc:57:ff:cf:6e:64:19:
29:76:f4:62:bb:52:84:17:89:81:ca:f2:a1:4b:43:
e6:80:79:a6:00:31:41:f7:51:83:17:97:53:05:a7:
73:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:8A:2B:20:BC:44:B6:D0:0F:57:C5:0A:62:30:F1:39:FC:F1:CE:10
X509v3 Authority Key Identifier:
keyid:6C:3A:7E:02:AC:BB:73:A6:63:5B:DA:FE:02:2D:78:5D:00:C4:47:DB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9196172/E867CB100F1B11E9A5DBDB1BC4F9AE02/bDp-Aqy7c6ZjW9r-Ai14XQDER9s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bDp-Aqy7c6ZjW9r-Ai14XQDER9s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9196172/E867CB100F1B11E9A5DBDB1BC4F9AE02/2D9B5B380F1D11E991F4271EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.100.160.0-101.100.186.255
101.100.188.0-101.100.190.255
103.247.133.0-103.247.135.255
Signature Algorithm: sha256WithRSAEncryption
64:32:fd:a3:f2:1a:af:4e:b5:97:6e:a9:56:c0:3d:a1:92:69:
ea:b9:a1:bf:20:ce:fb:4e:ec:9f:17:4f:e7:7b:d5:10:28:09:
ed:29:22:fa:61:c0:dd:b5:d2:c8:b2:c0:a1:d9:0e:13:c1:41:
22:2a:f6:b7:d2:ed:17:05:20:45:b7:2d:46:58:60:5c:bc:87:
b6:3e:70:b2:a4:9d:d8:bf:27:52:7e:30:0a:06:9c:f5:ac:2e:
95:64:b4:c2:2c:fd:57:67:94:cc:ad:74:2a:97:5e:28:22:4d:
4f:ec:f2:e3:0d:08:fd:50:81:48:64:f8:40:bd:04:af:cd:40:
2e:be:95:28:38:9a:71:e5:09:be:f2:81:65:5e:c7:c0:89:4b:
a8:a6:19:04:98:a8:e4:2e:32:cb:6e:4c:20:7c:cf:0e:7f:f2:
7d:8e:63:f2:8b:34:0f:cc:98:1e:c2:45:fa:c4:bc:1b:92:12:
5e:4a:e8:f0:73:66:7a:a2:af:8c:c3:50:d6:82:02:4e:7c:2d:
45:79:b2:f6:a8:ec:1b:be:4a:fc:9c:52:b7:a1:f8:89:3e:a9:
a3:63:49:44:70:be:19:a5:d0:7b:fe:40:71:13:d7:0a:34:d2:
22:97:bb:ba:38:7b:38:56:c9:9e:e5:e6:50:6d:e3:1a:fd:4e:
54:3f:e7:5e
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICEbswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAwwIQTkx
OTYxNzIxMTAvBgNVBAUTKDZDM0E3RTAyQUNCQjczQTY2MzVCREFGRTAyMkQ3ODVE
MDBDNDQ3REIwHhcNMjYwMjEwMTcxNTEwWhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDDA02OThiNjc5ZS03MzU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsCTLCC27p/+vWNIvVWPDMsXzQVtAZ+mXwfI5qK5a97U1DhdwkFblIrw9fLXt
a5r69OkAktzRnsNlvCgnKL4xeJcdIIEyczKJVPR8ffzGoKZaxg79+Z3jYzm2s3FG
QAlOFlK6j0x/fDCR2iCvl9vwIsQbL7APMslNOv+dpo/sVwash9eLGGD1TvPI1pra
S4f2eSTovdtFriYqfVQihXsCFZaeTKRYy/gdRd1kTvPrE6q2jfrBf12lSXTdRgmX
PySVrkqxrHG2iDEzlfLLMRR8+M1O6CfmfEEKIrxX/89uZBkpdvRiu1KEF4mByvKh
S0PmgHmmADFB91GDF5dTBadzbwIDAQABo4ICuTCCArUwHQYDVR0OBBYEFLOKKyC8
RLbQD1fFCmIw8Tn88c4QMB8GA1UdIwQYMBaAFGw6fgKsu3OmY1va/gIteF0AxEfb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NjE3Mi9FODY3Q0IxMDBG
MUIxMUU5QTVEQkRCMUJDNEY5QUUwMi9iRHAtQXF5N2M2WmpXOXItQWkxNFhRREVS
OXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JEcC1BcXk3YzZaalc5ci1BaTE0WFFERVI5cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTYxNzIvRTg2N0NCMTAwRjFCMTFFOUE1REJEQjFCQzRGOUFFMDIvMkQ5QjVCMzgw
RjFEMTFFOTkxRjQyNzFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E
NDAyMDAEAgABMCowDAMEBWVkoAMEAGVkujAMAwQCZWS8AwQAZWS+MAwDBABn94UD
BANn94AwDQYJKoZIhvcNAQELBQADggEBAGQy/aPyGq9OtZduqVbAPaGSaeq5ob8g
zvtO7J8XT+d71RAoCe0pIvphwN210siywKHZDhPBQSIq9rfS7RcFIEW3LUZYYFy8
h7Y+cLKkndi/J1J+MAoGnPWsLpVktMIs/VdnlMytdCqXXigiTU/s8uMNCP1QgUhk
+EC9BK/NQC6+lSg4mnHlCb7ygWVex8CJS6imGQSYqOQuMstuTCB8zw5/8n2OY/KL
NA/MmB7CRfrEvBuSEl5K6PBzZnqir4zDUNaCAk58LUV5svao7Bu+SvycUreh+Ik+
qaNjSURwvhml0Hv+QHET1wo00iKXu7o4ezhWyZ7l5lBt4xr9TlQ/514=
-----END CERTIFICATE-----
Generated at Thu Feb 19 20:34:38 2026 by rpki-client