Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/4AB8D38E178811EF95C8DF41C4F9AE02.roa
File: 4AB8D38E178811EF95C8DF41C4F9AE02.roa (raw, json)
Hash identifier: 3lspwlNqVawluAdApG+ewGuAPaRSRtGxnsh63UKJDDg=
Subject key identifier: 2D:58:19:5B:34:94:3A:21:B5:B6:C8:DA:20:B7:CE:14:4D:B9:E0:12
Certificate issuer: /CN=A91ADE0A/serialNumber=BE488B4E60AC6A73A656EFDBC5FA67A1A8DE812A
Certificate serial: 230E
Authority key identifier: BE:48:8B:4E:60:AC:6A:73:A6:56:EF:DB:C5:FA:67:A1:A8:DE:81:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vkiLTmCsanOmVu_bxfpnoajegSo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/4AB8D38E178811EF95C8DF41C4F9AE02.roa
Signing time: Fri 06 Feb 2026 16:13:20 +0000
ROA not before: Fri 06 Feb 2026 16:13:20 +0000
ROA not after: Sat 01 May 2027 00:00:00 +0000
asID: 133334
IP address blocks: 45.124.56.0/22 maxlen: 22
45.124.56.0/24 maxlen: 24
45.124.57.0/24 maxlen: 24
45.124.58.0/24 maxlen: 24
45.124.59.0/24 maxlen: 24
103.31.72.0/22 maxlen: 22
103.31.72.0/24 maxlen: 24
103.31.73.0/24 maxlen: 24
103.31.74.0/24 maxlen: 24
103.31.75.0/24 maxlen: 24
103.61.220.0/22 maxlen: 22
103.61.220.0/24 maxlen: 24
103.61.221.0/24 maxlen: 24
103.61.222.0/24 maxlen: 24
103.61.223.0/24 maxlen: 24
103.197.84.0/22 maxlen: 22
103.197.84.0/24 maxlen: 24
103.197.85.0/24 maxlen: 24
103.197.86.0/24 maxlen: 24
103.197.87.0/24 maxlen: 24
103.200.32.0/22 maxlen: 22
103.200.32.0/24 maxlen: 24
103.200.33.0/24 maxlen: 24
103.200.34.0/24 maxlen: 24
103.200.35.0/24 maxlen: 24
103.203.52.0/22 maxlen: 22
103.203.52.0/24 maxlen: 24
103.203.53.0/24 maxlen: 24
103.203.54.0/24 maxlen: 24
103.203.55.0/24 maxlen: 24
103.225.136.0/22 maxlen: 22
103.225.136.0/24 maxlen: 24
103.225.137.0/24 maxlen: 24
103.225.138.0/24 maxlen: 24
103.225.139.0/24 maxlen: 24
2401:b80::/32 maxlen: 32
2401:b80:1000::/36 maxlen: 36
2401:b80:2000::/36 maxlen: 36
2401:b80:3000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/vkiLTmCsanOmVu_bxfpnoajegSo.crl
rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/vkiLTmCsanOmVu_bxfpnoajegSo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vkiLTmCsanOmVu_bxfpnoajegSo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 25 Feb 2026 15:42:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8974 (0x230e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ADE0A, serialNumber=BE488B4E60AC6A73A656EFDBC5FA67A1A8DE812A
Validity
Not Before: Feb 6 16:13:20 2026 GMT
Not After : May 1 00:00:00 2027 GMT
Subject: CN=6986131f-79d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:70:26:bf:29:6e:2b:92:44:56:10:43:0a:4a:
74:bf:ca:21:e7:fc:61:39:52:76:27:84:25:b9:f3:
85:43:68:86:14:c3:3e:25:9d:f5:e2:cc:9e:b0:c2:
77:d8:69:b9:f5:28:f4:0b:16:d1:d4:dd:40:89:ef:
9d:5d:55:5e:b5:c2:40:a9:df:6d:1b:cb:fe:3f:0a:
e1:f4:a5:12:d1:51:20:4a:f1:27:07:e4:f3:9c:61:
fa:1b:05:c7:0f:b1:b9:2d:90:02:40:49:9f:e0:1a:
d3:a8:14:21:fe:f3:e0:17:1d:64:13:6f:8d:a0:cb:
51:d7:ee:44:40:b6:07:a6:52:05:10:37:22:7a:61:
38:8e:7d:5a:4f:1a:69:d2:69:ff:1a:a4:e5:95:e9:
12:74:48:d1:94:65:c4:16:04:dd:29:6b:8c:74:ab:
3c:07:2c:8f:75:d8:8d:a4:9a:70:9d:22:1c:fa:7e:
9c:d9:69:dc:10:82:78:3c:a7:3b:3d:19:56:30:bb:
21:73:1a:89:36:98:33:a8:ea:37:62:fa:4f:77:c6:
80:6e:94:fb:c6:95:05:67:83:c8:3e:d8:ad:58:7b:
f2:c9:0b:77:e6:35:75:3b:c2:38:3c:fb:d9:06:08:
0e:9b:13:c4:82:b1:0c:b4:cf:fe:1c:78:1e:4a:dd:
fc:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:58:19:5B:34:94:3A:21:B5:B6:C8:DA:20:B7:CE:14:4D:B9:E0:12
X509v3 Authority Key Identifier:
keyid:BE:48:8B:4E:60:AC:6A:73:A6:56:EF:DB:C5:FA:67:A1:A8:DE:81:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/vkiLTmCsanOmVu_bxfpnoajegSo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vkiLTmCsanOmVu_bxfpnoajegSo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ADE0A/30D80126C11311E5B01A7269C4F9AE02/4AB8D38E178811EF95C8DF41C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.124.56.0/22
103.31.72.0/22
103.61.220.0/22
103.197.84.0/22
103.200.32.0/22
103.203.52.0/22
103.225.136.0/22
IPv6:
2401:b80::/32
Signature Algorithm: sha256WithRSAEncryption
9e:6e:eb:42:c0:55:5f:ae:ff:ec:40:25:3c:ff:07:8b:fa:1c:
07:2a:28:d5:6a:67:90:d1:ae:18:61:18:f8:13:44:2e:da:73:
b9:0c:e5:51:c9:ae:e9:dc:29:21:61:59:65:c5:89:ba:b3:fe:
04:41:4f:7e:a8:ac:54:fc:60:21:60:bc:19:36:77:5e:f8:93:
39:2e:be:e0:5b:01:8e:0c:97:c2:15:e5:2f:f6:02:6a:f6:04:
f4:20:0d:23:4d:92:cc:62:cd:3b:3c:ce:fb:cd:d5:78:b7:e6:
f1:de:f4:6f:a9:e9:ce:d6:a4:c5:96:ee:6c:17:80:ca:1a:0a:
8a:2e:d4:aa:b6:84:14:cf:1c:2a:7b:0d:02:50:d2:ec:76:b8:
17:99:be:38:00:a6:50:9e:75:c2:ed:05:e6:75:59:10:82:fe:
20:ff:12:ba:51:c2:7d:e1:6a:5b:c8:e8:47:77:dc:19:d4:4f:
9f:d8:d8:fe:16:40:79:04:86:57:0e:fb:1a:d8:f1:20:34:6e:
71:75:92:5a:e3:34:31:64:c1:5c:85:94:db:59:53:8b:cf:d3:
43:1b:48:16:ea:69:2f:36:c0:1a:f3:b2:0c:b7:01:90:c4:78:
c4:dc:e0:8a:ef:82:e4:37:e7:a4:d8:10:87:21:d4:0f:98:09:
a0:31:9b:0c
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgICIw4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAwwIQTkx
QURFMEExMTAvBgNVBAUTKEJFNDg4QjRFNjBBQzZBNzNBNjU2RUZEQkM1RkE2N0Ex
QThERTgxMkEwHhcNMjYwMjA2MTYxMzIwWhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDDA02OTg2MTMxZi03OWQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv3AmvyluK5JEVhBDCkp0v8oh5/xhOVJ2J4QlufOFQ2iGFMM+JZ314syesMJ3
2Gm59Sj0CxbR1N1Aie+dXVVetcJAqd9tG8v+Pwrh9KUS0VEgSvEnB+TznGH6GwXH
D7G5LZACQEmf4BrTqBQh/vPgFx1kE2+NoMtR1+5EQLYHplIFEDciemE4jn1aTxpp
0mn/GqTllekSdEjRlGXEFgTdKWuMdKs8ByyPddiNpJpwnSIc+n6c2WncEIJ4PKc7
PRlWMLshcxqJNpgzqOo3YvpPd8aAbpT7xpUFZ4PIPtitWHvyyQt35jV1O8I4PPvZ
BggOmxPEgrEMtM/+HHgeSt38uQIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFC1YGVs0
lDohtbbI2iC3zhRNueASMB8GA1UdIwQYMBaAFL5Ii05grGpzplbv28X6Z6Go3oEq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBREUwQS8zMEQ4MDEyNkMx
MTMxMUU1QjAxQTcyNjlDNEY5QUUwMi92a2lMVG1Dc2FuT21WdV9ieGZwbm9hamVn
U28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZraUxUbUNzYW5PbVZ1X2J4ZnBub2FqZWdTby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QURFMEEvMzBEODAxMjZDMTEzMTFFNUIwMUE3MjY5QzRGOUFFMDIvNEFCOEQzOEUx
Nzg4MTFFRjk1QzhERjQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E
QzBBMDAEAgABMCoDBAItfDgDBAJnH0gDBAJnPdwDBAJnxVQDBAJnyCADBAJnyzQD
BAJn4YgwDQQCAAIwBwMFACQBC4AwDQYJKoZIhvcNAQELBQADggEBAJ5u60LAVV+u
/+xAJTz/B4v6HAcqKNVqZ5DRrhhhGPgTRC7ac7kM5VHJruncKSFhWWXFibqz/gRB
T36orFT8YCFgvBk2d174kzkuvuBbAY4Ml8IV5S/2Amr2BPQgDSNNksxizTs8zvvN
1Xi35vHe9G+p6c7WpMWW7mwXgMoaCoou1Kq2hBTPHCp7DQJQ0ux2uBeZvjgAplCe
dcLtBeZ1WRCC/iD/ErpRwn3halvI6Ed33BnUT5/Y2P4WQHkEhlcO+xrY8SA0bnF1
klrjNDFkwVyFlNtZU4vP00MbSBbqaS82wBrzsgy3AZDEeMTc4IrvguQ356TYEIch
1A+YCaAxmww=
-----END CERTIFICATE-----
Generated at Thu Feb 19 21:56:51 2026 by rpki-client