Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B3558/0F21214E390511E99A330233C4F9AE02/BAE1D7A8716711EFBF91272AC4F9AE02.roa
File: BAE1D7A8716711EFBF91272AC4F9AE02.roa (raw, json)
Hash identifier: aScypq58ma32Blk4gXAn5hRCMA++RlRKUglRyBdAIIU=
Subject key identifier: 50:3A:2F:74:83:17:99:B3:3F:36:DE:02:3F:0D:A7:D1:8C:15:36:1E
Certificate issuer: /CN=A91B3558/serialNumber=C8909254F69666D585E310ACD8DFF2B1FB9A5F2A
Certificate serial: 1119
Authority key identifier: C8:90:92:54:F6:96:66:D5:85:E3:10:AC:D8:DF:F2:B1:FB:9A:5F:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yJCSVPaWZtWF4xCs2N_ysfuaXyo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B3558/0F21214E390511E99A330233C4F9AE02/BAE1D7A8716711EFBF91272AC4F9AE02.roa
Signing time: Thu 02 Apr 2026 17:22:28 +0000
ROA not before: Thu 02 Apr 2026 17:22:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 46489
IP address blocks: 45.113.128.0/22 maxlen: 22
103.53.48.0/22 maxlen: 22
103.53.48.0/23 maxlen: 23
2402:2a80::/32 maxlen: 32
2402:2a80:100::/40 maxlen: 48
2402:2a80:200::/40 maxlen: 48
2402:2a80:300::/40 maxlen: 48
2402:2a80:400::/40 maxlen: 48
2402:2a80:1000::/36 maxlen: 36
2402:2a80:1000::/40 maxlen: 40
2402:2a80:1100::/40 maxlen: 40
2402:2a80:1200::/40 maxlen: 40
2402:2a80:1300::/40 maxlen: 40
2402:2a80:1400::/40 maxlen: 40
2402:2a80:1500::/40 maxlen: 40
2402:2a80:2000::/36 maxlen: 36
2402:2a80:2000::/40 maxlen: 40
2402:2a80:2100::/40 maxlen: 40
2402:2a80:3000::/36 maxlen: 36
2402:2a80:3000::/40 maxlen: 40
2402:2a80:3100::/40 maxlen: 40
2402:2a80:3200::/40 maxlen: 40
2402:2a80:3300::/40 maxlen: 40
2402:2a80:4000::/36 maxlen: 36
2402:2a80:4000::/40 maxlen: 40
2402:2a80:4100::/40 maxlen: 40
2402:2a80:4200::/40 maxlen: 40
2402:2a80:5000::/36 maxlen: 36
2402:2a80:6000::/36 maxlen: 36
2402:2a80:b000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B3558/0F21214E390511E99A330233C4F9AE02/yJCSVPaWZtWF4xCs2N_ysfuaXyo.crl
rsync://rpki.apnic.net/member_repository/A91B3558/0F21214E390511E99A330233C4F9AE02/yJCSVPaWZtWF4xCs2N_ysfuaXyo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yJCSVPaWZtWF4xCs2N_ysfuaXyo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 13 Apr 2026 17:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4377 (0x1119)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B3558, serialNumber=C8909254F69666D585E310ACD8DFF2B1FB9A5F2A
Validity
Not Before: Apr 2 17:22:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=69cea5d4-c2d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a4:cf:37:25:4b:87:80:e4:18:f9:3c:b9:c4:
32:15:82:41:2c:b6:0e:7c:2f:2b:00:1e:d8:f7:f5:
16:dc:dc:22:a8:07:e3:2d:44:c7:47:31:47:f0:1f:
ac:54:0d:82:8a:4b:b4:c5:2f:7e:e6:a8:3d:0d:79:
20:25:81:7d:68:56:e8:c7:c0:08:88:45:6e:13:46:
1d:4b:8f:83:e0:0f:80:f6:68:14:50:71:ff:9e:b1:
e4:d6:52:f8:d9:a1:27:89:50:71:65:50:8e:bf:9c:
c2:ac:2d:56:42:36:7d:af:90:6c:de:ae:24:b7:9a:
8e:fc:61:75:aa:a3:35:3a:a8:6f:72:47:69:84:69:
af:cc:42:09:48:fb:8f:ba:bd:ad:e5:32:50:7c:bf:
14:a6:5e:ea:94:09:d5:c8:75:5e:c8:eb:2f:39:f3:
5b:ff:b8:b7:89:dc:fb:0b:b0:46:01:51:44:49:fc:
63:6c:b9:56:61:2a:96:40:a5:37:89:ea:cb:ce:bf:
c3:ed:f5:b8:80:49:60:2e:0d:e9:d2:d3:0c:c4:f2:
47:fc:db:25:ce:57:81:c0:43:e1:91:68:44:86:b9:
e5:99:3e:6b:16:48:db:87:f2:cc:96:1b:cf:7a:66:
e6:5d:9b:c5:ba:eb:57:47:f4:7a:4c:0d:e4:19:39:
7d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:3A:2F:74:83:17:99:B3:3F:36:DE:02:3F:0D:A7:D1:8C:15:36:1E
X509v3 Authority Key Identifier:
keyid:C8:90:92:54:F6:96:66:D5:85:E3:10:AC:D8:DF:F2:B1:FB:9A:5F:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B3558/0F21214E390511E99A330233C4F9AE02/yJCSVPaWZtWF4xCs2N_ysfuaXyo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yJCSVPaWZtWF4xCs2N_ysfuaXyo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B3558/0F21214E390511E99A330233C4F9AE02/BAE1D7A8716711EFBF91272AC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.113.128.0/22
103.53.48.0/22
IPv6:
2402:2a80::/32
Signature Algorithm: sha256WithRSAEncryption
79:e1:4d:eb:c3:4f:15:a7:a4:20:79:c6:7f:d5:25:d2:d9:c0:
04:ff:04:21:4a:c0:d2:9d:b0:03:51:65:32:66:ba:f4:1c:9c:
79:6a:a3:e4:89:fd:19:86:43:0c:4c:58:0b:07:a9:d2:23:74:
f1:53:13:0d:64:f4:78:28:11:88:9c:e0:a0:cc:ec:00:51:fd:
98:5c:48:c3:f1:3c:62:5a:12:89:f2:9b:5c:91:d5:77:33:42:
ee:04:04:b9:d3:dc:fd:bd:1a:ba:02:c6:a9:d0:26:29:bf:61:
dd:2d:4c:3c:f5:ff:fa:3e:3f:e2:9f:f4:b1:0b:33:10:87:9e:
78:60:5a:fa:93:a1:68:02:f7:28:ec:24:85:3d:e7:00:7f:dc:
4a:74:6d:f3:fc:e0:cd:bc:d1:b7:ba:8a:7c:80:af:58:61:39:
4d:cb:7b:08:d4:ff:fb:47:df:1e:9d:d9:75:37:48:42:86:b4:
12:39:5b:68:91:cf:44:5c:5e:55:5f:87:7e:d4:a5:23:2e:ae:
30:7b:2b:95:86:08:f7:37:44:be:5e:35:b7:61:05:6d:d1:94:
f4:7a:09:ee:67:1e:d6:18:5e:4d:da:fa:dc:5c:0d:eb:64:1f:
6e:19:1a:81:81:19:ba:08:9b:77:86:9c:7e:c6:f1:6e:69:62:
40:01:ba:ed
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgICERkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjM1NTgxMTAvBgNVBAUTKEM4OTA5MjU0RjY5NjY2RDU4NUUzMTBBQ0Q4REZGMkIx
RkI5QTVGMkEwHhcNMjYwNDAyMTcyMjI4WhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWNlYTVkNC1jMmQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArqTPNyVLh4DkGPk8ucQyFYJBLLYOfC8rAB7Y9/UW3NwiqAfjLUTHRzFH8B+s
VA2Ciku0xS9+5qg9DXkgJYF9aFbox8AIiEVuE0YdS4+D4A+A9mgUUHH/nrHk1lL4
2aEniVBxZVCOv5zCrC1WQjZ9r5Bs3q4kt5qO/GF1qqM1OqhvckdphGmvzEIJSPuP
ur2t5TJQfL8Upl7qlAnVyHVeyOsvOfNb/7i3idz7C7BGAVFESfxjbLlWYSqWQKU3
ierLzr/D7fW4gElgLg3p0tMMxPJH/NslzleBwEPhkWhEhrnlmT5rFkjbh/LMlhvP
embmXZvFuutXR/R6TA3kGTl99wIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFFA6L3SD
F5mzPzbeAj8Np9GMFTYeMB8GA1UdIwQYMBaAFMiQklT2lmbVheMQrNjf8rH7ml8q
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMzU1OC8wRjIxMjE0RTM5
MDUxMUU5OUEzMzAyMzNDNEY5QUUwMi95SkNTVlBhV1p0V0Y0eENzMk5feXNmdWFY
eW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lKQ1NWUGFXWnRXRjR4Q3MyTl95c2Z1YVh5by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjM1NTgvMEYyMTIxNEUzOTA1MTFFOTlBMzMwMjMzQzRGOUFFMDIvQkFFMUQ3QTg3
MTY3MTFFRkJGOTEyNzJBQzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS
BAIAATAMAwQCLXGAAwQCZzUwMA0EAgACMAcDBQAkAiqAMA0GCSqGSIb3DQEBCwUA
A4IBAQB54U3rw08Vp6QgecZ/1SXS2cAE/wQhSsDSnbADUWUyZrr0HJx5aqPkif0Z
hkMMTFgLB6nSI3TxUxMNZPR4KBGInOCgzOwAUf2YXEjD8TxiWhKJ8ptckdV3M0Lu
BAS509z9vRq6Asap0CYpv2HdLUw89f/6Pj/in/SxCzMQh554YFr6k6FoAvco7CSF
PecAf9xKdG3z/ODNvNG3uop8gK9YYTlNy3sI1P/7R98endl1N0hChrQSOVtokc9E
XF5VX4d+1KUjLq4weyuVhgj3N0S+XjW3YQVt0ZT0egnuZx7WGF5N2vrcXA3rZB9u
GRqBgRm6CJt3hpx+xvFuaWJAAbrt
-----END CERTIFICATE-----
Generated at Tue Apr 7 13:32:26 2026 by rpki-client