Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5BFB/DF2E013ED9FB11E584D11A76C4F9AE02/6D2F20B6ECEB11EE960F5531C4F9AE02.roa
File: 6D2F20B6ECEB11EE960F5531C4F9AE02.roa (raw, json)
Hash identifier: 1zAnoFAZLw8M++XgIZ/MWCaz0z706XmklzX8v9BQSZM=
Subject key identifier: 1F:34:7A:C6:22:69:92:62:B1:32:32:F0:1B:53:60:4B:58:09:CA:0F
Certificate issuer: /CN=A91D5BFB/serialNumber=BFB69BC22576B957BAB5FF336B7E8358DCB70A2A
Certificate serial: 2255
Authority key identifier: BF:B6:9B:C2:25:76:B9:57:BA:B5:FF:33:6B:7E:83:58:DC:B7:0A:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v7abwiV2uVe6tf8za36DWNy3Cio.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D5BFB/DF2E013ED9FB11E584D11A76C4F9AE02/6D2F20B6ECEB11EE960F5531C4F9AE02.roa
Signing time: Fri 13 Feb 2026 10:06:42 +0000
ROA not before: Fri 13 Feb 2026 10:06:42 +0000
ROA not after: Tue 02 Mar 2027 00:00:00 +0000
asID: 55915
IP address blocks: 43.231.208.0/22 maxlen: 24
45.64.160.0/22 maxlen: 24
45.123.220.0/22 maxlen: 24
49.236.212.0/22 maxlen: 24
103.1.92.0/22 maxlen: 24
103.51.16.0/22 maxlen: 24
103.192.76.0/22 maxlen: 24
202.94.66.0/24 maxlen: 24
2407:5200::/32 maxlen: 32
2407:5200:1::/48 maxlen: 48
2407:5200:32::/48 maxlen: 48
2407:5200:48::/48 maxlen: 48
2407:5200:49::/48 maxlen: 48
2407:5200:4c::/46 maxlen: 48
2407:5200:50::/46 maxlen: 48
2407:5200:54::/48 maxlen: 48
2407:5200:200::/46 maxlen: 48
2407:5200:204::/46 maxlen: 48
2407:5200:300::/46 maxlen: 48
2407:5200:400::/46 maxlen: 48
2407:5200:404::/46 maxlen: 48
2407:5200:600::/46 maxlen: 48
2407:5200:1000::/40 maxlen: 48
2407:5200:1200::/40 maxlen: 48
2407:5200:1300::/40 maxlen: 48
2407:5200:1500::/40 maxlen: 40
2407:5200:4920::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D5BFB/DF2E013ED9FB11E584D11A76C4F9AE02/v7abwiV2uVe6tf8za36DWNy3Cio.crl
rsync://rpki.apnic.net/member_repository/A91D5BFB/DF2E013ED9FB11E584D11A76C4F9AE02/v7abwiV2uVe6tf8za36DWNy3Cio.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v7abwiV2uVe6tf8za36DWNy3Cio.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 25 Feb 2026 15:43:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8789 (0x2255)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D5BFB, serialNumber=BFB69BC22576B957BAB5FF336B7E8358DCB70A2A
Validity
Not Before: Feb 13 10:06:42 2026 GMT
Not After : Mar 2 00:00:00 2027 GMT
Subject: CN=698ef7b2-e8f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:90:fa:c2:b9:8e:b5:ef:2e:ad:9a:d2:3f:07:
a6:00:d7:53:f1:46:80:73:80:1c:71:85:99:ad:6b:
16:2b:1c:cc:1d:9d:42:47:fd:d3:f1:fc:8d:2c:42:
83:bf:59:4f:ca:1f:b3:40:81:50:d7:f1:ab:1f:6a:
d0:ee:ba:fd:58:06:9a:14:91:6c:79:07:84:ed:c3:
c1:00:8f:24:f9:de:60:4b:a2:fa:8e:eb:67:a7:8a:
8e:a6:03:1d:de:c6:ab:1c:e8:58:00:2f:68:21:c1:
6d:32:bc:1f:48:59:cd:81:22:0f:c5:b0:7d:d4:cf:
38:97:b9:8f:13:96:8e:6e:a0:40:de:b9:41:a1:91:
9a:1b:b1:15:0f:c1:ba:7e:21:12:33:c0:cc:a4:b2:
b7:83:c2:c2:db:6b:a3:17:d3:66:20:34:1c:c2:c6:
15:16:c1:b6:0e:56:3b:3b:3f:ca:85:55:61:38:ce:
e1:72:d3:58:b0:41:36:10:d2:7a:ef:36:d4:7e:ee:
5d:64:f7:5a:b4:b6:c2:3d:3d:ca:3f:bd:ff:e0:4a:
08:4d:4c:68:56:e0:e4:51:43:79:ca:49:a4:68:93:
57:d0:c7:d5:9b:ca:f7:15:cc:7a:38:8d:44:b5:9a:
a0:f1:d4:ae:d1:c4:d0:d7:e1:87:21:ff:b1:31:d0:
71:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:34:7A:C6:22:69:92:62:B1:32:32:F0:1B:53:60:4B:58:09:CA:0F
X509v3 Authority Key Identifier:
keyid:BF:B6:9B:C2:25:76:B9:57:BA:B5:FF:33:6B:7E:83:58:DC:B7:0A:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D5BFB/DF2E013ED9FB11E584D11A76C4F9AE02/v7abwiV2uVe6tf8za36DWNy3Cio.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v7abwiV2uVe6tf8za36DWNy3Cio.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5BFB/DF2E013ED9FB11E584D11A76C4F9AE02/6D2F20B6ECEB11EE960F5531C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.231.208.0/22
45.64.160.0/22
45.123.220.0/22
49.236.212.0/22
103.1.92.0/22
103.51.16.0/22
103.192.76.0/22
202.94.66.0/24
IPv6:
2407:5200::/32
Signature Algorithm: sha256WithRSAEncryption
38:85:72:60:ef:c8:ba:db:76:2c:3d:2d:71:b4:71:0b:de:01:
5f:2a:e0:5a:42:8e:50:d5:af:12:8e:3e:93:c2:bc:bf:a7:ce:
a1:93:09:ed:52:63:a9:18:b9:b7:05:5f:22:f4:86:f9:25:e4:
f3:2a:d9:e6:93:5d:cb:41:b7:ae:ba:e7:34:22:21:1d:bf:3b:
d5:6a:5b:79:73:5f:b3:2f:a9:6c:0e:3d:b4:0f:83:5b:f0:1c:
2a:f1:c0:f4:1a:39:f9:75:29:60:3b:cf:e9:16:df:cf:9e:92:
1c:54:1c:0d:0c:77:1d:86:3f:db:6f:10:43:d9:19:f9:f3:60:
64:1e:aa:04:33:aa:18:b7:a9:2a:7a:cb:63:43:9b:5b:29:72:
2e:75:77:64:9a:b9:98:e6:ca:ff:c9:55:cf:1a:55:f5:c8:fc:
28:f8:41:d2:13:d1:7c:04:60:9b:86:ec:87:45:77:54:6d:7f:
65:2c:cc:c1:4e:25:0f:46:38:e8:82:0c:9a:fd:0d:cb:c0:d9:
46:80:31:8c:af:ab:3c:e4:e2:bd:68:4d:2d:0b:c6:4c:c5:4c:
a0:64:7f:c5:18:bf:15:a7:f7:ec:63:93:30:1a:02:c7:23:45:
c8:fa:8c:11:80:20:d3:55:f9:c9:cb:f7:a1:51:51:a0:2b:8f:
1e:15:27:41
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgICIlUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAwwIQTkx
RDVCRkIxMTAvBgNVBAUTKEJGQjY5QkMyMjU3NkI5NTdCQUI1RkYzMzZCN0U4MzU4
RENCNzBBMkEwHhcNMjYwMjEzMTAwNjQyWhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDDA02OThlZjdiMi1lOGY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvpD6wrmOte8urZrSPwemANdT8UaAc4AccYWZrWsWKxzMHZ1CR/3T8fyNLEKD
v1lPyh+zQIFQ1/GrH2rQ7rr9WAaaFJFseQeE7cPBAI8k+d5gS6L6jutnp4qOpgMd
3sarHOhYAC9oIcFtMrwfSFnNgSIPxbB91M84l7mPE5aObqBA3rlBoZGaG7EVD8G6
fiESM8DMpLK3g8LC22ujF9NmIDQcwsYVFsG2DlY7Oz/KhVVhOM7hctNYsEE2ENJ6
7zbUfu5dZPdatLbCPT3KP73/4EoITUxoVuDkUUN5ykmkaJNX0MfVm8r3Fcx6OI1E
tZqg8dSu0cTQ1+GHIf+xMdBxEwIDAQABo4ICzjCCAsowHQYDVR0OBBYEFB80esYi
aZJisTIy8BtTYEtYCcoPMB8GA1UdIwQYMBaAFL+2m8IldrlXurX/M2t+g1jctwoq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENUJGQi9ERjJFMDEzRUQ5
RkIxMUU1ODREMTFBNzZDNEY5QUUwMi92N2Fid2lWMnVWZTZ0Zjh6YTM2RFdOeTND
aW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Y3YWJ3aVYydVZlNnRmOHphMzZEV055M0Npby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDVCRkIvREYyRTAxM0VEOUZCMTFFNTg0RDExQTc2QzRGOUFFMDIvNkQyRjIwQjZF
Q0VCMTFFRTk2MEY1NTMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWAYIKwYBBQUHAQcBAf8E
STBHMDYEAgABMDADBAIr59ADBAItQKADBAIte9wDBAIx7NQDBAJnAVwDBAJnMxAD
BAJnwEwDBADKXkIwDQQCAAIwBwMFACQHUgAwDQYJKoZIhvcNAQELBQADggEBADiF
cmDvyLrbdiw9LXG0cQveAV8q4FpCjlDVrxKOPpPCvL+nzqGTCe1SY6kYubcFXyL0
hvkl5PMq2eaTXctBt6665zQiIR2/O9VqW3lzX7MvqWwOPbQPg1vwHCrxwPQaOfl1
KWA7z+kW38+ekhxUHA0Mdx2GP9tvEEPZGfnzYGQeqgQzqhi3qSp6y2NDm1spci51
d2SauZjmyv/JVc8aVfXI/Cj4QdIT0XwEYJuG7IdFd1Rtf2UszMFOJQ9GOOiCDJr9
DcvA2UaAMYyvqzzk4r1oTS0LxkzFTKBkf8UYvxWn9+xjkzAaAscjRcj6jBGAINNV
+cnL96FRUaArjx4VJ0E=
-----END CERTIFICATE-----
Generated at Thu Feb 19 20:34:02 2026 by rpki-client