Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E5642/1040F32C8AFA11EA9B28A929C4F9AE02/49484A22DDBE11F0A59AB1524A6F56BC.roa
File: 49484A22DDBE11F0A59AB1524A6F56BC.roa (raw, json)
Hash identifier: WiGuv2/JSxx57676h5jedUA8T7uDbrDtdsfZtv+usVM=
Subject key identifier: E7:01:06:44:C0:34:72:F9:48:DD:53:CC:7C:97:A5:E0:C6:7A:14:98
Certificate issuer: /CN=A91E5642/serialNumber=803079BAB2F1F6B3B9AAC411DF4A82C3F06A6571
Certificate serial: 0A32
Authority key identifier: 80:30:79:BA:B2:F1:F6:B3:B9:AA:C4:11:DF:4A:82:C3:F0:6A:65:71
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gDB5urLx9rO5qsQR30qCw_BqZXE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E5642/1040F32C8AFA11EA9B28A929C4F9AE02/49484A22DDBE11F0A59AB1524A6F56BC.roa
Signing time: Sat 31 Jan 2026 20:16:44 +0000
ROA not before: Sat 31 Jan 2026 20:16:44 +0000
ROA not after: Wed 31 Mar 2027 00:00:00 +0000
asID: 139879
IP address blocks: 103.146.136.0/23 maxlen: 23
103.146.136.0/24 maxlen: 24
103.146.137.0/24 maxlen: 24
2407:11c0::/32 maxlen: 32
2407:11c0::/48 maxlen: 48
2407:11c0:1::/48 maxlen: 48
2407:11c0:2::/48 maxlen: 48
2407:11c0:3::/48 maxlen: 48
2407:11c0:4::/48 maxlen: 48
2407:11c0:5::/48 maxlen: 48
2407:11c0:6::/48 maxlen: 48
2407:11c0:7::/48 maxlen: 48
2407:11c0:8::/48 maxlen: 48
2407:11c0:9::/48 maxlen: 48
2407:11c0:a::/48 maxlen: 48
2407:11c0:b::/48 maxlen: 48
2407:11c0:c::/48 maxlen: 48
2407:11c0:d::/48 maxlen: 48
2407:11c0:e::/48 maxlen: 48
2407:11c0:f::/48 maxlen: 48
2407:11c0:10::/48 maxlen: 48
2407:11c0:11::/48 maxlen: 48
2407:11c0:12::/48 maxlen: 48
2407:11c0:13::/48 maxlen: 48
2407:11c0:14::/48 maxlen: 48
2407:11c0:15::/48 maxlen: 48
2407:11c0:16::/48 maxlen: 48
2407:11c0:17::/48 maxlen: 48
2407:11c0:18::/48 maxlen: 48
2407:11c0:19::/48 maxlen: 48
2407:11c0:1a::/48 maxlen: 48
2407:11c0:1b::/48 maxlen: 48
2407:11c0:1c::/48 maxlen: 48
2407:11c0:1d::/48 maxlen: 48
2407:11c0:1e::/48 maxlen: 48
2407:11c0:1f::/48 maxlen: 48
2407:11c0:20::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E5642/1040F32C8AFA11EA9B28A929C4F9AE02/gDB5urLx9rO5qsQR30qCw_BqZXE.crl
rsync://rpki.apnic.net/member_repository/A91E5642/1040F32C8AFA11EA9B28A929C4F9AE02/gDB5urLx9rO5qsQR30qCw_BqZXE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gDB5urLx9rO5qsQR30qCw_BqZXE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 25 Feb 2026 19:20:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2610 (0xa32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E5642, serialNumber=803079BAB2F1F6B3B9AAC411DF4A82C3F06A6571
Validity
Not Before: Jan 31 20:16:44 2026 GMT
Not After : Mar 31 00:00:00 2027 GMT
Subject: CN=697e632c-660a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:7a:98:be:02:3f:e7:3c:32:bb:66:e2:61:e8:
0b:d3:30:07:da:75:6f:b8:42:3c:78:b9:28:eb:b5:
10:25:79:41:54:31:fb:aa:18:0b:ca:01:52:a2:6e:
b8:08:85:3a:e0:de:60:ec:19:d9:52:22:f8:f9:73:
79:1d:9c:9b:b3:7e:62:41:3d:fe:9f:fd:1d:02:13:
6a:e0:22:3a:70:03:8c:cd:a7:c9:81:f0:c2:84:b3:
41:14:60:39:94:89:78:4e:51:b0:e0:c8:77:5f:02:
b8:6e:be:f0:1a:c3:fd:83:32:b3:e0:b2:47:f0:32:
8a:0a:92:ac:22:1e:b1:96:89:96:0a:70:71:1c:a7:
b5:95:ab:48:14:66:e4:aa:cf:2a:46:65:d4:8b:ac:
b5:8a:0a:61:55:a7:f4:3b:0d:15:70:30:63:ef:26:
80:c6:73:ca:1c:78:e5:b0:3f:44:e4:0b:60:f8:43:
a4:8c:9d:bc:65:65:32:f5:83:39:dc:f8:26:e9:88:
b5:8a:b7:72:cd:a0:95:fe:61:14:bf:9f:98:a1:dc:
85:43:7c:8b:eb:72:1c:17:e2:c2:dd:4c:67:b0:60:
44:46:f1:1f:ee:33:25:66:de:a3:04:98:d3:53:a4:
73:61:56:a9:34:37:0e:b2:0e:ff:1f:85:ad:3c:a5:
ae:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:01:06:44:C0:34:72:F9:48:DD:53:CC:7C:97:A5:E0:C6:7A:14:98
X509v3 Authority Key Identifier:
keyid:80:30:79:BA:B2:F1:F6:B3:B9:AA:C4:11:DF:4A:82:C3:F0:6A:65:71
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E5642/1040F32C8AFA11EA9B28A929C4F9AE02/gDB5urLx9rO5qsQR30qCw_BqZXE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gDB5urLx9rO5qsQR30qCw_BqZXE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E5642/1040F32C8AFA11EA9B28A929C4F9AE02/49484A22DDBE11F0A59AB1524A6F56BC.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.146.136.0/23
IPv6:
2407:11c0::/32
Signature Algorithm: sha256WithRSAEncryption
45:9a:86:96:a7:12:06:75:f8:91:2f:91:55:61:a6:5a:54:53:
90:e7:d9:4f:96:2d:fc:0c:d7:5b:b7:a1:20:a2:c3:56:f3:53:
3d:01:d0:9d:04:5b:47:dd:84:40:dd:16:df:b2:4b:c2:d3:43:
f7:95:82:37:ac:75:c4:ec:bc:be:04:e4:64:dc:67:98:8d:1d:
2f:54:50:fa:40:9d:57:9b:7e:fb:f8:37:46:b9:af:fd:50:50:
5d:fe:c7:60:2e:9d:a5:a5:4a:5e:37:a1:37:d4:f7:f1:56:3b:
35:77:09:59:ca:f8:0b:fc:fd:f2:d6:ee:9c:5a:d2:88:7e:c4:
f6:fc:85:95:fd:ca:51:da:60:03:f0:8a:03:0f:2e:34:88:ee:
6e:e3:78:9a:50:6f:93:87:2d:b0:27:13:97:3f:e1:51:03:43:
33:4f:e3:5f:c1:3e:53:8f:8c:7c:f0:9c:22:aa:ca:2f:81:96:
4d:c1:dc:e4:91:b3:ed:e7:a4:11:66:17:30:71:7b:82:71:8b:
d0:b3:58:67:9c:8b:4c:f6:1a:3e:41:8a:59:00:6a:82:fa:d0:
28:a8:a6:6f:7a:05:87:d7:ba:ab:f1:c0:83:0d:4c:2e:58:75:
dc:a7:eb:7d:46:d7:ef:1d:60:b3:b0:b2:a1:ca:5e:da:da:ac:
b6:35:f8:a5
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCjIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAwwIQTkx
RTU2NDIxMTAvBgNVBAUTKDgwMzA3OUJBQjJGMUY2QjNCOUFBQzQxMURGNEE4MkMz
RjA2QTY1NzEwHhcNMjYwMTMxMjAxNjQ0WhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDDA02OTdlNjMyYy02NjBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2XqYvgI/5zwyu2biYegL0zAH2nVvuEI8eLko67UQJXlBVDH7qhgLygFSom64
CIU64N5g7BnZUiL4+XN5HZybs35iQT3+n/0dAhNq4CI6cAOMzafJgfDChLNBFGA5
lIl4TlGw4Mh3XwK4br7wGsP9gzKz4LJH8DKKCpKsIh6xlomWCnBxHKe1latIFGbk
qs8qRmXUi6y1igphVaf0Ow0VcDBj7yaAxnPKHHjlsD9E5Atg+EOkjJ28ZWUy9YM5
3Pgm6Yi1irdyzaCV/mEUv5+YodyFQ3yL63IcF+LC3UxnsGBERvEf7jMlZt6jBJjT
U6RzYVapNDcOsg7/H4WtPKWu6QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFOcBBkTA
NHL5SN1TzHyXpeDGehSYMB8GA1UdIwQYMBaAFIAwebqy8fazuarEEd9KgsPwamVx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTY0Mi8xMDQwRjMyQzhB
RkExMUVBOUIyOEE5MjlDNEY5QUUwMi9nREI1dXJMeDlyTzVxc1FSMzBxQ3dfQnFa
WEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dEQjV1ckx4OXJPNXFzUVIzMHFDd19CcVpYRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTU2NDIvMTA0MEYzMkM4QUZBMTFFQTlCMjhBOTI5QzRGOUFFMDIvNDk0ODRBMjJE
REJFMTFGMEE1OUFCMTUyNEE2RjU2QkMucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnkogwDQQCAAIwBwMFACQHEcAwDQYJKoZIhvcNAQELBQAD
ggEBAEWahpanEgZ1+JEvkVVhplpUU5Dn2U+WLfwM11u3oSCiw1bzUz0B0J0EW0fd
hEDdFt+yS8LTQ/eVgjesdcTsvL4E5GTcZ5iNHS9UUPpAnVebfvv4N0a5r/1QUF3+
x2AunaWlSl43oTfU9/FWOzV3CVnK+Av8/fLW7pxa0oh+xPb8hZX9ylHaYAPwigMP
LjSI7m7jeJpQb5OHLbAnE5c/4VEDQzNP41/BPlOPjHzwnCKqyi+Blk3B3OSRs+3n
pBFmFzBxe4Jxi9CzWGeci0z2Gj5BilkAaoL60Ciopm96BYfXuqvxwIMNTC5Yddyn
631G1+8dYLOwsqHKXtrarLY1+KU=
-----END CERTIFICATE-----
Generated at Thu Feb 19 23:28:39 2026 by rpki-client