Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91192A0/4F1EAE84135611EA992B115AC4F9AE02/38FA1FDE135711EAACF3565BC4F9AE02.roa
File: 38FA1FDE135711EAACF3565BC4F9AE02.roa (raw, json)
Hash identifier: lqjv5J8rcO5p6CiwoABVWW5eKfnhDo2jeB2rhQw761A=
Subject key identifier: B0:A8:2B:DE:5C:5A:2F:FE:EF:12:2E:B9:FB:6F:70:40:34:B8:CE:BE
Certificate issuer: /CN=A91192A0/serialNumber=0DF6330115EC45F531FF56131EB8455AAFB776CC
Certificate serial: 0C80
Authority key identifier: 0D:F6:33:01:15:EC:45:F5:31:FF:56:13:1E:B8:45:5A:AF:B7:76:CC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DfYzARXsRfUx_1YTHrhFWq-3dsw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91192A0/4F1EAE84135611EA992B115AC4F9AE02/38FA1FDE135711EAACF3565BC4F9AE02.roa
Signing time: Mon 29 Dec 2025 18:29:11 +0000
ROA not before: Mon 29 Dec 2025 18:29:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137554
IP address blocks: 103.113.12.0/22 maxlen: 22
103.113.12.0/23 maxlen: 23
103.113.12.0/24 maxlen: 24
103.113.13.0/24 maxlen: 24
103.113.14.0/23 maxlen: 23
103.113.14.0/24 maxlen: 24
103.113.15.0/24 maxlen: 24
2402:b540::/32 maxlen: 32
2402:b540:1::/48 maxlen: 48
2402:b540:2::/48 maxlen: 48
2402:b540:3::/48 maxlen: 48
2402:b540:4::/48 maxlen: 48
2402:b540:5::/48 maxlen: 48
2402:b540:6::/48 maxlen: 48
2402:b540:7::/48 maxlen: 48
2402:b540:8::/48 maxlen: 48
2402:b540:9::/48 maxlen: 48
2402:b540:a::/48 maxlen: 48
2402:b540:b::/48 maxlen: 48
2402:b540:c::/48 maxlen: 48
2402:b540:d::/48 maxlen: 48
2402:b540:e::/48 maxlen: 48
2402:b540:f::/48 maxlen: 48
2402:b540:2a::/48 maxlen: 48
2402:b540:2b::/48 maxlen: 48
2402:b540:2c::/48 maxlen: 48
2402:b540:2d::/48 maxlen: 48
2402:b540:2e::/48 maxlen: 48
2402:b540:2f::/48 maxlen: 48
2402:b540:200::/48 maxlen: 48
2402:b540:202::/48 maxlen: 48
2402:b540:203::/48 maxlen: 48
2402:b540:400::/48 maxlen: 48
2402:b540:410::/48 maxlen: 48
2402:b540:600::/40 maxlen: 40
2402:b540:600::/48 maxlen: 48
2402:b540:601::/48 maxlen: 48
2402:b540:602::/48 maxlen: 48
2402:b540:603::/48 maxlen: 48
2402:b540:604::/48 maxlen: 48
2402:b540:605::/48 maxlen: 48
2402:b540:606::/48 maxlen: 48
2402:b540:607::/48 maxlen: 48
2402:b540:608::/48 maxlen: 48
2402:b540:609::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91192A0/4F1EAE84135611EA992B115AC4F9AE02/DfYzARXsRfUx_1YTHrhFWq-3dsw.crl
rsync://rpki.apnic.net/member_repository/A91192A0/4F1EAE84135611EA992B115AC4F9AE02/DfYzARXsRfUx_1YTHrhFWq-3dsw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DfYzARXsRfUx_1YTHrhFWq-3dsw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 25 Feb 2026 18:11:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3200 (0xc80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91192A0, serialNumber=0DF6330115EC45F531FF56131EB8455AAFB776CC
Validity
Not Before: Dec 29 18:29:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6952c877-d91a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:5f:fa:e1:44:a8:83:be:c4:82:94:92:b7:fc:
9e:00:5e:3a:91:e6:11:7c:b1:c2:25:95:85:b1:8d:
8a:70:10:ba:78:c6:53:c6:88:cf:e6:d4:fd:9c:72:
ab:e4:07:a5:3f:d7:b3:fb:ec:78:1a:53:0e:d2:f4:
58:d1:0a:de:6d:28:47:6a:ed:15:e3:a9:74:9b:91:
4a:b8:3d:bf:06:88:fa:ef:a5:c9:53:dd:24:9e:fc:
db:ec:3e:b5:00:eb:3d:c8:2b:14:5f:04:41:f5:a0:
ee:90:c9:26:79:50:3d:04:0b:82:f2:68:d9:75:5b:
86:1a:5a:4c:1c:ea:b6:3d:08:35:f8:c4:cd:eb:87:
67:98:52:59:f4:a3:b2:db:ab:1f:c6:2a:5d:e7:1d:
0f:e7:ab:f1:d2:45:fe:dd:ce:96:e9:a9:54:56:39:
b3:86:4f:e5:1e:e9:f4:6f:c3:cc:a4:ba:18:1f:a0:
64:ec:64:95:69:1c:d3:72:e6:42:c7:b7:81:5e:41:
af:f0:ce:18:b9:11:23:a7:2f:e7:6f:2c:8a:db:ab:
fc:49:ed:6a:67:83:c7:ea:72:4a:cf:e2:d0:5a:7d:
58:f0:24:e0:b1:eb:b9:c3:4b:28:7a:bd:2c:d3:d7:
9f:6a:db:a7:58:0f:d3:3d:75:63:76:7c:08:41:02:
cb:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:A8:2B:DE:5C:5A:2F:FE:EF:12:2E:B9:FB:6F:70:40:34:B8:CE:BE
X509v3 Authority Key Identifier:
keyid:0D:F6:33:01:15:EC:45:F5:31:FF:56:13:1E:B8:45:5A:AF:B7:76:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91192A0/4F1EAE84135611EA992B115AC4F9AE02/DfYzARXsRfUx_1YTHrhFWq-3dsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DfYzARXsRfUx_1YTHrhFWq-3dsw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91192A0/4F1EAE84135611EA992B115AC4F9AE02/38FA1FDE135711EAACF3565BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.113.12.0/22
IPv6:
2402:b540::/32
Signature Algorithm: sha256WithRSAEncryption
42:4a:de:78:89:5e:c2:6f:4e:69:9d:0f:23:8a:3e:86:72:95:
e0:3e:82:52:75:e7:22:c9:ae:08:7e:bd:2d:ce:73:78:70:73:
48:34:c5:2d:b2:68:5b:59:96:38:7f:8c:9a:ce:e3:80:e2:92:
ba:46:fe:20:14:1b:ae:4e:30:40:db:9e:3d:1f:12:05:29:10:
5a:12:11:89:c0:88:68:b4:4d:1c:16:73:92:0a:a5:9b:07:a0:
41:3c:b8:0b:43:db:81:b7:27:84:bb:16:9f:42:88:01:0f:2e:
db:e9:33:a6:48:7b:6f:00:e2:e2:ff:50:3d:83:47:b4:89:d8:
7b:b6:e1:d6:51:4c:ed:e0:83:f3:18:d5:19:6c:9b:1a:52:6f:
29:05:ac:e3:c9:25:d1:83:0a:b4:70:38:b3:a9:dc:5b:d2:24:
2d:43:ec:94:1f:55:9a:14:c2:b3:b4:60:02:60:ce:e4:e3:3e:
5f:82:16:e6:b8:da:58:58:ed:e9:c7:62:f3:23:c6:47:2b:91:
89:0b:40:94:21:e8:d4:07:ef:c6:cf:b7:d5:70:d8:bd:29:ae:
c4:b9:78:cb:c3:5a:d2:5c:cb:8e:e6:66:16:c0:51:57:45:e4:
dc:f2:57:f3:6a:b4:43:49:7c:26:c6:e1:71:66:61:9b:36:f1:
8d:77:cd:06
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDIAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTkyQTAxMTAvBgNVBAUTKDBERjYzMzAxMTVFQzQ1RjUzMUZGNTYxMzFFQjg0NTVB
QUZCNzc2Q0MwHhcNMjUxMjI5MTgyOTExWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDDA02OTUyYzg3Ny1kOTFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAkF/64USog77EgpSSt/yeAF46keYRfLHCJZWFsY2KcBC6eMZTxojP5tT9nHKr
5AelP9ez++x4GlMO0vRY0QrebShHau0V46l0m5FKuD2/Boj676XJU90knvzb7D61
AOs9yCsUXwRB9aDukMkmeVA9BAuC8mjZdVuGGlpMHOq2PQg1+MTN64dnmFJZ9KOy
26sfxipd5x0P56vx0kX+3c6W6alUVjmzhk/lHun0b8PMpLoYH6Bk7GSVaRzTcuZC
x7eBXkGv8M4YuREjpy/nbyyK26v8Se1qZ4PH6nJKz+LQWn1Y8CTgseu5w0soer0s
09efatunWA/TPXVjdnwIQQLLLwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFLCoK95c
Wi/+7xIuuftvcEA0uM6+MB8GA1UdIwQYMBaAFA32MwEV7EX1Mf9WEx64RVqvt3bM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTJBMC80RjFFQUU4NDEz
NTYxMUVBOTkyQjExNUFDNEY5QUUwMi9EZll6QVJYc1JmVXhfMVlUSHJoRldxLTNk
c3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0RmWXpBUlhzUmZVeF8xWVRIcmhGV3EtM2Rzdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTkyQTAvNEYxRUFFODQxMzU2MTFFQTk5MkIxMTVBQzRGOUFFMDIvMzhGQTFGREUx
MzU3MTFFQUFDRjM1NjVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJncQwwDQQCAAIwBwMFACQCtUAwDQYJKoZIhvcNAQELBQAD
ggEBAEJK3niJXsJvTmmdDyOKPoZyleA+glJ15yLJrgh+vS3Oc3hwc0g0xS2yaFtZ
ljh/jJrO44DikrpG/iAUG65OMEDbnj0fEgUpEFoSEYnAiGi0TRwWc5IKpZsHoEE8
uAtD24G3J4S7Fp9CiAEPLtvpM6ZIe28A4uL/UD2DR7SJ2Hu24dZRTO3gg/MY1Rls
mxpSbykFrOPJJdGDCrRwOLOp3FvSJC1D7JQfVZoUwrO0YAJgzuTjPl+CFua42lhY
7enHYvMjxkcrkYkLQJQh6NQH78bPt9Vw2L0prsS5eMvDWtJcy47mZhbAUVdF5Nzy
V/NqtENJfCbG4XFmYZs28Y13zQY=
-----END CERTIFICATE-----
Generated at Fri Feb 20 01:38:20 2026 by rpki-client