Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/8E3D04582E6111F1B6525AEF9C833773.roa
File: 8E3D04582E6111F1B6525AEF9C833773.roa (raw, json)
Hash identifier: UuyW5e6lF7Z+0+gU9cXnpJU5ej6QoOjDHx2berLU93s=
Subject key identifier: 1E:2A:DC:59:ED:2E:21:88:14:25:6F:D9:27:BB:FA:42:5C:75:E4:AC
Certificate issuer: /CN=A9120B99/serialNumber=86C7946946B2A57B056F02B279340D30C2CE49B4
Certificate serial: 35CA
Authority key identifier: 86:C7:94:69:46:B2:A5:7B:05:6F:02:B2:79:34:0D:30:C2:CE:49:B4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hseUaUaypXsFbwKyeTQNMMLOSbQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/8E3D04582E6111F1B6525AEF9C833773.roa
Signing time: Thu 02 Apr 2026 06:59:56 +0000
ROA not before: Thu 02 Apr 2026 06:59:56 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 7540
IP address blocks: 117.18.116.0/24 maxlen: 24
202.181.174.0/24 maxlen: 24
202.181.176.0/24 maxlen: 24
202.181.192.0/21 maxlen: 21
202.181.192.0/24 maxlen: 24
202.181.193.0/24 maxlen: 24
202.181.194.0/24 maxlen: 24
202.181.195.0/24 maxlen: 24
202.181.196.0/24 maxlen: 24
202.181.197.0/24 maxlen: 24
202.181.198.0/24 maxlen: 24
202.181.199.0/24 maxlen: 24
202.181.200.0/24 maxlen: 24
202.181.201.0/24 maxlen: 24
202.181.202.0/24 maxlen: 24
202.181.203.0/24 maxlen: 24
202.181.205.0/24 maxlen: 24
202.181.206.0/24 maxlen: 24
202.181.207.0/24 maxlen: 24
202.181.208.0/21 maxlen: 21
202.181.208.0/24 maxlen: 24
202.181.209.0/24 maxlen: 24
202.181.210.0/24 maxlen: 24
202.181.211.0/24 maxlen: 24
202.181.212.0/24 maxlen: 24
202.181.213.0/24 maxlen: 24
202.181.214.0/24 maxlen: 24
202.181.215.0/24 maxlen: 24
202.181.225.0/24 maxlen: 24
202.181.226.0/24 maxlen: 24
202.181.227.0/24 maxlen: 24
202.181.228.0/24 maxlen: 24
202.181.230.0/24 maxlen: 24
202.181.231.0/24 maxlen: 24
202.181.233.0/24 maxlen: 24
202.181.234.0/24 maxlen: 24
202.181.235.0/24 maxlen: 24
202.181.236.0/24 maxlen: 24
202.181.237.0/24 maxlen: 24
202.181.238.0/24 maxlen: 24
202.181.239.0/24 maxlen: 24
202.181.240.0/24 maxlen: 24
202.181.241.0/24 maxlen: 24
202.181.242.0/24 maxlen: 24
202.181.243.0/24 maxlen: 24
202.181.244.0/24 maxlen: 24
202.181.245.0/24 maxlen: 24
202.181.246.0/24 maxlen: 24
202.181.247.0/24 maxlen: 24
2405:5d00::/32 maxlen: 32
2405:5d00::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/hseUaUaypXsFbwKyeTQNMMLOSbQ.crl
rsync://rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/hseUaUaypXsFbwKyeTQNMMLOSbQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hseUaUaypXsFbwKyeTQNMMLOSbQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 11 Apr 2026 14:23:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13770 (0x35ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9120B99, serialNumber=86C7946946B2A57B056F02B279340D30C2CE49B4
Validity
Not Before: Apr 2 06:59:56 2026 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=69ce13ec-3d7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:97:44:20:42:de:69:87:1f:09:21:1f:f6:4c:
fb:a7:09:f7:0f:3a:78:2b:36:aa:63:7f:56:7e:13:
d3:c6:ee:d7:9c:06:85:99:e2:9c:df:27:a7:1a:9e:
96:f3:5b:bd:09:f2:22:1d:45:e1:58:a7:1c:c0:3b:
55:3d:80:4d:6f:71:b6:8c:8b:f7:f7:84:ac:87:14:
22:f2:a2:5e:ce:4d:d1:28:ab:2c:9e:85:51:9d:7d:
48:50:e2:c4:b6:45:f1:a3:dc:7f:55:7b:6c:91:f8:
97:c3:bf:06:9a:77:34:f7:88:c8:ed:ba:51:b2:71:
e3:a8:69:71:0c:fc:b9:c4:05:e4:ae:9e:03:77:d2:
e3:89:27:aa:5f:2c:c0:24:56:72:01:36:50:12:07:
fd:13:fd:c9:59:3a:d2:ba:b4:ad:43:a9:b3:11:4b:
80:34:dd:cb:3a:9e:c0:17:a6:f7:8d:2e:1d:77:5a:
20:80:a4:4f:44:cc:f6:4b:2c:fa:88:d1:bc:e6:10:
bc:04:7b:84:62:76:51:72:de:ee:da:cb:8e:84:05:
0d:a1:66:ac:4c:b7:80:05:fe:f0:b0:98:18:6b:bf:
fe:2d:65:9f:42:a8:fe:b0:33:e9:67:77:08:6e:57:
e2:de:6a:9d:7d:b4:b8:81:71:5e:ee:e0:99:64:36:
fb:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:2A:DC:59:ED:2E:21:88:14:25:6F:D9:27:BB:FA:42:5C:75:E4:AC
X509v3 Authority Key Identifier:
keyid:86:C7:94:69:46:B2:A5:7B:05:6F:02:B2:79:34:0D:30:C2:CE:49:B4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/hseUaUaypXsFbwKyeTQNMMLOSbQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hseUaUaypXsFbwKyeTQNMMLOSbQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/8E3D04582E6111F1B6525AEF9C833773.roa
sbgp-ipAddrBlock: critical
IPv4:
117.18.116.0/24
202.181.174.0/24
202.181.176.0/24
202.181.192.0-202.181.203.255
202.181.205.0-202.181.215.255
202.181.225.0-202.181.228.255
202.181.230.0/23
202.181.233.0-202.181.247.255
IPv6:
2405:5d00::/32
Signature Algorithm: sha256WithRSAEncryption
86:52:c7:f3:77:66:ea:45:65:2a:44:18:1f:21:6d:63:0f:39:
5b:ee:d5:4e:9c:ac:e4:2a:07:93:14:fe:91:b1:19:33:db:72:
52:e9:d3:f6:58:74:a8:29:a9:ab:70:5a:f4:b2:85:2a:8e:52:
06:b8:aa:54:81:d6:b6:a2:e5:11:4c:e6:76:0f:9c:12:d9:a7:
27:a6:ff:ba:84:d3:7f:3c:b5:d0:ce:ae:33:12:32:6c:a8:8b:
13:6f:42:8d:59:95:59:c3:a8:90:49:16:3d:ff:d0:d4:37:81:
e3:4a:98:f0:88:fd:dd:29:22:41:b4:e9:4e:d6:b9:11:fb:aa:
15:b1:7d:52:7e:bf:da:e5:07:aa:59:1a:66:d9:7a:88:7b:a8:
f1:aa:ef:75:a9:eb:1f:f5:bb:6e:58:42:82:2e:05:16:a8:5c:
d2:aa:54:ec:08:d5:f1:58:24:ba:8f:d6:21:fb:4d:48:6d:ce:
6d:e2:f4:75:07:08:c7:ab:fb:01:b5:66:72:87:50:a0:12:8a:
b1:f3:c4:1b:4f:69:ab:df:86:12:65:b9:fa:81:14:4b:24:cc:
9a:bc:a7:1b:01:77:de:b6:71:98:d4:c1:5f:27:26:e0:37:d5:
be:33:b5:94:f2:c4:57:dd:b6:90:56:75:16:12:ea:ea:3e:4c:
f8:3b:a2:e1
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICNcowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjBCOTkxMTAvBgNVBAUTKDg2Qzc5NDY5NDZCMkE1N0IwNTZGMDJCMjc5MzQwRDMw
QzJDRTQ5QjQwHhcNMjYwNDAyMDY1OTU2WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWNlMTNlYy0zZDdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2pdEIELeaYcfCSEf9kz7pwn3Dzp4KzaqY39WfhPTxu7XnAaFmeKc3yenGp6W
81u9CfIiHUXhWKccwDtVPYBNb3G2jIv394SshxQi8qJezk3RKKssnoVRnX1IUOLE
tkXxo9x/VXtskfiXw78Gmnc094jI7bpRsnHjqGlxDPy5xAXkrp4Dd9LjiSeqXyzA
JFZyATZQEgf9E/3JWTrSurStQ6mzEUuANN3LOp7AF6b3jS4dd1oggKRPRMz2Syz6
iNG85hC8BHuEYnZRct7u2suOhAUNoWasTLeABf7wsJgYa7/+LWWfQqj+sDPpZ3cI
blfi3mqdfbS4gXFe7uCZZDb7PwIDAQABo4ICuTCCArUwHQYDVR0OBBYEFB4q3Fnt
LiGIFCVv2Se7+kJcdeSsMB8GA1UdIwQYMBaAFIbHlGlGsqV7BW8Csnk0DTDCzkm0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMEI5OS9EM0Y5MDUxQzFE
ODMxMUUyQjRFRDVDRDkwOEIwMkNEMi9oc2VVYVVheXBYc0Zid0t5ZVRRTk1NTE9T
YlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hzZVVhVWF5cFhzRmJ3S3llVFFOTU1MT1NiUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjBCOTkvRDNGOTA1MUMxRDgzMTFFMkI0RUQ1Q0Q5MDhCMDJDRDIvOEUzRDA0NTgy
RTYxMTFGMUI2NTI1QUVGOUM4MzM3NzMucm9hMHgGCCsGAQUFBwEHAQH/BGkwZzBW
BAIAATBQAwQAdRJ0AwQAyrWuAwQAyrWwMAwDBAbKtcADBALKtcgwDAMEAMq1zQME
A8q10DAMAwQAyrXhAwQAyrXkAwQByrXmMAwDBADKtekDBAPKtfAwDQQCAAIwBwMF
ACQFXQAwDQYJKoZIhvcNAQELBQADggEBAIZSx/N3ZupFZSpEGB8hbWMPOVvu1U6c
rOQqB5MU/pGxGTPbclLp0/ZYdKgpqatwWvSyhSqOUga4qlSB1rai5RFM5nYPnBLZ
pyem/7qE0388tdDOrjMSMmyoixNvQo1ZlVnDqJBJFj3/0NQ3geNKmPCI/d0pIkG0
6U7WuRH7qhWxfVJ+v9rlB6pZGmbZeoh7qPGq73Wp6x/1u25YQoIuBRaoXNKqVOwI
1fFYJLqP1iH7TUhtzm3i9HUHCMer+wG1ZnKHUKASirHzxBtPaavfhhJlufqBFEsk
zJq8pxsBd962cZjUwV8nJuA31b4ztZTyxFfdtpBWdRYS6uo+TPg7ouE=
-----END CERTIFICATE-----
Generated at Mon Apr 6 12:40:47 2026 by rpki-client