Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/8E3D04582E6111F1B6525AEF9C833773.roa
File: 8E3D04582E6111F1B6525AEF9C833773.roa (raw, json)
Hash identifier: vj80xxBZZ47KcJ0pnAomU1A+ji7M1/hFg9BFpv3vEYM=
Subject key identifier: 9C:38:A1:D4:E4:B2:28:DA:4D:1A:57:F0:8C:95:23:60:4A:1E:E4:D0
Certificate issuer: /CN=A9120B99/serialNumber=86C7946946B2A57B056F02B279340D30C2CE49B4
Certificate serial: 35E7
Authority key identifier: 86:C7:94:69:46:B2:A5:7B:05:6F:02:B2:79:34:0D:30:C2:CE:49:B4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hseUaUaypXsFbwKyeTQNMMLOSbQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/8E3D04582E6111F1B6525AEF9C833773.roa
Signing time: Thu 14 May 2026 15:10:23 +0000
ROA not before: Thu 14 May 2026 15:10:23 +0000
ROA not after: Fri 30 Jul 2027 00:00:00 +0000
asID: 7540
IP address blocks: 117.18.116.0/24 maxlen: 24
202.181.174.0/24 maxlen: 24
202.181.176.0/24 maxlen: 24
202.181.192.0/21 maxlen: 21
202.181.192.0/24 maxlen: 24
202.181.193.0/24 maxlen: 24
202.181.194.0/24 maxlen: 24
202.181.195.0/24 maxlen: 24
202.181.196.0/24 maxlen: 24
202.181.197.0/24 maxlen: 24
202.181.198.0/24 maxlen: 24
202.181.199.0/24 maxlen: 24
202.181.200.0/24 maxlen: 24
202.181.201.0/24 maxlen: 24
202.181.202.0/24 maxlen: 24
202.181.203.0/24 maxlen: 24
202.181.205.0/24 maxlen: 24
202.181.206.0/24 maxlen: 24
202.181.207.0/24 maxlen: 24
202.181.208.0/21 maxlen: 21
202.181.208.0/24 maxlen: 24
202.181.209.0/24 maxlen: 24
202.181.210.0/24 maxlen: 24
202.181.211.0/24 maxlen: 24
202.181.212.0/24 maxlen: 24
202.181.213.0/24 maxlen: 24
202.181.214.0/24 maxlen: 24
202.181.215.0/24 maxlen: 24
202.181.225.0/24 maxlen: 24
202.181.226.0/24 maxlen: 24
202.181.227.0/24 maxlen: 24
202.181.228.0/24 maxlen: 24
202.181.230.0/24 maxlen: 24
202.181.231.0/24 maxlen: 24
202.181.233.0/24 maxlen: 24
202.181.234.0/24 maxlen: 24
202.181.235.0/24 maxlen: 24
202.181.236.0/24 maxlen: 24
202.181.237.0/24 maxlen: 24
202.181.238.0/24 maxlen: 24
202.181.239.0/24 maxlen: 24
202.181.240.0/24 maxlen: 24
202.181.241.0/24 maxlen: 24
202.181.242.0/24 maxlen: 24
202.181.243.0/24 maxlen: 24
202.181.244.0/24 maxlen: 24
202.181.245.0/24 maxlen: 24
202.181.246.0/24 maxlen: 24
202.181.247.0/24 maxlen: 24
2405:5d00::/32 maxlen: 32
2405:5d00::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/hseUaUaypXsFbwKyeTQNMMLOSbQ.crl
rsync://rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/hseUaUaypXsFbwKyeTQNMMLOSbQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hseUaUaypXsFbwKyeTQNMMLOSbQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 09 Jun 2026 14:23:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13799 (0x35e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9120B99, serialNumber=86C7946946B2A57B056F02B279340D30C2CE49B4
Validity
Not Before: May 14 15:10:23 2026 GMT
Not After : Jul 30 00:00:00 2027 GMT
Subject: CN=6a05e5df-b871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3e:7f:6e:02:31:1d:54:f4:a1:e3:df:9c:4f:
24:b5:14:06:02:99:88:3f:d5:51:02:74:5c:ce:64:
6f:de:4b:94:02:72:60:f1:71:77:08:2b:51:5e:7f:
76:fa:2c:9f:50:f1:31:da:c1:62:56:ef:09:9c:48:
23:31:9c:c0:ff:9c:8b:8a:5f:3e:70:1a:c4:17:8a:
15:01:48:39:ae:b1:a4:51:1e:5d:88:5a:db:1d:7a:
b2:a9:09:49:1e:64:24:1b:b9:7a:0a:15:6b:b5:b8:
0a:5a:4e:a0:bf:3c:92:60:46:70:eb:35:5d:ad:46:
8a:9e:84:27:8a:85:8f:1a:e7:eb:ec:bf:42:c2:e7:
1a:80:86:0f:ad:e6:4d:42:12:f1:dd:2a:96:29:1d:
cb:8f:3a:95:d1:1c:13:ef:b5:e1:ad:47:e7:45:98:
c9:36:f4:ec:8b:4b:36:cd:71:8b:24:44:a4:9f:5b:
05:8a:1a:17:20:31:99:4e:10:8c:e7:3d:de:ef:09:
a2:bb:30:97:c3:99:83:14:b5:95:c6:a9:5c:a1:3c:
ea:4e:39:1e:2f:02:84:68:05:da:40:cf:b5:8c:64:
bd:64:4c:d8:75:b8:a5:a4:a5:a8:aa:26:06:06:68:
7a:fd:93:ae:14:8c:73:8f:45:fa:84:67:3c:a7:30:
de:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:38:A1:D4:E4:B2:28:DA:4D:1A:57:F0:8C:95:23:60:4A:1E:E4:D0
X509v3 Authority Key Identifier:
keyid:86:C7:94:69:46:B2:A5:7B:05:6F:02:B2:79:34:0D:30:C2:CE:49:B4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/hseUaUaypXsFbwKyeTQNMMLOSbQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hseUaUaypXsFbwKyeTQNMMLOSbQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9120B99/D3F9051C1D8311E2B4ED5CD908B02CD2/8E3D04582E6111F1B6525AEF9C833773.roa
sbgp-ipAddrBlock: critical
IPv4:
117.18.116.0/24
202.181.174.0/24
202.181.176.0/24
202.181.192.0-202.181.203.255
202.181.205.0-202.181.215.255
202.181.225.0-202.181.228.255
202.181.230.0/23
202.181.233.0-202.181.247.255
IPv6:
2405:5d00::/32
Signature Algorithm: sha256WithRSAEncryption
6a:b0:8c:d0:08:93:c8:5c:bb:aa:b4:72:0e:b0:53:68:d9:43:
8e:aa:1b:75:7d:80:93:4e:55:6d:b2:f2:58:77:91:e4:e7:94:
a3:dd:7e:a5:dd:a4:f4:67:98:14:65:cb:3a:ec:0d:fa:ff:16:
07:e9:c9:cd:47:6d:0e:3b:d9:27:cf:0a:57:93:1d:e9:66:0e:
82:55:e6:59:56:3e:dc:67:e7:db:eb:dd:a9:a9:04:43:39:e5:
42:0d:7f:02:43:17:4d:0f:e6:8c:6e:a4:39:ee:f0:10:98:81:
63:a8:89:37:e3:26:dd:a7:ef:f8:26:25:f1:e2:69:d0:91:d1:
91:f5:75:bc:10:2a:8c:5c:76:e9:2a:a5:49:83:f9:68:20:da:
27:f1:3e:a2:38:5d:8f:20:d4:2b:4a:8f:ea:b7:d7:bd:6f:01:
90:6f:03:06:12:4a:a4:fc:12:90:fd:52:c6:22:c5:b1:cb:7e:
bc:63:3b:06:57:34:63:f1:c7:da:69:03:bf:b9:ef:88:15:38:
b7:49:bc:4b:86:50:58:b4:9e:d4:3f:aa:86:2a:d8:3e:44:9f:
01:70:7c:fe:23:da:01:b8:db:ef:78:a2:6a:47:48:40:ec:20:
fe:d6:7a:31:29:0c:63:1a:68:03:42:bc:2d:d9:18:de:69:6f:
82:3b:00:30
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICNecwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjBCOTkxMTAvBgNVBAUTKDg2Qzc5NDY5NDZCMkE1N0IwNTZGMDJCMjc5MzQwRDMw
QzJDRTQ5QjQwHhcNMjYwNTE0MTUxMDIzWhcNMjcwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTA1ZTVkZi1iODcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsD5/bgIxHVT0oePfnE8ktRQGApmIP9VRAnRczmRv3kuUAnJg8XF3CCtRXn92
+iyfUPEx2sFiVu8JnEgjMZzA/5yLil8+cBrEF4oVAUg5rrGkUR5diFrbHXqyqQlJ
HmQkG7l6ChVrtbgKWk6gvzySYEZw6zVdrUaKnoQnioWPGufr7L9CwucagIYPreZN
QhLx3SqWKR3LjzqV0RwT77XhrUfnRZjJNvTsi0s2zXGLJESkn1sFihoXIDGZThCM
5z3e7wmiuzCXw5mDFLWVxqlcoTzqTjkeLwKEaAXaQM+1jGS9ZEzYdbilpKWoqiYG
Bmh6/ZOuFIxzj0X6hGc8pzDeyQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFJw4odTk
sijaTRpX8IyVI2BKHuTQMB8GA1UdIwQYMBaAFIbHlGlGsqV7BW8Csnk0DTDCzkm0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMEI5OS9EM0Y5MDUxQzFE
ODMxMUUyQjRFRDVDRDkwOEIwMkNEMi9oc2VVYVVheXBYc0Zid0t5ZVRRTk1NTE9T
YlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hzZVVhVWF5cFhzRmJ3S3llVFFOTU1MT1NiUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjBCOTkvRDNGOTA1MUMxRDgzMTFFMkI0RUQ1Q0Q5MDhCMDJDRDIvOEUzRDA0NTgy
RTYxMTFGMUI2NTI1QUVGOUM4MzM3NzMucm9hMHgGCCsGAQUFBwEHAQH/BGkwZzBW
BAIAATBQAwQAdRJ0AwQAyrWuAwQAyrWwMAwDBAbKtcADBALKtcgwDAMEAMq1zQME
A8q10DAMAwQAyrXhAwQAyrXkAwQByrXmMAwDBADKtekDBAPKtfAwDQQCAAIwBwMF
ACQFXQAwDQYJKoZIhvcNAQELBQADggEBAGqwjNAIk8hcu6q0cg6wU2jZQ46qG3V9
gJNOVW2y8lh3keTnlKPdfqXdpPRnmBRlyzrsDfr/Fgfpyc1HbQ472SfPCleTHelm
DoJV5llWPtxn59vr3ampBEM55UINfwJDF00P5oxupDnu8BCYgWOoiTfjJt2n7/gm
JfHiadCR0ZH1dbwQKoxcdukqpUmD+Wgg2ifxPqI4XY8g1CtKj+q3171vAZBvAwYS
SqT8EpD9UsYixbHLfrxjOwZXNGPxx9ppA7+574gVOLdJvEuGUFi0ntQ/qoYq2D5E
nwFwfP4j2gG42+94ompHSEDsIP7WejEpDGMaaANCvC3ZGN5pb4I7ADA=
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:40:38 2026 by rpki-client