Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/86C8EBA2B12A11EF985A2D32C4F9AE02.roa
File: 86C8EBA2B12A11EF985A2D32C4F9AE02.roa (raw, json)
Hash identifier: 5ei1Pf2BFe+GGZMzUH0jNMbQdUw4QmZ26uLjm4CIyKk=
Subject key identifier: 30:07:B7:2E:7C:BC:AA:8B:27:96:8D:BA:AE:52:0D:7C:AD:62:59:6B
Certificate issuer: /CN=A91262CA/serialNumber=D63DE82A759F9657F8F073B251251AAE67BA4BA6
Certificate serial: 0525
Authority key identifier: D6:3D:E8:2A:75:9F:96:57:F8:F0:73:B2:51:25:1A:AE:67:BA:4B:A6
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1j3oKnWfllf48HOyUSUarme6S6Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/86C8EBA2B12A11EF985A2D32C4F9AE02.roa
Signing time: Mon 02 Mar 2026 12:47:02 +0000
ROA not before: Wed 27 Aug 2025 01:05:31 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 4750
IP address blocks: 147.50.0.0/22 maxlen: 22
147.50.4.0/22 maxlen: 22
147.50.8.0/22 maxlen: 22
147.50.12.0/22 maxlen: 22
147.50.16.0/22 maxlen: 22
147.50.20.0/22 maxlen: 22
147.50.24.0/22 maxlen: 22
147.50.28.0/22 maxlen: 22
147.50.34.0/24 maxlen: 24
147.50.35.0/24 maxlen: 24
147.50.36.0/22 maxlen: 22
147.50.41.0/24 maxlen: 24
147.50.42.0/24 maxlen: 24
147.50.43.0/24 maxlen: 24
147.50.44.0/24 maxlen: 24
147.50.45.0/24 maxlen: 24
147.50.46.0/24 maxlen: 24
147.50.47.0/24 maxlen: 24
147.50.48.0/24 maxlen: 24
147.50.49.0/24 maxlen: 24
147.50.50.0/24 maxlen: 24
147.50.51.0/24 maxlen: 24
147.50.52.0/24 maxlen: 24
147.50.53.0/24 maxlen: 24
147.50.54.0/24 maxlen: 24
147.50.55.0/24 maxlen: 24
147.50.56.0/24 maxlen: 24
147.50.57.0/24 maxlen: 24
147.50.58.0/24 maxlen: 24
147.50.59.0/24 maxlen: 24
147.50.60.0/24 maxlen: 24
147.50.61.0/24 maxlen: 24
147.50.64.0/22 maxlen: 22
147.50.68.0/22 maxlen: 22
147.50.73.0/24 maxlen: 24
147.50.75.0/24 maxlen: 24
147.50.76.0/24 maxlen: 24
147.50.77.0/24 maxlen: 24
147.50.78.0/24 maxlen: 24
147.50.128.0/19 maxlen: 19
147.50.128.0/22 maxlen: 22
147.50.128.0/24 maxlen: 24
147.50.132.0/22 maxlen: 22
147.50.144.0/22 maxlen: 22
147.50.148.0/22 maxlen: 22
147.50.156.0/22 maxlen: 22
147.50.160.0/20 maxlen: 20
147.50.162.0/23 maxlen: 23
147.50.164.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/1j3oKnWfllf48HOyUSUarme6S6Y.crl
rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/1j3oKnWfllf48HOyUSUarme6S6Y.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1j3oKnWfllf48HOyUSUarme6S6Y.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 21 Mar 2026 14:50:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1317 (0x525)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91262CA, serialNumber=D63DE82A759F9657F8F073B251251AAE67BA4BA6
Validity
Not Before: Aug 27 01:05:31 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=69a586c6-35a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e6:e7:22:28:8e:44:2d:fe:8a:4b:e4:99:95:
fe:f3:d3:69:41:7d:3c:7e:a7:cd:52:4f:c7:e2:1b:
62:cc:78:ed:46:ad:87:14:01:6d:59:07:12:69:6f:
b1:e8:f8:7a:db:b2:64:cc:96:a1:84:90:69:bd:0b:
2a:43:1f:9d:7f:c5:35:0b:e5:4d:3d:04:8c:10:60:
d4:a3:32:9f:0b:98:75:23:7d:4a:cf:4c:85:b4:24:
e8:0a:c7:27:1f:fd:c2:f7:31:eb:24:57:cc:5d:35:
07:2b:b4:ea:07:f0:f9:47:35:b5:3e:07:c9:fd:55:
65:b7:a8:6a:a0:65:cd:d7:ab:5b:1f:58:b9:83:f7:
85:da:77:a6:a9:d7:77:e1:a0:59:03:9c:13:55:5c:
5c:c0:87:6f:9b:3e:71:96:89:f7:66:61:00:bb:b7:
1d:fb:c1:1a:8c:86:96:7f:0e:69:70:a2:96:ab:c8:
5c:f2:37:de:03:da:58:65:dc:18:8a:7e:2c:e1:01:
cf:37:3e:8d:fb:9e:d8:d8:58:08:f5:e9:d4:00:a0:
dd:46:58:58:59:92:0d:14:cf:f2:a7:d1:96:5a:dd:
ad:36:41:e7:69:b3:6b:0b:10:3e:56:5f:c8:85:12:
20:36:e5:bd:37:fc:4c:a2:eb:66:a2:b8:75:7a:20:
12:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:07:B7:2E:7C:BC:AA:8B:27:96:8D:BA:AE:52:0D:7C:AD:62:59:6B
X509v3 Authority Key Identifier:
keyid:D6:3D:E8:2A:75:9F:96:57:F8:F0:73:B2:51:25:1A:AE:67:BA:4B:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/1j3oKnWfllf48HOyUSUarme6S6Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1j3oKnWfllf48HOyUSUarme6S6Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/86C8EBA2B12A11EF985A2D32C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
147.50.0.0/19
147.50.34.0-147.50.39.255
147.50.41.0-147.50.61.255
147.50.64.0/21
147.50.73.0/24
147.50.75.0-147.50.78.255
147.50.128.0-147.50.175.255
Signature Algorithm: sha256WithRSAEncryption
89:98:43:fe:c7:e1:bb:34:ed:30:64:e5:7c:45:10:9f:82:fb:
8d:00:15:17:7b:b1:84:69:3a:1c:52:7b:57:7d:77:a9:0c:9d:
2e:d5:63:a1:81:0f:58:84:a5:0f:cc:ac:5e:8b:f7:b4:3e:89:
eb:5e:1e:8a:df:a1:7f:9b:cf:6c:79:08:ac:7f:b0:cd:0a:e8:
00:b1:ad:a1:10:63:d9:3d:fb:a3:26:c3:5d:0b:20:c0:a7:d5:
71:f1:b6:e1:21:32:c2:0a:3f:07:ca:cc:19:5d:06:71:4d:a2:
db:0d:84:91:cb:fe:62:15:fa:27:f8:68:3c:53:81:7b:ad:ab:
33:0a:c0:47:9e:90:92:0b:45:26:00:68:81:ce:9f:79:44:3e:
72:f0:4e:64:79:4b:7e:ee:a0:12:d1:0f:ab:bc:1b:46:cf:62:
49:b1:b8:74:1f:96:5f:54:da:19:ab:5e:7c:ec:77:45:6d:28:
f4:ec:b8:c0:69:69:25:65:f2:15:fa:f4:9d:6d:b9:05:7a:54:
6e:88:ef:1e:51:9d:21:b7:42:5d:e3:79:09:0f:c8:44:1b:b2:
4b:8e:45:77:93:0d:cb:b5:37:0b:3d:5b:32:d6:1c:af:25:32:
02:14:e5:95:ed:5d:f2:b3:d7:4b:13:4f:27:e1:9b:6b:76:62:
15:da:40:10
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBSUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjYyQ0ExMTAvBgNVBAUTKEQ2M0RFODJBNzU5Rjk2NTdGOEYwNzNCMjUxMjUxQUFF
NjdCQTRCQTYwHhcNMjUwODI3MDEwNTMxWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE1ODZjNi0zNWE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1ubnIiiORC3+ikvkmZX+89NpQX08fqfNUk/H4htizHjtRq2HFAFtWQcSaW+x
6Ph627JkzJahhJBpvQsqQx+df8U1C+VNPQSMEGDUozKfC5h1I31Kz0yFtCToCscn
H/3C9zHrJFfMXTUHK7TqB/D5RzW1PgfJ/VVlt6hqoGXN16tbH1i5g/eF2nemqdd3
4aBZA5wTVVxcwIdvmz5xlon3ZmEAu7cd+8EajIaWfw5pcKKWq8hc8jfeA9pYZdwY
in4s4QHPNz6N+57Y2FgI9enUAKDdRlhYWZINFM/yp9GWWt2tNkHnabNrCxA+Vl/I
hRIgNuW9N/xMoutmorh1eiASowIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFDAHty58
vKqLJ5aNuq5SDXytYllrMB8GA1UdIwQYMBaAFNY96Cp1n5ZX+PBzslElGq5nukum
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNjJDQS9FQzFFRTY1MjhB
NTcxMUVDOTZFQkMwMTRDNEY5QUUwMi8xajNvS25XZmxsZjQ4SE95VVNVYXJtZTZT
NlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzFqM29LbldmbGxmNDhIT3lVU1Vhcm1lNlM2WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjYyQ0EvRUMxRUU2NTI4QTU3MTFFQzk2RUJDMDE0QzRGOUFFMDIvODZDOEVCQTJC
MTJBMTFFRjk4NUEyRDMyQzRGOUFFMDIucm9hMGMGCCsGAQUFBwEHAQH/BFQwUjBQ
BAIAATBKAwQFkzIAMAwDBAGTMiIDBAOTMiAwDAMEAJMyKQMEAZMyPAMEA5MyQAME
AJMySTAMAwQAkzJLAwQAkzJOMAwDBAeTMoADBASTMqAwDQYJKoZIhvcNAQELBQAD
ggEBAImYQ/7H4bs07TBk5XxFEJ+C+40AFRd7sYRpOhxSe1d9d6kMnS7VY6GBD1iE
pQ/MrF6L97Q+ieteHorfoX+bz2x5CKx/sM0K6ACxraEQY9k9+6Mmw10LIMCn1XHx
tuEhMsIKPwfKzBldBnFNotsNhJHL/mIV+if4aDxTgXutqzMKwEeekJILRSYAaIHO
n3lEPnLwTmR5S37uoBLRD6u8G0bPYkmxuHQfll9U2hmrXnzsd0VtKPTsuMBpaSVl
8hX69J1tuQV6VG6I7x5RnSG3Ql3jeQkPyEQbskuORXeTDcu1Nws9WzLWHK8lMgIU
5ZXtXfKz10sTTyfhm2t2YhXaQBA=
-----END CERTIFICATE-----
Generated at Sun Mar 15 01:44:38 2026 by rpki-client