Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/A28603BE3D5D11F19617582FAB833773.roa
File: A28603BE3D5D11F19617582FAB833773.roa (raw, json)
Hash identifier: guX6EhbcTR6j/8h8tuHU18WPC5/CU3vKLdR4Gif3JRY=
Subject key identifier: 3E:BB:8A:14:8C:D5:1A:17:4F:F5:1E:44:85:21:5C:10:0C:8B:B9:A7
Certificate issuer: /CN=A91298DA/serialNumber=FCAA086226DF02AF8394FAB22D1FB96E0B7D65DD
Certificate serial: 0CE3
Authority key identifier: FC:AA:08:62:26:DF:02:AF:83:94:FA:B2:2D:1F:B9:6E:0B:7D:65:DD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/A28603BE3D5D11F19617582FAB833773.roa
Signing time: Mon 18 May 2026 19:23:07 +0000
ROA not before: Mon 18 May 2026 19:23:07 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58895
IP address blocks: 36.255.100.0/22 maxlen: 22
36.255.100.0/24 maxlen: 24
36.255.101.0/24 maxlen: 24
36.255.102.0/24 maxlen: 24
36.255.103.0/24 maxlen: 24
43.229.164.0/22 maxlen: 22
43.229.164.0/24 maxlen: 24
43.229.165.0/24 maxlen: 24
43.229.166.0/24 maxlen: 24
43.229.167.0/24 maxlen: 24
43.231.60.0/22 maxlen: 22
43.231.60.0/24 maxlen: 24
43.231.61.0/24 maxlen: 24
43.231.62.0/24 maxlen: 24
43.231.63.0/24 maxlen: 24
43.248.12.0/24 maxlen: 24
43.248.13.0/24 maxlen: 24
43.248.14.0/24 maxlen: 24
45.113.124.0/22 maxlen: 22
45.113.124.0/24 maxlen: 24
45.113.125.0/24 maxlen: 24
45.113.126.0/24 maxlen: 24
45.113.127.0/24 maxlen: 24
45.117.105.0/24 maxlen: 24
45.117.106.0/24 maxlen: 24
45.117.107.0/24 maxlen: 24
103.24.96.0/22 maxlen: 24
103.35.214.0/24 maxlen: 24
103.35.215.0/24 maxlen: 24
103.39.80.0/22 maxlen: 22
103.39.80.0/24 maxlen: 24
103.39.81.0/24 maxlen: 24
103.39.82.0/24 maxlen: 24
103.39.83.0/24 maxlen: 24
103.49.136.0/24 maxlen: 24
103.49.137.0/24 maxlen: 24
103.49.138.0/24 maxlen: 24
103.49.139.0/24 maxlen: 24
103.50.156.0/22 maxlen: 22
103.50.156.0/24 maxlen: 24
103.50.157.0/24 maxlen: 24
103.50.158.0/24 maxlen: 24
103.50.159.0/24 maxlen: 24
103.53.44.0/22 maxlen: 22
103.53.44.0/24 maxlen: 24
103.53.45.0/24 maxlen: 24
103.53.46.0/24 maxlen: 24
103.53.47.0/24 maxlen: 24
103.57.169.0/24 maxlen: 24
103.57.170.0/24 maxlen: 24
103.57.171.0/24 maxlen: 24
103.70.84.0/24 maxlen: 24
103.70.85.0/24 maxlen: 24
103.200.196.0/24 maxlen: 24
103.200.197.0/24 maxlen: 24
103.200.198.0/24 maxlen: 24
103.200.199.0/24 maxlen: 24
103.209.85.0/24 maxlen: 24
103.209.86.0/24 maxlen: 24
103.209.87.0/24 maxlen: 24
117.53.40.0/22 maxlen: 22
117.53.40.0/24 maxlen: 24
117.53.41.0/24 maxlen: 24
117.53.42.0/24 maxlen: 24
117.53.43.0/24 maxlen: 24
150.129.4.0/22 maxlen: 22
150.129.4.0/24 maxlen: 24
150.129.5.0/24 maxlen: 24
150.129.6.0/24 maxlen: 24
150.129.7.0/24 maxlen: 24
2400:1680::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.crl
rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 17 Jun 2026 18:43:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3299 (0xce3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91298DA, serialNumber=FCAA086226DF02AF8394FAB22D1FB96E0B7D65DD
Validity
Not Before: May 18 19:23:07 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6a0b671b-1660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:29:24:62:0b:f6:7e:d8:bd:af:d0:b3:e3:a6:
c9:00:e5:ce:27:61:25:09:8a:84:70:87:62:26:60:
bd:24:cf:8b:c1:25:0d:a9:bc:33:85:67:43:5a:3e:
d5:f6:2e:74:06:af:93:c2:69:32:e0:68:1b:ed:40:
18:03:74:4d:94:2a:1a:17:da:81:91:f1:8d:f2:a6:
6c:56:b1:a2:b6:10:79:56:64:92:0e:2a:8f:af:7f:
49:10:d9:dc:a6:c2:2a:7d:f2:7a:eb:0a:35:ce:5b:
dc:b7:c9:a5:c0:dd:2d:93:1c:6a:3f:45:1d:ae:0b:
71:3b:54:96:01:1b:1e:4d:4a:ab:1c:d7:c8:10:87:
77:b5:84:76:f8:bf:4a:f0:cf:16:16:5a:a0:4b:43:
cc:56:b1:11:d7:1f:f7:be:71:5b:64:c5:86:f3:f2:
a4:70:08:d6:30:90:5f:61:77:07:1d:43:c1:98:48:
ac:79:32:ac:d1:5c:67:fa:dc:ed:59:61:85:26:2f:
fc:38:b0:13:0e:af:eb:d0:8d:94:44:7a:13:f9:4a:
b6:cd:67:4c:e8:f4:41:84:0f:8e:b4:2b:58:01:f3:
4f:2a:06:ba:ef:7e:8d:bb:d6:89:10:52:16:b3:25:
9f:c7:8a:15:d2:a0:66:03:14:9b:20:79:e4:d3:66:
5f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:BB:8A:14:8C:D5:1A:17:4F:F5:1E:44:85:21:5C:10:0C:8B:B9:A7
X509v3 Authority Key Identifier:
keyid:FC:AA:08:62:26:DF:02:AF:83:94:FA:B2:2D:1F:B9:6E:0B:7D:65:DD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/A28603BE3D5D11F19617582FAB833773.roa
sbgp-ipAddrBlock: critical
IPv4:
36.255.100.0/22
43.229.164.0/22
43.231.60.0/22
43.248.12.0-43.248.14.255
45.113.124.0/22
45.117.105.0-45.117.107.255
103.24.96.0/22
103.35.214.0/23
103.39.80.0/22
103.49.136.0/22
103.50.156.0/22
103.53.44.0/22
103.57.169.0-103.57.171.255
103.70.84.0/23
103.200.196.0/22
103.209.85.0-103.209.87.255
117.53.40.0/22
150.129.4.0/22
IPv6:
2400:1680::/32
Signature Algorithm: sha256WithRSAEncryption
4d:ed:43:7d:86:da:76:bc:97:e3:78:6f:8b:6b:87:61:c8:9f:
0d:23:38:b4:cf:68:6f:38:6c:c9:1d:8b:3c:29:d9:42:23:13:
1d:79:b0:c5:04:00:2c:fa:cc:da:a0:e3:21:2f:d1:6f:35:eb:
fa:ed:65:aa:53:f2:c3:13:9b:b0:97:dc:28:f6:f8:b9:39:3c:
25:be:77:c6:09:35:b2:58:b0:f3:f3:1a:d1:19:40:b6:b4:41:
1f:14:d5:1c:dd:ea:c7:41:25:fb:90:fb:32:2d:f9:d6:19:c4:
45:c6:24:26:4a:c0:8f:bd:7b:8b:d3:6f:a0:80:cd:d6:7a:e7:
a8:0f:cb:a4:eb:a3:c7:83:0e:22:3c:bd:a3:70:d9:23:34:7b:
64:ce:05:92:8a:d8:70:0c:ca:fb:56:f4:0e:d7:05:14:1e:b1:
31:b2:8c:3a:23:12:9c:5c:02:54:bb:21:0a:2a:79:f5:95:37:
4f:d6:c4:b6:1e:0f:93:c7:0b:3a:09:1d:a9:76:f6:51:5e:e9:
18:89:cb:19:04:b7:b2:10:f7:07:b4:b6:ec:2b:7d:84:1d:7c:
d9:5b:df:dc:9d:a1:c6:93:03:0d:50:86:29:84:d4:02:ca:fb:
03:15:0c:cd:99:a1:6c:91:c2:a8:2a:42:ce:cb:c0:44:1c:6a:
c4:7e:48:ec
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgICDOMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjk4REExMTAvBgNVBAUTKEZDQUEwODYyMjZERjAyQUY4Mzk0RkFCMjJEMUZCOTZF
MEI3RDY1REQwHhcNMjYwNTE4MTkyMzA3WhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTBiNjcxYi0xNjYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAkSkkYgv2fti9r9Cz46bJAOXOJ2ElCYqEcIdiJmC9JM+LwSUNqbwzhWdDWj7V
9i50Bq+Twmky4Ggb7UAYA3RNlCoaF9qBkfGN8qZsVrGithB5VmSSDiqPr39JENnc
psIqffJ66wo1zlvct8mlwN0tkxxqP0UdrgtxO1SWARseTUqrHNfIEId3tYR2+L9K
8M8WFlqgS0PMVrER1x/3vnFbZMWG8/KkcAjWMJBfYXcHHUPBmEiseTKs0Vxn+tzt
WWGFJi/8OLATDq/r0I2URHoT+Uq2zWdM6PRBhA+OtCtYAfNPKga6736Nu9aJEFIW
syWfx4oV0qBmAxSbIHnk02ZfmQIDAQABo4IC+jCCAvYwHQYDVR0OBBYEFD67ihSM
1RoXT/UeRIUhXBAMi7mnMB8GA1UdIwQYMBaAFPyqCGIm3wKvg5T6si0fuW4LfWXd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOThEQS8zNEYzNjEyRTI2
ODExMUVBOTAzRDcwNThDNEY5QUUwMi9fS29JWWliZkFxLURsUHF5TFItNWJndDla
ZDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19Lb0lZaWJmQXEtRGxQcXlMUi01Ymd0OVpkMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjk4REEvMzRGMzYxMkUyNjgxMTFFQTkwM0Q3MDU4QzRGOUFFMDIvQTI4NjAzQkUz
RDVEMTFGMTk2MTc1ODJGQUI4MzM3NzMucm9hMIG4BggrBgEFBQcBBwEB/wSBqDCB
pTCBkwQCAAEwgYwDBAIk/2QDBAIr5aQDBAIr5zwwDAMEAiv4DAMEACv4DgMEAi1x
fDAMAwQALXVpAwQCLXVoAwQCZxhgAwQBZyPWAwQCZydQAwQCZzGIAwQCZzKcAwQC
ZzUsMAwDBABnOakDBAJnOagDBAFnRlQDBAJnyMQwDAMEAGfRVQMEA2fRUAMEAnU1
KAMEApaBBDANBAIAAjAHAwUAJAAWgDANBgkqhkiG9w0BAQsFAAOCAQEATe1DfYba
dryX43hvi2uHYcifDSM4tM9obzhsyR2LPCnZQiMTHXmwxQQALPrM2qDjIS/RbzXr
+u1lqlPywxObsJfcKPb4uTk8Jb53xgk1sliw8/Ma0RlAtrRBHxTVHN3qx0El+5D7
Mi351hnERcYkJkrAj717i9NvoIDN1nrnqA/LpOujx4MOIjy9o3DZIzR7ZM4FkorY
cAzK+1b0DtcFFB6xMbKMOiMSnFwCVLshCip59ZU3T9bEth4Pk8cLOgkdqXb2UV7p
GInLGQS3shD3B7S27Ct9hB182Vvf3J2hxpMDDVCGKYTUAsr7AxUMzZmhbJHCqCpC
zsvARBxqxH5I7A==
-----END CERTIFICATE-----
Generated at Fri Jun 12 18:35:09 2026 by rpki-client