Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/A28603BE3D5D11F19617582FAB833773.roa
File: A28603BE3D5D11F19617582FAB833773.roa (raw, json)
Hash identifier: mAaWMtI1EVqxy6AbyPe2VukKTpE8ednyspOTClONDXk=
Subject key identifier: 71:43:CF:FF:24:A8:A7:D9:1F:69:90:04:04:3B:D0:40:A0:EE:33:C8
Certificate issuer: /CN=A91298DA/serialNumber=FCAA086226DF02AF8394FAB22D1FB96E0B7D65DD
Certificate serial: 0CC8
Authority key identifier: FC:AA:08:62:26:DF:02:AF:83:94:FA:B2:2D:1F:B9:6E:0B:7D:65:DD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/A28603BE3D5D11F19617582FAB833773.roa
Signing time: Tue 21 Apr 2026 08:40:27 +0000
ROA not before: Tue 21 Apr 2026 08:40:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58895
IP address blocks: 36.255.100.0/22 maxlen: 22
36.255.100.0/24 maxlen: 24
36.255.101.0/24 maxlen: 24
36.255.102.0/24 maxlen: 24
36.255.103.0/24 maxlen: 24
43.229.164.0/22 maxlen: 22
43.229.164.0/24 maxlen: 24
43.229.165.0/24 maxlen: 24
43.229.166.0/24 maxlen: 24
43.229.167.0/24 maxlen: 24
43.231.60.0/22 maxlen: 22
43.231.60.0/24 maxlen: 24
43.231.61.0/24 maxlen: 24
43.231.62.0/24 maxlen: 24
43.231.63.0/24 maxlen: 24
43.248.12.0/24 maxlen: 24
43.248.13.0/24 maxlen: 24
43.248.14.0/24 maxlen: 24
45.113.124.0/22 maxlen: 22
45.113.124.0/24 maxlen: 24
45.113.125.0/24 maxlen: 24
45.113.126.0/24 maxlen: 24
45.113.127.0/24 maxlen: 24
45.117.105.0/24 maxlen: 24
45.117.106.0/24 maxlen: 24
45.117.107.0/24 maxlen: 24
103.24.96.0/22 maxlen: 24
103.35.214.0/24 maxlen: 24
103.35.215.0/24 maxlen: 24
103.39.80.0/22 maxlen: 22
103.39.80.0/24 maxlen: 24
103.39.81.0/24 maxlen: 24
103.39.82.0/24 maxlen: 24
103.39.83.0/24 maxlen: 24
103.49.136.0/24 maxlen: 24
103.49.137.0/24 maxlen: 24
103.49.138.0/24 maxlen: 24
103.49.139.0/24 maxlen: 24
103.50.156.0/22 maxlen: 22
103.50.156.0/24 maxlen: 24
103.50.157.0/24 maxlen: 24
103.50.158.0/24 maxlen: 24
103.50.159.0/24 maxlen: 24
103.53.44.0/22 maxlen: 22
103.53.44.0/24 maxlen: 24
103.53.45.0/24 maxlen: 24
103.53.46.0/24 maxlen: 24
103.53.47.0/24 maxlen: 24
103.57.169.0/24 maxlen: 24
103.57.170.0/24 maxlen: 24
103.57.171.0/24 maxlen: 24
103.70.84.0/24 maxlen: 24
103.70.85.0/24 maxlen: 24
103.200.196.0/24 maxlen: 24
103.200.197.0/24 maxlen: 24
103.200.198.0/24 maxlen: 24
103.200.199.0/24 maxlen: 24
103.209.85.0/24 maxlen: 24
103.209.86.0/24 maxlen: 24
103.209.87.0/24 maxlen: 24
117.53.40.0/22 maxlen: 22
117.53.40.0/24 maxlen: 24
117.53.41.0/24 maxlen: 24
117.53.42.0/24 maxlen: 24
117.53.43.0/24 maxlen: 24
150.129.4.0/22 maxlen: 22
150.129.4.0/24 maxlen: 24
150.129.5.0/24 maxlen: 24
150.129.6.0/24 maxlen: 24
150.129.7.0/24 maxlen: 24
2400:1680::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.crl
rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 03 May 2026 18:39:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3272 (0xcc8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91298DA, serialNumber=FCAA086226DF02AF8394FAB22D1FB96E0B7D65DD
Validity
Not Before: Apr 21 08:40:27 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69e737fb-0c32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a7:bc:7a:df:80:9c:b4:01:e3:3d:bf:37:96:
b5:13:b2:86:ee:26:6b:b1:4c:f7:ef:12:26:1a:48:
1e:12:8a:46:ad:9d:ac:4d:bc:f1:8c:d4:16:8a:10:
6e:fe:8c:3a:f2:f1:18:2f:5b:de:f6:ea:d2:83:ed:
11:fb:0f:19:c7:b9:9a:b2:f3:fa:9e:53:94:b7:68:
6e:64:79:28:18:4d:20:56:40:fb:8e:db:88:b0:57:
c0:81:28:80:59:31:a0:74:9b:cb:f7:b9:b8:8e:7b:
96:5c:40:44:0e:a6:1d:55:a5:bc:76:33:c2:7f:2f:
fd:8b:5e:b6:3b:d3:74:c8:0b:e6:e3:c9:28:63:a0:
3b:ae:a2:de:c9:be:df:64:5b:01:33:b7:07:07:2b:
22:fb:ed:e5:20:58:f7:86:ba:b4:20:9c:a4:6a:5c:
d5:90:b8:e6:25:09:b4:31:78:f6:e0:96:c2:bf:f8:
8d:eb:1d:12:9c:c1:77:e0:6b:eb:11:4c:7e:5f:a3:
a6:ed:4c:89:de:28:30:19:88:df:25:d5:3b:2f:3f:
b7:51:8f:4c:7f:95:6a:46:0e:0a:f8:dc:91:5f:af:
f7:6f:a9:e3:49:16:f1:66:36:3a:f3:e9:28:ff:b7:
91:0c:bc:50:e9:3a:34:14:c3:21:a5:f1:b5:b5:7d:
d9:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:43:CF:FF:24:A8:A7:D9:1F:69:90:04:04:3B:D0:40:A0:EE:33:C8
X509v3 Authority Key Identifier:
keyid:FC:AA:08:62:26:DF:02:AF:83:94:FA:B2:2D:1F:B9:6E:0B:7D:65:DD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/A28603BE3D5D11F19617582FAB833773.roa
sbgp-ipAddrBlock: critical
IPv4:
36.255.100.0/22
43.229.164.0/22
43.231.60.0/22
43.248.12.0-43.248.14.255
45.113.124.0/22
45.117.105.0-45.117.107.255
103.24.96.0/22
103.35.214.0/23
103.39.80.0/22
103.49.136.0/22
103.50.156.0/22
103.53.44.0/22
103.57.169.0-103.57.171.255
103.70.84.0/23
103.200.196.0/22
103.209.85.0-103.209.87.255
117.53.40.0/22
150.129.4.0/22
IPv6:
2400:1680::/32
Signature Algorithm: sha256WithRSAEncryption
2a:fe:56:35:4e:04:5b:8f:32:22:03:b4:0e:8a:ba:3b:42:21:
dd:27:25:11:ad:c5:99:78:5b:97:16:c0:95:8c:e7:11:ec:3e:
31:b5:c0:bb:6f:4d:4d:ec:d0:12:e6:05:25:bf:b8:d6:7b:01:
e2:4b:9d:b7:33:71:05:d7:d7:dc:18:58:e4:51:37:ed:f0:00:
a7:5c:af:99:1e:8f:41:26:7d:6a:4d:42:d5:08:02:04:bd:7e:
e3:c8:b2:dc:0b:bb:71:6a:63:9b:1f:3e:43:c3:77:26:23:e3:
4e:61:d7:ca:7d:7c:8b:1a:21:e8:2f:c0:3c:5e:5b:84:4b:f9:
d7:09:0f:13:b5:c4:4f:65:27:a0:8f:58:bf:1b:d5:f0:23:35:
0f:df:88:63:92:a5:c0:b8:5d:86:3a:1c:cc:32:c8:41:b3:c2:
d9:13:bc:f7:b1:65:fe:35:24:c2:1a:60:45:8a:05:2f:c8:30:
7c:33:72:79:f2:17:38:96:58:9f:71:da:51:d6:34:86:f0:c4:
3f:a5:ed:93:7c:49:d5:5f:07:9d:76:91:f1:c7:e4:77:5a:67:
70:41:f4:6d:e8:86:56:02:d6:7f:44:d1:a6:a4:1e:16:c2:00:
78:32:f4:84:ae:00:1f:a4:ca:75:88:29:82:a2:3b:b5:a9:fb:
cf:fd:ee:af
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgICDMgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjk4REExMTAvBgNVBAUTKEZDQUEwODYyMjZERjAyQUY4Mzk0RkFCMjJEMUZCOTZF
MEI3RDY1REQwHhcNMjYwNDIxMDg0MDI3WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWU3MzdmYi0wYzMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyqe8et+AnLQB4z2/N5a1E7KG7iZrsUz37xImGkgeEopGrZ2sTbzxjNQWihBu
/ow68vEYL1ve9urSg+0R+w8Zx7masvP6nlOUt2huZHkoGE0gVkD7jtuIsFfAgSiA
WTGgdJvL97m4jnuWXEBEDqYdVaW8djPCfy/9i162O9N0yAvm48koY6A7rqLeyb7f
ZFsBM7cHBysi++3lIFj3hrq0IJykalzVkLjmJQm0MXj24JbCv/iN6x0SnMF34Gvr
EUx+X6Om7UyJ3igwGYjfJdU7Lz+3UY9Mf5VqRg4K+NyRX6/3b6njSRbxZjY68+ko
/7eRDLxQ6To0FMMhpfG1tX3ZBQIDAQABo4IC+jCCAvYwHQYDVR0OBBYEFHFDz/8k
qKfZH2mQBAQ70ECg7jPIMB8GA1UdIwQYMBaAFPyqCGIm3wKvg5T6si0fuW4LfWXd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOThEQS8zNEYzNjEyRTI2
ODExMUVBOTAzRDcwNThDNEY5QUUwMi9fS29JWWliZkFxLURsUHF5TFItNWJndDla
ZDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19Lb0lZaWJmQXEtRGxQcXlMUi01Ymd0OVpkMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjk4REEvMzRGMzYxMkUyNjgxMTFFQTkwM0Q3MDU4QzRGOUFFMDIvQTI4NjAzQkUz
RDVEMTFGMTk2MTc1ODJGQUI4MzM3NzMucm9hMIG4BggrBgEFBQcBBwEB/wSBqDCB
pTCBkwQCAAEwgYwDBAIk/2QDBAIr5aQDBAIr5zwwDAMEAiv4DAMEACv4DgMEAi1x
fDAMAwQALXVpAwQCLXVoAwQCZxhgAwQBZyPWAwQCZydQAwQCZzGIAwQCZzKcAwQC
ZzUsMAwDBABnOakDBAJnOagDBAFnRlQDBAJnyMQwDAMEAGfRVQMEA2fRUAMEAnU1
KAMEApaBBDANBAIAAjAHAwUAJAAWgDANBgkqhkiG9w0BAQsFAAOCAQEAKv5WNU4E
W48yIgO0Doq6O0Ih3SclEa3FmXhblxbAlYznEew+MbXAu29NTezQEuYFJb+41nsB
4kudtzNxBdfX3BhY5FE37fAAp1yvmR6PQSZ9ak1C1QgCBL1+48iy3Au7cWpjmx8+
Q8N3JiPjTmHXyn18ixoh6C/APF5bhEv51wkPE7XET2UnoI9YvxvV8CM1D9+IY5Kl
wLhdhjoczDLIQbPC2RO897Fl/jUkwhpgRYoFL8gwfDNyefIXOJZYn3HaUdY0hvDE
P6Xtk3xJ1V8HnXaR8cfkd1pncEH0beiGVgLWf0TRpqQeFsIAeDL0hK4AH6TKdYgp
gqI7tan7z/3urw==
-----END CERTIFICATE-----
Generated at Tue Apr 28 09:47:25 2026 by rpki-client