Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9129E3A/197EC0B61D8611E2ABEF22DD08B02CD2/78F6DFE8CB6411F0A28C973CC4F9AE02.roa
File: 78F6DFE8CB6411F0A28C973CC4F9AE02.roa (raw, json)
Hash identifier: gvi8hWhSZEyhI/MZ6vtRb0JcAY+iSRYiYJZi1gBmvRI=
Subject key identifier: E3:C8:78:3A:70:30:EA:46:97:BB:FC:8B:19:CC:55:37:AC:81:D7:8E
Certificate issuer: /CN=A9129E3A/serialNumber=5A96D4EC3D352494D9239D52AF35AC104DA12F9D
Certificate serial: 35B6
Authority key identifier: 5A:96:D4:EC:3D:35:24:94:D9:23:9D:52:AF:35:AC:10:4D:A1:2F:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WpbU7D01JJTZI51SrzWsEE2hL50.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9129E3A/197EC0B61D8611E2ABEF22DD08B02CD2/78F6DFE8CB6411F0A28C973CC4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:28:26 +0000
ROA not before: Wed 28 Jan 2026 15:10:32 +0000
ROA not after: Wed 31 Mar 2027 00:00:00 +0000
asID: 17408
IP address blocks: 202.3.160.0/20 maxlen: 23
202.3.160.0/21 maxlen: 24
202.3.168.0/23 maxlen: 24
202.3.170.0/24 maxlen: 24
202.3.172.0/22 maxlen: 24
202.3.176.0/21 maxlen: 24
202.3.186.0/23 maxlen: 24
202.3.188.0/22 maxlen: 24
202.55.224.0/19 maxlen: 24
202.153.160.0/23 maxlen: 23
202.153.160.0/24 maxlen: 24
202.153.161.0/24 maxlen: 24
202.153.162.0/23 maxlen: 23
202.153.162.0/24 maxlen: 24
202.153.164.0/24 maxlen: 24
202.153.165.0/24 maxlen: 24
202.153.167.0/24 maxlen: 24
202.153.168.0/23 maxlen: 23
202.153.168.0/24 maxlen: 24
202.153.169.0/24 maxlen: 24
202.153.170.0/24 maxlen: 24
202.153.172.0/24 maxlen: 24
202.153.173.0/24 maxlen: 24
202.153.174.0/23 maxlen: 23
202.153.174.0/24 maxlen: 24
202.153.175.0/24 maxlen: 24
202.153.176.0/22 maxlen: 22
202.153.176.0/23 maxlen: 24
202.153.178.0/23 maxlen: 23
202.153.178.0/24 maxlen: 24
202.153.179.0/24 maxlen: 24
202.153.180.0/24 maxlen: 24
202.153.181.0/24 maxlen: 24
202.153.182.0/23 maxlen: 24
202.153.184.0/21 maxlen: 24
202.153.193.0/24 maxlen: 24
202.153.194.0/23 maxlen: 23
202.153.194.0/24 maxlen: 24
202.153.196.0/22 maxlen: 22
202.153.196.0/23 maxlen: 24
202.153.198.0/23 maxlen: 24
202.153.202.0/23 maxlen: 24
202.153.204.0/22 maxlen: 22
202.153.204.0/23 maxlen: 24
202.153.206.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9129E3A/197EC0B61D8611E2ABEF22DD08B02CD2/WpbU7D01JJTZI51SrzWsEE2hL50.crl
rsync://rpki.apnic.net/member_repository/A9129E3A/197EC0B61D8611E2ABEF22DD08B02CD2/WpbU7D01JJTZI51SrzWsEE2hL50.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WpbU7D01JJTZI51SrzWsEE2hL50.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 13 Mar 2026 14:26:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13750 (0x35b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9129E3A, serialNumber=5A96D4EC3D352494D9239D52AF35AC104DA12F9D
Validity
Not Before: Jan 28 15:10:32 2026 GMT
Not After : Mar 31 00:00:00 2027 GMT
Subject: CN=69a4854a-a5f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3c:bc:29:ae:ba:e5:2f:78:a4:bb:cc:27:e7:
bb:c5:61:e9:25:47:60:0e:81:6e:81:f3:b5:65:44:
69:b6:33:8f:6f:b7:6d:4c:98:a1:a7:75:31:3f:72:
46:b3:a7:1b:d8:60:f4:5c:8d:f0:27:c7:28:65:c7:
02:4a:51:6c:1d:e6:fd:17:ef:d9:6e:f4:f9:cb:ba:
be:cf:60:15:23:f3:fc:c8:36:75:3f:21:60:66:65:
e6:34:66:95:7a:dc:b5:63:f7:00:63:08:ac:10:30:
0f:4e:17:ac:7f:86:95:59:c6:bc:3c:b6:42:5b:85:
f7:4b:27:18:e0:8e:8f:6a:77:c0:b2:4f:2c:f3:3c:
94:d6:62:ca:f1:12:38:b7:09:e0:50:a6:bd:27:3e:
15:96:9d:db:c4:b3:9b:a4:63:b5:8b:b6:34:ea:8f:
f6:f8:e6:be:c7:f5:a6:7f:b6:f7:4c:d7:d4:f8:1f:
3c:76:66:b3:f5:fd:f1:8c:e5:a8:c8:e9:6f:16:b3:
20:58:c4:7a:79:57:94:8c:d2:c8:06:cf:3b:d2:4c:
88:ca:f2:04:be:47:67:d3:c9:00:74:ee:7b:a6:fe:
3a:dd:64:84:61:d5:9d:18:2a:bf:df:38:e9:69:c4:
58:e0:77:db:4d:d8:26:22:0e:d2:ce:5d:0b:76:65:
ef:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:C8:78:3A:70:30:EA:46:97:BB:FC:8B:19:CC:55:37:AC:81:D7:8E
X509v3 Authority Key Identifier:
keyid:5A:96:D4:EC:3D:35:24:94:D9:23:9D:52:AF:35:AC:10:4D:A1:2F:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9129E3A/197EC0B61D8611E2ABEF22DD08B02CD2/WpbU7D01JJTZI51SrzWsEE2hL50.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WpbU7D01JJTZI51SrzWsEE2hL50.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9129E3A/197EC0B61D8611E2ABEF22DD08B02CD2/78F6DFE8CB6411F0A28C973CC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
202.3.160.0-202.3.183.255
202.3.186.0-202.3.191.255
202.55.224.0/19
202.153.160.0-202.153.165.255
202.153.167.0-202.153.170.255
202.153.172.0-202.153.191.255
202.153.193.0-202.153.199.255
202.153.202.0-202.153.207.255
Signature Algorithm: sha256WithRSAEncryption
ad:16:90:46:8d:2d:75:50:70:18:66:07:fa:10:a2:69:c7:f2:
07:1d:63:fe:a5:86:33:42:ab:ef:f2:64:16:a7:bc:11:16:10:
2a:cf:86:d0:2e:da:4a:4d:bb:b5:fd:70:6f:f7:b8:dd:cb:1c:
82:51:ed:65:b3:74:77:dc:7d:1f:38:9f:bf:63:5d:8c:59:a6:
72:92:87:e6:ba:b7:e8:57:3b:39:6d:2c:8e:9f:5f:32:a0:13:
ea:7a:56:88:0f:dd:ae:77:f5:36:63:9a:c9:03:2b:e7:eb:0e:
2f:00:26:61:e5:bf:6c:9c:0a:23:06:f0:60:05:0a:8d:e2:64:
4c:a2:5e:69:a3:c0:64:b9:86:13:ce:10:72:aa:14:ea:cf:9e:
e3:45:d5:60:3e:09:0d:4c:0d:05:de:77:6b:37:6d:79:9e:81:
c3:99:70:69:a8:0c:80:60:7d:8a:0e:31:a0:e5:4b:cf:60:f8:
60:f7:f8:ae:1b:0a:ea:4c:7a:36:4d:70:a5:6a:34:fb:f1:90:
b3:52:25:bd:99:33:c6:6f:de:4a:96:b9:78:8c:87:01:81:e8:
f8:d2:20:d2:fd:9f:19:98:85:f2:d8:f1:f0:7e:0a:56:99:8b:
99:ea:39:bd:e9:a7:13:76:cd:a1:74:7a:ed:a9:00:a2:e9:da:
39:4b:2e:e8
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgICNbYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjlFM0ExMTAvBgNVBAUTKDVBOTZENEVDM0QzNTI0OTREOTIzOUQ1MkFGMzVBQzEw
NERBMTJGOUQwHhcNMjYwMTI4MTUxMDMyWhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODU0YS1hNWY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAujy8Ka665S94pLvMJ+e7xWHpJUdgDoFugfO1ZURptjOPb7dtTJihp3UxP3JG
s6cb2GD0XI3wJ8coZccCSlFsHeb9F+/ZbvT5y7q+z2AVI/P8yDZ1PyFgZmXmNGaV
ety1Y/cAYwisEDAPThesf4aVWca8PLZCW4X3SycY4I6PanfAsk8s8zyU1mLK8RI4
twngUKa9Jz4Vlp3bxLObpGO1i7Y06o/2+Oa+x/Wmf7b3TNfU+B88dmaz9f3xjOWo
yOlvFrMgWMR6eVeUjNLIBs870kyIyvIEvkdn08kAdO57pv463WSEYdWdGCq/3zjp
acRY4HfbTdgmIg7Szl0LdmXvqwIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFOPIeDpw
MOpGl7v8ixnMVTesgdeOMB8GA1UdIwQYMBaAFFqW1Ow9NSSU2SOdUq81rBBNoS+d
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOUUzQS8xOTdFQzBCNjFE
ODYxMUUyQUJFRjIyREQwOEIwMkNEMi9XcGJVN0QwMUpKVFpJNTFTcnpXc0VFMmhM
NTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dwYlU3RDAxSkpUWkk1MVNyeldzRUUyaEw1MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjlFM0EvMTk3RUMwQjYxRDg2MTFFMkFCRUYyMkREMDhCMDJDRDIvNzhGNkRGRThD
QjY0MTFGMEEyOEM5NzNDQzRGOUFFMDIucm9hMIGBBggrBgEFBQcBBwEB/wRyMHAw
bgQCAAEwaDAMAwQFygOgAwQDygOwMAwDBAHKA7oDBAbKA4ADBAXKN+AwDAMEBcqZ
oAMEAcqZpDAMAwQAypmnAwQAypmqMAwDBALKmawDBAbKmYAwDAMEAMqZwQMEA8qZ
wDAMAwQBypnKAwQEypnAMA0GCSqGSIb3DQEBCwUAA4IBAQCtFpBGjS11UHAYZgf6
EKJpx/IHHWP+pYYzQqvv8mQWp7wRFhAqz4bQLtpKTbu1/XBv97jdyxyCUe1ls3R3
3H0fOJ+/Y12MWaZykofmurfoVzs5bSyOn18yoBPqelaID92ud/U2Y5rJAyvn6w4v
ACZh5b9snAojBvBgBQqN4mRMol5po8BkuYYTzhByqhTqz57jRdVgPgkNTA0F3ndr
N215noHDmXBpqAyAYH2KDjGg5UvPYPhg9/iuGwrqTHo2TXClajT78ZCzUiW9mTPG
b95Klrl4jIcBgej40iDS/Z8ZmIXy2PHwfgpWmYuZ6jm96acTds2hdHrtqQCi6do5
Sy7o
-----END CERTIFICATE-----
Generated at Sun Mar 8 09:46:02 2026 by rpki-client