Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/DB5AEE86AA8411ECA420473FC4F9AE02.roa
File: DB5AEE86AA8411ECA420473FC4F9AE02.roa (raw, json)
Hash identifier: rYu9sxXsDzYu1V1O7LZ6RtLMC7VfIr2j15fJqXrHGTs=
Subject key identifier: E7:93:6F:8B:2C:70:D0:3F:E0:C3:28:84:B8:35:00:B1:DF:53:9F:3B
Certificate issuer: /CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Certificate serial: 3B7C
Authority key identifier: 61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/DB5AEE86AA8411ECA420473FC4F9AE02.roa
Signing time: Sun 01 Mar 2026 19:29:07 +0000
ROA not before: Mon 14 Jul 2025 14:51:40 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 9287
IP address blocks: 61.90.185.0/24 maxlen: 24
61.90.197.0/24 maxlen: 24
61.90.198.0/24 maxlen: 24
61.90.200.0/22 maxlen: 22
61.90.200.0/24 maxlen: 24
61.90.201.0/24 maxlen: 24
61.90.202.0/24 maxlen: 24
61.90.204.0/23 maxlen: 23
61.90.204.0/24 maxlen: 24
61.90.205.0/24 maxlen: 24
61.90.213.0/24 maxlen: 24
61.90.231.0/24 maxlen: 24
61.91.0.0/21 maxlen: 21
61.91.0.0/24 maxlen: 24
61.91.1.0/24 maxlen: 24
61.91.2.0/24 maxlen: 24
61.91.3.0/24 maxlen: 24
61.91.4.0/24 maxlen: 24
61.91.5.0/24 maxlen: 24
61.91.6.0/24 maxlen: 24
61.91.7.0/24 maxlen: 24
61.91.11.0/24 maxlen: 24
61.91.12.0/22 maxlen: 22
61.91.12.0/24 maxlen: 24
61.91.13.0/24 maxlen: 24
61.91.14.0/24 maxlen: 24
61.91.15.0/24 maxlen: 24
61.91.80.0/23 maxlen: 23
61.91.80.0/24 maxlen: 24
61.91.81.0/24 maxlen: 24
61.91.92.0/24 maxlen: 24
61.91.120.0/21 maxlen: 21
61.91.120.0/24 maxlen: 24
61.91.121.0/24 maxlen: 24
61.91.122.0/24 maxlen: 24
61.91.123.0/24 maxlen: 24
61.91.124.0/24 maxlen: 24
61.91.125.0/24 maxlen: 24
61.91.126.0/24 maxlen: 24
61.91.127.0/24 maxlen: 24
61.91.247.0/24 maxlen: 24
119.46.69.0/24 maxlen: 24
119.46.92.0/24 maxlen: 24
119.46.96.0/23 maxlen: 23
119.46.96.0/24 maxlen: 24
119.46.97.0/24 maxlen: 24
119.46.98.0/24 maxlen: 24
119.46.113.0/24 maxlen: 24
119.46.194.0/24 maxlen: 24
119.46.226.0/24 maxlen: 24
203.144.245.0/24 maxlen: 24
210.86.139.0/24 maxlen: 24
210.86.176.0/21 maxlen: 21
210.86.176.0/24 maxlen: 24
210.86.177.0/24 maxlen: 24
210.86.178.0/24 maxlen: 24
210.86.179.0/24 maxlen: 24
210.86.180.0/22 maxlen: 22
210.86.180.0/24 maxlen: 24
210.86.181.0/24 maxlen: 24
210.86.182.0/24 maxlen: 24
210.86.183.0/24 maxlen: 24
2001:fb0:1000::/48 maxlen: 48
2001:fb0:1001::/48 maxlen: 48
2001:fb0:1002::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 13 Mar 2026 14:19:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15228 (0x3b7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9137ABC, serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Validity
Not Before: Jul 14 14:51:40 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=69a49383-a0a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:24:cd:a4:75:e8:db:44:b1:35:bc:4e:b5:84:
85:3a:de:33:fb:d8:e1:8c:35:33:2a:c3:d0:96:bb:
91:77:b0:7a:dc:b7:19:ec:a0:f4:83:ec:fb:cc:9e:
f7:50:87:13:ad:25:6f:75:b9:55:af:d3:47:b4:d3:
30:eb:15:78:7a:00:52:64:20:dc:d0:4f:cc:79:99:
4c:4e:2f:4f:ac:c8:9b:93:1d:8d:c2:b5:3f:a0:a1:
6f:4c:cb:19:8a:b2:64:e2:84:12:5b:b9:c9:ae:57:
dd:2d:5c:af:6d:68:72:16:2e:29:30:01:c9:e4:0f:
25:06:92:96:3c:cd:73:4a:d9:af:c8:2c:34:a5:e3:
69:66:fa:dc:ba:29:bd:d2:b2:9e:d0:b6:9d:1a:d2:
cf:34:3b:db:06:86:76:26:5f:26:e0:89:c5:0b:89:
61:98:35:4b:13:57:4d:2d:c5:b4:cb:a6:cf:4b:4b:
a3:01:ba:e0:40:a9:74:ab:22:e4:c3:d7:b9:b7:54:
f9:16:ce:3d:f1:d3:6d:f5:6f:f4:37:92:b3:ba:0c:
ba:56:15:66:6b:78:86:f7:78:31:a8:00:37:b8:18:
a9:3e:08:1c:15:a8:9e:4a:f7:ab:c8:02:45:1b:7b:
97:06:ae:a7:b3:fa:3b:63:b9:6e:5b:ba:61:00:1b:
bb:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:93:6F:8B:2C:70:D0:3F:E0:C3:28:84:B8:35:00:B1:DF:53:9F:3B
X509v3 Authority Key Identifier:
keyid:61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/DB5AEE86AA8411ECA420473FC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
61.90.185.0/24
61.90.197.0-61.90.198.255
61.90.200.0-61.90.205.255
61.90.213.0/24
61.90.231.0/24
61.91.0.0/21
61.91.11.0-61.91.15.255
61.91.80.0/23
61.91.92.0/24
61.91.120.0/21
61.91.247.0/24
119.46.69.0/24
119.46.92.0/24
119.46.96.0-119.46.98.255
119.46.113.0/24
119.46.194.0/24
119.46.226.0/24
203.144.245.0/24
210.86.139.0/24
210.86.176.0/21
IPv6:
2001:fb0:1000::-2001:fb0:1002:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5e:ae:d4:97:38:24:a1:4d:ad:3f:96:27:90:02:fb:98:39:3c:
77:f9:86:4b:b4:86:65:97:f6:ae:e1:76:3c:7d:15:60:2b:01:
7f:b1:4c:f8:56:3c:da:52:57:44:77:ca:41:26:39:b4:ac:43:
3a:24:36:b3:b5:b6:c4:91:79:fc:0a:88:80:b7:2f:91:00:a2:
f9:f9:91:1f:5e:3b:98:10:94:f5:57:6e:cb:50:f4:2f:91:f7:
5d:86:20:0c:ca:b7:b2:0e:fe:4d:46:a6:b7:70:05:10:ea:f1:
fa:f8:f0:7e:a1:6d:87:cd:40:cd:58:9b:71:98:34:96:28:7c:
b1:46:af:e6:b3:46:85:0a:04:91:ea:e8:78:34:c7:53:ed:28:
c5:31:11:48:84:68:2e:c2:cf:ca:a7:75:f9:ec:2d:ae:15:44:
8d:69:21:c1:fe:e6:3c:f7:a4:22:46:3b:fd:b7:dc:e4:91:01:
48:58:1d:9f:dd:63:77:5e:21:12:2c:56:48:4e:ab:6b:6e:97:
54:08:a2:b9:44:5a:06:f4:3f:5f:01:ef:d8:aa:ac:05:02:d3:
ef:1c:e5:fb:6d:48:6b:20:b5:e3:17:4d:72:8c:e0:96:7e:00:
9a:05:e5:36:7a:cf:d4:ff:88:fb:5b:ed:6c:d3:98:c0:fd:5f:
44:b6:bd:9c
-----BEGIN CERTIFICATE-----
MIIF7jCCBNagAwIBAgICO3wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzdBQkMxMTAvBgNVBAUTKDYxQkYzRUQ0QzNCRkJDMDkxNkVGOTQ4MEFBRkYyMjJB
NDM3QUYwMkMwHhcNMjUwNzE0MTQ1MTQwWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0OTM4My1hMGE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqSTNpHXo20SxNbxOtYSFOt4z+9jhjDUzKsPQlruRd7B63LcZ7KD0g+z7zJ73
UIcTrSVvdblVr9NHtNMw6xV4egBSZCDc0E/MeZlMTi9PrMibkx2NwrU/oKFvTMsZ
irJk4oQSW7nJrlfdLVyvbWhyFi4pMAHJ5A8lBpKWPM1zStmvyCw0peNpZvrcuim9
0rKe0LadGtLPNDvbBoZ2Jl8m4InFC4lhmDVLE1dNLcW0y6bPS0ujAbrgQKl0qyLk
w9e5t1T5Fs498dNt9W/0N5Kzugy6VhVma3iG93gxqAA3uBipPggcFaieSveryAJF
G3uXBq6ns/o7Y7luW7phABu7fwIDAQABo4IDEjCCAw4wHQYDVR0OBBYEFOeTb4ss
cNA/4MMohLg1ALHfU587MB8GA1UdIwQYMBaAFGG/PtTDv7wJFu+UgKr/IipDevAs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FCQy83MTNEOUZCMDFE
NzgxMUUyODI4NjhEQzQwOEIwMkNEMi9ZYjgtMU1PX3ZBa1c3NVNBcXY4aUtrTjY4
Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1liOC0xTU9fdkFrVzc1U0FxdjhpS2tONjhDdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzdBQkMvNzEzRDlGQjAxRDc4MTFFMjgyODY4REM0MDhCMDJDRDIvREI1QUVFODZB
QTg0MTFFQ0E0MjA0NzNGQzRGOUFFMDIucm9hMIHQBggrBgEFBQcBBwEB/wSBwDCB
vTCBnwQCAAEwgZgDBAA9WrkwDAMEAD1axQMEAD1axjAMAwQDPVrIAwQBPVrMAwQA
PVrVAwQAPVrnAwQDPVsAMAwDBAA9WwsDBAQ9WwADBAE9W1ADBAA9W1wDBAM9W3gD
BAA9W/cDBAB3LkUDBAB3LlwwDAMEBXcuYAMEAHcuYgMEAHcucQMEAHcuwgMEAHcu
4gMEAMuQ9QMEANJWiwMEA9JWsDAZBAIAAjATMBEDBgQgAQ+wEAMHACABD7AQAjAN
BgkqhkiG9w0BAQsFAAOCAQEAXq7UlzgkoU2tP5YnkAL7mDk8d/mGS7SGZZf2ruF2
PH0VYCsBf7FM+FY82lJXRHfKQSY5tKxDOiQ2s7W2xJF5/AqIgLcvkQCi+fmRH147
mBCU9Vduy1D0L5H3XYYgDMq3sg7+TUamt3AFEOrx+vjwfqFth81AzVibcZg0lih8
sUav5rNGhQoEkeroeDTHU+0oxTERSIRoLsLPyqd1+ewtrhVEjWkhwf7mPPekIkY7
/bfc5JEBSFgdn91jd14hEixWSE6ra26XVAiiuURaBvQ/XwHv2KqsBQLT7xzl+21I
ayC14xdNcozgln4AmgXlNnrP1P+I+1vtbNOYwP1fRLa9nA==
-----END CERTIFICATE-----
Generated at Sat Mar 7 14:35:35 2026 by rpki-client