Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/FFB3EF94F53C11EEA5B4623BC4F9AE02.roa
File: FFB3EF94F53C11EEA5B4623BC4F9AE02.roa (raw, json)
Hash identifier: Y3xoxHMJFSBOE4uL5HOtgVF0uP2IkidBWGoeWVURs+U=
Subject key identifier: F4:2F:03:00:0F:42:67:43:F9:D5:1E:18:7C:C2:1B:A3:47:E6:CD:0B
Certificate issuer: /CN=A913C627/serialNumber=6FFA5DB159D40A3A172DBC74F5C32B55517979AF
Certificate serial: 08FF
Authority key identifier: 6F:FA:5D:B1:59:D4:0A:3A:17:2D:BC:74:F5:C3:2B:55:51:79:79:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b_pdsVnUCjoXLbx09cMrVVF5ea8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/FFB3EF94F53C11EEA5B4623BC4F9AE02.roa
Signing time: Mon 02 Mar 2026 12:27:38 +0000
ROA not before: Wed 02 Apr 2025 21:21:53 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 9738
IP address blocks: 61.14.96.0/19 maxlen: 19
61.14.96.0/23 maxlen: 24
61.14.98.0/23 maxlen: 24
61.14.100.0/24 maxlen: 24
61.14.101.0/24 maxlen: 24
61.14.102.0/23 maxlen: 24
61.14.104.0/24 maxlen: 24
61.14.105.0/24 maxlen: 24
61.14.106.0/24 maxlen: 24
61.14.107.0/24 maxlen: 24
61.14.108.0/24 maxlen: 24
61.14.109.0/24 maxlen: 24
61.14.110.0/24 maxlen: 24
61.14.111.0/24 maxlen: 24
61.14.112.0/24 maxlen: 24
61.14.113.0/24 maxlen: 24
61.14.114.0/24 maxlen: 24
61.14.115.0/24 maxlen: 24
61.14.116.0/24 maxlen: 24
61.14.117.0/24 maxlen: 24
61.14.118.0/24 maxlen: 24
61.14.119.0/24 maxlen: 24
61.14.121.0/24 maxlen: 24
61.14.122.0/24 maxlen: 24
61.14.123.0/24 maxlen: 24
61.14.127.0/24 maxlen: 24
103.28.196.0/22 maxlen: 22
103.28.196.0/23 maxlen: 23
103.28.198.0/23 maxlen: 23
202.148.224.0/21 maxlen: 21
202.148.224.0/24 maxlen: 24
202.148.225.0/24 maxlen: 24
202.148.226.0/24 maxlen: 24
202.148.227.0/24 maxlen: 24
202.148.228.0/24 maxlen: 24
202.148.229.0/24 maxlen: 24
202.148.231.0/24 maxlen: 24
202.148.232.0/24 maxlen: 24
202.148.233.0/24 maxlen: 24
202.148.234.0/23 maxlen: 23
202.148.234.0/24 maxlen: 24
202.148.235.0/24 maxlen: 24
202.148.236.0/22 maxlen: 22
202.148.236.0/23 maxlen: 24
202.148.238.0/24 maxlen: 24
202.148.239.0/24 maxlen: 24
203.19.157.0/24 maxlen: 24
210.18.192.0/22 maxlen: 24
210.18.196.0/24 maxlen: 24
210.18.197.0/24 maxlen: 24
210.18.198.0/24 maxlen: 24
210.18.199.0/24 maxlen: 24
210.18.200.0/24 maxlen: 24
210.18.201.0/24 maxlen: 24
210.18.202.0/23 maxlen: 23
210.18.202.0/24 maxlen: 24
210.18.203.0/24 maxlen: 24
210.18.204.0/22 maxlen: 22
210.18.204.0/24 maxlen: 24
210.18.205.0/24 maxlen: 24
210.18.207.0/24 maxlen: 24
210.18.208.0/20 maxlen: 21
210.18.208.0/23 maxlen: 24
210.18.210.0/23 maxlen: 24
210.18.212.0/23 maxlen: 24
210.18.214.0/23 maxlen: 24
210.18.216.0/21 maxlen: 24
210.18.224.0/20 maxlen: 20
210.18.224.0/21 maxlen: 21
210.18.227.0/24 maxlen: 24
210.18.232.0/24 maxlen: 24
210.18.233.0/24 maxlen: 24
210.18.234.0/23 maxlen: 24
210.18.236.0/22 maxlen: 22
210.18.236.0/24 maxlen: 24
210.18.237.0/24 maxlen: 24
210.18.238.0/24 maxlen: 24
210.18.239.0/24 maxlen: 24
210.18.240.0/24 maxlen: 24
210.18.241.0/24 maxlen: 24
210.18.242.0/24 maxlen: 24
210.18.243.0/24 maxlen: 24
210.18.244.0/22 maxlen: 22
210.18.248.0/23 maxlen: 23
210.18.248.0/24 maxlen: 24
210.18.250.0/23 maxlen: 23
210.18.251.0/24 maxlen: 24
210.18.252.0/24 maxlen: 24
210.18.253.0/24 maxlen: 24
210.18.254.0/24 maxlen: 24
210.18.255.0/24 maxlen: 24
2403:c800::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/b_pdsVnUCjoXLbx09cMrVVF5ea8.crl
rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/b_pdsVnUCjoXLbx09cMrVVF5ea8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b_pdsVnUCjoXLbx09cMrVVF5ea8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 19 Mar 2026 20:06:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2303 (0x8ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913C627, serialNumber=6FFA5DB159D40A3A172DBC74F5C32B55517979AF
Validity
Not Before: Apr 2 21:21:53 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=69a5823a-9559
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a4:33:18:b7:65:79:f7:3f:1e:c9:64:45:e4:
14:f3:a4:88:0a:a5:e3:b3:60:2d:f2:56:d1:ab:5e:
8b:b6:ff:c4:34:71:44:0c:ee:5f:04:99:3e:27:11:
00:68:85:a8:2c:9a:f4:b0:89:be:06:33:60:22:29:
36:c1:18:76:d1:ce:d9:06:d2:a0:2a:9c:e1:14:39:
a0:9e:9f:91:fb:89:3f:5a:60:bf:24:76:5b:2d:a5:
85:83:ea:9e:f1:dd:ef:5a:d5:78:cb:3a:66:23:e0:
32:51:fd:64:ce:52:de:15:18:c2:d5:9e:bd:58:23:
4a:5a:cd:dc:95:d4:f0:ad:8e:6b:57:d1:8b:a1:fb:
20:ad:ce:72:bc:58:49:d2:ee:58:ad:bd:c2:1b:9f:
e4:cc:5c:47:9e:26:37:6c:70:7c:4f:19:44:72:4b:
c6:a8:99:db:01:56:bf:ae:e7:c7:ab:ed:80:72:d8:
e0:3f:40:40:16:67:9d:63:d3:bf:1c:f0:a9:18:69:
74:5a:d9:d5:5c:66:b8:6b:c3:14:28:e2:83:95:8d:
c2:33:bc:19:a8:27:1b:1c:a5:94:34:93:2c:a5:8c:
9b:5d:7d:f4:9d:4b:87:9c:e4:65:5f:d0:3a:b3:1b:
19:84:c6:e0:32:62:8a:74:b5:6c:b5:47:9c:d8:c5:
96:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:2F:03:00:0F:42:67:43:F9:D5:1E:18:7C:C2:1B:A3:47:E6:CD:0B
X509v3 Authority Key Identifier:
keyid:6F:FA:5D:B1:59:D4:0A:3A:17:2D:BC:74:F5:C3:2B:55:51:79:79:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/b_pdsVnUCjoXLbx09cMrVVF5ea8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b_pdsVnUCjoXLbx09cMrVVF5ea8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/FFB3EF94F53C11EEA5B4623BC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
61.14.96.0/19
103.28.196.0/22
202.148.224.0/20
203.19.157.0/24
210.18.192.0/18
IPv6:
2403:c800::/32
Signature Algorithm: sha256WithRSAEncryption
a5:25:72:36:0b:0a:dc:3d:8a:62:07:f1:75:ca:2c:f6:17:cc:
b5:5e:25:73:fe:d5:3b:7b:47:7d:5f:d7:2d:b6:14:6d:85:59:
75:da:a1:49:ac:ae:56:d0:3c:cf:14:d6:a9:dc:1e:99:7e:43:
72:09:eb:ae:fd:6b:75:19:dd:60:a6:d4:16:3c:d0:90:f3:20:
67:c2:f9:31:1c:55:7d:1a:97:5b:58:37:d5:58:cf:dc:f9:8a:
b2:f5:68:f3:4c:a0:ca:10:c8:f7:9a:ad:20:5c:cc:e3:7d:90:
a1:f8:85:f1:a3:c9:32:d7:24:55:82:00:55:62:6a:a4:08:69:
94:5a:db:57:71:1f:ef:79:9f:53:77:4a:c8:46:77:f9:02:5d:
da:7c:31:bd:37:c2:f7:38:6f:79:94:09:07:aa:b3:8c:24:9b:
2f:1c:d9:65:15:7e:2e:1f:c9:31:ea:73:b3:c7:c1:cb:0e:e2:
78:6a:75:09:d5:d3:17:5c:2d:bd:fb:31:b3:ba:30:d3:b9:dd:
8b:b0:fc:02:e8:7c:d4:c9:d4:22:62:fe:c1:1f:4a:82:f6:cd:
39:4c:83:63:be:b2:01:05:ca:64:72:47:d3:d6:8d:cc:91:07:
60:59:f8:b3:82:d7:fb:f5:9c:a4:02:27:a6:1c:c3:23:40:1c:
fb:41:e0:5c
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgICCP8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0M2MjcxMTAvBgNVBAUTKDZGRkE1REIxNTlENDBBM0ExNzJEQkM3NEY1QzMyQjU1
NTE3OTc5QUYwHhcNMjUwNDAyMjEyMTUzWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE1ODIzYS05NTU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuqQzGLdlefc/HslkReQU86SICqXjs2At8lbRq16Ltv/ENHFEDO5fBJk+JxEA
aIWoLJr0sIm+BjNgIik2wRh20c7ZBtKgKpzhFDmgnp+R+4k/WmC/JHZbLaWFg+qe
8d3vWtV4yzpmI+AyUf1kzlLeFRjC1Z69WCNKWs3cldTwrY5rV9GLofsgrc5yvFhJ
0u5Yrb3CG5/kzFxHniY3bHB8TxlEckvGqJnbAVa/rufHq+2ActjgP0BAFmedY9O/
HPCpGGl0WtnVXGa4a8MUKOKDlY3CM7wZqCcbHKWUNJMspYybXX30nUuHnORlX9A6
sxsZhMbgMmKKdLVstUec2MWW9QIDAQABo4IChzCCAoMwHQYDVR0OBBYEFPQvAwAP
QmdD+dUeGHzCG6NH5s0LMB8GA1UdIwQYMBaAFG/6XbFZ1Ao6Fy28dPXDK1VReXmv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQzYyNy9DMjY1QzFBNEQw
N0QxMUVBODYwMDk4NkRDNEY5QUUwMi9iX3Bkc1ZuVUNqb1hMYngwOWNNclZWRjVl
YTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JfcGRzVm5VQ2pvWExieDA5Y01yVlZGNWVhOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0M2MjcvQzI2NUMxQTREMDdEMTFFQTg2MDA5ODZEQzRGOUFFMDIvRkZCM0VGOTRG
NTNDMTFFRUE1QjQ2MjNCQzRGOUFFMDIucm9hMEYGCCsGAQUFBwEHAQH/BDcwNTAk
BAIAATAeAwQFPQ5gAwQCZxzEAwQEypTgAwQAyxOdAwQG0hLAMA0EAgACMAcDBQAk
A8gAMA0GCSqGSIb3DQEBCwUAA4IBAQClJXI2CwrcPYpiB/F1yiz2F8y1XiVz/tU7
e0d9X9ctthRthVl12qFJrK5W0DzPFNap3B6ZfkNyCeuu/Wt1Gd1gptQWPNCQ8yBn
wvkxHFV9GpdbWDfVWM/c+Yqy9WjzTKDKEMj3mq0gXMzjfZCh+IXxo8ky1yRVggBV
YmqkCGmUWttXcR/veZ9Td0rIRnf5Al3afDG9N8L3OG95lAkHqrOMJJsvHNllFX4u
H8kx6nOzx8HLDuJ4anUJ1dMXXC29+zGzujDTud2LsPwC6HzUydQiYv7BH0qC9s05
TINjvrIBBcpkckfT1o3MkQdgWfizgtf79ZykAiemHMMjQBz7QeBc
-----END CERTIFICATE-----
Generated at Fri Mar 13 04:18:12 2026 by rpki-client