Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/FFB3EF94F53C11EEA5B4623BC4F9AE02.roa
File: FFB3EF94F53C11EEA5B4623BC4F9AE02.roa (raw, json)
Hash identifier: PoWHbD4GJtdImYAMon+IcO81vzMzM3tbtCeI0of3Fd8=
Subject key identifier: 9D:C4:92:A8:55:B7:5D:9E:20:E1:0C:71:A9:4C:8D:77:8E:D5:FD:F4
Certificate issuer: /CN=A913C627/serialNumber=6FFA5DB159D40A3A172DBC74F5C32B55517979AF
Certificate serial: 0923
Authority key identifier: 6F:FA:5D:B1:59:D4:0A:3A:17:2D:BC:74:F5:C3:2B:55:51:79:79:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b_pdsVnUCjoXLbx09cMrVVF5ea8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/FFB3EF94F53C11EEA5B4623BC4F9AE02.roa
Signing time: Tue 28 Apr 2026 08:28:12 +0000
ROA not before: Tue 28 Apr 2026 08:28:11 +0000
ROA not after: Fri 28 May 2027 00:00:00 +0000
asID: 9738
IP address blocks: 61.14.96.0/19 maxlen: 19
61.14.96.0/23 maxlen: 24
61.14.98.0/23 maxlen: 24
61.14.100.0/24 maxlen: 24
61.14.101.0/24 maxlen: 24
61.14.102.0/23 maxlen: 24
61.14.104.0/24 maxlen: 24
61.14.105.0/24 maxlen: 24
61.14.106.0/24 maxlen: 24
61.14.107.0/24 maxlen: 24
61.14.108.0/24 maxlen: 24
61.14.109.0/24 maxlen: 24
61.14.110.0/24 maxlen: 24
61.14.111.0/24 maxlen: 24
61.14.112.0/24 maxlen: 24
61.14.113.0/24 maxlen: 24
61.14.114.0/24 maxlen: 24
61.14.115.0/24 maxlen: 24
61.14.116.0/24 maxlen: 24
61.14.117.0/24 maxlen: 24
61.14.118.0/24 maxlen: 24
61.14.119.0/24 maxlen: 24
61.14.121.0/24 maxlen: 24
61.14.122.0/24 maxlen: 24
61.14.123.0/24 maxlen: 24
61.14.127.0/24 maxlen: 24
103.28.196.0/22 maxlen: 22
103.28.196.0/23 maxlen: 23
103.28.197.0/24 maxlen: 24
103.28.198.0/23 maxlen: 23
103.28.198.0/24 maxlen: 24
202.148.224.0/21 maxlen: 21
202.148.224.0/24 maxlen: 24
202.148.225.0/24 maxlen: 24
202.148.226.0/24 maxlen: 24
202.148.227.0/24 maxlen: 24
202.148.228.0/24 maxlen: 24
202.148.229.0/24 maxlen: 24
202.148.231.0/24 maxlen: 24
202.148.232.0/24 maxlen: 24
202.148.233.0/24 maxlen: 24
202.148.234.0/23 maxlen: 23
202.148.234.0/24 maxlen: 24
202.148.235.0/24 maxlen: 24
202.148.236.0/22 maxlen: 22
202.148.236.0/23 maxlen: 24
202.148.238.0/24 maxlen: 24
202.148.239.0/24 maxlen: 24
203.19.157.0/24 maxlen: 24
210.18.192.0/22 maxlen: 24
210.18.196.0/24 maxlen: 24
210.18.197.0/24 maxlen: 24
210.18.198.0/24 maxlen: 24
210.18.199.0/24 maxlen: 24
210.18.200.0/24 maxlen: 24
210.18.201.0/24 maxlen: 24
210.18.202.0/23 maxlen: 23
210.18.202.0/24 maxlen: 24
210.18.203.0/24 maxlen: 24
210.18.204.0/22 maxlen: 22
210.18.204.0/24 maxlen: 24
210.18.205.0/24 maxlen: 24
210.18.207.0/24 maxlen: 24
210.18.208.0/20 maxlen: 21
210.18.208.0/23 maxlen: 24
210.18.210.0/23 maxlen: 24
210.18.212.0/23 maxlen: 24
210.18.214.0/23 maxlen: 24
210.18.216.0/21 maxlen: 24
210.18.224.0/20 maxlen: 20
210.18.224.0/21 maxlen: 21
210.18.227.0/24 maxlen: 24
210.18.232.0/24 maxlen: 24
210.18.233.0/24 maxlen: 24
210.18.234.0/23 maxlen: 24
210.18.236.0/22 maxlen: 22
210.18.236.0/24 maxlen: 24
210.18.237.0/24 maxlen: 24
210.18.238.0/24 maxlen: 24
210.18.239.0/24 maxlen: 24
210.18.240.0/24 maxlen: 24
210.18.241.0/24 maxlen: 24
210.18.242.0/24 maxlen: 24
210.18.243.0/24 maxlen: 24
210.18.244.0/22 maxlen: 22
210.18.248.0/23 maxlen: 23
210.18.248.0/24 maxlen: 24
210.18.250.0/23 maxlen: 23
210.18.251.0/24 maxlen: 24
210.18.252.0/24 maxlen: 24
210.18.253.0/24 maxlen: 24
210.18.254.0/24 maxlen: 24
210.18.255.0/24 maxlen: 24
2403:c800::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/b_pdsVnUCjoXLbx09cMrVVF5ea8.crl
rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/b_pdsVnUCjoXLbx09cMrVVF5ea8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b_pdsVnUCjoXLbx09cMrVVF5ea8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 05 May 2026 20:40:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2339 (0x923)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913C627, serialNumber=6FFA5DB159D40A3A172DBC74F5C32B55517979AF
Validity
Not Before: Apr 28 08:28:11 2026 GMT
Not After : May 28 00:00:00 2027 GMT
Subject: CN=69f06f9b-b111
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1e:e1:bd:91:31:70:70:d2:cd:bb:d9:eb:97:
0d:14:7a:e9:4a:64:53:4f:26:e2:f7:ea:e9:1a:fc:
35:e9:7b:7b:c2:e0:ad:29:3b:3b:ee:9e:f3:34:f8:
67:9a:f2:b5:c4:34:16:5a:0c:79:5d:b7:5a:93:de:
d2:eb:6c:5e:86:d5:62:18:d3:a1:2e:0f:a0:c5:05:
c9:80:8e:1f:f8:df:5c:64:9b:3f:8e:dc:f2:eb:72:
31:69:6b:f8:3e:ac:33:22:29:02:1a:a3:77:d6:7a:
4b:ac:c4:32:6a:7a:ee:56:4a:9b:08:31:18:b8:31:
ed:af:cd:78:42:10:1b:51:38:ec:5a:6f:db:79:f5:
46:92:04:bc:06:18:e7:e9:8a:91:0d:67:45:d1:77:
7e:9f:af:11:56:65:f2:02:e4:30:1f:cf:89:84:1d:
21:8e:93:1e:3c:bd:77:ba:3c:e2:8d:ca:00:95:80:
ad:1c:85:82:e7:58:a8:8d:3c:cc:3f:d4:0d:18:a2:
22:7e:0b:4d:04:38:db:f4:ad:bb:d8:1d:20:2b:d0:
e5:6c:6d:3d:3c:36:85:6a:82:d4:6e:d3:a9:9b:be:
aa:3e:a9:1f:d9:c3:a8:29:ff:40:06:f2:22:bf:f0:
a5:1a:ca:e9:2b:38:fe:d0:0a:fb:dc:c3:55:4d:98:
f9:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:C4:92:A8:55:B7:5D:9E:20:E1:0C:71:A9:4C:8D:77:8E:D5:FD:F4
X509v3 Authority Key Identifier:
keyid:6F:FA:5D:B1:59:D4:0A:3A:17:2D:BC:74:F5:C3:2B:55:51:79:79:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/b_pdsVnUCjoXLbx09cMrVVF5ea8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b_pdsVnUCjoXLbx09cMrVVF5ea8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/FFB3EF94F53C11EEA5B4623BC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
61.14.96.0/19
103.28.196.0/22
202.148.224.0/20
203.19.157.0/24
210.18.192.0/18
IPv6:
2403:c800::/32
Signature Algorithm: sha256WithRSAEncryption
4e:ca:0f:85:92:aa:0f:df:6c:ed:d5:91:c0:a3:bf:13:99:23:
ce:e4:1e:0c:84:af:c2:75:00:fe:a8:71:4f:4f:c7:a8:31:fb:
a7:c3:bf:b4:fe:bc:51:62:6f:db:24:58:c4:05:25:e8:4c:ed:
ce:49:da:ce:76:5c:7c:1b:87:04:42:80:01:33:80:33:27:91:
0c:ea:e7:14:fa:d4:08:92:3a:f7:b3:c9:25:53:01:f4:eb:85:
4c:3e:82:ed:f2:21:40:38:05:e2:d0:6f:2f:9e:a8:6d:65:5a:
d3:be:44:7e:a6:e0:fd:6f:e5:8f:b8:e5:b8:58:8a:f1:5e:fc:
46:c1:b4:d4:61:9f:43:06:99:75:fd:6f:9b:aa:9b:1d:05:e5:
2b:08:6a:4f:de:b3:98:1f:3d:81:3e:0e:7f:de:f0:96:76:da:
dc:94:99:21:38:ce:79:09:b8:21:2c:98:45:09:a1:c1:60:7d:
b0:5d:57:70:74:11:2e:fb:c1:6b:73:94:f3:71:cb:c0:44:24:
92:b8:88:e5:db:de:a1:9d:7d:2f:ea:7b:2f:68:0b:66:b3:d0:
70:4b:29:89:22:2f:ed:c8:94:fa:b7:2e:b4:35:46:aa:da:b9:
eb:85:f9:bf:bd:cf:33:5a:a8:71:66:a2:eb:f6:31:d9:9a:d4:
2d:30:35:d4
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgICCSMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0M2MjcxMTAvBgNVBAUTKDZGRkE1REIxNTlENDBBM0ExNzJEQkM3NEY1QzMyQjU1
NTE3OTc5QUYwHhcNMjYwNDI4MDgyODExWhcNMjcwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWYwNmY5Yi1iMTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyR7hvZExcHDSzbvZ65cNFHrpSmRTTybi9+rpGvw16Xt7wuCtKTs77p7zNPhn
mvK1xDQWWgx5Xbdak97S62xehtViGNOhLg+gxQXJgI4f+N9cZJs/jtzy63IxaWv4
PqwzIikCGqN31npLrMQyanruVkqbCDEYuDHtr814QhAbUTjsWm/befVGkgS8Bhjn
6YqRDWdF0Xd+n68RVmXyAuQwH8+JhB0hjpMePL13ujzijcoAlYCtHIWC51iojTzM
P9QNGKIifgtNBDjb9K272B0gK9DlbG09PDaFaoLUbtOpm76qPqkf2cOoKf9ABvIi
v/ClGsrpKzj+0Ar73MNVTZj57QIDAQABo4IChzCCAoMwHQYDVR0OBBYEFJ3EkqhV
t12eIOEMcalMjXeO1f30MB8GA1UdIwQYMBaAFG/6XbFZ1Ao6Fy28dPXDK1VReXmv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQzYyNy9DMjY1QzFBNEQw
N0QxMUVBODYwMDk4NkRDNEY5QUUwMi9iX3Bkc1ZuVUNqb1hMYngwOWNNclZWRjVl
YTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JfcGRzVm5VQ2pvWExieDA5Y01yVlZGNWVhOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0M2MjcvQzI2NUMxQTREMDdEMTFFQTg2MDA5ODZEQzRGOUFFMDIvRkZCM0VGOTRG
NTNDMTFFRUE1QjQ2MjNCQzRGOUFFMDIucm9hMEYGCCsGAQUFBwEHAQH/BDcwNTAk
BAIAATAeAwQFPQ5gAwQCZxzEAwQEypTgAwQAyxOdAwQG0hLAMA0EAgACMAcDBQAk
A8gAMA0GCSqGSIb3DQEBCwUAA4IBAQBOyg+FkqoP32zt1ZHAo78TmSPO5B4MhK/C
dQD+qHFPT8eoMfunw7+0/rxRYm/bJFjEBSXoTO3OSdrOdlx8G4cEQoABM4AzJ5EM
6ucU+tQIkjr3s8klUwH064VMPoLt8iFAOAXi0G8vnqhtZVrTvkR+puD9b+WPuOW4
WIrxXvxGwbTUYZ9DBpl1/W+bqpsdBeUrCGpP3rOYHz2BPg5/3vCWdtrclJkhOM55
CbghLJhFCaHBYH2wXVdwdBEu+8Frc5TzccvARCSSuIjl296hnX0v6nsvaAtms9Bw
SymJIi/tyJT6ty60NUaq2rnrhfm/vc8zWqhxZqLr9jHZmtQtMDXU
-----END CERTIFICATE-----
Generated at Wed Apr 29 05:03:46 2026 by rpki-client