Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9146AD7/F8BABACA8B8911E790115C3FC4F9AE02/6F0B8F96B3A511F09EBFA458C4F9AE02.roa
File: 6F0B8F96B3A511F09EBFA458C4F9AE02.roa (raw, json)
Hash identifier: kiTijfwuDJBjSDruEwl19WUyZNT5RsPyE5yzdyDzuKY=
Subject key identifier: 5A:D8:6D:DB:63:D7:E9:06:8D:1D:EE:35:2B:50:D7:05:6C:05:93:D1
Certificate issuer: /CN=A9146AD7/serialNumber=BAF5ADA32CA0D34CF3CCF53ABDF86DE6F8ED9005
Certificate serial: 1AAD
Authority key identifier: BA:F5:AD:A3:2C:A0:D3:4C:F3:CC:F5:3A:BD:F8:6D:E6:F8:ED:90:05
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uvWtoyyg00zzzPU6vfht5vjtkAU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9146AD7/F8BABACA8B8911E790115C3FC4F9AE02/6F0B8F96B3A511F09EBFA458C4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:24:13 +0000
ROA not before: Tue 28 Oct 2025 02:26:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9500
IP address blocks: 27.252.0.0/17 maxlen: 17
27.252.128.0/17 maxlen: 17
49.224.0.0/14 maxlen: 14
49.224.64.0/18 maxlen: 18
49.224.192.0/18 maxlen: 18
118.92.0.0/16 maxlen: 16
118.93.0.0/16 maxlen: 16
121.72.0.0/15 maxlen: 15
121.74.0.0/16 maxlen: 16
121.75.0.0/16 maxlen: 16
121.75.176.0/22 maxlen: 22
121.90.0.0/16 maxlen: 16
124.6.192.0/19 maxlen: 19
124.6.198.0/24 maxlen: 24
202.0.32.0/19 maxlen: 19
202.0.33.0/24 maxlen: 24
202.0.34.0/24 maxlen: 24
202.0.35.0/24 maxlen: 24
202.0.36.0/24 maxlen: 24
202.27.69.0/24 maxlen: 24
202.27.92.0/22 maxlen: 22
202.27.100.0/22 maxlen: 22
202.36.72.0/24 maxlen: 24
202.73.192.0/20 maxlen: 20
202.78.128.0/19 maxlen: 22
203.79.64.0/18 maxlen: 18
203.79.68.0/23 maxlen: 23
203.79.116.0/22 maxlen: 22
203.96.192.0/19 maxlen: 19
203.97.136.0/24 maxlen: 24
203.98.0.0/18 maxlen: 18
203.98.42.0/23 maxlen: 23
203.98.42.0/24 maxlen: 24
203.109.128.0/17 maxlen: 17
203.109.143.0/24 maxlen: 24
203.109.179.0/24 maxlen: 24
203.109.183.0/24 maxlen: 24
203.109.247.0/24 maxlen: 24
203.109.253.0/24 maxlen: 24
203.109.255.0/24 maxlen: 24
203.118.128.0/18 maxlen: 18
203.173.128.0/17 maxlen: 17
210.246.0.0/18 maxlen: 18
218.101.64.0/18 maxlen: 18
2001:4400::/30 maxlen: 30
2407:7000::/32 maxlen: 32
2407:7000:f300::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9146AD7/F8BABACA8B8911E790115C3FC4F9AE02/uvWtoyyg00zzzPU6vfht5vjtkAU.crl
rsync://rpki.apnic.net/member_repository/A9146AD7/F8BABACA8B8911E790115C3FC4F9AE02/uvWtoyyg00zzzPU6vfht5vjtkAU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uvWtoyyg00zzzPU6vfht5vjtkAU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 19 Mar 2026 16:17:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6829 (0x1aad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9146AD7, serialNumber=BAF5ADA32CA0D34CF3CCF53ABDF86DE6F8ED9005
Validity
Not Before: Oct 28 02:26:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a4844d-3c2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:dc:a5:41:b7:60:d8:4a:5d:ee:97:46:e0:2f:
ea:c4:ea:43:50:02:0e:85:ff:4f:c2:d1:ac:86:a4:
41:2a:73:b2:c0:62:58:0d:7a:f0:b3:c9:13:25:57:
1c:82:5a:cb:e6:7d:07:c3:5e:33:34:18:35:b4:06:
92:9a:ac:ff:a0:e7:0a:2f:4d:75:8a:c6:67:3a:04:
4f:2f:51:54:b4:98:38:82:9b:6d:e3:41:55:98:ec:
98:51:7b:43:01:2e:0a:b9:7f:97:8f:c0:bc:21:66:
5c:b8:81:e0:e1:f1:9e:14:a7:dc:66:b4:6a:6e:c2:
12:7b:10:c7:86:cd:f0:29:73:82:e2:d0:2e:da:dd:
d9:17:e7:6c:4a:46:6b:29:a4:05:4e:9a:30:fa:da:
2e:5e:f8:ff:20:73:4a:bb:cc:04:78:f8:83:48:8a:
e1:0a:c8:81:a0:d6:6e:a8:80:b3:5e:97:fd:dc:e7:
44:d8:ea:af:b2:de:f7:40:98:86:c2:54:a1:07:a3:
93:cb:0a:a2:92:ec:b2:76:32:38:d9:6f:8f:54:26:
67:ec:18:c0:c6:9a:f7:ea:e6:b0:7a:c3:ba:56:1a:
18:33:96:6e:40:e9:49:b9:bb:f8:a3:6f:f2:92:65:
d9:57:0b:42:25:bb:df:17:de:11:44:3d:8b:25:4f:
18:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:D8:6D:DB:63:D7:E9:06:8D:1D:EE:35:2B:50:D7:05:6C:05:93:D1
X509v3 Authority Key Identifier:
keyid:BA:F5:AD:A3:2C:A0:D3:4C:F3:CC:F5:3A:BD:F8:6D:E6:F8:ED:90:05
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9146AD7/F8BABACA8B8911E790115C3FC4F9AE02/uvWtoyyg00zzzPU6vfht5vjtkAU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uvWtoyyg00zzzPU6vfht5vjtkAU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146AD7/F8BABACA8B8911E790115C3FC4F9AE02/6F0B8F96B3A511F09EBFA458C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
27.252.0.0/16
49.224.0.0/14
118.92.0.0/15
121.72.0.0/14
121.90.0.0/16
124.6.192.0/19
202.0.32.0/19
202.27.69.0/24
202.27.92.0/22
202.27.100.0/22
202.36.72.0/24
202.73.192.0/20
202.78.128.0/19
203.79.64.0/18
203.96.192.0/19
203.97.136.0/24
203.98.0.0/18
203.109.128.0/17
203.118.128.0/18
203.173.128.0/17
210.246.0.0/18
218.101.64.0/18
IPv6:
2001:4400::/30
2407:7000::/32
Signature Algorithm: sha256WithRSAEncryption
7e:ed:ed:49:98:3c:43:80:c5:cf:e4:25:e5:9f:01:3a:bb:67:
c9:9d:ce:0a:01:62:db:29:85:0e:1c:0b:9b:9f:c6:2d:e6:70:
fd:e6:84:fe:a8:19:f1:23:68:1c:d1:32:7f:25:dd:03:bf:98:
82:9e:07:20:bb:72:6c:66:c5:2f:ef:25:1d:14:45:e1:6e:9c:
ef:dd:42:7e:88:91:90:3e:40:fc:04:d2:16:e6:87:4a:88:6a:
1c:d5:d1:04:21:e9:0b:f7:09:a5:54:1a:39:3e:04:61:20:7a:
43:a3:2f:e1:cc:74:26:af:98:0f:9b:42:8b:84:cc:0c:18:3e:
3a:5f:cc:6c:d1:de:66:4e:a1:62:10:b3:7d:b1:d4:17:c3:dc:
b1:7d:ae:f5:68:a0:26:fb:10:68:95:d3:87:0a:8b:8f:5a:8a:
8c:04:e5:4c:c5:7a:d8:09:3f:71:1f:f1:a6:06:1b:6e:5d:65:
0b:1e:4b:f0:a0:89:a9:5c:4a:7c:d0:ef:f7:2e:2f:0f:a8:1a:
46:86:00:54:2a:8a:86:c5:36:df:b2:35:ca:f9:40:7f:5f:52:
c1:98:21:ff:31:55:09:b2:f1:f1:3f:4e:a2:e2:2b:36:33:3f:
3c:92:f1:11:96:83:bc:e5:6f:d5:12:5e:91:9d:dd:b0:4a:6b:
32:15:93:fa
-----BEGIN CERTIFICATE-----
MIIFzzCCBLegAwIBAgICGq0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDZBRDcxMTAvBgNVBAUTKEJBRjVBREEzMkNBMEQzNENGM0NDRjUzQUJERjg2REU2
RjhFRDkwMDUwHhcNMjUxMDI4MDIyNjE4WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODQ0ZC0zYzJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAotylQbdg2Epd7pdG4C/qxOpDUAIOhf9PwtGshqRBKnOywGJYDXrws8kTJVcc
glrL5n0Hw14zNBg1tAaSmqz/oOcKL011isZnOgRPL1FUtJg4gptt40FVmOyYUXtD
AS4KuX+Xj8C8IWZcuIHg4fGeFKfcZrRqbsISexDHhs3wKXOC4tAu2t3ZF+dsSkZr
KaQFTpow+touXvj/IHNKu8wEePiDSIrhCsiBoNZuqICzXpf93OdE2Oqvst73QJiG
wlShB6OTywqikuyydjI42W+PVCZn7BjAxpr36uawesO6VhoYM5ZuQOlJubv4o2/y
kmXZVwtCJbvfF94RRD2LJU8Y+wIDAQABo4IC8zCCAu8wHQYDVR0OBBYEFFrYbdtj
1+kGjR3uNStQ1wVsBZPRMB8GA1UdIwQYMBaAFLr1raMsoNNM88z1Or34beb47ZAF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NkFENy9GOEJBQkFDQThC
ODkxMUU3OTAxMTVDM0ZDNEY5QUUwMi91dld0b3l5ZzAwenp6UFU2dmZodDV2anRr
QVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3V2V3RveXlnMDB6enpQVTZ2Zmh0NXZqdGtBVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDZBRDcvRjhCQUJBQ0E4Qjg5MTFFNzkwMTE1QzNGQzRGOUFFMDIvNkYwQjhGOTZC
M0E1MTFGMDlFQkZBNDU4QzRGOUFFMDIucm9hMIGxBggrBgEFBQcBBwEB/wSBoTCB
njCBhQQCAAEwfwMDABv8AwMCMeADAwF2XAMDAnlIAwMAeVoDBAV8BsADBAXKACAD
BADKG0UDBALKG1wDBALKG2QDBADKJEgDBATKScADBAXKToADBAbLT0ADBAXLYMAD
BADLYYgDBAbLYgADBAfLbYADBAbLdoADBAfLrYADBAbS9gADBAbaZUAwFAQCAAIw
DgMFAiABRAADBQAkB3AAMA0GCSqGSIb3DQEBCwUAA4IBAQB+7e1JmDxDgMXP5CXl
nwE6u2fJnc4KAWLbKYUOHAubn8Yt5nD95oT+qBnxI2gc0TJ/Jd0Dv5iCngcgu3Js
ZsUv7yUdFEXhbpzv3UJ+iJGQPkD8BNIW5odKiGoc1dEEIekL9wmlVBo5PgRhIHpD
oy/hzHQmr5gPm0KLhMwMGD46X8xs0d5mTqFiELN9sdQXw9yxfa71aKAm+xBoldOH
CouPWoqMBOVMxXrYCT9xH/GmBhtuXWULHkvwoImpXEp80O/3Li8PqBpGhgBUKoqG
xTbfsjXK+UB/X1LBmCH/MVUJsvHxP06i4is2Mz88kvERloO85W/VEl6Rnd2wSmsy
FZP6
-----END CERTIFICATE-----
Generated at Fri Mar 13 12:28:53 2026 by rpki-client