Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/AA7E3F9017A211F1926DA6A3313D8C67.roa
File: AA7E3F9017A211F1926DA6A3313D8C67.roa (raw, json)
Hash identifier: GnuKyfqEmvHQRhG8cmrkPOk+QiYsUuZaYBiHBZl6g9E=
Subject key identifier: C4:83:70:5D:B1:13:8E:50:A4:70:F5:44:C5:EF:7B:6C:D2:6C:38:FF
Certificate issuer: /CN=A914781A/serialNumber=4D723955243AE88D552439AF8E4E0A09C8F6590D
Certificate serial: 3646
Authority key identifier: 4D:72:39:55:24:3A:E8:8D:55:24:39:AF:8E:4E:0A:09:C8:F6:59:0D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/AA7E3F9017A211F1926DA6A3313D8C67.roa
Signing time: Wed 20 May 2026 08:16:07 +0000
ROA not before: Wed 20 May 2026 08:16:07 +0000
ROA not after: Sat 01 May 2027 00:00:00 +0000
asID: 55423
IP address blocks: 58.82.128.0/18 maxlen: 18
58.82.128.0/21 maxlen: 24
58.82.136.0/21 maxlen: 24
58.82.144.0/21 maxlen: 24
58.82.152.0/21 maxlen: 24
58.82.160.0/20 maxlen: 20
58.82.160.0/21 maxlen: 24
58.82.168.0/21 maxlen: 24
58.82.176.0/20 maxlen: 20
58.82.176.0/21 maxlen: 23
58.82.176.0/23 maxlen: 24
58.82.179.0/24 maxlen: 24
58.82.180.0/22 maxlen: 24
58.82.184.0/21 maxlen: 21
58.82.184.0/24 maxlen: 24
103.247.60.0/22 maxlen: 24
182.50.80.0/22 maxlen: 22
182.50.80.0/24 maxlen: 24
182.50.83.0/24 maxlen: 24
182.50.86.0/24 maxlen: 24
182.50.88.0/22 maxlen: 22
182.50.88.0/24 maxlen: 24
203.130.129.80/28 maxlen: 28
203.130.131.240/28 maxlen: 28
203.130.140.0/24 maxlen: 24
203.130.152.0/24 maxlen: 24
203.147.6.0/24 maxlen: 24
203.147.26.0/24 maxlen: 24
203.147.30.0/23 maxlen: 23
203.147.46.0/23 maxlen: 23
203.147.46.0/24 maxlen: 24
203.147.47.0/24 maxlen: 24
203.156.0.0/22 maxlen: 22
203.156.8.0/21 maxlen: 21
203.156.9.0/24 maxlen: 24
203.156.16.0/24 maxlen: 24
203.156.24.0/24 maxlen: 24
203.156.25.0/24 maxlen: 24
203.156.26.0/24 maxlen: 24
203.156.27.0/24 maxlen: 24
203.156.28.0/24 maxlen: 24
203.156.31.0/24 maxlen: 24
203.156.40.0/22 maxlen: 22
203.156.46.0/23 maxlen: 23
203.156.46.0/24 maxlen: 24
203.156.48.0/23 maxlen: 23
203.156.51.0/24 maxlen: 24
203.156.52.0/24 maxlen: 24
203.156.57.0/24 maxlen: 24
203.156.59.0/24 maxlen: 24
203.156.60.0/24 maxlen: 24
203.156.61.0/24 maxlen: 24
203.156.62.0/24 maxlen: 24
203.156.64.0/24 maxlen: 24
203.156.96.0/23 maxlen: 23
203.156.102.0/23 maxlen: 23
203.156.108.0/24 maxlen: 24
203.156.109.0/24 maxlen: 24
203.156.110.0/23 maxlen: 23
203.156.110.0/24 maxlen: 24
203.156.111.0/24 maxlen: 24
203.156.112.0/24 maxlen: 24
203.156.113.0/24 maxlen: 24
203.156.114.0/23 maxlen: 23
203.156.119.0/24 maxlen: 24
203.156.120.0/21 maxlen: 21
203.156.143.0/24 maxlen: 24
203.156.150.0/24 maxlen: 24
203.156.151.0/24 maxlen: 24
203.156.152.0/23 maxlen: 23
203.156.152.0/24 maxlen: 24
203.156.153.0/24 maxlen: 24
203.156.156.0/23 maxlen: 23
203.156.176.0/23 maxlen: 23
203.156.183.0/24 maxlen: 24
2404:4a00:1::/64 maxlen: 64
2404:4a00:2::/64 maxlen: 64
2404:4a00:3::/64 maxlen: 64
2404:4a00:4::/64 maxlen: 64
2404:4a00:1000::/48 maxlen: 48
2404:4a00:2094::/48 maxlen: 48
2404:4a00:5542::/48 maxlen: 48
2404:4a00:5542:3::/64 maxlen: 64
2404:4a00:5542:3a1::/64 maxlen: 64
2404:4a00:5542:3001::/64 maxlen: 64
2404:4a00:5542:3002::/64 maxlen: 64
2404:4a00:5542:3003::/64 maxlen: 64
2404:4a00:6000::/64 maxlen: 64
2404:4a00:6500::/64 maxlen: 64
2404:4a00:6501::/64 maxlen: 64
2404:4a00:6a00::/64 maxlen: 64
2404:4a00:7000::/64 maxlen: 64
2404:4a00:7500::/64 maxlen: 64
2404:4a00:7a00::/64 maxlen: 64
2404:4a00:8000::/64 maxlen: 64
2404:4a00:8500::/64 maxlen: 64
2404:4a00:8a00::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.crl
rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 11 Jun 2026 14:56:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13894 (0x3646)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914781A, serialNumber=4D723955243AE88D552439AF8E4E0A09C8F6590D
Validity
Not Before: May 20 08:16:07 2026 GMT
Not After : May 1 00:00:00 2027 GMT
Subject: CN=6a0d6dc7-c639
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:00:71:02:9e:1f:ef:0e:97:70:5e:d2:cf:6e:
83:d7:b8:55:83:7e:eb:cc:e1:43:cf:08:d9:32:31:
64:d9:7d:96:39:bd:31:6d:6d:6f:79:54:b5:60:74:
49:7d:05:70:79:28:7d:72:38:50:ba:2e:f6:3e:ee:
87:eb:16:28:f1:cc:9d:e6:ca:58:98:19:48:72:5e:
a0:de:72:c1:2f:ac:51:73:7c:62:57:58:86:b6:01:
49:02:49:63:4d:cf:9c:64:3a:2a:8e:97:f4:b1:94:
66:18:f1:7a:da:b3:5f:fb:f1:62:58:5b:eb:df:6c:
37:a1:22:6e:51:4b:00:24:74:4c:4b:d7:37:97:28:
f6:c9:ed:fe:69:13:84:81:0a:78:04:32:60:23:1c:
a0:96:4d:ad:ef:09:52:aa:31:6b:5a:82:69:7c:26:
74:f4:aa:bd:53:4b:c1:40:97:9b:e3:d8:9c:3d:99:
e9:4e:f5:9d:80:52:12:c3:11:2e:0c:33:49:dd:03:
f3:da:96:35:6f:fc:ad:d0:1d:bd:3a:39:c7:cc:d7:
d4:2f:31:9e:c8:c4:73:50:b0:c6:32:56:3f:6d:5a:
c9:f9:4b:d4:6e:d3:61:a1:85:83:a6:27:f5:b0:b4:
ff:84:ba:96:d0:e0:4f:86:77:3d:b4:2b:af:ec:0c:
b7:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:83:70:5D:B1:13:8E:50:A4:70:F5:44:C5:EF:7B:6C:D2:6C:38:FF
X509v3 Authority Key Identifier:
keyid:4D:72:39:55:24:3A:E8:8D:55:24:39:AF:8E:4E:0A:09:C8:F6:59:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/AA7E3F9017A211F1926DA6A3313D8C67.roa
sbgp-ipAddrBlock: critical
IPv4:
58.82.128.0/18
103.247.60.0/22
182.50.80.0/22
182.50.86.0/24
182.50.88.0/22
203.130.129.80/28
203.130.131.240/28
203.130.140.0/24
203.130.152.0/24
203.147.6.0/24
203.147.26.0/24
203.147.30.0/23
203.147.46.0/23
203.156.0.0/22
203.156.8.0-203.156.16.255
203.156.24.0-203.156.28.255
203.156.31.0/24
203.156.40.0/22
203.156.46.0-203.156.49.255
203.156.51.0-203.156.52.255
203.156.57.0/24
203.156.59.0-203.156.62.255
203.156.64.0/24
203.156.96.0/23
203.156.102.0/23
203.156.108.0-203.156.115.255
203.156.119.0-203.156.127.255
203.156.143.0/24
203.156.150.0-203.156.153.255
203.156.156.0/23
203.156.176.0/23
203.156.183.0/24
IPv6:
2404:4a00:1::/64
2404:4a00:2::/64
2404:4a00:3::/64
2404:4a00:4::/64
2404:4a00:1000::/48
2404:4a00:2094::/48
2404:4a00:5542::/48
2404:4a00:6000::/64
2404:4a00:6500::/64
2404:4a00:6501::/64
2404:4a00:6a00::/64
2404:4a00:7000::/64
2404:4a00:7500::/64
2404:4a00:7a00::/64
2404:4a00:8000::/64
2404:4a00:8500::/64
2404:4a00:8a00::/64
Signature Algorithm: sha256WithRSAEncryption
3a:7f:5d:41:36:4c:e3:f1:c6:eb:cb:74:25:e4:e2:4e:95:53:
94:f6:4c:98:62:35:05:6c:eb:d8:99:15:5d:42:c3:b1:aa:a7:
82:29:b9:1b:ee:4a:8d:fc:e1:36:23:78:80:72:e4:12:d8:fe:
99:96:0c:3d:ef:ea:6b:fc:73:05:0e:c8:57:20:f4:8c:4f:8b:
9d:ad:36:b7:d5:4f:03:a2:48:ca:23:d6:1b:67:4c:e9:85:8a:
fd:a9:6e:9d:90:79:2d:a1:9c:06:17:5b:69:de:b6:ff:93:97:
4b:9f:1b:e0:a5:f5:87:7d:aa:bf:03:c1:51:04:0f:ee:ba:5c:
b9:ac:da:a8:79:24:26:46:97:ec:9f:be:14:e9:4b:67:c5:25:
c9:d7:6e:1d:73:cc:65:38:22:28:86:aa:df:2e:d7:29:21:0e:
3d:45:12:51:0b:bc:f0:f3:49:67:99:24:07:ff:4f:75:45:2d:
37:47:ba:b2:9b:c2:f2:b2:19:68:ca:f3:0d:27:c2:1b:00:91:
b6:b7:43:7c:9e:de:da:8d:f8:72:a1:ea:28:d1:dd:9c:f8:c5:
f6:15:51:34:06:7a:df:7f:2a:f5:0f:3f:8a:d4:2b:57:53:ef:
da:18:6a:b6:81:c8:a9:fd:91:d6:e1:a2:3f:d9:25:d4:b4:05:
2c:16:0c:63
-----BEGIN CERTIFICATE-----
MIIHATCCBemgAwIBAgICNkYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDc4MUExMTAvBgNVBAUTKDRENzIzOTU1MjQzQUU4OEQ1NTI0MzlBRjhFNEUwQTA5
QzhGNjU5MEQwHhcNMjYwNTIwMDgxNjA3WhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTBkNmRjNy1jNjM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoQBxAp4f7w6XcF7Sz26D17hVg37rzOFDzwjZMjFk2X2WOb0xbW1veVS1YHRJ
fQVweSh9cjhQui72Pu6H6xYo8cyd5spYmBlIcl6g3nLBL6xRc3xiV1iGtgFJAklj
Tc+cZDoqjpf0sZRmGPF62rNf+/FiWFvr32w3oSJuUUsAJHRMS9c3lyj2ye3+aROE
gQp4BDJgIxyglk2t7wlSqjFrWoJpfCZ09Kq9U0vBQJeb49icPZnpTvWdgFISwxEu
DDNJ3QPz2pY1b/yt0B29OjnHzNfULzGeyMRzULDGMlY/bVrJ+UvUbtNhoYWDpif1
sLT/hLqW0OBPhnc9tCuv7Ay3yQIDAQABo4IEJTCCBCEwHQYDVR0OBBYEFMSDcF2x
E45QpHD1RMXve2zSbDj/MB8GA1UdIwQYMBaAFE1yOVUkOuiNVSQ5r45OCgnI9lkN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzgxQS9ENTIxNDI3MDFE
OUIxMUUyQjgyMUZEODkwOEIwMkNEMi9UWEk1VlNRNjZJMVZKRG12ams0S0NjajJX
UTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RYSTVWU1E2NkkxVkpEbXZqazRLQ2NqMldRMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDc4MUEvRDUyMTQyNzAxRDlCMTFFMkI4MjFGRDg5MDhCMDJDRDIvQUE3RTNGOTAx
N0EyMTFGMTkyNkRBNkEzMzEzRDhDNjcucm9hMIIB4gYIKwYBBQUHAQcBAf8EggHR
MIIBzTCCAQoEAgABMIIBAgMEBjpSgAMEAmf3PAMEArYyUAMEALYyVgMEArYyWAMF
BMuCgVADBQTLgoPwAwQAy4KMAwQAy4KYAwQAy5MGAwQAy5MaAwQBy5MeAwQBy5Mu
AwQCy5wAMAwDBAPLnAgDBADLnBAwDAMEA8ucGAMEAMucHAMEAMucHwMEAsucKDAM
AwQBy5wuAwQBy5wwMAwDBADLnDMDBADLnDQDBADLnDkwDAMEAMucOwMEAMucPgME
AMucQAMEAcucYAMEAcucZjAMAwQCy5xsAwQCy5xwMAwDBADLnHcDBAfLnAADBADL
nI8wDAMEAcuclgMEAcucmAMEAcucnAMEAcucsAMEAMuctzCBvAQCAAIwgbUDCQAk
BEoAAAEAAAMJACQESgAAAgAAAwkAJARKAAADAAADCQAkBEoAAAQAAAMHACQESgAQ
AAMHACQESgAglAMHACQESgBVQgMJACQESgBgAAAAAwkAJARKAGUAAAADCQAkBEoA
ZQEAAAMJACQESgBqAAAAAwkAJARKAHAAAAADCQAkBEoAdQAAAAMJACQESgB6AAAA
AwkAJARKAIAAAAADCQAkBEoAhQAAAAMJACQESgCKAAAAMA0GCSqGSIb3DQEBCwUA
A4IBAQA6f11BNkzj8cbry3Ql5OJOlVOU9kyYYjUFbOvYmRVdQsOxqqeCKbkb7kqN
/OE2I3iAcuQS2P6Zlgw97+pr/HMFDshXIPSMT4udrTa31U8DokjKI9YbZ0zphYr9
qW6dkHktoZwGF1tp3rb/k5dLnxvgpfWHfaq/A8FRBA/uuly5rNqoeSQmRpfsn74U
6UtnxSXJ124dc8xlOCIohqrfLtcpIQ49RRJRC7zw80lnmSQH/091RS03R7qym8Ly
shloyvMNJ8IbAJG2t0N8nt7ajfhyoeoo0d2c+MX2FVE0Bnrffyr1Dz+K1CtXU+/a
GGq2gcip/ZHW4aI/2SXUtAUsFgxj
-----END CERTIFICATE-----
Generated at Sat Jun 6 14:44:25 2026 by rpki-client