Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/4CBCEB321FBE11EF97E7974FC4F9AE02.roa
File: 4CBCEB321FBE11EF97E7974FC4F9AE02.roa (raw, json)
Hash identifier: Xmzy6LKrr0UiarqT9mCoYWdr0EnJ1S8v7PmGeRkDH10=
Subject key identifier: FA:68:B1:DD:F1:4A:45:AC:CD:80:6F:0D:D5:45:17:3B:8B:BC:E4:AF
Certificate issuer: /CN=A9148D01/serialNumber=7E36AB1C044321B74CF678263E0524FD34179BBD
Certificate serial: 0794
Authority key identifier: 7E:36:AB:1C:04:43:21:B7:4C:F6:78:26:3E:05:24:FD:34:17:9B:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjarHARDIbdM9ngmPgUk_TQXm70.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/4CBCEB321FBE11EF97E7974FC4F9AE02.roa
Signing time: Sun 31 May 2026 23:27:29 +0000
ROA not before: Sun 31 May 2026 23:27:29 +0000
ROA not after: Thu 01 Oct 2026 00:00:00 +0000
asID: 134540
IP address blocks: 49.248.98.0/23 maxlen: 24
49.248.100.0/22 maxlen: 24
49.248.127.0/24 maxlen: 24
49.248.128.0/24 maxlen: 24
49.248.130.0/24 maxlen: 24
49.248.131.0/24 maxlen: 24
49.248.132.0/24 maxlen: 24
49.248.133.0/24 maxlen: 24
49.248.134.0/24 maxlen: 24
49.248.136.0/24 maxlen: 24
49.248.137.0/24 maxlen: 24
49.248.150.0/24 maxlen: 24
114.143.2.0/24 maxlen: 24
114.143.4.0/23 maxlen: 23
114.143.8.0/24 maxlen: 24
114.143.10.0/24 maxlen: 24
114.143.11.0/24 maxlen: 24
114.143.12.0/24 maxlen: 24
114.143.15.0/24 maxlen: 24
114.143.18.0/24 maxlen: 24
114.143.19.0/24 maxlen: 24
114.143.21.0/24 maxlen: 24
114.143.22.0/24 maxlen: 24
114.143.24.0/24 maxlen: 24
114.143.28.0/24 maxlen: 24
114.143.29.0/24 maxlen: 24
114.143.32.0/21 maxlen: 24
114.143.80.0/20 maxlen: 20
114.143.96.0/24 maxlen: 24
114.143.97.0/24 maxlen: 24
114.143.196.0/24 maxlen: 24
123.252.128.0/24 maxlen: 24
123.252.129.0/24 maxlen: 24
123.252.130.0/24 maxlen: 24
123.252.132.0/24 maxlen: 24
123.252.139.0/24 maxlen: 24
123.252.141.0/24 maxlen: 24
123.252.142.0/24 maxlen: 24
123.252.143.0/24 maxlen: 24
123.252.144.0/24 maxlen: 24
123.252.145.0/24 maxlen: 24
123.252.150.0/24 maxlen: 24
123.252.152.0/24 maxlen: 24
123.252.153.0/24 maxlen: 24
123.252.154.0/24 maxlen: 24
123.252.155.0/24 maxlen: 24
123.252.156.0/24 maxlen: 24
123.252.157.0/24 maxlen: 24
123.252.158.0/24 maxlen: 24
123.252.159.0/24 maxlen: 24
123.252.160.0/24 maxlen: 24
123.252.162.0/24 maxlen: 24
123.252.164.0/24 maxlen: 24
123.252.166.0/24 maxlen: 24
123.252.167.0/24 maxlen: 24
123.252.168.0/24 maxlen: 24
123.252.169.0/24 maxlen: 24
123.252.172.0/24 maxlen: 24
123.252.177.0/24 maxlen: 24
123.252.178.0/24 maxlen: 24
123.252.179.0/24 maxlen: 24
123.252.180.0/24 maxlen: 24
123.252.182.0/24 maxlen: 24
123.252.183.0/24 maxlen: 24
123.252.184.0/24 maxlen: 24
123.252.185.0/24 maxlen: 24
123.252.186.0/24 maxlen: 24
123.252.187.0/24 maxlen: 24
123.252.192.0/24 maxlen: 24
123.252.196.0/24 maxlen: 24
123.252.198.0/24 maxlen: 24
123.252.199.0/24 maxlen: 24
123.252.202.0/24 maxlen: 24
123.252.207.0/24 maxlen: 24
123.252.212.0/22 maxlen: 24
123.252.216.0/24 maxlen: 24
123.252.221.0/24 maxlen: 24
123.252.223.0/24 maxlen: 24
123.252.224.0/21 maxlen: 24
123.252.234.0/24 maxlen: 24
123.252.237.0/24 maxlen: 24
123.252.239.0/24 maxlen: 24
123.252.240.0/22 maxlen: 22
123.252.245.0/24 maxlen: 24
123.252.246.0/24 maxlen: 24
123.252.248.0/24 maxlen: 24
123.252.254.0/24 maxlen: 24
202.149.194.0/24 maxlen: 24
202.149.195.0/24 maxlen: 24
202.149.197.0/24 maxlen: 24
202.149.200.0/24 maxlen: 24
202.149.211.0/24 maxlen: 24
202.149.212.0/24 maxlen: 24
202.149.213.0/24 maxlen: 24
202.149.215.0/24 maxlen: 24
202.149.216.0/24 maxlen: 24
202.189.225.0/24 maxlen: 24
202.189.229.0/24 maxlen: 24
202.189.230.0/24 maxlen: 24
202.189.231.0/24 maxlen: 24
202.189.232.0/24 maxlen: 24
202.189.233.0/24 maxlen: 24
202.189.234.0/24 maxlen: 24
202.189.236.0/24 maxlen: 24
202.189.237.0/24 maxlen: 24
202.189.238.0/24 maxlen: 24
202.189.240.0/24 maxlen: 24
202.189.241.0/24 maxlen: 24
202.189.242.0/24 maxlen: 24
202.189.244.0/24 maxlen: 24
202.189.245.0/24 maxlen: 24
202.189.247.0/24 maxlen: 24
202.189.250.0/24 maxlen: 24
202.189.251.0/24 maxlen: 24
202.189.252.0/24 maxlen: 24
202.189.253.0/24 maxlen: 24
202.189.254.0/24 maxlen: 24
2402:d400:a1::/48 maxlen: 51
2402:d400:a2::/48 maxlen: 51
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/fjarHARDIbdM9ngmPgUk_TQXm70.crl
rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/fjarHARDIbdM9ngmPgUk_TQXm70.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjarHARDIbdM9ngmPgUk_TQXm70.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 07 Jun 2026 23:27:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1940 (0x794)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9148D01, serialNumber=7E36AB1C044321B74CF678263E0524FD34179BBD
Validity
Not Before: May 31 23:27:29 2026 GMT
Not After : Oct 1 00:00:00 2026 GMT
Subject: CN=6a1cc3e1-16c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:64:33:e8:fa:b6:a3:51:6a:eb:0a:5f:50:f0:
4e:81:a6:a9:53:12:e5:b2:3a:0e:ba:0c:c5:26:cf:
bb:07:93:9c:5d:a7:9b:98:d8:fb:0e:b8:03:fd:9b:
81:6a:d4:36:f4:ce:3d:cb:78:cf:2e:32:aa:1d:94:
8a:fc:42:6a:14:06:e8:d7:12:4f:b1:7a:87:fc:fd:
ba:dd:47:8d:56:fb:a5:f6:09:ef:e5:b2:85:c6:ad:
3c:c1:54:38:87:04:e4:80:3c:d6:87:7a:89:ad:bb:
07:62:26:63:45:52:8e:38:a7:bf:93:93:80:c3:cf:
b2:08:04:d6:f7:a3:4d:c1:87:74:a1:2f:45:0b:b3:
cc:76:c3:79:ee:88:ba:6b:f4:da:8f:3d:66:16:6f:
75:09:d5:cb:69:04:c0:94:31:20:0a:34:d5:2e:a7:
77:5c:ed:6a:3a:d2:3c:97:61:41:3a:0c:88:11:3a:
47:82:40:9a:10:5c:b1:f5:ad:02:9a:6f:dd:be:8b:
aa:73:51:04:74:98:e5:90:44:eb:83:ab:d5:1f:b5:
85:de:5f:20:c9:18:3f:5d:3a:8f:35:d2:e9:2f:94:
90:70:8e:c3:68:fd:00:87:7d:bc:4b:ac:56:f7:a0:
62:56:f1:45:bd:33:7c:cb:16:8a:12:45:e7:13:53:
8f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:68:B1:DD:F1:4A:45:AC:CD:80:6F:0D:D5:45:17:3B:8B:BC:E4:AF
X509v3 Authority Key Identifier:
keyid:7E:36:AB:1C:04:43:21:B7:4C:F6:78:26:3E:05:24:FD:34:17:9B:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/fjarHARDIbdM9ngmPgUk_TQXm70.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjarHARDIbdM9ngmPgUk_TQXm70.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/4CBCEB321FBE11EF97E7974FC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
49.248.98.0-49.248.103.255
49.248.127.0-49.248.128.255
49.248.130.0-49.248.134.255
49.248.136.0/23
49.248.150.0/24
114.143.2.0/24
114.143.4.0/23
114.143.8.0/24
114.143.10.0-114.143.12.255
114.143.15.0/24
114.143.18.0/23
114.143.21.0-114.143.22.255
114.143.24.0/24
114.143.28.0/23
114.143.32.0/21
114.143.80.0-114.143.97.255
114.143.196.0/24
123.252.128.0-123.252.130.255
123.252.132.0/24
123.252.139.0/24
123.252.141.0-123.252.145.255
123.252.150.0/24
123.252.152.0-123.252.160.255
123.252.162.0/24
123.252.164.0/24
123.252.166.0-123.252.169.255
123.252.172.0/24
123.252.177.0-123.252.180.255
123.252.182.0-123.252.187.255
123.252.192.0/24
123.252.196.0/24
123.252.198.0/23
123.252.202.0/24
123.252.207.0/24
123.252.212.0-123.252.216.255
123.252.221.0/24
123.252.223.0-123.252.231.255
123.252.234.0/24
123.252.237.0/24
123.252.239.0-123.252.243.255
123.252.245.0-123.252.246.255
123.252.248.0/24
123.252.254.0/24
202.149.194.0/23
202.149.197.0/24
202.149.200.0/24
202.149.211.0-202.149.213.255
202.149.215.0-202.149.216.255
202.189.225.0/24
202.189.229.0-202.189.234.255
202.189.236.0-202.189.238.255
202.189.240.0-202.189.242.255
202.189.244.0/23
202.189.247.0/24
202.189.250.0-202.189.254.255
IPv6:
2402:d400:a1::-2402:d400:a2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b2:50:da:96:2e:b1:89:f8:04:ef:7a:dc:4e:90:39:c2:21:e8:
a7:e0:52:41:ec:0c:15:ef:94:50:ef:4e:94:b1:e1:56:e1:fd:
c9:a3:7c:fa:42:da:e0:ad:23:14:e1:15:1f:a7:f6:98:cd:93:
87:6d:a9:7b:11:3a:1b:4f:35:0a:2a:15:16:3a:3c:a7:f9:68:
3b:c4:25:37:21:12:02:c6:5c:9f:09:83:c6:77:13:a5:10:9b:
fb:c1:4c:b8:61:7d:b0:86:5c:4e:ae:cb:6c:80:d3:06:0d:44:
e7:ac:56:7a:16:20:bc:f7:6e:6e:17:3b:8d:27:24:a0:af:00:
8a:b9:44:b6:31:7e:73:b6:98:8a:4c:25:e6:94:1d:c3:e2:82:
81:92:0e:64:a7:11:dc:e7:47:85:79:f5:1f:3a:01:a2:70:10:
d4:b9:7c:af:3d:d1:96:cc:f8:f2:dc:d7:d3:d9:5a:07:35:cb:
7b:78:49:3a:16:1e:1d:44:93:0c:0c:d5:6e:11:97:c2:42:bd:
7d:0b:ff:be:f0:32:d5:3d:31:b7:6a:0e:2d:f7:b5:cc:2f:b0:
c0:34:12:b7:f2:50:aa:98:16:8c:75:e3:1c:35:82:f0:55:45:
5d:b6:53:a7:ef:c7:51:b6:0a:e6:0a:ec:a3:9d:21:43:68:bb:
86:01:09:89
-----BEGIN CERTIFICATE-----
MIIHVjCCBj6gAwIBAgICB5QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDhEMDExMTAvBgNVBAUTKDdFMzZBQjFDMDQ0MzIxQjc0Q0Y2NzgyNjNFMDUyNEZE
MzQxNzlCQkQwHhcNMjYwNTMxMjMyNzI5WhcNMjYxMDAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTFjYzNlMS0xNmM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8WQz6Pq2o1Fq6wpfUPBOgaapUxLlsjoOugzFJs+7B5OcXaebmNj7DrgD/ZuB
atQ29M49y3jPLjKqHZSK/EJqFAbo1xJPsXqH/P263UeNVvul9gnv5bKFxq08wVQ4
hwTkgDzWh3qJrbsHYiZjRVKOOKe/k5OAw8+yCATW96NNwYd0oS9FC7PMdsN57oi6
a/Tajz1mFm91CdXLaQTAlDEgCjTVLqd3XO1qOtI8l2FBOgyIETpHgkCaEFyx9a0C
mm/dvouqc1EEdJjlkETrg6vVH7WF3l8gyRg/XTqPNdLpL5SQcI7DaP0Ah328S6xW
96BiVvFFvTN8yxaKEkXnE1OPlwIDAQABo4IEejCCBHYwHQYDVR0OBBYEFPposd3x
SkWszYBvDdVFFzuLvOSvMB8GA1UdIwQYMBaAFH42qxwEQyG3TPZ4Jj4FJP00F5u9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEQwMS9FOTI1MTlGQTk5
MEIxMUVCQTM1NUNCNTNDNEY5QUUwMi9mamFySEFSREliZE05bmdtUGdVa19UUVht
NzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZqYXJIQVJESWJkTTluZ21QZ1VrX1RRWG03MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDhEMDEvRTkyNTE5RkE5OTBCMTFFQkEzNTVDQjUzQzRGOUFFMDIvNENCQ0VCMzIx
RkJFMTFFRjk3RTc5NzRGQzRGOUFFMDIucm9hMIICNwYIKwYBBQUHAQcBAf8EggIm
MIICIjCCAgIEAgABMIIB+jAMAwQBMfhiAwQDMfhgMAwDBAAx+H8DBAAx+IAwDAME
ATH4ggMEADH4hgMEATH4iAMEADH4lgMEAHKPAgMEAXKPBAMEAHKPCDAMAwQBco8K
AwQAco8MAwQAco8PAwQBco8SMAwDBAByjxUDBAByjxYDBAByjxgDBAFyjxwDBANy
jyAwDAMEBHKPUAMEAXKPYAMEAHKPxDAMAwQHe/yAAwQAe/yCAwQAe/yEAwQAe/yL
MAwDBAB7/I0DBAF7/JADBAB7/JYwDAMEA3v8mAMEAHv8oAMEAHv8ogMEAHv8pDAM
AwQBe/ymAwQBe/yoAwQAe/ysMAwDBAB7/LEDBAB7/LQwDAMEAXv8tgMEAnv8uAME
AHv8wAMEAHv8xAMEAXv8xgMEAHv8ygMEAHv8zzAMAwQCe/zUAwQAe/zYAwQAe/zd
MAwDBAB7/N8DBAN7/OADBAB7/OoDBAB7/O0wDAMEAHv87wMEAnv88DAMAwQAe/z1
AwQAe/z2AwQAe/z4AwQAe/z+AwQBypXCAwQAypXFAwQAypXIMAwDBADKldMDBAHK
ldQwDAMEAMqV1wMEAMqV2AMEAMq94TAMAwQAyr3lAwQAyr3qMAwDBALKvewDBADK
ve4wDAMEBMq98AMEAMq98gMEAcq99AMEAMq99zAMAwQByr36AwQAyr3+MBoEAgAC
MBQwEgMHACQC1AAAoQMHACQC1AAAojANBgkqhkiG9w0BAQsFAAOCAQEAslDali6x
ifgE73rcTpA5wiHop+BSQewMFe+UUO9OlLHhVuH9yaN8+kLa4K0jFOEVH6f2mM2T
h22pexE6G081CioVFjo8p/loO8QlNyESAsZcnwmDxncTpRCb+8FMuGF9sIZcTq7L
bIDTBg1E56xWehYgvPdubhc7jSckoK8AirlEtjF+c7aYikwl5pQdw+KCgZIOZKcR
3OdHhXn1HzoBonAQ1Ll8rz3Rlsz48tzX09laBzXLe3hJOhYeHUSTDAzVbhGXwkK9
fQv/vvAy1T0xt2oOLfe1zC+wwDQSt/JQqpgWjHXjHDWC8FVFXbZTp+/HUbYK5grs
o50hQ2i7hgEJiQ==
-----END CERTIFICATE-----
Generated at Tue Jun 2 22:23:58 2026 by rpki-client