Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/4DEF33661FBE11EF97E7974FC4F9AE02.roa
File: 4DEF33661FBE11EF97E7974FC4F9AE02.roa (raw, json)
Hash identifier: PsBM0KU80WSFJRk0YbyfrqcbcFSUQ3ZlE92BwbpJrIU=
Subject key identifier: E9:5E:A5:63:68:42:1D:0E:B5:DB:20:E5:D5:DA:9E:BA:C8:AE:6D:59
Certificate issuer: /CN=A9148D01/serialNumber=7E36AB1C044321B74CF678263E0524FD34179BBD
Certificate serial: 0754
Authority key identifier: 7E:36:AB:1C:04:43:21:B7:4C:F6:78:26:3E:05:24:FD:34:17:9B:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjarHARDIbdM9ngmPgUk_TQXm70.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/4DEF33661FBE11EF97E7974FC4F9AE02.roa
Signing time: Sat 14 Feb 2026 09:18:17 +0000
ROA not before: Sat 14 Feb 2026 09:18:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 17762
IP address blocks: 49.248.0.0/17 maxlen: 21
49.248.0.0/18 maxlen: 24
49.248.64.0/19 maxlen: 24
49.248.96.0/22 maxlen: 22
49.248.96.0/23 maxlen: 24
49.248.104.0/21 maxlen: 24
49.248.112.0/20 maxlen: 23
49.248.112.0/21 maxlen: 24
49.248.120.0/22 maxlen: 24
49.248.124.0/23 maxlen: 24
49.248.126.0/24 maxlen: 24
49.248.128.0/18 maxlen: 18
49.248.128.0/21 maxlen: 23
49.248.129.0/24 maxlen: 24
49.248.135.0/24 maxlen: 24
49.248.136.0/21 maxlen: 23
49.248.136.0/24 maxlen: 24
49.248.138.0/23 maxlen: 24
49.248.140.0/22 maxlen: 24
49.248.144.0/22 maxlen: 24
49.248.148.0/23 maxlen: 24
49.248.151.0/24 maxlen: 24
49.248.152.0/21 maxlen: 24
49.248.160.0/19 maxlen: 24
49.248.192.0/19 maxlen: 24
49.248.246.0/23 maxlen: 24
49.248.248.0/21 maxlen: 24
103.3.40.0/24 maxlen: 24
103.3.41.0/24 maxlen: 24
103.3.43.0/24 maxlen: 24
103.8.148.0/22 maxlen: 24
114.143.0.0/16 maxlen: 24
123.252.128.0/18 maxlen: 21
123.252.128.0/22 maxlen: 22
123.252.128.0/23 maxlen: 24
123.252.131.0/24 maxlen: 24
123.252.133.0/24 maxlen: 24
123.252.134.0/23 maxlen: 24
123.252.136.0/21 maxlen: 22
123.252.136.0/23 maxlen: 24
123.252.138.0/24 maxlen: 24
123.252.140.0/22 maxlen: 24
123.252.144.0/20 maxlen: 24
123.252.160.0/19 maxlen: 24
123.252.192.0/18 maxlen: 24
202.149.192.0/19 maxlen: 19
202.149.192.0/22 maxlen: 22
202.149.192.0/24 maxlen: 24
202.149.193.0/24 maxlen: 24
202.149.196.0/24 maxlen: 24
202.149.198.0/24 maxlen: 24
202.149.199.0/24 maxlen: 24
202.149.201.0/24 maxlen: 24
202.149.202.0/24 maxlen: 24
202.149.203.0/24 maxlen: 24
202.149.204.0/22 maxlen: 22
202.149.204.0/23 maxlen: 23
202.149.207.0/24 maxlen: 24
202.149.210.0/24 maxlen: 24
202.149.212.0/22 maxlen: 22
202.149.214.0/24 maxlen: 24
202.149.217.0/24 maxlen: 24
202.149.218.0/24 maxlen: 24
202.149.219.0/24 maxlen: 24
202.149.220.0/22 maxlen: 22
202.149.222.0/23 maxlen: 23
202.149.222.0/24 maxlen: 24
202.149.223.0/24 maxlen: 24
202.189.224.0/19 maxlen: 24
2402:d400::/32 maxlen: 32
2402:d400::/44 maxlen: 48
2402:d400:40::/48 maxlen: 48
2402:d400:41::/48 maxlen: 48
2402:d400:3e2::/48 maxlen: 48
2402:d400:3e3::/48 maxlen: 48
2402:d400:3e4::/48 maxlen: 48
2402:d400:3e5::/48 maxlen: 48
2402:d400:3e6::/48 maxlen: 48
2402:d400:fa00::/44 maxlen: 48
2402:d400:fa10::/44 maxlen: 48
2402:d400:fa20::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/fjarHARDIbdM9ngmPgUk_TQXm70.crl
rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/fjarHARDIbdM9ngmPgUk_TQXm70.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjarHARDIbdM9ngmPgUk_TQXm70.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 25 Feb 2026 21:43:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1876 (0x754)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9148D01, serialNumber=7E36AB1C044321B74CF678263E0524FD34179BBD
Validity
Not Before: Feb 14 09:18:17 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69903dd9-f282
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e1:44:1a:d3:4e:43:34:08:72:fa:bd:4d:d2:
e7:b5:07:ff:f8:d2:c7:a6:db:20:8d:b8:94:8e:d9:
97:f1:3a:65:55:57:f1:0f:08:82:4a:fd:93:53:27:
79:d9:f1:d3:56:e7:df:29:f7:5a:70:d6:96:e4:ed:
5a:4b:c8:1e:e9:6f:c2:8c:5b:96:e5:68:1d:b4:1a:
a8:07:a8:d7:5f:fa:85:f9:b5:33:78:fe:c7:81:06:
97:5b:30:c6:b1:9c:9a:01:5c:93:e0:be:85:d2:19:
22:e7:61:66:f6:30:5a:e1:c0:e8:94:7f:a0:5f:e4:
77:da:10:e8:a2:f2:a9:00:91:86:6d:3e:c2:7e:1f:
b0:b8:fb:66:1a:3b:a8:90:67:b6:61:b5:8c:af:0c:
73:5a:ee:2f:d4:38:d7:66:3e:5c:5a:02:de:ac:0d:
ef:c7:bb:df:7b:ee:ad:0c:8a:cd:4e:43:1a:e3:34:
36:44:8a:ec:79:7d:df:85:20:bd:ed:c8:01:74:0c:
00:44:7d:22:61:f6:0b:a9:da:49:78:8d:ef:30:27:
6c:c2:4c:22:4a:90:4c:af:80:a6:1f:a2:f6:bf:6f:
3d:2f:8e:eb:1d:fb:82:5d:c7:9a:ba:1f:ac:5c:fc:
71:6e:68:fe:cd:06:53:58:7a:11:4d:5f:6f:1f:e2:
1a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:5E:A5:63:68:42:1D:0E:B5:DB:20:E5:D5:DA:9E:BA:C8:AE:6D:59
X509v3 Authority Key Identifier:
keyid:7E:36:AB:1C:04:43:21:B7:4C:F6:78:26:3E:05:24:FD:34:17:9B:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/fjarHARDIbdM9ngmPgUk_TQXm70.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjarHARDIbdM9ngmPgUk_TQXm70.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/4DEF33661FBE11EF97E7974FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.248.0.0-49.248.223.255
49.248.246.0-49.248.255.255
103.3.40.0/23
103.3.43.0/24
103.8.148.0/22
114.143.0.0/16
123.252.128.0/17
202.149.192.0/19
202.189.224.0/19
IPv6:
2402:d400::/32
Signature Algorithm: sha256WithRSAEncryption
6a:1d:b8:17:9c:95:1a:56:a7:94:26:58:5b:a0:e9:ac:51:83:
8c:ab:40:2c:0f:8d:1a:a8:44:19:60:69:ed:19:45:f0:7f:47:
b3:3d:aa:a1:70:53:e9:1c:eb:da:2b:ed:3b:94:c3:97:65:e2:
de:2a:55:0d:87:91:8e:44:40:7a:5d:21:af:d6:27:f9:26:1f:
00:e9:97:fe:5a:3b:c1:d5:7a:e8:ac:b7:1d:a5:c8:35:38:74:
73:84:1e:39:66:ce:d9:14:bd:e2:e0:fe:92:a4:79:60:f4:f6:
98:95:7c:c1:ec:da:e9:7a:8e:da:60:5f:52:7c:60:98:9a:b2:
9d:e3:9e:28:3f:53:b8:4c:f2:68:d5:6c:14:a0:95:43:ab:d4:
0b:af:f3:8b:15:ca:c3:cf:df:ec:29:61:87:1c:53:fa:f6:cf:
9b:57:f7:53:b7:f3:2f:b8:7b:fa:74:57:8d:7a:5a:d9:9a:b5:
25:c3:7a:d4:f2:0f:fc:21:06:cf:e4:5e:bc:ab:6d:8e:7a:74:
14:d7:ff:e3:04:19:c0:c1:8e:e3:ed:6f:20:26:56:fb:86:7c:
57:5a:85:f3:96:8c:74:1a:ae:a5:84:8c:83:8b:9d:2a:7f:59:
1d:0d:32:cb:45:79:07:53:61:21:0c:ae:a9:84:27:95:33:da:
7f:80:d4:ba
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgICB1QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDhEMDExMTAvBgNVBAUTKDdFMzZBQjFDMDQ0MzIxQjc0Q0Y2NzgyNjNFMDUyNEZE
MzQxNzlCQkQwHhcNMjYwMjE0MDkxODE3WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDDA02OTkwM2RkOS1mMjgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt+FEGtNOQzQIcvq9TdLntQf/+NLHptsgjbiUjtmX8TplVVfxDwiCSv2TUyd5
2fHTVuffKfdacNaW5O1aS8ge6W/CjFuW5WgdtBqoB6jXX/qF+bUzeP7HgQaXWzDG
sZyaAVyT4L6F0hki52Fm9jBa4cDolH+gX+R32hDoovKpAJGGbT7Cfh+wuPtmGjuo
kGe2YbWMrwxzWu4v1DjXZj5cWgLerA3vx7vfe+6tDIrNTkMa4zQ2RIrseX3fhSC9
7cgBdAwARH0iYfYLqdpJeI3vMCdswkwiSpBMr4CmH6L2v289L47rHfuCXceauh+s
XPxxbmj+zQZTWHoRTV9vH+Ia5QIDAQABo4IC4TCCAt0wHQYDVR0OBBYEFOlepWNo
Qh0Otdsg5dXanrrIrm1ZMB8GA1UdIwQYMBaAFH42qxwEQyG3TPZ4Jj4FJP00F5u9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEQwMS9FOTI1MTlGQTk5
MEIxMUVCQTM1NUNCNTNDNEY5QUUwMi9mamFySEFSREliZE05bmdtUGdVa19UUVht
NzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZqYXJIQVJESWJkTTluZ21QZ1VrX1RRWG03MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDhEMDEvRTkyNTE5RkE5OTBCMTFFQkEzNTVDQjUzQzRGOUFFMDIvNERFRjMzNjYx
RkJFMTFFRjk3RTc5NzRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwawYIKwYBBQUHAQcBAf8E
XDBaMEkEAgABMEMwCwMDAzH4AwQFMfjAMAsDBAEx+PYDAwAx+AMEAWcDKAMEAGcD
KwMEAmcIlAMDAHKPAwQHe/yAAwQFypXAAwQFyr3gMA0EAgACMAcDBQAkAtQAMA0G
CSqGSIb3DQEBCwUAA4IBAQBqHbgXnJUaVqeUJlhboOmsUYOMq0AsD40aqEQZYGnt
GUXwf0ezPaqhcFPpHOvaK+07lMOXZeLeKlUNh5GOREB6XSGv1if5Jh8A6Zf+WjvB
1XrorLcdpcg1OHRzhB45Zs7ZFL3i4P6SpHlg9PaYlXzB7Nrpeo7aYF9SfGCYmrKd
454oP1O4TPJo1WwUoJVDq9QLr/OLFcrDz9/sKWGHHFP69s+bV/dTt/MvuHv6dFeN
elrZmrUlw3rU8g/8IQbP5F68q22OenQU1//jBBnAwY7j7W8gJlb7hnxXWoXzlox0
Gq6lhIyDi50qf1kdDTLLRXkHU2EhDK6phCeVM9p/gNS6
-----END CERTIFICATE-----
Generated at Fri Feb 20 02:45:02 2026 by rpki-client