
Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/324F926C3BAC11F09BF98E0EC4F9AE02.roa
File: 324F926C3BAC11F09BF98E0EC4F9AE02.roa (raw, json)
Hash identifier: ggEqoODHKilLBeJ1lf9ZZgAg1WcAyMTWp27ULOwoA58=
Subject key identifier: 87:2D:73:C0:AF:4F:66:90:76:49:54:58:CC:EC:F6:8D:CA:5C:99:A5
Certificate issuer: /CN=A9157D7A/serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Certificate serial: 08BE
Authority key identifier: 40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/324F926C3BAC11F09BF98E0EC4F9AE02.roa
Signing time: Wed 08 Jul 2026 23:25:11 +0000
ROA not before: Wed 08 Jul 2026 23:25:11 +0000
ROA not after: Fri 28 May 2027 00:00:00 +0000
asID: 17762
IP address blocks: 27.107.0.0/16 maxlen: 16
27.107.0.0/20 maxlen: 24
27.107.16.0/21 maxlen: 24
27.107.24.0/21 maxlen: 24
27.107.32.0/20 maxlen: 24
27.107.48.0/20 maxlen: 24
27.107.64.0/20 maxlen: 24
27.107.80.0/20 maxlen: 24
27.107.96.0/22 maxlen: 24
27.107.100.0/22 maxlen: 24
27.107.104.0/21 maxlen: 24
27.107.144.0/20 maxlen: 24
27.107.160.0/20 maxlen: 24
27.107.176.0/20 maxlen: 24
27.107.192.0/23 maxlen: 24
27.107.194.0/23 maxlen: 24
27.107.196.0/23 maxlen: 24
27.107.198.0/23 maxlen: 24
27.107.203.0/24 maxlen: 24
27.107.204.0/24 maxlen: 24
27.107.205.0/24 maxlen: 24
27.107.206.0/24 maxlen: 24
27.107.207.0/24 maxlen: 24
27.107.208.0/20 maxlen: 24
27.107.224.0/21 maxlen: 24
27.107.232.0/21 maxlen: 24
27.107.240.0/22 maxlen: 24
27.107.244.0/22 maxlen: 24
27.107.248.0/22 maxlen: 24
27.107.252.0/22 maxlen: 24
49.200.32.0/21 maxlen: 24
49.200.200.0/21 maxlen: 24
49.200.208.0/21 maxlen: 24
49.201.24.0/21 maxlen: 24
49.249.192.0/19 maxlen: 24
103.8.36.0/22 maxlen: 24
115.160.208.0/20 maxlen: 24
182.156.6.0/23 maxlen: 24
182.156.20.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.crl
rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Jul 2026 22:34:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2238 (0x8be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157D7A, serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Validity
Not Before: Jul 8 23:25:11 2026 GMT
Not After : May 28 00:00:00 2027 GMT
Subject: CN=6a4edc57-a51a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c3:c3:90:3b:cc:b4:e2:56:9f:54:88:dc:27:
d9:12:bd:53:40:ec:87:ad:76:ca:7f:c8:6a:65:7a:
3a:4a:42:92:bb:84:ad:90:fe:df:a9:4a:b4:90:c1:
4d:a1:b6:48:64:87:ea:20:75:b0:bc:62:43:91:2f:
25:56:da:45:58:f6:3a:80:9b:2f:cc:9e:1c:23:cb:
5e:df:6a:92:75:40:05:da:b6:35:76:a3:25:36:56:
46:8b:30:ed:dc:50:49:65:d2:75:03:67:36:88:e3:
e8:57:7e:13:7c:04:e9:8a:65:bd:26:98:e4:ab:4e:
e9:75:65:da:b5:31:0e:b1:a2:7d:0d:8c:69:f1:47:
01:7a:51:c5:0d:bc:e0:e7:70:dd:d0:ef:3a:0a:f7:
2f:2f:50:f1:ff:27:d5:bd:2b:e9:fd:96:0f:1c:24:
8e:1a:bd:ab:85:29:67:39:db:9b:2a:2e:64:54:47:
b4:38:73:2a:67:2a:0b:d7:e4:6c:3d:3f:2e:1c:2e:
52:2e:b4:27:fb:47:76:34:7e:06:9e:8b:c0:b0:02:
55:e1:ab:b2:b5:f7:a3:93:88:b0:e5:92:05:8e:45:
ba:7e:ab:62:e3:f3:d1:e7:66:60:e0:49:30:9b:3e:
bb:c5:6d:af:ba:4f:da:9b:49:df:d7:e1:f9:85:4d:
1e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:2D:73:C0:AF:4F:66:90:76:49:54:58:CC:EC:F6:8D:CA:5C:99:A5
X509v3 Authority Key Identifier:
keyid:40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/324F926C3BAC11F09BF98E0EC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
27.107.0.0/16
49.200.32.0/21
49.200.200.0-49.200.215.255
49.201.24.0/21
49.249.192.0/19
103.8.36.0/22
115.160.208.0/20
182.156.6.0/23
182.156.20.0/23
Signature Algorithm: sha256WithRSAEncryption
72:46:d2:d8:95:af:c1:47:b4:60:6a:6b:ed:ba:0a:c0:42:1a:
19:f7:be:08:87:2d:8f:5c:05:64:ff:45:63:7f:d4:e6:74:ba:
11:7e:aa:80:d9:dc:6f:18:3a:4c:df:75:80:ef:fc:00:aa:4a:
b1:cd:a9:5f:fe:9d:2c:90:68:02:1f:3c:a1:8e:e8:76:ee:96:
8a:60:34:d2:cf:1e:8c:39:c1:38:7d:f1:5c:52:38:d8:7f:85:
c6:25:12:4b:f1:dd:58:75:eb:1a:0a:89:14:7c:45:4b:f5:e6:
e8:c9:07:9b:32:98:a5:8f:8f:e0:f4:da:84:a9:fd:03:d5:91:
b8:c1:af:c2:f8:38:ea:27:47:1b:8b:2a:56:0e:a5:bd:5f:18:
52:42:a9:5e:92:63:34:87:b2:66:7b:56:8b:15:af:77:8d:a3:
96:ca:eb:3c:ca:bc:c3:1b:94:34:0d:da:39:72:64:dd:f4:2c:
2e:3a:86:49:ed:3a:d8:d8:90:29:13:08:4c:b0:78:e0:0f:5d:
eb:41:9b:de:f9:9f:2e:9d:2d:8b:2c:b0:26:ee:14:47:cc:6e:
df:82:ed:28:05:a6:80:af:73:70:80:26:1d:bc:82:b4:ea:6f:
71:98:46:dc:df:c3:d5:e1:35:87:90:38:5a:0b:13:b4:99:7b:
f4:39:f8:19
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgICCL4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdEN0ExMTAvBgNVBAUTKDQwMUI0Mjk5MDZDOTBFQTAzRUNGQzYxQjE1QkE0RUYx
MjM5MDMzNzkwHhcNMjYwNzA4MjMyNTExWhcNMjcwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02YTRlZGM1Ny1hNTFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAusPDkDvMtOJWn1SI3CfZEr1TQOyHrXbKf8hqZXo6SkKSu4StkP7fqUq0kMFN
obZIZIfqIHWwvGJDkS8lVtpFWPY6gJsvzJ4cI8te32qSdUAF2rY1dqMlNlZGizDt
3FBJZdJ1A2c2iOPoV34TfATpimW9Jpjkq07pdWXatTEOsaJ9DYxp8UcBelHFDbzg
53Dd0O86CvcvL1Dx/yfVvSvp/ZYPHCSOGr2rhSlnOdubKi5kVEe0OHMqZyoL1+Rs
PT8uHC5SLrQn+0d2NH4GnovAsAJV4auytfejk4iw5ZIFjkW6fqti4/PR52Zg4Ekw
mz67xW2vuk/am0nf1+H5hU0e6wIDAQABo4IClzCCApMwHQYDVR0OBBYEFIctc8Cv
T2aQdklUWMzs9o3KXJmlMB8GA1UdIwQYMBaAFEAbQpkGyQ6gPs/GGxW6TvEjkDN5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q3QS81RERDQ0NDNjk5
MTUxMUVCOTY3MjcyNDNDNEY5QUUwMi9RQnRDbVFiSkRxQS16OFliRmJwTzhTT1FN
M2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FCdENtUWJKRHFBLXo4WWJGYnBPOFNPUU0zay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdEN0EvNUREQ0NDQzY5OTE1MTFFQjk2NzI3MjQzQzRGOUFFMDIvMzI0RjkyNkMz
QkFDMTFGMDlCRjk4RTBFQzRGOUFFMDIucm9hMFYGCCsGAQUFBwEHAQH/BEcwRTBD
BAIAATA9AwMAG2sDBAMxyCAwDAMEAzHIyAMEAzHI0AMEAzHJGAMEBTH5wAMEAmcI
JAMEBHOg0AMEAbacBgMEAbacFDANBgkqhkiG9w0BAQsFAAOCAQEAckbS2JWvwUe0
YGpr7boKwEIaGfe+CIctj1wFZP9FY3/U5nS6EX6qgNncbxg6TN91gO/8AKpKsc2p
X/6dLJBoAh88oY7odu6WimA00s8ejDnBOH3xXFI42H+FxiUSS/HdWHXrGgqJFHxF
S/Xm6MkHmzKYpY+P4PTahKn9A9WRuMGvwvg46idHG4sqVg6lvV8YUkKpXpJjNIey
ZntWixWvd42jlsrrPMq8wxuUNA3aOXJk3fQsLjqGSe062NiQKRMITLB44A9d60Gb
3vmfLp0tiyywJu4UR8xu34LtKAWmgK9zcIAmHbyCtOpvcZhG3N/D1eE1h5A4WgsT
tJl79Dn4GQ==
-----END CERTIFICATE-----
Generated at Sat Jul 18 04:08:49 2026 by rpki-client