Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9165A0B/15586F42C4F811EA8B9B4C13C4F9AE02/90606AD670AA11ED8DAE4C5AC4F9AE02.roa
File: 90606AD670AA11ED8DAE4C5AC4F9AE02.roa (raw, json)
Hash identifier: lmS+7uFn8RH9fc0jbeBbvg4YMmHae9TzPRYAxD2jSss=
Subject key identifier: 52:89:63:27:CE:83:79:BA:C2:50:5C:AE:CC:EB:7E:1C:51:FB:B3:F9
Certificate issuer: /CN=A9165A0B/serialNumber=71AA58CDF1B6BD7C26E61A7518A4D0AD2C9F1A14
Certificate serial: 0948
Authority key identifier: 71:AA:58:CD:F1:B6:BD:7C:26:E6:1A:75:18:A4:D0:AD:2C:9F:1A:14
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/capYzfG2vXwm5hp1GKTQrSyfGhQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9165A0B/15586F42C4F811EA8B9B4C13C4F9AE02/90606AD670AA11ED8DAE4C5AC4F9AE02.roa
Signing time: Sun 01 Mar 2026 16:33:00 +0000
ROA not before: Tue 16 Sep 2025 21:00:43 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 17563
IP address blocks: 103.184.58.0/23 maxlen: 24
116.58.0.0/17 maxlen: 23
116.58.0.0/24 maxlen: 24
116.58.1.0/24 maxlen: 24
116.58.2.0/24 maxlen: 24
116.58.3.0/24 maxlen: 24
116.58.4.0/24 maxlen: 24
116.58.5.0/24 maxlen: 24
116.58.6.0/24 maxlen: 24
116.58.7.0/24 maxlen: 24
116.58.8.0/24 maxlen: 24
116.58.9.0/24 maxlen: 24
116.58.10.0/24 maxlen: 24
116.58.11.0/24 maxlen: 24
116.58.12.0/24 maxlen: 24
116.58.13.0/24 maxlen: 24
116.58.14.0/24 maxlen: 24
116.58.15.0/24 maxlen: 24
116.58.16.0/24 maxlen: 24
116.58.17.0/24 maxlen: 24
116.58.18.0/24 maxlen: 24
116.58.19.0/24 maxlen: 24
116.58.20.0/24 maxlen: 24
116.58.21.0/24 maxlen: 24
116.58.22.0/24 maxlen: 24
116.58.23.0/24 maxlen: 24
116.58.24.0/24 maxlen: 24
116.58.25.0/24 maxlen: 24
116.58.26.0/24 maxlen: 24
116.58.27.0/24 maxlen: 24
116.58.28.0/24 maxlen: 24
116.58.29.0/24 maxlen: 24
116.58.30.0/24 maxlen: 24
116.58.31.0/24 maxlen: 24
116.58.32.0/24 maxlen: 24
116.58.33.0/24 maxlen: 24
116.58.34.0/24 maxlen: 24
116.58.35.0/24 maxlen: 24
116.58.36.0/24 maxlen: 24
116.58.37.0/24 maxlen: 24
116.58.38.0/24 maxlen: 24
116.58.39.0/24 maxlen: 24
116.58.40.0/24 maxlen: 24
116.58.41.0/24 maxlen: 24
116.58.42.0/24 maxlen: 24
116.58.43.0/24 maxlen: 24
116.58.44.0/24 maxlen: 24
116.58.45.0/24 maxlen: 24
116.58.46.0/24 maxlen: 24
116.58.47.0/24 maxlen: 24
116.58.48.0/24 maxlen: 24
116.58.49.0/24 maxlen: 24
116.58.50.0/24 maxlen: 24
116.58.51.0/24 maxlen: 24
116.58.52.0/24 maxlen: 24
116.58.53.0/24 maxlen: 24
116.58.54.0/24 maxlen: 24
116.58.55.0/24 maxlen: 24
116.58.56.0/24 maxlen: 24
116.58.57.0/24 maxlen: 24
116.58.58.0/24 maxlen: 24
116.58.59.0/24 maxlen: 24
116.58.60.0/24 maxlen: 24
116.58.61.0/24 maxlen: 24
116.58.62.0/24 maxlen: 24
116.58.63.0/24 maxlen: 24
116.58.64.0/24 maxlen: 24
116.58.65.0/24 maxlen: 24
116.58.66.0/24 maxlen: 24
116.58.67.0/24 maxlen: 24
116.58.68.0/24 maxlen: 24
116.58.69.0/24 maxlen: 24
116.58.70.0/24 maxlen: 24
116.58.71.0/24 maxlen: 24
116.58.72.0/24 maxlen: 24
116.58.73.0/24 maxlen: 24
116.58.74.0/24 maxlen: 24
116.58.75.0/24 maxlen: 24
116.58.76.0/24 maxlen: 24
116.58.77.0/24 maxlen: 24
116.58.78.0/24 maxlen: 24
116.58.79.0/24 maxlen: 24
116.58.80.0/24 maxlen: 24
116.58.81.0/24 maxlen: 24
116.58.82.0/24 maxlen: 24
116.58.83.0/24 maxlen: 24
116.58.84.0/24 maxlen: 24
116.58.85.0/24 maxlen: 24
116.58.86.0/24 maxlen: 24
116.58.87.0/24 maxlen: 24
116.58.88.0/24 maxlen: 24
116.58.89.0/24 maxlen: 24
116.58.90.0/24 maxlen: 24
116.58.91.0/24 maxlen: 24
116.58.92.0/24 maxlen: 24
116.58.93.0/24 maxlen: 24
116.58.94.0/24 maxlen: 24
116.58.95.0/24 maxlen: 24
116.58.96.0/24 maxlen: 24
116.58.97.0/24 maxlen: 24
116.58.98.0/24 maxlen: 24
116.58.99.0/24 maxlen: 24
116.58.100.0/24 maxlen: 24
116.58.101.0/24 maxlen: 24
116.58.102.0/24 maxlen: 24
116.58.103.0/24 maxlen: 24
116.58.104.0/24 maxlen: 24
116.58.105.0/24 maxlen: 24
116.58.106.0/24 maxlen: 24
116.58.107.0/24 maxlen: 24
116.58.108.0/24 maxlen: 24
116.58.109.0/24 maxlen: 24
116.58.110.0/24 maxlen: 24
116.58.111.0/24 maxlen: 24
116.58.112.0/24 maxlen: 24
116.58.113.0/24 maxlen: 24
116.58.114.0/24 maxlen: 24
116.58.115.0/24 maxlen: 24
116.58.116.0/24 maxlen: 24
116.58.117.0/24 maxlen: 24
116.58.118.0/24 maxlen: 24
116.58.119.0/24 maxlen: 24
116.58.120.0/24 maxlen: 24
116.58.121.0/24 maxlen: 24
116.58.122.0/24 maxlen: 24
116.58.123.0/24 maxlen: 24
116.58.124.0/24 maxlen: 24
116.58.125.0/24 maxlen: 24
116.58.126.0/24 maxlen: 24
116.58.127.0/24 maxlen: 24
202.59.64.0/19 maxlen: 23
202.59.64.0/24 maxlen: 24
202.59.65.0/24 maxlen: 24
202.59.66.0/24 maxlen: 24
202.59.67.0/24 maxlen: 24
202.59.68.0/24 maxlen: 24
202.59.69.0/24 maxlen: 24
202.59.70.0/24 maxlen: 24
202.59.71.0/24 maxlen: 24
202.59.72.0/24 maxlen: 24
202.59.73.0/24 maxlen: 24
202.59.74.0/24 maxlen: 24
202.59.75.0/24 maxlen: 24
202.59.76.0/24 maxlen: 24
202.59.77.0/24 maxlen: 24
202.59.78.0/24 maxlen: 24
202.59.79.0/24 maxlen: 24
202.59.80.0/24 maxlen: 24
202.59.81.0/24 maxlen: 24
202.59.82.0/24 maxlen: 24
202.59.83.0/24 maxlen: 24
202.59.84.0/24 maxlen: 24
202.59.85.0/24 maxlen: 24
202.59.86.0/24 maxlen: 24
202.59.87.0/24 maxlen: 24
202.59.88.0/24 maxlen: 24
202.59.89.0/24 maxlen: 24
202.59.90.0/24 maxlen: 24
202.59.91.0/24 maxlen: 24
202.59.92.0/24 maxlen: 24
202.59.93.0/24 maxlen: 24
202.59.94.0/24 maxlen: 24
202.59.95.0/24 maxlen: 24
2400:68a0::/32 maxlen: 40
2400:68a0::/41 maxlen: 48
2400:68a0:80::/41 maxlen: 48
2400:68a0:100::/41 maxlen: 48
2400:68a0:180::/41 maxlen: 48
2400:68a0:200::/41 maxlen: 48
2400:68a0:280::/41 maxlen: 48
2400:68a0:300::/41 maxlen: 48
2400:68a0:380::/41 maxlen: 48
2400:68a0:a000::/41 maxlen: 48
2400:68a0:a580::/41 maxlen: 48
2400:68a0:af80::/41 maxlen: 48
2400:68a0:f000::/41 maxlen: 48
2400:68a0:fa00::/41 maxlen: 48
2400:68a0:ff80::/41 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9165A0B/15586F42C4F811EA8B9B4C13C4F9AE02/capYzfG2vXwm5hp1GKTQrSyfGhQ.crl
rsync://rpki.apnic.net/member_repository/A9165A0B/15586F42C4F811EA8B9B4C13C4F9AE02/capYzfG2vXwm5hp1GKTQrSyfGhQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/capYzfG2vXwm5hp1GKTQrSyfGhQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 19 Mar 2026 20:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2376 (0x948)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9165A0B, serialNumber=71AA58CDF1B6BD7C26E61A7518A4D0AD2C9F1A14
Validity
Not Before: Sep 16 21:00:43 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=69a46a3b-ec71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:92:b5:67:0b:ae:8f:4f:61:03:74:ae:f3:23:
90:c6:08:05:fa:58:fc:30:57:e5:79:8e:16:2c:8f:
26:6f:86:e6:a4:4e:84:9b:b5:49:8d:01:c2:ad:2c:
3e:93:e3:3e:91:a0:f5:19:20:72:a5:f0:37:36:a8:
57:89:44:8f:62:67:ac:72:f6:40:17:4c:3a:2e:29:
76:8c:6c:d7:69:4a:9c:bd:92:59:5b:ad:58:07:9e:
9b:7d:91:cf:80:ce:6b:06:45:d8:49:ef:2e:0b:36:
41:b0:a4:da:4e:18:de:35:0b:e7:82:51:5f:27:05:
30:ac:5d:42:e2:1b:41:e7:91:9a:24:45:70:03:0e:
74:55:43:0d:82:39:e3:c3:ed:ea:1f:05:f2:b6:73:
e1:07:10:83:45:6a:73:d3:55:25:59:45:ee:b0:c0:
98:c8:8c:af:2c:66:22:c1:53:cb:bf:34:36:ef:4a:
de:89:d5:ae:86:37:91:62:ef:d3:4b:21:f9:b7:54:
7e:c8:7d:f9:8d:3c:2f:ef:36:a3:4c:68:a8:4e:20:
fc:7f:21:e8:e5:fe:70:eb:68:8b:9b:f6:5c:0d:69:
29:17:ed:65:f2:ee:28:21:fc:48:3f:63:1e:78:05:
f4:cf:0c:64:d5:40:c2:7d:79:97:01:ae:f6:fb:3c:
ad:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:89:63:27:CE:83:79:BA:C2:50:5C:AE:CC:EB:7E:1C:51:FB:B3:F9
X509v3 Authority Key Identifier:
keyid:71:AA:58:CD:F1:B6:BD:7C:26:E6:1A:75:18:A4:D0:AD:2C:9F:1A:14
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9165A0B/15586F42C4F811EA8B9B4C13C4F9AE02/capYzfG2vXwm5hp1GKTQrSyfGhQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/capYzfG2vXwm5hp1GKTQrSyfGhQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9165A0B/15586F42C4F811EA8B9B4C13C4F9AE02/90606AD670AA11ED8DAE4C5AC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.184.58.0/23
116.58.0.0/17
202.59.64.0/19
IPv6:
2400:68a0::/32
Signature Algorithm: sha256WithRSAEncryption
a4:c4:99:dd:9f:53:c0:54:c4:d0:a6:2b:7c:2e:bb:26:2f:03:
70:f1:6f:b3:ce:45:ff:76:e2:71:68:be:a3:a3:d3:04:19:49:
43:56:c3:5d:27:10:c6:a2:5f:43:bc:8c:80:b4:8e:28:03:0a:
12:59:7a:e1:5f:79:b4:fd:a7:bd:e6:0c:9f:be:9e:66:fd:12:
22:5b:f0:1c:c2:ef:3a:31:60:c2:96:bb:7f:eb:16:99:48:b6:
52:d8:04:15:d0:11:5d:40:aa:db:0b:27:1b:ad:0c:ae:90:82:
bf:c1:23:28:3a:16:e9:02:8d:a3:03:01:59:9e:1e:a5:ef:68:
6e:50:2b:77:bb:6d:5a:25:61:7f:e0:17:10:b4:3a:a9:f2:a7:
ee:29:47:14:4a:76:56:47:bd:c2:31:54:d2:a8:39:2e:66:6f:
29:e9:af:16:fd:08:22:f4:29:8f:ce:9d:1a:cf:41:97:35:0f:
ca:8d:47:da:92:4d:ba:f8:05:e6:04:29:c6:64:88:5c:27:30:
b9:ab:b4:13:06:29:fa:47:37:a8:9f:6b:d8:71:92:1b:f2:04:
fd:48:e6:5c:cc:ee:e7:e7:d7:59:26:cc:5c:66:c9:29:71:1c:
5a:3d:6a:fc:0b:cc:cf:28:38:b4:ba:60:e1:6d:c0:a8:6d:d2:
53:a1:41:36
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgICCUgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjVBMEIxMTAvBgNVBAUTKDcxQUE1OENERjFCNkJEN0MyNkU2MUE3NTE4QTREMEFE
MkM5RjFBMTQwHhcNMjUwOTE2MjEwMDQzWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NmEzYi1lYzcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnJK1Zwuuj09hA3Su8yOQxggF+lj8MFfleY4WLI8mb4bmpE6Em7VJjQHCrSw+
k+M+kaD1GSBypfA3NqhXiUSPYmescvZAF0w6Lil2jGzXaUqcvZJZW61YB56bfZHP
gM5rBkXYSe8uCzZBsKTaThjeNQvnglFfJwUwrF1C4htB55GaJEVwAw50VUMNgjnj
w+3qHwXytnPhBxCDRWpz01UlWUXusMCYyIyvLGYiwVPLvzQ270reidWuhjeRYu/T
SyH5t1R+yH35jTwv7zajTGioTiD8fyHo5f5w62iLm/ZcDWkpF+1l8u4oIfxIP2Me
eAX0zwxk1UDCfXmXAa72+zytbQIDAQABo4ICezCCAncwHQYDVR0OBBYEFFKJYyfO
g3m6wlBcrszrfhxR+7P5MB8GA1UdIwQYMBaAFHGqWM3xtr18JuYadRik0K0snxoU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NUEwQi8xNTU4NkY0MkM0
RjgxMUVBOEI5QjRDMTNDNEY5QUUwMi9jYXBZemZHMnZYd201aHAxR0tUUXJTeWZH
aFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NhcFl6Zkcydlh3bTVocDFHS1RRclN5ZkdoUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjVBMEIvMTU1ODZGNDJDNEY4MTFFQThCOUI0QzEzQzRGOUFFMDIvOTA2MDZBRDY3
MEFBMTFFRDhEQUU0QzVBQzRGOUFFMDIucm9hMDoGCCsGAQUFBwEHAQH/BCswKTAY
BAIAATASAwQBZ7g6AwQHdDoAAwQFyjtAMA0EAgACMAcDBQAkAGigMA0GCSqGSIb3
DQEBCwUAA4IBAQCkxJndn1PAVMTQpit8LrsmLwNw8W+zzkX/duJxaL6jo9MEGUlD
VsNdJxDGol9DvIyAtI4oAwoSWXrhX3m0/ae95gyfvp5m/RIiW/Acwu86MWDClrt/
6xaZSLZS2AQV0BFdQKrbCycbrQyukIK/wSMoOhbpAo2jAwFZnh6l72huUCt3u21a
JWF/4BcQtDqp8qfuKUcUSnZWR73CMVTSqDkuZm8p6a8W/Qgi9CmPzp0az0GXNQ/K
jUfakk26+AXmBCnGZIhcJzC5q7QTBin6Rzeon2vYcZIb8gT9SOZczO7n59dZJsxc
ZskpcRxaPWr8C8zPKDi0umDhbcCobdJToUE2
-----END CERTIFICATE-----
Generated at Fri Mar 13 11:18:04 2026 by rpki-client