Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91676D4/E17ECE2EE2E611EBB7596A75C4F9AE02/57FD28280C8311ECB6423427C4F9AE02.roa
File: 57FD28280C8311ECB6423427C4F9AE02.roa (raw, json)
Hash identifier: 6lefPigcpSW8Wi4b/6sq1pzIEJb3RagZMDaEaPM/PV8=
Subject key identifier: 08:65:35:97:8D:CF:E3:7B:83:9D:6C:F8:4E:3E:C3:49:A2:8E:4D:81
Certificate issuer: /CN=A91676D4/serialNumber=835A6C96B20924C7E5D8F12F06DB9DD23E252F5D
Certificate serial: 062D
Authority key identifier: 83:5A:6C:96:B2:09:24:C7:E5:D8:F1:2F:06:DB:9D:D2:3E:25:2F:5D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g1pslrIJJMfl2PEvBtud0j4lL10.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91676D4/E17ECE2EE2E611EBB7596A75C4F9AE02/57FD28280C8311ECB6423427C4F9AE02.roa
Signing time: Sun 01 Mar 2026 14:16:27 +0000
ROA not before: Tue 26 Aug 2025 05:50:45 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 136041
IP address blocks: 101.234.4.0/24 maxlen: 24
101.234.5.0/24 maxlen: 24
101.234.10.0/24 maxlen: 24
101.234.12.0/24 maxlen: 24
101.234.13.0/24 maxlen: 24
101.234.27.0/24 maxlen: 24
101.234.28.0/24 maxlen: 24
101.234.33.0/24 maxlen: 24
101.234.43.0/24 maxlen: 24
119.234.224.0/19 maxlen: 19
119.234.224.0/24 maxlen: 24
119.234.225.0/24 maxlen: 24
119.234.226.0/24 maxlen: 24
119.234.227.0/24 maxlen: 24
119.234.228.0/24 maxlen: 24
119.234.229.0/24 maxlen: 24
119.234.230.0/24 maxlen: 24
119.234.231.0/24 maxlen: 24
119.234.232.0/24 maxlen: 24
119.234.233.0/24 maxlen: 24
119.234.234.0/24 maxlen: 24
119.234.235.0/24 maxlen: 24
119.234.236.0/24 maxlen: 24
119.234.237.0/24 maxlen: 24
183.81.224.0/24 maxlen: 24
183.81.225.0/24 maxlen: 24
183.81.226.0/24 maxlen: 24
183.81.227.0/24 maxlen: 24
183.81.228.0/24 maxlen: 24
183.81.229.0/24 maxlen: 24
183.81.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91676D4/E17ECE2EE2E611EBB7596A75C4F9AE02/g1pslrIJJMfl2PEvBtud0j4lL10.crl
rsync://rpki.apnic.net/member_repository/A91676D4/E17ECE2EE2E611EBB7596A75C4F9AE02/g1pslrIJJMfl2PEvBtud0j4lL10.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g1pslrIJJMfl2PEvBtud0j4lL10.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 22:56:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1581 (0x62d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91676D4, serialNumber=835A6C96B20924C7E5D8F12F06DB9DD23E252F5D
Validity
Not Before: Aug 26 05:50:45 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=69a44a3b-8e11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:9b:b5:98:55:e2:79:dd:80:14:42:8c:61:f8:
7a:a1:c5:30:bf:ac:9e:4a:5c:33:7b:92:fd:10:84:
45:ff:a3:4e:e3:48:1c:33:e3:d5:6b:00:bd:02:f8:
1a:4f:82:17:17:c9:ab:b4:6d:2a:3d:cb:68:5e:ca:
97:0f:f4:96:d4:c3:cd:21:69:ed:96:b6:98:38:ef:
0c:1e:a7:27:c2:6d:e4:19:c1:89:8b:38:d3:63:7b:
eb:5f:6d:d7:a6:11:a6:c2:5d:40:00:e4:e5:87:81:
b3:26:5c:39:06:e0:26:34:9b:fc:f6:a4:83:30:46:
e9:eb:90:d7:16:78:d2:7b:ad:85:b7:bd:63:74:d5:
af:af:38:1f:e2:4d:06:be:a6:1a:b7:5f:ce:8e:9e:
dd:c1:91:c4:d8:26:bb:73:23:d7:60:e2:94:6b:63:
de:fc:86:1c:2b:7d:13:f1:fc:c7:10:d1:3b:b4:76:
91:a9:c5:fb:9b:e3:5b:32:cb:1c:90:6d:e1:23:9b:
2c:f4:11:5c:a2:46:0f:f4:03:65:96:6f:39:34:72:
51:40:80:e2:a1:fc:93:5e:95:be:2a:97:2d:b8:c3:
35:3d:9f:6e:d6:07:2d:39:52:8e:5d:98:c4:3f:90:
10:88:40:76:4b:6a:95:96:c7:50:f1:42:31:31:1c:
ef:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:65:35:97:8D:CF:E3:7B:83:9D:6C:F8:4E:3E:C3:49:A2:8E:4D:81
X509v3 Authority Key Identifier:
keyid:83:5A:6C:96:B2:09:24:C7:E5:D8:F1:2F:06:DB:9D:D2:3E:25:2F:5D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91676D4/E17ECE2EE2E611EBB7596A75C4F9AE02/g1pslrIJJMfl2PEvBtud0j4lL10.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g1pslrIJJMfl2PEvBtud0j4lL10.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91676D4/E17ECE2EE2E611EBB7596A75C4F9AE02/57FD28280C8311ECB6423427C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
101.234.4.0/23
101.234.10.0/24
101.234.12.0/23
101.234.27.0-101.234.28.255
101.234.33.0/24
101.234.43.0/24
119.234.224.0/19
183.81.224.0-183.81.230.255
Signature Algorithm: sha256WithRSAEncryption
61:4f:44:f8:dc:e6:d6:52:41:97:79:19:94:81:a2:7a:26:b1:
42:59:ce:22:e1:70:f5:44:09:e0:ba:58:46:29:81:44:aa:39:
50:9c:37:13:a7:20:f5:a6:7e:fc:79:02:47:4f:34:2d:d1:e3:
cd:be:db:9e:4a:e6:02:42:45:ec:66:d8:2b:a3:a4:a1:2d:11:
e3:e5:a4:41:02:41:b0:8a:8b:44:95:1d:ea:7a:89:4a:a0:9d:
c0:93:e8:48:38:8f:da:ed:e8:3d:e7:53:79:66:0c:c0:0c:b6:
0b:70:06:75:a4:c3:11:41:4e:74:c9:b5:96:40:69:32:14:cb:
c0:fc:2a:51:d0:b9:d3:1e:50:5e:6b:9a:6b:82:b1:ae:f6:6b:
0b:0b:f7:77:c2:87:29:b9:d6:63:ea:5e:71:b9:0b:26:e5:85:
1f:03:dd:96:cb:ff:16:f8:25:5e:47:8d:d2:03:ab:e4:3a:5b:
13:54:d5:9d:71:37:5a:00:47:8d:80:38:f2:67:29:a7:2d:b4:
5f:d0:0b:22:30:8e:26:8e:a8:e0:b2:7b:2c:66:ed:40:39:c6:
19:44:87:e8:af:92:9b:e5:fd:03:99:24:db:6c:ae:dc:6c:4c:
cc:ff:b3:3f:54:10:57:e7:64:67:c1:bc:a8:93:12:90:79:58:
e7:54:5f:9a
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgICBi0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Njc2RDQxMTAvBgNVBAUTKDgzNUE2Qzk2QjIwOTI0QzdFNUQ4RjEyRjA2REI5REQy
M0UyNTJGNUQwHhcNMjUwODI2MDU1MDQ1WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NGEzYi04ZTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnZu1mFXied2AFEKMYfh6ocUwv6yeSlwze5L9EIRF/6NO40gcM+PVawC9Avga
T4IXF8mrtG0qPctoXsqXD/SW1MPNIWntlraYOO8MHqcnwm3kGcGJizjTY3vrX23X
phGmwl1AAOTlh4GzJlw5BuAmNJv89qSDMEbp65DXFnjSe62Ft71jdNWvrzgf4k0G
vqYat1/Ojp7dwZHE2Ca7cyPXYOKUa2Pe/IYcK30T8fzHENE7tHaRqcX7m+NbMssc
kG3hI5ss9BFcokYP9ANllm85NHJRQIDiofyTXpW+KpctuMM1PZ9u1gctOVKOXZjE
P5AQiEB2S2qVlsdQ8UIxMRzvAwIDAQABo4ICmjCCApYwHQYDVR0OBBYEFAhlNZeN
z+N7g51s+E4+w0mijk2BMB8GA1UdIwQYMBaAFINabJayCSTH5djxLwbbndI+JS9d
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NzZENC9FMTdFQ0UyRUUy
RTYxMUVCQjc1OTZBNzVDNEY5QUUwMi9nMXBzbHJJSkpNZmwyUEV2QnR1ZDBqNGxM
MTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2cxcHNscklKSk1mbDJQRXZCdHVkMGo0bEwxMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Njc2RDQvRTE3RUNFMkVFMkU2MTFFQkI3NTk2QTc1QzRGOUFFMDIvNTdGRDI4Mjgw
QzgzMTFFQ0I2NDIzNDI3QzRGOUFFMDIucm9hMFkGCCsGAQUFBwEHAQH/BEowSDBG
BAIAATBAAwQBZeoEAwQAZeoKAwQBZeoMMAwDBABl6hsDBABl6hwDBABl6iEDBABl
6isDBAV36uAwDAMEBbdR4AMEALdR5jANBgkqhkiG9w0BAQsFAAOCAQEAYU9E+Nzm
1lJBl3kZlIGieiaxQlnOIuFw9UQJ4LpYRimBRKo5UJw3E6cg9aZ+/HkCR080LdHj
zb7bnkrmAkJF7GbYK6OkoS0R4+WkQQJBsIqLRJUd6nqJSqCdwJPoSDiP2u3oPedT
eWYMwAy2C3AGdaTDEUFOdMm1lkBpMhTLwPwqUdC50x5QXmuaa4KxrvZrCwv3d8KH
KbnWY+pecbkLJuWFHwPdlsv/FvglXkeN0gOr5DpbE1TVnXE3WgBHjYA48mcppy20
X9ALIjCOJo6o4LJ7LGbtQDnGGUSH6K+Sm+X9A5kk22yu3GxMzP+zP1QQV+dkZ8G8
qJMSkHlY51Rfmg==
-----END CERTIFICATE-----
Generated at Wed Mar 4 18:01:47 2026 by rpki-client