Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/B3E738FAB0F811EA895AE231C4F9AE02.roa
File: B3E738FAB0F811EA895AE231C4F9AE02.roa (raw, json)
Hash identifier: 13Cs6llbmHpC85Gbd7YS//QxM6ULLm2BvcaEMsw7bf0=
Subject key identifier: C7:8E:4E:0E:80:3A:D0:3F:3A:D4:F0:BF:F4:3D:43:A1:02:ED:C6:47
Certificate issuer: /CN=A917576D/serialNumber=B1E84FACFACBC0B7838561EF21E28F2FACF5DFEC
Certificate serial: 0B16
Authority key identifier: B1:E8:4F:AC:FA:CB:C0:B7:83:85:61:EF:21:E2:8F:2F:AC:F5:DF:EC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sehPrPrLwLeDhWHvIeKPL6z13-w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/B3E738FAB0F811EA895AE231C4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:57:17 +0000
ROA not before: Thu 20 Nov 2025 19:10:15 +0000
ROA not after: Sun 31 Jan 2027 00:00:00 +0000
asID: 23764
IP address blocks: 61.29.244.0/22 maxlen: 24
61.29.254.0/23 maxlen: 24
146.196.78.0/23 maxlen: 24
183.91.48.0/21 maxlen: 21
183.91.48.0/24 maxlen: 24
183.91.49.0/24 maxlen: 24
183.91.50.0/24 maxlen: 24
183.91.51.0/24 maxlen: 24
183.91.52.0/24 maxlen: 24
183.91.53.0/24 maxlen: 24
183.91.54.0/24 maxlen: 24
183.91.55.0/24 maxlen: 24
183.91.58.0/24 maxlen: 24
183.91.60.0/24 maxlen: 24
183.91.61.0/24 maxlen: 24
183.91.62.0/24 maxlen: 24
183.91.63.0/24 maxlen: 24
202.55.0.0/19 maxlen: 19
202.55.0.0/24 maxlen: 24
202.55.1.0/24 maxlen: 24
202.55.2.0/24 maxlen: 24
202.55.3.0/24 maxlen: 24
202.55.4.0/24 maxlen: 24
202.55.5.0/24 maxlen: 24
202.55.6.0/24 maxlen: 24
202.55.7.0/24 maxlen: 24
202.55.8.0/21 maxlen: 21
202.55.8.0/24 maxlen: 24
202.55.9.0/24 maxlen: 24
202.55.10.0/24 maxlen: 24
202.55.11.0/24 maxlen: 24
202.55.12.0/24 maxlen: 24
202.55.13.0/24 maxlen: 24
202.55.14.0/24 maxlen: 24
202.55.15.0/24 maxlen: 24
202.55.16.0/24 maxlen: 24
202.55.17.0/24 maxlen: 24
202.55.18.0/24 maxlen: 24
202.55.19.0/24 maxlen: 24
202.55.20.0/24 maxlen: 24
202.55.21.0/24 maxlen: 24
202.55.22.0/24 maxlen: 24
202.55.23.0/24 maxlen: 24
202.55.24.0/24 maxlen: 24
202.55.25.0/24 maxlen: 24
202.55.26.0/24 maxlen: 24
202.55.27.0/24 maxlen: 24
202.55.28.0/24 maxlen: 24
202.55.29.0/24 maxlen: 24
202.55.30.0/24 maxlen: 24
202.55.31.0/24 maxlen: 24
203.20.51.0/24 maxlen: 24
2400:9380:9000::/40 maxlen: 48
2400:9380:9100::/40 maxlen: 48
2400:9380:9200::/40 maxlen: 48
2400:9380:9300::/40 maxlen: 48
2400:9380:a000::/40 maxlen: 48
2400:9380:a100::/40 maxlen: 48
2400:9380:a200::/40 maxlen: 48
2400:9380:a300::/40 maxlen: 48
2400:9380:aa00::/40 maxlen: 48
2400:9380:f000::/40 maxlen: 48
2400:9380:f100::/40 maxlen: 48
2400:9380:f200::/40 maxlen: 48
2400:9380:f300::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/sehPrPrLwLeDhWHvIeKPL6z13-w.crl
rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/sehPrPrLwLeDhWHvIeKPL6z13-w.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sehPrPrLwLeDhWHvIeKPL6z13-w.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 19:32:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2838 (0xb16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917576D, serialNumber=B1E84FACFACBC0B7838561EF21E28F2FACF5DFEC
Validity
Not Before: Nov 20 19:10:15 2025 GMT
Not After : Jan 31 00:00:00 2027 GMT
Subject: CN=69a47dfd-1924
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:0d:2b:8a:d5:58:31:5c:a9:59:33:ee:9d:ac:
25:f8:25:ae:ec:bc:bb:48:9c:a2:68:81:dd:03:17:
17:30:7f:9d:f4:e6:8c:fb:2b:8d:5c:31:c3:5d:c8:
5d:bf:58:e0:ae:1c:7e:4f:ef:f3:fe:c2:69:75:be:
e1:f4:27:18:6b:4d:0a:c4:fb:83:08:ce:2f:05:65:
a1:e2:14:b0:ee:ae:7b:dc:b1:c1:d8:f4:2f:68:10:
40:42:ec:ae:56:2d:2c:43:c0:bf:2c:70:0f:79:f9:
8d:67:dc:3b:ff:c5:bf:d6:2b:29:2f:1f:fd:3e:07:
b3:23:ad:58:e4:db:79:b7:a5:1d:1e:10:e3:79:2d:
cb:f1:80:73:24:e7:96:90:4a:57:1c:af:df:9a:0f:
a0:77:32:c2:04:c8:2b:53:1d:ef:c6:5f:23:3d:54:
f6:2c:af:bf:62:9d:92:db:a5:cb:65:96:7b:99:20:
02:cd:22:77:a8:ce:25:96:79:16:3a:21:ab:7b:a6:
0b:1a:ac:42:da:76:f2:09:96:20:b6:d8:f3:63:7e:
4d:3e:a1:e1:84:4c:16:64:ec:ef:86:2b:2b:24:c5:
8d:7f:60:3c:ca:b1:a2:39:6d:e1:ec:4d:66:65:95:
a0:8a:80:dc:6c:67:9d:27:3e:1e:77:8d:71:be:dc:
a1:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:8E:4E:0E:80:3A:D0:3F:3A:D4:F0:BF:F4:3D:43:A1:02:ED:C6:47
X509v3 Authority Key Identifier:
keyid:B1:E8:4F:AC:FA:CB:C0:B7:83:85:61:EF:21:E2:8F:2F:AC:F5:DF:EC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/sehPrPrLwLeDhWHvIeKPL6z13-w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sehPrPrLwLeDhWHvIeKPL6z13-w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/B3E738FAB0F811EA895AE231C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
61.29.244.0/22
61.29.254.0/23
146.196.78.0/23
183.91.48.0/21
183.91.58.0/24
183.91.60.0/22
202.55.0.0/19
203.20.51.0/24
IPv6:
2400:9380:9000::/38
2400:9380:a000::/38
2400:9380:aa00::/40
2400:9380:f000::/38
Signature Algorithm: sha256WithRSAEncryption
97:6a:3c:c5:df:dc:2c:a1:f9:a5:83:9f:e3:82:dc:95:5d:54:
9a:5d:c0:07:2d:d7:63:22:87:e8:5a:f4:b5:ae:67:93:02:c1:
d2:a4:df:5f:6a:81:c0:5f:62:fb:7e:e5:c4:35:e4:e2:3e:df:
f7:f8:79:e0:ae:8e:f0:83:fd:4d:47:2f:5f:7e:10:fc:a9:82:
79:f8:06:d7:8b:3a:bd:a4:37:96:f4:05:7f:2a:16:3e:01:b1:
d1:89:56:b9:ea:a7:35:b5:8d:c8:7c:fc:aa:d4:d0:dc:b2:6a:
f7:2c:c1:48:14:2d:2f:d0:5c:d2:43:31:f3:f8:a7:34:2d:f0:
c6:aa:77:50:a9:d9:b5:b3:ba:e1:97:4c:c3:86:eb:3e:1b:75:
f0:62:0f:98:f7:3b:05:e4:9f:4b:5d:6b:c0:20:3a:9f:15:62:
30:90:f2:dd:55:0b:38:ea:5f:48:34:59:c5:1e:e2:e1:a0:ab:
4d:b5:e3:3e:37:da:95:ae:41:4f:f2:b9:77:6f:b4:7d:8f:5f:
a0:8f:95:ee:45:36:b6:36:09:ac:58:a2:6d:86:83:80:7b:ae:
80:0c:3a:de:16:5f:f0:3c:43:6b:b2:f5:17:fb:b5:d3:94:4b:
76:b7:26:ea:98:85:ff:06:32:72:da:2f:ec:7d:6d:d5:4c:6c:
bf:05:a0:6a
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgICCxYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzU3NkQxMTAvBgNVBAUTKEIxRTg0RkFDRkFDQkMwQjc4Mzg1NjFFRjIxRTI4RjJG
QUNGNURGRUMwHhcNMjUxMTIwMTkxMDE1WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0N2RmZC0xOTI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAng0ritVYMVypWTPunawl+CWu7Ly7SJyiaIHdAxcXMH+d9OaM+yuNXDHDXchd
v1jgrhx+T+/z/sJpdb7h9CcYa00KxPuDCM4vBWWh4hSw7q573LHB2PQvaBBAQuyu
Vi0sQ8C/LHAPefmNZ9w7/8W/1ispLx/9PgezI61Y5Nt5t6UdHhDjeS3L8YBzJOeW
kEpXHK/fmg+gdzLCBMgrUx3vxl8jPVT2LK+/Yp2S26XLZZZ7mSACzSJ3qM4llnkW
OiGre6YLGqxC2nbyCZYgttjzY35NPqHhhEwWZOzvhisrJMWNf2A8yrGiOW3h7E1m
ZZWgioDcbGedJz4ed41xvtyh6wIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFMeOTg6A
OtA/OtTwv/Q9Q6EC7cZHMB8GA1UdIwQYMBaAFLHoT6z6y8C3g4Vh7yHijy+s9d/s
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTc2RC8zNjg3MkE1RTgy
Q0QxMUVBODk1QzdCNUNDNEY5QUUwMi9zZWhQclByTHdMZURoV0h2SWVLUEw2ejEz
LXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NlaFByUHJMd0xlRGhXSHZJZUtQTDZ6MTMtdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzU3NkQvMzY4NzJBNUU4MkNEMTFFQTg5NUM3QjVDQzRGOUFFMDIvQjNFNzM4RkFC
MEY4MTFFQTg5NUFFMjMxQzRGOUFFMDIucm9hMHEGCCsGAQUFBwEHAQH/BGIwYDA2
BAIAATAwAwQCPR30AwQBPR3+AwQBksROAwQDt1swAwQAt1s6AwQCt1s8AwQFyjcA
AwQAyxQzMCYEAgACMCADBgIkAJOAkAMGAiQAk4CgAwYAJACTgKoDBgIkAJOA8DAN
BgkqhkiG9w0BAQsFAAOCAQEAl2o8xd/cLKH5pYOf44LclV1Uml3ABy3XYyKH6Fr0
ta5nkwLB0qTfX2qBwF9i+37lxDXk4j7f9/h54K6O8IP9TUcvX34Q/KmCefgG14s6
vaQ3lvQFfyoWPgGx0YlWueqnNbWNyHz8qtTQ3LJq9yzBSBQtL9Bc0kMx8/inNC3w
xqp3UKnZtbO64ZdMw4brPht18GIPmPc7BeSfS11rwCA6nxViMJDy3VULOOpfSDRZ
xR7i4aCrTbXjPjfala5BT/K5d2+0fY9foI+V7kU2tjYJrFiibYaDgHuugAw63hZf
8DxDa7L1F/u105RLdrcm6piF/wYyctov7H1t1UxsvwWgag==
-----END CERTIFICATE-----
Generated at Wed Mar 4 13:15:57 2026 by rpki-client