Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/87F433B2234C11EBA94AE637C4F9AE02.roa
File: 87F433B2234C11EBA94AE637C4F9AE02.roa (raw, json)
Hash identifier: FZUA9ujh5y+qedLhZYHjBMCqwCiia7dWK5HBk6r/R3A=
Subject key identifier: D1:7D:9A:FF:66:14:1B:2F:96:82:FB:7C:CF:79:81:09:93:9A:5C:8C
Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Certificate serial: 1E23
Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/87F433B2234C11EBA94AE637C4F9AE02.roa
Signing time: Tue 09 Jun 2026 09:24:12 +0000
ROA not before: Tue 09 Jun 2026 09:24:12 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 141031
IP address blocks: 111.88.0.0/24 maxlen: 24
111.88.1.0/24 maxlen: 24
113.203.192.0/24 maxlen: 24
113.203.194.0/24 maxlen: 24
113.203.196.0/24 maxlen: 24
113.203.197.0/24 maxlen: 24
113.203.198.0/24 maxlen: 24
113.203.199.0/24 maxlen: 24
118.103.224.0/24 maxlen: 24
118.103.225.0/24 maxlen: 24
2406:d00:ee00::/48 maxlen: 48
2406:d00:ee01::/48 maxlen: 48
2406:d00:ee02::/48 maxlen: 48
2406:d00:ee03::/48 maxlen: 48
2406:d00:ee04::/48 maxlen: 48
2406:d00:ee05::/48 maxlen: 48
2406:d00:ee06::/48 maxlen: 48
2406:d00:ee0a::/48 maxlen: 48
2406:d00:ee0b::/48 maxlen: 48
2406:d00:ee0c::/48 maxlen: 48
2406:d00:ee0d::/48 maxlen: 48
2406:d00:ee0e::/48 maxlen: 48
2406:d00:ee0f::/48 maxlen: 48
2406:d00:ee55::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 19 Jun 2026 14:52:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7715 (0x1e23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917A84A, serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Validity
Not Before: Jun 9 09:24:12 2026 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=6a27dbbc-3496
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:19:83:f4:0c:67:98:05:8d:ba:ac:03:d8:6e:
cf:70:58:62:36:a3:96:39:e7:23:09:bc:43:44:53:
f9:17:da:1f:a7:f2:a0:e4:2b:c7:24:7c:6e:63:42:
7f:0e:95:6d:12:aa:1a:5a:09:1d:6b:64:df:0f:0e:
4c:0b:b9:92:e3:d1:29:1c:6e:83:1b:7c:ef:80:91:
d2:c1:7d:7b:48:9b:c7:99:69:1a:1e:49:eb:41:a0:
e1:06:01:19:92:b6:87:e5:cc:ff:18:da:f4:13:f2:
e9:0c:25:f8:de:a7:0a:f2:55:25:32:8e:33:89:5f:
d0:f6:8f:aa:27:ef:0c:9a:26:0c:93:8f:61:f9:0a:
cd:ea:4e:cd:68:5a:e6:69:f2:3e:8c:6a:dc:b6:b4:
26:86:af:a0:d7:7a:b1:03:1e:8e:99:00:fd:1b:0e:
f3:53:a4:4f:a2:ca:6a:d3:55:c4:30:49:6f:b6:86:
6b:02:c9:05:19:7a:52:ef:7d:0a:7f:03:3e:50:8e:
bd:00:7b:d0:16:95:8c:8d:eb:08:de:95:ee:bd:a5:
e1:ba:7d:33:03:b7:0b:d5:86:d6:ae:dd:82:5f:35:
bc:c2:6c:96:52:af:f0:a2:0e:02:19:49:0e:ba:92:
f8:10:cd:b0:db:e3:ff:84:d4:7c:96:96:b3:b3:82:
6b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:7D:9A:FF:66:14:1B:2F:96:82:FB:7C:CF:79:81:09:93:9A:5C:8C
X509v3 Authority Key Identifier:
keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/87F433B2234C11EBA94AE637C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
111.88.0.0/23
113.203.192.0/24
113.203.194.0/24
113.203.196.0/22
118.103.224.0/23
IPv6:
2406:d00:ee00::-2406:d00:ee06:ffff:ffff:ffff:ffff:ffff
2406:d00:ee0a::-2406:d00:ee0f:ffff:ffff:ffff:ffff:ffff
2406:d00:ee55::/48
Signature Algorithm: sha256WithRSAEncryption
76:02:ac:47:10:50:d7:0c:84:3a:89:05:20:df:23:75:ac:66:
f1:4e:14:d3:87:2c:85:7b:80:7d:26:6f:20:52:c2:68:c1:56:
7b:bd:ce:0d:5f:01:5c:ed:5d:8c:c8:bb:f5:fd:f6:53:7c:63:
1b:cc:d5:b3:c9:d5:ec:35:25:12:5f:2f:55:36:af:2b:80:74:
04:2a:0c:79:28:e0:0a:34:d4:48:72:41:7f:3b:76:ab:cb:49:
c1:7f:82:e3:45:20:3a:cb:80:86:00:fb:da:8a:b8:d6:c4:0f:
a4:06:8c:05:86:59:f8:3b:0c:20:17:14:85:e8:f3:47:96:cb:
c4:1c:40:c1:fd:7c:9d:7e:f4:dc:ac:98:0c:8a:b6:28:6e:72:
3a:ea:0f:1e:83:57:e0:2a:27:8b:66:93:3d:7b:8b:8b:34:7d:
7d:35:81:b3:b6:0f:30:5b:09:d2:90:1d:4c:57:37:0b:69:a7:
5f:e7:f3:ef:0f:b5:90:37:39:0b:77:6e:15:44:83:bc:11:14:
02:07:87:51:6b:7c:ee:cc:e7:3e:4d:a5:1c:2d:79:f9:11:2a:
d0:2c:bc:ee:f1:cc:4b:71:d4:39:0c:a7:7a:47:71:9c:27:66:
4e:9c:28:7b:10:3c:92:a5:7f:e3:cb:ec:db:f8:60:46:32:11:
d0:b2:b8:e4
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICHiMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB
ODEzOTYwM0EwHhcNMjYwNjA5MDkyNDEyWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTI3ZGJiYy0zNDk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAjxmD9AxnmAWNuqwD2G7PcFhiNqOWOecjCbxDRFP5F9ofp/Kg5CvHJHxuY0J/
DpVtEqoaWgkda2TfDw5MC7mS49EpHG6DG3zvgJHSwX17SJvHmWkaHknrQaDhBgEZ
kraH5cz/GNr0E/LpDCX43qcK8lUlMo4ziV/Q9o+qJ+8MmiYMk49h+QrN6k7NaFrm
afI+jGrctrQmhq+g13qxAx6OmQD9Gw7zU6RPospq01XEMElvtoZrAskFGXpS730K
fwM+UI69AHvQFpWMjesI3pXuvaXhun0zA7cL1YbWrt2CXzW8wmyWUq/wog4CGUkO
upL4EM2w2+P/hNR8lpazs4JrbQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFNF9mv9m
FBsvloL7fM95gQmTmlyMMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx
RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ
RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0E4NEEvMTgwNTE5MUFFMUVGMTFFNjlEMzY1MDFCQzRGOUFFMDIvODdGNDMzQjIy
MzRDMTFFQkE5NEFFNjM3QzRGOUFFMDIucm9hMG8GCCsGAQUFBwEHAQH/BGAwXjAk
BAIAATAeAwQBb1gAAwQAccvAAwQAccvCAwQCccvEAwQBdmfgMDYEAgACMDAwEQMG
ASQGDQDuAwcAJAYNAO4GMBIDBwEkBg0A7goDBwQkBg0A7gADBwAkBg0A7lUwDQYJ
KoZIhvcNAQELBQADggEBAHYCrEcQUNcMhDqJBSDfI3WsZvFOFNOHLIV7gH0mbyBS
wmjBVnu9zg1fAVztXYzIu/X99lN8YxvM1bPJ1ew1JRJfL1U2ryuAdAQqDHko4Ao0
1EhyQX87dqvLScF/guNFIDrLgIYA+9qKuNbED6QGjAWGWfg7DCAXFIXo80eWy8Qc
QMH9fJ1+9NysmAyKtihucjrqDx6DV+AqJ4tmkz17i4s0fX01gbO2DzBbCdKQHUxX
Nwtpp1/n8+8PtZA3OQt3bhVEg7wRFAIHh1FrfO7M5z5NpRwtefkRKtAsvO7xzEtx
1DkMp3pHcZwnZk6cKHsQPJKlf+PL7Nv4YEYyEdCyuOQ=
-----END CERTIFICATE-----
Generated at Fri Jun 12 18:35:10 2026 by rpki-client