Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91847C2/B92BFAD405EB11EF956BD643C4F9AE02/744D8A1005EE11EF851FA42FC4F9AE02.roa
File: 744D8A1005EE11EF851FA42FC4F9AE02.roa (raw, json)
Hash identifier: SI7mhqO9YrvFB2/bZ7mj3acc/KGSgDSJ8dlCBs4REbA=
Subject key identifier: FF:2D:97:11:CE:72:A0:38:6D:A4:BC:03:5C:46:05:AC:40:75:4F:1C
Certificate issuer: /CN=A91847C2/serialNumber=3885F9D2FD0860283B55381F1C4F4A5A3A1EEF3F
Certificate serial: 0162
Authority key identifier: 38:85:F9:D2:FD:08:60:28:3B:55:38:1F:1C:4F:4A:5A:3A:1E:EF:3F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OIX50v0IYCg7VTgfHE9KWjoe7z8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91847C2/B92BFAD405EB11EF956BD643C4F9AE02/744D8A1005EE11EF851FA42FC4F9AE02.roa
Signing time: Mon 02 Mar 2026 13:19:07 +0000
ROA not before: Sat 15 Nov 2025 02:50:17 +0000
ROA not after: Sun 31 Jan 2027 00:00:00 +0000
asID: 7131
IP address blocks: 45.117.196.0/22 maxlen: 22
45.117.196.0/24 maxlen: 24
45.117.197.0/24 maxlen: 24
45.117.198.0/24 maxlen: 24
45.117.199.0/24 maxlen: 24
103.1.96.0/22 maxlen: 22
103.1.96.0/24 maxlen: 24
103.1.97.0/24 maxlen: 24
103.1.98.0/24 maxlen: 24
103.1.99.0/24 maxlen: 24
103.57.232.0/22 maxlen: 22
103.57.232.0/24 maxlen: 24
103.57.233.0/24 maxlen: 24
103.57.234.0/24 maxlen: 24
103.57.235.0/24 maxlen: 24
202.88.64.0/20 maxlen: 20
202.88.64.0/24 maxlen: 24
202.88.65.0/24 maxlen: 24
202.88.66.0/24 maxlen: 24
202.88.67.0/24 maxlen: 24
202.88.68.0/24 maxlen: 24
202.88.69.0/24 maxlen: 24
202.88.70.0/24 maxlen: 24
202.88.71.0/24 maxlen: 24
202.88.72.0/24 maxlen: 24
202.88.73.0/24 maxlen: 24
202.88.74.0/24 maxlen: 24
202.88.75.0/24 maxlen: 24
202.88.76.0/24 maxlen: 24
202.88.77.0/24 maxlen: 24
202.88.78.0/24 maxlen: 24
202.88.79.0/24 maxlen: 24
202.88.80.0/20 maxlen: 20
202.88.80.0/24 maxlen: 24
202.88.81.0/24 maxlen: 24
202.88.82.0/24 maxlen: 24
202.88.83.0/24 maxlen: 24
202.88.84.0/24 maxlen: 24
202.88.85.0/24 maxlen: 24
202.88.86.0/24 maxlen: 24
202.88.87.0/24 maxlen: 24
202.88.88.0/24 maxlen: 24
202.88.89.0/24 maxlen: 24
202.88.90.0/24 maxlen: 24
202.88.91.0/24 maxlen: 24
202.88.92.0/24 maxlen: 24
202.88.93.0/24 maxlen: 24
202.88.94.0/24 maxlen: 24
202.88.95.0/24 maxlen: 24
210.23.80.0/20 maxlen: 20
210.23.80.0/24 maxlen: 24
210.23.81.0/24 maxlen: 24
210.23.82.0/24 maxlen: 24
210.23.83.0/24 maxlen: 24
210.23.84.0/24 maxlen: 24
210.23.85.0/24 maxlen: 24
210.23.86.0/24 maxlen: 24
210.23.87.0/24 maxlen: 24
210.23.88.0/24 maxlen: 24
210.23.89.0/24 maxlen: 24
210.23.90.0/24 maxlen: 24
210.23.91.0/24 maxlen: 24
210.23.92.0/24 maxlen: 24
210.23.93.0/24 maxlen: 24
210.23.94.0/24 maxlen: 24
210.23.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91847C2/B92BFAD405EB11EF956BD643C4F9AE02/OIX50v0IYCg7VTgfHE9KWjoe7z8.crl
rsync://rpki.apnic.net/member_repository/A91847C2/B92BFAD405EB11EF956BD643C4F9AE02/OIX50v0IYCg7VTgfHE9KWjoe7z8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OIX50v0IYCg7VTgfHE9KWjoe7z8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 30 Mar 2026 04:05:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 354 (0x162)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91847C2, serialNumber=3885F9D2FD0860283B55381F1C4F4A5A3A1EEF3F
Validity
Not Before: Nov 15 02:50:17 2025 GMT
Not After : Jan 31 00:00:00 2027 GMT
Subject: CN=69a58e4b-3017
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:9b:62:87:47:0a:ce:28:0a:7f:a6:07:b5:6b:
1b:e9:c2:3d:99:fb:e0:e0:04:06:eb:a8:f8:1b:eb:
0f:1d:d7:4d:21:20:09:45:11:19:fb:1f:af:36:03:
9e:4d:27:a3:f9:e2:4e:04:8d:d9:1c:4a:19:6e:b1:
b7:ec:f8:f7:a4:09:75:f5:6f:e4:aa:8e:b9:2e:16:
f9:ee:ba:97:1c:75:0e:28:fc:c4:aa:d2:a6:e1:21:
c4:84:22:53:6f:61:84:c7:b4:69:49:e5:35:10:ec:
d1:39:1b:f1:ed:95:8f:1b:7f:7d:26:04:96:a4:a8:
eb:85:46:21:32:4d:49:f9:dc:98:80:2d:c1:06:d7:
b4:09:35:13:a2:f3:c1:c7:e9:c2:eb:6f:80:63:78:
80:51:42:ff:37:d5:67:ae:dc:71:51:42:29:a3:92:
88:70:34:a8:5f:90:7e:81:ee:45:d1:cb:4a:41:c2:
82:4d:34:ce:40:e4:c9:82:6c:7f:44:53:48:5b:7a:
57:75:1f:e5:82:e0:f3:cc:be:50:36:85:d8:c8:0a:
63:24:b3:be:30:04:cc:03:46:57:9f:c3:b6:03:94:
57:bd:8f:bf:de:62:0a:ad:41:e5:b7:56:de:1f:74:
43:5c:89:0c:b1:23:52:77:d9:54:5c:33:c9:d5:8f:
b7:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:2D:97:11:CE:72:A0:38:6D:A4:BC:03:5C:46:05:AC:40:75:4F:1C
X509v3 Authority Key Identifier:
keyid:38:85:F9:D2:FD:08:60:28:3B:55:38:1F:1C:4F:4A:5A:3A:1E:EF:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91847C2/B92BFAD405EB11EF956BD643C4F9AE02/OIX50v0IYCg7VTgfHE9KWjoe7z8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OIX50v0IYCg7VTgfHE9KWjoe7z8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91847C2/B92BFAD405EB11EF956BD643C4F9AE02/744D8A1005EE11EF851FA42FC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.117.196.0/22
103.1.96.0/22
103.57.232.0/22
202.88.64.0/19
210.23.80.0/20
Signature Algorithm: sha256WithRSAEncryption
3f:a1:ac:88:b8:14:dc:b7:c9:33:ae:4c:15:4f:63:c5:fa:76:
51:13:02:a5:bf:41:4e:ff:e1:09:e3:fd:45:a9:ce:a3:93:13:
61:a7:45:c6:26:9f:4c:d7:b7:80:75:a9:2e:6b:43:69:84:57:
e9:86:c5:ce:e1:a7:8a:1c:fb:05:f3:5a:0e:e0:f4:7e:8f:88:
54:0a:5d:77:0d:ba:50:0d:1e:6d:6a:15:10:7c:86:e9:b7:8c:
d4:cd:70:b0:8e:b5:d1:d9:e6:52:e3:9a:dd:f3:a7:34:1c:bf:
9c:29:b9:59:41:e1:c6:a8:ae:10:24:5a:85:7a:65:d6:35:92:
1c:f7:44:a9:0e:5d:f0:35:dd:66:79:6b:98:a2:f6:a4:8c:f6:
d0:c6:78:9a:d1:19:ce:34:f7:92:19:92:ba:05:46:f3:4b:0f:
1a:5c:5c:f2:d6:ee:5c:e5:25:9e:58:b2:35:e7:b1:e9:75:dc:
13:cd:37:77:07:90:96:9b:3b:bc:58:85:40:24:02:cb:66:8d:
0c:75:43:47:8d:96:f6:1c:be:b7:cd:f8:f9:36:08:df:de:a6:
2d:9a:75:c4:63:b7:3e:a2:65:35:9c:89:00:ca:c4:01:8f:60:
7a:8b:0a:2c:2a:02:4b:1a:33:74:d8:e4:ec:bb:aa:3b:3b:09:
12:38:bf:38
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgICAWIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODQ3QzIxMTAvBgNVBAUTKDM4ODVGOUQyRkQwODYwMjgzQjU1MzgxRjFDNEY0QTVB
M0ExRUVGM0YwHhcNMjUxMTE1MDI1MDE3WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE1OGU0Yi0zMDE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn5tih0cKzigKf6YHtWsb6cI9mfvg4AQG66j4G+sPHddNISAJRREZ+x+vNgOe
TSej+eJOBI3ZHEoZbrG37Pj3pAl19W/kqo65Lhb57rqXHHUOKPzEqtKm4SHEhCJT
b2GEx7RpSeU1EOzRORvx7ZWPG399JgSWpKjrhUYhMk1J+dyYgC3BBte0CTUTovPB
x+nC62+AY3iAUUL/N9VnrtxxUUIpo5KIcDSoX5B+ge5F0ctKQcKCTTTOQOTJgmx/
RFNIW3pXdR/lguDzzL5QNoXYyApjJLO+MATMA0ZXn8O2A5RXvY+/3mIKrUHlt1be
H3RDXIkMsSNSd9lUXDPJ1Y+30wIDAQABo4ICeDCCAnQwHQYDVR0OBBYEFP8tlxHO
cqA4baS8A1xGBaxAdU8cMB8GA1UdIwQYMBaAFDiF+dL9CGAoO1U4HxxPSlo6Hu8/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDdDMi9COTJCRkFENDA1
RUIxMUVGOTU2QkQ2NDNDNEY5QUUwMi9PSVg1MHYwSVlDZzdWVGdmSEU5S1dqb2U3
ejguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09JWDUwdjBJWUNnN1ZUZ2ZIRTlLV2pvZTd6OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODQ3QzIvQjkyQkZBRDQwNUVCMTFFRjk1NkJENjQzQzRGOUFFMDIvNzQ0RDhBMTAw
NUVFMTFFRjg1MUZBNDJGQzRGOUFFMDIucm9hMDcGCCsGAQUFBwEHAQH/BCgwJjAk
BAIAATAeAwQCLXXEAwQCZwFgAwQCZznoAwQFylhAAwQE0hdQMA0GCSqGSIb3DQEB
CwUAA4IBAQA/oayIuBTct8kzrkwVT2PF+nZREwKlv0FO/+EJ4/1Fqc6jkxNhp0XG
Jp9M17eAdakua0NphFfphsXO4aeKHPsF81oO4PR+j4hUCl13DbpQDR5tahUQfIbp
t4zUzXCwjrXR2eZS45rd86c0HL+cKblZQeHGqK4QJFqFemXWNZIc90SpDl3wNd1m
eWuYovakjPbQxnia0RnONPeSGZK6BUbzSw8aXFzy1u5c5SWeWLI157HpddwTzTd3
B5CWmzu8WIVAJALLZo0MdUNHjZb2HL63zfj5Ngjf3qYtmnXEY7c+omU1nIkAysQB
j2B6iwosKgJLGjN02OTsu6o7OwkSOL84
-----END CERTIFICATE-----
Generated at Tue Mar 24 11:24:47 2026 by rpki-client