Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/6CF60CB6785811E99A6E965AC4F9AE02.roa
File: 6CF60CB6785811E99A6E965AC4F9AE02.roa (raw, json)
Hash identifier: Iffooo2urgVuVKLNedDFJrw42BSTidsnqfvZvnZ5Wr8=
Subject key identifier: 9E:B2:66:6E:15:09:57:25:FA:76:2D:22:6F:F5:C9:BA:4A:93:A1:93
Certificate issuer: /CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Certificate serial: 3A48
Authority key identifier: F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/6CF60CB6785811E99A6E965AC4F9AE02.roa
Signing time: Sun 01 Mar 2026 21:22:02 +0000
ROA not before: Fri 16 Jan 2026 16:13:06 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 135478
IP address blocks: 45.126.80.0/23 maxlen: 23
45.126.82.0/23 maxlen: 23
45.126.82.0/24 maxlen: 24
101.128.64.0/22 maxlen: 22
101.128.64.0/24 maxlen: 24
101.128.65.0/24 maxlen: 24
101.128.67.0/24 maxlen: 24
101.128.68.0/22 maxlen: 22
101.128.68.0/24 maxlen: 24
101.128.72.0/22 maxlen: 22
101.128.72.0/24 maxlen: 24
101.128.76.0/22 maxlen: 22
101.128.76.0/24 maxlen: 24
101.128.80.0/22 maxlen: 22
101.128.80.0/24 maxlen: 24
101.128.84.0/22 maxlen: 22
101.128.84.0/24 maxlen: 24
101.128.88.0/22 maxlen: 22
101.128.88.0/24 maxlen: 24
101.128.92.0/22 maxlen: 22
101.128.92.0/24 maxlen: 24
101.128.96.0/22 maxlen: 22
101.128.96.0/24 maxlen: 24
101.128.100.0/22 maxlen: 22
101.128.100.0/24 maxlen: 24
101.128.104.0/22 maxlen: 22
101.128.104.0/24 maxlen: 24
101.128.112.0/22 maxlen: 22
101.128.112.0/24 maxlen: 24
101.128.116.0/22 maxlen: 22
101.128.116.0/24 maxlen: 24
101.128.120.0/22 maxlen: 22
101.128.120.0/24 maxlen: 24
101.128.124.0/22 maxlen: 22
101.128.124.0/24 maxlen: 24
175.158.36.0/22 maxlen: 22
175.158.36.0/24 maxlen: 24
175.158.40.0/22 maxlen: 22
175.158.40.0/24 maxlen: 24
175.158.44.0/22 maxlen: 22
175.158.44.0/24 maxlen: 24
175.158.48.0/22 maxlen: 22
175.158.48.0/24 maxlen: 24
175.158.52.0/22 maxlen: 22
175.158.52.0/24 maxlen: 24
175.158.56.0/22 maxlen: 22
175.158.56.0/24 maxlen: 24
175.158.60.0/22 maxlen: 22
2405:8180::/32 maxlen: 32
2405:8180::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 19 Mar 2026 15:30:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14920 (0x3a48)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186214, serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Validity
Not Before: Jan 16 16:13:06 2026 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=69a4adfa-dd9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8c:d1:c0:a8:d7:52:6d:78:fe:f7:ce:8d:92:
23:c0:b1:3a:a9:90:c2:7f:62:44:a1:44:4c:db:3c:
58:e7:cf:11:bf:c7:f1:23:95:db:41:7d:35:a4:b0:
97:2d:9f:29:ca:1d:ec:6d:59:3f:28:67:3b:d2:6b:
c6:c4:bd:36:be:f1:98:23:19:f2:c7:fa:c2:6c:4a:
c6:6e:93:c2:c7:0d:fa:21:05:00:29:e8:4e:e4:9f:
0d:f9:74:3d:f8:84:e5:b0:10:41:94:fe:29:22:b5:
c8:70:48:e6:51:be:73:d3:20:9d:11:f0:6a:6f:b9:
a1:27:b4:62:36:4e:7b:b6:f3:3e:4e:a5:1a:ad:8f:
b2:1a:97:d1:01:04:91:0f:ee:96:13:e1:14:c4:46:
ac:c8:ce:86:46:57:26:d1:fd:e0:d9:c0:0c:f0:9d:
9e:d3:7a:bf:eb:b4:de:0c:1b:6e:1f:eb:4d:f2:b6:
40:4a:de:2d:b8:4e:76:6e:b3:f2:c2:ad:3a:22:f9:
1e:fe:50:ab:00:21:8c:e6:b0:a8:22:93:c8:f2:1a:
bc:13:5f:36:fb:bf:e9:c1:1f:4e:21:df:cb:0c:6e:
16:ae:6d:33:18:dd:33:5c:64:1c:8c:b5:d4:b8:cc:
a6:7e:89:96:fb:dd:6e:06:8c:90:af:be:ab:06:19:
c6:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:B2:66:6E:15:09:57:25:FA:76:2D:22:6F:F5:C9:BA:4A:93:A1:93
X509v3 Authority Key Identifier:
keyid:F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/6CF60CB6785811E99A6E965AC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.126.80.0/22
101.128.64.0-101.128.107.255
101.128.112.0/20
175.158.36.0-175.158.63.255
IPv6:
2405:8180::/32
Signature Algorithm: sha256WithRSAEncryption
9b:c0:43:4f:88:ca:40:9e:84:74:20:32:36:25:84:4e:09:dd:
15:63:f7:81:4f:8f:34:6f:f4:9a:40:b9:25:c4:17:0e:1f:79:
f3:f1:86:c8:17:93:25:45:b9:ed:8c:55:57:56:b1:83:87:6f:
4d:02:35:56:fc:e9:b9:c5:df:1b:ed:98:e1:3c:ac:5f:c8:d2:
74:9c:95:40:cd:12:92:f0:e8:ee:4f:02:58:50:de:1f:46:7c:
ec:0f:01:05:70:81:24:13:fa:ef:40:bd:3a:e8:cc:71:ab:03:
b6:f7:6f:7f:8a:ec:21:34:8e:cb:15:0b:6a:e0:83:53:14:19:
99:26:82:d9:f1:ea:81:f8:1d:15:e3:58:da:5f:59:b4:20:f1:
c4:cf:aa:82:ba:98:d1:2b:1a:4f:5b:4f:bd:c3:01:46:19:46:
ca:e0:7f:5b:e1:34:5a:92:c0:ce:f1:b0:0a:1c:38:e4:d6:c1:
b9:9c:16:a9:fe:95:2b:7d:04:4e:71:09:68:61:ff:6d:87:44:
8a:da:48:5d:8f:cb:74:74:6a:7b:d9:ad:2b:1e:40:bc:20:60:
d6:39:33:93:79:03:c9:60:d2:9d:35:c0:72:4b:81:72:d2:a7:
b5:31:20:59:d9:7c:ae:e1:a9:af:ce:f1:cf:d9:20:e8:58:06:
e3:a1:02:72
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgICOkgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODYyMTQxMTAvBgNVBAUTKEYzREI5RjE2MjAwOEJENjY2Q0JGOEM5OTYwNzgxNENG
QUIyNEQ3RTcwHhcNMjYwMTE2MTYxMzA2WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0YWRmYS1kZDljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArYzRwKjXUm14/vfOjZIjwLE6qZDCf2JEoURM2zxY588Rv8fxI5XbQX01pLCX
LZ8pyh3sbVk/KGc70mvGxL02vvGYIxnyx/rCbErGbpPCxw36IQUAKehO5J8N+XQ9
+ITlsBBBlP4pIrXIcEjmUb5z0yCdEfBqb7mhJ7RiNk57tvM+TqUarY+yGpfRAQSR
D+6WE+EUxEasyM6GRlcm0f3g2cAM8J2e03q/67TeDBtuH+tN8rZASt4tuE52brPy
wq06Ivke/lCrACGM5rCoIpPI8hq8E182+7/pwR9OId/LDG4Wrm0zGN0zXGQcjLXU
uMymfomW+91uBoyQr76rBhnGmQIDAQABo4ICkTCCAo0wHQYDVR0OBBYEFJ6yZm4V
CVcl+nYtIm/1ybpKk6GTMB8GA1UdIwQYMBaAFPPbnxYgCL1mbL+MmWB4FM+rJNfn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjIxNC9DNjVENTM2NDMz
MUExMUU0QUYyQUIzN0NDNEY5QUUwMi84OXVmRmlBSXZXWnN2NHlaWUhnVXo2c2sx
LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg5dWZGaUFJdldac3Y0eVpZSGdVejZzazEtYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODYyMTQvQzY1RDUzNjQzMzFBMTFFNEFGMkFCMzdDQzRGOUFFMDIvNkNGNjBDQjY3
ODU4MTFFOTlBNkU5NjVBQzRGOUFFMDIucm9hMFAGCCsGAQUFBwEHAQH/BEEwPzAu
BAIAATAoAwQCLX5QMAwDBAZlgEADBAJlgGgDBARlgHAwDAMEAq+eJAMEBq+eADAN
BAIAAjAHAwUAJAWBgDANBgkqhkiG9w0BAQsFAAOCAQEAm8BDT4jKQJ6EdCAyNiWE
TgndFWP3gU+PNG/0mkC5JcQXDh958/GGyBeTJUW57YxVV1axg4dvTQI1VvzpucXf
G+2Y4TysX8jSdJyVQM0SkvDo7k8CWFDeH0Z87A8BBXCBJBP670C9OujMcasDtvdv
f4rsITSOyxULauCDUxQZmSaC2fHqgfgdFeNY2l9ZtCDxxM+qgrqY0SsaT1tPvcMB
RhlGyuB/W+E0WpLAzvGwChw45NbBuZwWqf6VK30ETnEJaGH/bYdEitpIXY/LdHRq
e9mtKx5AvCBg1jkzk3kDyWDSnTXAckuBctKntTEgWdl8ruGpr87xz9kg6FgG46EC
cg==
-----END CERTIFICATE-----
Generated at Fri Mar 13 06:47:46 2026 by rpki-client