Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/93069024F98111E9BCD2807EC4F9AE02.roa
File: 93069024F98111E9BCD2807EC4F9AE02.roa (raw, json)
Hash identifier: YV+C5QwG8VTHmzbBd2FFNAmmtTc2671avoazQm23LlI=
Subject key identifier: B6:B5:D4:9C:0A:1B:97:58:B3:44:80:31:4C:A7:25:6F:B9:CD:AB:3B
Certificate issuer: /CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Certificate serial: 3A5B
Authority key identifier: F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/93069024F98111E9BCD2807EC4F9AE02.roa
Signing time: Sun 01 Mar 2026 21:22:19 +0000
ROA not before: Fri 16 Jan 2026 16:13:25 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 24203
IP address blocks: 112.215.36.0/24 maxlen: 24
112.215.44.0/24 maxlen: 24
112.215.45.0/24 maxlen: 24
112.215.50.0/24 maxlen: 24
112.215.63.0/24 maxlen: 24
112.215.64.0/24 maxlen: 24
112.215.66.0/24 maxlen: 24
112.215.79.0/24 maxlen: 24
112.215.151.0/24 maxlen: 24
112.215.153.0/24 maxlen: 24
112.215.170.0/24 maxlen: 24
112.215.171.0/24 maxlen: 24
112.215.172.0/24 maxlen: 24
112.215.200.0/24 maxlen: 24
112.215.209.0/24 maxlen: 24
112.215.211.0/24 maxlen: 24
112.215.238.0/24 maxlen: 24
112.215.253.0/24 maxlen: 24
121.52.41.0/24 maxlen: 24
202.152.240.0/24 maxlen: 24
202.152.243.0/24 maxlen: 24
2400:9800:3::/48 maxlen: 48
2400:9800:4::/48 maxlen: 48
2400:9800:5::/48 maxlen: 48
2400:9800:6::/48 maxlen: 48
2400:9800:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 19 Mar 2026 15:30:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14939 (0x3a5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186214, serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Validity
Not Before: Jan 16 16:13:25 2026 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=69a4ae0a-23c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:cc:19:81:5d:00:3e:76:a3:92:96:28:c2:fd:
51:4b:0a:dc:c0:d1:07:22:21:18:99:1d:29:05:82:
ef:3f:ed:76:82:11:09:3a:b8:aa:82:74:93:dc:d6:
1e:bb:5c:d5:02:50:f0:1e:aa:a3:f2:ab:00:ab:8e:
0f:95:e0:96:5b:3d:d5:0d:84:28:0a:3b:00:14:76:
0f:65:5b:7b:ab:27:0d:30:fc:a7:db:c6:38:0e:2c:
06:9f:f0:5d:18:1f:e4:16:24:5b:08:61:29:42:62:
39:10:44:1c:b8:2c:4e:14:4e:a7:5a:ed:83:8b:a3:
20:46:c7:d8:db:a0:dd:71:db:6d:53:a7:18:f5:0f:
7b:dc:09:98:7e:03:e5:a4:23:c6:9e:ed:11:ce:73:
6d:e3:7b:02:02:3f:c1:48:fe:f8:60:70:6e:c5:f0:
f0:98:63:bb:b1:03:55:72:58:22:0e:1f:cf:83:d6:
d4:b9:a9:ef:c7:b8:a3:4f:78:d8:0f:a6:a4:c9:96:
2c:16:d9:d4:c5:db:27:a4:6b:c6:fc:0c:49:96:b8:
97:fa:fb:03:41:2b:fa:9f:27:73:3c:f3:a6:93:86:
ff:bf:23:f7:dc:cb:0c:30:e9:2b:fb:5c:3d:ce:c3:
0f:6e:3d:54:c8:ac:61:b2:a3:89:4a:3a:88:25:e6:
8c:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:B5:D4:9C:0A:1B:97:58:B3:44:80:31:4C:A7:25:6F:B9:CD:AB:3B
X509v3 Authority Key Identifier:
keyid:F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/93069024F98111E9BCD2807EC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
112.215.36.0/24
112.215.44.0/23
112.215.50.0/24
112.215.63.0-112.215.64.255
112.215.66.0/24
112.215.79.0/24
112.215.151.0/24
112.215.153.0/24
112.215.170.0-112.215.172.255
112.215.200.0/24
112.215.209.0/24
112.215.211.0/24
112.215.238.0/24
112.215.253.0/24
121.52.41.0/24
202.152.240.0/24
202.152.243.0/24
IPv6:
2400:9800:3::-2400:9800:7:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
37:da:1d:11:ce:cd:b3:d8:5a:48:62:ff:60:1a:09:79:0a:b5:
35:b0:80:52:9e:8b:da:ff:a0:41:20:0c:d9:55:3f:08:44:a6:
1f:fb:3a:e6:f0:dc:a6:70:e6:8a:55:fa:aa:7b:2b:01:e3:ed:
82:13:0a:cb:81:d8:87:1b:cb:30:2f:0c:86:30:87:26:cd:c0:
0e:73:df:3a:f0:3e:bd:01:0e:0f:ce:db:a5:3e:1a:fa:1d:a0:
52:bd:4d:04:b4:99:4d:37:f6:db:5c:ec:8d:b6:c6:21:8f:05:
d4:82:30:6e:d1:b5:e9:83:0f:f7:f2:3f:5d:50:51:60:f2:fe:
53:08:40:0d:3b:36:79:34:dd:c1:0f:d8:b4:bb:5f:68:de:a4:
5c:d9:d6:00:08:44:03:58:64:ea:57:d3:bc:c6:e9:e4:7a:10:
cf:ca:ed:90:1f:39:85:96:9a:76:ff:5e:2f:cc:b2:19:c0:f5:
25:c2:e7:be:ac:b8:33:d9:bf:c5:b4:f7:ba:16:e7:0f:bb:2e:
7d:c8:bc:b4:76:19:b0:34:35:cc:35:ab:a3:ef:00:bc:b5:09:
0f:66:cb:7f:6d:04:44:fc:04:dc:88:54:51:13:0b:47:57:6c:
f1:4c:c2:67:d6:16:cf:0f:3f:bc:ad:7c:a3:6c:b6:b4:67:96:
99:56:f7:88
-----BEGIN CERTIFICATE-----
MIIFyzCCBLOgAwIBAgICOlswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODYyMTQxMTAvBgNVBAUTKEYzREI5RjE2MjAwOEJENjY2Q0JGOEM5OTYwNzgxNENG
QUIyNEQ3RTcwHhcNMjYwMTE2MTYxMzI1WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0YWUwYS0yM2M3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqswZgV0APnajkpYowv1RSwrcwNEHIiEYmR0pBYLvP+12ghEJOriqgnST3NYe
u1zVAlDwHqqj8qsAq44PleCWWz3VDYQoCjsAFHYPZVt7qycNMPyn28Y4DiwGn/Bd
GB/kFiRbCGEpQmI5EEQcuCxOFE6nWu2Di6MgRsfY26DdcdttU6cY9Q973AmYfgPl
pCPGnu0RznNt43sCAj/BSP74YHBuxfDwmGO7sQNVclgiDh/Pg9bUuanvx7ijT3jY
D6akyZYsFtnUxdsnpGvG/AxJlriX+vsDQSv6nydzPPOmk4b/vyP33MsMMOkr+1w9
zsMPbj1UyKxhsqOJSjqIJeaM2QIDAQABo4IC7zCCAuswHQYDVR0OBBYEFLa11JwK
G5dYs0SAMUynJW+5zas7MB8GA1UdIwQYMBaAFPPbnxYgCL1mbL+MmWB4FM+rJNfn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjIxNC9DNjVENTM2NDMz
MUExMUU0QUYyQUIzN0NDNEY5QUUwMi84OXVmRmlBSXZXWnN2NHlaWUhnVXo2c2sx
LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg5dWZGaUFJdldac3Y0eVpZSGdVejZzazEtYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODYyMTQvQzY1RDUzNjQzMzFBMTFFNEFGMkFCMzdDQzRGOUFFMDIvOTMwNjkwMjRG
OTgxMTFFOUJDRDI4MDdFQzRGOUFFMDIucm9hMIGtBggrBgEFBQcBBwEB/wSBnTCB
mjB8BAIAATB2AwQAcNckAwQBcNcsAwQAcNcyMAwDBABw1z8DBABw10ADBABw10ID
BABw108DBABw15cDBABw15kwDAMEAXDXqgMEAHDXrAMEAHDXyAMEAHDX0QMEAHDX
0wMEAHDX7gMEAHDX/QMEAHk0KQMEAMqY8AMEAMqY8zAaBAIAAjAUMBIDBwAkAJgA
AAMDBwMkAJgAAAAwDQYJKoZIhvcNAQELBQADggEBADfaHRHOzbPYWkhi/2AaCXkK
tTWwgFKei9r/oEEgDNlVPwhEph/7Oubw3KZw5opV+qp7KwHj7YITCsuB2IcbyzAv
DIYwhybNwA5z3zrwPr0BDg/O26U+GvodoFK9TQS0mU039ttc7I22xiGPBdSCMG7R
temDD/fyP11QUWDy/lMIQA07Nnk03cEP2LS7X2jepFzZ1gAIRANYZOpX07zG6eR6
EM/K7ZAfOYWWmnb/Xi/MshnA9SXC576suDPZv8W097oW5w+7Ln3IvLR2GbA0Ncw1
q6PvALy1CQ9my39tBET8BNyIVFETC0dXbPFMwmfWFs8PP7ytfKNstrRnlplW94g=
-----END CERTIFICATE-----
Generated at Fri Mar 13 06:46:26 2026 by rpki-client