Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/E009A066072B11EAB6E08A52C4F9AE02.roa
File: E009A066072B11EAB6E08A52C4F9AE02.roa (raw, json)
Hash identifier: MuJVHhJJZnD45H7Opru8l49h7hcStXvFb5NjQPnR124=
Subject key identifier: 2D:5E:B6:8C:CD:33:86:06:DF:DA:B1:B5:95:68:CF:F9:44:CD:58:C4
Certificate issuer: /CN=A91919EA/serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A
Certificate serial: 10B6
Authority key identifier: 7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/E009A066072B11EAB6E08A52C4F9AE02.roa
Signing time: Fri 06 Mar 2026 18:25:06 +0000
ROA not before: Fri 06 Mar 2026 18:25:06 +0000
ROA not after: Sat 01 May 2027 00:00:00 +0000
asID: 58620
IP address blocks: 119.161.48.0/24 maxlen: 24
119.161.51.0/24 maxlen: 24
119.161.61.0/24 maxlen: 24
120.29.248.0/23 maxlen: 23
120.29.252.0/24 maxlen: 24
120.29.253.0/24 maxlen: 24
120.29.254.0/24 maxlen: 24
203.17.72.0/24 maxlen: 24
2001:dcd:1::/48 maxlen: 48
2001:dcd:2::/48 maxlen: 48
2001:dcd:3::/48 maxlen: 48
2001:dcd:4::/48 maxlen: 48
2001:dcd:5::/48 maxlen: 48
2001:dcd:6::/48 maxlen: 48
2001:dcd:7::/48 maxlen: 48
2001:dcd:21::/48 maxlen: 48
2001:dcd:23::/48 maxlen: 48
2001:dcd:24::/48 maxlen: 48
2001:dcd:31::/48 maxlen: 48
2001:dcd:33::/48 maxlen: 48
2001:dcd:34::/48 maxlen: 48
2001:dcd:35::/48 maxlen: 48
2001:dcd:42::/48 maxlen: 48
2001:dcd:43::/48 maxlen: 48
2001:dcd:44::/48 maxlen: 48
2001:dcd:45::/48 maxlen: 48
2001:dcd:52::/48 maxlen: 48
2001:dcd:53::/48 maxlen: 48
2001:dcd:54::/48 maxlen: 48
2001:dcd:dd05::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl
rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 19 Mar 2026 18:02:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4278 (0x10b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91919EA, serialNumber=7B01CACC170FE6A61B20304185E868946DF7285A
Validity
Not Before: Mar 6 18:25:06 2026 GMT
Not After : May 1 00:00:00 2027 GMT
Subject: CN=69ab1c02-f2b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:06:ca:37:cf:96:57:9c:45:b0:3f:ea:2a:f7:
bb:18:b1:7c:cd:a8:8c:53:05:2f:0d:bf:ba:23:7e:
f2:12:b7:b1:d1:3c:af:f7:79:43:c8:af:ab:60:01:
60:ba:33:96:0e:86:27:aa:2e:1b:1a:34:54:b7:4f:
c0:65:da:3d:c4:4b:45:a3:ed:03:74:73:52:e7:6f:
38:e1:1a:8e:1f:98:ae:c9:50:a5:20:af:9a:6a:4d:
1d:42:20:29:1b:7e:ec:5b:ef:77:ac:73:c6:a2:ab:
46:f3:b7:7c:ea:0e:ca:1b:0e:d4:07:c8:b7:3e:63:
96:fa:23:e1:c9:17:7d:a3:5e:df:16:1d:c3:8a:93:
42:37:e6:d9:78:5b:32:36:7e:60:24:30:cd:2a:1d:
12:fa:46:1d:a5:1c:d2:eb:a0:7b:7b:c9:c5:a1:c6:
ad:ab:3b:b9:75:70:aa:49:9e:31:25:22:1e:54:f8:
43:c1:17:a1:a6:6d:eb:78:a4:fb:f7:eb:c7:ab:8c:
0e:d3:83:1f:13:61:3e:43:ae:d3:18:1c:81:0b:b4:
c2:3c:32:3d:42:27:fd:ae:16:7f:3e:10:33:f2:55:
6b:2e:27:d1:bc:78:ea:71:48:9e:f0:87:0e:4b:cb:
ff:f6:51:af:93:72:96:1a:45:62:61:aa:9e:1d:a9:
15:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:5E:B6:8C:CD:33:86:06:DF:DA:B1:B5:95:68:CF:F9:44:CD:58:C4
X509v3 Authority Key Identifier:
keyid:7B:01:CA:CC:17:0F:E6:A6:1B:20:30:41:85:E8:68:94:6D:F7:28:5A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/ewHKzBcP5qYbIDBBheholG33KFo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ewHKzBcP5qYbIDBBheholG33KFo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91919EA/6D463CFE04FD11EA82CCCA18C4F9AE02/E009A066072B11EAB6E08A52C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
119.161.48.0/24
119.161.51.0/24
119.161.61.0/24
120.29.248.0/23
120.29.252.0-120.29.254.255
203.17.72.0/24
IPv6:
2001:dcd:1::-2001:dcd:7:ffff:ffff:ffff:ffff:ffff
2001:dcd:21::/48
2001:dcd:23::-2001:dcd:24:ffff:ffff:ffff:ffff:ffff
2001:dcd:31::/48
2001:dcd:33::-2001:dcd:35:ffff:ffff:ffff:ffff:ffff
2001:dcd:42::-2001:dcd:45:ffff:ffff:ffff:ffff:ffff
2001:dcd:52::-2001:dcd:54:ffff:ffff:ffff:ffff:ffff
2001:dcd:dd05::/48
Signature Algorithm: sha256WithRSAEncryption
89:d1:37:c7:06:f1:ba:71:41:89:41:21:8e:e6:01:d1:f7:8a:
1e:00:6e:fb:50:85:88:cd:13:a6:ea:1e:84:64:66:70:ed:91:
c5:4b:0a:5a:7f:8c:f0:a6:11:15:03:dc:20:24:56:5e:56:9a:
a9:8b:30:0a:9f:61:db:df:51:4e:e2:b4:f6:05:07:e9:6d:92:
a1:9b:cc:f4:0e:46:6f:0b:35:be:aa:96:7e:c0:0b:5e:7c:e5:
45:cf:60:35:df:56:ee:e7:6e:3b:27:ee:db:f0:b9:58:97:e0:
03:8b:c1:92:de:ec:6d:ea:45:c0:9d:97:54:b2:dd:f9:6d:1e:
f6:e7:ec:68:05:e3:a4:1e:21:b1:d8:5e:9b:be:46:91:9d:a5:
4a:92:b9:bf:6a:ea:b1:3e:7c:b4:db:92:29:78:b6:c4:ff:e5:
ff:f8:e8:1e:c3:d7:8b:a0:0b:b8:07:99:03:06:a4:8f:54:d1:
4b:2e:a2:b6:a7:45:53:b4:50:c5:b1:55:ba:3e:f7:b6:86:a3:
74:7a:af:fd:e4:c5:b4:5e:21:78:f4:23:ea:0a:42:fe:77:d2:
cc:32:7f:8a:4a:bc:7a:23:8e:c0:dc:ce:e3:e7:2b:55:79:1d:
8d:73:ee:76:39:8e:52:d2:76:b1:0c:15:be:3e:4c:64:9d:95:
54:3f:3d:c1
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgICELYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTE5RUExMTAvBgNVBAUTKDdCMDFDQUNDMTcwRkU2QTYxQjIwMzA0MTg1RTg2ODk0
NkRGNzI4NUEwHhcNMjYwMzA2MTgyNTA2WhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWFiMWMwMi1mMmIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwAbKN8+WV5xFsD/qKve7GLF8zaiMUwUvDb+6I37yErex0Tyv93lDyK+rYAFg
ujOWDoYnqi4bGjRUt0/AZdo9xEtFo+0DdHNS52844RqOH5iuyVClIK+aak0dQiAp
G37sW+93rHPGoqtG87d86g7KGw7UB8i3PmOW+iPhyRd9o17fFh3DipNCN+bZeFsy
Nn5gJDDNKh0S+kYdpRzS66B7e8nFocatqzu5dXCqSZ4xJSIeVPhDwRehpm3reKT7
9+vHq4wO04MfE2E+Q67TGByBC7TCPDI9Qif9rhZ/PhAz8lVrLifRvHjqcUie8IcO
S8v/9lGvk3KWGkViYaqeHakV/wIDAQABo4IDETCCAw0wHQYDVR0OBBYEFC1etozN
M4YG39qxtZVoz/lEzVjEMB8GA1UdIwQYMBaAFHsByswXD+amGyAwQYXoaJRt9yha
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTlFQS82RDQ2M0NGRTA0
RkQxMUVBODJDQ0NBMThDNEY5QUUwMi9ld0hLekJjUDVxWWJJREJCaGVob2xHMzNL
Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2V3SEt6QmNQNXFZYklEQkJoZWhvbEczM0tGby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTE5RUEvNkQ0NjNDRkUwNEZEMTFFQTgyQ0NDQTE4QzRGOUFFMDIvRTAwOUEwNjYw
NzJCMTFFQUI2RTA4QTUyQzRGOUFFMDIucm9hMIHPBggrBgEFBQcBBwEB/wSBvzCB
vDAyBAIAATAsAwQAd6EwAwQAd6EzAwQAd6E9AwQBeB34MAwDBAJ4HfwDBAB4Hf4D
BADLEUgwgYUEAgACMH8wEgMHACABDc0AAQMHAyABDc0AAAMHACABDc0AITASAwcA
IAENzQAjAwcAIAENzQAkAwcAIAENzQAxMBIDBwAgAQ3NADMDBwEgAQ3NADQwEgMH
ASABDc0AQgMHASABDc0ARDASAwcBIAENzQBSAwcAIAENzQBUAwcAIAENzd0FMA0G
CSqGSIb3DQEBCwUAA4IBAQCJ0TfHBvG6cUGJQSGO5gHR94oeAG77UIWIzROm6h6E
ZGZw7ZHFSwpaf4zwphEVA9wgJFZeVpqpizAKn2Hb31FO4rT2BQfpbZKhm8z0DkZv
CzW+qpZ+wAtefOVFz2A131bu5247J+7b8LlYl+ADi8GS3uxt6kXAnZdUst35bR72
5+xoBeOkHiGx2F6bvkaRnaVKkrm/auqxPny025IpeLbE/+X/+Ogew9eLoAu4B5kD
BqSPVNFLLqK2p0VTtFDFsVW6Pve2hqN0eq/95MW0XiF49CPqCkL+d9LMMn+KSrx6
I47A3M7j5ytVeR2Nc+52OY5S0naxDBW+PkxknZVUPz3B
-----END CERTIFICATE-----
Generated at Fri Mar 13 10:39:58 2026 by rpki-client