Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/70F51BEE4B0D11EF94975151C4F9AE02.roa
File: 70F51BEE4B0D11EF94975151C4F9AE02.roa (raw, json)
Hash identifier: 8+dd8R1o75QRLyHuuzSXOMP23xZFljZU1QgoZzaoaIA=
Subject key identifier: 99:8C:6A:06:EE:BD:FB:74:61:B8:6D:56:33:C9:EB:9A:AA:1F:8B:EE
Certificate issuer: /CN=A9199197/serialNumber=6835DDFB8438D24BB6C5979316E54891066090A7
Certificate serial: 093A
Authority key identifier: 68:35:DD:FB:84:38:D2:4B:B6:C5:97:93:16:E5:48:91:06:60:90:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aDXd-4Q40ku2xZeTFuVIkQZgkKc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/70F51BEE4B0D11EF94975151C4F9AE02.roa
Signing time: Sun 01 Mar 2026 14:50:59 +0000
ROA not before: Thu 05 Feb 2026 09:53:49 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 45609
IP address blocks: 27.56.0.0/13 maxlen: 24
103.235.8.0/22 maxlen: 24
106.192.0.0/11 maxlen: 24
110.224.0.0/14 maxlen: 24
117.96.0.0/17 maxlen: 22
117.96.0.0/18 maxlen: 24
117.96.64.0/19 maxlen: 24
117.96.96.0/20 maxlen: 24
117.96.112.0/21 maxlen: 24
117.96.120.0/22 maxlen: 24
117.96.124.0/23 maxlen: 23
117.96.128.0/20 maxlen: 24
117.96.144.0/21 maxlen: 24
117.96.153.0/24 maxlen: 24
117.96.154.0/24 maxlen: 24
117.96.160.0/20 maxlen: 24
117.96.176.0/20 maxlen: 24
117.97.0.0/17 maxlen: 19
117.97.0.0/18 maxlen: 24
117.97.64.0/19 maxlen: 20
117.97.64.0/20 maxlen: 24
117.97.80.0/21 maxlen: 21
117.97.80.0/22 maxlen: 24
117.97.91.0/24 maxlen: 24
117.97.92.0/24 maxlen: 24
117.97.93.0/24 maxlen: 24
117.97.94.0/24 maxlen: 24
117.97.128.0/17 maxlen: 24
117.98.0.0/17 maxlen: 24
150.129.212.0/22 maxlen: 24
223.176.0.0/12 maxlen: 24
223.224.32.0/19 maxlen: 24
223.224.64.0/18 maxlen: 24
223.224.128.0/17 maxlen: 24
223.225.0.0/16 maxlen: 24
223.226.0.0/15 maxlen: 24
223.228.0.0/14 maxlen: 24
223.232.0.0/13 maxlen: 24
2401:4900:800::/37 maxlen: 48
2401:4900:1000::/37 maxlen: 48
2401:4900:1800::/37 maxlen: 48
2401:4900:2000::/37 maxlen: 48
2401:4900:2800::/37 maxlen: 48
2401:4900:3000::/37 maxlen: 48
2401:4900:3800::/37 maxlen: 48
2401:4900:4000::/37 maxlen: 48
2401:4900:4800::/37 maxlen: 48
2401:4900:5000::/37 maxlen: 48
2401:4900:5800::/37 maxlen: 48
2401:4900:6000::/37 maxlen: 48
2401:4900:7000::/37 maxlen: 48
2401:4900:7800::/37 maxlen: 48
2401:4900:8000::/37 maxlen: 48
2401:4900:9000::/37 maxlen: 48
2401:4900:a000::/37 maxlen: 48
2401:4900:a800::/37 maxlen: 44
2401:4900:b000::/37 maxlen: 48
2401:4900:b800::/37 maxlen: 48
2401:4900:c000::/37 maxlen: 48
2401:4900:c800::/37 maxlen: 48
2401:4900:d000::/37 maxlen: 48
2401:4900:d800::/37 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/aDXd-4Q40ku2xZeTFuVIkQZgkKc.crl
rsync://rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/aDXd-4Q40ku2xZeTFuVIkQZgkKc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aDXd-4Q40ku2xZeTFuVIkQZgkKc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 21 Mar 2026 14:50:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2362 (0x93a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9199197, serialNumber=6835DDFB8438D24BB6C5979316E54891066090A7
Validity
Not Before: Feb 5 09:53:49 2026 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=69a45253-3c2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:56:a8:b8:12:9c:dc:f4:33:d4:3b:c6:bd:d8:
33:c9:1b:a5:f1:af:ae:f5:c4:86:1a:04:cb:27:f4:
b7:aa:21:e7:f6:09:30:fa:fe:f2:e6:8d:50:ad:1b:
1f:4b:f7:06:9c:89:db:50:00:16:d9:fd:1a:06:80:
7d:cb:7f:d4:93:eb:98:0e:d8:e2:52:81:f2:58:2d:
80:46:1f:5d:8e:56:1a:1c:83:0d:16:30:18:68:b9:
ed:a6:ed:58:4b:96:22:81:71:45:e9:b2:75:c2:5b:
ce:fa:17:01:3f:53:8b:2e:7e:0c:0a:9c:9d:b2:2b:
37:0c:2c:99:5d:2f:0f:2b:04:c3:f8:9f:6b:e3:59:
96:59:89:95:5f:2d:5c:b6:97:ee:16:ca:f8:30:cb:
ad:ef:0a:d9:b2:b4:ad:1c:b0:c4:f1:7a:47:7b:fb:
08:d7:6d:b1:0f:ea:6e:02:79:04:8a:72:d6:be:ae:
81:ea:07:25:58:d9:03:c3:12:09:fd:fe:39:25:ce:
36:90:f1:03:c0:7b:2a:d8:15:fa:91:16:55:fe:c3:
de:2c:0b:b6:88:ea:dd:dc:f8:74:e8:78:77:38:ff:
ab:51:03:6f:bc:1b:9c:99:ed:d1:c9:3c:8e:dc:45:
e6:8c:1a:63:06:10:3b:a7:6f:7f:11:64:dd:82:33:
2d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:8C:6A:06:EE:BD:FB:74:61:B8:6D:56:33:C9:EB:9A:AA:1F:8B:EE
X509v3 Authority Key Identifier:
keyid:68:35:DD:FB:84:38:D2:4B:B6:C5:97:93:16:E5:48:91:06:60:90:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/aDXd-4Q40ku2xZeTFuVIkQZgkKc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aDXd-4Q40ku2xZeTFuVIkQZgkKc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/70F51BEE4B0D11EF94975151C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
27.56.0.0/13
103.235.8.0/22
106.192.0.0/11
110.224.0.0/14
117.96.0.0-117.96.151.255
117.96.153.0-117.96.154.255
117.96.160.0/19
117.97.0.0-117.98.127.255
150.129.212.0/22
223.176.0.0/12
223.224.32.0-223.239.255.255
IPv6:
2401:4900:800::-2401:4900:67ff:ffff:ffff:ffff:ffff:ffff
2401:4900:7000::-2401:4900:87ff:ffff:ffff:ffff:ffff:ffff
2401:4900:9000::/37
2401:4900:a000::-2401:4900:dfff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
39:d0:b8:58:5d:ea:1c:28:75:e1:ad:b9:b5:fa:69:8b:99:7a:
89:d3:aa:15:3e:76:de:68:29:66:c0:6b:70:76:d7:a3:63:75:
6e:22:b1:77:bb:c9:e8:af:81:b3:da:6a:c8:a2:1c:3f:ff:be:
91:59:eb:b1:c0:b6:c8:ef:ab:d6:44:6f:8b:bb:67:54:7a:bc:
f6:c9:6f:19:0f:8f:12:cf:a9:83:25:dd:54:e8:03:c4:e1:3f:
b5:b8:9b:0c:a5:a1:14:a7:4c:3e:a9:1f:dd:a1:bc:0d:85:f2:
eb:68:ee:e0:b9:ad:ef:04:0d:9a:de:24:6e:d1:c4:ad:09:ab:
d9:59:5b:a2:5f:e5:7d:21:d5:c1:e6:3e:84:f5:09:3c:d9:22:
1a:09:c5:86:15:0d:5e:1c:f8:0a:2d:cf:f2:cd:2e:4a:a4:c3:
04:93:f8:8d:d3:2f:0e:14:2b:25:59:5b:60:9c:4d:a0:89:bf:
1e:96:94:fa:e5:c5:f5:1a:c7:e0:59:4d:5f:24:5a:70:9f:f4:
99:77:4a:fe:32:43:b8:a3:2e:52:86:b5:bb:dd:21:f8:16:30:
6d:26:55:e5:62:fb:d3:63:7e:31:bb:44:52:cb:76:05:2c:65:
20:02:3e:3c:fe:30:d1:f5:b4:59:b7:6e:0d:48:19:9b:5c:c2:
b1:b4:c9:27
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgICCTowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTkxOTcxMTAvBgNVBAUTKDY4MzVEREZCODQzOEQyNEJCNkM1OTc5MzE2RTU0ODkx
MDY2MDkwQTcwHhcNMjYwMjA1MDk1MzQ5WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NTI1My0zYzJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApFaouBKc3PQz1DvGvdgzyRul8a+u9cSGGgTLJ/S3qiHn9gkw+v7y5o1QrRsf
S/cGnInbUAAW2f0aBoB9y3/Uk+uYDtjiUoHyWC2ARh9djlYaHIMNFjAYaLntpu1Y
S5YigXFF6bJ1wlvO+hcBP1OLLn4MCpydsis3DCyZXS8PKwTD+J9r41mWWYmVXy1c
tpfuFsr4MMut7wrZsrStHLDE8XpHe/sI122xD+puAnkEinLWvq6B6gclWNkDwxIJ
/f45Jc42kPEDwHsq2BX6kRZV/sPeLAu2iOrd3Ph06Hh3OP+rUQNvvBucme3RyTyO
3EXmjBpjBhA7p29/EWTdgjMt5QIDAQABo4IC/jCCAvowHQYDVR0OBBYEFJmMagbu
vft0YbhtVjPJ65qqH4vuMB8GA1UdIwQYMBaAFGg13fuEONJLtsWXkxblSJEGYJCn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTE5Ny84NEIyRUM5OEYy
N0QxMUVBOTQ1NkVFNjBDNEY5QUUwMi9hRFhkLTRRNDBrdTJ4WmVURnVWSWtRWmdr
S2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FEWGQtNFE0MGt1MnhaZVRGdVZJa1FaZ2tLYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTkxOTcvODRCMkVDOThGMjdEMTFFQTk0NTZFRTYwQzRGOUFFMDIvNzBGNTFCRUU0
QjBEMTFFRjk0OTc1MTUxQzRGOUFFMDIucm9hMIG8BggrBgEFBQcBBwEB/wSBrDCB
qTBhBAIAATBbAwMDGzgDBAJn6wgDAwVqwAMDAm7gMAsDAwV1YAMEA3VgkDAMAwQA
dWCZAwQAdWCaAwQFdWCgMAsDAwB1YQMEB3ViAAMEApaB1AMDBN+wMAsDBAXf4CAD
AwTf4DBEBAIAAjA+MBADBgMkAUkACAMGAyQBSQBgMBADBgQkAUkAcAMGAyQBSQCA
AwYDJAFJAJAwEAMGBSQBSQCgAwYFJAFJAMAwDQYJKoZIhvcNAQELBQADggEBADnQ
uFhd6hwodeGtubX6aYuZeonTqhU+dt5oKWbAa3B216NjdW4isXe7yeivgbPaasii
HD//vpFZ67HAtsjvq9ZEb4u7Z1R6vPbJbxkPjxLPqYMl3VToA8ThP7W4mwyloRSn
TD6pH92hvA2F8uto7uC5re8EDZreJG7RxK0Jq9lZW6Jf5X0h1cHmPoT1CTzZIhoJ
xYYVDV4c+Aotz/LNLkqkwwST+I3TLw4UKyVZW2CcTaCJvx6WlPrlxfUax+BZTV8k
WnCf9Jl3Sv4yQ7ijLlKGtbvdIfgWMG0mVeVi+9NjfjG7RFLLdgUsZSACPjz+MNH1
tFm3bg1IGZtcwrG0ySc=
-----END CERTIFICATE-----
Generated at Sat Mar 14 22:58:05 2026 by rpki-client