Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/956DEFE80CDB11EAB14B9162C4F9AE02.roa
File: 956DEFE80CDB11EAB14B9162C4F9AE02.roa (raw, json)
Hash identifier: alsPlXPZx4XqSWny9RVBSTVO5kgsOjg70pil6fpAiOc=
Subject key identifier: 0F:38:7E:F1:92:23:52:95:43:6B:A5:6B:4E:42:23:D8:6F:C9:B4:9A
Certificate issuer: /CN=A919EAAD/serialNumber=25099046EB59D645D419A428FC701A57353FBF2C
Certificate serial: 0D10
Authority key identifier: 25:09:90:46:EB:59:D6:45:D4:19:A4:28:FC:70:1A:57:35:3F:BF:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JQmQRutZ1kXUGaQo_HAaVzU_vyw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/956DEFE80CDB11EAB14B9162C4F9AE02.roa
Signing time: Sun 31 May 2026 19:22:00 +0000
ROA not before: Sun 31 May 2026 19:22:00 +0000
ROA not after: Thu 01 Oct 2026 00:00:00 +0000
asID: 133385
IP address blocks: 45.120.84.0/22 maxlen: 22
45.120.84.0/24 maxlen: 24
45.120.85.0/24 maxlen: 24
45.120.86.0/24 maxlen: 24
45.120.87.0/24 maxlen: 24
103.255.172.0/22 maxlen: 22
103.255.172.0/24 maxlen: 24
103.255.172.64/26 maxlen: 26
103.255.172.128/25 maxlen: 25
103.255.173.0/24 maxlen: 24
103.255.174.0/24 maxlen: 24
103.255.175.0/24 maxlen: 24
2400:8480:1000::/48 maxlen: 48
2400:8480:1100::/48 maxlen: 48
2400:8480:2010::/44 maxlen: 44
2400:8480:2020::/44 maxlen: 44
2400:8480:2030::/44 maxlen: 44
2400:8480:2040::/44 maxlen: 44
2400:8480:2110::/44 maxlen: 44
2400:8480:2120::/44 maxlen: 44
2400:8480:2130::/44 maxlen: 44
2400:8480:2140::/44 maxlen: 44
2400:8480:3010::/44 maxlen: 44
2400:8480:3020::/44 maxlen: 44
2400:8480:3030::/44 maxlen: 44
2400:8480:3040::/44 maxlen: 44
2400:8480:3110::/44 maxlen: 44
2400:8480:3120::/44 maxlen: 44
2400:8480:3130::/44 maxlen: 44
2400:8480:3140::/44 maxlen: 44
2400:8480:4000::/36 maxlen: 36
2400:8480:5000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/JQmQRutZ1kXUGaQo_HAaVzU_vyw.crl
rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/JQmQRutZ1kXUGaQo_HAaVzU_vyw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JQmQRutZ1kXUGaQo_HAaVzU_vyw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 11 Jun 2026 18:20:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3344 (0xd10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919EAAD, serialNumber=25099046EB59D645D419A428FC701A57353FBF2C
Validity
Not Before: May 31 19:22:00 2026 GMT
Not After : Oct 1 00:00:00 2026 GMT
Subject: CN=6a1c8a58-caa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:ea:17:a4:dd:8c:ab:28:5b:d6:d7:6e:eb:ca:
b9:a2:af:b7:c4:ce:4c:40:59:ed:c4:bc:cb:35:6e:
dd:38:2e:ba:09:32:1b:1b:22:4c:c3:3c:51:ce:82:
23:71:f7:3b:75:0d:36:25:60:3d:7c:11:a1:96:aa:
94:1d:f1:6d:dd:1a:3e:79:78:78:1f:fb:ad:b2:2a:
88:e7:b6:56:fb:d8:c2:af:cc:44:08:73:95:3e:9d:
f1:04:df:f8:26:d1:8f:44:e1:78:08:a8:84:66:2e:
ea:e0:cd:4f:17:cd:74:ef:b0:87:fb:ef:44:83:0e:
57:88:73:bf:be:f4:41:43:26:67:4c:64:71:dd:42:
3d:78:6a:7e:f9:d5:26:8f:f3:ec:ba:f4:54:9e:34:
d1:b3:6e:6b:91:21:2a:bb:63:43:89:08:44:92:76:
3d:e4:62:e5:55:da:fe:9e:a7:f8:d4:30:9b:ba:b2:
dc:be:45:14:f3:91:69:f0:95:3a:0a:3d:64:83:c8:
49:0b:35:34:e1:70:e9:92:a8:f8:9b:3b:42:e0:1b:
a8:ca:5d:bf:0a:b3:f6:f4:81:89:bc:d8:62:41:cf:
ea:39:bb:eb:e7:e1:7f:44:da:ac:a3:d4:be:17:33:
d9:20:cb:e7:02:fb:ec:3f:3e:10:63:40:e0:fb:e5:
56:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:38:7E:F1:92:23:52:95:43:6B:A5:6B:4E:42:23:D8:6F:C9:B4:9A
X509v3 Authority Key Identifier:
keyid:25:09:90:46:EB:59:D6:45:D4:19:A4:28:FC:70:1A:57:35:3F:BF:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/JQmQRutZ1kXUGaQo_HAaVzU_vyw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JQmQRutZ1kXUGaQo_HAaVzU_vyw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/956DEFE80CDB11EAB14B9162C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.120.84.0/22
103.255.172.0/22
IPv6:
2400:8480:1000::/48
2400:8480:1100::/48
2400:8480:2010::-2400:8480:204f:ffff:ffff:ffff:ffff:ffff
2400:8480:2110::-2400:8480:214f:ffff:ffff:ffff:ffff:ffff
2400:8480:3010::-2400:8480:304f:ffff:ffff:ffff:ffff:ffff
2400:8480:3110::-2400:8480:314f:ffff:ffff:ffff:ffff:ffff
2400:8480:4000::/35
Signature Algorithm: sha256WithRSAEncryption
b7:a5:ba:32:11:7e:18:62:ca:e3:a3:1b:2e:a9:d5:b5:f3:23:
f1:11:9f:ed:09:95:72:10:ef:ba:3d:88:3e:9f:2c:b3:ef:ed:
e3:4d:06:68:20:39:40:b4:0d:fb:04:1e:62:4e:1e:7d:dc:6a:
ac:a6:a8:eb:cd:00:a9:f8:29:0c:2a:34:06:39:93:4b:02:18:
57:9d:db:f6:6b:ab:a3:ec:57:4b:04:70:d9:f8:1f:84:d1:df:
ab:59:fc:1f:32:4f:0c:84:16:67:16:f9:b8:ee:30:c4:5e:ae:
e2:cf:79:08:32:10:3b:f1:a0:24:e9:62:3a:2e:7e:b5:87:ed:
4a:88:be:ad:ce:71:dc:0d:2d:e4:7e:19:d3:36:80:c1:3e:84:
ce:89:1d:56:61:1d:d6:ed:bc:8e:d6:2e:72:5e:12:bb:37:58:
d9:3d:09:b7:bb:6b:3c:9a:54:cf:0e:fb:d7:85:3e:ab:4f:cc:
c6:9a:5c:07:8c:f2:0b:84:e7:95:1d:2e:43:3e:a6:9a:eb:15:
a9:c8:f4:92:79:3a:fb:c0:98:8e:15:6a:bb:c9:d7:08:3f:a2:
94:b9:cb:6f:24:83:7d:f7:d9:77:c5:97:ea:12:0b:bd:69:f4:
d4:13:3a:a2:ff:4f:1d:ce:43:bf:c1:56:12:43:d3:32:7f:20:
7b:65:a0:82
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgICDRAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUVBQUQxMTAvBgNVBAUTKDI1MDk5MDQ2RUI1OUQ2NDVENDE5QTQyOEZDNzAxQTU3
MzUzRkJGMkMwHhcNMjYwNTMxMTkyMjAwWhcNMjYxMDAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTFjOGE1OC1jYWEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6uoXpN2Mqyhb1tdu68q5oq+3xM5MQFntxLzLNW7dOC66CTIbGyJMwzxRzoIj
cfc7dQ02JWA9fBGhlqqUHfFt3Ro+eXh4H/utsiqI57ZW+9jCr8xECHOVPp3xBN/4
JtGPROF4CKiEZi7q4M1PF81077CH++9Egw5XiHO/vvRBQyZnTGRx3UI9eGp++dUm
j/PsuvRUnjTRs25rkSEqu2NDiQhEknY95GLlVdr+nqf41DCburLcvkUU85Fp8JU6
Cj1kg8hJCzU04XDpkqj4mztC4Buoyl2/CrP29IGJvNhiQc/qObvr5+F/RNqso9S+
FzPZIMvnAvvsPz4QY0Dg++VWzQIDAQABo4IC2zCCAtcwHQYDVR0OBBYEFA84fvGS
I1KVQ2ula05CI9hvybSaMB8GA1UdIwQYMBaAFCUJkEbrWdZF1BmkKPxwGlc1P78s
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RUFBRC83N0Q5NTBGMjA5
RDUxMUVBQjc2QzczMTdDNEY5QUUwMi9KUW1RUnV0WjFrWFVHYVFvX0hBYVZ6VV92
eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pRbVFSdXRaMWtYVUdhUW9fSEFhVnpVX3Z5dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUVBQUQvNzdEOTUwRjIwOUQ1MTFFQUI3NkM3MzE3QzRGOUFFMDIvOTU2REVGRTgw
Q0RCMTFFQUIxNEI5MTYyQzRGOUFFMDIucm9hMIGZBggrBgEFBQcBBwEB/wSBiTCB
hjASBAIAATAMAwQCLXhUAwQCZ/+sMHAEAgACMGoDBwAkAISAEAADBwAkAISAEQAw
EgMHBCQAhIAgEAMHBCQAhIAgQDASAwcEJACEgCEQAwcEJACEgCFAMBIDBwQkAISA
MBADBwQkAISAMEAwEgMHBCQAhIAxEAMHBCQAhIAxQAMGBSQAhIBAMA0GCSqGSIb3
DQEBCwUAA4IBAQC3pboyEX4YYsrjoxsuqdW18yPxEZ/tCZVyEO+6PYg+nyyz7+3j
TQZoIDlAtA37BB5iTh593GqspqjrzQCp+CkMKjQGOZNLAhhXndv2a6uj7FdLBHDZ
+B+E0d+rWfwfMk8MhBZnFvm47jDEXq7iz3kIMhA78aAk6WI6Ln61h+1KiL6tznHc
DS3kfhnTNoDBPoTOiR1WYR3W7byO1i5yXhK7N1jZPQm3u2s8mlTPDvvXhT6rT8zG
mlwHjPILhOeVHS5DPqaa6xWpyPSSeTr7wJiOFWq7ydcIP6KUuctvJIN999l3xZfq
Egu9afTUEzqi/08dzkO/wVYSQ9MyfyB7ZaCC
-----END CERTIFICATE-----
Generated at Sat Jun 6 14:44:30 2026 by rpki-client