Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/8092DB4C718011EF8BEC2931C4F9AE02.roa
File: 8092DB4C718011EF8BEC2931C4F9AE02.roa (raw, json)
Hash identifier: PT2nWbZI8+/qwsLUEVAAOkwYLN5l0xncB8ddDKHwS2A=
Subject key identifier: 6F:D6:C5:C7:52:F5:43:3E:C5:19:3B:E8:72:FD:B5:B8:34:30:66:D4
Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Certificate serial: 216C
Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/8092DB4C718011EF8BEC2931C4F9AE02.roa
Signing time: Mon 02 Mar 2026 23:22:51 +0000
ROA not before: Thu 28 Aug 2025 14:50:54 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 140822
IP address blocks: 160.30.254.0/23 maxlen: 23
160.187.88.0/23 maxlen: 23
160.187.90.0/23 maxlen: 23
160.187.242.0/23 maxlen: 23
160.187.244.0/23 maxlen: 23
160.191.36.0/23 maxlen: 23
160.191.90.0/23 maxlen: 23
160.191.92.0/23 maxlen: 23
160.191.94.0/23 maxlen: 23
160.191.96.0/23 maxlen: 23
160.191.98.0/23 maxlen: 23
160.191.216.0/23 maxlen: 23
160.191.218.0/23 maxlen: 23
160.191.222.0/23 maxlen: 23
160.191.252.0/23 maxlen: 23
160.191.254.0/23 maxlen: 23
160.250.0.0/23 maxlen: 23
160.250.2.0/23 maxlen: 23
160.250.30.0/23 maxlen: 23
160.250.32.0/23 maxlen: 23
161.248.34.0/23 maxlen: 23
161.248.72.0/23 maxlen: 23
161.248.76.0/23 maxlen: 23
161.248.182.0/23 maxlen: 23
161.248.236.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 14 Mar 2026 14:12:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8556 (0x216c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Validity
Not Before: Aug 28 14:50:54 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=69a61bcb-7ab1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e7:2c:ad:9c:05:46:da:d3:82:b7:e1:f6:2b:
12:50:b6:d1:4e:b7:67:5e:f3:f6:63:6b:f4:50:49:
c9:b8:be:93:bd:fb:cb:dc:03:ab:94:71:56:4c:fa:
b3:5f:7f:5b:5d:89:a2:51:cc:9a:8d:84:3f:c7:94:
51:bd:98:d8:73:b0:13:0f:37:23:04:28:51:3a:47:
b1:73:65:87:ee:54:ea:e4:c3:1c:35:f1:e5:86:78:
9e:02:6e:4a:c7:c9:0d:68:96:ba:87:de:4f:f0:07:
6d:eb:18:51:51:aa:c0:42:53:8a:4c:c3:db:8e:f6:
76:1a:1d:15:83:2e:3d:31:4f:c2:6c:52:7e:bb:62:
46:2b:c5:57:b6:4a:e3:fe:19:38:a4:ef:82:48:30:
06:59:00:2b:0f:f5:b6:88:a2:58:05:d6:97:bb:19:
1d:18:58:63:3c:14:4d:84:1c:eb:0c:39:1d:7f:6a:
28:87:6e:4a:98:24:1c:76:f9:8e:b0:fd:d3:c8:89:
a3:63:ae:53:44:0c:8d:95:82:ce:13:b9:e4:b3:a0:
6d:08:a8:91:3e:4d:88:97:ac:f4:73:e4:77:be:85:
4c:2a:51:33:bb:eb:ac:a7:35:ee:58:b5:0b:84:e8:
94:e2:d3:72:26:3d:76:28:26:a3:dc:13:72:63:28:
dc:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:D6:C5:C7:52:F5:43:3E:C5:19:3B:E8:72:FD:B5:B8:34:30:66:D4
X509v3 Authority Key Identifier:
keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/8092DB4C718011EF8BEC2931C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
160.30.254.0/23
160.187.88.0/22
160.187.242.0-160.187.245.255
160.191.36.0/23
160.191.90.0-160.191.99.255
160.191.216.0/22
160.191.222.0/23
160.191.252.0/22
160.250.0.0/22
160.250.30.0-160.250.33.255
161.248.34.0/23
161.248.72.0/23
161.248.76.0/23
161.248.182.0/23
161.248.236.0/23
Signature Algorithm: sha256WithRSAEncryption
98:80:fd:54:ec:a7:c4:60:b1:4b:fe:b1:48:d5:66:c0:2c:ef:
76:2e:17:b2:cc:82:5e:39:5d:59:f2:e1:51:02:6d:7d:34:52:
1b:80:31:e0:4e:17:e7:fd:01:4f:13:bb:3a:1a:c1:e7:84:75:
a9:9a:91:7d:8b:71:1c:7a:b0:b1:7c:26:ac:44:ea:2f:6a:22:
2a:4e:28:1e:e0:12:4d:9a:7e:0e:9d:0f:05:6a:7e:08:5f:18:
6b:85:63:fd:9c:60:9a:db:98:99:cd:62:2d:92:1b:08:80:bc:
e6:e2:9e:95:6c:cc:dc:59:b1:40:f2:e1:be:32:a5:35:0f:51:
72:b9:9b:40:60:61:ad:8f:a6:b2:64:48:22:07:85:c4:21:d8:
78:21:58:ee:f8:fd:79:23:aa:f9:d8:5f:db:f4:0b:69:87:53:
c4:19:bb:d2:ee:70:75:a3:89:2e:17:50:1b:4f:0b:49:68:da:
d8:3e:b2:32:e9:94:43:78:20:ff:15:1d:51:00:67:b9:ce:22:
9c:92:27:41:34:05:f9:a0:bc:b4:7b:3d:98:37:42:2e:ab:0c:
bb:64:29:59:06:f4:6a:4e:1a:14:ef:da:e3:0a:7a:f3:9c:35:
cb:97:a4:c3:b9:88:92:fa:09:58:9a:a9:7c:dd:78:62:1c:67:
0c:ac:8b:8c
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgICIWwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy
ODRGODBFMTIwHhcNMjUwODI4MTQ1MDU0WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE2MWJjYi03YWIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAkucsrZwFRtrTgrfh9isSULbRTrdnXvP2Y2v0UEnJuL6TvfvL3AOrlHFWTPqz
X39bXYmiUcyajYQ/x5RRvZjYc7ATDzcjBChROkexc2WH7lTq5MMcNfHlhnieAm5K
x8kNaJa6h95P8Adt6xhRUarAQlOKTMPbjvZ2Gh0Vgy49MU/CbFJ+u2JGK8VXtkrj
/hk4pO+CSDAGWQArD/W2iKJYBdaXuxkdGFhjPBRNhBzrDDkdf2ooh25KmCQcdvmO
sP3TyImjY65TRAyNlYLOE7nks6BtCKiRPk2Il6z0c+R3voVMKlEzu+uspzXuWLUL
hOiU4tNyJj12KCaj3BNyYyjcLQIDAQABo4ICzTCCAskwHQYDVR0OBBYEFG/WxcdS
9UM+xRk76HL9tbg0MGbUMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5
REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE
aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvODA5MkRCNEM3
MTgwMTFFRjhCRUMyOTMxQzRGOUFFMDIucm9hMIGLBggrBgEFBQcBBwEB/wR8MHow
eAQCAAEwcgMEAaAe/gMEAqC7WDAMAwQBoLvyAwQBoLv0AwQBoL8kMAwDBAGgv1oD
BAKgv2ADBAKgv9gDBAGgv94DBAKgv/wDBAKg+gAwDAMEAaD6HgMEAaD6IAMEAaH4
IgMEAaH4SAMEAaH4TAMEAaH4tgMEAaH47DANBgkqhkiG9w0BAQsFAAOCAQEAmID9
VOynxGCxS/6xSNVmwCzvdi4XssyCXjldWfLhUQJtfTRSG4Ax4E4X5/0BTxO7OhrB
54R1qZqRfYtxHHqwsXwmrETqL2oiKk4oHuASTZp+Dp0PBWp+CF8Ya4Vj/ZxgmtuY
mc1iLZIbCIC85uKelWzM3FmxQPLhvjKlNQ9RcrmbQGBhrY+msmRIIgeFxCHYeCFY
7vj9eSOq+dhf2/QLaYdTxBm70u5wdaOJLhdQG08LSWja2D6yMumUQ3gg/xUdUQBn
uc4inJInQTQF+aC8tHs9mDdCLqsMu2QpWQb0ak4aFO/a4wp685w1y5ekw7mIkvoJ
WJqpfN14YhxnDKyLjA==
-----END CERTIFICATE-----
Generated at Sat Mar 7 22:52:37 2026 by rpki-client