Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/B10F5E8E557511EF9F54A83AC4F9AE02.roa
File: B10F5E8E557511EF9F54A83AC4F9AE02.roa (raw, json)
Hash identifier: Ix0I75Zx2gnKmuBbx+iP49Gfr2RDvE9dnCS/QX16ZX8=
Subject key identifier: 0D:16:D0:D8:39:83:1B:DB:A9:AC:E2:C5:69:CD:55:94:CB:9D:F2:F3
Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Certificate serial: 2122
Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/B10F5E8E557511EF9F54A83AC4F9AE02.roa
Signing time: Mon 02 Mar 2026 23:21:40 +0000
ROA not before: Thu 13 Nov 2025 13:56:33 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 135918
IP address blocks: 157.10.198.0/23 maxlen: 23
157.66.80.0/24 maxlen: 24
157.66.81.0/24 maxlen: 24
157.66.100.0/23 maxlen: 23
157.66.218.0/23 maxlen: 23
160.22.122.0/23 maxlen: 23
160.25.232.0/23 maxlen: 23
160.30.44.0/23 maxlen: 23
160.30.112.0/23 maxlen: 23
160.191.48.0/23 maxlen: 23
160.191.50.0/23 maxlen: 23
160.191.236.0/23 maxlen: 23
160.250.130.0/23 maxlen: 23
160.250.134.0/23 maxlen: 23
160.250.136.0/23 maxlen: 23
160.250.246.0/23 maxlen: 23
161.248.146.0/23 maxlen: 23
165.99.130.0/24 maxlen: 24
165.101.92.0/23 maxlen: 23
165.101.252.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 14 Mar 2026 14:12:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8482 (0x2122)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Validity
Not Before: Nov 13 13:56:33 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=69a61b84-d336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8b:20:9b:19:93:63:f4:19:2c:44:24:2f:f1:
ab:0f:aa:d0:75:3a:a3:e3:29:fe:66:f3:a1:e3:f5:
0c:cf:ca:89:2e:55:2f:8d:01:9c:69:73:0e:59:63:
29:33:af:69:b8:c8:4b:3a:dd:17:1c:c1:de:b1:61:
a8:a9:69:09:3b:18:6d:1b:0d:9a:05:bc:e7:09:b0:
57:d5:55:c5:03:40:c7:2b:e4:8a:9b:51:4a:d2:7f:
92:2c:a4:34:a4:eb:07:47:63:56:fc:42:0c:45:12:
40:47:15:ce:85:5c:f9:bf:99:b8:0a:5b:18:72:38:
9c:25:8d:c9:1c:ab:d1:1a:2e:bd:71:38:dc:dc:50:
68:74:ef:fb:1a:05:4a:d8:a8:fb:86:32:a7:cc:f6:
8b:7a:c1:84:a8:76:0a:68:f5:dd:62:43:42:90:89:
ca:7c:5a:b0:a8:3f:b1:2b:88:f2:3d:7e:d7:7c:0e:
2d:00:79:0f:5e:a5:38:cd:f9:e6:09:4c:51:c3:b3:
15:99:5d:ff:85:26:00:9b:8b:b9:d4:5b:8a:c4:d2:
8e:d0:c9:e3:7e:29:22:09:e3:b3:16:ae:58:1f:ad:
5f:13:19:12:2e:d2:a1:82:9c:57:9e:cd:b6:42:97:
73:74:86:b2:eb:f8:78:3b:ed:59:29:d5:34:20:1a:
88:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:16:D0:D8:39:83:1B:DB:A9:AC:E2:C5:69:CD:55:94:CB:9D:F2:F3
X509v3 Authority Key Identifier:
keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/B10F5E8E557511EF9F54A83AC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
157.10.198.0/23
157.66.80.0/23
157.66.100.0/23
157.66.218.0/23
160.22.122.0/23
160.25.232.0/23
160.30.44.0/23
160.30.112.0/23
160.191.48.0/22
160.191.236.0/23
160.250.130.0/23
160.250.134.0-160.250.137.255
160.250.246.0/23
161.248.146.0/23
165.99.130.0/24
165.101.92.0/23
165.101.252.0/23
Signature Algorithm: sha256WithRSAEncryption
b5:37:5f:cc:bf:c0:4c:fe:9c:ee:b4:f7:53:d0:a5:0a:0f:6e:
24:9f:fe:5e:6f:3a:02:3a:f9:e7:ff:4d:2f:fb:20:ba:14:96:
3d:cf:e1:40:39:d9:74:99:0e:8f:b5:70:23:ab:dd:45:8a:c9:
f8:ff:4d:9e:7d:8d:05:2f:77:d8:23:70:62:41:5a:35:ed:b8:
4c:cb:ee:8e:d4:5b:1b:52:8d:5e:07:e1:73:f4:d7:ed:d3:74:
2e:21:68:0d:06:01:4a:ef:24:b9:e2:70:7e:30:96:a0:45:98:
af:be:e4:c5:46:f0:aa:04:42:5e:aa:de:5a:56:f6:4d:03:3d:
6a:f0:36:42:ef:16:10:e1:01:b2:07:d0:6b:47:7e:1c:ec:02:
31:82:e5:7e:01:d9:21:71:6e:e1:49:dc:15:db:47:2c:72:ed:
05:2a:0d:73:4f:37:0d:ec:11:34:9f:b9:17:98:30:1c:34:98:
5e:e2:20:a2:e5:8e:01:32:4b:3c:0e:6b:51:b7:ae:eb:e8:c3:
00:28:73:a3:cb:e6:f2:6d:2b:c5:00:5c:78:7d:0a:ee:aa:34:
a6:67:fa:6a:d9:5f:04:09:4e:ac:e2:68:af:99:c0:ae:89:8a:
fe:2c:ae:e3:24:d2:ac:70:c6:5e:3c:57:81:b0:57:10:3c:fd:
05:38:f9:95
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgICISIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy
ODRGODBFMTIwHhcNMjUxMTEzMTM1NjMzWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE2MWI4NC1kMzM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsosgmxmTY/QZLEQkL/GrD6rQdTqj4yn+ZvOh4/UMz8qJLlUvjQGcaXMOWWMp
M69puMhLOt0XHMHesWGoqWkJOxhtGw2aBbznCbBX1VXFA0DHK+SKm1FK0n+SLKQ0
pOsHR2NW/EIMRRJARxXOhVz5v5m4ClsYcjicJY3JHKvRGi69cTjc3FBodO/7GgVK
2Kj7hjKnzPaLesGEqHYKaPXdYkNCkInKfFqwqD+xK4jyPX7XfA4tAHkPXqU4zfnm
CUxRw7MVmV3/hSYAm4u51FuKxNKO0MnjfikiCeOzFq5YH61fExkSLtKhgpxXns22
QpdzdIay6/h4O+1ZKdU0IBqIXwIDAQABo4ICyTCCAsUwHQYDVR0OBBYEFA0W0Ng5
gxvbqazixWnNVZTLnfLzMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5
REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE
aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvQjEwRjVFOEU1
NTc1MTFFRjlGNTRBODNBQzRGOUFFMDIucm9hMIGHBggrBgEFBQcBBwEB/wR4MHYw
dAQCAAEwbgMEAZ0KxgMEAZ1CUAMEAZ1CZAMEAZ1C2gMEAaAWegMEAaAZ6AMEAaAe
LAMEAaAecAMEAqC/MAMEAaC/7AMEAaD6gjAMAwQBoPqGAwQBoPqIAwQBoPr2AwQB
ofiSAwQApWOCAwQBpWVcAwQBpWX8MA0GCSqGSIb3DQEBCwUAA4IBAQC1N1/Mv8BM
/pzutPdT0KUKD24kn/5ebzoCOvnn/00v+yC6FJY9z+FAOdl0mQ6PtXAjq91Fisn4
/02efY0FL3fYI3BiQVo17bhMy+6O1FsbUo1eB+Fz9Nft03QuIWgNBgFK7yS54nB+
MJagRZivvuTFRvCqBEJeqt5aVvZNAz1q8DZC7xYQ4QGyB9BrR34c7AIxguV+Adkh
cW7hSdwV20cscu0FKg1zTzcN7BE0n7kXmDAcNJhe4iCi5Y4BMks8DmtRt67r6MMA
KHOjy+bybSvFAFx4fQruqjSmZ/pq2V8ECU6s4mivmcCuiYr+LK7jJNKscMZePFeB
sFcQPP0FOPmV
-----END CERTIFICATE-----
Generated at Sat Mar 7 22:53:21 2026 by rpki-client