Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/73FFDABAA3F711F0B7D2CC77C4F9AE02.roa
File: 73FFDABAA3F711F0B7D2CC77C4F9AE02.roa (raw, json)
Hash identifier: 1xBwIuBxQvWAh7xHahwJ/qWF3k6QSAoo0goWAThVpvs=
Subject key identifier: 67:76:D2:86:CD:98:76:88:4B:EA:28:FA:D7:E8:F3:48:06:7F:36:78
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 6BB2
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/73FFDABAA3F711F0B7D2CC77C4F9AE02.roa
Signing time: Mon 02 Mar 2026 23:30:10 +0000
ROA not before: Thu 26 Feb 2026 09:51:38 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 150895
IP address blocks: 36.50.26.0/24 maxlen: 24
36.50.27.0/24 maxlen: 24
103.20.102.0/23 maxlen: 24
103.67.162.0/23 maxlen: 23
103.72.56.0/23 maxlen: 23
103.75.76.0/23 maxlen: 23
103.78.2.0/23 maxlen: 23
103.116.52.0/23 maxlen: 24
103.152.164.0/23 maxlen: 24
103.161.172.0/24 maxlen: 24
103.173.66.0/23 maxlen: 24
103.237.86.0/23 maxlen: 24
163.61.72.0/23 maxlen: 24
163.223.210.0/23 maxlen: 23
163.227.230.0/23 maxlen: 24
2001:df3:e4c0::/48 maxlen: 48
2401:2be0::/48 maxlen: 48
2401:3560::/48 maxlen: 48
2401:37e0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 13 Mar 2026 14:32:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27570 (0x6bb2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Feb 26 09:51:38 2026 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=69a61d82-429d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:10:7c:78:0e:04:05:e4:d3:e6:8f:c3:3d:04:
ff:9b:9d:28:2d:e6:91:c4:3a:3e:0b:92:27:a5:ee:
1e:45:94:13:58:22:20:4a:5e:16:b1:8d:47:ab:e7:
d6:36:45:de:84:ae:c7:a5:ef:42:97:f9:60:85:c6:
5c:3e:25:0b:93:67:cd:50:f6:9f:85:93:2e:9f:d5:
f8:9b:29:6a:cc:4d:91:aa:1e:c1:fb:18:34:af:d3:
f9:68:83:02:f5:bb:99:df:81:ad:d3:b2:9d:f5:e8:
93:58:a5:a2:ae:0d:9d:a6:67:30:3a:ee:04:64:b0:
a2:d3:1c:20:85:de:a5:d2:b9:e0:17:5d:01:a8:a2:
cb:7e:d3:f5:31:87:a8:9a:d4:83:20:84:5c:31:df:
db:3d:9f:a1:40:94:71:bd:be:97:74:73:ec:39:d8:
ae:e1:33:b1:8e:0b:cb:3a:37:5e:a6:39:26:2b:81:
8a:83:89:58:d8:9f:13:c8:26:76:97:05:6f:cc:ba:
2e:99:a7:42:0e:ed:8f:df:39:f9:70:82:82:cc:8a:
f9:90:5b:45:a8:e4:93:45:a6:4f:6c:7a:11:87:4d:
25:c8:ed:82:07:2a:0e:32:a4:70:c7:6e:a0:0f:32:
fb:d6:28:a4:83:81:a3:c2:cc:e8:55:95:9b:dc:d2:
76:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:76:D2:86:CD:98:76:88:4B:EA:28:FA:D7:E8:F3:48:06:7F:36:78
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/73FFDABAA3F711F0B7D2CC77C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
36.50.26.0/23
103.20.102.0/23
103.67.162.0/23
103.72.56.0/23
103.75.76.0/23
103.78.2.0/23
103.116.52.0/23
103.152.164.0/23
103.161.172.0/24
103.173.66.0/23
103.237.86.0/23
163.61.72.0/23
163.223.210.0/23
163.227.230.0/23
IPv6:
2001:df3:e4c0::/48
2401:2be0::/48
2401:3560::/48
2401:37e0::/48
Signature Algorithm: sha256WithRSAEncryption
6d:03:22:c2:9b:d0:aa:ea:ec:a7:f2:7f:a8:f5:48:cf:63:7c:
95:23:2c:ec:38:ce:0c:05:c5:bc:be:34:cc:82:28:c8:36:3b:
56:fa:38:dc:fa:44:a7:70:ea:6f:57:d4:2e:90:6e:e0:61:2d:
44:2c:72:ba:87:c1:06:17:cc:ab:ef:43:ee:53:59:cf:80:4e:
b8:16:ff:bd:7e:ed:c5:0c:07:22:a9:42:ee:e7:a6:e4:cd:ed:
24:c5:83:a6:ef:78:a3:5c:3c:c6:43:df:d1:e2:b6:1b:ee:4a:
1d:a4:0b:96:83:91:a6:4d:46:a0:ef:0f:9a:b1:05:6e:2b:c7:
2a:94:df:75:b7:d5:28:54:1a:e3:08:6d:7b:42:60:37:e0:55:
9a:ca:f5:4a:20:d3:a4:bc:77:ce:f2:ec:dd:17:44:a7:96:bd:
2b:07:d4:b7:9e:a0:cd:e3:49:d4:81:d3:7a:1a:b5:b1:d8:7a:
73:d8:ab:ca:05:77:a0:a5:c0:e0:5f:47:fc:e3:b1:f7:ce:8f:
98:5b:27:dc:18:8f:a6:f5:77:fa:46:cc:ed:c4:b8:7c:2b:df:
6f:c5:ed:ce:b5:a0:ec:da:8f:15:24:c0:15:36:8b:43:27:b2:
14:b6:31:eb:43:6f:02:d6:0e:ef:2a:07:c8:dc:d9:67:ee:e1:
31:37:30:cb
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgICa7IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjYwMjI2MDk1MTM4WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE2MWQ4Mi00MjlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3xB8eA4EBeTT5o/DPQT/m50oLeaRxDo+C5Inpe4eRZQTWCIgSl4WsY1Hq+fW
NkXehK7Hpe9Cl/lghcZcPiULk2fNUPafhZMun9X4mylqzE2Rqh7B+xg0r9P5aIMC
9buZ34Gt07Kd9eiTWKWirg2dpmcwOu4EZLCi0xwghd6l0rngF10BqKLLftP1MYeo
mtSDIIRcMd/bPZ+hQJRxvb6XdHPsOdiu4TOxjgvLOjdepjkmK4GKg4lY2J8TyCZ2
lwVvzLoumadCDu2P3zn5cIKCzIr5kFtFqOSTRaZPbHoRh00lyO2CByoOMqRwx26g
DzL71iikg4GjwszoVZWb3NJ28QIDAQABo4IC3TCCAtkwHQYDVR0OBBYEFGd20obN
mHaIS+oo+tfo80gGfzZ4MB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvNzNGRkRBQkFB
M0Y3MTFGMEI3RDJDQzc3QzRGOUFFMDIucm9hMIGbBggrBgEFBQcBBwEB/wSBizCB
iDBaBAIAATBUAwQBJDIaAwQBZxRmAwQBZ0OiAwQBZ0g4AwQBZ0tMAwQBZ04CAwQB
Z3Q0AwQBZ5ikAwQAZ6GsAwQBZ61CAwQBZ+1WAwQBoz1IAwQBo9/SAwQBo+PmMCoE
AgACMCQDBwAgAQ3z5MADBwAkASvgAAADBwAkATVgAAADBwAkATfgAAAwDQYJKoZI
hvcNAQELBQADggEBAG0DIsKb0Krq7Kfyf6j1SM9jfJUjLOw4zgwFxby+NMyCKMg2
O1b6ONz6RKdw6m9X1C6QbuBhLUQscrqHwQYXzKvvQ+5TWc+ATrgW/71+7cUMByKp
Qu7npuTN7STFg6bveKNcPMZD39HithvuSh2kC5aDkaZNRqDvD5qxBW4rxyqU33W3
1ShUGuMIbXtCYDfgVZrK9Uog06S8d87y7N0XRKeWvSsH1LeeoM3jSdSB03oatbHY
enPYq8oFd6ClwOBfR/zjsffOj5hbJ9wYj6b1d/pGzO3EuHwr32/F7c61oOzajxUk
wBU2i0MnshS2MetDbwLWDu8qB8jc2Wfu4TE3MMs=
-----END CERTIFICATE-----
Generated at Sat Mar 7 22:42:52 2026 by rpki-client