Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/979051A0CFF111F084BB5276C4F9AE02.roa
File: 979051A0CFF111F084BB5276C4F9AE02.roa (raw, json)
Hash identifier: 5IPzYQ+2tiJ0hPQcvMuwSaiw91r3ifVvsGj7yZrkCu8=
Subject key identifier: FD:24:E1:2B:D1:D9:E0:0B:BB:15:FB:7D:10:3D:97:46:59:CE:43:5D
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 6BC6
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/979051A0CFF111F084BB5276C4F9AE02.roa
Signing time: Mon 02 Mar 2026 23:30:34 +0000
ROA not before: Wed 03 Dec 2025 02:41:39 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 135944
IP address blocks: 103.159.54.0/24 maxlen: 24
103.159.55.0/24 maxlen: 24
103.165.144.0/23 maxlen: 23
103.165.144.0/24 maxlen: 24
103.165.145.0/24 maxlen: 24
103.199.8.0/22 maxlen: 22
103.199.8.0/23 maxlen: 23
103.199.8.0/24 maxlen: 24
103.199.9.0/24 maxlen: 24
103.199.10.0/23 maxlen: 24
103.216.124.0/22 maxlen: 24
116.118.0.0/22 maxlen: 24
116.118.4.0/22 maxlen: 24
116.118.8.0/22 maxlen: 24
116.118.12.0/22 maxlen: 24
116.118.16.0/22 maxlen: 24
116.118.20.0/22 maxlen: 24
116.118.24.0/22 maxlen: 24
116.118.28.0/22 maxlen: 24
116.118.64.0/22 maxlen: 24
116.118.72.0/22 maxlen: 24
116.118.76.0/22 maxlen: 24
116.118.88.0/22 maxlen: 24
116.118.92.0/22 maxlen: 24
157.119.248.0/22 maxlen: 22
180.93.172.0/22 maxlen: 24
180.93.176.0/22 maxlen: 24
180.93.180.0/22 maxlen: 24
2001:df7:cc00::/48 maxlen: 48
2404:ef80::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 13 Mar 2026 14:32:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27590 (0x6bc6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Dec 3 02:41:39 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=69a61d9a-1354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:6b:f7:81:a8:47:16:b9:7b:55:0d:00:bb:58:
c9:6d:d8:49:f5:1d:9e:6a:00:16:2f:ba:6a:ea:42:
d5:0d:37:6d:1c:22:13:0d:a2:2a:2e:a5:5f:9d:d8:
70:8f:b0:41:bd:b9:7b:0c:49:c9:60:9a:25:17:de:
c7:63:29:c6:44:c2:c9:9a:38:30:30:a2:62:d6:c4:
59:af:7d:13:85:de:34:f1:47:db:ac:9a:94:a2:0c:
ed:05:7f:01:1f:0a:c5:f1:af:3b:91:bd:da:56:c8:
86:42:f0:62:d3:a0:bb:9e:71:93:78:66:ba:14:6e:
96:82:b2:ed:c9:4e:10:d4:1f:0b:53:48:c3:e0:ad:
63:c2:07:e0:9c:73:b8:30:dc:e6:ef:20:87:7d:b8:
03:7d:91:2d:d1:39:f2:c1:c5:4c:bf:0e:97:8b:42:
af:cb:60:4f:b7:9d:bf:77:e1:92:c4:b5:e2:63:cf:
18:bb:2c:9f:2b:81:10:48:dd:db:82:ac:a8:81:77:
70:95:e7:f0:86:8e:b0:65:7c:ea:22:cd:a3:be:98:
dd:da:a4:46:f8:e3:38:7c:d1:00:d4:56:d1:d6:be:
bd:47:98:39:75:b2:75:c6:a3:74:ab:d8:50:85:1c:
6d:2f:6d:d4:ef:71:58:36:60:1f:d3:b0:fe:dd:d7:
6e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:24:E1:2B:D1:D9:E0:0B:BB:15:FB:7D:10:3D:97:46:59:CE:43:5D
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/979051A0CFF111F084BB5276C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.159.54.0/23
103.165.144.0/23
103.199.8.0/22
103.216.124.0/22
116.118.0.0/19
116.118.64.0/22
116.118.72.0/21
116.118.88.0/21
157.119.248.0/22
180.93.172.0-180.93.183.255
IPv6:
2001:df7:cc00::/48
2404:ef80::/48
Signature Algorithm: sha256WithRSAEncryption
0d:cf:25:27:c0:b5:5a:b9:ea:c6:41:2c:b6:18:88:b5:74:54:
c6:4e:e0:bb:17:aa:35:29:bd:f6:0b:56:ed:12:ba:de:07:11:
d1:4d:b0:c0:ea:5e:fb:81:ac:a6:1a:12:c4:02:ac:87:c9:8e:
26:b9:08:af:4e:8c:82:6c:ec:ef:e8:80:29:b6:0e:93:3a:45:
0f:1c:34:74:e2:7e:6b:ce:ce:f1:b7:99:4f:ac:ca:37:e5:be:
a0:c0:3c:07:d4:91:86:71:fa:00:a3:8b:b0:f6:97:a0:37:a8:
a6:7d:29:bc:61:6d:56:b1:21:d1:44:77:3e:44:b0:cc:83:1a:
bd:82:06:a0:10:20:01:7e:e1:e9:a5:03:9c:84:34:9c:5f:66:
a9:ac:b2:6a:52:79:d5:cc:18:73:a9:24:c3:e0:20:93:97:ff:
69:ac:2c:e3:76:b4:21:99:d4:7e:87:e8:a2:bf:c0:05:62:db:
bc:ff:ad:87:a6:da:e6:5e:52:41:33:4e:66:bf:1f:93:3b:95:
05:b6:51:97:10:4d:bd:cb:d5:2e:b8:07:ac:ce:10:4f:29:57:
58:7b:b3:63:b0:76:32:75:af:8a:ad:13:f5:f7:e7:c9:20:34:
3a:d4:31:50:70:ad:96:bc:ba:f2:45:32:8f:aa:52:d6:e0:19:
7c:f3:9a:5c
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgICa8YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjUxMjAzMDI0MTM5WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE2MWQ5YS0xMzU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3mv3gahHFrl7VQ0Au1jJbdhJ9R2eagAWL7pq6kLVDTdtHCITDaIqLqVfndhw
j7BBvbl7DEnJYJolF97HYynGRMLJmjgwMKJi1sRZr30Thd408UfbrJqUogztBX8B
HwrF8a87kb3aVsiGQvBi06C7nnGTeGa6FG6WgrLtyU4Q1B8LU0jD4K1jwgfgnHO4
MNzm7yCHfbgDfZEt0TnywcVMvw6Xi0Kvy2BPt52/d+GSxLXiY88YuyyfK4EQSN3b
gqyogXdwlefwho6wZXzqIs2jvpjd2qRG+OM4fNEA1FbR1r69R5g5dbJ1xqN0q9hQ
hRxtL23U73FYNmAf07D+3dduGQIDAQABo4ICuDCCArQwHQYDVR0OBBYEFP0k4SvR
2eALuxX7fRA9l0ZZzkNdMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvOTc5MDUxQTBD
RkYxMTFGMDg0QkI1Mjc2QzRGOUFFMDIucm9hMHcGCCsGAQUFBwEHAQH/BGgwZjBK
BAIAATBEAwQBZ582AwQBZ6WQAwQCZ8cIAwQCZ9h8AwQFdHYAAwQCdHZAAwQDdHZI
AwQDdHZYAwQCnXf4MAwDBAK0XawDBAO0XbAwGAQCAAIwEgMHACABDffMAAMHACQE
74AAADANBgkqhkiG9w0BAQsFAAOCAQEADc8lJ8C1WrnqxkEsthiItXRUxk7guxeq
NSm99gtW7RK63gcR0U2wwOpe+4GsphoSxAKsh8mOJrkIr06Mgmzs7+iAKbYOkzpF
Dxw0dOJ+a87O8beZT6zKN+W+oMA8B9SRhnH6AKOLsPaXoDeopn0pvGFtVrEh0UR3
PkSwzIMavYIGoBAgAX7h6aUDnIQ0nF9mqayyalJ51cwYc6kkw+Agk5f/aaws43a0
IZnUfofoor/ABWLbvP+th6ba5l5SQTNOZr8fkzuVBbZRlxBNvcvVLrgHrM4QTylX
WHuzY7B2MnWviq0T9ffnySA0OtQxUHCtlry68kUyj6pS1uAZfPOaXA==
-----END CERTIFICATE-----
Generated at Sat Mar 7 22:47:07 2026 by rpki-client