Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/A2836372A1C011EB9CD78934C4F9AE02.roa
File: A2836372A1C011EB9CD78934C4F9AE02.roa (raw, json)
Hash identifier: k1mKB52VJ5IsEfZ/o4wSJS1L92QX4XIrmf+Doq3hEzQ=
Subject key identifier: B1:36:53:20:D6:49:EC:00:C8:89:46:43:F0:34:2B:BE:F1:D2:EF:2E
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 6BD0
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/A2836372A1C011EB9CD78934C4F9AE02.roa
Signing time: Mon 02 Mar 2026 23:30:49 +0000
ROA not before: Mon 13 Oct 2025 08:16:56 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 63737
IP address blocks: 36.50.52.0/23 maxlen: 23
42.96.10.0/23 maxlen: 23
103.14.154.0/23 maxlen: 23
103.14.224.0/23 maxlen: 23
103.15.94.0/23 maxlen: 23
103.30.10.0/23 maxlen: 23
103.39.124.0/23 maxlen: 23
103.57.128.0/23 maxlen: 23
103.57.130.0/23 maxlen: 24
103.74.100.0/22 maxlen: 24
103.74.104.0/22 maxlen: 22
103.122.140.0/23 maxlen: 23
103.140.250.0/23 maxlen: 23
103.149.136.0/23 maxlen: 23
103.167.84.0/23 maxlen: 23
103.167.90.0/23 maxlen: 23
103.167.92.0/23 maxlen: 23
103.170.254.0/23 maxlen: 23
103.171.0.0/23 maxlen: 23
103.176.110.0/23 maxlen: 23
103.176.112.0/23 maxlen: 23
103.177.108.0/23 maxlen: 23
103.180.150.0/23 maxlen: 23
103.180.152.0/23 maxlen: 23
103.182.18.0/23 maxlen: 23
103.183.114.0/23 maxlen: 23
103.183.118.0/23 maxlen: 23
103.186.66.0/23 maxlen: 23
103.187.4.0/23 maxlen: 23
103.190.80.0/23 maxlen: 23
103.209.60.0/23 maxlen: 23
103.231.248.0/23 maxlen: 23
103.232.52.0/22 maxlen: 22
103.253.22.0/23 maxlen: 24
202.55.132.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 13 Mar 2026 14:32:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27600 (0x6bd0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Oct 13 08:16:56 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=69a61da9-5903
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ff:73:12:4a:66:6e:2c:23:18:e5:68:91:a0:
31:cf:d0:0f:db:93:8d:0e:9a:37:4b:f9:08:9c:79:
22:ff:fa:49:e8:cb:72:6d:d5:c4:b8:75:3b:8c:7a:
17:d0:53:ec:9a:e8:56:23:95:0c:f0:0a:76:f4:e1:
4f:8a:b5:3f:bd:ed:f2:c4:e0:fe:c8:9c:d1:5d:7d:
58:83:a4:12:1f:e7:bd:b2:06:97:67:06:eb:f5:f2:
85:f9:44:0c:40:1f:3f:c4:da:52:3e:af:50:4b:6d:
63:62:d6:66:f4:31:4a:12:90:e5:00:92:58:c6:b0:
49:8e:fe:f8:64:5a:75:5a:30:7a:02:2c:a8:d6:16:
7b:b5:8f:04:b5:b2:6a:4a:ae:ea:e8:24:49:db:2f:
46:31:70:b1:71:1e:c4:f1:91:4c:3d:d8:91:e7:0d:
ea:7f:33:ce:a2:cc:f7:8e:bf:d0:d4:8c:be:9f:79:
6e:05:8b:db:4f:b9:a6:ef:16:a1:f3:d0:7b:5f:4c:
2f:2a:0e:ef:0f:1d:a4:2b:68:ea:82:0d:99:87:b4:
d6:64:38:bf:79:ad:0a:9a:58:af:e7:ac:d4:dc:b3:
d8:77:2f:80:0c:ff:b9:ea:60:b3:26:ca:9b:97:2f:
23:2d:48:aa:ff:3a:1c:89:05:df:0d:59:9b:de:c2:
8c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:36:53:20:D6:49:EC:00:C8:89:46:43:F0:34:2B:BE:F1:D2:EF:2E
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/A2836372A1C011EB9CD78934C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
36.50.52.0/23
42.96.10.0/23
103.14.154.0/23
103.14.224.0/23
103.15.94.0/23
103.30.10.0/23
103.39.124.0/23
103.57.128.0/22
103.74.100.0-103.74.107.255
103.122.140.0/23
103.140.250.0/23
103.149.136.0/23
103.167.84.0/23
103.167.90.0-103.167.93.255
103.170.254.0-103.171.1.255
103.176.110.0-103.176.113.255
103.177.108.0/23
103.180.150.0-103.180.153.255
103.182.18.0/23
103.183.114.0/23
103.183.118.0/23
103.186.66.0/23
103.187.4.0/23
103.190.80.0/23
103.209.60.0/23
103.231.248.0/23
103.232.52.0/22
103.253.22.0/23
202.55.132.0/22
Signature Algorithm: sha256WithRSAEncryption
21:0a:89:41:29:44:fc:17:3c:88:8c:9f:5b:f4:00:2c:92:e7:
9f:8e:ad:87:d8:e4:7e:e5:99:57:9f:e5:9c:2c:80:e2:de:80:
7b:42:82:17:03:d4:f4:ce:4c:3d:0b:3a:53:49:52:84:df:20:
25:d0:7c:44:8c:c9:bb:33:d6:d3:6c:70:82:94:d9:fb:1e:d3:
5e:c3:85:c0:47:87:d5:9b:59:9e:fe:2b:9a:df:4d:7c:bf:c9:
99:e8:b7:35:e9:ce:2b:29:be:42:e9:ca:b7:9b:0e:35:a1:5e:
37:ec:00:d0:da:c9:46:09:37:b0:3e:6d:93:95:3f:15:f1:37:
15:b4:29:2d:f1:df:2b:2c:1b:e3:4d:7a:aa:09:49:0d:e6:e0:
97:34:32:52:3b:f7:0f:06:d1:d0:57:0b:fe:7a:fa:67:4f:e1:
dd:0c:65:fb:50:54:a1:a4:84:60:05:74:ba:bf:30:64:b5:9c:
5b:99:40:16:1a:89:4c:32:2b:9e:2c:0c:64:00:d3:c3:94:2e:
43:5f:7f:d7:ea:6a:bd:55:f3:aa:e6:15:93:03:10:7e:2c:44:
c7:62:0d:32:5c:15:05:fc:cf:e4:b2:49:3d:5f:fd:8c:e8:47:
16:9c:1a:9c:85:da:2c:08:26:88:d4:34:6c:74:19:89:c9:80:
bd:72:82:d5
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgICa9AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjUxMDEzMDgxNjU2WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE2MWRhOS01OTAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqf9zEkpmbiwjGOVokaAxz9AP25ONDpo3S/kInHki//pJ6MtybdXEuHU7jHoX
0FPsmuhWI5UM8Ap29OFPirU/ve3yxOD+yJzRXX1Yg6QSH+e9sgaXZwbr9fKF+UQM
QB8/xNpSPq9QS21jYtZm9DFKEpDlAJJYxrBJjv74ZFp1WjB6Aiyo1hZ7tY8EtbJq
Sq7q6CRJ2y9GMXCxcR7E8ZFMPdiR5w3qfzPOosz3jr/Q1Iy+n3luBYvbT7mm7xah
89B7X0wvKg7vDx2kK2jqgg2Zh7TWZDi/ea0Kmliv56zU3LPYdy+ADP+56mCzJsqb
ly8jLUiq/zociQXfDVmb3sKMUwIDAQABo4IDNTCCAzEwHQYDVR0OBBYEFLE2UyDW
SewAyIlGQ/A0K77x0u8uMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvQTI4MzYzNzJB
MUMwMTFFQjlDRDc4OTM0QzRGOUFFMDIucm9hMIHzBggrBgEFBQcBBwEB/wSB4zCB
4DCB3QQCAAEwgdYDBAEkMjQDBAEqYAoDBAFnDpoDBAFnDuADBAFnD14DBAFnHgoD
BAFnJ3wDBAJnOYAwDAMEAmdKZAMEAmdKaAMEAWd6jAMEAWeM+gMEAWeViAMEAWen
VDAMAwQBZ6daAwQBZ6dcMAwDBAFnqv4DBAFnqwAwDAMEAWewbgMEAWewcAMEAWex
bDAMAwQBZ7SWAwQBZ7SYAwQBZ7YSAwQBZ7dyAwQBZ7d2AwQBZ7pCAwQBZ7sEAwQB
Z75QAwQBZ9E8AwQBZ+f4AwQCZ+g0AwQBZ/0WAwQCyjeEMA0GCSqGSIb3DQEBCwUA
A4IBAQAhColBKUT8FzyIjJ9b9AAskuefjq2H2OR+5ZlXn+WcLIDi3oB7QoIXA9T0
zkw9CzpTSVKE3yAl0HxEjMm7M9bTbHCClNn7HtNew4XAR4fVm1me/iua3018v8mZ
6Lc16c4rKb5C6cq3mw41oV437ADQ2slGCTewPm2TlT8V8TcVtCkt8d8rLBvjTXqq
CUkN5uCXNDJSO/cPBtHQVwv+evpnT+HdDGX7UFShpIRgBXS6vzBktZxbmUAWGolM
MiueLAxkANPDlC5DX3/X6mq9VfOq5hWTAxB+LETHYg0yXBUF/M/kskk9X/2M6EcW
nBqchdosCCaI1DRsdBmJyYC9coLV
-----END CERTIFICATE-----
Generated at Sat Mar 7 22:45:24 2026 by rpki-client