Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/CD959F88062711F0B26BB948C4F9AE02.roa
File: CD959F88062711F0B26BB948C4F9AE02.roa (raw, json)
Hash identifier: jBNUys/GU4UqKq2dvyuk7NUgjLDNsr3DVUpzoKVZtnk=
Subject key identifier: 97:B1:93:EC:F6:1B:66:1D:D9:27:9F:F3:CD:39:4E:65:FA:B7:B8:54
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 5E73
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/CD959F88062711F0B26BB948C4F9AE02.roa
Signing time: Mon 02 Mar 2026 22:18:16 +0000
ROA not before: Thu 28 Aug 2025 14:55:24 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 150862
IP address blocks: 36.50.24.0/23 maxlen: 23
36.50.134.0/23 maxlen: 23
103.240.6.0/23 maxlen: 23
203.145.46.0/23 maxlen: 23
2001:df3:e6c0::/48 maxlen: 48
2001:df4:1c40::/48 maxlen: 48
2001:df4:2dc0::/48 maxlen: 48
2001:df4:3640::/48 maxlen: 48
2001:df4:36c0::/48 maxlen: 48
2001:df4:50c0::/48 maxlen: 48
2001:df4:63c0::/48 maxlen: 48
2001:df4:6440::/48 maxlen: 48
2001:df4:6840::/48 maxlen: 48
2001:df4:73c0::/48 maxlen: 48
2001:df4:8640::/48 maxlen: 48
2001:df4:8cc0::/48 maxlen: 48
2401:4120::/48 maxlen: 48
2401:5120::/48 maxlen: 48
2401:5b20::/48 maxlen: 48
2401:7160::/48 maxlen: 48
2401:71a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 13 Mar 2026 14:32:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24179 (0x5e73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Aug 28 14:55:24 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=69a60ca8-75ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:6f:7a:f8:02:09:88:7d:af:a6:a1:85:7a:83:
19:71:45:eb:f4:01:ba:d1:50:d9:93:12:09:69:4e:
37:70:84:36:24:42:34:74:cf:76:d0:a6:f7:95:be:
11:8f:03:c2:45:44:68:4c:19:39:62:4a:18:1e:16:
a8:f4:0d:5b:52:8c:ff:52:c0:68:58:9d:fb:d2:49:
dd:07:0f:ea:02:9f:09:5f:99:09:4a:6a:60:66:d6:
a5:69:22:63:b4:cd:5c:8b:c3:28:6f:e9:ee:ff:35:
83:1a:6c:e3:14:4c:61:fb:a4:5c:1d:75:f2:a7:4c:
34:7f:62:85:be:68:0d:f9:7d:ea:79:9e:64:cd:e7:
bf:15:ff:5c:74:66:18:9c:3e:8b:eb:3e:97:e9:2d:
ab:1b:14:b3:4f:c0:f7:68:52:13:14:a6:c3:16:77:
2a:41:2f:25:75:7a:f6:b0:14:76:9f:69:e0:bb:20:
b0:ae:a8:fa:88:14:33:9f:11:a9:aa:c6:f3:5c:cf:
05:d9:57:11:a1:40:3f:c4:af:4c:9b:66:26:77:61:
1a:fb:f3:b9:42:a4:92:6f:f8:d8:63:c0:32:67:e2:
89:25:a4:1d:aa:b7:88:2d:c7:ec:5d:01:0f:7b:f3:
eb:4e:47:8c:5f:7a:6e:d4:af:77:9b:6f:aa:b5:82:
b9:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:B1:93:EC:F6:1B:66:1D:D9:27:9F:F3:CD:39:4E:65:FA:B7:B8:54
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/CD959F88062711F0B26BB948C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
36.50.24.0/23
36.50.134.0/23
103.240.6.0/23
203.145.46.0/23
IPv6:
2001:df3:e6c0::/48
2001:df4:1c40::/48
2001:df4:2dc0::/48
2001:df4:3640::/48
2001:df4:36c0::/48
2001:df4:50c0::/48
2001:df4:63c0::/48
2001:df4:6440::/48
2001:df4:6840::/48
2001:df4:73c0::/48
2001:df4:8640::/48
2001:df4:8cc0::/48
2401:4120::/48
2401:5120::/48
2401:5b20::/48
2401:7160::/48
2401:71a0::/48
Signature Algorithm: sha256WithRSAEncryption
b5:78:ce:54:ff:b9:e3:09:00:be:f0:38:01:bf:83:e3:94:60:
8b:48:09:ca:57:22:4c:ca:58:65:1b:2e:bb:07:9a:de:45:1b:
9f:23:4b:c6:35:48:dd:82:6b:01:f3:62:9a:01:ef:68:bb:7d:
82:80:56:2c:4d:f9:b4:7a:71:1a:04:18:42:f6:ea:c8:9c:06:
cf:c4:10:31:3d:18:26:3d:ec:af:d7:4e:e7:d6:cd:89:32:71:
15:7d:3d:6c:ba:70:85:eb:e2:78:d9:98:ee:7b:45:a1:23:e2:
58:39:33:7f:91:a3:c3:e3:73:f8:48:b3:6b:30:4b:09:fa:aa:
97:37:f4:be:b0:ea:dd:a9:95:8a:a3:fa:81:72:a0:c3:fd:20:
f4:f2:60:a9:5a:4e:38:12:f2:31:fe:47:42:fd:cb:34:15:db:
56:ed:6a:69:06:44:0b:34:0f:c0:9b:fa:a1:f0:b2:9d:3c:3b:
77:dd:f9:99:42:28:91:69:01:3a:c3:b6:7e:eb:e8:11:af:63:
e7:d4:1b:ed:a6:0b:e0:56:93:13:b1:02:22:1b:6a:f2:ea:cf:
3d:ac:f3:1a:14:e7:a8:b0:6e:1d:c6:9a:84:33:9f:c9:e2:f9:
e3:7c:8d:9c:a1:4f:c7:38:aa:70:ce:5c:7b:a5:ab:d8:a3:5b:
31:b4:b7:52
-----BEGIN CERTIFICATE-----
MIIF9DCCBNygAwIBAgICXnMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjUwODI4MTQ1NTI0WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE2MGNhOC03NWVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1m96+AIJiH2vpqGFeoMZcUXr9AG60VDZkxIJaU43cIQ2JEI0dM920Kb3lb4R
jwPCRURoTBk5YkoYHhao9A1bUoz/UsBoWJ370kndBw/qAp8JX5kJSmpgZtalaSJj
tM1ci8Mob+nu/zWDGmzjFExh+6RcHXXyp0w0f2KFvmgN+X3qeZ5kzee/Ff9cdGYY
nD6L6z6X6S2rGxSzT8D3aFITFKbDFncqQS8ldXr2sBR2n2nguyCwrqj6iBQznxGp
qsbzXM8F2VcRoUA/xK9Mm2Ymd2Ea+/O5QqSSb/jYY8AyZ+KJJaQdqreILcfsXQEP
e/PrTkeMX3pu1K93m2+qtYK5iQIDAQABo4IDGDCCAxQwHQYDVR0OBBYEFJexk+z2
G2Yd2Sef8805TmX6t7hUMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvQ0Q5NTlGODgw
NjI3MTFGMEIyNkJCOTQ4QzRGOUFFMDIucm9hMIHWBggrBgEFBQcBBwEB/wSBxjCB
wzAeBAIAATAYAwQBJDIYAwQBJDKGAwQBZ/AGAwQBy5EuMIGgBAIAAjCBmQMHACAB
DfPmwAMHACABDfQcQAMHACABDfQtwAMHACABDfQ2QAMHACABDfQ2wAMHACABDfRQ
wAMHACABDfRjwAMHACABDfRkQAMHACABDfRoQAMHACABDfRzwAMHACABDfSGQAMH
ACABDfSMwAMHACQBQSAAAAMHACQBUSAAAAMHACQBWyAAAAMHACQBcWAAAAMHACQB
caAAADANBgkqhkiG9w0BAQsFAAOCAQEAtXjOVP+54wkAvvA4Ab+D45Rgi0gJylci
TMpYZRsuuwea3kUbnyNLxjVI3YJrAfNimgHvaLt9goBWLE35tHpxGgQYQvbqyJwG
z8QQMT0YJj3sr9dO59bNiTJxFX09bLpwhevieNmY7ntFoSPiWDkzf5Gjw+Nz+Eiz
azBLCfqqlzf0vrDq3amViqP6gXKgw/0g9PJgqVpOOBLyMf5HQv3LNBXbVu1qaQZE
CzQPwJv6ofCynTw7d935mUIokWkBOsO2fuvoEa9j59Qb7aYL4FaTE7ECIhtq8urP
PazzGhTnqLBuHcaahDOfyeL543yNnKFPxziqcM5ce6Wr2KNbMbS3Ug==
-----END CERTIFICATE-----
Generated at Sat Mar 7 22:47:05 2026 by rpki-client