Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/DD5934D2205011F0B603CD60C4F9AE02.roa
File: DD5934D2205011F0B603CD60C4F9AE02.roa (raw, json)
Hash identifier: /++4avAGoCpYbJyaRsuicwrnlNLfzvXmQxlDyJCu0UI=
Subject key identifier: 08:A3:D5:D6:97:C6:0A:91:A5:8E:88:69:9D:91:B0:EE:8C:AF:FD:EA
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 5E54
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/DD5934D2205011F0B603CD60C4F9AE02.roa
Signing time: Mon 02 Mar 2026 22:17:44 +0000
ROA not before: Thu 28 Aug 2025 14:54:56 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 149147
IP address blocks: 103.37.60.0/23 maxlen: 24
103.78.4.0/23 maxlen: 23
103.166.176.0/23 maxlen: 23
103.168.36.0/23 maxlen: 23
103.186.24.0/23 maxlen: 23
103.213.8.0/23 maxlen: 23
103.213.12.0/23 maxlen: 23
103.213.216.0/23 maxlen: 23
103.248.230.0/23 maxlen: 23
113.192.18.0/23 maxlen: 23
163.227.116.0/23 maxlen: 23
2001:df4:cfc0::/48 maxlen: 48
2001:df5:6640::/48 maxlen: 48
2401:2160::/48 maxlen: 48
2401:3820::/48 maxlen: 48
2401:3e20::/48 maxlen: 48
2401:3e60::/48 maxlen: 48
2401:3ee0::/48 maxlen: 48
2401:5820::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 13 Mar 2026 14:32:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24148 (0x5e54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Aug 28 14:54:56 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=69a60c87-a844
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:94:3b:be:9a:ff:f0:5c:b8:9d:f0:b6:49:84:
95:b4:41:2b:ca:74:ae:01:88:c8:13:80:37:f5:90:
59:ba:df:17:c3:a6:eb:6d:b8:27:38:fb:73:1f:0f:
2d:6a:c7:4f:62:78:10:05:d8:3c:39:35:1b:fa:dc:
bc:48:05:e9:2e:80:86:d0:06:8f:f6:fd:f0:2d:74:
3e:0c:87:cb:aa:1a:40:87:dc:2e:39:5b:c8:a0:92:
3a:4f:be:1e:23:c5:38:a6:23:46:79:19:40:87:a8:
63:fb:31:7d:19:ac:f9:79:01:fc:28:ea:6b:3a:89:
e1:4a:7e:9d:3a:3c:9e:c0:4c:63:1c:72:2b:23:68:
8b:9a:40:99:d3:5f:14:6a:b2:a3:db:97:b7:46:ad:
30:7d:92:43:ea:72:f7:8b:fd:2b:40:73:42:6f:c4:
a4:c9:a9:3b:d5:1d:60:fb:48:12:5f:59:10:0b:68:
95:40:26:c3:fa:b7:6b:9c:41:e6:ad:5b:04:03:fe:
1f:1c:03:c4:01:aa:0c:2d:a4:97:d9:61:3a:c1:26:
a7:fe:d8:6e:30:8f:61:28:77:52:53:a9:dd:09:bd:
eb:06:87:bd:cc:f4:12:82:bf:03:67:a3:6a:9a:bc:
8b:72:7d:96:f9:12:9b:9b:77:1d:ed:b7:6b:44:45:
7d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:A3:D5:D6:97:C6:0A:91:A5:8E:88:69:9D:91:B0:EE:8C:AF:FD:EA
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/DD5934D2205011F0B603CD60C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.37.60.0/23
103.78.4.0/23
103.166.176.0/23
103.168.36.0/23
103.186.24.0/23
103.213.8.0/23
103.213.12.0/23
103.213.216.0/23
103.248.230.0/23
113.192.18.0/23
163.227.116.0/23
IPv6:
2001:df4:cfc0::/48
2001:df5:6640::/48
2401:2160::/48
2401:3820::/48
2401:3e20::/48
2401:3e60::/48
2401:3ee0::/48
2401:5820::/48
Signature Algorithm: sha256WithRSAEncryption
77:39:8d:5b:9c:d8:5c:32:7d:1d:82:fa:84:1e:cd:84:a8:a8:
75:1d:ce:7d:f8:e5:61:f5:67:e9:94:94:01:59:1c:8b:1d:8d:
77:8f:95:1a:3b:fa:96:2a:22:c4:f4:2f:3c:c1:d7:45:ce:ae:
a0:0e:2c:ac:76:0e:6a:da:ad:78:51:e1:a7:d6:b2:bb:a7:3c:
e0:a7:45:b5:33:c0:9a:4c:df:ca:ef:b8:fd:2d:ce:fd:50:c3:
0d:8f:2a:38:14:68:ac:84:6c:1e:48:df:42:88:98:fb:eb:af:
d6:ef:db:af:5b:84:0d:a4:ec:0e:d5:0c:8a:4b:b0:cf:5f:18:
da:8d:3f:1a:22:66:f3:e5:e1:f5:4c:24:39:74:3e:a4:50:23:
e8:62:82:e0:dc:58:3c:a7:b8:2e:b2:ba:4f:56:dc:95:11:8a:
e6:34:0f:24:5a:c4:2b:59:c0:0d:fe:15:1d:72:7d:2f:ca:24:
d4:bb:e4:5c:57:c6:1f:de:26:49:43:8c:c9:a1:ce:7c:20:76:
77:c8:50:00:be:79:aa:f5:d8:59:3f:92:fc:41:c1:cf:eb:29:
63:ad:40:71:ba:be:1f:ec:5d:67:c2:e3:d9:ca:b0:fc:03:e6:
e1:12:6d:27:10:23:bf:31:cf:46:d6:22:13:48:3e:19:e0:41:
87:90:cf:b4
-----BEGIN CERTIFICATE-----
MIIFyzCCBLOgAwIBAgICXlQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjUwODI4MTQ1NDU2WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE2MGM4Ny1hODQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv5Q7vpr/8Fy4nfC2SYSVtEErynSuAYjIE4A39ZBZut8Xw6brbbgnOPtzHw8t
asdPYngQBdg8OTUb+ty8SAXpLoCG0AaP9v3wLXQ+DIfLqhpAh9wuOVvIoJI6T74e
I8U4piNGeRlAh6hj+zF9Gaz5eQH8KOprOonhSn6dOjyewExjHHIrI2iLmkCZ018U
arKj25e3Rq0wfZJD6nL3i/0rQHNCb8Skyak71R1g+0gSX1kQC2iVQCbD+rdrnEHm
rVsEA/4fHAPEAaoMLaSX2WE6wSan/thuMI9hKHdSU6ndCb3rBoe9zPQSgr8DZ6Nq
mryLcn2W+RKbm3cd7bdrREV93wIDAQABo4IC7zCCAuswHQYDVR0OBBYEFAij1daX
xgqRpY6IaZ2RsO6Mr/3qMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvREQ1OTM0RDIy
MDUwMTFGMEI2MDNDRDYwQzRGOUFFMDIucm9hMIGtBggrBgEFBQcBBwEB/wSBnTCB
mjBIBAIAATBCAwQBZyU8AwQBZ04EAwQBZ6awAwQBZ6gkAwQBZ7oYAwQBZ9UIAwQB
Z9UMAwQBZ9XYAwQBZ/jmAwQBccASAwQBo+N0ME4EAgACMEgDBwAgAQ30z8ADBwAg
AQ31ZkADBwAkASFgAAADBwAkATggAAADBwAkAT4gAAADBwAkAT5gAAADBwAkAT7g
AAADBwAkAVggAAAwDQYJKoZIhvcNAQELBQADggEBAHc5jVuc2FwyfR2C+oQezYSo
qHUdzn345WH1Z+mUlAFZHIsdjXePlRo7+pYqIsT0LzzB10XOrqAOLKx2DmrarXhR
4afWsrunPOCnRbUzwJpM38rvuP0tzv1Qww2PKjgUaKyEbB5I30KImPvrr9bv269b
hA2k7A7VDIpLsM9fGNqNPxoiZvPl4fVMJDl0PqRQI+higuDcWDynuC6yuk9W3JUR
iuY0DyRaxCtZwA3+FR1yfS/KJNS75FxXxh/eJklDjMmhznwgdnfIUAC+ear12Fk/
kvxBwc/rKWOtQHG6vh/sXWfC49nKsPwD5uESbScQI78xz0bWIhNIPhngQYeQz7Q=
-----END CERTIFICATE-----
Generated at Sat Mar 7 22:49:21 2026 by rpki-client