Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7169/6233DD3EEBAE11EE8A0ED964C4F9AE02/FCF99042301011EFBC350682C4F9AE02.roa
File: FCF99042301011EFBC350682C4F9AE02.roa (raw, json)
Hash identifier: Gp1KX3pdnrlSvDAJ20hG9D6pIJ2t6fsfaUValhhyxHI=
Subject key identifier: CC:D7:87:E3:79:3F:EF:CC:63:59:5F:F9:7D:65:3C:D9:5F:35:71:C0
Certificate issuer: /CN=A91A7169/serialNumber=4042C2490D7DAFEC3320316ED5AA74E0BECAA9A9
Certificate serial: 01EF
Authority key identifier: 40:42:C2:49:0D:7D:AF:EC:33:20:31:6E:D5:AA:74:E0:BE:CA:A9:A9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QELCSQ19r-wzIDFu1ap04L7Kqak.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A7169/6233DD3EEBAE11EE8A0ED964C4F9AE02/FCF99042301011EFBC350682C4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:17:41 +0000
ROA not before: Thu 15 Jan 2026 21:37:22 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 53813
IP address blocks: 167.103.2.0/23 maxlen: 24
167.103.4.0/23 maxlen: 24
167.103.6.0/23 maxlen: 24
167.103.8.0/23 maxlen: 24
167.103.10.0/23 maxlen: 24
167.103.12.0/23 maxlen: 24
167.103.14.0/23 maxlen: 24
167.103.16.0/23 maxlen: 24
167.103.18.0/23 maxlen: 24
167.103.20.0/23 maxlen: 24
167.103.22.0/23 maxlen: 24
167.103.24.0/23 maxlen: 24
167.103.26.0/23 maxlen: 24
167.103.28.0/23 maxlen: 24
167.103.30.0/23 maxlen: 24
167.103.32.0/23 maxlen: 24
167.103.34.0/23 maxlen: 24
167.103.36.0/24 maxlen: 24
167.103.37.0/24 maxlen: 24
167.103.38.0/24 maxlen: 24
167.103.39.0/24 maxlen: 24
167.103.40.0/24 maxlen: 24
167.103.41.0/24 maxlen: 24
167.103.42.0/23 maxlen: 24
167.103.44.0/23 maxlen: 24
167.103.46.0/23 maxlen: 24
167.103.48.0/24 maxlen: 24
167.103.49.0/24 maxlen: 24
167.103.54.0/23 maxlen: 24
167.103.56.0/23 maxlen: 24
167.103.58.0/23 maxlen: 24
167.103.60.0/23 maxlen: 24
167.103.62.0/23 maxlen: 24
167.103.64.0/23 maxlen: 24
167.103.66.0/23 maxlen: 24
167.103.68.0/23 maxlen: 24
167.103.70.0/23 maxlen: 24
167.103.72.0/23 maxlen: 24
167.103.74.0/23 maxlen: 24
167.103.76.0/23 maxlen: 24
167.103.78.0/23 maxlen: 24
167.103.80.0/23 maxlen: 24
167.103.82.0/23 maxlen: 24
167.103.84.0/24 maxlen: 24
167.103.85.0/24 maxlen: 24
167.103.86.0/24 maxlen: 24
167.103.87.0/24 maxlen: 24
167.103.88.0/23 maxlen: 24
167.103.96.0/23 maxlen: 24
167.103.98.0/23 maxlen: 24
167.103.100.0/23 maxlen: 24
167.103.102.0/23 maxlen: 24
167.103.110.0/24 maxlen: 24
167.103.111.0/24 maxlen: 24
167.103.112.0/23 maxlen: 24
167.103.114.0/23 maxlen: 24
167.103.116.0/23 maxlen: 24
167.103.118.0/23 maxlen: 24
167.103.120.0/23 maxlen: 24
167.103.122.0/23 maxlen: 24
167.103.124.0/23 maxlen: 24
167.103.126.0/23 maxlen: 24
167.103.132.0/23 maxlen: 24
167.103.134.0/23 maxlen: 24
167.103.136.0/23 maxlen: 24
167.103.138.0/23 maxlen: 24
167.103.140.0/23 maxlen: 24
167.103.142.0/23 maxlen: 24
167.103.144.0/23 maxlen: 24
167.103.146.0/23 maxlen: 24
167.103.154.0/23 maxlen: 24
167.103.156.0/23 maxlen: 24
167.103.158.0/23 maxlen: 24
167.103.160.0/23 maxlen: 24
167.103.162.0/23 maxlen: 24
167.103.164.0/23 maxlen: 24
167.103.166.0/23 maxlen: 24
167.103.186.0/23 maxlen: 24
167.103.188.0/23 maxlen: 24
167.103.190.0/23 maxlen: 24
167.103.192.0/23 maxlen: 24
167.103.196.0/23 maxlen: 24
167.103.198.0/23 maxlen: 24
167.103.200.0/23 maxlen: 24
167.103.202.0/23 maxlen: 24
167.103.204.0/23 maxlen: 24
167.103.206.0/23 maxlen: 24
167.103.208.0/23 maxlen: 24
167.103.210.0/23 maxlen: 24
167.103.212.0/23 maxlen: 24
167.103.214.0/23 maxlen: 24
167.103.216.0/23 maxlen: 24
167.103.228.0/23 maxlen: 24
167.103.230.0/23 maxlen: 24
167.103.232.0/23 maxlen: 24
167.103.234.0/23 maxlen: 24
167.103.248.0/23 maxlen: 24
167.103.250.0/23 maxlen: 24
167.103.252.0/23 maxlen: 24
167.103.254.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A7169/6233DD3EEBAE11EE8A0ED964C4F9AE02/QELCSQ19r-wzIDFu1ap04L7Kqak.crl
rsync://rpki.apnic.net/member_repository/A91A7169/6233DD3EEBAE11EE8A0ED964C4F9AE02/QELCSQ19r-wzIDFu1ap04L7Kqak.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QELCSQ19r-wzIDFu1ap04L7Kqak.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 18 Mar 2026 03:42:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 495 (0x1ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A7169, serialNumber=4042C2490D7DAFEC3320316ED5AA74E0BECAA9A9
Validity
Not Before: Jan 15 21:37:22 2026 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=69a474b5-4d7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f4:ef:dc:23:3d:a2:b8:62:a6:dc:f2:6a:89:
5b:f7:7b:35:ea:27:7c:f5:b5:b6:41:3a:54:2a:21:
d4:8b:76:ac:29:d3:6c:7d:f1:b9:8a:ac:7b:60:34:
cd:7a:83:d9:bd:ac:cc:58:e8:d1:30:87:e4:d7:4d:
84:85:f4:63:86:ba:56:2c:b6:2a:81:5f:5f:3c:9a:
0c:73:66:72:b5:60:d2:9f:30:73:4a:a2:74:4b:55:
00:c8:8e:7c:cf:36:c5:50:2d:82:46:c5:69:1a:6d:
71:ba:d9:ca:be:5e:04:79:c3:db:6e:e8:91:87:51:
f1:5b:f3:07:70:97:65:be:8b:8c:95:cd:2e:78:e7:
d1:fc:f4:ed:00:c5:5d:6a:30:75:15:9e:8f:da:4f:
c1:b9:e4:88:0e:ab:16:7a:41:57:3f:be:4c:17:9d:
e6:f9:24:d7:81:cf:5c:08:4b:c9:30:33:ac:2c:13:
f9:fb:a4:14:e8:8e:14:90:b8:18:f6:c3:36:69:05:
cc:03:c8:57:72:c3:10:8f:c4:98:a3:e5:df:58:d7:
f2:c9:e1:6c:10:88:6e:52:02:c0:fa:2c:4f:4b:38:
ab:4f:d0:1a:09:96:60:29:d6:76:b9:98:c5:a5:9c:
fd:85:ea:ae:96:5d:36:09:09:b0:a5:90:f7:76:00:
34:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:D7:87:E3:79:3F:EF:CC:63:59:5F:F9:7D:65:3C:D9:5F:35:71:C0
X509v3 Authority Key Identifier:
keyid:40:42:C2:49:0D:7D:AF:EC:33:20:31:6E:D5:AA:74:E0:BE:CA:A9:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A7169/6233DD3EEBAE11EE8A0ED964C4F9AE02/QELCSQ19r-wzIDFu1ap04L7Kqak.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/QELCSQ19r-wzIDFu1ap04L7Kqak.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7169/6233DD3EEBAE11EE8A0ED964C4F9AE02/FCF99042301011EFBC350682C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
167.103.2.0-167.103.49.255
167.103.54.0-167.103.89.255
167.103.96.0/21
167.103.110.0-167.103.127.255
167.103.132.0-167.103.147.255
167.103.154.0-167.103.167.255
167.103.186.0-167.103.193.255
167.103.196.0-167.103.217.255
167.103.228.0-167.103.235.255
167.103.248.0/21
Signature Algorithm: sha256WithRSAEncryption
7a:91:ad:d8:b6:1e:3b:7e:27:02:5d:aa:71:a5:bb:b2:8d:db:
9b:b5:14:2f:15:dd:b4:9d:a6:ff:02:fe:a6:ec:8c:ee:77:fd:
fb:7c:31:78:92:df:70:49:e9:74:13:f2:de:ea:ad:45:eb:0d:
b9:20:e9:1d:3c:4e:ae:d2:8a:ef:2f:6b:bc:1d:06:ef:98:39:
73:6c:cf:c3:0c:6f:2b:3c:f9:31:a2:2c:bc:3c:70:d5:e5:bc:
51:1c:41:78:e8:45:7b:10:c0:f3:08:6e:17:db:10:e1:11:ef:
7a:79:21:d1:64:96:9c:ee:d9:3a:91:67:ad:5d:61:06:c0:1a:
44:0f:35:dc:86:fd:ea:6d:f4:2f:fe:e5:46:9b:1e:3f:0c:2e:
59:d5:b1:51:e1:be:da:de:e2:b5:13:45:3c:12:d6:88:dd:12:
06:ef:0e:6c:16:37:21:87:c3:9c:91:8c:c1:8f:9a:8e:33:b4:
0e:f0:8f:1e:8a:ea:14:01:ce:c9:aa:2a:96:99:f7:d8:28:f2:
52:10:15:56:cb:6e:e6:12:7e:97:a5:2e:76:12:8d:be:a8:14:
61:60:0a:a9:61:ba:47:e3:16:61:ef:1d:13:21:27:80:39:bc:
95:3e:ac:9c:15:f5:a9:33:99:7f:07:63:99:19:fc:2b:44:6d:
9f:b4:65:e1
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgICAe8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTcxNjkxMTAvBgNVBAUTKDQwNDJDMjQ5MEQ3REFGRUMzMzIwMzE2RUQ1QUE3NEUw
QkVDQUE5QTkwHhcNMjYwMTE1MjEzNzIyWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NzRiNS00ZDdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz/Tv3CM9orhiptzyaolb93s16id89bW2QTpUKiHUi3asKdNsffG5iqx7YDTN
eoPZvazMWOjRMIfk102EhfRjhrpWLLYqgV9fPJoMc2ZytWDSnzBzSqJ0S1UAyI58
zzbFUC2CRsVpGm1xutnKvl4EecPbbuiRh1HxW/MHcJdlvouMlc0ueOfR/PTtAMVd
ajB1FZ6P2k/BueSIDqsWekFXP75MF53m+STXgc9cCEvJMDOsLBP5+6QU6I4UkLgY
9sM2aQXMA8hXcsMQj8SYo+XfWNfyyeFsEIhuUgLA+ixPSzirT9AaCZZgKdZ2uZjF
pZz9hequll02CQmwpZD3dgA05wIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFMzXh+N5
P+/MY1lf+X1lPNlfNXHAMB8GA1UdIwQYMBaAFEBCwkkNfa/sMyAxbtWqdOC+yqmp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNzE2OS82MjMzREQzRUVC
QUUxMUVFOEEwRUQ5NjRDNEY5QUUwMi9RRUxDU1ExOXItd3pJREZ1MWFwMDRMN0tx
YWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1FFTENTUTE5ci13eklERnUxYXAwNEw3S3Fhay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTcxNjkvNjIzM0REM0VFQkFFMTFFRThBMEVEOTY0QzRGOUFFMDIvRkNGOTkwNDIz
MDEwMTFFRkJDMzUwNjgyQzRGOUFFMDIucm9hMIGYBggrBgEFBQcBBwEB/wSBiDCB
hTCBggQCAAEwfDAMAwQBp2cCAwQBp2cwMAwDBAGnZzYDBAGnZ1gDBAOnZ2AwDAME
AadnbgMEB6dnADAMAwQCp2eEAwQCp2eQMAwDBAGnZ5oDBAOnZ6AwDAMEAadnugME
AadnwDAMAwQCp2fEAwQBp2fYMAwDBAKnZ+QDBAKnZ+gDBAOnZ/gwDQYJKoZIhvcN
AQELBQADggEBAHqRrdi2Hjt+JwJdqnGlu7KN25u1FC8V3bSdpv8C/qbsjO53/ft8
MXiS33BJ6XQT8t7qrUXrDbkg6R08Tq7Siu8va7wdBu+YOXNsz8MMbys8+TGiLLw8
cNXlvFEcQXjoRXsQwPMIbhfbEOER73p5IdFklpzu2TqRZ61dYQbAGkQPNdyG/ept
9C/+5UabHj8MLlnVsVHhvtre4rUTRTwS1ojdEgbvDmwWNyGHw5yRjMGPmo4ztA7w
jx6K6hQBzsmqKpaZ99go8lIQFVbLbuYSfpelLnYSjb6oFGFgCqlhukfjFmHvHRMh
J4A5vJU+rJwV9akzmX8HY5kZ/CtEbZ+0ZeE=
-----END CERTIFICATE-----
Generated at Thu Mar 12 17:16:53 2026 by rpki-client