Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/82BB885E4B9811EB85F74960C4F9AE02.roa
File: 82BB885E4B9811EB85F74960C4F9AE02.roa (raw, json)
Hash identifier: +r+gvF4pkq6hFHbY+ZoaIiUoalmLLSMykW5BxcQDeFU=
Subject key identifier: CC:93:FA:86:85:9D:63:86:B6:32:8B:49:8E:8C:7B:7D:8D:9D:D3:C9
Certificate issuer: /CN=A91AB20B/serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808
Certificate serial: 0885
Authority key identifier: 5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/82BB885E4B9811EB85F74960C4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:28:53 +0000
ROA not before: Tue 02 Sep 2025 21:42:12 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 38193
IP address blocks: 103.86.38.0/24 maxlen: 24
103.92.20.0/22 maxlen: 24
110.93.192.0/18 maxlen: 23
110.93.192.0/24 maxlen: 24
110.93.194.0/23 maxlen: 24
110.93.196.0/22 maxlen: 24
110.93.200.0/21 maxlen: 24
110.93.208.0/21 maxlen: 24
110.93.216.0/22 maxlen: 24
110.93.220.0/23 maxlen: 24
110.93.222.0/24 maxlen: 24
110.93.224.0/23 maxlen: 24
110.93.229.0/24 maxlen: 24
110.93.231.0/24 maxlen: 24
110.93.232.0/22 maxlen: 24
110.93.238.0/23 maxlen: 24
110.93.241.0/24 maxlen: 24
110.93.242.0/23 maxlen: 24
110.93.248.0/21 maxlen: 24
117.20.16.0/20 maxlen: 23
117.20.16.0/21 maxlen: 24
117.20.24.0/22 maxlen: 24
117.20.28.0/24 maxlen: 24
117.20.30.0/23 maxlen: 24
119.63.128.0/20 maxlen: 23
119.63.128.0/21 maxlen: 24
119.63.136.0/23 maxlen: 24
119.63.140.0/22 maxlen: 24
221.132.112.0/21 maxlen: 23
221.132.112.0/22 maxlen: 24
221.132.116.0/23 maxlen: 24
221.132.118.0/24 maxlen: 24
2404:d400::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl
rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 13 Mar 2026 20:46:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2181 (0x885)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AB20B, serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808
Validity
Not Before: Sep 2 21:42:12 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=69a47755-4c3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:06:b0:5e:af:38:59:91:55:f7:af:cd:5d:19:
0f:35:7f:3c:6e:f6:e9:8d:cc:26:e2:50:7c:18:23:
c1:f9:52:2d:48:84:8c:f4:82:ee:f0:35:4f:9b:a7:
9b:1f:62:b2:33:8b:34:cc:24:2c:b0:76:b7:00:9c:
df:60:4d:98:d1:f8:99:e7:66:da:90:6e:09:1b:eb:
7e:f3:6b:23:16:eb:ba:f4:c6:75:26:c2:5d:7b:4a:
b7:3a:d9:f3:0d:95:50:59:55:b8:f5:03:89:bb:da:
76:c6:6a:9b:1f:cc:a9:c8:0c:a4:43:95:f4:52:be:
71:4f:44:0d:70:e6:1b:3d:6f:c3:56:58:ba:0d:a0:
c5:7d:36:91:a9:17:58:ed:db:b3:26:18:e9:c7:15:
68:33:e9:a1:8b:a3:d2:ec:68:92:3b:36:00:2c:fa:
67:3e:22:2c:76:d4:54:09:3d:da:2f:17:09:90:d6:
53:5e:67:11:77:73:0f:d5:69:64:4a:97:d9:b5:78:
5e:07:13:ed:d5:c9:39:bb:a8:7c:cd:8a:51:64:8c:
61:04:fa:1e:b9:c4:aa:06:3a:eb:4f:e9:0a:cc:10:
f8:52:a1:9e:97:a1:99:02:eb:e4:43:2b:85:ae:fe:
bc:4f:0e:a9:32:61:c0:31:df:b5:01:cd:96:6b:2e:
27:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:93:FA:86:85:9D:63:86:B6:32:8B:49:8E:8C:7B:7D:8D:9D:D3:C9
X509v3 Authority Key Identifier:
keyid:5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/82BB885E4B9811EB85F74960C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.86.38.0/24
103.92.20.0/22
110.93.192.0/18
117.20.16.0/20
119.63.128.0/20
221.132.112.0/21
IPv6:
2404:d400::/32
Signature Algorithm: sha256WithRSAEncryption
51:83:28:db:ef:8a:98:72:b6:4f:93:37:91:b4:4d:90:36:6a:
36:e6:3a:01:0e:d2:c3:ce:e8:fb:55:7b:7a:7d:b7:fb:24:b2:
51:b6:3e:eb:63:63:da:08:b7:41:b0:21:cb:31:c1:3c:8e:d1:
4c:f1:a1:3f:ce:af:7a:fb:b8:43:d3:d7:dd:cc:81:d1:67:3b:
b4:37:32:64:89:da:96:78:7c:bd:bb:8f:a4:d0:9f:45:04:dc:
15:2f:3e:99:f5:a2:84:89:16:03:f7:9f:0e:eb:34:ed:10:6d:
ab:07:7e:ff:7c:27:6c:91:83:ad:67:e2:1e:af:ee:cc:1b:28:
a1:8c:9b:86:8e:f2:81:99:9a:51:fb:7d:5b:02:5f:4c:a6:b7:
c8:12:80:63:66:ed:c0:13:40:c9:60:9c:82:cd:ab:de:99:99:
2f:17:da:42:97:88:6f:a9:ac:ad:e7:b2:aa:7a:8a:30:47:fa:
de:b0:4a:8a:72:5f:ab:e9:8a:9d:8a:6b:d3:3c:5f:8e:ea:9a:
7d:b3:7b:7b:a6:5c:1d:e9:2e:d3:96:48:45:d6:ce:bb:b1:7b:
f5:da:60:13:88:a1:cd:73:c3:54:28:93:ac:63:ab:8c:fb:20:
c9:ea:d8:7b:b6:84:59:b8:d4:8c:ae:ce:aa:19:eb:83:b6:b2:
65:a5:fd:ea
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgICCIUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUIyMEIxMTAvBgNVBAUTKDVFQzFBNkFENzZBM0FCRkRDMUUxMzI5RUIyNjM3QzAx
ODY0QjQ4MDgwHhcNMjUwOTAyMjE0MjEyWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0Nzc1NS00YzNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0QawXq84WZFV96/NXRkPNX88bvbpjcwm4lB8GCPB+VItSISM9ILu8DVPm6eb
H2KyM4s0zCQssHa3AJzfYE2Y0fiZ52bakG4JG+t+82sjFuu69MZ1JsJde0q3Otnz
DZVQWVW49QOJu9p2xmqbH8ypyAykQ5X0Ur5xT0QNcOYbPW/DVli6DaDFfTaRqRdY
7duzJhjpxxVoM+mhi6PS7GiSOzYALPpnPiIsdtRUCT3aLxcJkNZTXmcRd3MP1Wlk
SpfZtXheBxPt1ck5u6h8zYpRZIxhBPoeucSqBjrrT+kKzBD4UqGel6GZAuvkQyuF
rv68Tw6pMmHAMd+1Ac2Way4nAwIDAQABo4ICjTCCAokwHQYDVR0OBBYEFMyT+oaF
nWOGtjKLSY6Me32NndPJMB8GA1UdIwQYMBaAFF7Bpq12o6v9weEynrJjfAGGS0gI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjIwQi9CQTcxQjY0ODEy
MDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFfM0I0VEtlc21OOEFZWkxT
QWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hzR21yWGFqcV8zQjRUS2VzbU44QVlaTFNBZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUIyMEIvQkE3MUI2NDgxMjAzMTFFQkJBQTE5NDE0QzRGOUFFMDIvODJCQjg4NUU0
Qjk4MTFFQjg1Rjc0OTYwQzRGOUFFMDIucm9hMEwGCCsGAQUFBwEHAQH/BD0wOzAq
BAIAATAkAwQAZ1YmAwQCZ1wUAwQGbl3AAwQEdRQQAwQEdz+AAwQD3YRwMA0EAgAC
MAcDBQAkBNQAMA0GCSqGSIb3DQEBCwUAA4IBAQBRgyjb74qYcrZPkzeRtE2QNmo2
5joBDtLDzuj7VXt6fbf7JLJRtj7rY2PaCLdBsCHLMcE8jtFM8aE/zq96+7hD09fd
zIHRZzu0NzJkidqWeHy9u4+k0J9FBNwVLz6Z9aKEiRYD958O6zTtEG2rB37/fCds
kYOtZ+Ier+7MGyihjJuGjvKBmZpR+31bAl9MprfIEoBjZu3AE0DJYJyCzavemZkv
F9pCl4hvqayt57KqeoowR/resEqKcl+r6YqdimvTPF+O6pp9s3t7plwd6S7TlkhF
1s67sXv12mATiKHNc8NUKJOsY6uM+yDJ6th7toRZuNSMrs6qGeuDtrJlpf3q
-----END CERTIFICATE-----
Generated at Sun Mar 8 10:03:54 2026 by rpki-client