Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/2EA5CD40F87911F0BB9C431B4E6F56BC.roa
File: 2EA5CD40F87911F0BB9C431B4E6F56BC.roa (raw, json)
Hash identifier: +d4B26Na8POcAIMEDHE80hyVEMg/1Er/8leTiDirXLU=
Subject key identifier: 34:96:50:5D:CD:E5:77:F7:C7:BD:EF:71:64:F7:65:8D:94:76:8C:76
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 36F9
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/2EA5CD40F87911F0BB9C431B4E6F56BC.roa
Signing time: Tue 03 Mar 2026 04:32:39 +0000
ROA not before: Tue 03 Mar 2026 04:32:39 +0000
ROA not after: Tue 02 Mar 2027 00:00:00 +0000
asID: 23750
IP address blocks: 103.207.84.0/24 maxlen: 24
103.207.86.0/24 maxlen: 24
103.207.87.0/24 maxlen: 24
116.90.100.0/24 maxlen: 24
116.90.106.0/24 maxlen: 24
116.90.107.0/24 maxlen: 24
116.90.108.0/24 maxlen: 24
116.90.109.0/24 maxlen: 24
116.90.110.0/24 maxlen: 24
116.90.111.0/24 maxlen: 24
116.90.120.0/24 maxlen: 24
116.90.123.0/24 maxlen: 24
116.90.124.0/24 maxlen: 24
116.90.125.0/24 maxlen: 24
116.90.126.0/24 maxlen: 24
116.90.127.0/24 maxlen: 24
121.46.64.0/24 maxlen: 24
121.46.65.0/24 maxlen: 24
121.46.66.0/24 maxlen: 24
202.69.32.0/24 maxlen: 24
202.69.33.0/24 maxlen: 24
202.69.34.0/24 maxlen: 24
202.69.35.0/24 maxlen: 24
202.69.36.0/24 maxlen: 24
202.69.37.0/24 maxlen: 24
202.69.38.0/24 maxlen: 24
202.69.39.0/24 maxlen: 24
202.69.40.0/24 maxlen: 24
202.69.41.0/24 maxlen: 24
202.69.42.0/24 maxlen: 24
202.69.43.0/24 maxlen: 24
202.69.44.0/24 maxlen: 24
202.69.45.0/24 maxlen: 24
202.69.46.0/24 maxlen: 24
202.69.47.0/24 maxlen: 24
202.69.48.0/24 maxlen: 24
202.69.49.0/24 maxlen: 24
202.69.50.0/24 maxlen: 24
202.69.51.0/24 maxlen: 24
202.69.52.0/24 maxlen: 24
202.69.53.0/24 maxlen: 24
202.69.54.0/24 maxlen: 24
202.69.55.0/24 maxlen: 24
202.69.56.0/24 maxlen: 24
202.69.57.0/24 maxlen: 24
202.69.58.0/24 maxlen: 24
202.69.59.0/24 maxlen: 24
202.69.60.0/24 maxlen: 24
202.69.61.0/24 maxlen: 24
202.69.62.0/24 maxlen: 24
202.69.63.0/24 maxlen: 24
202.142.144.0/24 maxlen: 24
202.142.145.0/24 maxlen: 24
202.142.146.0/24 maxlen: 24
202.142.147.0/24 maxlen: 24
202.142.148.0/24 maxlen: 24
202.142.149.0/24 maxlen: 24
202.142.150.0/24 maxlen: 24
202.142.152.0/24 maxlen: 24
202.142.153.0/24 maxlen: 24
202.142.154.0/24 maxlen: 24
202.142.156.0/24 maxlen: 24
202.142.157.0/24 maxlen: 24
202.142.158.0/24 maxlen: 24
202.142.159.0/24 maxlen: 24
2406:ac00:1::/48 maxlen: 48
2406:ac00:2::/48 maxlen: 48
2406:ac00:203::/48 maxlen: 48
2406:ac00:204::/48 maxlen: 48
2406:ac00:205::/48 maxlen: 48
2406:ac00:206::/48 maxlen: 48
2406:ac00:207::/48 maxlen: 48
2406:ac00:208::/48 maxlen: 48
2406:ac00:209::/48 maxlen: 48
2406:ac00:300::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 19 Mar 2026 14:28:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14073 (0x36f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E, serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Validity
Not Before: Mar 3 04:32:39 2026 GMT
Not After : Mar 2 00:00:00 2027 GMT
Subject: CN=69a66467-6d6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e9:0a:04:0d:d0:e9:6b:90:d5:02:27:07:6c:
97:0d:f1:85:0f:09:e9:00:f3:21:3a:80:96:94:6d:
3f:b5:cd:e5:9a:6c:75:1a:2d:b9:c0:a0:0c:35:ec:
04:cd:3b:2d:a1:30:74:0d:e5:b8:b2:1f:44:e4:ee:
98:50:b5:5e:cd:f2:c0:b0:37:fd:d8:cd:4b:42:7b:
59:bd:6f:89:10:22:d7:f5:e1:f7:7e:3e:62:2d:b9:
13:1b:21:b1:f2:ec:3c:4b:7b:31:66:49:42:0c:cf:
ea:80:0f:e6:5c:ff:a6:e0:2f:68:39:ef:63:66:08:
12:f0:c0:73:7f:79:e4:22:3e:4a:45:b1:d8:43:03:
5e:2d:98:4b:ee:04:0c:6a:8e:f3:b3:05:08:43:f5:
97:ca:de:14:52:32:5d:29:85:42:e9:38:1b:79:dc:
ed:56:08:23:30:80:a9:cd:89:d0:b8:ce:5b:c5:ba:
ed:d5:fc:64:4d:80:b3:6b:88:d7:29:44:c1:91:ff:
5c:c4:86:9c:db:a0:60:70:6d:b1:9f:ba:30:06:4e:
3d:29:a0:b3:a4:42:4a:56:53:ba:8a:48:a1:75:c4:
c9:10:08:85:aa:bf:34:be:27:c8:35:ef:54:0d:21:
a4:9e:38:fd:80:00:76:14:66:b1:33:f0:4e:80:33:
2c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:96:50:5D:CD:E5:77:F7:C7:BD:EF:71:64:F7:65:8D:94:76:8C:76
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/2EA5CD40F87911F0BB9C431B4E6F56BC.roa
sbgp-ipAddrBlock: critical
IPv4:
103.207.84.0/24
103.207.86.0/23
116.90.100.0/24
116.90.106.0-116.90.111.255
116.90.120.0/24
116.90.123.0-116.90.127.255
121.46.64.0-121.46.66.255
202.69.32.0/19
202.142.144.0-202.142.150.255
202.142.152.0-202.142.154.255
202.142.156.0/22
IPv6:
2406:ac00:1::-2406:ac00:2:ffff:ffff:ffff:ffff:ffff
2406:ac00:203::-2406:ac00:209:ffff:ffff:ffff:ffff:ffff
2406:ac00:300::/48
Signature Algorithm: sha256WithRSAEncryption
96:b7:03:ff:b1:76:5f:20:8d:2c:28:72:19:6f:d2:5c:46:c6:
35:77:28:2d:ec:ff:2d:cf:e3:a0:79:32:a4:ad:cb:c3:0b:f5:
aa:b3:b9:8b:65:69:73:be:a5:4d:8b:26:47:8d:01:db:cf:85:
7f:c2:3c:54:03:2b:1d:aa:0b:6d:f1:95:a1:1b:75:d3:f0:47:
b9:99:07:9b:ed:3b:6f:e8:0c:71:0b:32:91:17:e8:20:d3:80:
f5:54:00:67:3e:26:22:bd:ae:3d:cd:ad:d4:8d:ac:00:5f:93:
5d:bf:2a:aa:fa:bb:40:91:6e:56:03:2c:d9:9c:7c:97:8c:54:
7e:cf:00:60:76:5a:32:6c:b6:ca:81:9f:1c:5f:63:7f:76:ca:
29:39:1b:86:d9:d8:8a:48:ba:7c:a8:74:f3:c6:1c:1e:d5:e9:
a1:a5:3e:7c:2c:02:9d:0b:0a:be:07:64:4a:54:1b:eb:e6:08:
b7:e0:c0:c7:d3:9b:71:1b:5a:93:85:65:45:43:65:e3:41:6f:
a8:35:12:35:86:c1:65:6b:6a:28:5b:d0:46:fa:19:94:d2:7f:
84:85:5c:09:44:37:8c:40:1e:f4:06:72:8a:81:05:cd:a8:7f:
e7:c3:bc:d1:77:28:63:40:99:61:f5:d8:a9:d0:67:b8:d1:1e:
18:5b:8c:73
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgICNvkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjYwMzAzMDQzMjM5WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE2NjQ2Ny02ZDZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAi+kKBA3Q6WuQ1QInB2yXDfGFDwnpAPMhOoCWlG0/tc3lmmx1Gi25wKAMNewE
zTstoTB0DeW4sh9E5O6YULVezfLAsDf92M1LQntZvW+JECLX9eH3fj5iLbkTGyGx
8uw8S3sxZklCDM/qgA/mXP+m4C9oOe9jZggS8MBzf3nkIj5KRbHYQwNeLZhL7gQM
ao7zswUIQ/WXyt4UUjJdKYVC6TgbedztVggjMICpzYnQuM5bxbrt1fxkTYCza4jX
KUTBkf9cxIac26BgcG2xn7owBk49KaCzpEJKVlO6ikihdcTJEAiFqr80vifINe9U
DSGknjj9gAB2FGaxM/BOgDMsUwIDAQABo4IDADCCAvwwHQYDVR0OBBYEFDSWUF3N
5Xf3x73vcWT3ZY2Udox2MB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvMkVBNUNENDBG
ODc5MTFGMEJCOUM0MzFCNEU2RjU2QkMucm9hMIG+BggrBgEFBQcBBwEB/wSBrjCB
qzBwBAIAATBqAwQAZ89UAwQBZ89WAwQAdFpkMAwDBAF0WmoDBAR0WmADBAB0Wngw
DAMEAHRaewMEB3RaADAMAwQGeS5AAwQAeS5CAwQFykUgMAwDBATKjpADBADKjpYw
DAMEA8qOmAMEAMqOmgMEAsqOnDA3BAIAAjAxMBIDBwAkBqwAAAEDBwAkBqwAAAIw
EgMHACQGrAACAwMHASQGrAACCAMHACQGrAADADANBgkqhkiG9w0BAQsFAAOCAQEA
lrcD/7F2XyCNLChyGW/SXEbGNXcoLez/Lc/joHkypK3Lwwv1qrO5i2Vpc76lTYsm
R40B28+Ff8I8VAMrHaoLbfGVoRt10/BHuZkHm+07b+gMcQsykRfoINOA9VQAZz4m
Ir2uPc2t1I2sAF+TXb8qqvq7QJFuVgMs2Zx8l4xUfs8AYHZaMmy2yoGfHF9jf3bK
KTkbhtnYiki6fKh088YcHtXpoaU+fCwCnQsKvgdkSlQb6+YIt+DAx9ObcRtak4Vl
RUNl40FvqDUSNYbBZWtqKFvQRvoZlNJ/hIVcCUQ3jEAe9AZyioEFzah/58O80Xco
Y0CZYfXYqdBnuNEeGFuMcw==
-----END CERTIFICATE-----
Generated at Fri Mar 13 22:14:44 2026 by rpki-client