Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8F6D3D583AEA11EC84E6634EC4F9AE02.roa
File: 8F6D3D583AEA11EC84E6634EC4F9AE02.roa (raw, json)
Hash identifier: +ssH2defg7geLitGvHOS2gEb7jt8aMnauRLoSwyGqos=
Subject key identifier: C7:76:3A:2E:63:29:06:0B:FA:48:1C:2F:CB:94:CD:B5:87:E0:60:47
Certificate issuer: /CN=A91B885C/serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF
Certificate serial: 0DE9
Authority key identifier: 53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8F6D3D583AEA11EC84E6634EC4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:46:39 +0000
ROA not before: Sat 22 Nov 2025 17:37:45 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 63916
IP address blocks: 27.122.56.0/24 maxlen: 24
27.122.57.0/24 maxlen: 24
27.122.58.0/24 maxlen: 24
27.122.59.0/24 maxlen: 24
43.239.156.0/22 maxlen: 22
43.239.156.0/23 maxlen: 23
43.239.156.0/24 maxlen: 24
43.239.157.0/24 maxlen: 24
43.239.158.0/23 maxlen: 23
43.239.158.0/24 maxlen: 24
43.239.159.0/24 maxlen: 24
43.245.196.0/23 maxlen: 23
43.245.196.0/24 maxlen: 24
43.245.197.0/24 maxlen: 24
43.245.198.0/24 maxlen: 24
43.245.199.0/24 maxlen: 24
43.251.157.0/24 maxlen: 24
43.251.158.0/24 maxlen: 24
43.251.159.0/24 maxlen: 24
103.1.152.0/24 maxlen: 24
103.1.153.0/24 maxlen: 24
103.1.154.0/24 maxlen: 24
103.1.155.0/24 maxlen: 24
103.10.196.0/24 maxlen: 24
103.10.198.0/24 maxlen: 24
103.35.72.0/22 maxlen: 22
103.35.72.0/24 maxlen: 24
103.35.73.0/24 maxlen: 24
103.35.74.0/24 maxlen: 24
103.35.75.0/24 maxlen: 24
103.68.223.0/24 maxlen: 24
103.71.254.0/24 maxlen: 24
103.72.4.0/23 maxlen: 24
182.161.32.0/22 maxlen: 22
182.161.32.0/24 maxlen: 24
182.161.33.0/24 maxlen: 24
182.161.34.0/24 maxlen: 24
182.161.35.0/24 maxlen: 24
202.144.192.0/22 maxlen: 22
202.144.192.0/24 maxlen: 24
202.144.193.0/24 maxlen: 24
202.144.194.0/24 maxlen: 24
202.144.195.0/24 maxlen: 24
2402:c480::/32 maxlen: 32
2402:c480:3000::/48 maxlen: 48
2402:c480:3001::/48 maxlen: 48
2402:c480:3002::/48 maxlen: 48
2402:c480:3003::/48 maxlen: 48
2402:c480:3004::/48 maxlen: 48
2402:c480:5000::/48 maxlen: 48
2402:c480:6000::/48 maxlen: 48
2402:c480:6001::/48 maxlen: 48
2402:c480:6002::/48 maxlen: 48
2402:c480:7000::/48 maxlen: 48
2402:c480:7001::/48 maxlen: 48
2402:c480:8000::/48 maxlen: 48
2402:c480:8001::/48 maxlen: 48
2402:c480:8003::/48 maxlen: 48
2402:c480:8208::/48 maxlen: 48
2402:c480:8412::/48 maxlen: 48
2402:c480:9000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl
rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 25 Mar 2026 17:48:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3561 (0xde9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B885C, serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF
Validity
Not Before: Nov 22 17:37:45 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=69a47b7f-1c35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:64:11:21:7c:20:37:d3:15:94:81:8a:4c:55:
e9:95:12:15:1e:9c:78:3d:d4:4d:00:49:bc:12:b1:
46:95:c1:5c:0f:43:d3:b1:0b:16:73:8d:8d:97:97:
8d:97:b1:29:8a:be:8b:ab:6f:95:21:d2:2b:3e:f8:
f7:44:b8:4a:9b:5c:dc:98:b1:eb:64:3a:f6:ff:70:
5a:13:55:54:57:6b:e4:42:d7:be:e5:34:30:50:67:
08:e1:16:b4:c0:66:95:b3:38:8a:7e:7b:b6:73:9e:
8f:75:83:00:15:db:24:56:7a:09:3f:50:5c:fd:9a:
34:ec:ac:48:4d:79:69:10:30:5d:b6:6c:34:0a:65:
e9:54:9d:6a:0c:ea:3f:17:34:f9:0d:66:01:d6:eb:
74:d0:bd:55:67:0b:26:e7:6e:85:fe:17:0c:3a:55:
73:18:93:5b:0a:b7:f2:49:cc:57:f8:6c:3c:8c:26:
51:2c:28:02:ae:f7:13:55:fe:fd:06:42:2d:3f:81:
8f:f7:8c:44:15:fd:dc:f7:8d:68:d1:fc:05:34:62:
ad:77:3e:c0:89:63:e2:74:3c:1b:9e:6f:c8:0a:28:
db:7c:8d:f0:25:45:57:ee:d1:3b:ad:dc:86:d7:a6:
c5:9d:b5:f8:6d:00:32:9b:3a:5e:79:f1:6f:22:96:
46:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:76:3A:2E:63:29:06:0B:FA:48:1C:2F:CB:94:CD:B5:87:E0:60:47
X509v3 Authority Key Identifier:
keyid:53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8F6D3D583AEA11EC84E6634EC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
27.122.56.0/22
43.239.156.0/22
43.245.196.0/22
43.251.157.0-43.251.159.255
103.1.152.0/22
103.10.196.0/24
103.10.198.0/24
103.35.72.0/22
103.68.223.0/24
103.71.254.0/24
103.72.4.0/23
182.161.32.0/22
202.144.192.0/22
IPv6:
2402:c480::/32
Signature Algorithm: sha256WithRSAEncryption
88:5e:8a:15:37:76:91:94:b6:bb:58:85:06:79:10:d2:62:3e:
0f:58:91:4e:e8:b2:6e:6a:4d:bc:e9:51:ae:43:75:65:05:87:
64:ff:95:f2:17:97:5c:a0:a8:aa:e3:b6:56:b9:ef:f8:ec:d6:
b0:ba:71:00:e4:ca:cc:27:a4:52:f7:7a:9d:5c:8a:04:ce:3e:
3c:11:da:63:50:ae:a7:48:70:7c:6a:48:b6:87:14:20:b3:87:
b5:ba:37:69:87:1c:22:0a:6d:b3:f1:ad:4a:19:e5:8c:e0:7e:
1f:f4:9e:6a:e5:4a:c4:3e:c3:1f:76:5f:ea:16:15:35:e1:2f:
9d:b5:1e:c1:4e:89:a1:b7:24:f9:5e:d9:fc:dc:35:a2:a7:db:
8c:52:f2:50:08:c5:4f:b1:01:f3:8f:ce:c1:31:b2:cd:19:b8:
5b:e7:b4:cd:1d:e0:8a:72:4f:3d:01:16:0b:bf:cd:2f:32:9a:
66:46:a5:30:31:6b:b3:3a:7b:47:51:7e:09:3d:d5:1c:8e:e1:
f6:22:17:71:bb:6c:f4:bb:7a:40:e1:ae:e5:50:45:5e:9c:88:
4b:38:63:9b:53:a5:76:7f:ef:08:ea:17:75:25:67:1a:6c:f1:
c6:17:6d:cb:da:42:71:6b:c1:bf:63:8b:48:dd:91:a9:11:4e:
b6:6b:5e:f7
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgICDekwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjg4NUMxMTAvBgNVBAUTKDUzNzRDNkU3NUYxODYwNTI0NTVBMkQ4REE1MjkyRkVG
MDA5Q0M5QUYwHhcNMjUxMTIyMTczNzQ1WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0N2I3Zi0xYzM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw2QRIXwgN9MVlIGKTFXplRIVHpx4PdRNAEm8ErFGlcFcD0PTsQsWc42Nl5eN
l7Epir6Lq2+VIdIrPvj3RLhKm1zcmLHrZDr2/3BaE1VUV2vkQte+5TQwUGcI4Ra0
wGaVsziKfnu2c56PdYMAFdskVnoJP1Bc/Zo07KxITXlpEDBdtmw0CmXpVJ1qDOo/
FzT5DWYB1ut00L1VZwsm526F/hcMOlVzGJNbCrfyScxX+Gw8jCZRLCgCrvcTVf79
BkItP4GP94xEFf3c941o0fwFNGKtdz7AiWPidDwbnm/ICijbfI3wJUVX7tE7rdyG
16bFnbX4bQAymzpeefFvIpZGOwIDAQABo4ICvzCCArswHQYDVR0OBBYEFMd2Oi5j
KQYL+kgcL8uUzbWH4GBHMB8GA1UdIwQYMBaAFFN0xudfGGBSRVotjaUpL+8AnMmv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODg1Qy81QzE5Rjg0MkYy
NjcxMUU5ODdDNzEzMUZDNEY5QUUwMi9VM1RHNTE4WVlGSkZXaTJOcFNrdjd3Q2N5
YTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1UzVEc1MThZWUZKRldpMk5wU2t2N3dDY3lhOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjg4NUMvNUMxOUY4NDJGMjY3MTFFOTg3QzcxMzFGQzRGOUFFMDIvOEY2RDNENTgz
QUVBMTFFQzg0RTY2MzRFQzRGOUFFMDIucm9hMH4GCCsGAQUFBwEHAQH/BG8wbTBc
BAIAATBWAwQCG3o4AwQCK++cAwQCK/XEMAwDBAAr+50DBAUr+4ADBAJnAZgDBABn
CsQDBABnCsYDBAJnI0gDBABnRN8DBABnR/4DBAFnSAQDBAK2oSADBALKkMAwDQQC
AAIwBwMFACQCxIAwDQYJKoZIhvcNAQELBQADggEBAIheihU3dpGUtrtYhQZ5ENJi
Pg9YkU7osm5qTbzpUa5DdWUFh2T/lfIXl1ygqKrjtla57/js1rC6cQDkyswnpFL3
ep1cigTOPjwR2mNQrqdIcHxqSLaHFCCzh7W6N2mHHCIKbbPxrUoZ5Yzgfh/0nmrl
SsQ+wx92X+oWFTXhL521HsFOiaG3JPle2fzcNaKn24xS8lAIxU+xAfOPzsExss0Z
uFvntM0d4IpyTz0BFgu/zS8ymmZGpTAxa7M6e0dRfgk91RyO4fYiF3G7bPS7ekDh
ruVQRV6ciEs4Y5tTpXZ/7wjqF3UlZxps8cYXbcvaQnFrwb9ji0jdkakRTrZrXvc=
-----END CERTIFICATE-----
Generated at Fri Mar 20 12:38:05 2026 by rpki-client