Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BFE6A/1D64328ED38711E8BD70755CC4F9AE02/CEBECC28D38811E8A763B462C4F9AE02.roa
File: CEBECC28D38811E8A763B462C4F9AE02.roa (raw, json)
Hash identifier: QFWUYSiZUJc8h7YGZVvOm14atuGAeik2TO0HfRh5JB8=
Subject key identifier: D9:8E:E9:E1:E6:6B:55:55:60:41:17:56:08:FA:C1:13:F7:79:BB:F6
Certificate issuer: /CN=A91BFE6A/serialNumber=EF62F155C1971D504941F571EEDFAC0AFCC52859
Certificate serial: 1325
Authority key identifier: EF:62:F1:55:C1:97:1D:50:49:41:F5:71:EE:DF:AC:0A:FC:C5:28:59
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/72LxVcGXHVBJQfVx7t-sCvzFKFk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BFE6A/1D64328ED38711E8BD70755CC4F9AE02/CEBECC28D38811E8A763B462C4F9AE02.roa
Signing time: Mon 02 Mar 2026 13:48:57 +0000
ROA not before: Fri 19 Dec 2025 02:13:02 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 38001
IP address blocks: 43.245.60.0/24 maxlen: 24
43.245.61.0/24 maxlen: 24
43.245.62.0/24 maxlen: 24
43.245.63.0/24 maxlen: 24
45.119.200.0/24 maxlen: 24
45.119.201.0/24 maxlen: 24
45.119.202.0/24 maxlen: 24
103.14.76.0/24 maxlen: 24
103.14.77.0/24 maxlen: 24
103.14.79.0/24 maxlen: 24
103.25.52.0/24 maxlen: 24
103.60.8.0/24 maxlen: 24
103.60.11.0/24 maxlen: 24
103.200.216.0/24 maxlen: 24
103.200.217.0/24 maxlen: 24
103.200.218.0/24 maxlen: 24
103.200.219.0/24 maxlen: 24
119.161.101.0/24 maxlen: 24
119.161.102.0/24 maxlen: 24
119.161.103.0/24 maxlen: 24
202.150.208.0/20 maxlen: 20
202.150.208.0/24 maxlen: 24
202.150.209.0/24 maxlen: 24
202.150.210.0/24 maxlen: 24
202.150.211.0/24 maxlen: 24
202.150.212.0/24 maxlen: 24
202.150.213.0/24 maxlen: 24
202.150.214.0/24 maxlen: 24
202.150.215.0/24 maxlen: 24
202.150.216.0/24 maxlen: 24
202.150.217.0/24 maxlen: 24
202.150.218.0/24 maxlen: 24
202.150.219.0/24 maxlen: 24
202.150.220.0/24 maxlen: 24
202.150.221.0/24 maxlen: 24
202.150.222.0/24 maxlen: 24
202.150.223.0/24 maxlen: 24
203.174.80.0/21 maxlen: 21
203.174.80.0/24 maxlen: 24
203.174.81.0/24 maxlen: 24
203.174.82.0/24 maxlen: 24
203.174.83.0/24 maxlen: 24
203.174.84.0/24 maxlen: 24
203.174.85.0/24 maxlen: 24
203.174.86.0/24 maxlen: 24
203.174.87.0/24 maxlen: 24
2406:f400::/32 maxlen: 32
2406:f400::/44 maxlen: 44
2406:f400:20::/44 maxlen: 44
2406:f400:40::/44 maxlen: 44
2406:f400:80::/44 maxlen: 44
2406:f400:b0::/44 maxlen: 44
2406:f400:100::/44 maxlen: 44
2406:f400:130::/44 maxlen: 44
2406:f400:160::/44 maxlen: 44
2406:f400:161::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91BFE6A/1D64328ED38711E8BD70755CC4F9AE02/72LxVcGXHVBJQfVx7t-sCvzFKFk.crl
rsync://rpki.apnic.net/member_repository/A91BFE6A/1D64328ED38711E8BD70755CC4F9AE02/72LxVcGXHVBJQfVx7t-sCvzFKFk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/72LxVcGXHVBJQfVx7t-sCvzFKFk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 27 Mar 2026 16:52:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4901 (0x1325)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BFE6A, serialNumber=EF62F155C1971D504941F571EEDFAC0AFCC52859
Validity
Not Before: Dec 19 02:13:02 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=69a59549-0152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ff:8d:30:04:33:f4:18:2d:e7:24:74:84:97:
e0:6c:eb:19:09:19:f7:a2:9f:ea:47:dd:d7:79:50:
07:58:94:e8:fb:a5:29:cf:bd:65:9e:c5:cf:c2:9b:
a7:c1:04:14:8c:4c:91:22:4e:dc:11:63:ad:aa:67:
38:55:22:07:ac:aa:d1:f7:27:dc:d7:21:0d:e7:60:
67:21:25:f0:c0:23:3b:93:9b:cc:dd:3b:ca:49:92:
b7:b2:51:90:6f:c7:83:00:03:ef:64:aa:19:80:e7:
00:c7:98:ce:ec:b1:f2:e1:60:32:b7:10:ac:92:a2:
b3:28:4b:1e:cc:40:7f:c2:1a:17:42:07:1e:82:71:
e6:34:5c:09:f2:ac:9f:3d:4e:12:c3:42:8c:c6:a0:
0d:72:70:53:22:5f:bf:2f:cc:33:6c:83:df:19:dc:
1b:a3:6c:e4:dc:af:d8:4a:c9:9e:99:de:16:a1:b0:
87:15:27:4c:84:7f:a9:c6:5d:0c:32:9e:09:5c:3b:
76:cb:e2:89:f0:53:c3:a7:86:db:54:cc:4c:a4:bd:
da:45:22:6e:8a:d6:57:8d:82:48:b6:37:75:50:99:
0a:1e:f4:cf:dd:78:25:e1:8a:ea:e9:a9:24:52:cd:
4c:6e:52:f3:69:85:f2:8e:ca:35:41:cb:48:b1:8d:
c5:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:8E:E9:E1:E6:6B:55:55:60:41:17:56:08:FA:C1:13:F7:79:BB:F6
X509v3 Authority Key Identifier:
keyid:EF:62:F1:55:C1:97:1D:50:49:41:F5:71:EE:DF:AC:0A:FC:C5:28:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BFE6A/1D64328ED38711E8BD70755CC4F9AE02/72LxVcGXHVBJQfVx7t-sCvzFKFk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/72LxVcGXHVBJQfVx7t-sCvzFKFk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BFE6A/1D64328ED38711E8BD70755CC4F9AE02/CEBECC28D38811E8A763B462C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.245.60.0/22
45.119.200.0-45.119.202.255
103.14.76.0/23
103.14.79.0/24
103.25.52.0/24
103.60.8.0/24
103.60.11.0/24
103.200.216.0/22
119.161.101.0-119.161.103.255
202.150.208.0/20
203.174.80.0/21
IPv6:
2406:f400::/32
Signature Algorithm: sha256WithRSAEncryption
6a:05:0e:bd:7a:95:c8:b3:ab:e8:61:2a:8c:05:7c:1e:ba:f4:
e9:d2:f6:b4:01:45:13:d7:55:86:61:fc:6e:be:34:7e:cd:1f:
cd:24:d1:1e:0e:6a:a2:c7:91:12:1b:ed:16:d5:35:20:2e:1c:
79:96:37:66:74:81:b9:d5:77:17:dd:76:37:07:18:6a:6d:c0:
a8:04:98:ab:0e:cf:1a:da:2f:bf:06:63:61:ae:e5:0b:6a:fc:
aa:f2:e4:e2:0e:80:6a:45:40:2f:28:c7:94:b2:7b:15:0e:88:
5f:ed:e5:26:a0:60:8f:99:c3:58:a6:83:cf:73:9c:22:c1:9c:
b7:23:b7:c2:fd:05:e8:14:62:46:5c:fb:5e:30:0b:10:46:fc:
e7:7e:bd:53:3d:6f:4a:ae:db:9a:bf:ce:b6:86:c4:d9:0e:f2:
5c:ee:8c:bb:41:86:5a:25:4a:d5:d8:92:1a:da:ba:f5:21:9a:
0d:36:70:03:aa:cd:bd:c8:dd:37:50:bf:32:0e:2a:8e:d3:ad:
08:1c:50:59:77:f8:b8:b9:1b:2a:5f:f9:98:02:4d:f7:19:6f:
87:2c:1d:ce:f0:03:b6:20:66:b7:ab:50:0d:f3:62:8a:36:cf:
5b:eb:9b:51:0c:32:f3:ea:b9:86:04:f6:70:34:12:08:eb:a3:
c3:e0:94:c8
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgICEyUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkZFNkExMTAvBgNVBAUTKEVGNjJGMTU1QzE5NzFENTA0OTQxRjU3MUVFREZBQzBB
RkNDNTI4NTkwHhcNMjUxMjE5MDIxMzAyWhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE1OTU0OS0wMTUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp/+NMAQz9Bgt5yR0hJfgbOsZCRn3op/qR93XeVAHWJTo+6Upz71lnsXPwpun
wQQUjEyRIk7cEWOtqmc4VSIHrKrR9yfc1yEN52BnISXwwCM7k5vM3TvKSZK3slGQ
b8eDAAPvZKoZgOcAx5jO7LHy4WAytxCskqKzKEsezEB/whoXQgcegnHmNFwJ8qyf
PU4Sw0KMxqANcnBTIl+/L8wzbIPfGdwbo2zk3K/YSsmemd4WobCHFSdMhH+pxl0M
Mp4JXDt2y+KJ8FPDp4bbVMxMpL3aRSJuitZXjYJItjd1UJkKHvTP3Xgl4Yrq6akk
Us1MblLzaYXyjso1QctIsY3FZQIDAQABo4ICuzCCArcwHQYDVR0OBBYEFNmO6eHm
a1VVYEEXVgj6wRP3ebv2MB8GA1UdIwQYMBaAFO9i8VXBlx1QSUH1ce7frAr8xShZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRkU2QS8xRDY0MzI4RUQz
ODcxMUU4QkQ3MDc1NUNDNEY5QUUwMi83Mkx4VmNHWEhWQkpRZlZ4N3Qtc0N2ekZL
RmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzcyTHhWY0dYSFZCSlFmVng3dC1zQ3Z6RktGay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkZFNkEvMUQ2NDMyOEVEMzg3MTFFOEJENzA3NTVDQzRGOUFFMDIvQ0VCRUNDMjhE
Mzg4MTFFOEE3NjNCNDYyQzRGOUFFMDIucm9hMHoGCCsGAQUFBwEHAQH/BGswaTBY
BAIAATBSAwQCK/U8MAwDBAMtd8gDBAAtd8oDBAFnDkwDBABnDk8DBABnGTQDBABn
PAgDBABnPAsDBAJnyNgwDAMEAHehZQMEA3ehYAMEBMqW0AMEA8uuUDANBAIAAjAH
AwUAJAb0ADANBgkqhkiG9w0BAQsFAAOCAQEAagUOvXqVyLOr6GEqjAV8Hrr06dL2
tAFFE9dVhmH8br40fs0fzSTRHg5qoseREhvtFtU1IC4ceZY3ZnSBudV3F912NwcY
am3AqASYqw7PGtovvwZjYa7lC2r8qvLk4g6AakVALyjHlLJ7FQ6IX+3lJqBgj5nD
WKaDz3OcIsGctyO3wv0F6BRiRlz7XjALEEb85369Uz1vSq7bmr/OtobE2Q7yXO6M
u0GGWiVK1diSGtq69SGaDTZwA6rNvcjdN1C/Mg4qjtOtCBxQWXf4uLkbKl/5mAJN
9xlvhywdzvADtiBmt6tQDfNiijbPW+ubUQwy8+q5hgT2cDQSCOujw+CUyA==
-----END CERTIFICATE-----
Generated at Sun Mar 22 07:21:01 2026 by rpki-client