Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/8DEEDC96E6B511EF9FEF6436C4F9AE02.roa
File: 8DEEDC96E6B511EF9FEF6436C4F9AE02.roa (raw, json)
Hash identifier: g3gth29agU07YswlgFO81/ThxXY3l/MzAhQfGvaSf0I=
Subject key identifier: A6:FB:E4:44:7E:4B:AD:63:37:8A:EF:FB:38:D1:3A:79:21:2B:A5:21
Certificate issuer: /CN=A91CD39D/serialNumber=56B983E46BCBA115FF2265FE491909C7D74147F3
Certificate serial: 070A
Authority key identifier: 56:B9:83:E4:6B:CB:A1:15:FF:22:65:FE:49:19:09:C7:D7:41:47:F3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VrmD5GvLoRX_ImX-SRkJx9dBR_M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/8DEEDC96E6B511EF9FEF6436C4F9AE02.roa
Signing time: Sun 01 Mar 2026 19:19:10 +0000
ROA not before: Mon 10 Nov 2025 22:45:34 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 45271
IP address blocks: 1.38.209.0/24 maxlen: 24
1.38.210.0/24 maxlen: 24
1.187.0.0/22 maxlen: 22
1.187.4.0/22 maxlen: 22
1.187.12.0/22 maxlen: 22
1.187.16.0/22 maxlen: 22
1.187.20.0/22 maxlen: 22
1.187.24.0/22 maxlen: 22
1.187.112.0/21 maxlen: 21
1.187.120.0/21 maxlen: 21
1.187.144.0/22 maxlen: 22
1.187.148.0/22 maxlen: 22
1.187.152.0/22 maxlen: 22
1.187.156.0/22 maxlen: 22
1.187.180.0/24 maxlen: 24
1.187.181.0/24 maxlen: 24
1.187.182.0/24 maxlen: 24
1.187.183.0/24 maxlen: 24
1.187.184.0/22 maxlen: 22
1.187.188.0/22 maxlen: 22
1.187.212.0/24 maxlen: 24
1.187.213.0/24 maxlen: 24
1.187.214.0/24 maxlen: 24
1.187.215.0/24 maxlen: 24
1.187.216.0/24 maxlen: 24
1.187.217.0/24 maxlen: 24
1.187.218.0/24 maxlen: 24
1.187.219.0/24 maxlen: 24
1.187.220.0/24 maxlen: 24
1.187.221.0/24 maxlen: 24
1.187.222.0/24 maxlen: 24
1.187.223.0/24 maxlen: 24
1.187.224.0/22 maxlen: 22
1.187.228.0/22 maxlen: 22
1.187.232.0/22 maxlen: 22
1.187.236.0/22 maxlen: 22
1.187.240.0/22 maxlen: 22
1.187.244.0/22 maxlen: 22
1.187.248.0/22 maxlen: 22
1.187.252.0/22 maxlen: 22
106.66.17.0/24 maxlen: 24
106.66.24.0/24 maxlen: 24
106.66.25.0/24 maxlen: 24
106.66.26.0/24 maxlen: 24
106.66.28.0/24 maxlen: 24
106.66.29.0/24 maxlen: 24
106.66.31.0/24 maxlen: 24
106.66.38.0/23 maxlen: 23
106.66.44.0/24 maxlen: 24
106.66.45.0/24 maxlen: 24
106.66.52.0/22 maxlen: 22
106.66.56.0/22 maxlen: 22
106.66.60.0/24 maxlen: 24
106.66.61.0/24 maxlen: 24
106.66.62.0/24 maxlen: 24
106.66.63.0/24 maxlen: 24
106.66.131.0/24 maxlen: 24
106.66.132.0/24 maxlen: 24
106.66.133.0/24 maxlen: 24
106.66.134.0/24 maxlen: 24
106.66.135.0/24 maxlen: 24
106.66.139.0/24 maxlen: 24
106.66.140.0/24 maxlen: 24
106.66.141.0/24 maxlen: 24
106.66.142.0/24 maxlen: 24
106.66.143.0/24 maxlen: 24
106.66.147.0/24 maxlen: 24
106.66.148.0/24 maxlen: 24
106.66.149.0/24 maxlen: 24
106.66.150.0/24 maxlen: 24
106.66.151.0/24 maxlen: 24
106.66.156.0/24 maxlen: 24
106.66.157.0/24 maxlen: 24
106.66.158.0/24 maxlen: 24
106.66.159.0/24 maxlen: 24
106.66.176.0/24 maxlen: 24
106.66.177.0/24 maxlen: 24
106.66.178.0/24 maxlen: 24
106.66.179.0/24 maxlen: 24
106.66.180.0/24 maxlen: 24
106.66.181.0/24 maxlen: 24
106.66.182.0/24 maxlen: 24
106.66.183.0/24 maxlen: 24
106.66.184.0/24 maxlen: 24
106.66.185.0/24 maxlen: 24
106.66.186.0/24 maxlen: 24
106.66.187.0/24 maxlen: 24
106.66.188.0/24 maxlen: 24
106.66.189.0/24 maxlen: 24
106.66.190.0/24 maxlen: 24
106.66.191.0/24 maxlen: 24
112.110.0.0/21 maxlen: 21
112.110.8.0/21 maxlen: 21
112.110.16.0/21 maxlen: 21
112.110.24.0/21 maxlen: 21
112.110.71.0/24 maxlen: 24
112.110.72.0/24 maxlen: 24
112.110.73.0/24 maxlen: 24
112.110.74.0/24 maxlen: 24
112.110.75.0/24 maxlen: 24
112.110.77.0/24 maxlen: 24
112.110.79.0/24 maxlen: 24
112.110.85.0/24 maxlen: 24
112.110.86.0/24 maxlen: 24
112.110.88.0/24 maxlen: 24
112.110.92.0/24 maxlen: 24
112.110.96.0/21 maxlen: 21
112.110.104.0/21 maxlen: 21
112.110.112.0/21 maxlen: 21
112.110.112.0/24 maxlen: 24
112.110.113.0/24 maxlen: 24
112.110.114.0/24 maxlen: 24
112.110.115.0/24 maxlen: 24
112.110.116.0/24 maxlen: 24
112.110.117.0/24 maxlen: 24
112.110.118.0/24 maxlen: 24
112.110.119.0/24 maxlen: 24
112.110.120.0/22 maxlen: 22
112.110.120.0/24 maxlen: 24
112.110.121.0/24 maxlen: 24
112.110.122.0/24 maxlen: 24
112.110.123.0/24 maxlen: 24
112.110.125.0/24 maxlen: 24
112.110.126.0/24 maxlen: 24
112.110.144.0/24 maxlen: 24
112.110.160.0/24 maxlen: 24
115.69.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/VrmD5GvLoRX_ImX-SRkJx9dBR_M.crl
rsync://rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/VrmD5GvLoRX_ImX-SRkJx9dBR_M.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VrmD5GvLoRX_ImX-SRkJx9dBR_M.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 13 Mar 2026 23:24:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1802 (0x70a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD39D, serialNumber=56B983E46BCBA115FF2265FE491909C7D74147F3
Validity
Not Before: Nov 10 22:45:34 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=69a4912e-9d44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:8f:3b:b1:5e:0f:34:70:ed:8c:16:41:af:12:
17:6a:f6:4d:3a:4c:72:02:fd:d3:60:df:ac:e9:fb:
22:0b:0f:9a:17:bf:0b:5a:ff:ae:d5:9f:cd:8c:6c:
96:57:ec:02:d0:92:2f:6f:79:9e:d7:5b:42:da:57:
59:74:6c:e5:88:b5:15:44:9d:6c:9e:9b:34:9e:13:
de:70:ac:a0:97:05:b8:e3:4b:b9:32:36:58:01:8e:
78:c2:b8:a5:39:bd:fe:ce:bc:7e:50:06:b9:9c:46:
d7:96:e1:55:c2:73:e1:c0:0c:f4:e9:a5:26:59:09:
87:56:95:c4:00:02:d5:a7:5a:2d:eb:ba:f2:4e:fa:
14:b9:77:d9:09:9b:b7:53:bc:63:fb:21:de:b3:46:
bb:b9:ee:64:65:22:fb:6d:ef:67:d4:2a:6b:fe:98:
13:df:a5:8a:9b:2d:cf:c5:69:1c:ca:5b:76:01:80:
3c:2e:a5:5e:31:59:13:13:fa:be:e2:61:7e:1a:48:
88:1b:66:0f:e9:8b:08:f1:e3:16:9b:6b:47:16:06:
80:4b:fd:3e:e0:20:75:be:ed:80:54:f5:33:86:96:
64:15:0c:b7:c7:70:bc:23:6b:50:f5:71:b4:47:f5:
a2:44:f5:96:b6:f7:37:ce:89:3f:5f:d1:4e:43:49:
5f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:FB:E4:44:7E:4B:AD:63:37:8A:EF:FB:38:D1:3A:79:21:2B:A5:21
X509v3 Authority Key Identifier:
keyid:56:B9:83:E4:6B:CB:A1:15:FF:22:65:FE:49:19:09:C7:D7:41:47:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/VrmD5GvLoRX_ImX-SRkJx9dBR_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VrmD5GvLoRX_ImX-SRkJx9dBR_M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/8DEEDC96E6B511EF9FEF6436C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
1.38.209.0-1.38.210.255
1.187.0.0/21
1.187.12.0-1.187.27.255
1.187.112.0/20
1.187.144.0/20
1.187.180.0-1.187.191.255
1.187.212.0-1.187.255.255
106.66.17.0/24
106.66.24.0-106.66.26.255
106.66.28.0/23
106.66.31.0/24
106.66.38.0/23
106.66.44.0/23
106.66.52.0-106.66.63.255
106.66.131.0-106.66.135.255
106.66.139.0-106.66.143.255
106.66.147.0-106.66.151.255
106.66.156.0/22
106.66.176.0/20
112.110.0.0/19
112.110.71.0-112.110.75.255
112.110.77.0/24
112.110.79.0/24
112.110.85.0-112.110.86.255
112.110.88.0/24
112.110.92.0/24
112.110.96.0-112.110.123.255
112.110.125.0-112.110.126.255
112.110.144.0/24
112.110.160.0/24
115.69.157.0/24
Signature Algorithm: sha256WithRSAEncryption
14:cc:e0:11:6b:4a:4e:58:e4:29:c0:01:67:89:9c:8d:8b:05:
f0:52:e5:d2:68:90:76:a0:6c:d2:ee:7b:33:32:e4:3a:66:11:
9a:32:c1:e6:8c:8b:f5:b9:ab:6e:da:c9:ca:8c:92:37:d9:f3:
7a:b0:01:46:ce:ff:9f:48:d7:d8:40:3b:af:2a:c9:1e:4a:0a:
82:63:97:eb:aa:c7:03:75:8b:cf:a9:3d:88:a6:9c:d5:b2:04:
86:5c:d7:8f:1a:67:6a:7f:55:53:30:2a:5b:43:2f:46:a3:9f:
cb:ad:5f:bf:07:d2:cb:26:ad:65:c6:b3:87:78:54:f0:a7:33:
16:7f:d7:78:91:85:ac:ab:b9:c5:fd:53:6e:53:32:f4:6f:bd:
2e:10:05:1c:b1:6d:db:e1:94:63:85:83:13:e0:4e:af:4d:95:
2c:05:d0:b8:99:07:e3:b9:73:dc:36:0b:3e:96:d8:73:cc:4d:
7a:e4:32:6b:52:4d:71:0b:b7:b6:9e:04:11:0f:19:6b:43:89:
c2:65:a5:36:90:ff:ee:bd:99:ee:b7:f2:d3:44:a9:cc:4e:15:
fe:50:93:da:a3:02:43:6e:39:cc:e4:48:0e:ab:03:aa:84:ca:
95:80:c5:86:41:a8:53:c5:b2:19:50:01:5c:86:9e:60:f8:5d:
27:84:1d:8a
-----BEGIN CERTIFICATE-----
MIIGYTCCBUmgAwIBAgICBwowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0QzOUQxMTAvBgNVBAUTKDU2Qjk4M0U0NkJDQkExMTVGRjIyNjVGRTQ5MTkwOUM3
RDc0MTQ3RjMwHhcNMjUxMTEwMjI0NTM0WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0OTEyZS05ZDQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlo87sV4PNHDtjBZBrxIXavZNOkxyAv3TYN+s6fsiCw+aF78LWv+u1Z/NjGyW
V+wC0JIvb3me11tC2ldZdGzliLUVRJ1snps0nhPecKyglwW440u5MjZYAY54wril
Ob3+zrx+UAa5nEbXluFVwnPhwAz06aUmWQmHVpXEAALVp1ot67ryTvoUuXfZCZu3
U7xj+yHes0a7ue5kZSL7be9n1Cpr/pgT36WKmy3PxWkcylt2AYA8LqVeMVkTE/q+
4mF+GkiIG2YP6YsI8eMWm2tHFgaAS/0+4CB1vu2AVPUzhpZkFQy3x3C8I2tQ9XG0
R/WiRPWWtvc3zok/X9FOQ0lfnwIDAQABo4IDhTCCA4EwHQYDVR0OBBYEFKb75ER+
S61jN4rv+zjROnkhK6UhMB8GA1UdIwQYMBaAFFa5g+Rry6EV/yJl/kkZCcfXQUfz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRDM5RC9ERTdEMkY5NDRF
NzYxMUVDQTU3MjBCNzlDNEY5QUUwMi9Wcm1ENUd2TG9SWF9JbVgtU1JrSng5ZEJS
X00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZybUQ1R3ZMb1JYX0ltWC1TUmtKeDlkQlJfTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0QzOUQvREU3RDJGOTQ0RTc2MTFFQ0E1NzIwQjc5QzRGOUFFMDIvOERFRURDOTZF
NkI1MTFFRjlGRUY2NDM2QzRGOUFFMDIucm9hMIIBQgYIKwYBBQUHAQcBAf8EggEx
MIIBLTCCASkEAgABMIIBITAMAwQAASbRAwQAASbSAwQDAbsAMAwDBAIBuwwDBAIB
uxgDBAQBu3ADBAQBu5AwDAMEAgG7tAMEBgG7gDALAwQCAbvUAwMCAbgDBABqQhEw
DAMEA2pCGAMEAGpCGgMEAWpCHAMEAGpCHwMEAWpCJgMEAWpCLDAMAwQCakI0AwQG
akIAMAwDBABqQoMDBANqQoAwDAMEAGpCiwMEBGpCgDAMAwQAakKTAwQDakKQAwQC
akKcAwQEakKwAwQFcG4AMAwDBABwbkcDBAJwbkgDBABwbk0DBABwbk8wDAMEAHBu
VQMEAHBuVgMEAHBuWAMEAHBuXDAMAwQFcG5gAwQCcG54MAwDBABwbn0DBABwbn4D
BABwbpADBABwbqADBABzRZ0wDQYJKoZIhvcNAQELBQADggEBABTM4BFrSk5Y5CnA
AWeJnI2LBfBS5dJokHagbNLuezMy5DpmEZoyweaMi/W5q27aycqMkjfZ83qwAUbO
/59I19hAO68qyR5KCoJjl+uqxwN1i8+pPYimnNWyBIZc148aZ2p/VVMwKltDL0aj
n8utX78H0ssmrWXGs4d4VPCnMxZ/13iRhayrucX9U25TMvRvvS4QBRyxbdvhlGOF
gxPgTq9NlSwF0LiZB+O5c9w2Cz6W2HPMTXrkMmtSTXELt7aeBBEPGWtDicJlpTaQ
/+69me638tNEqcxOFf5Qk9qjAkNuOczkSA6rA6qEypWAxYZBqFPFshlQAVyGnmD4
XSeEHYo=
-----END CERTIFICATE-----
Generated at Sat Mar 7 14:14:36 2026 by rpki-client