Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/0134DE8CC77211EC9B377B2DC4F9AE02.roa
File: 0134DE8CC77211EC9B377B2DC4F9AE02.roa (raw, json)
Hash identifier: JkcuuEA3HJcOXsAtpW1A448oG1rvXao+yzD5319lzLs=
Subject key identifier: 5B:19:BF:7A:05:A0:38:6A:25:34:2C:30:46:D2:36:CF:1F:F2:69:A6
Certificate issuer: /CN=A91CFFA0/serialNumber=ADD9418F0F9B55F3B7376A093DB11DBAD3AEFEC8
Certificate serial: 0FF3
Authority key identifier: AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/0134DE8CC77211EC9B377B2DC4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:46:55 +0000
ROA not before: Wed 14 Jan 2026 18:14:57 +0000
ROA not after: Wed 31 Mar 2027 00:00:00 +0000
asID: 13335
IP address blocks: 61.47.0.0/24 maxlen: 24
61.47.3.0/24 maxlen: 24
61.47.4.0/23 maxlen: 24
61.47.15.0/24 maxlen: 24
61.47.17.0/24 maxlen: 24
61.47.21.0/24 maxlen: 24
61.47.22.0/24 maxlen: 24
61.47.24.0/24 maxlen: 24
61.47.27.0/24 maxlen: 24
61.47.29.0/24 maxlen: 24
61.47.44.0/23 maxlen: 24
61.47.46.0/24 maxlen: 24
61.47.49.0/24 maxlen: 24
61.47.50.0/23 maxlen: 24
61.47.53.0/24 maxlen: 24
61.47.54.0/23 maxlen: 24
61.47.56.0/24 maxlen: 24
61.47.64.0/23 maxlen: 24
61.47.66.0/24 maxlen: 24
61.47.72.0/21 maxlen: 24
61.47.102.0/23 maxlen: 24
61.47.108.0/22 maxlen: 24
221.128.0.0/18 maxlen: 24
221.128.71.0/24 maxlen: 24
221.128.73.0/24 maxlen: 24
221.128.77.0/24 maxlen: 24
221.128.79.0/24 maxlen: 24
221.128.81.0/24 maxlen: 24
221.128.87.0/24 maxlen: 24
221.128.88.0/22 maxlen: 24
221.128.97.0/24 maxlen: 24
221.128.98.0/23 maxlen: 24
221.128.104.0/22 maxlen: 24
221.128.108.0/23 maxlen: 24
221.128.110.0/24 maxlen: 24
221.128.115.0/24 maxlen: 24
221.128.116.0/24 maxlen: 24
221.128.118.0/23 maxlen: 24
221.128.121.0/24 maxlen: 24
221.128.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.crl
rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 17:52:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4083 (0xff3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CFFA0, serialNumber=ADD9418F0F9B55F3B7376A093DB11DBAD3AEFEC8
Validity
Not Before: Jan 14 18:14:57 2026 GMT
Not After : Mar 31 00:00:00 2027 GMT
Subject: CN=69a4899f-4e4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:7d:36:b5:8e:f9:50:fb:05:b0:4b:d8:e5:4b:
59:e6:61:32:ae:2f:c8:d8:62:4b:4b:60:e4:38:72:
da:ae:6f:8c:58:46:ad:3d:40:a5:98:af:d4:a3:bc:
2f:9b:af:17:47:cf:cf:42:83:b9:0b:ff:42:7e:8e:
00:a5:47:a5:ac:d7:66:23:b9:d8:b0:12:ef:d6:32:
e5:af:06:13:41:39:91:10:b2:d6:c8:23:31:11:51:
d9:e1:b4:23:3e:c2:a0:1d:73:16:5c:e2:b1:0e:c3:
ad:e9:64:12:ed:35:a8:82:e6:6f:4e:1e:5f:cd:67:
80:9f:28:15:a1:c5:7d:a6:04:75:50:79:ff:05:6d:
64:b9:fc:92:66:3b:58:4c:dc:d3:10:52:6e:a7:d6:
48:fb:73:3f:b8:24:6a:72:90:c2:fb:46:27:1a:8d:
b9:6e:89:47:1d:dd:a5:b2:38:48:65:82:9e:99:b5:
8d:ff:de:6c:3a:90:f7:9f:e4:75:51:cc:6c:75:c0:
4b:6f:46:f8:40:da:bb:b6:10:84:3e:8a:be:97:04:
cc:2b:c6:b6:1a:f8:50:49:ad:14:c0:c3:78:8e:6c:
78:3d:13:75:de:bc:3e:ee:1d:46:91:8e:9b:2d:e1:
60:ee:6f:f0:8f:3d:39:84:b4:94:1b:18:25:22:92:
1b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:19:BF:7A:05:A0:38:6A:25:34:2C:30:46:D2:36:CF:1F:F2:69:A6
X509v3 Authority Key Identifier:
keyid:AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/0134DE8CC77211EC9B377B2DC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
61.47.0.0/24
61.47.3.0-61.47.5.255
61.47.15.0/24
61.47.17.0/24
61.47.21.0-61.47.22.255
61.47.24.0/24
61.47.27.0/24
61.47.29.0/24
61.47.44.0-61.47.46.255
61.47.49.0-61.47.51.255
61.47.53.0-61.47.56.255
61.47.64.0-61.47.66.255
61.47.72.0/21
61.47.102.0/23
61.47.108.0/22
221.128.0.0/18
221.128.71.0/24
221.128.73.0/24
221.128.77.0/24
221.128.79.0/24
221.128.81.0/24
221.128.87.0-221.128.91.255
221.128.97.0-221.128.99.255
221.128.104.0-221.128.110.255
221.128.115.0-221.128.116.255
221.128.118.0/23
221.128.121.0/24
221.128.123.0/24
Signature Algorithm: sha256WithRSAEncryption
93:e0:45:e6:0c:85:b4:e5:c7:e6:f6:2f:61:ed:ac:5e:ad:78:
0b:cc:3d:ce:66:36:87:b0:e0:79:04:98:7e:6e:5e:17:e3:6a:
46:53:3c:8a:6d:0d:47:6b:0a:e3:ac:2f:fb:c8:bf:36:4e:07:
9d:73:4a:c0:8d:ea:b6:87:98:5a:39:54:dd:79:06:e8:2a:c3:
74:50:11:10:77:a1:7a:9b:4c:7e:8d:2a:03:ae:fd:71:fe:0d:
8f:a5:44:fe:eb:bc:e3:bc:d9:ba:9c:77:14:90:72:83:21:48:
aa:1a:2b:97:34:4c:40:b3:ca:15:36:5d:db:8f:99:54:49:05:
f1:ae:4a:19:70:32:f6:38:5a:38:ce:8d:c9:7e:cb:d7:a6:2d:
72:53:91:53:ed:a8:99:73:a4:96:03:51:6f:03:40:a4:ef:25:
21:2f:d3:d1:f1:30:d0:3f:5f:2e:6e:c8:26:2d:a9:c8:0f:73:
dd:7b:f0:6b:00:69:df:ab:9f:2e:da:a6:c4:3e:f8:28:f7:6b:
51:25:6f:58:64:f2:1c:4f:95:9e:76:7a:f9:a2:32:89:88:01:
d4:56:63:b9:c4:39:e7:32:7a:4a:79:02:6a:b9:94:04:ac:da:
25:b7:1b:86:8c:62:78:f6:4f:f6:0a:2c:aa:64:dc:86:bc:47:
1f:0e:94:0e
-----BEGIN CERTIFICATE-----
MIIGNjCCBR6gAwIBAgICD/MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0ZGQTAxMTAvBgNVBAUTKEFERDk0MThGMEY5QjU1RjNCNzM3NkEwOTNEQjExREJB
RDNBRUZFQzgwHhcNMjYwMTE0MTgxNDU3WhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODk5Zi00ZTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzn02tY75UPsFsEvY5UtZ5mEyri/I2GJLS2DkOHLarm+MWEatPUClmK/Uo7wv
m68XR8/PQoO5C/9Cfo4ApUelrNdmI7nYsBLv1jLlrwYTQTmRELLWyCMxEVHZ4bQj
PsKgHXMWXOKxDsOt6WQS7TWoguZvTh5fzWeAnygVocV9pgR1UHn/BW1kufySZjtY
TNzTEFJup9ZI+3M/uCRqcpDC+0YnGo25bolHHd2lsjhIZYKembWN/95sOpD3n+R1
UcxsdcBLb0b4QNq7thCEPoq+lwTMK8a2GvhQSa0UwMN4jmx4PRN13rw+7h1GkY6b
LeFg7m/wjz05hLSUGxglIpIbLQIDAQABo4IDWjCCA1YwHQYDVR0OBBYEFFsZv3oF
oDhqJTQsMEbSNs8f8mmmMB8GA1UdIwQYMBaAFK3ZQY8Pm1XztzdqCT2xHbrTrv7I
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkZBMC8xRDY2RDQ4NkQ4
Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9yZGxCanctYlZmTzNOMm9KUGJFZHV0T3Vf
c2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JkbEJqdy1iVmZPM04yb0pQYkVkdXRPdV9zZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0ZGQTAvMUQ2NkQ0ODZEOENCMTFFOUJBRTI0RDIxQzRGOUFFMDIvMDEzNERFOEND
NzcyMTFFQzlCMzc3QjJEQzRGOUFFMDIucm9hMIIBFwYIKwYBBQUHAQcBAf8EggEG
MIIBAjCB/wQCAAEwgfgDBAA9LwAwDAMEAD0vAwMEAT0vBAMEAD0vDwMEAD0vETAM
AwQAPS8VAwQAPS8WAwQAPS8YAwQAPS8bAwQAPS8dMAwDBAI9LywDBAA9Ly4wDAME
AD0vMQMEAj0vMDAMAwQAPS81AwQAPS84MAwDBAY9L0ADBAA9L0IDBAM9L0gDBAE9
L2YDBAI9L2wDBAbdgAADBADdgEcDBADdgEkDBADdgE0DBADdgE8DBADdgFEwDAME
AN2AVwMEAt2AWDAMAwQA3YBhAwQC3YBgMAwDBAPdgGgDBADdgG4wDAMEAN2AcwME
AN2AdAMEAd2AdgMEAN2AeQMEAN2AezANBgkqhkiG9w0BAQsFAAOCAQEAk+BF5gyF
tOXH5vYvYe2sXq14C8w9zmY2h7DgeQSYfm5eF+NqRlM8im0NR2sK46wv+8i/Nk4H
nXNKwI3qtoeYWjlU3XkG6CrDdFAREHeheptMfo0qA679cf4Nj6VE/uu847zZupx3
FJBygyFIqhorlzRMQLPKFTZd24+ZVEkF8a5KGXAy9jhaOM6NyX7L16YtclORU+2o
mXOklgNRbwNApO8lIS/T0fEw0D9fLm7IJi2pyA9z3XvwawBp36ufLtqmxD74KPdr
USVvWGTyHE+VnnZ6+aIyiYgB1FZjucQ55zJ6SnkCarmUBKzaJbcbhoxiePZP9gos
qmTchrxHHw6UDg==
-----END CERTIFICATE-----
Generated at Wed Mar 4 14:26:02 2026 by rpki-client