Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/F39D90EE561B11EFB51A9149C4F9AE02.roa
File: F39D90EE561B11EFB51A9149C4F9AE02.roa (raw, json)
Hash identifier: Nh1Q+Dya7glLRU5/4sMU0gPbts/P00D+f3Yj7z1hNXY=
Subject key identifier: 18:F5:22:07:23:9A:8D:B8:7E:97:7A:0A:65:FE:6B:DB:EC:CB:C4:35
Certificate issuer: /CN=A91D462A/serialNumber=CF712CB389EE84DA19CA981DE630F509FF44CD45
Certificate serial: 1ACE
Authority key identifier: CF:71:2C:B3:89:EE:84:DA:19:CA:98:1D:E6:30:F5:09:FF:44:CD:45
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3Ess4nuhNoZypgd5jD1Cf9EzUU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/F39D90EE561B11EFB51A9149C4F9AE02.roa
Signing time: Sun 01 Mar 2026 15:29:37 +0000
ROA not before: Mon 10 Nov 2025 16:04:38 +0000
ROA not after: Sun 31 Jan 2027 00:00:00 +0000
asID: 1299
IP address blocks: 45.117.32.0/24 maxlen: 24
45.117.33.0/24 maxlen: 24
45.117.34.0/24 maxlen: 24
45.117.35.0/24 maxlen: 24
202.21.96.0/24 maxlen: 24
202.21.97.0/24 maxlen: 24
202.21.98.0/24 maxlen: 24
202.21.99.0/24 maxlen: 24
202.21.100.0/24 maxlen: 24
202.21.101.0/24 maxlen: 24
202.21.102.0/24 maxlen: 24
202.21.103.0/24 maxlen: 24
202.21.104.0/24 maxlen: 24
202.21.105.0/24 maxlen: 24
202.21.106.0/24 maxlen: 24
202.21.107.0/24 maxlen: 24
202.21.108.0/24 maxlen: 24
202.21.109.0/24 maxlen: 24
202.21.110.0/24 maxlen: 24
202.21.111.0/24 maxlen: 24
202.21.112.0/24 maxlen: 24
202.21.113.0/24 maxlen: 24
202.21.114.0/24 maxlen: 24
202.21.115.0/24 maxlen: 24
202.21.116.0/24 maxlen: 24
202.21.117.0/24 maxlen: 24
202.21.118.0/24 maxlen: 24
202.21.119.0/24 maxlen: 24
202.21.120.0/24 maxlen: 24
202.21.121.0/24 maxlen: 24
202.21.122.0/24 maxlen: 24
202.21.123.0/24 maxlen: 24
202.21.124.0/24 maxlen: 24
202.21.125.0/24 maxlen: 24
202.21.126.0/24 maxlen: 24
202.21.127.0/24 maxlen: 24
202.126.92.0/22 maxlen: 24
202.131.224.0/24 maxlen: 24
202.131.225.0/24 maxlen: 24
202.131.226.0/24 maxlen: 24
202.131.227.0/24 maxlen: 24
202.131.228.0/24 maxlen: 24
202.131.229.0/24 maxlen: 24
202.131.230.0/24 maxlen: 24
202.131.231.0/24 maxlen: 24
202.131.232.0/24 maxlen: 24
202.131.233.0/24 maxlen: 24
202.131.234.0/24 maxlen: 24
202.131.235.0/24 maxlen: 24
202.131.236.0/24 maxlen: 24
202.131.237.0/24 maxlen: 24
202.131.238.0/24 maxlen: 24
202.131.239.0/24 maxlen: 24
202.131.240.0/24 maxlen: 24
202.131.241.0/24 maxlen: 24
202.131.242.0/24 maxlen: 24
202.131.243.0/24 maxlen: 24
202.131.244.0/24 maxlen: 24
202.131.245.0/24 maxlen: 24
202.131.246.0/24 maxlen: 24
202.131.247.0/24 maxlen: 24
202.131.248.0/24 maxlen: 24
202.131.249.0/24 maxlen: 24
202.131.250.0/24 maxlen: 24
202.131.251.0/24 maxlen: 24
202.131.252.0/24 maxlen: 24
202.131.253.0/24 maxlen: 24
202.131.254.0/24 maxlen: 24
202.131.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/z3Ess4nuhNoZypgd5jD1Cf9EzUU.crl
rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/z3Ess4nuhNoZypgd5jD1Cf9EzUU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3Ess4nuhNoZypgd5jD1Cf9EzUU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 13 Mar 2026 16:11:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6862 (0x1ace)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D462A, serialNumber=CF712CB389EE84DA19CA981DE630F509FF44CD45
Validity
Not Before: Nov 10 16:04:38 2025 GMT
Not After : Jan 31 00:00:00 2027 GMT
Subject: CN=69a45b61-cd7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:18:1a:1f:a4:33:e9:83:d1:c8:08:02:9b:52:
cd:c8:17:a9:26:2f:13:69:77:8c:39:b6:98:37:3c:
d4:0f:8e:f4:31:31:f0:20:82:96:32:ca:64:d6:3e:
9a:c6:ac:af:ee:32:3c:6a:b6:c0:30:30:52:6b:7d:
b8:f0:c9:c0:1b:27:ea:3e:c9:b0:54:c7:ef:c2:df:
44:c2:6e:9d:c5:13:18:75:54:fb:9d:50:d5:06:d4:
bb:de:ae:54:99:80:d7:86:33:2a:01:bb:ab:05:cf:
c4:b2:7b:33:67:65:02:a6:df:a5:97:ec:b3:8c:db:
30:a1:8c:be:ec:b5:9a:1c:aa:35:85:38:e7:0c:be:
6e:3e:67:b4:c9:8d:68:57:62:b8:28:3f:48:ca:7e:
fd:b6:14:a8:e9:dc:6d:45:81:0c:53:33:36:63:ac:
f2:9e:5f:04:4d:6c:44:12:60:1d:dd:76:40:84:b7:
ff:8c:bc:d4:57:74:1e:aa:24:df:97:0a:d2:6b:d0:
aa:57:df:39:82:97:4d:5a:1e:bb:dc:37:94:29:bd:
79:31:5b:2e:72:40:4a:59:3b:53:16:c7:50:88:4f:
99:b8:64:6a:5a:99:81:60:1d:6d:96:a5:e9:28:92:
b0:da:80:75:8e:13:a7:56:43:75:ee:33:7b:3b:c7:
43:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:F5:22:07:23:9A:8D:B8:7E:97:7A:0A:65:FE:6B:DB:EC:CB:C4:35
X509v3 Authority Key Identifier:
keyid:CF:71:2C:B3:89:EE:84:DA:19:CA:98:1D:E6:30:F5:09:FF:44:CD:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/z3Ess4nuhNoZypgd5jD1Cf9EzUU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3Ess4nuhNoZypgd5jD1Cf9EzUU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/F39D90EE561B11EFB51A9149C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.117.32.0/22
202.21.96.0/19
202.126.92.0/22
202.131.224.0/19
Signature Algorithm: sha256WithRSAEncryption
15:a1:8e:48:33:cb:e7:de:86:29:ff:3c:b7:69:fb:80:dd:f8:
f4:0b:ff:f5:d6:47:cd:b2:9f:16:66:b6:f7:51:75:40:15:7f:
bd:4c:fa:9f:fe:41:79:bb:01:17:c5:be:d0:e4:63:2c:5d:48:
79:d5:59:eb:4a:a6:ac:23:c1:cf:92:a0:fb:29:4a:49:51:89:
fe:e6:ef:13:25:51:41:42:06:2d:c5:3a:81:18:54:aa:b4:38:
25:d0:29:c9:74:bb:6b:66:17:d0:05:71:90:e7:06:48:c8:a3:
5f:4a:1b:35:7e:fa:1b:72:65:e2:52:5b:09:3e:a0:f2:63:e7:
be:92:6e:10:ef:d1:79:d2:0e:4c:63:af:f4:bc:80:21:6f:9f:
cb:d9:af:08:2c:a5:a3:c9:75:87:57:6a:e6:8c:81:58:f0:3f:
da:0d:ca:8e:26:a0:c0:90:e5:e2:2e:00:03:c4:5f:24:da:71:
25:41:22:d9:59:9a:a8:45:13:d1:e7:17:09:a8:1b:b2:f6:96:
7f:fe:29:e0:0b:c1:d6:ef:b0:c9:b2:57:88:08:74:43:c7:aa:
4a:21:9f:ca:b4:08:4c:e6:91:71:7e:ab:46:36:7d:b9:e7:ef:
67:7c:a4:07:b8:67:cc:47:d5:79:64:ab:89:5c:d7:b6:4f:2f:
85:8e:08:e4
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgICGs4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDQ2MkExMTAvBgNVBAUTKENGNzEyQ0IzODlFRTg0REExOUNBOTgxREU2MzBGNTA5
RkY0NENENDUwHhcNMjUxMTEwMTYwNDM4WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NWI2MS1jZDdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuhgaH6Qz6YPRyAgCm1LNyBepJi8TaXeMObaYNzzUD470MTHwIIKWMspk1j6a
xqyv7jI8arbAMDBSa3248MnAGyfqPsmwVMfvwt9Ewm6dxRMYdVT7nVDVBtS73q5U
mYDXhjMqAburBc/EsnszZ2UCpt+ll+yzjNswoYy+7LWaHKo1hTjnDL5uPme0yY1o
V2K4KD9Iyn79thSo6dxtRYEMUzM2Y6zynl8ETWxEEmAd3XZAhLf/jLzUV3QeqiTf
lwrSa9CqV985gpdNWh673DeUKb15MVsuckBKWTtTFsdQiE+ZuGRqWpmBYB1tlqXp
KJKw2oB1jhOnVkN17jN7O8dDvwIDAQABo4ICcjCCAm4wHQYDVR0OBBYEFBj1Igcj
mo24fpd6CmX+a9vsy8Q1MB8GA1UdIwQYMBaAFM9xLLOJ7oTaGcqYHeYw9Qn/RM1F
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDYyQS80Q0JEM0Y4NDUw
RDUxMUU3OTMxM0FFMTJDNEY5QUUwMi96M0VzczRudWhOb1p5cGdkNWpEMUNmOUV6
VVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ozRXNzNG51aE5vWnlwZ2Q1akQxQ2Y5RXpVVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDQ2MkEvNENCRDNGODQ1MEQ1MTFFNzkzMTNBRTEyQzRGOUFFMDIvRjM5RDkwRUU1
NjFCMTFFRkI1MUE5MTQ5QzRGOUFFMDIucm9hMDEGCCsGAQUFBwEHAQH/BCIwIDAe
BAIAATAYAwQCLXUgAwQFyhVgAwQCyn5cAwQFyoPgMA0GCSqGSIb3DQEBCwUAA4IB
AQAVoY5IM8vn3oYp/zy3afuA3fj0C//11kfNsp8WZrb3UXVAFX+9TPqf/kF5uwEX
xb7Q5GMsXUh51VnrSqasI8HPkqD7KUpJUYn+5u8TJVFBQgYtxTqBGFSqtDgl0CnJ
dLtrZhfQBXGQ5wZIyKNfShs1fvobcmXiUlsJPqDyY+e+km4Q79F50g5MY6/0vIAh
b5/L2a8ILKWjyXWHV2rmjIFY8D/aDcqOJqDAkOXiLgADxF8k2nElQSLZWZqoRRPR
5xcJqBuy9pZ//ingC8HW77DJsleICHRDx6pKIZ/KtAhM5pFxfqtGNn255+9nfKQH
uGfMR9V5ZKuJXNe2Ty+Fjgjk
-----END CERTIFICATE-----
Generated at Sat Mar 7 11:16:46 2026 by rpki-client