Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA898/69ADC19E1D8C11E286B69EE708B02CD2/AB9A0D320D6011EDA50DFA25C4F9AE02.roa
File: AB9A0D320D6011EDA50DFA25C4F9AE02.roa (raw, json)
Hash identifier: 1Cdkvj8Zmrz288tTtARmoTNJLlC3XzpmCC67kc6iQwM=
Subject key identifier: 53:64:FD:7A:7F:49:90:18:FA:56:39:99:E2:DB:36:C5:2E:C2:9D:FF
Certificate issuer: /CN=A91DA898/serialNumber=1A55DB627A2A2E4B26672EE0E1D7512F86414E83
Certificate serial: 3589
Authority key identifier: 1A:55:DB:62:7A:2A:2E:4B:26:67:2E:E0:E1:D7:51:2F:86:41:4E:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GlXbYnoqLksmZy7g4ddRL4ZBToM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DA898/69ADC19E1D8C11E286B69EE708B02CD2/AB9A0D320D6011EDA50DFA25C4F9AE02.roa
Signing time: Tue 16 Jun 2026 15:12:42 +0000
ROA not before: Tue 16 Jun 2026 15:12:42 +0000
ROA not after: Thu 30 Sep 2027 00:00:00 +0000
asID: 10219
IP address blocks: 103.23.48.0/22 maxlen: 22
103.23.48.0/24 maxlen: 24
103.23.49.0/24 maxlen: 24
103.23.50.0/24 maxlen: 24
103.23.51.0/24 maxlen: 24
112.72.0.0/20 maxlen: 20
112.72.0.0/24 maxlen: 24
112.72.1.0/24 maxlen: 24
112.72.2.0/24 maxlen: 24
112.72.3.0/24 maxlen: 24
112.72.4.0/24 maxlen: 24
112.72.5.0/24 maxlen: 24
112.72.6.0/24 maxlen: 24
112.72.7.0/24 maxlen: 24
112.72.8.0/24 maxlen: 24
112.72.9.0/24 maxlen: 24
112.72.10.0/24 maxlen: 24
112.72.11.0/24 maxlen: 24
112.72.12.0/24 maxlen: 24
112.72.13.0/24 maxlen: 24
112.72.14.0/24 maxlen: 24
112.72.15.0/24 maxlen: 24
202.9.40.0/21 maxlen: 21
202.9.40.0/24 maxlen: 24
202.9.41.0/24 maxlen: 24
202.9.42.0/24 maxlen: 24
202.9.43.0/24 maxlen: 24
202.9.44.0/24 maxlen: 24
202.9.45.0/24 maxlen: 24
202.9.46.0/24 maxlen: 24
202.9.47.0/24 maxlen: 24
202.55.176.0/20 maxlen: 20
202.55.176.0/24 maxlen: 24
202.55.177.0/24 maxlen: 24
202.55.178.0/24 maxlen: 24
202.55.179.0/24 maxlen: 24
202.55.180.0/24 maxlen: 24
202.55.181.0/24 maxlen: 24
202.55.182.0/24 maxlen: 24
202.55.183.0/24 maxlen: 24
202.55.184.0/24 maxlen: 24
202.55.185.0/24 maxlen: 24
202.55.186.0/24 maxlen: 24
202.55.187.0/24 maxlen: 24
202.55.188.0/24 maxlen: 24
202.55.189.0/24 maxlen: 24
202.55.190.0/24 maxlen: 24
202.55.191.0/24 maxlen: 24
2405:ae00::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91DA898/69ADC19E1D8C11E286B69EE708B02CD2/GlXbYnoqLksmZy7g4ddRL4ZBToM.crl
rsync://rpki.apnic.net/member_repository/A91DA898/69ADC19E1D8C11E286B69EE708B02CD2/GlXbYnoqLksmZy7g4ddRL4ZBToM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GlXbYnoqLksmZy7g4ddRL4ZBToM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 29 Jun 2026 14:36:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13705 (0x3589)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DA898, serialNumber=1A55DB627A2A2E4B26672EE0E1D7512F86414E83
Validity
Not Before: Jun 16 15:12:42 2026 GMT
Not After : Sep 30 00:00:00 2027 GMT
Subject: CN=6a3167e9-0516
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:5b:32:e1:64:a8:1f:d3:9a:be:5a:fd:ff:ff:
17:5e:f9:b7:c0:c9:77:1f:9d:68:f4:d8:36:7b:c9:
81:9d:56:60:33:0d:27:bc:7f:b8:ba:7b:f1:b2:d3:
16:56:17:1a:95:af:ab:5b:8e:4b:f0:94:be:5e:ae:
ed:7f:22:33:92:39:4e:46:9c:d5:3c:30:3d:bd:2a:
52:27:b7:5e:e7:03:f5:cc:05:54:1c:9d:a3:75:95:
01:1b:a5:79:45:5c:59:b7:37:59:20:47:1f:fa:48:
ec:03:48:9a:2d:87:ff:31:5e:11:20:93:6f:ad:a0:
f6:4f:79:18:56:81:85:dd:74:04:7a:79:96:99:ee:
b1:f7:87:b2:80:ce:70:35:27:5f:20:29:1e:d0:03:
f4:ad:5a:df:d1:4e:21:bc:48:38:11:06:5c:fd:9a:
f9:18:43:ba:c9:c0:16:c9:c4:73:eb:44:ca:43:8b:
32:d8:3b:a6:a5:fb:9d:38:2b:ac:03:d0:e1:0d:02:
4e:44:43:6d:fe:31:f3:7f:b1:31:d9:1b:db:95:ec:
a1:eb:27:87:df:36:46:4d:b7:4c:81:1a:ca:0e:9a:
ef:b7:55:69:f0:90:18:b6:76:ce:b6:cb:c2:04:9f:
31:c8:b3:5b:dd:4f:b4:2f:81:29:7d:b3:0f:48:48:
d3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:64:FD:7A:7F:49:90:18:FA:56:39:99:E2:DB:36:C5:2E:C2:9D:FF
X509v3 Authority Key Identifier:
keyid:1A:55:DB:62:7A:2A:2E:4B:26:67:2E:E0:E1:D7:51:2F:86:41:4E:83
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DA898/69ADC19E1D8C11E286B69EE708B02CD2/GlXbYnoqLksmZy7g4ddRL4ZBToM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GlXbYnoqLksmZy7g4ddRL4ZBToM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA898/69ADC19E1D8C11E286B69EE708B02CD2/AB9A0D320D6011EDA50DFA25C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.23.48.0/22
112.72.0.0/20
202.9.40.0/21
202.55.176.0/20
IPv6:
2405:ae00::/32
Signature Algorithm: sha256WithRSAEncryption
35:08:10:86:3d:34:6b:8d:5b:c3:9b:e6:45:9b:4a:a7:d7:5f:
0a:12:8c:84:f0:00:56:ab:df:a4:00:be:fd:52:76:69:bf:12:
55:09:6b:79:7a:6d:b4:f2:a2:74:a7:88:6b:d9:f4:5c:43:d2:
47:20:87:f3:ea:09:a3:4b:9d:f3:3b:fc:00:41:80:20:66:0c:
37:20:ae:8c:e6:5c:bd:06:52:c9:e2:5f:3c:b3:f2:60:f2:f7:
ff:78:2a:71:8e:f2:04:3a:2f:b6:4e:6f:a0:2b:76:17:84:c0:
03:09:49:b0:ec:11:70:65:b5:a5:35:84:b6:da:c5:20:95:d5:
bb:3b:0a:23:58:e2:03:fe:4d:ae:32:fd:7e:1c:87:11:a4:30:
95:47:02:c1:ab:94:22:8e:5b:b1:37:7c:15:c1:5b:0f:29:d9:
81:78:3f:3d:78:a8:38:23:a9:c5:ea:eb:8d:73:71:0e:93:f5:
83:31:01:f5:fc:26:c3:cd:1c:96:9c:22:ae:da:e3:15:0e:a4:
17:c2:e9:12:de:4c:c8:aa:20:32:99:db:7c:f3:30:14:8e:ba:
58:47:3f:02:59:8f:fe:09:1a:41:d6:5a:4f:cb:36:a5:5a:79:
18:9a:05:41:e4:f0:02:c3:2a:f3:76:b6:05:8c:5c:97:82:38:
13:a2:a7:61
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgICNYkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REE4OTgxMTAvBgNVBAUTKDFBNTVEQjYyN0EyQTJFNEIyNjY3MkVFMEUxRDc1MTJG
ODY0MTRFODMwHhcNMjYwNjE2MTUxMjQyWhcNMjcwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTMxNjdlOS0wNTE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA11sy4WSoH9Oavlr9//8XXvm3wMl3H51o9Ng2e8mBnVZgMw0nvH+4unvxstMW
Vhcala+rW45L8JS+Xq7tfyIzkjlORpzVPDA9vSpSJ7de5wP1zAVUHJ2jdZUBG6V5
RVxZtzdZIEcf+kjsA0iaLYf/MV4RIJNvraD2T3kYVoGF3XQEenmWme6x94eygM5w
NSdfICke0AP0rVrf0U4hvEg4EQZc/Zr5GEO6ycAWycRz60TKQ4sy2DumpfudOCus
A9DhDQJORENt/jHzf7Ex2Rvbleyh6yeH3zZGTbdMgRrKDprvt1Vp8JAYtnbOtsvC
BJ8xyLNb3U+0L4EpfbMPSEjTiQIDAQABo4ICgTCCAn0wHQYDVR0OBBYEFFNk/Xp/
SZAY+lY5meLbNsUuwp3/MB8GA1UdIwQYMBaAFBpV22J6Ki5LJmcu4OHXUS+GQU6D
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTg5OC82OUFEQzE5RTFE
OEMxMUUyODZCNjlFRTcwOEIwMkNEMi9HbFhiWW5vcUxrc21aeTdnNGRkUkw0WkJU
b00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0dsWGJZbm9xTGtzbVp5N2c0ZGRSTDRaQlRvTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REE4OTgvNjlBREMxOUUxRDhDMTFFMjg2QjY5RUU3MDhCMDJDRDIvQUI5QTBEMzIw
RDYwMTFFREE1MERGQTI1QzRGOUFFMDIucm9hMEAGCCsGAQUFBwEHAQH/BDEwLzAe
BAIAATAYAwQCZxcwAwQEcEgAAwQDygkoAwQEyjewMA0EAgACMAcDBQAkBa4AMA0G
CSqGSIb3DQEBCwUAA4IBAQA1CBCGPTRrjVvDm+ZFm0qn118KEoyE8ABWq9+kAL79
UnZpvxJVCWt5em208qJ0p4hr2fRcQ9JHIIfz6gmjS53zO/wAQYAgZgw3IK6M5ly9
BlLJ4l88s/Jg8vf/eCpxjvIEOi+2Tm+gK3YXhMADCUmw7BFwZbWlNYS22sUgldW7
OwojWOID/k2uMv1+HIcRpDCVRwLBq5QijluxN3wVwVsPKdmBeD89eKg4I6nF6uuN
c3EOk/WDMQH1/CbDzRyWnCKu2uMVDqQXwukS3kzIqiAymdt88zAUjrpYRz8CWY/+
CRpB1lpPyzalWnkYmgVB5PACwyrzdrYFjFyXgjgToqdh
-----END CERTIFICATE-----
Generated at Wed Jun 24 14:12:45 2026 by rpki-client