Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/6954A6281D1811F1BB26F0200F3D8C67.roa
File: 6954A6281D1811F1BB26F0200F3D8C67.roa (raw, json)
Hash identifier: Fgn01xCliB3jOqCRZvxtZZ8TUDtvaptuz97JIHGUWac=
Subject key identifier: 36:11:BD:09:41:C4:57:A4:1F:3D:9F:17:30:E0:1C:FB:25:64:DA:8F
Certificate issuer: /CN=A91E4D3D/serialNumber=C8070FD061A851FF8AEDE0DE0C3607EEB98FF701
Certificate serial: 06A6
Authority key identifier: C8:07:0F:D0:61:A8:51:FF:8A:ED:E0:DE:0C:36:07:EE:B9:8F:F7:01
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/6954A6281D1811F1BB26F0200F3D8C67.roa
Signing time: Mon 18 May 2026 12:56:14 +0000
ROA not before: Mon 18 May 2026 12:56:14 +0000
ROA not after: Wed 31 Mar 2027 00:00:00 +0000
asID: 13150
IP address blocks: 103.203.220.0/24 maxlen: 24
103.203.221.0/24 maxlen: 24
103.203.222.0/24 maxlen: 24
103.203.223.0/24 maxlen: 24
113.30.128.0/24 maxlen: 24
113.30.130.0/24 maxlen: 24
113.30.131.0/24 maxlen: 24
113.30.132.0/24 maxlen: 24
113.30.133.0/24 maxlen: 24
113.30.134.0/24 maxlen: 24
113.30.135.0/24 maxlen: 24
113.30.136.0/24 maxlen: 24
113.30.137.0/24 maxlen: 24
113.30.138.0/24 maxlen: 24
123.253.152.0/24 maxlen: 24
123.253.153.0/24 maxlen: 24
123.253.154.0/24 maxlen: 24
123.253.155.0/24 maxlen: 24
150.195.208.0/24 maxlen: 24
150.195.209.0/24 maxlen: 24
150.195.210.0/24 maxlen: 24
150.195.211.0/24 maxlen: 24
150.195.212.0/24 maxlen: 24
150.195.214.0/24 maxlen: 24
150.195.217.0/24 maxlen: 24
150.195.218.0/24 maxlen: 24
150.195.219.0/24 maxlen: 24
150.195.220.0/24 maxlen: 24
150.195.221.0/24 maxlen: 24
150.195.222.0/24 maxlen: 24
150.195.223.0/24 maxlen: 24
202.75.240.0/24 maxlen: 24
202.75.242.0/24 maxlen: 24
202.75.243.0/24 maxlen: 24
202.75.244.0/24 maxlen: 24
202.75.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.crl
rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 25 May 2026 22:35:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1702 (0x6a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4D3D, serialNumber=C8070FD061A851FF8AEDE0DE0C3607EEB98FF701
Validity
Not Before: May 18 12:56:14 2026 GMT
Not After : Mar 31 00:00:00 2027 GMT
Subject: CN=6a0b0c6e-9e7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f0:57:4f:c0:2a:ee:6b:5b:b6:76:25:d1:9c:
3f:b9:35:25:35:b5:72:f8:9b:70:d8:74:6e:d6:ae:
4a:5a:5e:2a:de:77:5f:07:43:25:27:38:fe:fe:e9:
9c:66:94:f3:ff:21:85:7e:8d:b3:a1:47:ee:16:ff:
a7:09:44:13:84:bc:86:49:c4:26:5f:82:06:57:4b:
a7:4a:94:d1:c9:9e:10:e5:35:03:a0:4a:da:18:96:
a6:9b:3a:18:05:ab:b0:ca:2f:09:aa:93:84:c8:71:
1d:d3:53:cd:ce:05:3c:17:94:9b:a0:4d:f3:37:42:
28:74:25:78:79:1a:d4:15:44:e0:35:7f:45:18:7e:
30:35:2a:db:ff:e0:9f:f5:c6:ea:eb:b5:1d:f5:bd:
06:d3:70:67:ab:20:b9:b6:d1:9b:40:7e:6c:5f:c8:
88:7d:96:6e:e6:16:a2:53:c5:72:65:e3:6b:e0:dc:
eb:2e:e4:b0:96:1e:20:16:60:88:3d:0a:a8:31:e3:
a5:9d:a7:f1:dd:bc:28:34:fe:11:47:2f:e5:ab:58:
fc:b4:9f:8c:75:ae:41:bd:dd:15:0c:61:0d:d4:62:
ce:73:5d:31:69:82:ec:b1:67:2f:58:dd:eb:f0:eb:
5a:1e:f2:54:9c:68:df:a0:cc:39:dd:c7:55:05:e1:
36:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:11:BD:09:41:C4:57:A4:1F:3D:9F:17:30:E0:1C:FB:25:64:DA:8F
X509v3 Authority Key Identifier:
keyid:C8:07:0F:D0:61:A8:51:FF:8A:ED:E0:DE:0C:36:07:EE:B9:8F:F7:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/yAcP0GGoUf-K7eDeDDYH7rmP9wE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yAcP0GGoUf-K7eDeDDYH7rmP9wE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/B0202D32D8B911EBABC1F485C4F9AE02/6954A6281D1811F1BB26F0200F3D8C67.roa
sbgp-ipAddrBlock: critical
IPv4:
103.203.220.0/22
113.30.128.0/24
113.30.130.0-113.30.138.255
123.253.152.0/22
150.195.208.0-150.195.212.255
150.195.214.0/24
150.195.217.0-150.195.223.255
202.75.240.0/24
202.75.242.0-202.75.244.255
202.75.246.0/24
Signature Algorithm: sha256WithRSAEncryption
01:d2:91:6b:ad:ef:46:5f:99:cc:e2:28:df:8b:83:fa:12:36:
92:e2:f3:c9:29:8e:ec:88:ad:38:92:9c:1c:8d:41:3c:3d:1b:
48:a2:d2:4d:3c:dd:6b:62:d4:32:3f:44:c3:5b:64:81:57:50:
b7:a2:67:36:5e:e5:c8:7c:1e:91:17:9e:4b:39:d9:c3:32:34:
f2:14:ca:1b:b4:fd:1e:7d:aa:cb:40:ad:1d:4f:21:b0:ea:42:
b0:2a:84:df:54:44:6b:57:8d:15:35:ae:1e:80:ca:cd:c5:42:
5c:80:3c:2c:ae:c5:d7:3b:33:68:83:cd:e8:ab:8b:5b:90:c2:
8d:a0:c1:46:1e:76:9e:d9:6a:aa:b2:57:00:1a:c8:d4:e3:99:
b1:a9:0c:a6:8a:c0:48:20:11:61:44:c1:09:7c:d5:53:d5:5f:
7f:50:ea:b5:9a:e4:e5:08:24:09:4f:6b:08:71:26:4a:ff:b7:
b8:37:11:d0:14:d7:8e:52:81:84:f9:f2:e9:6e:76:9d:c0:61:
f0:b9:8f:78:d0:39:a7:b6:a5:56:9a:35:74:9b:d9:6a:51:df:
d5:76:95:11:1e:9c:12:ea:e3:c0:76:c8:03:ef:ea:0a:ef:89:
6c:ee:12:48:f5:4e:d6:73:d7:0f:1e:59:d0:94:2c:f2:18:dd:
2d:18:68:17
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICBqYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTREM0QxMTAvBgNVBAUTKEM4MDcwRkQwNjFBODUxRkY4QUVERTBERTBDMzYwN0VF
Qjk4RkY3MDEwHhcNMjYwNTE4MTI1NjE0WhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTBiMGM2ZS05ZTdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtPBXT8Aq7mtbtnYl0Zw/uTUlNbVy+Jtw2HRu1q5KWl4q3ndfB0MlJzj+/umc
ZpTz/yGFfo2zoUfuFv+nCUQThLyGScQmX4IGV0unSpTRyZ4Q5TUDoEraGJammzoY
Bauwyi8JqpOEyHEd01PNzgU8F5SboE3zN0IodCV4eRrUFUTgNX9FGH4wNSrb/+Cf
9cbq67Ud9b0G03BnqyC5ttGbQH5sX8iIfZZu5haiU8VyZeNr4NzrLuSwlh4gFmCI
PQqoMeOlnafx3bwoNP4RRy/lq1j8tJ+Mda5Bvd0VDGEN1GLOc10xaYLssWcvWN3r
8OtaHvJUnGjfoMw53cdVBeE2yQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFDYRvQlB
xFekHz2fFzDgHPslZNqPMB8GA1UdIwQYMBaAFMgHD9BhqFH/iu3g3gw2B+65j/cB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEQzRC9CMDIwMkQzMkQ4
QjkxMUVCQUJDMUY0ODVDNEY5QUUwMi95QWNQMEdHb1VmLUs3ZURlRERZSDdybVA5
d0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lBY1AwR0dvVWYtSzdlRGVERFlIN3JtUDl3RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTREM0QvQjAyMDJEMzJEOEI5MTFFQkFCQzFGNDg1QzRGOUFFMDIvNjk1NEE2Mjgx
RDE4MTFGMUJCMjZGMDIwMEYzRDhDNjcucm9hMHUGCCsGAQUFBwEHAQH/BGYwZDBi
BAIAATBcAwQCZ8vcAwQAcR6AMAwDBAFxHoIDBABxHooDBAJ7/ZgwDAMEBJbD0AME
AJbD1AMEAJbD1jAMAwQAlsPZAwQFlsPAAwQAykvwMAwDBAHKS/IDBADKS/QDBADK
S/YwDQYJKoZIhvcNAQELBQADggEBAAHSkWut70ZfmcziKN+Lg/oSNpLi88kpjuyI
rTiSnByNQTw9G0ii0k083Wti1DI/RMNbZIFXULeiZzZe5ch8HpEXnks52cMyNPIU
yhu0/R59qstArR1PIbDqQrAqhN9URGtXjRU1rh6Ays3FQlyAPCyuxdc7M2iDzeir
i1uQwo2gwUYedp7ZaqqyVwAayNTjmbGpDKaKwEggEWFEwQl81VPVX39Q6rWa5OUI
JAlPawhxJkr/t7g3EdAU145SgYT58uludp3AYfC5j3jQOae2pVaaNXSb2WpR39V2
lREenBLq48B2yAPv6grviWzuEkj1TtZz1w8eWdCULPIY3S0YaBc=
-----END CERTIFICATE-----
Generated at Tue May 19 09:30:21 2026 by rpki-client