Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/39574A98960D11ECAAC81D60C4F9AE02.roa
File: 39574A98960D11ECAAC81D60C4F9AE02.roa (raw, json)
Hash identifier: 1pKGI4YxA6Kap59sCnfzUKmyKcKdcizdZQf+vovFFnk=
Subject key identifier: 3B:E3:DC:CF:5D:C2:E2:53:1B:B7:F6:1F:54:9E:3B:AC:7A:A4:A7:7B
Certificate issuer: /CN=A91E504E/serialNumber=A3F272752EC5D9E129E4DFCA080B88D39B794944
Certificate serial: 0459
Authority key identifier: A3:F2:72:75:2E:C5:D9:E1:29:E4:DF:CA:08:0B:88:D3:9B:79:49:44
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o_JydS7F2eEp5N_KCAuI05t5SUQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/39574A98960D11ECAAC81D60C4F9AE02.roa
Signing time: Mon 02 Mar 2026 12:30:29 +0000
ROA not before: Wed 07 Jan 2026 11:55:45 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 133199
IP address blocks: 43.225.44.0/24 maxlen: 24
43.225.45.0/24 maxlen: 24
43.225.46.0/24 maxlen: 24
43.225.47.0/24 maxlen: 24
43.240.28.0/22 maxlen: 22
43.240.28.0/24 maxlen: 24
43.240.29.0/24 maxlen: 24
43.240.30.0/24 maxlen: 24
43.240.31.0/24 maxlen: 24
43.242.32.0/22 maxlen: 22
43.242.32.0/24 maxlen: 24
43.242.33.0/24 maxlen: 24
43.242.34.0/24 maxlen: 24
43.242.35.0/24 maxlen: 24
45.119.96.0/24 maxlen: 24
45.119.97.0/24 maxlen: 24
45.119.98.0/24 maxlen: 24
45.119.99.0/24 maxlen: 24
103.44.28.0/24 maxlen: 24
103.44.29.0/24 maxlen: 24
103.44.30.0/24 maxlen: 24
103.44.31.0/24 maxlen: 24
103.59.144.0/24 maxlen: 24
103.59.145.0/24 maxlen: 24
103.59.146.0/24 maxlen: 24
103.59.147.0/24 maxlen: 24
103.249.108.0/24 maxlen: 24
103.249.109.0/24 maxlen: 24
103.249.110.0/24 maxlen: 24
103.249.111.0/24 maxlen: 24
103.254.148.0/24 maxlen: 24
103.254.149.0/24 maxlen: 24
103.254.150.0/24 maxlen: 24
103.254.151.0/24 maxlen: 24
2404:da80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/o_JydS7F2eEp5N_KCAuI05t5SUQ.crl
rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/o_JydS7F2eEp5N_KCAuI05t5SUQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o_JydS7F2eEp5N_KCAuI05t5SUQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 29 Mar 2026 23:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1113 (0x459)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E504E, serialNumber=A3F272752EC5D9E129E4DFCA080B88D39B794944
Validity
Not Before: Jan 7 11:55:45 2026 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=69a582e5-c213
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f6:9a:dc:05:e3:b5:e5:2e:9c:66:00:c2:ae:
1b:fe:df:31:2d:7e:a6:01:c2:da:cb:63:73:a7:cc:
da:52:83:25:a8:ad:e1:00:10:f5:83:61:91:89:40:
33:10:07:87:50:1f:dd:a6:a1:8e:9b:02:76:ed:e1:
93:a4:2b:6a:51:f4:7f:03:ee:83:5d:14:48:b2:ed:
7b:ea:6f:2a:db:33:e4:d2:ea:8b:1d:6f:92:29:76:
78:29:95:79:84:16:9c:04:3e:01:72:0f:8e:ea:a5:
be:36:65:ec:fa:0c:24:77:d3:40:0c:35:f6:db:19:
99:43:40:ba:ed:e1:89:eb:52:da:ca:c5:9f:bd:45:
52:2c:3d:c7:08:88:6e:c1:6f:a8:b8:30:b2:06:6b:
6b:d7:37:44:4c:0a:2a:03:ff:d4:b4:6a:d7:64:5f:
c4:de:78:1a:96:f8:62:1a:9d:90:46:45:7a:00:8b:
0d:66:6d:33:86:b0:d1:cb:c0:10:0b:2f:c9:16:e6:
38:38:97:e7:6e:19:64:e8:fc:4e:cd:a5:97:1c:d4:
91:e5:f0:47:e1:b4:cf:8a:c3:d9:95:d8:07:83:a8:
35:77:b3:56:77:6e:8c:1c:bd:d0:ec:0e:f0:26:db:
9f:43:7f:fc:dd:64:2d:cf:38:d9:f6:3c:26:04:c6:
f4:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:E3:DC:CF:5D:C2:E2:53:1B:B7:F6:1F:54:9E:3B:AC:7A:A4:A7:7B
X509v3 Authority Key Identifier:
keyid:A3:F2:72:75:2E:C5:D9:E1:29:E4:DF:CA:08:0B:88:D3:9B:79:49:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/o_JydS7F2eEp5N_KCAuI05t5SUQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o_JydS7F2eEp5N_KCAuI05t5SUQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/39574A98960D11ECAAC81D60C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.225.44.0/22
43.240.28.0/22
43.242.32.0/22
45.119.96.0/22
103.44.28.0/22
103.59.144.0/22
103.249.108.0/22
103.254.148.0/22
IPv6:
2404:da80::/32
Signature Algorithm: sha256WithRSAEncryption
06:17:c3:cb:37:0b:07:72:e7:b4:c6:d3:1d:77:24:e9:b0:58:
6d:5c:ed:9f:00:15:3a:b7:4a:b5:b1:67:c6:84:95:7a:e9:26:
c4:6c:54:c6:07:20:c1:b7:48:09:dd:96:35:fc:59:1f:03:32:
93:68:7d:cb:82:78:90:00:92:b9:d0:a0:39:4e:bb:8e:33:00:
22:97:94:fb:b7:96:6f:a7:d6:d3:ff:f0:a4:94:fe:34:9f:1f:
cc:1d:e6:32:df:e6:b4:e6:f4:b2:4e:44:70:a7:41:37:1a:38:
e7:f6:4d:81:62:2b:6e:cc:57:62:8c:65:9b:e7:7e:99:5e:94:
e6:23:91:1f:e1:ec:53:7b:f7:1e:26:1b:8f:09:dd:99:e2:53:
35:4e:0f:80:6f:09:22:bd:11:c5:04:cd:5e:33:18:ed:b4:50:
18:32:1c:e4:1b:e5:7d:ce:d5:72:c9:53:86:30:55:8a:f0:cd:
e1:ed:4e:9f:28:a7:b6:8e:09:2c:20:db:89:ed:c3:7e:fa:c4:
b6:c7:0f:96:1f:9c:7e:7a:41:0d:47:f2:61:66:27:ac:6c:dd:
15:99:3b:a7:47:fa:ce:ac:aa:26:97:ff:8d:92:27:45:5e:9a:
2f:55:8f:7e:cd:a7:26:42:ce:25:23:a6:41:7e:eb:c3:5a:78:
b2:b4:9a:6d
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgICBFkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTUwNEUxMTAvBgNVBAUTKEEzRjI3Mjc1MkVDNUQ5RTEyOUU0REZDQTA4MEI4OEQz
OUI3OTQ5NDQwHhcNMjYwMTA3MTE1NTQ1WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE1ODJlNS1jMjEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1/aa3AXjteUunGYAwq4b/t8xLX6mAcLay2Nzp8zaUoMlqK3hABD1g2GRiUAz
EAeHUB/dpqGOmwJ27eGTpCtqUfR/A+6DXRRIsu176m8q2zPk0uqLHW+SKXZ4KZV5
hBacBD4Bcg+O6qW+NmXs+gwkd9NADDX22xmZQ0C67eGJ61LaysWfvUVSLD3HCIhu
wW+ouDCyBmtr1zdETAoqA//UtGrXZF/E3ngalvhiGp2QRkV6AIsNZm0zhrDRy8AQ
Cy/JFuY4OJfnbhlk6PxOzaWXHNSR5fBH4bTPisPZldgHg6g1d7NWd26MHL3Q7A7w
JtufQ3/83WQtzzjZ9jwmBMb0zQIDAQABo4ICmTCCApUwHQYDVR0OBBYEFDvj3M9d
wuJTG7f2H1SeO6x6pKd7MB8GA1UdIwQYMBaAFKPycnUuxdnhKeTfyggLiNObeUlE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTA0RS81OTA5NDk5MDk2
MDgxMUVDQTA0QTAwODZDNEY5QUUwMi9vX0p5ZFM3RjJlRXA1Tl9LQ0F1STA1dDVT
VVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29fSnlkUzdGMmVFcDVOX0tDQXVJMDV0NVNVUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTUwNEUvNTkwOTQ5OTA5NjA4MTFFQ0EwNEEwMDg2QzRGOUFFMDIvMzk1NzRBOTg5
NjBEMTFFQ0FBQzgxRDYwQzRGOUFFMDIucm9hMFgGCCsGAQUFBwEHAQH/BEkwRzA2
BAIAATAwAwQCK+EsAwQCK/AcAwQCK/IgAwQCLXdgAwQCZywcAwQCZzuQAwQCZ/ls
AwQCZ/6UMA0EAgACMAcDBQAkBNqAMA0GCSqGSIb3DQEBCwUAA4IBAQAGF8PLNwsH
cue0xtMddyTpsFhtXO2fABU6t0q1sWfGhJV66SbEbFTGByDBt0gJ3ZY1/FkfAzKT
aH3LgniQAJK50KA5TruOMwAil5T7t5Zvp9bT//CklP40nx/MHeYy3+a05vSyTkRw
p0E3Gjjn9k2BYituzFdijGWb536ZXpTmI5Ef4exTe/ceJhuPCd2Z4lM1Tg+Abwki
vRHFBM1eMxjttFAYMhzkG+V9ztVyyVOGMFWK8M3h7U6fKKe2jgksINuJ7cN++sS2
xw+WH5x+ekENR/JhZiesbN0VmTunR/rOrKoml/+NkidFXpovVY9+zacmQs4lI6ZB
fuvDWniytJpt
-----END CERTIFICATE-----
Generated at Tue Mar 24 08:20:41 2026 by rpki-client