Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/B6D9896CD51111F0AE06421FC4F9AE02.roa
File: B6D9896CD51111F0AE06421FC4F9AE02.roa (raw, json)
Hash identifier: CzpDWjG6CA/RX7bXF7dh2aPRoqlocsn3HHK5kgU2yi0=
Subject key identifier: 83:B9:DA:AF:2E:45:02:F7:5E:39:7A:0C:94:72:AE:9B:CF:5E:75:8B
Certificate issuer: /CN=A91EA198/serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD
Certificate serial: 1F8A
Authority key identifier: 9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/B6D9896CD51111F0AE06421FC4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:24:59 +0000
ROA not before: Sat 28 Feb 2026 05:46:02 +0000
ROA not after: Tue 02 Mar 2027 00:00:00 +0000
asID: 45102
IP address blocks: 14.1.112.0/22 maxlen: 24
43.0.0.0/9 maxlen: 15
43.91.0.0/16 maxlen: 24
43.96.0.0/16 maxlen: 24
43.97.0.0/16 maxlen: 24
43.98.0.0/16 maxlen: 24
43.99.0.0/16 maxlen: 24
43.100.0.0/16 maxlen: 24
43.101.0.0/16 maxlen: 24
43.102.0.0/16 maxlen: 24
43.103.0.0/16 maxlen: 24
43.104.0.0/16 maxlen: 24
43.105.0.0/16 maxlen: 24
43.106.0.0/16 maxlen: 24
43.107.0.0/16 maxlen: 16
43.107.0.0/16 maxlen: 24
43.108.0.0/16 maxlen: 24
43.109.0.0/16 maxlen: 24
43.110.0.0/16 maxlen: 24
43.111.0.0/16 maxlen: 16
43.111.0.0/16 maxlen: 24
43.112.0.0/16 maxlen: 16
43.112.0.0/16 maxlen: 24
43.113.0.0/16 maxlen: 24
43.114.0.0/16 maxlen: 24
43.115.0.0/16 maxlen: 24
43.116.0.0/16 maxlen: 24
43.117.0.0/16 maxlen: 24
43.118.0.0/16 maxlen: 24
43.119.0.0/16 maxlen: 24
43.120.0.0/16 maxlen: 24
43.121.0.0/16 maxlen: 24
43.122.0.0/16 maxlen: 24
43.123.0.0/16 maxlen: 24
43.124.0.0/16 maxlen: 24
43.125.0.0/16 maxlen: 24
43.126.0.0/16 maxlen: 24
43.127.0.0/16 maxlen: 24
103.206.40.0/22 maxlen: 24
2404:2280::/32 maxlen: 48
240b:4000::/22 maxlen: 31
240b:4000::/32 maxlen: 48
240b:4001::/32 maxlen: 40
240b:4002::/32 maxlen: 48
240b:4003::/32 maxlen: 48
240b:4004::/32 maxlen: 48
240b:4005::/32 maxlen: 48
240b:4006::/32 maxlen: 48
240b:4007::/32 maxlen: 48
240b:4008::/32 maxlen: 48
240b:4009::/32 maxlen: 48
240b:400a::/32 maxlen: 48
240b:400b::/32 maxlen: 48
240b:400c::/32 maxlen: 48
240b:400d::/32 maxlen: 48
240b:400e::/32 maxlen: 48
240b:400f::/32 maxlen: 48
240b:4010::/32 maxlen: 48
240b:4011::/32 maxlen: 48
240b:4012::/32 maxlen: 48
240b:4013::/32 maxlen: 48
240b:4014::/32 maxlen: 48
240b:4015::/32 maxlen: 48
240b:4016::/32 maxlen: 48
240b:4017::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl
rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 19 Mar 2026 16:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8074 (0x1f8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA198, serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD
Validity
Not Before: Feb 28 05:46:02 2026 GMT
Not After : Mar 2 00:00:00 2027 GMT
Subject: CN=69a4847b-e578
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e5:e3:2c:db:9f:80:52:e1:6a:6f:31:de:6e:
56:17:dd:91:4a:df:ee:20:64:63:12:31:5c:01:bd:
9d:cf:b5:a9:2e:5c:15:a7:51:83:6a:ee:31:b9:cd:
2a:5c:67:a6:72:6d:72:e5:fb:ef:c1:6f:9e:38:39:
3e:8b:8c:cb:cc:26:00:bc:40:05:25:eb:91:ca:40:
5b:1f:1a:f3:22:1a:1f:29:e2:16:d7:0f:ed:fb:85:
52:cb:d7:50:80:89:a1:6c:3b:73:c4:1b:6f:69:59:
28:8c:36:49:33:67:fe:fe:e9:58:82:a9:d4:7f:7d:
25:e5:ea:f9:8d:89:9b:7e:e9:d2:9f:df:96:6f:31:
4a:29:2d:45:93:5c:45:21:93:e9:7b:c6:80:42:ca:
84:64:a8:40:03:e7:2b:8f:f1:45:79:5e:6d:37:6a:
d8:00:24:36:82:ba:e1:ea:f8:d4:4b:c0:6f:8b:6d:
f4:32:f9:51:24:48:52:20:3a:6e:d2:f8:8f:b6:97:
ba:da:48:c1:70:4c:b7:e7:bb:e1:14:e2:80:f9:a9:
85:c5:2f:0c:41:cc:25:82:98:3f:e5:fe:33:7c:32:
28:c1:59:74:5d:bc:f1:b8:b2:d6:6a:09:9e:11:de:
e3:cb:5e:12:dd:4e:39:23:c4:95:12:fb:88:0f:f6:
a8:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:B9:DA:AF:2E:45:02:F7:5E:39:7A:0C:94:72:AE:9B:CF:5E:75:8B
X509v3 Authority Key Identifier:
keyid:9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/B6D9896CD51111F0AE06421FC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
14.1.112.0/22
43.0.0.0/9
103.206.40.0/22
IPv6:
2404:2280::/32
240b:4000::/22
Signature Algorithm: sha256WithRSAEncryption
85:12:46:76:49:10:eb:8e:92:63:90:1c:b3:ac:5e:df:3c:a2:
57:10:e2:e9:25:f0:20:0d:4b:b7:12:1f:ce:64:6a:bb:20:05:
17:8a:29:bb:62:46:41:dc:03:49:da:e9:93:c9:90:d5:75:01:
ac:fd:dc:3c:ba:5b:35:6e:f8:b6:3a:10:be:72:1c:ee:2f:5b:
9d:a9:cb:25:a8:0a:c1:64:c8:20:c0:ca:e5:e8:4a:25:8c:af:
b8:a7:5f:fb:73:d4:81:b7:e4:93:8e:61:f6:14:c0:69:23:66:
ed:7e:50:9a:d7:1e:0b:cc:32:de:c9:ac:ec:1c:4b:75:ae:de:
80:94:01:01:fb:4a:0b:89:c3:c5:bd:fc:5c:ff:75:fa:a5:44:
fe:ea:f5:55:8a:56:7c:f3:c3:e4:cd:c0:46:81:5b:08:b8:24:
8e:0a:3f:20:e6:5e:94:3c:44:01:1a:88:d5:05:cf:ac:36:31:
7b:84:e0:35:cd:b6:6e:80:fc:9f:ac:f2:83:6c:38:3c:33:ea:
c0:d6:7e:46:dd:ac:fd:27:ad:9a:82:73:f4:cd:36:bd:db:ca:
dc:ce:b0:5c:78:01:1b:9c:a6:4b:85:5d:ac:66:a9:a8:20:05:
00:1b:aa:64:37:b0:30:32:e7:69:b4:b7:05:3f:e3:ed:72:f9:
8a:4c:62:d5
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgICH4owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUExOTgxMTAvBgNVBAUTKDlFMUMzNTMxRDAwNDVFQTM4OUI2OENGRjkyODZBMDhG
QkNCQkQ4QkQwHhcNMjYwMjI4MDU0NjAyWhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODQ3Yi1lNTc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsOXjLNufgFLham8x3m5WF92RSt/uIGRjEjFcAb2dz7WpLlwVp1GDau4xuc0q
XGemcm1y5fvvwW+eODk+i4zLzCYAvEAFJeuRykBbHxrzIhofKeIW1w/t+4VSy9dQ
gImhbDtzxBtvaVkojDZJM2f+/ulYgqnUf30l5er5jYmbfunSn9+WbzFKKS1Fk1xF
IZPpe8aAQsqEZKhAA+crj/FFeV5tN2rYACQ2grrh6vjUS8Bvi230MvlRJEhSIDpu
0viPtpe62kjBcEy357vhFOKA+amFxS8MQcwlgpg/5f4zfDIowVl0XbzxuLLWagme
Ed7jy14S3U45I8SVEvuID/ao1QIDAQABo4ICgDCCAnwwHQYDVR0OBBYEFIO52q8u
RQL3Xjl6DJRyrpvPXnWLMB8GA1UdIwQYMBaAFJ4cNTHQBF6jibaM/5KGoI+8u9i9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTE5OC85OTNGMjA5MEFC
QzQxMUU2QkQ2QkVEMTRDNEY5QUUwMi9uaHcxTWRBRVhxT0p0b3pfa29hZ2o3eTcy
TDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25odzFNZEFFWHFPSnRvel9rb2Fnajd5NzJMMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUExOTgvOTkzRjIwOTBBQkM0MTFFNkJENkJFRDE0QzRGOUFFMDIvQjZEOTg5NkNE
NTExMTFGMEFFMDY0MjFGQzRGOUFFMDIucm9hMD8GCCsGAQUFBwEHAQH/BDAwLjAX
BAIAATARAwQCDgFwAwMHKwADBAJnzigwEwQCAAIwDQMFACQEIoADBAIkC0AwDQYJ
KoZIhvcNAQELBQADggEBAIUSRnZJEOuOkmOQHLOsXt88olcQ4ukl8CANS7cSH85k
arsgBReKKbtiRkHcA0na6ZPJkNV1Aaz93Dy6WzVu+LY6EL5yHO4vW52pyyWoCsFk
yCDAyuXoSiWMr7inX/tz1IG35JOOYfYUwGkjZu1+UJrXHgvMMt7JrOwcS3Wu3oCU
AQH7SguJw8W9/Fz/dfqlRP7q9VWKVnzzw+TNwEaBWwi4JI4KPyDmXpQ8RAEaiNUF
z6w2MXuE4DXNtm6A/J+s8oNsODwz6sDWfkbdrP0nrZqCc/TNNr3bytzOsFx4ARuc
pkuFXaxmqaggBQAbqmQ3sDAy52m0twU/4+1y+YpMYtU=
-----END CERTIFICATE-----
Generated at Fri Mar 13 02:20:57 2026 by rpki-client