Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/C81AC00EB14111EB959D4D3CC4F9AE02.roa
File: C81AC00EB14111EB959D4D3CC4F9AE02.roa (raw, json)
Hash identifier: 1f+H0b+UV2WzVxLJDYx2e6yIlM5tna/gOxI28K3ajEA=
Subject key identifier: 6D:41:70:E0:6E:F7:96:28:0E:50:6F:93:BD:B7:A3:79:9E:B5:CF:F1
Certificate issuer: /CN=A91EA198/serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD
Certificate serial: 1F89
Authority key identifier: 9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/C81AC00EB14111EB959D4D3CC4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:24:58 +0000
ROA not before: Fri 12 Dec 2025 16:13:48 +0000
ROA not after: Tue 02 Mar 2027 00:00:00 +0000
asID: 37963
IP address blocks: 43.0.0.0/9 maxlen: 15
43.0.0.0/16 maxlen: 24
43.1.0.0/16 maxlen: 24
43.2.0.0/16 maxlen: 24
43.3.0.0/16 maxlen: 24
43.4.0.0/16 maxlen: 24
43.5.0.0/16 maxlen: 24
43.6.0.0/16 maxlen: 24
43.7.0.0/16 maxlen: 16
43.7.0.0/16 maxlen: 24
43.8.0.0/16 maxlen: 24
43.9.0.0/16 maxlen: 24
43.10.0.0/16 maxlen: 24
43.11.0.0/16 maxlen: 24
43.12.0.0/16 maxlen: 24
43.13.0.0/16 maxlen: 24
43.14.0.0/16 maxlen: 24
43.15.0.0/16 maxlen: 24
43.16.0.0/16 maxlen: 24
43.17.0.0/16 maxlen: 24
43.18.0.0/16 maxlen: 24
43.19.0.0/16 maxlen: 24
43.20.0.0/16 maxlen: 24
43.21.0.0/16 maxlen: 24
43.22.0.0/16 maxlen: 24
43.23.0.0/16 maxlen: 24
43.24.0.0/16 maxlen: 24
43.25.0.0/16 maxlen: 24
43.26.0.0/16 maxlen: 24
43.27.0.0/16 maxlen: 24
43.28.0.0/16 maxlen: 24
43.29.0.0/16 maxlen: 24
43.30.0.0/16 maxlen: 24
43.31.0.0/16 maxlen: 24
43.32.0.0/16 maxlen: 16
43.32.0.0/16 maxlen: 24
43.33.0.0/16 maxlen: 24
43.35.0.0/16 maxlen: 24
43.36.0.0/16 maxlen: 24
43.37.0.0/16 maxlen: 24
43.38.0.0/16 maxlen: 24
43.39.0.0/16 maxlen: 24
43.40.0.0/16 maxlen: 24
43.41.0.0/16 maxlen: 24
43.42.0.0/16 maxlen: 24
43.43.0.0/16 maxlen: 24
43.44.0.0/16 maxlen: 24
43.45.0.0/16 maxlen: 24
43.46.0.0/16 maxlen: 24
43.47.0.0/16 maxlen: 24
43.48.0.0/16 maxlen: 24
43.49.0.0/16 maxlen: 24
43.50.0.0/16 maxlen: 24
43.51.0.0/16 maxlen: 24
43.52.0.0/16 maxlen: 24
43.53.0.0/16 maxlen: 24
43.54.0.0/16 maxlen: 24
43.55.0.0/16 maxlen: 24
43.56.0.0/16 maxlen: 24
43.57.0.0/16 maxlen: 24
43.58.0.0/16 maxlen: 24
43.59.0.0/16 maxlen: 24
43.60.0.0/16 maxlen: 24
43.61.0.0/16 maxlen: 24
43.62.0.0/16 maxlen: 24
43.63.0.0/16 maxlen: 24
43.64.0.0/16 maxlen: 24
43.65.0.0/16 maxlen: 24
43.66.0.0/16 maxlen: 24
43.67.0.0/16 maxlen: 24
43.68.0.0/16 maxlen: 24
43.69.0.0/16 maxlen: 24
43.70.0.0/16 maxlen: 24
43.71.0.0/16 maxlen: 24
43.72.0.0/16 maxlen: 24
43.73.0.0/16 maxlen: 24
43.74.0.0/16 maxlen: 24
43.75.0.0/16 maxlen: 24
43.76.0.0/16 maxlen: 16
43.76.0.0/16 maxlen: 24
43.78.0.0/16 maxlen: 24
43.79.0.0/16 maxlen: 24
43.80.0.0/16 maxlen: 24
43.81.0.0/16 maxlen: 24
43.82.0.0/16 maxlen: 24
43.83.0.0/16 maxlen: 24
43.84.0.0/16 maxlen: 24
43.85.0.0/16 maxlen: 24
43.86.0.0/16 maxlen: 24
43.87.0.0/16 maxlen: 24
43.88.0.0/16 maxlen: 24
43.89.0.0/16 maxlen: 24
43.90.0.0/16 maxlen: 24
43.91.0.0/16 maxlen: 24
43.95.0.0/16 maxlen: 24
43.96.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl
rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 19 Mar 2026 16:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8073 (0x1f89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA198, serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD
Validity
Not Before: Dec 12 16:13:48 2025 GMT
Not After : Mar 2 00:00:00 2027 GMT
Subject: CN=69a4847a-275d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:23:ba:56:ce:70:e0:40:6f:23:96:7a:a5:fd:
cd:8c:b4:84:0d:71:94:26:1e:47:dc:a0:8d:c7:b9:
36:2d:24:40:41:64:83:56:40:37:65:ca:b6:b7:e6:
e5:bd:cb:54:cf:81:20:d6:67:87:39:dd:50:1e:0c:
7a:d9:01:9f:d5:54:ca:cf:c3:92:49:b3:9f:ff:f2:
13:99:74:4c:aa:f8:8b:97:82:61:9e:8f:a6:7d:bb:
3d:ab:28:54:78:a7:8b:cc:6c:fb:d9:69:04:72:3a:
86:e9:7d:94:c8:c3:0f:58:48:c3:75:37:da:34:5d:
92:3d:64:b1:cf:c2:6c:4d:10:6a:e1:6a:20:eb:89:
fb:25:5a:31:f4:32:5c:1d:c0:d9:70:6d:07:eb:b8:
2f:66:28:0a:0b:0c:6f:27:eb:c8:ce:fc:ae:92:c7:
d8:1b:e5:72:13:b7:50:f6:86:2e:cc:9e:e1:57:b3:
8f:88:39:6b:de:ea:37:6f:07:05:f7:75:90:88:60:
2d:05:70:a2:5c:5a:84:21:59:b5:e3:a7:45:e8:4a:
f5:9c:ff:4c:12:70:38:cf:43:6d:6c:84:8f:e3:27:
3b:30:66:4c:c5:5f:ad:b6:aa:41:5d:3a:f6:83:84:
8a:4a:ee:13:88:20:fc:2e:37:8a:33:2a:6f:38:46:
2e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:41:70:E0:6E:F7:96:28:0E:50:6F:93:BD:B7:A3:79:9E:B5:CF:F1
X509v3 Authority Key Identifier:
keyid:9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/C81AC00EB14111EB959D4D3CC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.0.0.0/9
Signature Algorithm: sha256WithRSAEncryption
63:1c:2c:6f:ed:d1:32:73:b7:ca:40:8e:c7:b1:b1:01:1a:35:
54:68:29:b0:b2:b5:b5:83:69:aa:e1:9c:c9:04:1d:60:e1:c7:
16:d0:12:8b:d0:eb:21:97:3b:64:fa:64:2a:16:2a:27:56:30:
6f:ef:7c:45:29:19:2f:c6:1d:b7:ec:87:44:a3:f8:cc:47:16:
70:b8:53:14:80:cd:65:e1:df:ad:c8:dd:82:45:77:cb:80:b0:
12:d7:f0:f9:00:1b:11:8f:f0:9b:b8:d8:53:aa:18:29:d8:29:
11:74:3b:a2:7e:8a:82:ee:c2:26:e9:d6:0d:0e:38:75:84:cc:
04:c3:d9:c7:2e:83:69:60:57:1a:b2:c5:68:21:a4:d2:3a:d5:
1a:86:e7:ce:7d:47:b3:27:21:78:b3:dd:5f:d1:1f:4c:5d:11:
12:4f:63:52:28:14:4d:79:89:bd:fb:d2:4b:d3:68:9b:6d:d8:
93:be:dd:95:a0:14:32:e7:45:a3:3d:20:3f:22:ae:d6:8b:a5:
4e:80:d2:50:55:e4:27:64:7c:b6:b5:c2:36:29:c8:db:3d:d6:
be:14:d7:c6:37:3c:4b:50:a5:53:b9:6e:d8:0a:97:2d:f0:79:
ae:26:5c:11:82:bf:b4:a9:21:20:cf:39:db:5b:df:92:90:c3:
57:35:48:61
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgICH4kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUExOTgxMTAvBgNVBAUTKDlFMUMzNTMxRDAwNDVFQTM4OUI2OENGRjkyODZBMDhG
QkNCQkQ4QkQwHhcNMjUxMjEyMTYxMzQ4WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODQ3YS0yNzVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnSO6Vs5w4EBvI5Z6pf3NjLSEDXGUJh5H3KCNx7k2LSRAQWSDVkA3Zcq2t+bl
vctUz4Eg1meHOd1QHgx62QGf1VTKz8OSSbOf//ITmXRMqviLl4Jhno+mfbs9qyhU
eKeLzGz72WkEcjqG6X2UyMMPWEjDdTfaNF2SPWSxz8JsTRBq4Wog64n7JVox9DJc
HcDZcG0H67gvZigKCwxvJ+vIzvyuksfYG+VyE7dQ9oYuzJ7hV7OPiDlr3uo3bwcF
93WQiGAtBXCiXFqEIVm146dF6Er1nP9MEnA4z0NtbISP4yc7MGZMxV+ttqpBXTr2
g4SKSu4TiCD8LjeKMypvOEYuwQIDAQABo4ICXzCCAlswHQYDVR0OBBYEFG1BcOBu
95YoDlBvk723o3metc/xMB8GA1UdIwQYMBaAFJ4cNTHQBF6jibaM/5KGoI+8u9i9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTE5OC85OTNGMjA5MEFC
QzQxMUU2QkQ2QkVEMTRDNEY5QUUwMi9uaHcxTWRBRVhxT0p0b3pfa29hZ2o3eTcy
TDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25odzFNZEFFWHFPSnRvel9rb2Fnajd5NzJMMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUExOTgvOTkzRjIwOTBBQkM0MTFFNkJENkJFRDE0QzRGOUFFMDIvQzgxQUMwMEVC
MTQxMTFFQjk1OUQ0RDNDQzRGOUFFMDIucm9hMB4GCCsGAQUFBwEHAQH/BA8wDTAL
BAIAATAFAwMHKwAwDQYJKoZIhvcNAQELBQADggEBAGMcLG/t0TJzt8pAjsexsQEa
NVRoKbCytbWDaarhnMkEHWDhxxbQEovQ6yGXO2T6ZCoWKidWMG/vfEUpGS/GHbfs
h0Sj+MxHFnC4UxSAzWXh363I3YJFd8uAsBLX8PkAGxGP8Ju42FOqGCnYKRF0O6J+
ioLuwibp1g0OOHWEzATD2ccug2lgVxqyxWghpNI61RqG5859R7MnIXiz3V/RH0xd
ERJPY1IoFE15ib370kvTaJtt2JO+3ZWgFDLnRaM9ID8irtaLpU6A0lBV5CdkfLa1
wjYpyNs91r4U18Y3PEtQpVO5btgKly3wea4mXBGCv7SpISDPOdtb35KQw1c1SGE=
-----END CERTIFICATE-----
Generated at Fri Mar 13 05:28:21 2026 by rpki-client