Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE60/F1996712C7CF11E4B13BE121C4F9AE02/BBF567AEB0F011E5A08A224DC4F9AE02.roa
File: BBF567AEB0F011E5A08A224DC4F9AE02.roa (raw, json)
Hash identifier: VIL/mTdZ0kuX0JEsyoqIqJPIuXYY/XUEUp28uW96k0o=
Subject key identifier: E1:1B:3A:49:7D:34:5D:53:47:71:56:DE:C3:DF:28:E6:2E:E5:DC:26
Certificate issuer: /CN=A91EAE60/serialNumber=20083D4DFA844C5727558C4C756DB20DF807CD81
Certificate serial: 280F
Authority key identifier: 20:08:3D:4D:FA:84:4C:57:27:55:8C:4C:75:6D:B2:0D:F8:07:CD:81
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAg9TfqETFcnVYxMdW2yDfgHzYE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE60/F1996712C7CF11E4B13BE121C4F9AE02/BBF567AEB0F011E5A08A224DC4F9AE02.roa
Signing time: Tue 10 Feb 2026 04:44:47 +0000
ROA not before: Tue 10 Feb 2026 04:44:47 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 17887
IP address blocks: 43.247.56.0/22 maxlen: 22
43.247.56.0/24 maxlen: 24
43.247.57.0/24 maxlen: 24
103.11.12.0/22 maxlen: 22
103.106.8.0/22 maxlen: 22
103.106.8.0/24 maxlen: 24
103.213.204.0/22 maxlen: 22
103.213.204.0/24 maxlen: 24
103.213.205.0/24 maxlen: 24
202.60.192.0/20 maxlen: 20
202.60.192.0/21 maxlen: 21
202.60.192.0/22 maxlen: 22
202.60.195.0/24 maxlen: 24
202.60.196.0/22 maxlen: 22
202.60.198.0/24 maxlen: 24
202.60.199.0/24 maxlen: 24
202.60.200.0/21 maxlen: 21
202.60.200.0/22 maxlen: 22
202.60.200.0/24 maxlen: 24
202.60.203.0/24 maxlen: 24
202.60.204.0/22 maxlen: 22
202.60.204.0/24 maxlen: 24
202.60.205.0/24 maxlen: 24
202.60.207.0/24 maxlen: 24
203.159.72.0/22 maxlen: 22
203.159.72.0/24 maxlen: 24
203.159.73.0/24 maxlen: 24
203.159.74.0/24 maxlen: 24
203.159.75.0/24 maxlen: 24
203.159.96.0/19 maxlen: 19
203.159.96.0/24 maxlen: 24
203.159.100.0/24 maxlen: 24
203.159.101.0/24 maxlen: 24
203.159.103.0/24 maxlen: 24
203.159.104.0/24 maxlen: 24
203.159.107.0/24 maxlen: 24
203.159.108.0/24 maxlen: 24
203.159.111.0/24 maxlen: 24
203.159.112.0/24 maxlen: 24
203.159.120.0/24 maxlen: 24
203.159.124.0/24 maxlen: 24
203.159.125.0/24 maxlen: 24
203.159.126.0/24 maxlen: 24
203.159.127.0/24 maxlen: 24
2405:6d00::/32 maxlen: 32
2405:6d00:100::/48 maxlen: 48
2405:6d00:101::/48 maxlen: 48
2405:6d00:104::/48 maxlen: 48
2405:6d00:105::/48 maxlen: 48
2405:6d00:106::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EAE60/F1996712C7CF11E4B13BE121C4F9AE02/IAg9TfqETFcnVYxMdW2yDfgHzYE.crl
rsync://rpki.apnic.net/member_repository/A91EAE60/F1996712C7CF11E4B13BE121C4F9AE02/IAg9TfqETFcnVYxMdW2yDfgHzYE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAg9TfqETFcnVYxMdW2yDfgHzYE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 25 Feb 2026 15:31:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10255 (0x280f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE60, serialNumber=20083D4DFA844C5727558C4C756DB20DF807CD81
Validity
Not Before: Feb 10 04:44:47 2026 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=698ab7bf-24fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e3:9a:fa:19:89:14:6a:bf:da:bd:c8:a5:a0:
c6:bf:70:4f:32:38:e0:ed:da:00:00:75:59:44:6b:
b7:47:2a:8d:71:d6:c5:6d:bd:83:36:35:31:47:f9:
49:ad:e9:dd:45:bb:28:ab:9c:a7:29:7a:95:58:d9:
94:e0:20:b0:fe:44:b2:e0:6e:d3:d8:4c:69:86:8e:
6d:81:72:06:14:bf:13:4f:65:ae:64:15:e5:03:6f:
ee:6a:78:6e:d7:39:e2:07:84:32:95:44:c6:e5:73:
ad:e9:fe:6f:e6:9a:ac:ac:14:85:2e:e3:e7:50:fe:
a2:12:58:08:c6:c3:2b:92:bf:e9:19:17:21:dc:97:
60:95:f8:7b:9d:c5:4a:b9:0a:3b:a8:43:fa:04:64:
36:0b:16:4e:0a:09:ce:19:ba:50:7c:b2:d5:82:66:
31:9b:f7:6d:af:63:f4:ce:ee:82:3a:16:68:9f:fa:
d2:93:c7:1f:87:ac:d7:3b:66:67:6d:e9:0f:f1:37:
d1:34:f3:ec:a4:5a:2a:34:dd:5c:c5:61:2b:d6:c6:
59:5e:95:80:be:17:55:44:cf:83:e7:fe:03:59:30:
bd:00:9f:4a:a3:62:fc:a0:42:43:54:74:97:b3:96:
58:29:c5:68:ba:c3:7b:3f:c9:42:bb:6f:17:89:11:
9d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:1B:3A:49:7D:34:5D:53:47:71:56:DE:C3:DF:28:E6:2E:E5:DC:26
X509v3 Authority Key Identifier:
keyid:20:08:3D:4D:FA:84:4C:57:27:55:8C:4C:75:6D:B2:0D:F8:07:CD:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE60/F1996712C7CF11E4B13BE121C4F9AE02/IAg9TfqETFcnVYxMdW2yDfgHzYE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAg9TfqETFcnVYxMdW2yDfgHzYE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE60/F1996712C7CF11E4B13BE121C4F9AE02/BBF567AEB0F011E5A08A224DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.247.56.0/22
103.11.12.0/22
103.106.8.0/22
103.213.204.0/22
202.60.192.0/20
203.159.72.0/22
203.159.96.0/19
IPv6:
2405:6d00::/32
Signature Algorithm: sha256WithRSAEncryption
8b:5a:b9:3c:5d:03:6e:12:f4:e8:c4:95:0c:cc:59:9b:62:32:
95:32:c9:4c:d6:96:f4:57:d6:09:b1:eb:a8:be:6c:23:b5:c9:
f4:13:e1:bc:43:16:64:57:01:b0:bb:0b:e8:b1:56:63:33:e5:
fd:85:96:a1:e1:1e:af:73:19:fc:90:83:fb:22:09:7b:45:26:
49:e8:02:2e:9d:73:7e:a4:88:39:b0:db:3d:90:f5:91:91:b7:
be:38:43:b9:df:e2:e1:ce:23:e8:d2:a6:c8:55:f9:19:42:81:
da:ef:fb:86:f6:69:0c:65:4d:42:76:a8:ce:8b:54:d3:b8:09:
56:a8:4c:d8:0d:1e:04:0b:6a:2a:11:d3:ec:98:74:90:98:a9:
c1:45:44:dd:e6:96:80:85:d5:aa:37:a8:61:f3:11:84:4e:8b:
cc:82:8a:be:1e:54:4d:ee:53:0e:9a:8b:75:ae:50:74:40:94:
e1:99:0a:93:0a:e3:f5:7f:48:c0:1b:82:f8:b8:b4:57:09:b4:
74:84:e1:10:e1:a9:81:55:b5:34:48:5c:4b:24:c1:e4:95:71:
6e:fb:42:db:28:28:3a:dc:75:bc:a5:6f:22:db:6f:10:ea:54:
1b:9f:67:0c:5f:fb:ad:5f:7c:55:8f:fd:83:d4:b6:1b:53:51:
db:cc:6a:26
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgICKA8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFNjAxMTAvBgNVBAUTKDIwMDgzRDRERkE4NDRDNTcyNzU1OEM0Qzc1NkRCMjBE
RjgwN0NEODEwHhcNMjYwMjEwMDQ0NDQ3WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDDA02OThhYjdiZi0yNGZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwuOa+hmJFGq/2r3IpaDGv3BPMjjg7doAAHVZRGu3RyqNcdbFbb2DNjUxR/lJ
rendRbsoq5ynKXqVWNmU4CCw/kSy4G7T2Expho5tgXIGFL8TT2WuZBXlA2/uanhu
1zniB4QylUTG5XOt6f5v5pqsrBSFLuPnUP6iElgIxsMrkr/pGRch3Jdglfh7ncVK
uQo7qEP6BGQ2CxZOCgnOGbpQfLLVgmYxm/dtr2P0zu6COhZon/rSk8cfh6zXO2Zn
bekP8TfRNPPspFoqNN1cxWEr1sZZXpWAvhdVRM+D5/4DWTC9AJ9Ko2L8oEJDVHSX
s5ZYKcVousN7P8lCu28XiRGd9wIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFOEbOkl9
NF1TR3FW3sPfKOYu5dwmMB8GA1UdIwQYMBaAFCAIPU36hExXJ1WMTHVtsg34B82B
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUU2MC9GMTk5NjcxMkM3
Q0YxMUU0QjEzQkUxMjFDNEY5QUUwMi9JQWc5VGZxRVRGY25WWXhNZFcyeURmZ0h6
WUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lBZzlUZnFFVEZjblZZeE1kVzJ5RGZnSHpZRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFNjAvRjE5OTY3MTJDN0NGMTFFNEIxM0JFMTIxQzRGOUFFMDIvQkJGNTY3QUVC
MEYwMTFFNUEwOEEyMjREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E
QzBBMDAEAgABMCoDBAIr9zgDBAJnCwwDBAJnaggDBAJn1cwDBATKPMADBALLn0gD
BAXLn2AwDQQCAAIwBwMFACQFbQAwDQYJKoZIhvcNAQELBQADggEBAItauTxdA24S
9OjElQzMWZtiMpUyyUzWlvRX1gmx66i+bCO1yfQT4bxDFmRXAbC7C+ixVmMz5f2F
lqHhHq9zGfyQg/siCXtFJknoAi6dc36kiDmw2z2Q9ZGRt744Q7nf4uHOI+jSpshV
+RlCgdrv+4b2aQxlTUJ2qM6LVNO4CVaoTNgNHgQLaioR0+yYdJCYqcFFRN3mloCF
1ao3qGHzEYROi8yCir4eVE3uUw6ai3WuUHRAlOGZCpMK4/V/SMAbgvi4tFcJtHSE
4RDhqYFVtTRIXEskweSVcW77QtsoKDrcdbylbyLbbxDqVBufZwxf+61ffFWP/YPU
thtTUdvMaiY=
-----END CERTIFICATE-----
Generated at Fri Feb 20 03:51:06 2026 by rpki-client