Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAF4B/84858F6A471911EA90863072C4F9AE02/58EC5A1A8F3E11EF9B5DE37CC4F9AE02.roa
File: 58EC5A1A8F3E11EF9B5DE37CC4F9AE02.roa (raw, json)
Hash identifier: I18zAt/BkD9Bb7mANLUdVtltl5DZ/4h5hTY25edSSp0=
Subject key identifier: 47:88:35:32:AB:F1:77:8A:A6:49:FB:31:21:A5:92:C9:44:55:7D:27
Certificate issuer: /CN=A91EAF4B/serialNumber=AD71DEC1389B14A012001076991F59ABE2CAB1E6
Certificate serial: 01BC
Authority key identifier: AD:71:DE:C1:38:9B:14:A0:12:00:10:76:99:1F:59:AB:E2:CA:B1:E6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rXHewTibFKASABB2mR9Zq-LKseY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAF4B/84858F6A471911EA90863072C4F9AE02/58EC5A1A8F3E11EF9B5DE37CC4F9AE02.roa
Signing time: Tue 31 Mar 2026 19:24:43 +0000
ROA not before: Tue 31 Mar 2026 19:24:43 +0000
ROA not after: Sat 01 Aug 2026 00:00:00 +0000
asID: 140077
IP address blocks: 103.148.50.0/24 maxlen: 24
103.148.51.0/24 maxlen: 24
2405:cbc0::/48 maxlen: 48
2405:cbc0:1::/48 maxlen: 48
2405:cbc0:2::/48 maxlen: 48
2405:cbc0:3::/48 maxlen: 48
2405:cbc0:4::/48 maxlen: 48
2405:cbc0:5::/48 maxlen: 48
2405:cbc0:6::/48 maxlen: 48
2405:cbc0:7::/48 maxlen: 48
2405:cbc0:8::/48 maxlen: 48
2405:cbc0:9::/48 maxlen: 48
2405:cbc0:10::/48 maxlen: 48
2405:cbc0:11::/48 maxlen: 48
2405:cbc0:12::/48 maxlen: 48
2405:cbc0:13::/48 maxlen: 48
2405:cbc0:14::/48 maxlen: 48
2405:cbc0:15::/48 maxlen: 48
2405:cbc0:16::/48 maxlen: 48
2405:cbc0:17::/48 maxlen: 48
2405:cbc0:18::/48 maxlen: 48
2405:cbc0:19::/48 maxlen: 48
2405:cbc0:20::/48 maxlen: 48
2405:cbc0:21::/48 maxlen: 48
2405:cbc0:22::/48 maxlen: 48
2405:cbc0:23::/48 maxlen: 48
2405:cbc0:24::/48 maxlen: 48
2405:cbc0:25::/48 maxlen: 48
2405:cbc0:26::/48 maxlen: 48
2405:cbc0:27::/48 maxlen: 48
2405:cbc0:28::/48 maxlen: 48
2405:cbc0:29::/48 maxlen: 48
2405:cbc0:8000::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EAF4B/84858F6A471911EA90863072C4F9AE02/rXHewTibFKASABB2mR9Zq-LKseY.crl
rsync://rpki.apnic.net/member_repository/A91EAF4B/84858F6A471911EA90863072C4F9AE02/rXHewTibFKASABB2mR9Zq-LKseY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rXHewTibFKASABB2mR9Zq-LKseY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 11 Apr 2026 18:55:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 444 (0x1bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAF4B, serialNumber=AD71DEC1389B14A012001076991F59ABE2CAB1E6
Validity
Not Before: Mar 31 19:24:43 2026 GMT
Not After : Aug 1 00:00:00 2026 GMT
Subject: CN=69cc1f7b-6219
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:34:ba:c1:c6:bf:17:8d:3c:00:27:b6:76:7f:
a6:aa:9e:b9:78:17:3f:21:6a:29:29:0b:17:5b:e5:
11:22:e2:da:1d:6a:69:c7:20:2a:6d:bd:f8:73:b3:
c2:65:e4:19:53:86:bf:5f:5c:46:45:9f:ad:ea:af:
d1:e0:3f:05:52:51:fa:4c:6c:20:38:07:20:0d:ea:
5a:c6:f3:0e:bf:c6:88:1a:7b:5f:54:3d:f1:6d:9d:
47:fe:c3:16:34:36:ff:3d:bd:5e:a6:d3:80:1e:9e:
9c:33:0e:76:be:e0:f5:5a:f0:c5:5f:ef:c7:f1:b1:
aa:3d:50:72:58:33:0f:9b:79:9c:04:77:1e:86:e7:
ce:e1:77:6c:e3:8d:43:96:b0:08:ec:a7:1f:94:cd:
e5:c5:86:4a:c5:4d:73:c9:30:7b:a2:27:16:76:73:
c7:41:54:71:49:23:86:e1:17:30:5f:f3:91:53:83:
69:ae:b7:9f:86:68:8b:ad:51:13:c3:82:04:1d:6e:
ff:b1:02:71:de:08:ae:75:9a:81:86:8b:7c:09:13:
50:49:1c:44:9c:e1:1a:94:b1:59:12:c5:7a:d3:e3:
23:35:a0:1e:a1:52:56:7d:36:29:78:04:76:9a:51:
0b:35:89:39:c3:14:09:93:15:fc:0f:4f:d5:c1:f1:
5f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:88:35:32:AB:F1:77:8A:A6:49:FB:31:21:A5:92:C9:44:55:7D:27
X509v3 Authority Key Identifier:
keyid:AD:71:DE:C1:38:9B:14:A0:12:00:10:76:99:1F:59:AB:E2:CA:B1:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAF4B/84858F6A471911EA90863072C4F9AE02/rXHewTibFKASABB2mR9Zq-LKseY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rXHewTibFKASABB2mR9Zq-LKseY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAF4B/84858F6A471911EA90863072C4F9AE02/58EC5A1A8F3E11EF9B5DE37CC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.148.50.0/23
IPv6:
2405:cbc0::-2405:cbc0:9:ffff:ffff:ffff:ffff:ffff
2405:cbc0:10::-2405:cbc0:19:ffff:ffff:ffff:ffff:ffff
2405:cbc0:20::-2405:cbc0:29:ffff:ffff:ffff:ffff:ffff
2405:cbc0:8000::/35
Signature Algorithm: sha256WithRSAEncryption
57:a7:f5:4e:60:91:e0:a1:68:ca:08:81:76:9e:4d:b7:49:94:
43:a6:d4:3b:e0:b7:86:bd:4b:5e:58:0f:17:72:0e:19:e8:f3:
96:64:93:63:6d:c3:01:40:6a:22:ac:a3:65:2b:04:d7:19:79:
f8:9b:e6:ea:fb:1d:9a:d9:08:ac:dc:d3:88:74:2f:d7:44:c1:
44:62:63:55:38:8e:bb:7e:e1:07:90:e0:7f:26:d5:3c:23:e6:
81:60:34:a3:b8:29:29:ec:c8:b6:b2:92:41:5c:ca:ff:9b:1f:
20:d2:0b:12:02:49:16:6c:fd:bb:d4:f7:29:55:18:13:2b:bf:
28:69:8c:77:9d:f8:e0:af:83:4a:a6:e8:3b:b8:27:fb:7e:4b:
49:f0:54:a6:79:ab:cd:20:55:84:17:21:29:42:d8:19:23:42:
90:2e:2b:83:57:8d:01:28:fd:c4:c7:4d:f0:a1:63:81:da:2b:
f0:2f:b0:78:4a:98:31:7c:68:f4:81:86:02:1b:46:47:a5:36:
1f:22:c5:71:21:3d:db:86:fa:98:c1:58:14:93:4c:2e:f0:68:
4c:06:47:9c:60:20:e3:0a:bf:13:e6:5a:89:e8:47:b9:b8:5b:
b0:02:e1:a7:a5:02:14:0a:28:9e:e9:8e:6a:ee:91:ab:ca:53:
15:dc:22:c6
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICAbwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFGNEIxMTAvBgNVBAUTKEFENzFERUMxMzg5QjE0QTAxMjAwMTA3Njk5MUY1OUFC
RTJDQUIxRTYwHhcNMjYwMzMxMTkyNDQzWhcNMjYwODAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWNjMWY3Yi02MjE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4TS6wca/F408ACe2dn+mqp65eBc/IWopKQsXW+URIuLaHWppxyAqbb34c7PC
ZeQZU4a/X1xGRZ+t6q/R4D8FUlH6TGwgOAcgDepaxvMOv8aIGntfVD3xbZ1H/sMW
NDb/Pb1eptOAHp6cMw52vuD1WvDFX+/H8bGqPVByWDMPm3mcBHcehufO4Xds441D
lrAI7KcflM3lxYZKxU1zyTB7oicWdnPHQVRxSSOG4RcwX/ORU4NprrefhmiLrVET
w4IEHW7/sQJx3giudZqBhot8CRNQSRxEnOEalLFZEsV60+MjNaAeoVJWfTYpeAR2
mlELNYk5wxQJkxX8D0/VwfFfYQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFEeINTKr
8XeKpkn7MSGlkslEVX0nMB8GA1UdIwQYMBaAFK1x3sE4mxSgEgAQdpkfWaviyrHm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUY0Qi84NDg1OEY2QTQ3
MTkxMUVBOTA4NjMwNzJDNEY5QUUwMi9yWEhld1RpYkZLQVNBQkIybVI5WnEtTEtz
ZVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JYSGV3VGliRktBU0FCQjJtUjlacS1MS3NlWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFGNEIvODQ4NThGNkE0NzE5MTFFQTkwODYzMDcyQzRGOUFFMDIvNThFQzVBMUE4
RjNFMTFFRjlCNURFMzdDQzRGOUFFMDIucm9hMGkGCCsGAQUFBwEHAQH/BFowWDAM
BAIAATAGAwQBZ5QyMEgEAgACMEIwEAMFBiQFy8ADBwEkBcvAAAgwEgMHBCQFy8AA
EAMHASQFy8AAGDASAwcFJAXLwAAgAwcBJAXLwAAoAwYFJAXLwIAwDQYJKoZIhvcN
AQELBQADggEBAFen9U5gkeChaMoIgXaeTbdJlEOm1Dvgt4a9S15YDxdyDhno85Zk
k2NtwwFAaiKso2UrBNcZefib5ur7HZrZCKzc04h0L9dEwURiY1U4jrt+4QeQ4H8m
1Twj5oFgNKO4KSnsyLaykkFcyv+bHyDSCxICSRZs/bvU9ylVGBMrvyhpjHed+OCv
g0qm6Du4J/t+S0nwVKZ5q80gVYQXISlC2BkjQpAuK4NXjQEo/cTHTfChY4HaK/Av
sHhKmDF8aPSBhgIbRkelNh8ixXEhPduG+pjBWBSTTC7waEwGR5xgIOMKvxPmWono
R7m4W7AC4aelAhQKKJ7pjmrukavKUxXcIsY=
-----END CERTIFICATE-----
Generated at Mon Apr 6 11:22:50 2026 by rpki-client