Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
File: B32F80267BD111EBBB223C84C4F9AE02.roa (raw, json)
Hash identifier: 19fd7bkhm/Xave13MjFT76H7F7oOIOAsswC9Cwy7Wpo=
Subject key identifier: A3:02:EB:55:DA:36:50:0B:51:83:39:8A:E0:44:D2:39:0F:15:A7:14
Certificate issuer: /CN=A91EDB37/serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Certificate serial: 0812
Authority key identifier: 95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
Signing time: Tue 17 Feb 2026 15:51:49 +0000
ROA not before: Tue 17 Feb 2026 15:51:49 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 21859
IP address blocks: 129.227.17.0/24 maxlen: 24
129.227.18.0/24 maxlen: 24
129.227.19.0/24 maxlen: 24
129.227.29.0/24 maxlen: 24
129.227.30.0/24 maxlen: 24
129.227.31.0/24 maxlen: 24
129.227.63.0/24 maxlen: 24
129.227.176.0/23 maxlen: 24
129.227.192.0/24 maxlen: 24
129.227.193.0/24 maxlen: 24
129.227.194.0/23 maxlen: 24
156.59.16.0/22 maxlen: 24
156.59.37.0/24 maxlen: 24
156.59.48.0/23 maxlen: 24
156.59.50.0/23 maxlen: 24
156.59.52.0/22 maxlen: 24
156.59.73.0/24 maxlen: 24
156.59.80.0/21 maxlen: 24
156.59.94.0/23 maxlen: 24
156.59.108.0/24 maxlen: 24
156.59.123.0/24 maxlen: 24
156.59.128.0/21 maxlen: 24
156.59.136.0/21 maxlen: 24
156.59.146.0/24 maxlen: 24
156.59.216.0/24 maxlen: 24
156.59.224.0/24 maxlen: 24
156.59.225.0/24 maxlen: 24
156.59.241.0/24 maxlen: 24
156.59.255.0/24 maxlen: 24
162.128.43.0/24 maxlen: 24
162.128.44.0/24 maxlen: 24
162.128.53.0/24 maxlen: 24
162.128.54.0/24 maxlen: 24
162.128.55.0/24 maxlen: 24
162.128.56.0/24 maxlen: 24
162.128.57.0/24 maxlen: 24
162.128.58.0/24 maxlen: 24
162.128.59.0/24 maxlen: 24
162.128.60.0/24 maxlen: 24
162.128.61.0/24 maxlen: 24
162.128.62.0/24 maxlen: 24
162.128.63.0/24 maxlen: 24
162.128.140.0/24 maxlen: 24
162.128.149.0/24 maxlen: 24
162.128.150.0/24 maxlen: 24
162.128.151.0/24 maxlen: 24
162.128.183.0/24 maxlen: 24
162.128.186.0/24 maxlen: 24
162.128.196.0/24 maxlen: 24
162.128.197.0/24 maxlen: 24
162.128.198.0/24 maxlen: 24
162.128.199.0/24 maxlen: 24
162.128.200.0/24 maxlen: 24
162.128.201.0/24 maxlen: 24
162.128.202.0/24 maxlen: 24
162.128.203.0/24 maxlen: 24
162.128.204.0/24 maxlen: 24
162.128.205.0/24 maxlen: 24
162.128.206.0/24 maxlen: 24
162.128.207.0/24 maxlen: 24
162.128.208.0/24 maxlen: 24
162.128.209.0/24 maxlen: 24
162.128.210.0/24 maxlen: 24
162.128.211.0/24 maxlen: 24
162.128.213.0/24 maxlen: 24
162.128.214.0/24 maxlen: 24
162.128.217.0/24 maxlen: 24
162.128.218.0/24 maxlen: 24
162.128.219.0/24 maxlen: 24
162.128.220.0/24 maxlen: 24
162.128.221.0/24 maxlen: 24
162.128.222.0/24 maxlen: 24
162.128.223.0/24 maxlen: 24
162.128.224.0/24 maxlen: 24
162.128.225.0/24 maxlen: 24
162.128.226.0/24 maxlen: 24
162.128.227.0/24 maxlen: 24
162.128.228.0/24 maxlen: 24
162.128.229.0/24 maxlen: 24
162.128.230.0/24 maxlen: 24
162.128.231.0/24 maxlen: 24
162.128.232.0/24 maxlen: 24
162.128.233.0/24 maxlen: 24
162.128.234.0/24 maxlen: 24
162.128.235.0/24 maxlen: 24
162.128.236.0/24 maxlen: 24
162.128.237.0/24 maxlen: 24
162.128.238.0/24 maxlen: 24
162.128.239.0/24 maxlen: 24
162.128.240.0/24 maxlen: 24
162.128.241.0/24 maxlen: 24
162.128.242.0/24 maxlen: 24
162.128.244.0/24 maxlen: 24
162.128.245.0/24 maxlen: 24
162.128.246.0/24 maxlen: 24
162.128.247.0/24 maxlen: 24
162.128.248.0/24 maxlen: 24
162.128.249.0/24 maxlen: 24
162.128.250.0/24 maxlen: 24
162.128.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 27 Feb 2026 21:17:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2066 (0x812)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EDB37, serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Validity
Not Before: Feb 17 15:51:49 2026 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=69948e95-dfa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9b:18:35:0b:e5:df:10:02:bf:6f:20:09:f2:
ee:69:ad:bb:66:22:6f:25:1d:01:f1:89:22:11:44:
ec:f7:61:cb:36:20:37:8c:99:6e:a8:0b:16:56:da:
97:7d:57:6d:ee:1d:9d:aa:ef:38:41:16:a0:14:35:
4a:69:40:3f:3e:0d:3c:9a:f2:22:e4:de:65:08:d0:
67:b0:93:a0:e5:37:ea:2d:6b:eb:de:80:6c:1f:17:
c2:85:c5:77:61:95:a6:6a:fb:ff:b8:38:2d:35:fc:
f0:a0:74:61:9d:58:30:79:a2:c9:fe:c9:b9:37:bc:
d5:4e:86:7e:e6:a2:31:7a:d7:6b:e0:a5:b6:b0:87:
cf:5b:06:a7:07:65:c9:c5:33:5d:7f:72:b5:56:b8:
36:64:ff:84:1b:ba:48:75:45:ad:01:7c:b1:fa:4b:
a3:45:64:25:d4:ac:07:ba:ed:80:ce:f7:62:96:08:
2a:fe:e3:6e:5d:4e:7b:ff:20:31:c6:61:f0:db:c1:
8f:3f:f3:b1:f6:ee:42:e3:03:10:a6:7c:65:66:49:
08:40:2c:6c:85:6d:15:cf:22:03:d8:78:49:ac:d2:
06:12:5a:62:2f:1d:37:ed:40:b3:b0:36:ee:45:6f:
f2:88:72:3b:c0:2d:32:a2:f9:1e:9b:19:34:60:07:
28:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:02:EB:55:DA:36:50:0B:51:83:39:8A:E0:44:D2:39:0F:15:A7:14
X509v3 Authority Key Identifier:
keyid:95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.227.17.0-129.227.19.255
129.227.29.0-129.227.31.255
129.227.63.0/24
129.227.176.0/23
129.227.192.0/22
156.59.16.0/22
156.59.37.0/24
156.59.48.0/21
156.59.73.0/24
156.59.80.0/21
156.59.94.0/23
156.59.108.0/24
156.59.123.0/24
156.59.128.0/20
156.59.146.0/24
156.59.216.0/24
156.59.224.0/23
156.59.241.0/24
156.59.255.0/24
162.128.43.0-162.128.44.255
162.128.53.0-162.128.63.255
162.128.140.0/24
162.128.149.0-162.128.151.255
162.128.183.0/24
162.128.186.0/24
162.128.196.0-162.128.211.255
162.128.213.0-162.128.214.255
162.128.217.0-162.128.242.255
162.128.244.0-162.128.250.255
162.128.254.0/24
Signature Algorithm: sha256WithRSAEncryption
71:22:19:72:af:eb:e6:38:de:ad:f9:e7:de:f9:22:66:fd:a9:
76:52:5a:52:4c:df:94:54:90:23:20:b4:4f:20:a8:b6:79:9a:
26:fd:8c:3c:e2:49:b3:b4:8f:d2:df:68:1b:b2:11:85:cc:d2:
f1:03:02:7a:dd:f6:7f:04:31:51:eb:d1:05:9d:f0:98:cb:14:
0e:bd:ef:9a:08:c0:09:ed:54:94:aa:83:cf:f9:0f:1e:44:fb:
0b:5d:dc:8b:9b:a3:0c:0c:55:de:a0:30:4a:88:39:21:d8:81:
a0:cc:59:83:4e:19:80:19:c8:d6:bd:5d:8f:1d:71:a5:7e:9d:
bf:46:b5:aa:fa:56:78:cd:0c:c7:cb:4c:54:82:cd:a9:50:c1:
f9:8f:2e:ab:20:9d:2b:4c:45:ac:f4:64:16:b0:35:cb:b0:92:
ab:5a:31:31:1d:8d:18:b6:1b:38:b5:e5:03:f9:c4:94:e4:a9:
c2:87:8f:3c:1e:dd:e3:0e:d5:ec:58:8d:74:7b:e7:10:5b:1e:
1d:f4:2f:6f:77:8c:fa:a8:87:a6:6b:5d:a4:22:04:b0:fd:fa:
b3:c8:b1:5b:9d:91:d2:67:d4:c9:85:b4:f7:63:bc:03:70:6e:
d3:b0:61:49:48:a5:23:5c:35:13:b2:a1:7e:6c:c9:a1:45:72:
33:a4:90:8d
-----BEGIN CERTIFICATE-----
MIIGcDCCBVigAwIBAgICCBIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RURCMzcxMTAvBgNVBAUTKDk1RkVCRTkzQTMzQTMzOTRCRDFGNjBEQ0JCRERCOUZE
RTA3MkI3RjMwHhcNMjYwMjE3MTU1MTQ5WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDDA02OTk0OGU5NS1kZmE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu5sYNQvl3xACv28gCfLuaa27ZiJvJR0B8YkiEUTs92HLNiA3jJluqAsWVtqX
fVdt7h2dqu84QRagFDVKaUA/Pg08mvIi5N5lCNBnsJOg5TfqLWvr3oBsHxfChcV3
YZWmavv/uDgtNfzwoHRhnVgweaLJ/sm5N7zVToZ+5qIxetdr4KW2sIfPWwanB2XJ
xTNdf3K1Vrg2ZP+EG7pIdUWtAXyx+kujRWQl1KwHuu2Azvdilggq/uNuXU57/yAx
xmHw28GPP/Ox9u5C4wMQpnxlZkkIQCxshW0VzyID2HhJrNIGElpiLx037UCzsDbu
RW/yiHI7wC0yovkemxk0YAco8QIDAQABo4IDlDCCA5AwHQYDVR0OBBYEFKMC61Xa
NlALUYM5iuBE0jkPFacUMB8GA1UdIwQYMBaAFJX+vpOjOjOUvR9g3Lvduf3gcrfz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFREIzNy80REU2MzVFMDc4
QTAxMUVCOTUwRDMxNzVDNEY5QUUwMi9sZjYtazZNNk01UzlIMkRjdTkyNV9lQnl0
X00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2xmNi1rNk02TTVTOUgyRGN1OTI1X2VCeXRfTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RURCMzcvNERFNjM1RTA3OEEwMTFFQjk1MEQzMTc1QzRGOUFFMDIvQjMyRjgwMjY3
QkQxMTFFQkJCMjIzQzg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEcBggrBgEFBQcBBwEB
/wSCAQswggEHMIIBAwQCAAEwgfwwDAMEAIHjEQMEAoHjEDAMAwQAgeMdAwQFgeMA
AwQAgeM/AwQBgeOwAwQCgePAAwQCnDsQAwQAnDslAwQDnDswAwQAnDtJAwQDnDtQ
AwQBnDteAwQAnDtsAwQAnDt7AwQEnDuAAwQAnDuSAwQAnDvYAwQBnDvgAwQAnDvx
AwQAnDv/MAwDBACigCsDBACigCwwDAMEAKKANQMEBqKAAAMEAKKAjDAMAwQAooCV
AwQDooCQAwQAooC3AwQAooC6MAwDBAKigMQDBAKigNAwDAMEAKKA1QMEAKKA1jAM
AwQAooDZAwQAooDyMAwDBAKigPQDBACigPoDBACigP4wDQYJKoZIhvcNAQELBQAD
ggEBAHEiGXKv6+Y43q355975Imb9qXZSWlJM35RUkCMgtE8gqLZ5mib9jDziSbO0
j9LfaBuyEYXM0vEDAnrd9n8EMVHr0QWd8JjLFA6975oIwAntVJSqg8/5Dx5E+wtd
3IubowwMVd6gMEqIOSHYgaDMWYNOGYAZyNa9XY8dcaV+nb9Gtar6VnjNDMfLTFSC
zalQwfmPLqsgnStMRaz0ZBawNcuwkqtaMTEdjRi2Gzi15QP5xJTkqcKHjzwe3eMO
1exYjXR75xBbHh30L293jPqoh6ZrXaQiBLD9+rPIsVudkdJn1MmFtPdjvANwbtOw
YUlIpSNcNROyoX5syaFFcjOkkI0=
-----END CERTIFICATE-----
Generated at Sun Feb 22 22:02:00 2026 by rpki-client