Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/C255F0921BA611F1A0C1BD34093D8C67.roa
File: C255F0921BA611F1A0C1BD34093D8C67.roa (raw, json)
Hash identifier: JJB1fRNMQNiQ7UphAqBCNRImICoAXfFr6cutkg5XqI4=
Subject key identifier: 57:5B:78:36:8C:3E:C6:B9:F9:1B:FE:E8:33:B1:11:51:CA:E7:05:A7
Certificate issuer: /CN=A91F69E7/serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Certificate serial: 0C97
Authority key identifier: 5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/C255F0921BA611F1A0C1BD34093D8C67.roa
Signing time: Mon 09 Mar 2026 10:57:26 +0000
ROA not before: Mon 09 Mar 2026 10:57:26 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 9387
IP address blocks: 103.11.60.0/24 maxlen: 24
103.11.61.0/24 maxlen: 24
103.11.62.0/24 maxlen: 24
103.11.63.0/24 maxlen: 24
113.203.233.0/24 maxlen: 24
113.203.234.0/24 maxlen: 24
113.203.235.0/24 maxlen: 24
113.203.236.0/24 maxlen: 24
113.203.237.0/24 maxlen: 24
113.203.238.0/24 maxlen: 24
113.203.239.0/24 maxlen: 24
113.203.240.0/24 maxlen: 24
180.178.128.0/24 maxlen: 24
180.178.129.0/24 maxlen: 24
180.178.132.0/24 maxlen: 24
180.178.133.0/24 maxlen: 24
180.178.134.0/24 maxlen: 24
180.178.135.0/24 maxlen: 24
180.178.136.0/24 maxlen: 24
180.178.137.0/24 maxlen: 24
180.178.138.0/24 maxlen: 24
180.178.139.0/24 maxlen: 24
180.178.142.0/24 maxlen: 24
180.178.143.0/24 maxlen: 24
180.178.172.0/24 maxlen: 24
180.178.174.0/24 maxlen: 24
180.178.175.0/24 maxlen: 24
2401:4100::/32 maxlen: 32
2401:4100::/33 maxlen: 33
2401:4100:8000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 19 Mar 2026 19:31:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3223 (0xc97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F69E7, serialNumber=5E105E0EF90D18B9FA4B88FAE3410C6A1DEF7190
Validity
Not Before: Mar 9 10:57:26 2026 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=69aea796-5952
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8a:c1:83:5e:66:24:e9:d5:6e:a3:31:e8:8b:
15:a6:42:c0:6a:1e:55:28:22:1d:6d:95:b4:18:13:
f8:e1:7a:e2:ad:07:de:41:dd:9a:37:95:80:db:c8:
44:53:82:be:4f:c1:8e:d7:84:68:e9:64:cf:a7:7f:
7b:15:f6:a4:2c:e2:3a:f7:c3:ca:42:94:ea:2f:be:
81:0f:23:7f:07:06:dc:27:47:f1:38:40:a5:b4:77:
54:9a:57:43:00:b1:b8:68:1b:3d:c7:40:44:02:79:
c0:7f:1c:c3:0f:8d:83:f6:21:be:d5:39:2e:4a:db:
65:f2:ba:5d:d2:7e:e1:19:71:76:67:26:08:f7:83:
bc:3e:3e:19:a9:48:f0:e9:1b:c8:ab:67:8f:48:65:
1b:c9:f9:ef:22:a2:10:55:31:c0:6b:2e:4b:95:c1:
88:36:b7:f5:36:52:f6:0e:de:7c:9a:4a:64:79:f0:
24:e5:a5:f6:d2:01:94:2b:c2:a2:48:4c:1d:4f:a4:
a7:2d:9a:44:f8:b3:0a:46:f2:f8:6d:14:a8:f0:02:
1e:ee:bd:49:1b:9d:d3:57:8f:34:74:39:da:6d:73:
c9:7a:14:9e:ee:9b:8b:81:4e:12:ad:b1:54:c6:75:
bc:1b:f8:2b:f5:3c:d8:ff:6b:57:ba:f4:7b:51:4d:
84:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:5B:78:36:8C:3E:C6:B9:F9:1B:FE:E8:33:B1:11:51:CA:E7:05:A7
X509v3 Authority Key Identifier:
keyid:5E:10:5E:0E:F9:0D:18:B9:FA:4B:88:FA:E3:41:0C:6A:1D:EF:71:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/XhBeDvkNGLn6S4j640EMah3vcZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XhBeDvkNGLn6S4j640EMah3vcZA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F69E7/46AAD6B2904011EAA688BE45C4F9AE02/C255F0921BA611F1A0C1BD34093D8C67.roa
sbgp-ipAddrBlock: critical
IPv4:
103.11.60.0/22
113.203.233.0-113.203.240.255
180.178.128.0/23
180.178.132.0-180.178.139.255
180.178.142.0/23
180.178.172.0/24
180.178.174.0/23
IPv6:
2401:4100::/32
Signature Algorithm: sha256WithRSAEncryption
a3:1a:dc:10:23:ce:64:be:7d:f8:32:a4:53:84:da:17:37:f6:
c9:39:47:94:e8:39:3a:a9:a2:e0:96:c1:b9:02:d4:23:18:2b:
ba:eb:c7:28:ed:f9:18:b6:ef:85:0d:86:b5:5a:f7:b6:fd:f1:
16:31:ec:71:a7:14:08:37:8d:4f:e1:a1:ca:4e:3a:7e:d5:66:
06:a5:40:41:3b:25:7b:51:0e:fe:01:c3:27:f9:4c:b8:88:c0:
62:b8:cd:48:7e:52:d9:0d:69:de:d8:28:83:14:79:88:99:52:
e4:00:01:9c:2b:5f:dd:06:b6:31:3d:53:b9:f1:d0:2d:a4:e1:
10:af:7e:d7:20:6a:89:6f:bd:cd:47:7d:61:29:3c:e3:58:69:
64:91:fe:93:dd:59:d8:d9:8e:88:16:54:4e:93:c7:10:30:0b:
3d:c7:da:7b:d1:a5:ec:bf:1a:bd:40:46:81:01:ec:5e:64:5d:
5b:97:0b:e5:c3:85:80:7d:4c:f1:77:c6:d7:0a:b9:e0:81:25:
90:57:18:5a:27:52:6c:42:d9:e6:a3:e2:ad:98:37:be:f0:e4:
75:37:b0:d2:65:00:31:eb:e9:99:b1:4d:fd:00:af:4a:7d:48:
3d:b2:e2:ac:a8:ce:c5:7a:fc:6f:b4:26:8c:18:25:85:d8:64:
1a:f6:88:69
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICDJcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY5RTcxMTAvBgNVBAUTKDVFMTA1RTBFRjkwRDE4QjlGQTRCODhGQUUzNDEwQzZB
MURFRjcxOTAwHhcNMjYwMzA5MTA1NzI2WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWFlYTc5Ni01OTUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoorBg15mJOnVbqMx6IsVpkLAah5VKCIdbZW0GBP44XrirQfeQd2aN5WA28hE
U4K+T8GO14Ro6WTPp397FfakLOI698PKQpTqL76BDyN/BwbcJ0fxOECltHdUmldD
ALG4aBs9x0BEAnnAfxzDD42D9iG+1TkuSttl8rpd0n7hGXF2ZyYI94O8Pj4ZqUjw
6RvIq2ePSGUbyfnvIqIQVTHAay5LlcGINrf1NlL2Dt58mkpkefAk5aX20gGUK8Ki
SEwdT6SnLZpE+LMKRvL4bRSo8AIe7r1JG53TV480dDnabXPJehSe7puLgU4SrbFU
xnW8G/gr9TzY/2tXuvR7UU2EmwIDAQABo4ICozCCAp8wHQYDVR0OBBYEFFdbeDaM
Psa5+Rv+6DOxEVHK5wWnMB8GA1UdIwQYMBaAFF4QXg75DRi5+kuI+uNBDGod73GQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjlFNy80NkFBRDZCMjkw
NDAxMUVBQTY4OEJFNDVDNEY5QUUwMi9YaEJlRHZrTkdMbjZTNGo2NDBFTWFoM3Zj
WkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hoQmVEdmtOR0xuNlM0ajY0MEVNYWgzdmNaQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjY5RTcvNDZBQUQ2QjI5MDQwMTFFQUE2ODhCRTQ1QzRGOUFFMDIvQzI1NUYwOTIx
QkE2MTFGMUEwQzFCRDM0MDkzRDhDNjcucm9hMGIGCCsGAQUFBwEHAQH/BFMwUTBA
BAIAATA6AwQCZws8MAwDBABxy+kDBABxy/ADBAG0soAwDAMEArSyhAMEArSyiAME
AbSyjgMEALSyrAMEAbSyrjANBAIAAjAHAwUAJAFBADANBgkqhkiG9w0BAQsFAAOC
AQEAoxrcECPOZL59+DKkU4TaFzf2yTlHlOg5Oqmi4JbBuQLUIxgruuvHKO35GLbv
hQ2GtVr3tv3xFjHscacUCDeNT+Ghyk46ftVmBqVAQTsle1EO/gHDJ/lMuIjAYrjN
SH5S2Q1p3tgogxR5iJlS5AABnCtf3Qa2MT1TufHQLaThEK9+1yBqiW+9zUd9YSk8
41hpZJH+k91Z2NmOiBZUTpPHEDALPcfae9Gl7L8avUBGgQHsXmRdW5cL5cOFgH1M
8XfG1wq54IElkFcYWidSbELZ5qPirZg3vvDkdTew0mUAMevpmbFN/QCvSn1IPbLi
rKjOxXr8b7QmjBglhdhkGvaIaQ==
-----END CERTIFICATE-----
Generated at Fri Mar 13 16:50:37 2026 by rpki-client