Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF74B/61A3384A782C11EBAC04F672C4F9AE02/7E0AB01C782C11EBB0B71971C4F9AE02.roa
File: 7E0AB01C782C11EBB0B71971C4F9AE02.roa (raw, json)
Hash identifier: QZpGdBeLR/9QiZlZAdnU1Y45E5G+uOVVhczPqvB6SAw=
Subject key identifier: 2F:6C:B8:3E:77:98:79:9B:9C:D9:B7:3C:FD:22:63:C3:6A:40:B9:27
Certificate issuer: /CN=A91FF74B/serialNumber=059E6F03AE7676A9D0F09D5F6CBDB90861855A57
Certificate serial: 0787
Authority key identifier: 05:9E:6F:03:AE:76:76:A9:D0:F0:9D:5F:6C:BD:B9:08:61:85:5A:57
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BZ5vA652dqnQ8J1fbL25CGGFWlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FF74B/61A3384A782C11EBAC04F672C4F9AE02/7E0AB01C782C11EBB0B71971C4F9AE02.roa
Signing time: Thu 02 Apr 2026 21:28:42 +0000
ROA not before: Thu 02 Apr 2026 21:28:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56201
IP address blocks: 74.188.224.0/23 maxlen: 23
74.188.226.0/23 maxlen: 23
74.188.228.0/23 maxlen: 23
74.188.230.0/23 maxlen: 23
74.188.232.0/23 maxlen: 23
74.188.234.0/23 maxlen: 23
74.188.236.0/23 maxlen: 23
74.188.238.0/23 maxlen: 23
169.148.132.0/24 maxlen: 24
169.148.133.0/24 maxlen: 24
169.148.134.0/23 maxlen: 23
169.148.134.0/24 maxlen: 24
169.148.135.0/24 maxlen: 24
169.148.136.0/23 maxlen: 23
169.148.136.0/24 maxlen: 24
169.148.137.0/24 maxlen: 24
169.148.138.0/23 maxlen: 24
169.148.140.0/23 maxlen: 24
169.148.142.0/23 maxlen: 23
169.148.142.0/24 maxlen: 24
169.148.143.0/24 maxlen: 24
169.148.144.0/23 maxlen: 23
169.148.144.0/24 maxlen: 24
169.148.145.0/24 maxlen: 24
169.148.146.0/23 maxlen: 23
169.148.146.0/24 maxlen: 24
169.148.147.0/24 maxlen: 24
169.148.148.0/23 maxlen: 23
169.148.148.0/24 maxlen: 24
169.148.149.0/24 maxlen: 24
169.148.150.0/24 maxlen: 24
169.148.172.0/23 maxlen: 24
169.148.174.0/23 maxlen: 24
169.148.176.0/23 maxlen: 24
169.148.180.0/24 maxlen: 24
199.67.76.0/23 maxlen: 23
199.67.76.0/24 maxlen: 24
199.67.77.0/24 maxlen: 24
199.67.78.0/23 maxlen: 23
199.67.78.0/24 maxlen: 24
199.67.79.0/24 maxlen: 24
199.67.94.0/23 maxlen: 23
199.67.94.0/24 maxlen: 24
199.67.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91FF74B/61A3384A782C11EBAC04F672C4F9AE02/BZ5vA652dqnQ8J1fbL25CGGFWlc.crl
rsync://rpki.apnic.net/member_repository/A91FF74B/61A3384A782C11EBAC04F672C4F9AE02/BZ5vA652dqnQ8J1fbL25CGGFWlc.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BZ5vA652dqnQ8J1fbL25CGGFWlc.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 11 Apr 2026 21:09:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1927 (0x787)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FF74B, serialNumber=059E6F03AE7676A9D0F09D5F6CBDB90861855A57
Validity
Not Before: Apr 2 21:28:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=69cedf8a-c2b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:1c:6c:75:bc:18:8c:d7:19:fd:ff:6c:05:d8:
85:d4:08:eb:79:4a:04:53:d3:72:d8:fb:2b:64:0f:
1f:8d:62:c3:31:09:db:a6:2c:bf:c8:3f:9c:06:cb:
e0:50:90:d1:ed:eb:c4:8c:72:71:18:d5:dc:5d:37:
ed:6b:a5:65:a6:d5:5c:c8:4b:ae:e8:f8:8c:c6:e8:
96:be:45:f2:09:f1:f3:7f:8b:ec:cc:49:21:5b:fa:
63:4c:6b:36:6c:7e:39:95:93:db:a0:73:e6:ce:0b:
47:ce:d6:64:01:74:a8:59:38:b6:e5:7f:50:70:33:
60:b8:e3:66:ec:94:a5:55:0f:1a:77:7d:55:9e:9a:
de:82:94:e3:4c:2b:64:2d:58:4f:a8:0e:e3:00:ef:
e6:01:4f:cb:9e:66:9d:2f:a9:ce:ab:44:4c:b0:8a:
a3:21:8e:c2:1d:ef:49:7d:7c:e4:df:e5:5a:fd:e6:
3c:17:5e:55:64:6c:2b:12:f7:d0:4d:0c:2f:ea:16:
c1:9e:92:1a:96:40:5b:e8:c0:a5:7e:28:74:91:65:
41:93:de:35:1d:72:b8:f6:79:0b:27:c1:1c:e9:88:
6e:d8:6e:77:e7:8e:ee:6c:a8:f8:a1:02:fc:93:4a:
ce:ba:30:5f:23:95:fa:c0:41:54:81:59:74:00:23:
f4:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:6C:B8:3E:77:98:79:9B:9C:D9:B7:3C:FD:22:63:C3:6A:40:B9:27
X509v3 Authority Key Identifier:
keyid:05:9E:6F:03:AE:76:76:A9:D0:F0:9D:5F:6C:BD:B9:08:61:85:5A:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FF74B/61A3384A782C11EBAC04F672C4F9AE02/BZ5vA652dqnQ8J1fbL25CGGFWlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BZ5vA652dqnQ8J1fbL25CGGFWlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF74B/61A3384A782C11EBAC04F672C4F9AE02/7E0AB01C782C11EBB0B71971C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
74.188.224.0/20
169.148.132.0-169.148.150.255
169.148.172.0-169.148.177.255
169.148.180.0/24
199.67.76.0/22
199.67.94.0/23
Signature Algorithm: sha256WithRSAEncryption
28:70:53:a2:b2:c0:ba:5e:ad:72:74:e4:21:ac:5e:3b:f0:17:
85:8c:d8:84:f4:91:19:8a:99:1b:61:ec:93:d9:64:cc:61:6d:
ba:29:fb:6f:84:9a:ba:0a:4a:94:9f:73:12:9e:e8:4a:a6:13:
b3:ba:aa:06:c5:94:67:36:cf:39:17:ea:dd:d5:64:08:a5:cf:
f3:32:0c:ab:81:39:32:50:14:e7:e6:26:fe:0b:e7:34:75:4a:
2c:e0:74:fd:63:77:81:10:03:9a:c0:da:aa:69:d6:b9:e6:99:
ff:eb:9b:d4:c0:f4:bc:3d:31:56:29:ba:58:df:e3:6e:f6:70:
00:fe:a7:49:5f:51:55:b5:1b:07:a8:00:b9:59:26:d8:67:e4:
cc:92:cf:e9:9c:85:49:a0:84:20:48:2f:6b:0e:28:13:d7:79:
e4:e3:91:9f:93:a8:1f:14:ce:af:2f:8f:52:ed:e7:11:2f:8f:
40:52:f0:e5:0b:c8:85:db:f7:5a:2e:3b:eb:95:5c:3d:16:79:
78:eb:da:43:30:ce:d8:ee:91:a8:49:c3:01:38:d2:77:43:69:
39:22:fb:12:31:09:49:25:a9:55:17:e8:86:d6:28:78:37:13:
76:93:c5:86:fa:26:01:fb:aa:99:fd:94:0c:ee:43:eb:ef:32:
02:c7:87:6a
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgICB4cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkY3NEIxMTAvBgNVBAUTKDA1OUU2RjAzQUU3Njc2QTlEMEYwOUQ1RjZDQkRCOTA4
NjE4NTVBNTcwHhcNMjYwNDAyMjEyODQyWhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWNlZGY4YS1jMmI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAkxxsdbwYjNcZ/f9sBdiF1AjreUoEU9Ny2PsrZA8fjWLDMQnbpiy/yD+cBsvg
UJDR7evEjHJxGNXcXTfta6VlptVcyEuu6PiMxuiWvkXyCfHzf4vszEkhW/pjTGs2
bH45lZPboHPmzgtHztZkAXSoWTi25X9QcDNguONm7JSlVQ8ad31VnpregpTjTCtk
LVhPqA7jAO/mAU/LnmadL6nOq0RMsIqjIY7CHe9JfXzk3+Va/eY8F15VZGwrEvfQ
TQwv6hbBnpIalkBb6MClfih0kWVBk941HXK49nkLJ8Ec6Yhu2G53547ubKj4oQL8
k0rOujBfI5X6wEFUgVl0ACP0MwIDAQABo4ICjjCCAoowHQYDVR0OBBYEFC9suD53
mHmbnNm3PP0iY8NqQLknMB8GA1UdIwQYMBaAFAWebwOudnap0PCdX2y9uQhhhVpX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRjc0Qi82MUEzMzg0QTc4
MkMxMUVCQUMwNEY2NzJDNEY5QUUwMi9CWjV2QTY1MmRxblE4SjFmYkwyNUNHR0ZX
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0JaNXZBNjUyZHFuUThKMWZiTDI1Q0dHRldsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkY3NEIvNjFBMzM4NEE3ODJDMTFFQkFDMDRGNjcyQzRGOUFFMDIvN0UwQUIwMUM3
ODJDMTFFQkIwQjcxOTcxQzRGOUFFMDIucm9hME0GCCsGAQUFBwEHAQH/BD4wPDA6
BAIAATA0AwQESrzgMAwDBAKplIQDBACplJYwDAMEAqmUrAMEAamUsAMEAKmUtAME
AsdDTAMEAcdDXjANBgkqhkiG9w0BAQsFAAOCAQEAKHBTorLAul6tcnTkIaxeO/AX
hYzYhPSRGYqZG2Hsk9lkzGFtuin7b4SaugpKlJ9zEp7oSqYTs7qqBsWUZzbPORfq
3dVkCKXP8zIMq4E5MlAU5+Ym/gvnNHVKLOB0/WN3gRADmsDaqmnWueaZ/+ub1MD0
vD0xVim6WN/jbvZwAP6nSV9RVbUbB6gAuVkm2GfkzJLP6ZyFSaCEIEgvaw4oE9d5
5OORn5OoHxTOry+PUu3nES+PQFLw5QvIhdv3Wi4765VcPRZ5eOvaQzDO2O6RqEnD
ATjSd0NpOSL7EjEJSSWpVRfohtYoeDcTdpPFhvomAfuqmf2UDO5D6+8yAseHag==
-----END CERTIFICATE-----
Generated at Mon Apr 6 12:27:04 2026 by rpki-client