
Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF74B/61A3384A782C11EBAC04F672C4F9AE02/7E0AB01C782C11EBB0B71971C4F9AE02.roa
File: 7E0AB01C782C11EBB0B71971C4F9AE02.roa (raw, json)
Hash identifier: Bnf+utMQMnh8zQjddBOCbwOT7nCJfAIRhLCPTrWZ8Xc=
Subject key identifier: B7:DA:3E:44:EE:CD:63:77:07:7C:08:AE:3A:C7:4A:F1:A8:23:88:9C
Certificate issuer: /CN=A91FF74B/serialNumber=059E6F03AE7676A9D0F09D5F6CBDB90861855A57
Certificate serial: 07B9
Authority key identifier: 05:9E:6F:03:AE:76:76:A9:D0:F0:9D:5F:6C:BD:B9:08:61:85:5A:57
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BZ5vA652dqnQ8J1fbL25CGGFWlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FF74B/61A3384A782C11EBAC04F672C4F9AE02/7E0AB01C782C11EBB0B71971C4F9AE02.roa
Signing time: Fri 03 Jul 2026 13:34:14 +0000
ROA not before: Fri 03 Jul 2026 13:34:14 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56201
IP address blocks: 74.188.224.0/23 maxlen: 23
74.188.224.0/24 maxlen: 24
74.188.225.0/24 maxlen: 24
74.188.226.0/23 maxlen: 23
74.188.226.0/24 maxlen: 24
74.188.227.0/24 maxlen: 24
74.188.228.0/23 maxlen: 23
74.188.230.0/23 maxlen: 23
74.188.232.0/23 maxlen: 23
74.188.234.0/23 maxlen: 23
74.188.236.0/23 maxlen: 23
74.188.238.0/23 maxlen: 23
169.148.132.0/24 maxlen: 24
169.148.133.0/24 maxlen: 24
169.148.134.0/23 maxlen: 23
169.148.134.0/24 maxlen: 24
169.148.135.0/24 maxlen: 24
169.148.136.0/23 maxlen: 23
169.148.136.0/24 maxlen: 24
169.148.137.0/24 maxlen: 24
169.148.138.0/23 maxlen: 24
169.148.140.0/23 maxlen: 24
169.148.142.0/23 maxlen: 23
169.148.142.0/24 maxlen: 24
169.148.143.0/24 maxlen: 24
169.148.144.0/23 maxlen: 23
169.148.144.0/24 maxlen: 24
169.148.145.0/24 maxlen: 24
169.148.146.0/23 maxlen: 23
169.148.146.0/24 maxlen: 24
169.148.147.0/24 maxlen: 24
169.148.148.0/23 maxlen: 23
169.148.148.0/24 maxlen: 24
169.148.149.0/24 maxlen: 24
169.148.150.0/24 maxlen: 24
169.148.172.0/23 maxlen: 24
169.148.174.0/23 maxlen: 24
169.148.176.0/23 maxlen: 24
169.148.180.0/24 maxlen: 24
199.67.76.0/23 maxlen: 23
199.67.76.0/24 maxlen: 24
199.67.77.0/24 maxlen: 24
199.67.78.0/23 maxlen: 23
199.67.78.0/24 maxlen: 24
199.67.79.0/24 maxlen: 24
199.67.94.0/23 maxlen: 23
199.67.94.0/24 maxlen: 24
199.67.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91FF74B/61A3384A782C11EBAC04F672C4F9AE02/BZ5vA652dqnQ8J1fbL25CGGFWlc.crl
rsync://rpki.apnic.net/member_repository/A91FF74B/61A3384A782C11EBAC04F672C4F9AE02/BZ5vA652dqnQ8J1fbL25CGGFWlc.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BZ5vA652dqnQ8J1fbL25CGGFWlc.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Jul 2026 21:35:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1977 (0x7b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FF74B, serialNumber=059E6F03AE7676A9D0F09D5F6CBDB90861855A57
Validity
Not Before: Jul 3 13:34:14 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6a47ba56-b3b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ea:b1:43:63:96:e9:1f:c2:01:c2:ed:fb:c6:
1d:fe:85:e8:3c:43:d7:3e:34:0b:ac:c7:24:93:dd:
c4:b5:13:ea:42:72:06:42:e9:5a:41:b8:97:ad:51:
44:ea:0c:57:7a:57:31:03:a2:9f:9c:2f:1d:f5:88:
8d:c9:d2:df:1d:0c:8a:8d:e9:77:f7:0c:76:94:eb:
9a:3b:c3:a3:da:c6:70:83:4e:b5:d5:e1:02:76:66:
0d:f6:15:e2:34:5e:b0:e9:8c:71:00:dd:c1:c6:4e:
21:1f:23:05:b5:c9:8e:b0:8e:34:3a:b9:73:2e:39:
34:1d:07:f7:24:5c:83:d1:eb:bd:ad:6b:94:e6:f4:
7e:d4:c0:13:cd:c1:db:20:29:9e:71:2e:eb:3a:6a:
64:9a:93:f6:81:9c:81:53:7b:ba:16:cf:39:c0:ea:
b7:d9:ee:b5:23:9b:32:45:f3:e3:02:00:dc:cd:b8:
9c:ba:71:a9:7b:84:fe:73:5f:48:6b:d7:8b:9b:0e:
f9:0b:1b:b3:6c:ec:17:76:1f:68:3b:dd:07:e7:7e:
cf:bc:06:ab:aa:8e:ca:de:93:27:f2:b2:6f:88:69:
09:de:3a:a5:51:2d:cd:84:bd:fe:a7:0d:3c:5e:35:
d2:78:52:45:ea:03:3b:f0:18:2e:2d:8d:c8:0d:33:
50:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:DA:3E:44:EE:CD:63:77:07:7C:08:AE:3A:C7:4A:F1:A8:23:88:9C
X509v3 Authority Key Identifier:
keyid:05:9E:6F:03:AE:76:76:A9:D0:F0:9D:5F:6C:BD:B9:08:61:85:5A:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FF74B/61A3384A782C11EBAC04F672C4F9AE02/BZ5vA652dqnQ8J1fbL25CGGFWlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BZ5vA652dqnQ8J1fbL25CGGFWlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF74B/61A3384A782C11EBAC04F672C4F9AE02/7E0AB01C782C11EBB0B71971C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
74.188.224.0/20
169.148.132.0-169.148.150.255
169.148.172.0-169.148.177.255
169.148.180.0/24
199.67.76.0/22
199.67.94.0/23
Signature Algorithm: sha256WithRSAEncryption
70:e1:92:b7:fe:e4:86:c1:45:21:04:bc:c6:fa:fc:f5:28:d6:
42:38:e3:af:c1:e8:bb:f2:e0:34:67:ca:0f:26:9a:e7:6f:9a:
59:ba:61:55:3a:f8:5b:83:e4:3a:84:f0:42:8c:a7:4a:cf:9b:
5d:28:51:48:aa:61:c4:b8:8a:29:d6:70:1f:13:b4:a1:8d:e0:
f3:d9:0c:d6:5c:03:8a:85:7c:23:c4:8e:37:a3:54:df:5c:72:
11:3f:83:07:14:75:8a:a3:fc:cb:59:33:e7:9a:79:b1:69:fd:
f4:5e:de:15:e0:1f:94:01:82:30:10:fc:4d:65:e0:35:3c:07:
0f:ab:b5:bc:aa:0c:9b:6b:02:94:f8:81:98:00:3a:bd:1e:75:
bb:30:0e:5b:ed:23:e7:95:7c:85:36:3b:0d:c0:09:c4:53:bc:
11:37:7c:b3:dd:58:28:20:cb:72:f7:89:af:3f:3c:1d:ed:4d:
4b:f2:bf:f4:91:9c:be:85:3b:d3:68:ee:cb:7b:34:f2:68:21:
88:d8:55:45:86:92:4f:b8:34:e4:ce:2c:b1:29:83:8b:5e:41:
70:97:fb:83:e6:5b:70:1d:63:4b:b7:ed:ef:dc:43:14:1e:49:
67:37:65:a4:4c:aa:1a:17:16:6e:93:52:5b:f2:47:ea:e7:94:
46:21:f3:50
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgICB7kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkY3NEIxMTAvBgNVBAUTKDA1OUU2RjAzQUU3Njc2QTlEMEYwOUQ1RjZDQkRCOTA4
NjE4NTVBNTcwHhcNMjYwNzAzMTMzNDE0WhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTQ3YmE1Ni1iM2I5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr+qxQ2OW6R/CAcLt+8Yd/oXoPEPXPjQLrMckk93EtRPqQnIGQulaQbiXrVFE
6gxXelcxA6KfnC8d9YiNydLfHQyKjel39wx2lOuaO8Oj2sZwg0611eECdmYN9hXi
NF6w6YxxAN3Bxk4hHyMFtcmOsI40OrlzLjk0HQf3JFyD0eu9rWuU5vR+1MATzcHb
ICmecS7rOmpkmpP2gZyBU3u6Fs85wOq32e61I5syRfPjAgDczbicunGpe4T+c19I
a9eLmw75CxuzbOwXdh9oO90H537PvAarqo7K3pMn8rJviGkJ3jqlUS3NhL3+pw08
XjXSeFJF6gM78BguLY3IDTNQSQIDAQABo4ICjjCCAoowHQYDVR0OBBYEFLfaPkTu
zWN3B3wIrjrHSvGoI4icMB8GA1UdIwQYMBaAFAWebwOudnap0PCdX2y9uQhhhVpX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRjc0Qi82MUEzMzg0QTc4
MkMxMUVCQUMwNEY2NzJDNEY5QUUwMi9CWjV2QTY1MmRxblE4SjFmYkwyNUNHR0ZX
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0JaNXZBNjUyZHFuUThKMWZiTDI1Q0dHRldsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkY3NEIvNjFBMzM4NEE3ODJDMTFFQkFDMDRGNjcyQzRGOUFFMDIvN0UwQUIwMUM3
ODJDMTFFQkIwQjcxOTcxQzRGOUFFMDIucm9hME0GCCsGAQUFBwEHAQH/BD4wPDA6
BAIAATA0AwQESrzgMAwDBAKplIQDBACplJYwDAMEAqmUrAMEAamUsAMEAKmUtAME
AsdDTAMEAcdDXjANBgkqhkiG9w0BAQsFAAOCAQEAcOGSt/7khsFFIQS8xvr89SjW
Qjjjr8Hou/LgNGfKDyaa52+aWbphVTr4W4PkOoTwQoynSs+bXShRSKphxLiKKdZw
HxO0oY3g89kM1lwDioV8I8SON6NU31xyET+DBxR1iqP8y1kz55p5sWn99F7eFeAf
lAGCMBD8TWXgNTwHD6u1vKoMm2sClPiBmAA6vR51uzAOW+0j55V8hTY7DcAJxFO8
ETd8s91YKCDLcveJrz88He1NS/K/9JGcvoU702juy3s08mghiNhVRYaST7g05M4s
sSmDi15BcJf7g+ZbcB1jS7ft79xDFB5JZzdlpEyqGhcWbpNSW/JH6ueURiHzUA==
-----END CERTIFICATE-----
Generated at Sat Jul 18 05:22:33 2026 by rpki-client