Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/553170245AC511EBA052F663C4F9AE02.roa
File: 553170245AC511EBA052F663C4F9AE02.roa (raw, json)
Hash identifier: 7erTlCvInc3AVRLw7wvtHf/eZ1jEoIGiOeY13F8Zqv8=
Subject key identifier: 24:93:0C:BA:94:D6:09:39:30:07:11:FC:FD:2A:27:8E:02:98:52:BF
Certificate issuer: /CN=A911647C/serialNumber=436B2C5F03F91CA741C6A249DC015A6D544A62A6
Certificate serial: 0B65
Authority key identifier: 43:6B:2C:5F:03:F9:1C:A7:41:C6:A2:49:DC:01:5A:6D:54:4A:62:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/553170245AC511EBA052F663C4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:47:32 +0000
ROA not before: Wed 02 Jul 2025 20:29:45 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 9269
IP address blocks: 14.136.0.0/16 maxlen: 24
14.198.0.0/17 maxlen: 24
14.198.128.0/18 maxlen: 24
14.198.192.0/19 maxlen: 24
14.198.224.0/20 maxlen: 24
14.199.0.0/16 maxlen: 24
43.224.232.0/22 maxlen: 24
58.176.0.0/15 maxlen: 15
58.176.0.0/16 maxlen: 24
58.177.0.0/16 maxlen: 24
59.148.0.0/15 maxlen: 15
59.148.0.0/16 maxlen: 24
59.149.0.0/16 maxlen: 24
61.92.0.0/15 maxlen: 15
61.92.0.0/16 maxlen: 24
61.93.0.0/16 maxlen: 24
61.238.0.0/15 maxlen: 15
61.238.0.0/16 maxlen: 24
61.239.0.0/16 maxlen: 24
61.244.0.0/16 maxlen: 24
103.243.0.0/22 maxlen: 24
110.235.0.0/17 maxlen: 24
119.246.0.0/15 maxlen: 15
119.246.0.0/16 maxlen: 24
119.247.0.0/16 maxlen: 24
123.202.0.0/15 maxlen: 15
123.202.0.0/16 maxlen: 24
123.203.0.0/16 maxlen: 24
124.244.0.0/16 maxlen: 24
183.178.0.0/15 maxlen: 15
183.178.0.0/16 maxlen: 24
183.179.0.0/16 maxlen: 24
202.77.4.0/22 maxlen: 24
202.77.24.0/21 maxlen: 24
202.77.32.0/19 maxlen: 24
203.80.64.0/18 maxlen: 24
203.80.192.0/18 maxlen: 24
203.185.0.0/18 maxlen: 24
203.186.0.0/16 maxlen: 24
210.6.0.0/16 maxlen: 24
2401:f400::/32 maxlen: 32
2403:f500::/32 maxlen: 32
2403:f500::/35 maxlen: 35
2403:f500:2000::/35 maxlen: 35
2403:f500:6000::/35 maxlen: 35
2403:f500:8000::/35 maxlen: 35
2403:f500:a000::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.crl
rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:02:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2917 (0xb65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911647C, serialNumber=436B2C5F03F91CA741C6A249DC015A6D544A62A6
Validity
Not Before: Jul 2 20:29:45 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=69a47bb4-4646
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6c:93:c5:c3:b0:56:15:a7:40:00:59:e7:0d:
a5:7d:25:d2:9c:66:76:51:8b:94:28:f4:f4:e9:47:
82:ce:55:7d:e2:0d:f3:8e:3c:4d:ce:6d:f6:09:61:
b9:4f:0b:af:55:7b:3c:0f:36:35:90:1c:c2:ec:90:
3a:e3:57:83:95:5b:bc:19:7e:ba:85:05:5f:82:e1:
43:b7:ad:0e:72:c8:d2:00:37:d2:7d:b5:a5:dd:62:
4a:ad:7d:15:5b:b2:1e:44:8b:9b:1d:1b:06:7f:e7:
21:03:90:db:35:47:a7:ea:f1:27:43:46:aa:ba:45:
09:52:57:61:15:16:eb:91:ea:44:76:67:83:7d:5f:
53:c8:03:5b:20:e8:61:fe:79:e2:43:95:22:b8:70:
1a:cd:8c:d3:95:26:e1:e9:a3:9e:91:9b:24:19:bf:
ef:f7:4d:02:97:64:ae:f3:cd:3b:f8:b2:7b:0f:fd:
b9:f4:82:79:01:03:90:c3:3b:28:98:5a:53:5e:1f:
7b:ff:b7:8d:26:e0:0a:77:5c:53:61:79:af:7b:2c:
9b:3d:bd:75:68:f5:a3:33:32:f5:43:c8:5a:05:b6:
bd:91:f9:f8:4d:5c:0b:df:17:d5:05:97:33:34:ed:
ee:1f:ec:1b:3d:5e:76:43:b3:7a:35:d5:4f:da:0e:
b7:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:93:0C:BA:94:D6:09:39:30:07:11:FC:FD:2A:27:8E:02:98:52:BF
X509v3 Authority Key Identifier:
keyid:43:6B:2C:5F:03:F9:1C:A7:41:C6:A2:49:DC:01:5A:6D:54:4A:62:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/553170245AC511EBA052F663C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
14.136.0.0/16
14.198.0.0-14.198.239.255
14.199.0.0/16
43.224.232.0/22
58.176.0.0/15
59.148.0.0/15
61.92.0.0/15
61.238.0.0/15
61.244.0.0/16
103.243.0.0/22
110.235.0.0/17
119.246.0.0/15
123.202.0.0/15
124.244.0.0/16
183.178.0.0/15
202.77.4.0/22
202.77.24.0-202.77.63.255
203.80.64.0/18
203.80.192.0/18
203.185.0.0/18
203.186.0.0/16
210.6.0.0/16
IPv6:
2401:f400::/32
2403:f500::/32
Signature Algorithm: sha256WithRSAEncryption
b1:e5:2d:2f:bc:b5:55:76:55:7e:b9:88:fd:e3:8a:17:3f:43:
e2:79:02:c6:62:d4:f1:1d:91:2d:74:61:34:19:cc:31:e1:60:
44:47:d2:6c:aa:45:57:e3:ad:ff:19:42:b9:7a:2c:0f:f4:f8:
d2:65:37:4a:67:f2:d5:5e:ac:ac:70:09:17:bf:61:2d:0b:85:
5e:7b:57:59:12:c0:53:1f:47:74:01:37:8b:af:3d:99:6e:d8:
4b:f1:fb:17:27:92:5c:43:7c:4c:76:12:6b:4a:93:31:ef:ac:
ca:59:be:99:c8:a6:61:e8:fa:a6:87:f2:dd:16:9b:94:dc:6b:
25:70:94:4d:c1:1c:37:46:3a:8f:d6:09:c9:81:4a:08:d1:c9:
a6:a5:63:93:cd:ce:4c:08:9d:b1:6d:3e:65:c7:97:5c:34:29:
89:be:fc:96:03:bd:55:c1:e6:92:ef:2e:7d:e6:bf:9d:87:cb:
ef:64:57:f0:e1:56:d6:f2:b0:79:ec:63:82:59:a7:b2:d6:e8:
e8:d2:90:63:8f:6c:07:43:fc:2d:15:50:3a:a7:d9:a3:4a:bb:
62:39:2d:06:ca:b1:01:1d:7e:b1:d7:45:73:30:b1:25:2f:ac:
23:f2:52:9d:fb:0d:7e:bb:bf:c7:6a:29:31:57:5d:9a:d1:1b:
84:be:e4:b8
-----BEGIN CERTIFICATE-----
MIIF1zCCBL+gAwIBAgICC2UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTY0N0MxMTAvBgNVBAUTKDQzNkIyQzVGMDNGOTFDQTc0MUM2QTI0OURDMDE1QTZE
NTQ0QTYyQTYwHhcNMjUwNzAyMjAyOTQ1WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0N2JiNC00NjQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp2yTxcOwVhWnQABZ5w2lfSXSnGZ2UYuUKPT06UeCzlV94g3zjjxNzm32CWG5
TwuvVXs8DzY1kBzC7JA641eDlVu8GX66hQVfguFDt60OcsjSADfSfbWl3WJKrX0V
W7IeRIubHRsGf+chA5DbNUen6vEnQ0aqukUJUldhFRbrkepEdmeDfV9TyANbIOhh
/nniQ5UiuHAazYzTlSbh6aOekZskGb/v900Cl2Su8807+LJ7D/259IJ5AQOQwzso
mFpTXh97/7eNJuAKd1xTYXmveyybPb11aPWjMzL1Q8haBba9kfn4TVwL3xfVBZcz
NO3uH+wbPV52Q7N6NdVP2g633wIDAQABo4IC+zCCAvcwHQYDVR0OBBYEFCSTDLqU
1gk5MAcR/P0qJ44CmFK/MB8GA1UdIwQYMBaAFENrLF8D+RynQcaiSdwBWm1USmKm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNjQ3Qy80MzdDQzQwNjg1
MTMxMUVBQUEwQjBBN0ZDNEY5QUUwMi9RMnNzWHdQNUhLZEJ4cUpKM0FGYWJWUktZ
cVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1Eyc3NYd1A1SEtkQnhxSkozQUZhYlZSS1lxWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTY0N0MvNDM3Q0M0MDY4NTEzMTFFQUFBMEIwQTdGQzRGOUFFMDIvNTUzMTcwMjQ1
QUM1MTFFQkEwNTJGNjYzQzRGOUFFMDIucm9hMIG5BggrBgEFBQcBBwEB/wSBqTCB
pjCBjQQCAAEwgYYDAwAOiDALAwMBDsYDBAQOxuADAwAOxwMEAivg6AMDATqwAwMB
O5QDAwE9XAMDAT3uAwMAPfQDBAJn8wADBAdu6wADAwF39gMDAXvKAwMAfPQDAwG3
sgMEAspNBDAMAwQDyk0YAwQGyk0AAwQGy1BAAwQGy1DAAwQGy7kAAwMAy7oDAwDS
BjAUBAIAAjAOAwUAJAH0AAMFACQD9QAwDQYJKoZIhvcNAQELBQADggEBALHlLS+8
tVV2VX65iP3jihc/Q+J5AsZi1PEdkS10YTQZzDHhYERH0myqRVfjrf8ZQrl6LA/0
+NJlN0pn8tVerKxwCRe/YS0LhV57V1kSwFMfR3QBN4uvPZlu2Evx+xcnklxDfEx2
EmtKkzHvrMpZvpnIpmHo+qaH8t0Wm5TcayVwlE3BHDdGOo/WCcmBSgjRyaalY5PN
zkwInbFtPmXHl1w0KYm+/JYDvVXB5pLvLn3mv52Hy+9kV/DhVtbysHnsY4JZp7LW
6OjSkGOPbAdD/C0VUDqn2aNKu2I5LQbKsQEdfrHXRXMwsSUvrCPyUp37DX67v8dq
KTFXXZrRG4S+5Lg=
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:48:42 2026 by rpki-client