Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/8626FFC65AE511EBA452D33EC4F9AE02.roa
File: 8626FFC65AE511EBA452D33EC4F9AE02.roa (raw, json)
Hash identifier: If1p2T4ry814caqPtmeuOiTH0yVCnehjVYiIPxJ8aBs=
Subject key identifier: D5:3D:BB:D1:6B:D2:B2:BB:60:A2:E4:BA:DA:8C:1B:87:56:E5:1B:AB
Certificate issuer: /CN=A911647C/serialNumber=436B2C5F03F91CA741C6A249DC015A6D544A62A6
Certificate serial: 0B5F
Authority key identifier: 43:6B:2C:5F:03:F9:1C:A7:41:C6:A2:49:DC:01:5A:6D:54:4A:62:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/8626FFC65AE511EBA452D33EC4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:47:27 +0000
ROA not before: Wed 02 Jul 2025 20:29:40 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 10103
IP address blocks: 14.136.0.0/16 maxlen: 24
14.198.0.0/17 maxlen: 24
14.198.128.0/18 maxlen: 24
14.198.192.0/19 maxlen: 24
14.198.224.0/20 maxlen: 24
14.199.0.0/16 maxlen: 24
43.224.232.0/22 maxlen: 24
58.176.0.0/15 maxlen: 15
58.176.0.0/16 maxlen: 24
58.177.0.0/16 maxlen: 24
59.148.0.0/15 maxlen: 15
59.148.0.0/16 maxlen: 24
59.149.0.0/16 maxlen: 24
61.92.0.0/15 maxlen: 15
61.92.0.0/16 maxlen: 24
61.93.0.0/16 maxlen: 24
61.238.0.0/15 maxlen: 15
61.238.0.0/16 maxlen: 24
61.239.0.0/16 maxlen: 24
61.244.0.0/16 maxlen: 24
103.243.0.0/22 maxlen: 24
110.235.0.0/17 maxlen: 24
119.246.0.0/15 maxlen: 15
119.246.0.0/16 maxlen: 24
119.247.0.0/16 maxlen: 24
123.202.0.0/15 maxlen: 15
123.202.0.0/16 maxlen: 24
123.203.0.0/16 maxlen: 24
124.244.0.0/16 maxlen: 24
183.178.0.0/15 maxlen: 15
183.178.0.0/16 maxlen: 24
183.179.0.0/16 maxlen: 24
202.77.4.0/22 maxlen: 24
202.77.24.0/21 maxlen: 24
202.77.32.0/19 maxlen: 24
203.80.64.0/18 maxlen: 24
203.80.192.0/18 maxlen: 24
203.185.0.0/18 maxlen: 24
203.186.0.0/16 maxlen: 24
210.6.0.0/16 maxlen: 24
2401:f400::/32 maxlen: 32
2403:f500::/32 maxlen: 32
2403:f500::/35 maxlen: 35
2403:f500:2000::/35 maxlen: 35
2403:f500:6000::/35 maxlen: 35
2403:f500:8000::/35 maxlen: 35
2403:f500:a000::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.crl
rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:02:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2911 (0xb5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911647C, serialNumber=436B2C5F03F91CA741C6A249DC015A6D544A62A6
Validity
Not Before: Jul 2 20:29:40 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=69a47bae-b581
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a2:d6:b9:16:fa:29:0d:aa:b4:21:7a:04:32:
a3:20:44:87:a4:bd:86:38:0e:bb:c2:fd:7d:6c:41:
b9:b8:6d:f7:4c:24:d7:2f:a5:89:29:ff:d1:a7:ca:
8a:44:3d:e9:38:0c:22:31:35:fd:3e:79:fc:b8:8c:
b9:77:9b:d3:02:15:64:d6:a6:90:5f:33:81:e4:e7:
d1:55:6a:7f:81:01:c9:4e:f6:6b:83:f8:8f:2a:2f:
38:85:cb:63:d7:45:da:db:60:0e:3f:da:35:52:e0:
f3:89:f4:9f:0c:5f:87:18:de:6d:1c:43:25:fd:fe:
6a:9f:be:11:32:cd:25:60:30:32:41:27:3c:1a:86:
92:d7:95:af:b9:57:2a:22:5e:c3:39:a2:24:06:6f:
f3:24:58:13:43:b3:39:03:8d:12:37:58:01:c3:dc:
b0:5b:32:4e:30:f1:80:f2:2b:b5:8a:20:e8:46:14:
f0:d3:99:96:c0:c5:91:03:c9:8f:e3:55:39:ca:59:
96:4d:3e:43:46:c5:3a:5a:10:63:45:3d:38:19:c7:
a0:ec:f5:ba:3f:72:f2:04:f9:76:25:46:89:dc:57:
ee:3e:45:3e:5b:09:85:fe:e3:a5:49:60:0b:cc:6b:
fa:24:c1:d6:4f:f7:da:b2:ee:46:98:f8:c1:11:20:
29:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:3D:BB:D1:6B:D2:B2:BB:60:A2:E4:BA:DA:8C:1B:87:56:E5:1B:AB
X509v3 Authority Key Identifier:
keyid:43:6B:2C:5F:03:F9:1C:A7:41:C6:A2:49:DC:01:5A:6D:54:4A:62:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/8626FFC65AE511EBA452D33EC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
14.136.0.0/16
14.198.0.0-14.198.239.255
14.199.0.0/16
43.224.232.0/22
58.176.0.0/15
59.148.0.0/15
61.92.0.0/15
61.238.0.0/15
61.244.0.0/16
103.243.0.0/22
110.235.0.0/17
119.246.0.0/15
123.202.0.0/15
124.244.0.0/16
183.178.0.0/15
202.77.4.0/22
202.77.24.0-202.77.63.255
203.80.64.0/18
203.80.192.0/18
203.185.0.0/18
203.186.0.0/16
210.6.0.0/16
IPv6:
2401:f400::/32
2403:f500::/32
Signature Algorithm: sha256WithRSAEncryption
45:ae:6e:f0:1d:eb:93:18:02:e9:c7:82:f3:ea:da:5c:bb:2a:
a4:94:92:29:39:86:06:67:73:c5:e8:02:cc:72:8b:07:12:b8:
67:53:0c:69:01:3b:3f:13:02:37:64:1f:b5:0b:a5:eb:a8:3d:
a0:e2:c4:22:a1:f6:32:06:21:d6:87:e4:fc:41:89:33:c5:7e:
8e:99:64:56:e7:dd:ac:4e:d6:c4:77:c1:23:89:d8:c3:72:ac:
3a:9b:5e:98:a8:4c:5b:bf:b1:60:5e:bb:33:99:1e:3f:32:d6:
57:5e:a0:c4:52:b6:aa:71:95:c8:c4:d1:dd:c3:b6:e6:b2:f0:
ef:3f:4a:f1:25:74:29:80:e8:2d:87:d9:32:31:5e:6c:a5:2b:
1e:e2:fe:08:f6:21:d7:db:50:6c:66:82:4b:75:2a:2f:69:58:
5e:5d:b9:e3:3d:28:16:16:7f:78:58:f2:14:9f:26:b2:bc:6c:
42:24:cd:fd:e7:e6:9b:eb:f7:39:3c:42:79:a4:90:ac:05:e0:
fc:1b:5f:ab:8e:58:00:7e:b3:08:26:b6:7f:7f:58:22:74:09:
a9:86:d9:53:ad:57:0a:e7:1d:ef:23:39:1b:d8:34:81:b2:b8:
3c:3f:6c:ea:3f:56:11:64:4e:87:c5:a9:1f:49:9c:b4:ed:95:
2c:d6:5c:5c
-----BEGIN CERTIFICATE-----
MIIF1zCCBL+gAwIBAgICC18wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTY0N0MxMTAvBgNVBAUTKDQzNkIyQzVGMDNGOTFDQTc0MUM2QTI0OURDMDE1QTZE
NTQ0QTYyQTYwHhcNMjUwNzAyMjAyOTQwWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0N2JhZS1iNTgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp6LWuRb6KQ2qtCF6BDKjIESHpL2GOA67wv19bEG5uG33TCTXL6WJKf/Rp8qK
RD3pOAwiMTX9Pnn8uIy5d5vTAhVk1qaQXzOB5OfRVWp/gQHJTvZrg/iPKi84hctj
10Xa22AOP9o1UuDzifSfDF+HGN5tHEMl/f5qn74RMs0lYDAyQSc8GoaS15WvuVcq
Il7DOaIkBm/zJFgTQ7M5A40SN1gBw9ywWzJOMPGA8iu1iiDoRhTw05mWwMWRA8mP
41U5ylmWTT5DRsU6WhBjRT04Gceg7PW6P3LyBPl2JUaJ3FfuPkU+WwmF/uOlSWAL
zGv6JMHWT/fasu5GmPjBESApDQIDAQABo4IC+zCCAvcwHQYDVR0OBBYEFNU9u9Fr
0rK7YKLkutqMG4dW5RurMB8GA1UdIwQYMBaAFENrLF8D+RynQcaiSdwBWm1USmKm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNjQ3Qy80MzdDQzQwNjg1
MTMxMUVBQUEwQjBBN0ZDNEY5QUUwMi9RMnNzWHdQNUhLZEJ4cUpKM0FGYWJWUktZ
cVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1Eyc3NYd1A1SEtkQnhxSkozQUZhYlZSS1lxWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTY0N0MvNDM3Q0M0MDY4NTEzMTFFQUFBMEIwQTdGQzRGOUFFMDIvODYyNkZGQzY1
QUU1MTFFQkE0NTJEMzNFQzRGOUFFMDIucm9hMIG5BggrBgEFBQcBBwEB/wSBqTCB
pjCBjQQCAAEwgYYDAwAOiDALAwMBDsYDBAQOxuADAwAOxwMEAivg6AMDATqwAwMB
O5QDAwE9XAMDAT3uAwMAPfQDBAJn8wADBAdu6wADAwF39gMDAXvKAwMAfPQDAwG3
sgMEAspNBDAMAwQDyk0YAwQGyk0AAwQGy1BAAwQGy1DAAwQGy7kAAwMAy7oDAwDS
BjAUBAIAAjAOAwUAJAH0AAMFACQD9QAwDQYJKoZIhvcNAQELBQADggEBAEWubvAd
65MYAunHgvPq2ly7KqSUkik5hgZnc8XoAsxyiwcSuGdTDGkBOz8TAjdkH7ULpeuo
PaDixCKh9jIGIdaH5PxBiTPFfo6ZZFbn3axO1sR3wSOJ2MNyrDqbXpioTFu/sWBe
uzOZHj8y1ldeoMRStqpxlcjE0d3Dtuay8O8/SvEldCmA6C2H2TIxXmylKx7i/gj2
IdfbUGxmgkt1Ki9pWF5dueM9KBYWf3hY8hSfJrK8bEIkzf3n5pvr9zk8QnmkkKwF
4PwbX6uOWAB+swgmtn9/WCJ0CamG2VOtVwrnHe8jORvYNIGyuDw/bOo/VhFkTofF
qR9JnLTtlSzWXFw=
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:49:07 2026 by rpki-client