Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911BCF8/B7078F80005411EA9ABDF51FC4F9AE02/AFA9D654D9F711EEA1409D5DC4F9AE02.roa
File: AFA9D654D9F711EEA1409D5DC4F9AE02.roa (raw, json)
Hash identifier: T0YUZAO0sdrRtV3ws/sI7SffriTjcLwDVctYisLQYcY=
Subject key identifier: 1A:89:A5:B3:8C:48:59:79:CE:20:42:65:A7:5B:65:4A:28:C9:AD:B5
Certificate issuer: /CN=A911BCF8/serialNumber=889332A4E25C21E89BFA43FA002D2D1F0AD7E797
Certificate serial: 0D21
Authority key identifier: 88:93:32:A4:E2:5C:21:E8:9B:FA:43:FA:00:2D:2D:1F:0A:D7:E7:97
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iJMypOJcIeib-kP6AC0tHwrX55c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911BCF8/B7078F80005411EA9ABDF51FC4F9AE02/AFA9D654D9F711EEA1409D5DC4F9AE02.roa
Signing time: Sat 04 Apr 2026 18:22:31 +0000
ROA not before: Sat 04 Apr 2026 18:22:31 +0000
ROA not after: Fri 28 May 2027 00:00:00 +0000
asID: 134113
IP address blocks: 27.123.252.0/22 maxlen: 24
103.52.134.0/23 maxlen: 24
103.71.46.0/23 maxlen: 24
2403:140::/32 maxlen: 32
2403:140::/48 maxlen: 48
2403:140:1::/48 maxlen: 48
2403:140:2::/48 maxlen: 48
2403:140:3::/48 maxlen: 48
2403:140:4::/48 maxlen: 48
2403:140:5::/48 maxlen: 48
2403:140:6::/48 maxlen: 48
2403:140:7::/48 maxlen: 48
2403:140:8::/48 maxlen: 48
2403:140:9::/48 maxlen: 48
2403:140:a::/48 maxlen: 48
2403:140:b::/48 maxlen: 48
2403:140:c::/48 maxlen: 48
2403:140:d::/48 maxlen: 48
2403:140:e::/48 maxlen: 48
2403:140:f::/48 maxlen: 48
2403:140:10::/48 maxlen: 48
2403:140:103::/48 maxlen: 48
2403:140:121::/48 maxlen: 48
2403:140:1111::/48 maxlen: 48
2403:140:7777::/48 maxlen: 48
2403:140:8777::/48 maxlen: 48
2403:140:8888::/48 maxlen: 48
2403:140:ff00::/40 maxlen: 40
2403:140:ff00::/48 maxlen: 48
2403:140:ff01::/48 maxlen: 48
2403:140:ff02::/48 maxlen: 48
2403:140:ff03::/48 maxlen: 48
2403:140:ff04::/48 maxlen: 48
2403:140:ff05::/48 maxlen: 48
2403:140:ff06::/48 maxlen: 48
2403:140:ff07::/48 maxlen: 48
2403:140:ff08::/48 maxlen: 48
2403:140:ff09::/48 maxlen: 48
2403:140:ff0a::/48 maxlen: 48
2403:140:ff0b::/48 maxlen: 48
2403:140:ff0c::/48 maxlen: 48
2403:140:ff0d::/48 maxlen: 48
2403:140:ff0e::/48 maxlen: 48
2403:140:ff0f::/48 maxlen: 48
2403:140:ff10::/48 maxlen: 48
2403:140:ff11::/48 maxlen: 48
2403:140:ff12::/48 maxlen: 48
2403:140:ff13::/48 maxlen: 48
2403:140:ff14::/48 maxlen: 48
2403:140:ff15::/48 maxlen: 48
2403:140:ff16::/48 maxlen: 48
2403:140:ff17::/48 maxlen: 48
2403:140:ff18::/48 maxlen: 48
2403:140:ff19::/48 maxlen: 48
2403:140:ff1a::/48 maxlen: 48
2403:140:ff1b::/48 maxlen: 48
2403:140:ff1c::/48 maxlen: 48
2403:140:ff1d::/48 maxlen: 48
2403:140:ff1e::/48 maxlen: 48
2403:140:ff1f::/48 maxlen: 48
2403:140:ff20::/48 maxlen: 48
2403:140:ff21::/48 maxlen: 48
2403:140:ff22::/48 maxlen: 48
2403:140:ff23::/48 maxlen: 48
2403:140:ff24::/48 maxlen: 48
2403:140:ff25::/48 maxlen: 48
2403:140:ff26::/48 maxlen: 48
2403:140:ff27::/48 maxlen: 48
2403:140:ff28::/48 maxlen: 48
2403:140:ff29::/48 maxlen: 48
2403:140:ff2a::/48 maxlen: 48
2403:140:ff2b::/48 maxlen: 48
2403:140:ff2c::/48 maxlen: 48
2403:140:ff2d::/48 maxlen: 48
2403:140:ff2e::/48 maxlen: 48
2403:140:ff2f::/48 maxlen: 48
2403:140:ff30::/48 maxlen: 48
2403:140:ff31::/48 maxlen: 48
2403:140:ff32::/48 maxlen: 48
2403:140:ff33::/48 maxlen: 48
2403:140:ff34::/48 maxlen: 48
2403:140:ff35::/48 maxlen: 48
2403:140:ff36::/48 maxlen: 48
2403:140:ff37::/48 maxlen: 48
2403:140:ff38::/48 maxlen: 48
2403:140:ff39::/48 maxlen: 48
2403:140:ff3a::/48 maxlen: 48
2403:140:ff3b::/48 maxlen: 48
2403:140:ff3c::/48 maxlen: 48
2403:140:ff3d::/48 maxlen: 48
2403:140:ff3e::/48 maxlen: 48
2403:140:ff3f::/48 maxlen: 48
2403:140:ff40::/48 maxlen: 48
2403:140:ff41::/48 maxlen: 48
2403:140:ff42::/48 maxlen: 48
2403:140:ff43::/48 maxlen: 48
2403:140:ff44::/48 maxlen: 48
2403:140:ff45::/48 maxlen: 48
2403:140:ff46::/48 maxlen: 48
2403:140:ff47::/48 maxlen: 48
2403:140:ff48::/48 maxlen: 48
2403:140:ff49::/48 maxlen: 48
2403:140:ff4a::/48 maxlen: 48
2403:140:ff4b::/48 maxlen: 48
2403:140:ff4c::/48 maxlen: 48
2403:140:ff4d::/48 maxlen: 48
2403:140:ff4e::/48 maxlen: 48
2403:140:ff4f::/48 maxlen: 48
2403:140:ff50::/48 maxlen: 48
2403:140:ff51::/48 maxlen: 48
2403:140:ff52::/48 maxlen: 48
2403:140:ff53::/48 maxlen: 48
2403:140:ff54::/48 maxlen: 48
2403:140:ff55::/48 maxlen: 48
2403:140:ff56::/48 maxlen: 48
2403:140:ff57::/48 maxlen: 48
2403:140:ff58::/48 maxlen: 48
2403:140:ff59::/48 maxlen: 48
2403:140:ff5a::/48 maxlen: 48
2403:140:ff5b::/48 maxlen: 48
2403:140:ff5c::/48 maxlen: 48
2403:140:ff5d::/48 maxlen: 48
2403:140:ff5e::/48 maxlen: 48
2403:140:ff5f::/48 maxlen: 48
2403:140:ff60::/48 maxlen: 48
2403:140:ff61::/48 maxlen: 48
2403:140:ff62::/48 maxlen: 48
2403:140:ff63::/48 maxlen: 48
2403:140:ff64::/48 maxlen: 48
2403:140:ff65::/48 maxlen: 48
2403:140:ff66::/48 maxlen: 48
2403:140:ff67::/48 maxlen: 48
2403:140:ff68::/48 maxlen: 48
2403:140:ff69::/48 maxlen: 48
2403:140:ff6a::/48 maxlen: 48
2403:140:ff6b::/48 maxlen: 48
2403:140:ff6c::/48 maxlen: 48
2403:140:ff6d::/48 maxlen: 48
2403:140:ff6e::/48 maxlen: 48
2403:140:ff6f::/48 maxlen: 48
2403:140:ff70::/48 maxlen: 48
2403:140:ff71::/48 maxlen: 48
2403:140:ff72::/48 maxlen: 48
2403:140:ff73::/48 maxlen: 48
2403:140:ff74::/48 maxlen: 48
2403:140:ff75::/48 maxlen: 48
2403:140:ff76::/48 maxlen: 48
2403:140:ff77::/48 maxlen: 48
2403:140:ff78::/48 maxlen: 48
2403:140:ff79::/48 maxlen: 48
2403:140:ff7a::/48 maxlen: 48
2403:140:ff7b::/48 maxlen: 48
2403:140:ff7c::/48 maxlen: 48
2403:140:ff7d::/48 maxlen: 48
2403:140:ff7e::/48 maxlen: 48
2403:140:ff7f::/48 maxlen: 48
2403:140:ff80::/48 maxlen: 48
2403:140:ff81::/48 maxlen: 48
2403:140:ff82::/48 maxlen: 48
2403:140:ff83::/48 maxlen: 48
2403:140:ff84::/48 maxlen: 48
2403:140:ff85::/48 maxlen: 48
2403:140:ff86::/48 maxlen: 48
2403:140:ff87::/48 maxlen: 48
2403:140:ff88::/48 maxlen: 48
2403:140:ff89::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911BCF8/B7078F80005411EA9ABDF51FC4F9AE02/iJMypOJcIeib-kP6AC0tHwrX55c.crl
rsync://rpki.apnic.net/member_repository/A911BCF8/B7078F80005411EA9ABDF51FC4F9AE02/iJMypOJcIeib-kP6AC0tHwrX55c.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iJMypOJcIeib-kP6AC0tHwrX55c.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Apr 2026 18:03:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3361 (0xd21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911BCF8, serialNumber=889332A4E25C21E89BFA43FA002D2D1F0AD7E797
Validity
Not Before: Apr 4 18:22:31 2026 GMT
Not After : May 28 00:00:00 2027 GMT
Subject: CN=69d156e7-a1d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:51:df:30:c0:ee:24:7f:3e:67:3c:88:d9:28:
bc:e0:9c:dd:78:85:53:25:d4:5b:63:2a:76:66:cd:
71:77:56:71:d7:de:c9:b2:ca:74:78:1d:00:74:1b:
1f:75:68:6b:eb:6d:3d:b9:c2:62:f0:f2:af:4b:92:
af:9d:e0:fb:35:35:8a:58:59:87:f3:ec:87:b5:53:
14:c0:8c:2c:dc:5b:b1:86:2b:94:3f:f6:e6:66:f7:
b6:f7:01:74:2e:11:b3:26:05:e3:a0:77:ab:25:c7:
72:6a:2d:4a:70:d1:6b:0d:bc:79:68:2b:50:1e:9f:
90:0d:5f:f7:0f:14:e3:48:b3:7b:84:dd:ad:00:f2:
59:18:44:8a:5f:68:5d:ab:50:59:5e:99:88:82:45:
27:00:d0:0a:8f:1d:d1:2d:40:53:13:7d:7f:ba:3c:
2e:63:6c:c4:6c:91:c3:da:0a:ad:1d:0b:5f:da:92:
1a:e9:cb:99:2e:2e:76:5d:96:75:f7:0a:6c:ca:40:
07:9e:fa:d4:55:d4:30:1a:c4:95:86:a1:6c:b5:5e:
3e:1a:f3:ec:4b:30:9f:40:28:5b:5d:a2:47:5b:40:
a1:a6:ce:5e:0a:18:33:fd:b3:f2:65:84:c2:ec:76:
4b:19:d8:c0:55:5d:37:92:04:c9:96:a5:c2:a9:6e:
01:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:89:A5:B3:8C:48:59:79:CE:20:42:65:A7:5B:65:4A:28:C9:AD:B5
X509v3 Authority Key Identifier:
keyid:88:93:32:A4:E2:5C:21:E8:9B:FA:43:FA:00:2D:2D:1F:0A:D7:E7:97
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911BCF8/B7078F80005411EA9ABDF51FC4F9AE02/iJMypOJcIeib-kP6AC0tHwrX55c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iJMypOJcIeib-kP6AC0tHwrX55c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BCF8/B7078F80005411EA9ABDF51FC4F9AE02/AFA9D654D9F711EEA1409D5DC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
27.123.252.0/22
103.52.134.0/23
103.71.46.0/23
IPv6:
2403:140::/32
Signature Algorithm: sha256WithRSAEncryption
1c:a9:b1:b2:66:e7:b9:6f:af:f5:8d:e2:bd:bf:b7:11:b8:df:
59:4a:90:6b:4c:73:fd:73:9e:40:2d:4f:6a:f4:68:4f:4a:cd:
92:d4:1f:4f:a8:98:d2:c1:6a:7d:83:1c:cc:f2:5e:c4:00:65:
41:83:06:7b:dc:1f:ab:68:2f:25:89:27:59:fa:1d:63:11:72:
dd:09:e1:e7:ce:fb:a9:bb:81:6a:a5:05:96:98:0e:c1:02:47:
7e:1e:4a:d0:d0:ce:08:63:b1:69:79:c0:d3:7d:1b:40:91:d9:
d1:b6:71:e6:13:d7:99:af:c0:9c:05:6a:ff:dd:07:87:50:aa:
eb:45:6c:43:c6:6b:f5:ff:cf:e2:d3:ed:59:fc:97:68:dc:43:
fa:16:77:a1:41:8a:08:0f:26:95:8c:4c:d2:a3:43:3e:3d:99:
e2:73:31:5f:a5:d5:b9:f3:67:eb:87:09:20:d7:8e:2c:2e:b5:
d6:48:6d:9d:10:0c:d9:a1:f0:03:7d:f6:20:44:c9:d7:23:a4:
51:17:c9:82:74:88:41:a7:53:ee:05:ac:d5:77:7f:53:9e:5e:
08:eb:9e:c3:f6:55:13:3e:40:b1:d9:7b:f8:2a:21:06:a7:b0:
fc:8f:fb:a0:aa:a5:b3:e4:01:13:8a:bd:ae:c0:f8:19:cd:57:
b7:aa:aa:cd
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgICDSEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUJDRjgxMTAvBgNVBAUTKDg4OTMzMkE0RTI1QzIxRTg5QkZBNDNGQTAwMkQyRDFG
MEFEN0U3OTcwHhcNMjYwNDA0MTgyMjMxWhcNMjcwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWQxNTZlNy1hMWQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6VHfMMDuJH8+ZzyI2Si84JzdeIVTJdRbYyp2Zs1xd1Zx197Jssp0eB0AdBsf
dWhr6209ucJi8PKvS5KvneD7NTWKWFmH8+yHtVMUwIws3FuxhiuUP/bmZve29wF0
LhGzJgXjoHerJcdyai1KcNFrDbx5aCtQHp+QDV/3DxTjSLN7hN2tAPJZGESKX2hd
q1BZXpmIgkUnANAKjx3RLUBTE31/ujwuY2zEbJHD2gqtHQtf2pIa6cuZLi52XZZ1
9wpsykAHnvrUVdQwGsSVhqFstV4+GvPsSzCfQChbXaJHW0Chps5eChgz/bPyZYTC
7HZLGdjAVV03kgTJlqXCqW4BywIDAQABo4ICezCCAncwHQYDVR0OBBYEFBqJpbOM
SFl5ziBCZadbZUooya21MB8GA1UdIwQYMBaAFIiTMqTiXCHom/pD+gAtLR8K1+eX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkNGOC9CNzA3OEY4MDAw
NTQxMUVBOUFCREY1MUZDNEY5QUUwMi9pSk15cE9KY0llaWIta1A2QUMwdEh3clg1
NWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lKTXlwT0pjSWVpYi1rUDZBQzB0SHdyWDU1Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUJDRjgvQjcwNzhGODAwMDU0MTFFQTlBQkRGNTFGQzRGOUFFMDIvQUZBOUQ2NTRE
OUY3MTFFRUExNDA5RDVEQzRGOUFFMDIucm9hMDoGCCsGAQUFBwEHAQH/BCswKTAY
BAIAATASAwQCG3v8AwQBZzSGAwQBZ0cuMA0EAgACMAcDBQAkAwFAMA0GCSqGSIb3
DQEBCwUAA4IBAQAcqbGyZue5b6/1jeK9v7cRuN9ZSpBrTHP9c55ALU9q9GhPSs2S
1B9PqJjSwWp9gxzM8l7EAGVBgwZ73B+raC8liSdZ+h1jEXLdCeHnzvupu4FqpQWW
mA7BAkd+HkrQ0M4IY7FpecDTfRtAkdnRtnHmE9eZr8CcBWr/3QeHUKrrRWxDxmv1
/8/i0+1Z/Jdo3EP6FnehQYoIDyaVjEzSo0M+PZniczFfpdW582frhwkg144sLrXW
SG2dEAzZofADffYgRMnXI6RRF8mCdIhBp1PuBazVd39Tnl4I657D9lUTPkCx2Xv4
KiEGp7D8j/ugqqWz5AETir2uwPgZzVe3qqrN
-----END CERTIFICATE-----
Generated at Fri Apr 17 19:25:26 2026 by rpki-client