Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/BF80484C737D11E8950B2925C4F9AE02.roa
File: BF80484C737D11E8950B2925C4F9AE02.roa (raw, json)
Hash identifier: Pu5kdaOghCjK1we0icvELfoc+ay1UfaYluvayTEFdsw=
Subject key identifier: 97:5F:FC:84:81:F9:08:20:06:AE:B9:FA:53:87:75:AD:D7:11:6F:70
Certificate issuer: /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
Certificate serial: 2BB6
Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/BF80484C737D11E8950B2925C4F9AE02.roa
Signing time: Sun 01 Mar 2026 19:22:56 +0000
ROA not before: Fri 02 Jan 2026 16:13:00 +0000
ROA not after: Tue 02 Mar 2027 00:00:00 +0000
asID: 134240
IP address blocks: 27.254.4.0/24 maxlen: 24
27.254.11.0/24 maxlen: 24
27.254.15.0/24 maxlen: 24
27.254.22.0/24 maxlen: 24
27.254.31.0/24 maxlen: 24
27.254.177.0/24 maxlen: 24
27.254.185.0/24 maxlen: 24
27.254.186.0/24 maxlen: 24
27.254.205.0/24 maxlen: 24
27.254.231.0/24 maxlen: 24
27.254.233.0/24 maxlen: 24
49.229.88.0/23 maxlen: 23
49.229.90.0/23 maxlen: 23
58.64.24.0/24 maxlen: 24
58.64.27.0/24 maxlen: 24
58.137.6.0/24 maxlen: 24
58.137.26.0/24 maxlen: 24
103.20.204.0/22 maxlen: 24
110.49.141.0/24 maxlen: 24
110.49.142.0/23 maxlen: 24
2405:9800:d000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl
rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 15:22:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11190 (0x2bb6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911BD54, serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
Validity
Not Before: Jan 2 16:13:00 2026 GMT
Not After : Mar 2 00:00:00 2027 GMT
Subject: CN=69a4920f-b637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f1:0c:05:c7:81:b1:4e:79:f8:7a:64:9d:20:
11:59:6e:2a:21:17:53:a1:79:30:33:f8:b7:ee:0e:
bd:2c:40:13:41:2d:a7:bc:8b:75:7a:4f:ee:b6:41:
2a:28:39:f9:9c:59:ba:2f:8f:3d:06:e5:cf:f4:99:
3a:8d:b3:84:a8:b4:54:3d:e9:0a:bd:ce:d0:68:55:
08:1f:79:84:be:da:2f:69:74:84:f5:5c:e5:12:e0:
e8:69:63:da:5a:95:2a:f7:12:36:0c:8a:11:f3:cb:
39:b8:63:e6:2b:a4:ce:57:97:f0:ce:11:28:57:b2:
c5:ff:6a:52:5f:81:8d:d0:b3:6c:48:1e:13:22:2b:
45:72:2c:b2:e9:c2:27:f0:69:ab:56:df:19:0d:4b:
f9:07:5c:a3:98:7f:2d:c9:31:c2:1d:ae:a5:f9:16:
61:be:a8:63:31:f8:d9:f2:43:a5:fe:3d:b9:dc:57:
13:8d:35:47:ed:eb:d2:90:bd:18:0d:99:af:a6:00:
e2:ba:75:cd:ec:9f:9b:1a:9b:33:78:fb:55:5d:32:
3d:e4:78:f0:0d:44:a3:f1:61:e8:b9:00:2b:89:ef:
0b:2e:4c:6b:19:ab:b0:6e:f0:18:73:fe:d0:79:62:
ff:fa:1b:9e:86:d0:86:fe:29:bd:f6:1d:84:74:13:
ea:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:5F:FC:84:81:F9:08:20:06:AE:B9:FA:53:87:75:AD:D7:11:6F:70
X509v3 Authority Key Identifier:
keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/BF80484C737D11E8950B2925C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
27.254.4.0/24
27.254.11.0/24
27.254.15.0/24
27.254.22.0/24
27.254.31.0/24
27.254.177.0/24
27.254.185.0-27.254.186.255
27.254.205.0/24
27.254.231.0/24
27.254.233.0/24
49.229.88.0/22
58.64.24.0/24
58.64.27.0/24
58.137.6.0/24
58.137.26.0/24
103.20.204.0/22
110.49.141.0-110.49.143.255
IPv6:
2405:9800:d000::/36
Signature Algorithm: sha256WithRSAEncryption
9d:bb:f0:8c:5a:c4:cd:93:01:6c:fe:fa:0b:6b:69:61:19:c7:
7c:7d:cc:83:e6:df:19:74:41:06:66:eb:4e:d0:ee:50:45:04:
82:3e:14:07:26:51:79:5d:42:3d:39:a8:b6:05:b1:b5:18:70:
a4:54:27:1c:8a:61:f3:a2:30:bd:a0:d7:45:30:e5:96:6a:55:
f7:5b:28:43:d4:b6:02:46:06:d3:0b:2a:fd:c7:af:7d:a0:6d:
69:43:4c:47:b7:b7:d3:19:c1:57:c4:3c:ad:cf:9d:79:46:bc:
8b:87:44:5d:99:86:b7:a0:f7:e5:cc:ad:35:5f:e2:53:46:a2:
53:fc:d7:f1:f1:b5:03:a6:96:80:66:34:a3:8e:26:5d:09:c3:
1b:6e:43:50:36:89:0b:b2:70:8e:88:01:2d:90:28:d8:04:33:
27:2f:0a:84:db:91:a8:73:22:83:7d:24:95:d8:fb:ab:be:f9:
55:ef:48:76:ce:cc:f2:10:4f:cb:b1:bd:6c:fe:c6:0d:89:8b:
ea:48:9e:1e:15:35:b5:71:80:91:4e:fa:81:1b:67:5f:ec:28:
34:58:63:42:fb:25:bb:2c:18:54:0d:b0:ee:07:31:68:a5:b2:
54:aa:0c:f1:ee:05:49:ce:18:63:81:74:f0:e4:cb:66:68:72:
b1:de:8c:94
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgICK7YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2
QUYyMDcxNUMwHhcNMjYwMTAyMTYxMzAwWhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0OTIwZi1iNjM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1/EMBceBsU55+HpknSARWW4qIRdToXkwM/i37g69LEATQS2nvIt1ek/utkEq
KDn5nFm6L489BuXP9Jk6jbOEqLRUPekKvc7QaFUIH3mEvtovaXSE9VzlEuDoaWPa
WpUq9xI2DIoR88s5uGPmK6TOV5fwzhEoV7LF/2pSX4GN0LNsSB4TIitFciyy6cIn
8GmrVt8ZDUv5B1yjmH8tyTHCHa6l+RZhvqhjMfjZ8kOl/j253FcTjTVH7evSkL0Y
DZmvpgDiunXN7J+bGpszePtVXTI95HjwDUSj8WHouQArie8LLkxrGauwbvAYc/7Q
eWL/+huehtCG/im99h2EdBPqXQIDAQABo4IC4zCCAt8wHQYDVR0OBBYEFJdf/ISB
+QggBq65+lOHda3XEW9wMB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw
NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj
VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvQkY4MDQ4NEM3
MzdEMTFFODk1MEIyOTI1QzRGOUFFMDIucm9hMIGhBggrBgEFBQcBBwEB/wSBkTCB
jjB8BAIAATB2AwQAG/4EAwQAG/4LAwQAG/4PAwQAG/4WAwQAG/4fAwQAG/6xMAwD
BAAb/rkDBAAb/roDBAAb/s0DBAAb/ucDBAAb/ukDBAIx5VgDBAA6QBgDBAA6QBsD
BAA6iQYDBAA6iRoDBAJnFMwwDAMEAG4xjQMEBG4xgDAOBAIAAjAIAwYEJAWYANAw
DQYJKoZIhvcNAQELBQADggEBAJ278IxaxM2TAWz++gtraWEZx3x9zIPm3xl0QQZm
607Q7lBFBII+FAcmUXldQj05qLYFsbUYcKRUJxyKYfOiML2g10Uw5ZZqVfdbKEPU
tgJGBtMLKv3Hr32gbWlDTEe3t9MZwVfEPK3PnXlGvIuHRF2Zhreg9+XMrTVf4lNG
olP81/HxtQOmloBmNKOOJl0JwxtuQ1A2iQuycI6IAS2QKNgEMycvCoTbkahzIoN9
JJXY+6u++VXvSHbOzPIQT8uxvWz+xg2Ji+pInh4VNbVxgJFO+oEbZ1/sKDRYY0L7
JbssGFQNsO4HMWilslSqDPHuBUnOGGOBdPDky2ZocrHejJQ=
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:40:52 2026 by rpki-client