Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/D5BB987C10DD11F18508C856083D8C67.roa
File: D5BB987C10DD11F18508C856083D8C67.roa (raw, json)
Hash identifier: G/lj1g+HcR9d9XQTGZXJS7JFgNhnqv/GK/ToMAwDU6Y=
Subject key identifier: B8:18:ED:88:D1:6B:59:FA:4A:10:12:05:4C:E9:43:E8:8F:EE:85:B8
Certificate issuer: /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
Certificate serial: 2BEF
Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/D5BB987C10DD11F18508C856083D8C67.roa
Signing time: Sun 01 Mar 2026 19:23:45 +0000
ROA not before: Mon 23 Feb 2026 17:33:58 +0000
ROA not after: Tue 02 Mar 2027 00:00:00 +0000
asID: 133481
IP address blocks: 49.0.64.0/19 maxlen: 24
49.0.96.0/20 maxlen: 24
49.228.0.0/16 maxlen: 24
49.229.100.0/24 maxlen: 24
49.229.101.0/24 maxlen: 24
49.229.120.0/21 maxlen: 21
49.229.128.0/20 maxlen: 20
49.229.144.0/21 maxlen: 21
58.64.48.0/20 maxlen: 24
58.64.64.0/18 maxlen: 24
58.136.0.0/17 maxlen: 24
58.136.128.0/17 maxlen: 24
110.49.3.0/24 maxlen: 24
110.49.114.0/23 maxlen: 24
110.49.116.0/22 maxlen: 24
110.49.120.0/22 maxlen: 24
110.49.124.0/24 maxlen: 24
203.146.174.0/24 maxlen: 24
203.146.182.0/24 maxlen: 24
203.146.185.0/24 maxlen: 24
203.146.199.0/24 maxlen: 24
203.146.207.0/24 maxlen: 24
2001:44c8:b000::/36 maxlen: 39
2001:44c8:b000::/40 maxlen: 48
2001:44c8:b100::/40 maxlen: 48
2001:44c8:b200::/40 maxlen: 48
2001:44c8:b300::/40 maxlen: 48
2001:44c8:b400::/40 maxlen: 48
2001:44c8:b500::/40 maxlen: 48
2001:44c8:b600::/40 maxlen: 48
2001:44c8:b700::/40 maxlen: 48
2001:44c8:b800::/40 maxlen: 48
2001:44c8:b900::/40 maxlen: 48
2001:44c8:ba00::/40 maxlen: 48
2001:44c8:bb00::/40 maxlen: 48
2001:44c8:bc00::/40 maxlen: 48
2001:44c8:bd00::/40 maxlen: 48
2001:44c8:be00::/40 maxlen: 48
2001:44c8:bf00::/40 maxlen: 48
2405:9800:b000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl
rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 23:40:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11247 (0x2bef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911BD54, serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
Validity
Not Before: Feb 23 17:33:58 2026 GMT
Not After : Mar 2 00:00:00 2027 GMT
Subject: CN=69a49241-a0d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:a0:90:32:7c:01:be:55:8c:7b:c8:39:ca:98:
5a:de:da:b2:0e:0d:a8:b1:42:22:36:81:33:93:0b:
f2:56:6f:a2:df:fb:1b:58:18:59:3f:3e:54:7e:48:
29:45:3a:00:60:5a:25:29:b6:fd:34:fb:f0:56:f3:
02:34:ae:94:1e:89:8c:d0:d7:78:47:48:39:52:6e:
c1:0d:d5:c1:46:27:52:77:9b:e5:de:d2:1d:72:07:
3e:c9:64:e0:be:4f:a8:7d:32:91:16:66:8d:ce:1a:
5e:f9:d2:7a:35:58:67:c1:9f:65:3a:28:0e:d7:35:
07:bf:36:4c:bf:37:29:2c:9c:32:e3:fa:23:60:49:
f8:11:bb:35:12:f2:13:9d:04:47:b8:33:68:79:88:
98:af:ce:1b:3e:d7:75:bd:d9:7f:95:1d:d2:a6:04:
54:76:a0:0b:44:89:37:2d:c3:bd:6d:b8:ef:37:55:
36:a7:55:79:4b:c0:2d:b8:ef:1c:5e:7b:7f:b1:ab:
46:2a:0c:e0:96:95:4d:d8:f9:5c:06:2b:59:cb:96:
03:90:6b:a0:f2:f4:b3:f2:76:1a:8a:ee:9c:93:ae:
f9:1c:52:93:73:21:14:2d:09:a0:49:51:62:ce:2c:
88:8c:a1:9b:82:db:37:1e:2a:24:2c:8c:9d:e3:70:
f9:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:18:ED:88:D1:6B:59:FA:4A:10:12:05:4C:E9:43:E8:8F:EE:85:B8
X509v3 Authority Key Identifier:
keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/D5BB987C10DD11F18508C856083D8C67.roa
sbgp-ipAddrBlock: critical
IPv4:
49.0.64.0-49.0.111.255
49.228.0.0/16
49.229.100.0/23
49.229.120.0-49.229.151.255
58.64.48.0-58.64.127.255
58.136.0.0/16
110.49.3.0/24
110.49.114.0-110.49.124.255
203.146.174.0/24
203.146.182.0/24
203.146.185.0/24
203.146.199.0/24
203.146.207.0/24
IPv6:
2001:44c8:b000::/36
2405:9800:b000::/36
Signature Algorithm: sha256WithRSAEncryption
5f:1c:57:73:fd:bb:9a:42:86:3c:12:3b:03:59:b5:77:c5:0e:
f7:3a:a9:28:a4:fd:a1:b5:15:01:90:cb:d0:e1:7e:d8:b0:d2:
72:d0:b3:eb:9d:88:2f:ca:9c:b5:bc:7f:bf:2e:89:0a:56:c0:
34:06:f7:63:e2:60:36:e6:0b:d1:6b:2b:64:33:55:fb:f5:d6:
61:c8:61:47:5f:d2:da:91:21:74:0e:56:b0:7e:f6:c1:71:59:
87:1d:dc:8b:e0:a7:9c:e4:76:e8:7b:89:b0:f0:94:07:60:eb:
30:ee:b4:f7:a2:2b:fc:74:5b:be:1e:3f:1e:50:db:eb:a7:6f:
12:23:13:41:a2:56:60:9a:96:8b:08:da:18:62:dd:ac:77:02:
22:b0:cf:05:f4:8c:2b:bb:1c:d5:31:8e:9e:b8:e6:d0:35:98:
cd:67:0e:c0:fd:a7:f1:47:1d:30:ce:92:b7:77:28:53:ec:9d:
8f:c1:db:48:46:1e:a3:0e:4e:4b:fe:a0:58:50:fb:41:2a:12:
03:30:5e:8a:cb:36:fc:80:56:07:16:af:b3:3a:70:92:7a:83:
31:f5:47:e9:d7:37:65:05:ae:cc:c0:50:95:47:2c:95:8b:35:
af:76:7d:ca:02:72:b4:31:02:aa:d0:ab:d4:fb:fc:c8:e8:9c:
61:81:52:68
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgICK+8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2
QUYyMDcxNUMwHhcNMjYwMjIzMTczMzU4WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0OTI0MS1hMGQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8aCQMnwBvlWMe8g5ypha3tqyDg2osUIiNoEzkwvyVm+i3/sbWBhZPz5Ufkgp
RToAYFolKbb9NPvwVvMCNK6UHomM0Nd4R0g5Um7BDdXBRidSd5vl3tIdcgc+yWTg
vk+ofTKRFmaNzhpe+dJ6NVhnwZ9lOigO1zUHvzZMvzcpLJwy4/ojYEn4Ebs1EvIT
nQRHuDNoeYiYr84bPtd1vdl/lR3SpgRUdqALRIk3LcO9bbjvN1U2p1V5S8AtuO8c
Xnt/satGKgzglpVN2PlcBitZy5YDkGug8vSz8nYaiu6ck675HFKTcyEULQmgSVFi
ziyIjKGbgts3HiokLIyd43D5QwIDAQABo4IC4TCCAt0wHQYDVR0OBBYEFLgY7YjR
a1n6ShASBUzpQ+iP7oW4MB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw
NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj
VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvRDVCQjk4N0Mx
MEREMTFGMTg1MDhDODU2MDgzRDhDNjcucm9hMIGfBggrBgEFBQcBBwEB/wSBjzCB
jDByBAIAATBsMAwDBAYxAEADBAQxAGADAwAx5AMEATHlZDAMAwQDMeV4AwQDMeWQ
MAwDBAQ6QDADBAc6QAADAwA6iAMEAG4xAzAMAwQBbjFyAwQAbjF8AwQAy5KuAwQA
y5K2AwQAy5K5AwQAy5LHAwQAy5LPMBYEAgACMBADBgQgAUTIsAMGBCQFmACwMA0G
CSqGSIb3DQEBCwUAA4IBAQBfHFdz/buaQoY8EjsDWbV3xQ73OqkopP2htRUBkMvQ
4X7YsNJy0LPrnYgvypy1vH+/LokKVsA0Bvdj4mA25gvRaytkM1X79dZhyGFHX9La
kSF0DlawfvbBcVmHHdyL4Kec5Hboe4mw8JQHYOsw7rT3oiv8dFu+Hj8eUNvrp28S
IxNBolZgmpaLCNoYYt2sdwIisM8F9IwruxzVMY6euObQNZjNZw7A/afxRx0wzpK3
dyhT7J2PwdtIRh6jDk5L/qBYUPtBKhIDMF6Kyzb8gFYHFq+zOnCSeoMx9Ufp1zdl
Ba7MwFCVRyyVizWvdn3KAnK0MQKq0KvU+/zI6JxhgVJo
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:01:13 2026 by rpki-client