Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/DC67BC1E8E1A11F08364EF73C4F9AE02.roa
File: DC67BC1E8E1A11F08364EF73C4F9AE02.roa (raw, json)
Hash identifier: qiT/GVvRCXwwQO5czxfwtuP70nIiPr4STQfaVH+7UL0=
Subject key identifier: 3E:4F:AD:98:62:30:98:C7:9F:B0:C3:EA:5B:A6:01:A8:EB:DB:96:23
Certificate issuer: /CN=A911C5B0/serialNumber=7A961769549E0AAD0A9BF9925683BAEF733A2F1A
Certificate serial: 3594
Authority key identifier: 7A:96:17:69:54:9E:0A:AD:0A:9B:F9:92:56:83:BA:EF:73:3A:2F:1A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/DC67BC1E8E1A11F08364EF73C4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:08:21 +0000
ROA not before: Wed 10 Sep 2025 07:50:47 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 23884
IP address blocks: 210.246.200.0/24 maxlen: 24
210.246.201.0/24 maxlen: 24
210.246.202.0/24 maxlen: 24
210.246.206.0/24 maxlen: 24
210.246.207.0/24 maxlen: 24
210.246.208.0/24 maxlen: 24
210.246.209.0/24 maxlen: 24
210.246.210.0/24 maxlen: 24
210.246.211.0/24 maxlen: 24
210.246.212.0/24 maxlen: 24
210.246.213.0/24 maxlen: 24
210.246.214.0/24 maxlen: 24
210.246.215.0/24 maxlen: 24
210.246.216.0/24 maxlen: 24
210.246.217.0/24 maxlen: 24
210.246.218.0/24 maxlen: 24
210.246.219.0/24 maxlen: 24
210.246.230.0/24 maxlen: 24
210.246.231.0/24 maxlen: 24
210.246.236.0/24 maxlen: 24
210.246.237.0/24 maxlen: 24
210.246.239.0/24 maxlen: 24
210.246.245.0/24 maxlen: 24
210.246.246.0/24 maxlen: 24
210.246.247.0/24 maxlen: 24
210.246.248.0/24 maxlen: 24
210.246.249.0/24 maxlen: 24
210.246.250.0/24 maxlen: 24
210.246.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.crl
rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 01:53:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13716 (0x3594)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C5B0, serialNumber=7A961769549E0AAD0A9BF9925683BAEF733A2F1A
Validity
Not Before: Sep 10 07:50:47 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=69a48095-59be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:da:9d:ce:6c:69:df:54:c4:f2:c8:cb:5a:e3:
39:5d:8d:ae:28:a2:b3:7f:12:06:3f:e4:57:64:d3:
dd:14:80:ff:b4:4e:b3:af:9e:2e:9f:16:c4:40:62:
28:6b:ad:16:6c:08:35:59:6a:eb:7c:ee:13:c2:9a:
78:b4:f5:42:02:1f:eb:76:7a:30:c5:33:06:47:5c:
2d:9b:80:2c:07:f5:68:59:e4:a8:fc:31:a1:a9:02:
e8:a1:d3:59:73:03:06:f3:47:db:5a:07:c2:d9:82:
27:35:5c:56:b7:75:b9:35:ad:83:9a:59:cf:1c:39:
c3:15:ba:a4:b2:60:28:14:fb:2f:8f:93:00:88:ea:
68:f9:01:35:d1:79:4a:9c:95:67:95:73:ff:cf:ab:
e6:33:3e:28:b1:75:46:11:55:d5:52:43:70:96:61:
7d:89:23:31:38:29:2d:9b:e2:26:33:ed:0e:94:e2:
1d:91:79:47:8a:6e:9b:ef:92:73:0e:58:da:0d:46:
99:51:06:2a:24:34:e0:59:72:c6:e4:f9:3e:7f:60:
a1:77:4a:85:83:fe:83:b5:92:12:01:86:84:2a:5f:
b3:ad:5d:09:60:41:22:35:0d:84:10:bc:66:08:ea:
64:1e:67:87:aa:3c:44:f8:8f:f1:1e:69:a6:27:73:
bb:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:4F:AD:98:62:30:98:C7:9F:B0:C3:EA:5B:A6:01:A8:EB:DB:96:23
X509v3 Authority Key Identifier:
keyid:7A:96:17:69:54:9E:0A:AD:0A:9B:F9:92:56:83:BA:EF:73:3A:2F:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/DC67BC1E8E1A11F08364EF73C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
210.246.200.0-210.246.202.255
210.246.206.0-210.246.219.255
210.246.230.0/23
210.246.236.0/23
210.246.239.0/24
210.246.245.0-210.246.251.255
Signature Algorithm: sha256WithRSAEncryption
7b:c4:17:e9:9a:13:f6:59:c2:42:ad:56:e9:14:84:75:99:5c:
7d:36:58:0c:d0:1d:77:fb:4a:99:92:a7:84:ba:70:f0:e6:fb:
81:94:28:5d:28:c7:08:d3:df:2c:14:d9:84:8f:89:5c:db:c5:
10:72:c6:8e:34:be:3e:4c:97:9e:c0:49:ca:74:5c:79:4a:71:
1c:fc:6e:9e:db:12:4b:d7:be:0b:ae:ff:5e:a6:0b:75:c4:78:
93:8d:0e:28:f3:e8:12:85:e0:4e:91:a2:cc:be:86:19:60:7a:
18:51:57:bf:1e:bd:62:f5:bb:1d:f3:85:76:f0:3a:27:e6:0c:
69:a4:4c:55:ba:92:47:18:76:1c:45:79:99:6f:8b:d1:24:d8:
75:59:6b:34:f7:c4:0a:47:fc:45:bb:25:ce:da:28:f6:df:0c:
30:6d:31:7c:88:0b:e4:62:fa:da:a1:b1:dd:cf:09:9e:8b:ea:
27:95:86:e7:27:d1:d4:be:db:cc:ac:6c:7e:a6:c5:9f:f7:32:
1d:af:6a:12:be:63:c8:9b:b1:b3:89:61:80:f0:fc:75:69:76:
d0:e6:13:da:d1:d2:79:5b:db:68:b9:bf:bd:5e:74:5a:f6:f4:
6d:56:23:f3:fb:2d:5f:a1:31:9b:2e:7c:04:c9:73:2b:19:c9:
10:9d:1e:f6
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICNZQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUM1QjAxMTAvBgNVBAUTKDdBOTYxNzY5NTQ5RTBBQUQwQTlCRjk5MjU2ODNCQUVG
NzMzQTJGMUEwHhcNMjUwOTEwMDc1MDQ3WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODA5NS01OWJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvdqdzmxp31TE8sjLWuM5XY2uKKKzfxIGP+RXZNPdFID/tE6zr54unxbEQGIo
a60WbAg1WWrrfO4Twpp4tPVCAh/rdnowxTMGR1wtm4AsB/VoWeSo/DGhqQLoodNZ
cwMG80fbWgfC2YInNVxWt3W5Na2DmlnPHDnDFbqksmAoFPsvj5MAiOpo+QE10XlK
nJVnlXP/z6vmMz4osXVGEVXVUkNwlmF9iSMxOCktm+ImM+0OlOIdkXlHim6b75Jz
DljaDUaZUQYqJDTgWXLG5Pk+f2Chd0qFg/6DtZISAYaEKl+zrV0JYEEiNQ2EELxm
COpkHmeHqjxE+I/xHmmmJ3O7xQIDAQABo4ICljCCApIwHQYDVR0OBBYEFD5PrZhi
MJjHn7DD6lumAajr25YjMB8GA1UdIwQYMBaAFHqWF2lUngqtCpv5klaDuu9zOi8a
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzVCMC80MEM4RDVBNjFE
ODMxMUUyODIzQTVGRDgwOEIwMkNEMi9lcFlYYVZTZUNxMEttX21TVm9PNjczTTZM
eG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VwWVhhVlNlQ3EwS21fbVNWb082NzNNNkx4by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUM1QjAvNDBDOEQ1QTYxRDgzMTFFMjgyM0E1RkQ4MDhCMDJDRDIvREM2N0JDMUU4
RTFBMTFGMDgzNjRFRjczQzRGOUFFMDIucm9hMFUGCCsGAQUFBwEHAQH/BEYwRDBC
BAIAATA8MAwDBAPS9sgDBADS9sowDAMEAdL2zgMEAtL22AMEAdL25gMEAdL27AME
ANL27zAMAwQA0vb1AwQC0vb4MA0GCSqGSIb3DQEBCwUAA4IBAQB7xBfpmhP2WcJC
rVbpFIR1mVx9NlgM0B13+0qZkqeEunDw5vuBlChdKMcI098sFNmEj4lc28UQcsaO
NL4+TJeewEnKdFx5SnEc/G6e2xJL174Lrv9epgt1xHiTjQ4o8+gSheBOkaLMvoYZ
YHoYUVe/Hr1i9bsd84V28Don5gxppExVupJHGHYcRXmZb4vRJNh1WWs098QKR/xF
uyXO2ij23wwwbTF8iAvkYvraobHdzwmei+onlYbnJ9HUvtvMrGx+psWf9zIdr2oS
vmPIm7GziWGA8Px1aXbQ5hPa0dJ5W9toub+9XnRa9vRtViPz+y1foTGbLnwEyXMr
GckQnR72
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:40:37 2026 by rpki-client