Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/11A28878915611EE83F61C41C4F9AE02.roa
File: 11A28878915611EE83F61C41C4F9AE02.roa (raw, json)
Hash identifier: RMJ3MtQdHxz76LVbzxDYjdiseR/569W+/vsBpB/W5j4=
Subject key identifier: 52:E8:75:84:D3:26:2A:54:32:94:A0:4A:7C:14:46:A7:38:96:D0:29
Certificate issuer: /CN=A911D9B2/serialNumber=91295BBB75BFAAEB9531B39B36EC7521DDE30D63
Certificate serial: 01E1
Authority key identifier: 91:29:5B:BB:75:BF:AA:EB:95:31:B3:9B:36:EC:75:21:DD:E3:0D:63
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSlbu3W_quuVMbObNux1Id3jDWM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/11A28878915611EE83F61C41C4F9AE02.roa
Signing time: Sun 01 Mar 2026 16:12:37 +0000
ROA not before: Sat 03 Jan 2026 18:23:22 +0000
ROA not after: Wed 30 Dec 2026 00:00:00 +0000
asID: 931
IP address blocks: 103.96.80.0/24 maxlen: 24
103.96.81.0/24 maxlen: 24
103.96.82.0/24 maxlen: 24
103.96.83.0/24 maxlen: 24
103.131.130.0/24 maxlen: 24
103.131.131.0/24 maxlen: 24
103.141.235.0/24 maxlen: 24
103.142.167.0/24 maxlen: 24
103.144.51.0/24 maxlen: 24
103.199.98.0/24 maxlen: 24
103.199.99.0/24 maxlen: 24
2401:3a60:1000::/36 maxlen: 36
2401:3a60:1100::/40 maxlen: 40
2401:3a60:1200::/40 maxlen: 40
2401:3a60:1300::/40 maxlen: 40
2401:3a60:1400::/40 maxlen: 40
2401:3a60:1500::/40 maxlen: 40
2401:3a60:15ff::/112 maxlen: 112
2401:3a60:1600::/40 maxlen: 40
2401:3a60:1600::/112 maxlen: 112
2401:3a60:3100::/40 maxlen: 40
2401:3a60:3200::/40 maxlen: 40
2401:3a60:3300::/40 maxlen: 40
2401:3a60:3400::/40 maxlen: 40
2401:3a60:5000::/40 maxlen: 40
2401:3a60:5100::/40 maxlen: 40
2401:3a60:5200::/40 maxlen: 40
2401:3a60:5300::/40 maxlen: 40
2401:3a60:5400::/40 maxlen: 40
2401:3a60:7100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/kSlbu3W_quuVMbObNux1Id3jDWM.crl
rsync://rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/kSlbu3W_quuVMbObNux1Id3jDWM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSlbu3W_quuVMbObNux1Id3jDWM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:21:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 481 (0x1e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D9B2, serialNumber=91295BBB75BFAAEB9531B39B36EC7521DDE30D63
Validity
Not Before: Jan 3 18:23:22 2026 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=69a46574-e94a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0d:da:0c:0d:f7:ae:40:6f:85:be:fa:c3:72:
07:44:5a:3e:d2:85:89:01:54:b9:86:08:bb:5b:f4:
06:bd:13:24:55:87:10:78:76:97:2b:42:4f:c6:e1:
dc:b2:a7:f7:ac:d1:8a:92:5c:31:50:b8:e0:3f:a1:
46:62:57:c8:28:8f:c5:f3:6f:c0:67:d4:66:60:78:
1a:70:5c:0d:22:fe:4d:8c:14:7c:aa:db:f1:95:83:
64:12:99:5c:44:b0:df:64:9f:11:a9:6e:37:e3:1d:
e9:c7:b1:20:60:87:d7:80:bb:71:c2:66:93:4c:b7:
59:ab:0b:d7:39:0f:95:85:91:a2:a4:8b:65:58:3b:
2c:da:5d:52:d1:bd:82:2c:46:c9:69:b4:e0:0a:79:
79:99:4b:82:ce:aa:e4:83:0b:93:55:4e:87:94:9e:
b5:2e:d7:49:09:22:32:e1:17:35:c8:18:5a:58:09:
9e:41:f3:fd:9f:fe:97:7c:2b:ff:c3:a6:b9:27:95:
32:3f:a9:ba:85:1a:dd:f2:6b:4c:86:88:c2:1a:96:
35:78:73:67:82:d9:70:6b:5f:e5:56:37:c2:28:a8:
32:fa:31:9c:05:43:95:d1:50:30:1f:3a:9c:ee:c8:
e4:06:73:fc:49:0d:cf:c3:8b:69:3f:8d:d6:c2:73:
e9:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:E8:75:84:D3:26:2A:54:32:94:A0:4A:7C:14:46:A7:38:96:D0:29
X509v3 Authority Key Identifier:
keyid:91:29:5B:BB:75:BF:AA:EB:95:31:B3:9B:36:EC:75:21:DD:E3:0D:63
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/kSlbu3W_quuVMbObNux1Id3jDWM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSlbu3W_quuVMbObNux1Id3jDWM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/11A28878915611EE83F61C41C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.96.80.0/22
103.131.130.0/23
103.141.235.0/24
103.142.167.0/24
103.144.51.0/24
103.199.98.0/23
IPv6:
2401:3a60:1000::/36
2401:3a60:3100::-2401:3a60:34ff:ffff:ffff:ffff:ffff:ffff
2401:3a60:5000::-2401:3a60:54ff:ffff:ffff:ffff:ffff:ffff
2401:3a60:7100::/40
Signature Algorithm: sha256WithRSAEncryption
ae:6a:a2:6e:e3:ee:09:2f:d8:bc:19:65:7f:05:5e:21:21:0b:
eb:1b:c7:48:a8:f9:f5:78:e0:f7:66:b2:2f:c0:4c:1c:f5:e8:
a8:e7:be:9f:ef:94:31:b8:f8:bf:9c:3a:e0:63:fd:b0:48:8d:
a3:ea:3f:8a:8e:78:c2:04:f3:65:38:82:af:99:0d:80:93:ad:
ba:89:9b:cf:53:47:95:bb:82:62:6b:a3:6a:1c:e2:a4:cd:51:
58:01:09:50:87:1c:17:21:c2:56:2d:fa:54:dd:70:6e:bb:36:
a7:36:2e:0c:16:de:52:a7:84:ad:5c:f6:67:74:b3:00:0f:90:
54:fa:8c:40:83:c2:48:f2:19:d3:a0:fa:b8:04:7e:fb:76:59:
0a:dd:b7:ca:88:f9:23:b0:2a:16:37:5d:90:a8:17:84:42:2e:
e0:f6:37:a5:eb:1d:6a:2c:74:8f:0c:f6:91:a2:10:1a:18:07:
31:59:e5:26:a1:25:db:aa:cf:bf:d1:d6:9a:8e:c6:cc:e4:1c:
61:75:ee:63:83:60:4c:d9:f9:c3:15:ae:76:2b:0a:64:ca:a8:
cf:65:30:88:7c:f8:6d:da:76:ab:10:8d:43:dd:f5:0d:ef:08:
94:17:43:f7:c7:60:54:9f:2e:aa:59:62:03:52:53:a6:dd:1c:
19:75:14:30
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgICAeEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQ5QjIxMTAvBgNVBAUTKDkxMjk1QkJCNzVCRkFBRUI5NTMxQjM5QjM2RUM3NTIx
RERFMzBENjMwHhcNMjYwMTAzMTgyMzIyWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NjU3NC1lOTRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsA3aDA33rkBvhb76w3IHRFo+0oWJAVS5hgi7W/QGvRMkVYcQeHaXK0JPxuHc
sqf3rNGKklwxULjgP6FGYlfIKI/F82/AZ9RmYHgacFwNIv5NjBR8qtvxlYNkEplc
RLDfZJ8RqW434x3px7EgYIfXgLtxwmaTTLdZqwvXOQ+VhZGipItlWDss2l1S0b2C
LEbJabTgCnl5mUuCzqrkgwuTVU6HlJ61LtdJCSIy4Rc1yBhaWAmeQfP9n/6XfCv/
w6a5J5UyP6m6hRrd8mtMhojCGpY1eHNngtlwa1/lVjfCKKgy+jGcBUOV0VAwHzqc
7sjkBnP8SQ3Pw4tpP43WwnPp1QIDAQABo4ICujCCArYwHQYDVR0OBBYEFFLodYTT
JipUMpSgSnwURqc4ltApMB8GA1UdIwQYMBaAFJEpW7t1v6rrlTGzmzbsdSHd4w1j
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDlCMi8wQTZGM0I0Mjkx
NTUxMUVFQTRDMEY2NjhDNEY5QUUwMi9rU2xidTNXX3F1dVZNYk9iTnV4MUlkM2pE
V00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tTbGJ1M1dfcXV1Vk1iT2JOdXgxSWQzakRXTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQ5QjIvMEE2RjNCNDI5MTU1MTFFRUE0QzBGNjY4QzRGOUFFMDIvMTFBMjg4Nzg5
MTU2MTFFRTgzRjYxQzQxQzRGOUFFMDIucm9hMHkGCCsGAQUFBwEHAQH/BGowaDAq
BAIAATAkAwQCZ2BQAwQBZ4OCAwQAZ43rAwQAZ46nAwQAZ5AzAwQBZ8diMDoEAgAC
MDQDBgQkATpgEDAQAwYAJAE6YDEDBgAkATpgNDAQAwYEJAE6YFADBgAkATpgVAMG
ACQBOmBxMA0GCSqGSIb3DQEBCwUAA4IBAQCuaqJu4+4JL9i8GWV/BV4hIQvrG8dI
qPn1eOD3ZrIvwEwc9eio576f75QxuPi/nDrgY/2wSI2j6j+KjnjCBPNlOIKvmQ2A
k626iZvPU0eVu4Jia6NqHOKkzVFYAQlQhxwXIcJWLfpU3XBuuzanNi4MFt5Sp4St
XPZndLMAD5BU+oxAg8JI8hnToPq4BH77dlkK3bfKiPkjsCoWN12QqBeEQi7g9jel
6x1qLHSPDPaRohAaGAcxWeUmoSXbqs+/0daajsbM5Bxhde5jg2BM2fnDFa52Kwpk
yqjPZTCIfPht2narEI1D3fUN7wiUF0P3x2BUny6qWWIDUlOm3RwZdRQw
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:45:44 2026 by rpki-client