Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9125C22/045695B87FAE11EB977B5335C4F9AE02/202A51EA52D611EFA0333E23C4F9AE02.roa
File: 202A51EA52D611EFA0333E23C4F9AE02.roa (raw, json)
Hash identifier: CxI7KYu4pZe63vL/eoc29VD/jD6Ot+ag5XgopheyhjA=
Subject key identifier: 7E:00:EB:F7:D3:D7:22:AD:DA:9A:85:A9:76:90:84:D4:F7:FD:97:4C
Certificate issuer: /CN=A9125C22/serialNumber=D9069391A3E7804A6EBDDF9D41F2DE4D91BD51B3
Certificate serial: 0708
Authority key identifier: D9:06:93:91:A3:E7:80:4A:6E:BD:DF:9D:41:F2:DE:4D:91:BD:51:B3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QaTkaPngEpuvd-dQfLeTZG9UbM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9125C22/045695B87FAE11EB977B5335C4F9AE02/202A51EA52D611EFA0333E23C4F9AE02.roa
Signing time: Sun 01 Mar 2026 12:31:45 +0000
ROA not before: Fri 24 Oct 2025 23:41:26 +0000
ROA not after: Sun 31 Jan 2027 00:00:00 +0000
asID: 133771
IP address blocks: 59.153.56.0/22 maxlen: 22
59.153.56.0/24 maxlen: 24
59.153.57.0/24 maxlen: 24
59.153.58.0/24 maxlen: 24
59.153.59.0/24 maxlen: 24
103.198.56.0/22 maxlen: 24
116.251.224.0/19 maxlen: 19
116.251.224.0/22 maxlen: 22
116.251.224.0/24 maxlen: 24
116.251.225.0/24 maxlen: 24
116.251.226.0/23 maxlen: 24
116.251.228.0/22 maxlen: 22
116.251.228.0/24 maxlen: 24
116.251.229.0/24 maxlen: 24
116.251.230.0/24 maxlen: 24
116.251.231.0/24 maxlen: 24
116.251.232.0/22 maxlen: 22
116.251.232.0/24 maxlen: 24
116.251.233.0/24 maxlen: 24
116.251.234.0/23 maxlen: 24
116.251.236.0/22 maxlen: 22
116.251.236.0/23 maxlen: 24
116.251.238.0/24 maxlen: 24
116.251.239.0/24 maxlen: 24
116.251.240.0/22 maxlen: 22
116.251.240.0/24 maxlen: 24
116.251.241.0/24 maxlen: 24
116.251.242.0/24 maxlen: 24
116.251.243.0/24 maxlen: 24
116.251.244.0/22 maxlen: 22
116.251.244.0/24 maxlen: 24
116.251.245.0/24 maxlen: 24
116.251.246.0/24 maxlen: 24
116.251.247.0/24 maxlen: 24
116.251.248.0/22 maxlen: 22
116.251.248.0/24 maxlen: 24
116.251.249.0/24 maxlen: 24
116.251.250.0/24 maxlen: 24
116.251.251.0/24 maxlen: 24
116.251.252.0/22 maxlen: 22
116.251.252.0/24 maxlen: 24
116.251.253.0/24 maxlen: 24
116.251.254.0/24 maxlen: 24
116.251.255.0/24 maxlen: 24
138.43.32.0/20 maxlen: 24
138.43.192.0/20 maxlen: 24
2401:d280::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9125C22/045695B87FAE11EB977B5335C4F9AE02/2QaTkaPngEpuvd-dQfLeTZG9UbM.crl
rsync://rpki.apnic.net/member_repository/A9125C22/045695B87FAE11EB977B5335C4F9AE02/2QaTkaPngEpuvd-dQfLeTZG9UbM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QaTkaPngEpuvd-dQfLeTZG9UbM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 23:40:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1800 (0x708)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9125C22, serialNumber=D9069391A3E7804A6EBDDF9D41F2DE4D91BD51B3
Validity
Not Before: Oct 24 23:41:26 2025 GMT
Not After : Jan 31 00:00:00 2027 GMT
Subject: CN=69a431b1-2a3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:59:d2:27:4d:21:3f:e2:70:d6:68:7a:8d:df:
77:85:2d:a1:9a:3a:96:49:ca:05:94:db:af:5b:dc:
a0:cb:4d:06:44:48:17:2d:c2:83:cd:66:97:71:0c:
d0:fe:63:72:48:73:a3:58:9c:3f:05:5f:c9:dc:52:
9f:2e:40:cb:14:01:f0:4d:46:a2:72:4d:ea:6a:f9:
6e:45:ae:d9:5c:b2:6a:90:ab:c1:94:a1:96:26:88:
e5:41:5e:26:2c:c6:58:0b:02:8e:96:be:1c:7e:e1:
02:3d:b6:d7:47:71:76:71:f8:2b:52:f4:14:00:03:
8b:b6:33:7d:1c:ed:36:8a:3c:20:03:62:c5:82:70:
49:5e:6e:bb:89:e1:3f:d2:12:c8:e9:79:95:c1:70:
5a:32:00:ab:8e:12:18:a4:eb:80:3c:1c:84:45:54:
b3:5b:4a:d8:7b:59:42:7b:cc:27:0f:8a:1a:e0:4f:
7b:1f:75:0e:8d:09:28:90:3b:1f:29:6f:2c:7e:a1:
67:1b:a1:43:53:27:45:e0:13:5f:5c:0d:87:2b:76:
9e:11:74:82:14:50:b9:67:3e:d0:88:43:af:37:f8:
76:8f:0c:0a:ac:6a:9b:15:b0:08:63:ac:51:bf:0c:
39:b7:06:4f:86:d7:37:c0:f7:f8:55:54:78:98:c4:
5a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:00:EB:F7:D3:D7:22:AD:DA:9A:85:A9:76:90:84:D4:F7:FD:97:4C
X509v3 Authority Key Identifier:
keyid:D9:06:93:91:A3:E7:80:4A:6E:BD:DF:9D:41:F2:DE:4D:91:BD:51:B3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9125C22/045695B87FAE11EB977B5335C4F9AE02/2QaTkaPngEpuvd-dQfLeTZG9UbM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QaTkaPngEpuvd-dQfLeTZG9UbM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125C22/045695B87FAE11EB977B5335C4F9AE02/202A51EA52D611EFA0333E23C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
59.153.56.0/22
103.198.56.0/22
116.251.224.0/19
138.43.32.0/20
138.43.192.0/20
IPv6:
2401:d280::/32
Signature Algorithm: sha256WithRSAEncryption
25:4a:5a:57:e1:d2:b5:2b:9a:1a:a6:02:e9:48:1f:19:1d:92:
9e:f9:93:62:02:c8:e9:09:af:a9:50:eb:5c:a0:3e:ed:cf:af:
7a:97:c7:77:56:04:1a:28:a5:62:d5:51:91:fa:42:ee:fa:ee:
4e:d0:f1:62:c6:63:c8:3f:69:be:a2:40:28:76:f1:4d:5f:02:
07:e8:28:49:aa:b1:08:6d:c9:5a:16:d6:6d:0c:b7:56:a9:fc:
7b:18:7e:13:a8:8e:ca:f1:55:07:3e:3b:53:b8:12:46:52:b4:
7b:9a:57:ce:9b:cf:31:8c:f5:bd:58:63:ea:97:16:d2:5f:a2:
74:6b:44:cc:fd:82:5a:0e:14:c0:98:7f:39:ac:98:ac:1d:15:
ac:7e:46:27:cd:1d:1e:69:80:4b:a7:d9:a6:00:9e:08:1e:ed:
58:a0:72:4a:6e:90:d1:3f:58:c5:92:cd:01:88:fd:69:99:31:
3f:c0:75:52:c0:ef:43:b1:a0:77:fa:5a:81:f3:79:79:48:54:
09:62:85:4e:6b:80:a2:b4:35:40:fb:f3:85:7e:b9:05:c2:99:
39:8a:bd:04:6b:7b:83:b4:2d:2b:9b:80:cb:81:33:16:23:02:
89:4e:3b:6f:09:67:04:a9:ff:e0:38:b8:8f:e0:b4:00:4f:fc:
c3:e8:b9:3b
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgICBwgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjVDMjIxMTAvBgNVBAUTKEQ5MDY5MzkxQTNFNzgwNEE2RUJEREY5RDQxRjJERTRE
OTFCRDUxQjMwHhcNMjUxMDI0MjM0MTI2WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0MzFiMS0yYTNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArVnSJ00hP+Jw1mh6jd93hS2hmjqWScoFlNuvW9ygy00GREgXLcKDzWaXcQzQ
/mNySHOjWJw/BV/J3FKfLkDLFAHwTUaick3qavluRa7ZXLJqkKvBlKGWJojlQV4m
LMZYCwKOlr4cfuECPbbXR3F2cfgrUvQUAAOLtjN9HO02ijwgA2LFgnBJXm67ieE/
0hLI6XmVwXBaMgCrjhIYpOuAPByERVSzW0rYe1lCe8wnD4oa4E97H3UOjQkokDsf
KW8sfqFnG6FDUydF4BNfXA2HK3aeEXSCFFC5Zz7QiEOvN/h2jwwKrGqbFbAIY6xR
vww5twZPhtc3wPf4VVR4mMRatQIDAQABo4IChzCCAoMwHQYDVR0OBBYEFH4A6/fT
1yKt2pqFqXaQhNT3/ZdMMB8GA1UdIwQYMBaAFNkGk5Gj54BKbr3fnUHy3k2RvVGz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNUMyMi8wNDU2OTVCODdG
QUUxMUVCOTc3QjUzMzVDNEY5QUUwMi8yUWFUa2FQbmdFcHV2ZC1kUWZMZVRaRzlV
Yk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJRYVRrYVBuZ0VwdXZkLWRRZkxlVFpHOVViTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjVDMjIvMDQ1Njk1Qjg3RkFFMTFFQjk3N0I1MzM1QzRGOUFFMDIvMjAyQTUxRUE1
MkQ2MTFFRkEwMzMzRTIzQzRGOUFFMDIucm9hMEYGCCsGAQUFBwEHAQH/BDcwNTAk
BAIAATAeAwQCO5k4AwQCZ8Y4AwQFdPvgAwQEiisgAwQEiivAMA0EAgACMAcDBQAk
AdKAMA0GCSqGSIb3DQEBCwUAA4IBAQAlSlpX4dK1K5oapgLpSB8ZHZKe+ZNiAsjp
Ca+pUOtcoD7tz696l8d3VgQaKKVi1VGR+kLu+u5O0PFixmPIP2m+okAodvFNXwIH
6ChJqrEIbclaFtZtDLdWqfx7GH4TqI7K8VUHPjtTuBJGUrR7mlfOm88xjPW9WGPq
lxbSX6J0a0TM/YJaDhTAmH85rJisHRWsfkYnzR0eaYBLp9mmAJ4IHu1YoHJKbpDR
P1jFks0BiP1pmTE/wHVSwO9DsaB3+lqB83l5SFQJYoVOa4CitDVA+/OFfrkFwpk5
ir0Ea3uDtC0rm4DLgTMWIwKJTjtvCWcEqf/gOLiP4LQAT/zD6Lk7
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:43:18 2026 by rpki-client