Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/FD9DD964D0FE11F09871A984C4F9AE02.roa
File: FD9DD964D0FE11F09871A984C4F9AE02.roa (raw, json)
Hash identifier: fCNwY+bFmbNIKvRtyJc3Fedqpi08Sju/q2nGO6Ir4oQ=
Subject key identifier: 1F:D1:29:31:E4:49:A2:A4:8F:17:52:A3:0C:F5:72:06:8B:91:59:EA
Certificate issuer: /CN=A91298DA/serialNumber=FCAA086226DF02AF8394FAB22D1FB96E0B7D65DD
Certificate serial: 0CA9
Authority key identifier: FC:AA:08:62:26:DF:02:AF:83:94:FA:B2:2D:1F:B9:6E:0B:7D:65:DD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/FD9DD964D0FE11F09871A984C4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:25:31 +0000
ROA not before: Thu 04 Dec 2025 10:51:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58895
IP address blocks: 36.255.100.0/22 maxlen: 22
36.255.100.0/24 maxlen: 24
36.255.101.0/24 maxlen: 24
36.255.102.0/24 maxlen: 24
36.255.103.0/24 maxlen: 24
43.229.164.0/22 maxlen: 22
43.229.164.0/24 maxlen: 24
43.229.165.0/24 maxlen: 24
43.229.166.0/24 maxlen: 24
43.229.167.0/24 maxlen: 24
43.231.60.0/22 maxlen: 22
43.231.60.0/24 maxlen: 24
43.231.61.0/24 maxlen: 24
43.231.62.0/24 maxlen: 24
43.231.63.0/24 maxlen: 24
43.248.12.0/24 maxlen: 24
43.248.13.0/24 maxlen: 24
43.248.14.0/24 maxlen: 24
45.113.124.0/22 maxlen: 22
45.113.124.0/24 maxlen: 24
45.113.125.0/24 maxlen: 24
45.113.126.0/24 maxlen: 24
45.113.127.0/24 maxlen: 24
45.117.105.0/24 maxlen: 24
45.117.106.0/24 maxlen: 24
45.117.107.0/24 maxlen: 24
103.24.96.0/22 maxlen: 24
103.35.214.0/24 maxlen: 24
103.35.215.0/24 maxlen: 24
103.39.80.0/22 maxlen: 22
103.39.80.0/24 maxlen: 24
103.39.81.0/24 maxlen: 24
103.39.82.0/24 maxlen: 24
103.39.83.0/24 maxlen: 24
103.49.136.0/24 maxlen: 24
103.49.137.0/24 maxlen: 24
103.49.138.0/24 maxlen: 24
103.49.139.0/24 maxlen: 24
103.50.156.0/22 maxlen: 22
103.50.156.0/24 maxlen: 24
103.50.157.0/24 maxlen: 24
103.50.158.0/24 maxlen: 24
103.50.159.0/24 maxlen: 24
103.53.44.0/22 maxlen: 22
103.53.44.0/24 maxlen: 24
103.53.45.0/24 maxlen: 24
103.53.46.0/24 maxlen: 24
103.53.47.0/24 maxlen: 24
103.57.168.0/22 maxlen: 22
103.57.168.0/24 maxlen: 24
103.57.169.0/24 maxlen: 24
103.57.170.0/24 maxlen: 24
103.57.171.0/24 maxlen: 24
103.70.84.0/24 maxlen: 24
103.70.85.0/24 maxlen: 24
103.200.196.0/24 maxlen: 24
103.200.197.0/24 maxlen: 24
103.200.198.0/24 maxlen: 24
103.200.199.0/24 maxlen: 24
103.209.85.0/24 maxlen: 24
103.209.86.0/24 maxlen: 24
103.209.87.0/24 maxlen: 24
117.53.40.0/22 maxlen: 22
117.53.40.0/24 maxlen: 24
117.53.41.0/24 maxlen: 24
117.53.42.0/24 maxlen: 24
117.53.43.0/24 maxlen: 24
150.129.4.0/22 maxlen: 22
150.129.4.0/24 maxlen: 24
150.129.5.0/24 maxlen: 24
150.129.6.0/24 maxlen: 24
150.129.7.0/24 maxlen: 24
2400:1680::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.crl
rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:41:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3241 (0xca9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91298DA, serialNumber=FCAA086226DF02AF8394FAB22D1FB96E0B7D65DD
Validity
Not Before: Dec 4 10:51:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a4849b-0055
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d7:cb:3f:c8:18:64:93:31:ed:c3:50:f8:4c:
38:7c:c7:c3:47:22:29:b6:ea:bd:9d:f4:b9:95:0d:
54:a6:30:cc:ad:02:86:3e:77:73:3c:59:41:56:1c:
13:48:af:56:42:50:f7:f7:93:bd:0b:7b:71:f1:6b:
30:ab:ab:6e:02:67:22:ba:59:54:30:e9:87:ac:34:
e7:bb:28:2b:91:15:4f:52:02:21:f3:9f:32:6d:71:
9a:b9:d7:12:a2:4f:b3:90:d6:09:0a:81:c0:15:a1:
89:bc:18:a4:36:4c:28:53:63:75:62:17:96:4d:d5:
e4:ac:b5:f1:de:42:a0:87:a6:ae:21:b7:cf:ac:60:
2c:23:94:99:d3:d5:cc:04:36:df:34:d5:d1:12:a9:
f6:c6:35:d3:74:f4:cb:dc:fa:06:0e:d4:d4:fa:8f:
30:35:fb:98:93:c1:07:3d:42:cc:80:dd:54:bc:bd:
1a:b9:e1:0b:80:a3:ab:9b:03:f3:40:ed:4f:dc:99:
01:59:a4:8c:71:8c:3e:ba:28:fb:e1:aa:57:b3:79:
1d:6e:f3:32:46:e1:fa:62:20:28:28:d6:43:e5:ea:
46:25:fa:80:4a:da:e9:2c:c1:54:a8:3d:21:80:8a:
f3:28:56:b9:d2:b4:fd:5c:b5:bc:29:f0:21:15:8c:
a8:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:D1:29:31:E4:49:A2:A4:8F:17:52:A3:0C:F5:72:06:8B:91:59:EA
X509v3 Authority Key Identifier:
keyid:FC:AA:08:62:26:DF:02:AF:83:94:FA:B2:2D:1F:B9:6E:0B:7D:65:DD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/FD9DD964D0FE11F09871A984C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
36.255.100.0/22
43.229.164.0/22
43.231.60.0/22
43.248.12.0-43.248.14.255
45.113.124.0/22
45.117.105.0-45.117.107.255
103.24.96.0/22
103.35.214.0/23
103.39.80.0/22
103.49.136.0/22
103.50.156.0/22
103.53.44.0/22
103.57.168.0/22
103.70.84.0/23
103.200.196.0/22
103.209.85.0-103.209.87.255
117.53.40.0/22
150.129.4.0/22
IPv6:
2400:1680::/32
Signature Algorithm: sha256WithRSAEncryption
00:fb:d1:d0:b2:45:a1:11:d9:f2:61:90:e2:e4:e0:ef:16:6f:
3f:6e:5d:15:7c:bd:73:22:22:0b:24:6d:02:85:96:e9:50:14:
18:cf:a1:65:b3:f2:a3:0b:5d:0a:ff:b6:66:6a:21:16:26:ed:
d3:30:9b:8f:20:75:e3:42:a8:76:7d:a3:c6:0b:71:ea:75:ce:
f6:8f:28:6e:4c:02:78:95:1d:56:cf:1b:a1:86:f4:c1:f3:46:
80:8a:98:34:59:a8:82:b8:3d:d3:e8:ac:07:f6:e4:aa:90:e8:
c5:a1:46:b2:0f:64:dd:ec:a6:79:9a:79:ad:cd:20:b1:f8:18:
2b:af:8f:b3:f5:17:48:bd:7d:6a:10:19:db:86:6c:b7:fa:d8:
a7:c2:13:a7:86:1d:33:44:db:3a:cb:9f:87:32:cf:7d:59:11:
c7:4a:86:3d:bc:27:b6:77:3f:65:2a:a7:b5:0a:72:bb:05:f5:
00:28:f0:6e:3e:73:47:2d:da:71:24:32:9a:51:75:9f:82:cd:
88:2c:86:90:64:15:90:f4:7a:b0:00:67:03:6d:b0:6a:86:0d:
10:0c:1a:b5:be:fd:53:d4:9e:d4:60:ce:14:fc:c0:fb:79:89:
36:30:31:e7:d8:fe:6b:9f:c7:ed:ea:d0:44:26:c3:d0:14:9a:
51:e9:c2:e6
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgICDKkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjk4REExMTAvBgNVBAUTKEZDQUEwODYyMjZERjAyQUY4Mzk0RkFCMjJEMUZCOTZF
MEI3RDY1REQwHhcNMjUxMjA0MTA1MTM2WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODQ5Yi0wMDU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyNfLP8gYZJMx7cNQ+Ew4fMfDRyIptuq9nfS5lQ1UpjDMrQKGPndzPFlBVhwT
SK9WQlD395O9C3tx8Wswq6tuAmciullUMOmHrDTnuygrkRVPUgIh858ybXGaudcS
ok+zkNYJCoHAFaGJvBikNkwoU2N1YheWTdXkrLXx3kKgh6auIbfPrGAsI5SZ09XM
BDbfNNXREqn2xjXTdPTL3PoGDtTU+o8wNfuYk8EHPULMgN1UvL0aueELgKOrmwPz
QO1P3JkBWaSMcYw+uij74apXs3kdbvMyRuH6YiAoKNZD5epGJfqAStrpLMFUqD0h
gIrzKFa50rT9XLW8KfAhFYyoJQIDAQABo4IC8jCCAu4wHQYDVR0OBBYEFB/RKTHk
SaKkjxdSowz1cgaLkVnqMB8GA1UdIwQYMBaAFPyqCGIm3wKvg5T6si0fuW4LfWXd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOThEQS8zNEYzNjEyRTI2
ODExMUVBOTAzRDcwNThDNEY5QUUwMi9fS29JWWliZkFxLURsUHF5TFItNWJndDla
ZDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19Lb0lZaWJmQXEtRGxQcXlMUi01Ymd0OVpkMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjk4REEvMzRGMzYxMkUyNjgxMTFFQTkwM0Q3MDU4QzRGOUFFMDIvRkQ5REQ5NjRE
MEZFMTFGMDk4NzFBOTg0QzRGOUFFMDIucm9hMIGwBggrBgEFBQcBBwEB/wSBoDCB
nTCBiwQCAAEwgYQDBAIk/2QDBAIr5aQDBAIr5zwwDAMEAiv4DAMEACv4DgMEAi1x
fDAMAwQALXVpAwQCLXVoAwQCZxhgAwQBZyPWAwQCZydQAwQCZzGIAwQCZzKcAwQC
ZzUsAwQCZzmoAwQBZ0ZUAwQCZ8jEMAwDBABn0VUDBANn0VADBAJ1NSgDBAKWgQQw
DQQCAAIwBwMFACQAFoAwDQYJKoZIhvcNAQELBQADggEBAAD70dCyRaER2fJhkOLk
4O8Wbz9uXRV8vXMiIgskbQKFlulQFBjPoWWz8qMLXQr/tmZqIRYm7dMwm48gdeNC
qHZ9o8YLcep1zvaPKG5MAniVHVbPG6GG9MHzRoCKmDRZqIK4PdPorAf25KqQ6MWh
RrIPZN3spnmaea3NILH4GCuvj7P1F0i9fWoQGduGbLf62KfCE6eGHTNE2zrLn4cy
z31ZEcdKhj28J7Z3P2Uqp7UKcrsF9QAo8G4+c0ct2nEkMppRdZ+CzYgshpBkFZD0
erAAZwNtsGqGDRAMGrW+/VPUntRgzhT8wPt5iTYwMefY/mufx+3q0EQmw9AUmlHp
wuY=
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:37:14 2026 by rpki-client