Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/FC895C72C39F11F095CC9914C4F9AE02.roa
File: FC895C72C39F11F095CC9914C4F9AE02.roa (raw, json)
Hash identifier: oeoqWRtwQTgBkvjilvWPRZDpoi0Ors8C695fBl0ectw=
Subject key identifier: 94:1C:05:B0:AD:8F:A9:D0:49:7D:BE:CA:9D:CF:4B:68:C5:53:52:8E
Certificate issuer: /CN=A912C8AF/serialNumber=763F7FBD964A1C3668308C9A29E15025C0DDF9D4
Certificate serial: 0C55
Authority key identifier: 76:3F:7F:BD:96:4A:1C:36:68:30:8C:9A:29:E1:50:25:C0:DD:F9:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/FC895C72C39F11F095CC9914C4F9AE02.roa
Signing time: Sat 04 Apr 2026 19:25:07 +0000
ROA not before: Sat 04 Apr 2026 19:25:07 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 138915
IP address blocks: 59.153.156.0/24 maxlen: 24
59.153.157.0/24 maxlen: 24
59.153.158.0/24 maxlen: 24
59.153.159.0/24 maxlen: 24
103.84.108.0/24 maxlen: 24
103.84.109.0/24 maxlen: 24
103.84.110.0/24 maxlen: 24
103.84.111.0/24 maxlen: 24
103.136.248.0/22 maxlen: 22
103.136.248.0/24 maxlen: 24
103.136.249.0/24 maxlen: 24
103.136.250.0/24 maxlen: 24
103.136.251.0/24 maxlen: 24
103.145.72.0/24 maxlen: 24
103.145.73.0/24 maxlen: 24
103.151.138.0/23 maxlen: 23
103.151.138.0/24 maxlen: 24
103.151.139.0/24 maxlen: 24
103.152.14.0/24 maxlen: 24
103.152.15.0/24 maxlen: 24
103.152.98.0/24 maxlen: 24
103.152.99.0/24 maxlen: 24
103.154.242.0/24 maxlen: 24
103.154.243.0/24 maxlen: 24
103.155.16.0/24 maxlen: 24
103.155.17.0/24 maxlen: 24
103.198.200.0/24 maxlen: 24
103.198.201.0/24 maxlen: 24
103.198.202.0/24 maxlen: 24
103.198.203.0/24 maxlen: 24
175.176.192.0/24 maxlen: 24
175.176.193.0/24 maxlen: 24
175.176.194.0/24 maxlen: 24
175.176.195.0/24 maxlen: 24
2404:a140::/32 maxlen: 32
2404:a140:2::/48 maxlen: 48
2404:a140:3::/48 maxlen: 48
2404:a140:4::/48 maxlen: 48
2404:a140:5::/48 maxlen: 48
2404:a140:6::/48 maxlen: 48
2404:a140:7::/48 maxlen: 48
2404:a140:8::/48 maxlen: 48
2404:a140:9::/48 maxlen: 48
2404:a140:a::/48 maxlen: 48
2404:a140:b::/48 maxlen: 48
2404:a140:c::/48 maxlen: 48
2404:a140:d::/48 maxlen: 48
2404:a140:e::/48 maxlen: 48
2404:a140:f::/48 maxlen: 48
2404:a140:10::/48 maxlen: 48
2404:a140:11::/48 maxlen: 48
2404:a140:12::/48 maxlen: 48
2404:a140:13::/48 maxlen: 48
2404:a140:14::/48 maxlen: 48
2404:a140:15::/48 maxlen: 48
2404:a140:16::/48 maxlen: 48
2404:a140:17::/48 maxlen: 48
2404:a140:18::/48 maxlen: 48
2404:a140:19::/48 maxlen: 48
2404:a140:1a::/48 maxlen: 48
2404:a140:1b::/48 maxlen: 48
2404:a140:1c::/48 maxlen: 48
2404:a140:1d::/48 maxlen: 48
2404:a140:1e::/48 maxlen: 48
2404:a140:1f::/48 maxlen: 48
2404:a140:20::/48 maxlen: 48
2404:a140:21::/48 maxlen: 48
2404:a140:22::/48 maxlen: 48
2404:a140:23::/48 maxlen: 48
2404:a140:24::/48 maxlen: 48
2404:a140:25::/48 maxlen: 48
2404:a140:26::/48 maxlen: 48
2404:a140:27::/48 maxlen: 48
2404:a140:28::/48 maxlen: 48
2404:a140:29::/48 maxlen: 48
2404:a140:2a::/48 maxlen: 48
2404:a140:2b::/48 maxlen: 48
2404:a140:2c::/48 maxlen: 48
2404:a140:2d::/48 maxlen: 48
2404:a140:2e::/48 maxlen: 48
2404:a140:2f::/48 maxlen: 48
2404:a140:30::/48 maxlen: 48
2404:a140:32::/48 maxlen: 48
2404:a140:33::/48 maxlen: 48
2404:a140:38::/48 maxlen: 48
2404:a140:39::/48 maxlen: 48
2404:a140:3a::/48 maxlen: 48
2404:a140:3b::/48 maxlen: 48
2404:a140:3c::/48 maxlen: 48
2404:a140:3d::/48 maxlen: 48
2404:a140:3e::/48 maxlen: 48
2404:a140:3f::/48 maxlen: 48
2404:a140:42::/48 maxlen: 48
2404:a140:43::/48 maxlen: 48
2404:a140:44::/48 maxlen: 48
2404:a140:45::/48 maxlen: 48
2404:a140:46::/48 maxlen: 48
2404:a140:47::/48 maxlen: 48
2404:a140:48::/48 maxlen: 48
2404:a140:49::/48 maxlen: 48
2404:a140:4a::/48 maxlen: 48
2404:a140:4b::/48 maxlen: 48
2404:a140:4c::/48 maxlen: 48
2404:a140:4d::/48 maxlen: 48
2404:a140:4f::/48 maxlen: 48
2404:a140:50::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.crl
rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Apr 2026 19:13:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3157 (0xc55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912C8AF, serialNumber=763F7FBD964A1C3668308C9A29E15025C0DDF9D4
Validity
Not Before: Apr 4 19:25:07 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=69d16593-1257
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:1d:5a:80:c3:43:e6:10:32:1b:39:c5:b9:77:
0a:d6:22:50:fb:32:79:d1:56:75:58:81:b0:af:a6:
60:d7:c2:49:87:86:2e:17:00:97:02:b8:48:8f:f1:
d1:26:40:99:09:64:78:2e:d5:b4:32:a8:79:78:02:
c2:d9:e0:f1:ae:9a:93:f0:4f:28:0c:21:fb:35:c9:
ec:19:3f:1b:03:23:02:0c:d6:88:c3:4b:28:b7:49:
39:d7:68:0c:d7:04:0d:96:a8:af:7c:36:db:ec:e1:
64:ae:44:bc:66:cc:1d:ec:3c:89:71:87:70:ce:e4:
b1:ad:9a:2d:ba:a4:58:ae:98:8b:8a:ac:bb:e1:17:
da:cc:d1:50:d4:d6:9b:bd:09:d0:70:1f:56:b2:a5:
74:85:09:4a:d4:c5:70:7a:82:b2:93:08:a0:27:44:
5b:19:af:f9:6b:0a:f1:9a:33:ee:aa:9d:e1:af:cd:
36:ae:57:cb:d2:71:e9:fb:51:ba:28:63:aa:94:17:
94:24:07:ab:37:0f:b2:d3:6a:15:11:3b:8b:a9:d3:
23:8e:65:50:9d:f8:cd:eb:7d:27:aa:db:af:a3:ca:
49:0f:0b:17:16:c4:7f:2c:c1:98:a3:4e:ee:34:03:
a5:51:df:be:6f:8a:e9:f1:89:9d:c1:a4:95:29:75:
d3:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:1C:05:B0:AD:8F:A9:D0:49:7D:BE:CA:9D:CF:4B:68:C5:53:52:8E
X509v3 Authority Key Identifier:
keyid:76:3F:7F:BD:96:4A:1C:36:68:30:8C:9A:29:E1:50:25:C0:DD:F9:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dj9_vZZKHDZoMIyaKeFQJcDd-dQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912C8AF/D1F64E725EEF11EAA54E6C6CC4F9AE02/FC895C72C39F11F095CC9914C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
59.153.156.0/22
103.84.108.0/22
103.136.248.0/22
103.145.72.0/23
103.151.138.0/23
103.152.14.0/23
103.152.98.0/23
103.154.242.0/23
103.155.16.0/23
103.198.200.0/22
175.176.192.0/22
IPv6:
2404:a140::/32
Signature Algorithm: sha256WithRSAEncryption
52:a7:4a:60:19:e6:f4:47:67:6a:93:70:a0:86:9a:ff:a7:fb:
b5:50:67:26:1a:69:49:85:f3:84:27:9e:9d:0e:93:6c:13:48:
0b:36:9f:8b:6a:f8:53:c2:42:84:2b:0d:12:c6:ed:04:38:a8:
23:9a:1e:59:c5:b9:33:28:eb:1a:36:cb:53:8b:c4:47:3d:e6:
7a:7f:fc:69:85:45:42:c4:96:b6:b5:5c:fa:ca:b8:11:ac:22:
f3:75:a0:0a:ed:02:7a:2b:d1:f7:f9:3d:58:e6:96:d3:6d:b8:
03:c3:15:13:a6:fb:84:24:32:0a:da:f3:b9:36:94:38:50:25:
c2:d1:c8:55:10:02:6d:2d:36:5e:27:49:cc:c1:78:31:03:2d:
3d:4a:17:5a:6a:08:6a:c2:f3:8b:8b:0d:d6:78:17:30:8f:2a:
be:19:40:00:a8:c3:a6:38:43:bb:d7:d1:f5:8f:2d:3f:be:61:
ad:31:83:39:b9:3d:da:6f:52:dc:af:0f:35:c9:dc:52:4a:8d:
8b:6c:2c:89:93:e1:d1:51:01:8b:01:fd:7d:35:22:9d:5d:ab:
46:59:5c:fd:e3:7a:c9:82:6a:47:54:68:21:f4:85:b1:24:96:
81:9a:c7:09:9a:99:f9:3c:98:16:f6:cd:2e:9f:4e:0a:f3:dc:
b0:a3:b6:43
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICDFUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkM4QUYxMTAvBgNVBAUTKDc2M0Y3RkJEOTY0QTFDMzY2ODMwOEM5QTI5RTE1MDI1
QzBEREY5RDQwHhcNMjYwNDA0MTkyNTA3WhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWQxNjU5My0xMjU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxR1agMND5hAyGznFuXcK1iJQ+zJ50VZ1WIGwr6Zg18JJh4YuFwCXArhIj/HR
JkCZCWR4LtW0Mqh5eALC2eDxrpqT8E8oDCH7NcnsGT8bAyMCDNaIw0sot0k512gM
1wQNlqivfDbb7OFkrkS8Zswd7DyJcYdwzuSxrZotuqRYrpiLiqy74RfazNFQ1Nab
vQnQcB9WsqV0hQlK1MVweoKykwigJ0RbGa/5awrxmjPuqp3hr802rlfL0nHp+1G6
KGOqlBeUJAerNw+y02oVETuLqdMjjmVQnfjN630nqtuvo8pJDwsXFsR/LMGYo07u
NAOlUd++b4rp8YmdwaSVKXXT6wIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFJQcBbCt
j6nQSX2+yp3PS2jFU1KOMB8GA1UdIwQYMBaAFHY/f72WShw2aDCMminhUCXA3fnU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQzhBRi9EMUY2NEU3MjVF
RUYxMUVBQTU0RTZDNkNDNEY5QUUwMi9kajlfdlpaS0hEWm9NSXlhS2VGUUpjRGQt
ZFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RqOV92WlpLSERab01JeWFLZUZRSmNEZC1kUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkM4QUYvRDFGNjRFNzI1RUVGMTFFQUE1NEU2QzZDQzRGOUFFMDIvRkM4OTVDNzJD
MzlGMTFGMDk1Q0M5OTE0QzRGOUFFMDIucm9hMGoGCCsGAQUFBwEHAQH/BFswWTBI
BAIAATBCAwQCO5mcAwQCZ1RsAwQCZ4j4AwQBZ5FIAwQBZ5eKAwQBZ5gOAwQBZ5hi
AwQBZ5ryAwQBZ5sQAwQCZ8bIAwQCr7DAMA0EAgACMAcDBQAkBKFAMA0GCSqGSIb3
DQEBCwUAA4IBAQBSp0pgGeb0R2dqk3Cghpr/p/u1UGcmGmlJhfOEJ56dDpNsE0gL
Np+LavhTwkKEKw0Sxu0EOKgjmh5ZxbkzKOsaNstTi8RHPeZ6f/xphUVCxJa2tVz6
yrgRrCLzdaAK7QJ6K9H3+T1Y5pbTbbgDwxUTpvuEJDIK2vO5NpQ4UCXC0chVEAJt
LTZeJ0nMwXgxAy09ShdaaghqwvOLiw3WeBcwjyq+GUAAqMOmOEO719H1jy0/vmGt
MYM5uT3ab1Lcrw81ydxSSo2LbCyJk+HRUQGLAf19NSKdXatGWVz943rJgmpHVGgh
9IWxJJaBmscJmpn5PJgW9s0un04K89ywo7ZD
-----END CERTIFICATE-----
Generated at Fri Apr 17 09:26:58 2026 by rpki-client