Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912FAB9/938A70E495CD11E6BF4A8232C4F9AE02/AE5C97A8AFB711E79FACFF11C4F9AE02.roa
File: AE5C97A8AFB711E79FACFF11C4F9AE02.roa (raw, json)
Hash identifier: gQzb1U7meIgu9bThPWgr8GqCZnh7L5ZruQYTrZjl8iA=
Subject key identifier: FE:3B:3D:DA:9F:91:84:3D:04:FF:48:6C:76:B3:50:2D:2E:46:9F:01
Certificate issuer: /CN=A912FAB9/serialNumber=349C09E99CA806E335915735CF972A1BF864A6C3
Certificate serial: 1E62
Authority key identifier: 34:9C:09:E9:9C:A8:06:E3:35:91:57:35:CF:97:2A:1B:F8:64:A6:C3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJwJ6ZyoBuM1kVc1z5cqG_hkpsM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912FAB9/938A70E495CD11E6BF4A8232C4F9AE02/AE5C97A8AFB711E79FACFF11C4F9AE02.roa
Signing time: Sun 01 Mar 2026 09:14:32 +0000
ROA not before: Fri 06 Jun 2025 16:35:18 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 10226
IP address blocks: 43.252.244.0/22 maxlen: 24
101.78.8.0/21 maxlen: 21
101.78.8.0/21 maxlen: 24
101.78.8.0/24 maxlen: 24
101.78.9.0/24 maxlen: 24
101.78.10.0/24 maxlen: 24
101.78.11.0/24 maxlen: 24
101.78.12.0/24 maxlen: 24
101.78.13.0/24 maxlen: 24
101.78.14.0/24 maxlen: 24
101.78.15.0/24 maxlen: 24
103.13.88.0/22 maxlen: 22
103.13.88.0/22 maxlen: 24
103.13.88.0/24 maxlen: 24
103.13.89.0/24 maxlen: 24
103.13.90.0/24 maxlen: 24
103.13.91.0/24 maxlen: 24
114.129.24.0/21 maxlen: 21
114.129.24.0/21 maxlen: 24
114.129.24.0/24 maxlen: 24
114.129.25.0/24 maxlen: 24
114.129.26.0/24 maxlen: 24
114.129.27.0/24 maxlen: 24
114.129.28.0/22 maxlen: 22
114.129.28.0/24 maxlen: 24
114.129.29.0/24 maxlen: 24
114.129.30.0/24 maxlen: 24
114.129.31.0/24 maxlen: 24
202.62.96.0/20 maxlen: 24
202.62.96.0/24 maxlen: 24
202.62.97.0/24 maxlen: 24
202.62.98.0/24 maxlen: 24
202.62.99.0/24 maxlen: 24
202.62.100.0/24 maxlen: 24
202.62.101.0/24 maxlen: 24
202.62.102.0/24 maxlen: 24
202.62.103.0/24 maxlen: 24
202.62.104.0/24 maxlen: 24
202.62.105.0/24 maxlen: 24
202.62.106.0/24 maxlen: 24
202.62.107.0/24 maxlen: 24
202.62.108.0/24 maxlen: 24
202.62.109.0/24 maxlen: 24
202.62.110.0/24 maxlen: 24
202.62.111.0/24 maxlen: 24
2404:2e00::/32 maxlen: 32
2404:2e00::/48 maxlen: 48
2404:2e00:1::/48 maxlen: 48
2404:2e00:2::/48 maxlen: 48
2404:2e00:3::/48 maxlen: 48
2404:2e00:4::/48 maxlen: 48
2404:2e00:5::/48 maxlen: 48
2404:2e00:6::/48 maxlen: 48
2404:2e00:7::/48 maxlen: 48
2404:2e00:8::/48 maxlen: 48
2404:2e00:9::/48 maxlen: 48
2404:2e00:a::/48 maxlen: 48
2404:2e00:b::/48 maxlen: 48
2404:2e00:c::/48 maxlen: 48
2404:2e00:d::/48 maxlen: 48
2404:2e00:e::/48 maxlen: 48
2404:2e00:f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A912FAB9/938A70E495CD11E6BF4A8232C4F9AE02/NJwJ6ZyoBuM1kVc1z5cqG_hkpsM.crl
rsync://rpki.apnic.net/member_repository/A912FAB9/938A70E495CD11E6BF4A8232C4F9AE02/NJwJ6ZyoBuM1kVc1z5cqG_hkpsM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJwJ6ZyoBuM1kVc1z5cqG_hkpsM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 01:50:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7778 (0x1e62)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912FAB9, serialNumber=349C09E99CA806E335915735CF972A1BF864A6C3
Validity
Not Before: Jun 6 16:35:18 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=69a40378-86c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:69:e3:da:24:6d:86:9d:ad:39:41:c5:bd:43:
55:59:d2:fd:78:64:b6:ca:6b:f4:77:3b:1b:8e:71:
ac:48:bf:53:38:07:2b:a8:ee:bc:98:ae:15:2d:31:
81:85:26:28:66:f3:05:f3:f4:e7:ce:59:2d:8e:66:
54:03:07:a6:32:e7:2f:31:cd:c9:59:fd:da:6c:dd:
a3:05:9a:ef:b7:ea:e9:a3:4e:60:4b:92:73:2e:77:
2d:39:7c:8e:96:ca:ee:37:02:10:c2:1a:3d:f0:b1:
20:a0:32:f4:62:be:7c:cc:49:43:bf:f9:3c:2d:72:
e4:09:7b:1d:ae:c8:c0:fc:75:81:83:63:c3:a2:be:
e3:95:93:c4:ba:1c:0a:d9:df:b4:f3:f7:91:d1:29:
e9:ff:8d:6d:30:00:ac:bb:c8:6f:fa:46:ef:a7:94:
44:0a:55:63:23:c9:6a:23:8c:bf:ab:10:d7:c4:3a:
64:66:ac:7a:dd:6e:01:c2:11:34:3d:6b:dc:13:6d:
ac:a4:6b:aa:df:82:a9:eb:b3:a7:1a:56:fb:0d:52:
9a:ff:27:19:a6:6d:ac:c8:cd:75:c1:5e:c8:e9:d2:
fb:25:e3:0a:f0:d3:72:50:7e:b1:a8:43:e7:80:a2:
98:67:fb:aa:41:6c:a4:f0:97:6b:27:92:37:5f:47:
31:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:3B:3D:DA:9F:91:84:3D:04:FF:48:6C:76:B3:50:2D:2E:46:9F:01
X509v3 Authority Key Identifier:
keyid:34:9C:09:E9:9C:A8:06:E3:35:91:57:35:CF:97:2A:1B:F8:64:A6:C3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912FAB9/938A70E495CD11E6BF4A8232C4F9AE02/NJwJ6ZyoBuM1kVc1z5cqG_hkpsM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJwJ6ZyoBuM1kVc1z5cqG_hkpsM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FAB9/938A70E495CD11E6BF4A8232C4F9AE02/AE5C97A8AFB711E79FACFF11C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.252.244.0/22
101.78.8.0/21
103.13.88.0/22
114.129.24.0/21
202.62.96.0/20
IPv6:
2404:2e00::/32
Signature Algorithm: sha256WithRSAEncryption
4c:e2:59:e6:16:3c:16:18:33:d8:78:1b:ba:23:94:db:07:42:
5d:2e:bc:da:f7:f6:9f:04:64:7c:28:96:14:d0:d0:44:d2:5a:
fa:f9:cb:64:9d:3d:e6:61:71:10:6d:34:8e:8f:4e:a9:81:80:
7d:bb:c8:ab:44:1f:ed:cb:dc:bb:81:52:ab:c8:25:28:ea:9b:
b4:8b:08:1b:df:19:3e:79:b6:e5:de:60:6b:fc:4a:3a:aa:3d:
54:18:c0:5e:e2:3b:76:44:22:3d:c8:61:a4:06:b7:43:b1:4b:
be:01:72:73:14:ff:d2:c9:af:90:d7:db:8e:22:c3:c7:a3:ff:
c6:3f:bb:32:1c:11:9e:af:f3:a0:64:f8:34:a4:a4:f0:c7:aa:
32:ab:86:73:4c:a5:51:ff:fe:a1:d4:a6:ec:08:01:94:a0:69:
90:a7:d6:b4:16:af:ff:88:4d:2f:0a:a3:93:0e:91:5a:75:3c:
42:8e:d2:f2:54:3b:a1:0b:46:4f:a6:fd:f4:22:1f:45:12:96:
36:0f:b5:ba:e3:3c:6f:50:78:d4:92:16:4d:e0:51:71:17:df:
45:30:b5:00:53:b2:12:0e:4d:5b:d7:1e:c7:43:31:2f:27:b7:
05:13:b6:90:dd:bc:95:e3:df:5f:22:51:ea:86:84:b9:08:d8:
90:70:8e:5b
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgICHmIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkZBQjkxMTAvBgNVBAUTKDM0OUMwOUU5OUNBODA2RTMzNTkxNTczNUNGOTcyQTFC
Rjg2NEE2QzMwHhcNMjUwNjA2MTYzNTE4WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0MDM3OC04NmMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn2nj2iRthp2tOUHFvUNVWdL9eGS2ymv0dzsbjnGsSL9TOAcrqO68mK4VLTGB
hSYoZvMF8/TnzlktjmZUAwemMucvMc3JWf3abN2jBZrvt+rpo05gS5JzLnctOXyO
lsruNwIQwho98LEgoDL0Yr58zElDv/k8LXLkCXsdrsjA/HWBg2PDor7jlZPEuhwK
2d+08/eR0Snp/41tMACsu8hv+kbvp5REClVjI8lqI4y/qxDXxDpkZqx63W4BwhE0
PWvcE22spGuq34Kp67OnGlb7DVKa/ycZpm2syM11wV7I6dL7JeMK8NNyUH6xqEPn
gKKYZ/uqQWyk8JdrJ5I3X0cxiwIDAQABo4IChzCCAoMwHQYDVR0OBBYEFP47Pdqf
kYQ9BP9IbHazUC0uRp8BMB8GA1UdIwQYMBaAFDScCemcqAbjNZFXNc+XKhv4ZKbD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkFCOS85MzhBNzBFNDk1
Q0QxMUU2QkY0QTgyMzJDNEY5QUUwMi9OSndKNlp5b0J1TTFrVmMxejVjcUdfaGtw
c00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05Kd0o2WnlvQnVNMWtWYzF6NWNxR19oa3BzTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkZBQjkvOTM4QTcwRTQ5NUNEMTFFNkJGNEE4MjMyQzRGOUFFMDIvQUU1Qzk3QThB
RkI3MTFFNzlGQUNGRjExQzRGOUFFMDIucm9hMEYGCCsGAQUFBwEHAQH/BDcwNTAk
BAIAATAeAwQCK/z0AwQDZU4IAwQCZw1YAwQDcoEYAwQEyj5gMA0EAgACMAcDBQAk
BC4AMA0GCSqGSIb3DQEBCwUAA4IBAQBM4lnmFjwWGDPYeBu6I5TbB0JdLrza9/af
BGR8KJYU0NBE0lr6+ctknT3mYXEQbTSOj06pgYB9u8irRB/ty9y7gVKryCUo6pu0
iwgb3xk+ebbl3mBr/Eo6qj1UGMBe4jt2RCI9yGGkBrdDsUu+AXJzFP/Sya+Q19uO
IsPHo//GP7syHBGer/OgZPg0pKTwx6oyq4ZzTKVR//6h1KbsCAGUoGmQp9a0Fq//
iE0vCqOTDpFadTxCjtLyVDuhC0ZPpv30Ih9FEpY2D7W64zxvUHjUkhZN4FFxF99F
MLUAU7ISDk1b1x7HQzEvJ7cFE7aQ3byV499fIlHqhoS5CNiQcI5b
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:44:15 2026 by rpki-client