Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/89E1ED764CC111EE87453D77C4F9AE02.roa
File: 89E1ED764CC111EE87453D77C4F9AE02.roa (raw, json)
Hash identifier: uKOTbNBLAeF55zkPNPreuMeOCu0FLlIbOK5YGifFFXY=
Subject key identifier: 24:49:BC:DF:03:E9:46:EC:34:22:F1:2E:07:FD:AD:96:51:AD:EE:E4
Certificate issuer: /CN=A91304A9/serialNumber=580553B883DEC3DDB24F688E6C2D1BFA93C263AA
Certificate serial: 0C03
Authority key identifier: 58:05:53:B8:83:DE:C3:DD:B2:4F:68:8E:6C:2D:1B:FA:93:C2:63:AA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAVTuIPew92yT2iObC0b-pPCY6o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/89E1ED764CC111EE87453D77C4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:15:43 +0000
ROA not before: Thu 28 Aug 2025 19:40:45 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 3491
IP address blocks: 14.192.160.0/19 maxlen: 24
103.17.28.0/22 maxlen: 22
116.66.208.0/20 maxlen: 20
116.66.210.0/23 maxlen: 24
116.66.212.0/22 maxlen: 22
116.66.216.0/22 maxlen: 22
116.66.217.0/24 maxlen: 24
116.66.220.0/22 maxlen: 22
2400:8800::/32 maxlen: 32
2400:8800::/35 maxlen: 35
2400:8800:1::/48 maxlen: 48
2400:8800:101::/48 maxlen: 48
2400:8800:102::/48 maxlen: 48
2400:8800:301::/48 maxlen: 48
2400:8800:1000::/37 maxlen: 37
2400:8800:2000::/35 maxlen: 35
2400:8800:4000::/35 maxlen: 35
2400:8800:4081::/48 maxlen: 48
2400:8800:4201::/48 maxlen: 48
2400:8800:6000::/35 maxlen: 35
2400:8800:8000::/35 maxlen: 35
2400:8800:a000::/35 maxlen: 35
2400:8800:c000::/35 maxlen: 35
2400:8800:e000::/35 maxlen: 35
2400:8800:f804::/48 maxlen: 48
2400:8800:f805::/48 maxlen: 48
2400:8800:f806::/48 maxlen: 48
2400:8800:f807::/48 maxlen: 48
2400:8800:f80a::/48 maxlen: 48
2400:8800:f80d::/48 maxlen: 48
2400:8800:f80e::/48 maxlen: 48
2400:8800:f80f::/48 maxlen: 48
2400:8800:f810::/48 maxlen: 48
2400:8800:f811::/48 maxlen: 48
2400:8800:f81f::/48 maxlen: 48
2400:8800:f822::/48 maxlen: 48
2400:8800:fc00::/48 maxlen: 48
2400:8800:fc02::/48 maxlen: 48
2400:8800:fc03::/48 maxlen: 48
2400:8800:fc05::/48 maxlen: 48
2400:8800:fc06::/48 maxlen: 48
2400:8800:fc07::/48 maxlen: 48
2400:8800:fc0a::/48 maxlen: 48
2400:8800:fc0b::/48 maxlen: 48
2400:8800:fc0e::/48 maxlen: 48
2400:8800:fc0f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/WAVTuIPew92yT2iObC0b-pPCY6o.crl
rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/WAVTuIPew92yT2iObC0b-pPCY6o.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAVTuIPew92yT2iObC0b-pPCY6o.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 01:23:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3075 (0xc03)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91304A9, serialNumber=580553B883DEC3DDB24F688E6C2D1BFA93C263AA
Validity
Not Before: Aug 28 19:40:45 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=69a4824f-116e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:36:52:ef:28:83:31:57:81:31:cc:0a:14:26:
1c:c2:21:53:74:a1:72:c4:64:57:6e:78:e7:29:4a:
c8:39:c7:b0:e7:8b:eb:63:16:04:e8:59:ed:97:62:
97:26:00:a8:da:7a:e1:f1:0f:c4:76:7a:48:9d:c9:
64:49:b0:f1:70:79:c1:ff:0b:ec:15:3b:25:8c:0c:
3c:20:7f:4c:1d:ba:21:3c:a2:64:42:b3:ab:a1:81:
69:7b:e1:42:63:66:09:9d:e7:d7:ac:68:5c:76:a8:
4d:bd:35:71:55:fe:92:1d:87:04:af:a4:ad:13:eb:
79:5f:60:63:e5:10:40:62:cf:63:c7:40:a2:db:f5:
01:90:0c:6d:aa:10:2b:58:22:8c:29:08:58:ae:e3:
0c:42:d2:ad:32:ac:77:c0:dc:a9:00:fd:c1:63:17:
b3:06:96:d3:61:31:26:33:10:12:bf:ec:34:72:06:
11:0e:74:61:67:2c:14:13:a6:87:29:24:10:5f:be:
c4:00:ab:04:06:bd:1d:df:7e:25:7c:a1:9b:c9:0f:
63:65:d5:74:13:05:27:b9:38:f5:91:f5:7f:77:65:
24:c7:41:13:82:7e:60:12:91:5a:46:37:cf:a1:aa:
1b:e6:22:eb:5c:ab:84:41:c5:f5:80:d3:a7:9d:b2:
6c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:49:BC:DF:03:E9:46:EC:34:22:F1:2E:07:FD:AD:96:51:AD:EE:E4
X509v3 Authority Key Identifier:
keyid:58:05:53:B8:83:DE:C3:DD:B2:4F:68:8E:6C:2D:1B:FA:93:C2:63:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/WAVTuIPew92yT2iObC0b-pPCY6o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAVTuIPew92yT2iObC0b-pPCY6o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/89E1ED764CC111EE87453D77C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
14.192.160.0/19
103.17.28.0/22
116.66.208.0/20
IPv6:
2400:8800::/32
Signature Algorithm: sha256WithRSAEncryption
af:a0:0b:25:c3:65:ad:1c:83:69:a3:15:e1:23:f0:70:f0:97:
bb:8c:bd:fe:cd:34:f9:07:5f:3e:18:68:4b:41:bd:d2:f7:98:
de:4c:a9:bc:aa:6e:12:79:f2:03:87:0c:3b:c7:d1:46:c7:02:
d6:ae:95:05:eb:17:1b:38:9c:01:1c:80:da:3c:3b:60:7b:18:
80:7d:4a:1f:40:27:c9:d2:42:ff:f6:ed:5e:c1:e9:09:2d:a2:
40:6f:7a:99:12:93:6b:26:e8:12:78:95:64:f3:e2:b0:15:16:
ac:cd:ec:f0:b4:7b:3e:ca:b9:56:b3:fc:6b:ac:19:99:a2:4c:
6e:e3:d0:46:34:01:67:a1:6d:18:41:d0:4c:da:67:9b:11:5c:
c3:b3:01:20:eb:0a:04:0b:54:8c:c7:6e:42:50:31:6c:9d:47:
05:73:33:2f:ec:91:e4:b3:b5:ba:ae:9b:d7:3e:3b:43:d7:8a:
39:47:81:21:5c:db:f9:47:68:b3:38:5a:a8:f5:52:c2:1b:cd:
10:8f:a3:4e:73:a9:6f:d8:e2:84:4b:0f:02:08:01:2f:69:2c:
ea:de:a8:50:f7:7c:e4:75:e9:08:02:48:5b:5a:3b:0b:c6:a5:
e7:fb:23:8f:5d:79:0a:bf:ad:33:c7:86:1d:63:83:b0:e7:55:
46:34:ae:a9
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgICDAMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzA0QTkxMTAvBgNVBAUTKDU4MDU1M0I4ODNERUMzRERCMjRGNjg4RTZDMkQxQkZB
OTNDMjYzQUEwHhcNMjUwODI4MTk0MDQ1WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODI0Zi0xMTZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzzZS7yiDMVeBMcwKFCYcwiFTdKFyxGRXbnjnKUrIOcew54vrYxYE6Fntl2KX
JgCo2nrh8Q/EdnpInclkSbDxcHnB/wvsFTsljAw8IH9MHbohPKJkQrOroYFpe+FC
Y2YJnefXrGhcdqhNvTVxVf6SHYcEr6StE+t5X2Bj5RBAYs9jx0Ci2/UBkAxtqhAr
WCKMKQhYruMMQtKtMqx3wNypAP3BYxezBpbTYTEmMxASv+w0cgYRDnRhZywUE6aH
KSQQX77EAKsEBr0d334lfKGbyQ9jZdV0EwUnuTj1kfV/d2Ukx0ETgn5gEpFaRjfP
oaob5iLrXKuEQcX1gNOnnbJsNQIDAQABo4ICezCCAncwHQYDVR0OBBYEFCRJvN8D
6UbsNCLxLgf9rZZRre7kMB8GA1UdIwQYMBaAFFgFU7iD3sPdsk9ojmwtG/qTwmOq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMDRBOS9BMzc0QTFCNjQ2
NzExMUVBODFBQkIyNUZDNEY5QUUwMi9XQVZUdUlQZXc5MnlUMmlPYkMwYi1wUENZ
Nm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dBVlR1SVBldzkyeVQyaU9iQzBiLXBQQ1k2by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzA0QTkvQTM3NEExQjY0NjcxMTFFQTgxQUJCMjVGQzRGOUFFMDIvODlFMUVENzY0
Q0MxMTFFRTg3NDUzRDc3QzRGOUFFMDIucm9hMDoGCCsGAQUFBwEHAQH/BCswKTAY
BAIAATASAwQFDsCgAwQCZxEcAwQEdELQMA0EAgACMAcDBQAkAIgAMA0GCSqGSIb3
DQEBCwUAA4IBAQCvoAslw2WtHINpoxXhI/Bw8Je7jL3+zTT5B18+GGhLQb3S95je
TKm8qm4SefIDhww7x9FGxwLWrpUF6xcbOJwBHIDaPDtgexiAfUofQCfJ0kL/9u1e
wekJLaJAb3qZEpNrJugSeJVk8+KwFRaszezwtHs+yrlWs/xrrBmZokxu49BGNAFn
oW0YQdBM2mebEVzDswEg6woEC1SMx25CUDFsnUcFczMv7JHks7W6rpvXPjtD14o5
R4EhXNv5R2izOFqo9VLCG80Qj6NOc6lv2OKESw8CCAEvaSzq3qhQ93zkdekIAkhb
WjsLxqXn+yOPXXkKv60zx4YdY4Ow51VGNK6p
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:13:40 2026 by rpki-client