Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91304A9/FD372E4A294511F1A7AA3EBD84EE528E/769A6D0C29EA11F19F51207DA0833773.roa
File: 769A6D0C29EA11F19F51207DA0833773.roa (raw, json)
Hash identifier: E7DOfzymqok/SM7gCnw89bYUPC3XsRSj1/1XKSBxlGY=
Subject key identifier: 1E:9A:35:9D:1F:F4:23:19:04:A2:98:C9:3A:AC:45:80:1B:37:41:4B
Certificate issuer: /CN=A91304A9/serialNumber=3D7B15BD77D9B974E37358DA754DFEA9291E683A
Certificate serial: 9F
Authority key identifier: 3D:7B:15:BD:77:D9:B9:74:E3:73:58:DA:75:4D:FE:A9:29:1E:68:3A
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PXsVvXfZuXTjc1jadU3-qSkeaDo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91304A9/FD372E4A294511F1A7AA3EBD84EE528E/769A6D0C29EA11F19F51207DA0833773.roa
Signing time: Mon 30 Mar 2026 11:50:08 +0000
ROA not before: Mon 30 Mar 2026 11:50:08 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 198148
IP address blocks: 63.217.120.0/22 maxlen: 22
63.218.156.0/23 maxlen: 23
63.222.52.0/24 maxlen: 24
63.222.105.0/24 maxlen: 24
63.222.106.0/24 maxlen: 24
63.222.184.0/21 maxlen: 21
63.222.184.0/24 maxlen: 24
63.222.185.0/24 maxlen: 24
63.222.186.0/24 maxlen: 24
63.222.187.0/24 maxlen: 24
63.222.188.0/24 maxlen: 24
63.222.189.0/24 maxlen: 24
63.222.190.0/24 maxlen: 24
63.222.191.0/24 maxlen: 24
63.222.200.0/21 maxlen: 21
63.222.200.0/24 maxlen: 24
63.222.201.0/24 maxlen: 24
63.222.202.0/24 maxlen: 24
63.222.203.0/24 maxlen: 24
63.222.204.0/24 maxlen: 24
63.222.205.0/24 maxlen: 24
63.222.206.0/24 maxlen: 24
63.222.207.0/24 maxlen: 24
63.222.208.0/21 maxlen: 21
63.222.208.0/24 maxlen: 24
63.222.209.0/24 maxlen: 24
63.222.210.0/24 maxlen: 24
63.222.211.0/24 maxlen: 24
63.222.212.0/24 maxlen: 24
63.222.213.0/24 maxlen: 24
63.222.214.0/24 maxlen: 24
63.222.215.0/24 maxlen: 24
63.222.216.0/21 maxlen: 21
63.222.216.0/24 maxlen: 24
63.222.217.0/24 maxlen: 24
63.222.218.0/24 maxlen: 24
63.222.219.0/24 maxlen: 24
63.222.220.0/24 maxlen: 24
63.222.221.0/24 maxlen: 24
63.222.222.0/24 maxlen: 24
63.222.223.0/24 maxlen: 24
63.222.248.0/21 maxlen: 21
63.222.248.0/24 maxlen: 24
63.222.249.0/24 maxlen: 24
63.222.250.0/24 maxlen: 24
63.222.251.0/24 maxlen: 24
63.222.252.0/24 maxlen: 24
63.222.253.0/24 maxlen: 24
63.222.254.0/24 maxlen: 24
63.222.255.0/24 maxlen: 24
63.223.27.0/24 maxlen: 24
65.72.64.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91304A9/FD372E4A294511F1A7AA3EBD84EE528E/PXsVvXfZuXTjc1jadU3-qSkeaDo.crl
rsync://rpki.apnic.net/member_repository/A91304A9/FD372E4A294511F1A7AA3EBD84EE528E/PXsVvXfZuXTjc1jadU3-qSkeaDo.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PXsVvXfZuXTjc1jadU3-qSkeaDo.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Apr 2026 18:59:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159 (0x9f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91304A9, serialNumber=3D7B15BD77D9B974E37358DA754DFEA9291E683A
Validity
Not Before: Mar 30 11:50:08 2026 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=69ca6370-55f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:44:08:21:5c:0a:62:f3:23:35:d4:99:95:4b:
74:a1:17:3f:5d:59:a7:09:bc:85:88:34:b2:36:f3:
01:10:7f:d2:ee:b1:56:cf:d5:87:68:46:64:9f:16:
24:ed:ef:38:80:c3:e7:59:9b:68:1f:55:ba:2e:75:
87:eb:2d:e3:f8:8d:ab:d6:6a:76:8f:17:55:4e:65:
ab:b6:5e:7a:e3:06:1f:94:87:68:94:4b:8a:20:b7:
77:7e:b7:6f:2b:6d:b0:01:08:e0:e2:1c:6f:1e:b3:
46:2d:96:c9:79:da:1f:3a:12:35:fb:30:40:2f:26:
20:21:9e:49:9f:cd:cc:32:be:fa:0c:0d:ae:a3:1b:
e4:78:af:98:62:c8:1a:87:cf:60:a0:6a:39:52:2b:
f2:fe:0a:27:47:9c:31:57:b4:9c:7f:f4:a7:53:1a:
ef:bd:0d:e5:6b:04:1e:50:6d:cc:16:fa:22:98:c2:
e4:12:46:cd:c9:c0:2f:a7:34:db:05:af:81:be:7b:
33:c9:ac:c0:69:82:7d:cd:ba:46:c0:98:51:6f:35:
60:4a:e8:79:f4:b6:cc:5c:b2:7e:2b:28:a6:eb:1e:
26:a5:16:18:39:fa:44:e6:a2:cc:8f:fc:41:45:0b:
b1:99:d8:98:9e:0b:72:d8:54:ec:d2:1d:61:5d:1a:
63:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:9A:35:9D:1F:F4:23:19:04:A2:98:C9:3A:AC:45:80:1B:37:41:4B
X509v3 Authority Key Identifier:
keyid:3D:7B:15:BD:77:D9:B9:74:E3:73:58:DA:75:4D:FE:A9:29:1E:68:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91304A9/FD372E4A294511F1A7AA3EBD84EE528E/PXsVvXfZuXTjc1jadU3-qSkeaDo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PXsVvXfZuXTjc1jadU3-qSkeaDo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91304A9/FD372E4A294511F1A7AA3EBD84EE528E/769A6D0C29EA11F19F51207DA0833773.roa
sbgp-ipAddrBlock: critical
IPv4:
63.217.120.0/22
63.218.156.0/23
63.222.52.0/24
63.222.105.0-63.222.106.255
63.222.184.0/21
63.222.200.0-63.222.223.255
63.222.248.0/21
63.223.27.0/24
65.72.64.0/20
Signature Algorithm: sha256WithRSAEncryption
35:71:fe:67:f4:60:2d:a0:1a:0a:09:c9:16:eb:fd:20:6b:17:
3c:ac:fa:ab:fb:1b:fe:3b:64:b9:78:66:19:97:71:0c:b4:7a:
b0:2a:bb:65:b1:e2:72:f6:c5:6e:58:49:43:f7:7c:33:b1:01:
d8:4c:78:f5:77:5e:84:80:a9:31:1a:33:32:0e:6c:88:36:b4:
2d:99:33:c5:a8:fd:3c:9b:b2:f0:f7:1d:f8:39:8b:51:d2:63:
00:d7:36:d3:65:cb:a9:3b:59:37:60:e7:2d:8c:6e:30:2c:b6:
08:71:60:00:1e:0e:e2:0e:7f:6d:94:00:e9:1b:7a:bb:d4:3d:
a9:69:ce:ea:66:91:48:1a:59:4b:7c:c2:4a:07:20:15:d9:1a:
a9:8b:42:c5:83:f0:bb:bc:a8:94:c9:bf:19:20:a8:69:71:27:
d2:7e:33:41:c7:7a:be:98:c5:2c:16:0e:cc:ae:8b:a8:72:a3:
70:4e:5e:50:fc:85:07:cd:0a:ac:7c:9b:ff:32:7b:ab:36:e5:
cd:68:d7:bc:47:00:d3:19:f4:9f:70:e8:db:be:15:53:75:7c:
b6:7d:18:a1:f9:2a:28:96:10:59:e8:ef:3c:20:42:b6:fb:a0:
8e:4e:b7:7f:82:f2:3b:1d:48:9c:e9:9d:dd:97:55:54:39:7f:
12:9a:8f:da
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgICAJ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzA0QTkxMTAvBgNVBAUTKDNEN0IxNUJENzdEOUI5NzRFMzczNThEQTc1NERGRUE5
MjkxRTY4M0EwHhcNMjYwMzMwMTE1MDA4WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWNhNjM3MC01NWY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv0QIIVwKYvMjNdSZlUt0oRc/XVmnCbyFiDSyNvMBEH/S7rFWz9WHaEZknxYk
7e84gMPnWZtoH1W6LnWH6y3j+I2r1mp2jxdVTmWrtl564wYflIdolEuKILd3frdv
K22wAQjg4hxvHrNGLZbJedofOhI1+zBALyYgIZ5Jn83MMr76DA2uoxvkeK+YYsga
h89goGo5Uivy/gonR5wxV7Scf/SnUxrvvQ3lawQeUG3MFvoimMLkEkbNycAvpzTb
Ba+BvnszyazAaYJ9zbpGwJhRbzVgSuh59LbMXLJ+Kyim6x4mpRYYOfpE5qLMj/xB
RQuxmdiYngty2FTs0h1hXRpjuwIDAQABo4ICoDCCApwwHQYDVR0OBBYEFB6aNZ0f
9CMZBKKYyTqsRYAbN0FLMB8GA1UdIwQYMBaAFD17Fb132bl043NY2nVN/qkpHmg6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMDRBOS9GRDM3MkU0QTI5
NDUxMUYxQTdBQTNFQkQ4NEVFNTI4RS9QWHNWdlhmWnVYVGpjMWphZFUzLXFTa2Vh
RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1BYc1Z2WGZadVhUamMxamFkVTMtcVNrZWFEby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzA0QTkvRkQzNzJFNEEyOTQ1MTFGMUE3QUEzRUJEODRFRTUyOEUvNzY5QTZEMEMy
OUVBMTFGMTlGNTEyMDdEQTA4MzM3NzMucm9hMF8GCCsGAQUFBwEHAQH/BFAwTjBM
BAIAATBGAwQCP9l4AwQBP9qcAwQAP940MAwDBAA/3mkDBAA/3moDBAM/3rgwDAME
Az/eyAMEBT/ewAMEAz/e+AMEAD/fGwMEBEFIQDANBgkqhkiG9w0BAQsFAAOCAQEA
NXH+Z/RgLaAaCgnJFuv9IGsXPKz6q/sb/jtkuXhmGZdxDLR6sCq7ZbHicvbFblhJ
Q/d8M7EB2Ex49XdehICpMRozMg5siDa0LZkzxaj9PJuy8Pcd+DmLUdJjANc202XL
qTtZN2DnLYxuMCy2CHFgAB4O4g5/bZQA6Rt6u9Q9qWnO6maRSBpZS3zCSgcgFdka
qYtCxYPwu7yolMm/GSCoaXEn0n4zQcd6vpjFLBYOzK6LqHKjcE5eUPyFB80KrHyb
/zJ7qzblzWjXvEcA0xn0n3Do274VU3V8tn0YofkqKJYQWejvPCBCtvugjk63f4Ly
Ox1InOmd3ZdVVDl/EpqP2g==
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:07:33 2026 by rpki-client