Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9136DD6/D162E03A3D3A11ECBEF77C76C4F9AE02/53647CC8284511EE8A9EF045C4F9AE02.roa
File: 53647CC8284511EE8A9EF045C4F9AE02.roa (raw, json)
Hash identifier: tc5IOgRDaV8nn3PrHXqAJdCJcvDBOd27JvzglkkW4y0=
Subject key identifier: D9:FC:A3:1C:4B:E2:B9:56:72:FF:28:B4:BA:ED:AD:21:05:29:BC:AE
Certificate issuer: /CN=A9136DD6/serialNumber=F7F9D8A4355D673B9D4E7F155D3A78E5E660FEA5
Certificate serial: 0532
Authority key identifier: F7:F9:D8:A4:35:5D:67:3B:9D:4E:7F:15:5D:3A:78:E5:E6:60:FE:A5
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/9_nYpDVdZzudTn8VXTp45eZg_qU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9136DD6/D162E03A3D3A11ECBEF77C76C4F9AE02/53647CC8284511EE8A9EF045C4F9AE02.roa
Signing time: Sun 01 Mar 2026 14:37:15 +0000
ROA not before: Wed 26 Nov 2025 17:06:34 +0000
ROA not after: Sun 31 Jan 2027 00:00:00 +0000
asID: 17547
IP address blocks: 178.160.128.0/18 maxlen: 19
178.160.128.0/24 maxlen: 24
178.160.129.0/24 maxlen: 24
178.160.130.0/24 maxlen: 24
178.160.131.0/24 maxlen: 24
178.160.132.0/24 maxlen: 24
178.160.133.0/24 maxlen: 24
178.160.135.0/24 maxlen: 24
178.160.137.0/24 maxlen: 24
178.160.138.0/24 maxlen: 24
178.160.139.0/24 maxlen: 24
178.160.140.0/24 maxlen: 24
178.160.141.0/24 maxlen: 24
178.160.142.0/24 maxlen: 24
178.160.143.0/24 maxlen: 24
178.160.144.0/24 maxlen: 24
178.160.145.0/24 maxlen: 24
178.160.146.0/24 maxlen: 24
178.160.147.0/24 maxlen: 24
178.160.148.0/24 maxlen: 24
178.160.149.0/24 maxlen: 24
178.160.150.0/24 maxlen: 24
178.160.151.0/24 maxlen: 24
178.160.152.0/24 maxlen: 24
178.160.153.0/24 maxlen: 24
178.160.154.0/24 maxlen: 24
178.160.155.0/24 maxlen: 24
178.160.156.0/24 maxlen: 24
178.160.157.0/24 maxlen: 24
178.160.158.0/24 maxlen: 24
178.160.159.0/24 maxlen: 24
178.160.160.0/24 maxlen: 24
178.160.161.0/24 maxlen: 24
178.160.162.0/24 maxlen: 24
178.160.163.0/24 maxlen: 24
178.160.164.0/24 maxlen: 24
178.160.165.0/24 maxlen: 24
178.160.166.0/24 maxlen: 24
178.160.167.0/24 maxlen: 24
178.160.168.0/24 maxlen: 24
178.160.169.0/24 maxlen: 24
178.160.170.0/24 maxlen: 24
178.160.171.0/24 maxlen: 24
178.160.172.0/24 maxlen: 24
178.160.173.0/24 maxlen: 24
178.160.174.0/24 maxlen: 24
178.160.175.0/24 maxlen: 24
178.160.176.0/24 maxlen: 24
178.160.177.0/24 maxlen: 24
178.160.178.0/24 maxlen: 24
178.160.179.0/24 maxlen: 24
178.160.180.0/24 maxlen: 24
178.160.181.0/24 maxlen: 24
178.160.182.0/24 maxlen: 24
178.160.183.0/24 maxlen: 24
178.160.184.0/24 maxlen: 24
178.160.185.0/24 maxlen: 24
178.160.186.0/24 maxlen: 24
178.160.187.0/24 maxlen: 24
178.160.188.0/24 maxlen: 24
178.160.189.0/24 maxlen: 24
178.160.190.0/24 maxlen: 24
178.160.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9136DD6/D162E03A3D3A11ECBEF77C76C4F9AE02/9_nYpDVdZzudTn8VXTp45eZg_qU.crl
rsync://rpki.apnic.net/member_repository/A9136DD6/D162E03A3D3A11ECBEF77C76C4F9AE02/9_nYpDVdZzudTn8VXTp45eZg_qU.mft
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/9_nYpDVdZzudTn8VXTp45eZg_qU.cer
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 02:50:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1330 (0x532)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9136DD6, serialNumber=F7F9D8A4355D673B9D4E7F155D3A78E5E660FEA5
Validity
Not Before: Nov 26 17:06:34 2025 GMT
Not After : Jan 31 00:00:00 2027 GMT
Subject: CN=69a44f1b-0b24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:eb:df:ae:60:95:69:bd:c9:1e:45:23:cf:e5:
7a:4f:0c:b6:18:dd:d1:c0:12:bd:81:22:d9:77:4e:
a4:f1:06:92:b7:6f:4f:8d:10:48:4b:0d:b7:65:20:
f4:08:61:de:d5:5a:71:1b:11:37:fb:5a:7a:0d:d6:
ca:f5:63:db:fe:5c:9a:d3:1a:a9:af:ad:1a:af:ba:
ba:d4:a2:d2:6d:92:72:60:95:b6:71:a9:79:28:20:
84:d3:b5:18:a6:f4:2d:9b:f8:5e:f3:39:75:46:9f:
0b:b5:8d:27:b2:33:7a:ac:45:8e:f5:63:00:25:77:
b0:b5:b3:8f:1a:7f:b4:7d:f6:d9:86:5f:61:28:ba:
7a:bd:c3:2f:9f:08:4e:0b:b8:53:33:b3:44:5a:62:
a3:a1:29:f0:04:fb:ef:45:18:88:21:4d:ca:ca:ca:
63:56:a2:a5:b1:3f:28:ae:38:8e:42:a1:ec:02:f3:
de:0c:f9:7f:53:d3:62:0b:c0:4a:0d:31:2c:8e:a1:
af:71:cb:ca:84:1e:1d:34:5b:ba:31:f0:29:7a:21:
a9:f0:f5:2c:52:ed:73:40:df:f4:68:54:d6:e5:ad:
41:1c:99:4f:b3:89:2f:4a:16:16:e2:20:12:ac:75:
d1:a0:63:4a:81:1a:d9:59:09:b1:26:96:be:b4:48:
7e:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:FC:A3:1C:4B:E2:B9:56:72:FF:28:B4:BA:ED:AD:21:05:29:BC:AE
X509v3 Authority Key Identifier:
keyid:F7:F9:D8:A4:35:5D:67:3B:9D:4E:7F:15:5D:3A:78:E5:E6:60:FE:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9136DD6/D162E03A3D3A11ECBEF77C76C4F9AE02/9_nYpDVdZzudTn8VXTp45eZg_qU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/9_nYpDVdZzudTn8VXTp45eZg_qU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136DD6/D162E03A3D3A11ECBEF77C76C4F9AE02/53647CC8284511EE8A9EF045C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
178.160.128.0/18
Signature Algorithm: sha256WithRSAEncryption
39:83:84:1b:f5:cb:a7:9d:84:10:07:94:09:a4:43:be:39:9e:
48:cf:27:b3:ec:d2:8c:e4:4d:bb:7c:66:ea:bd:35:8d:a9:ac:
c1:50:32:99:e4:89:28:05:8a:ff:49:21:c2:39:0a:8f:85:e6:
99:1a:ad:a7:6a:3b:90:12:bc:c8:2d:e6:52:cb:13:f1:a1:8b:
66:7c:3e:78:f3:9a:e4:64:c8:93:8d:47:18:51:a9:d3:a0:36:
25:ee:64:21:ae:fc:84:ea:19:f0:90:30:fd:9b:1e:15:ad:18:
80:f6:e9:d0:04:bb:23:f6:eb:12:c8:ff:21:b7:c2:b3:94:38:
9e:b2:da:22:cf:87:58:b4:cd:38:36:66:d4:eb:39:29:18:49:
bb:9c:bd:ce:01:7f:7d:71:1d:8f:14:e4:c6:bd:98:1f:09:d5:
2c:63:05:a9:e1:06:43:4f:12:2a:b7:45:8b:37:13:1e:a2:f5:
00:b8:86:39:c1:91:33:56:4f:41:5c:7e:ac:53:74:fa:29:71:
82:57:99:b5:40:d4:4d:ed:f0:fc:7a:d0:4a:2d:fb:65:81:53:
ea:a9:eb:1c:0e:5d:c6:cd:41:c8:3b:e6:e2:71:44:d7:b0:06:
27:ec:ee:bc:f4:72:ab:11:00:5d:3f:de:27:e5:e1:0c:92:8e:
24:fd:b5:be
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgICBTIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzZERDYxMTAvBgNVBAUTKEY3RjlEOEE0MzU1RDY3M0I5RDRFN0YxNTVEM0E3OEU1
RTY2MEZFQTUwHhcNMjUxMTI2MTcwNjM0WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NGYxYi0wYjI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvuvfrmCVab3JHkUjz+V6Twy2GN3RwBK9gSLZd06k8QaSt29PjRBISw23ZSD0
CGHe1VpxGxE3+1p6DdbK9WPb/lya0xqpr60ar7q61KLSbZJyYJW2cal5KCCE07UY
pvQtm/he8zl1Rp8LtY0nsjN6rEWO9WMAJXewtbOPGn+0ffbZhl9hKLp6vcMvnwhO
C7hTM7NEWmKjoSnwBPvvRRiIIU3KyspjVqKlsT8orjiOQqHsAvPeDPl/U9NiC8BK
DTEsjqGvccvKhB4dNFu6MfApeiGp8PUsUu1zQN/0aFTW5a1BHJlPs4kvShYW4iAS
rHXRoGNKgRrZWQmxJpa+tEh+IwIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFNn8oxxL
4rlWcv8otLrtrSEFKbyuMB8GA1UdIwQYMBaAFPf52KQ1XWc7nU5/FV06eOXmYP6l
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNkRENi9EMTYyRTAzQTNE
M0ExMUVDQkVGNzdDNzZDNEY5QUUwMi85X25ZcERWZFp6dWRUbjhWWFRwNDVlWmdf
cVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyLzlfbllwRFZkWnp1ZFRuOFZYVHA0NWVaZ19xVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzZERDYvRDE2MkUwM0EzRDNBMTFFQ0JFRjc3Qzc2QzRGOUFFMDIvNTM2NDdDQzgy
ODQ1MTFFRThBOUVGMDQ1QzRGOUFFMDIucm9hMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQGsqCAMA0GCSqGSIb3DQEBCwUAA4IBAQA5g4Qb9cunnYQQB5QJpEO+
OZ5Izyez7NKM5E27fGbqvTWNqazBUDKZ5IkoBYr/SSHCOQqPheaZGq2najuQErzI
LeZSyxPxoYtmfD5485rkZMiTjUcYUanToDYl7mQhrvyE6hnwkDD9mx4VrRiA9unQ
BLsj9usSyP8ht8KzlDiestoiz4dYtM04NmbU6zkpGEm7nL3OAX99cR2PFOTGvZgf
CdUsYwWp4QZDTxIqt0WLNxMeovUAuIY5wZEzVk9BXH6sU3T6KXGCV5m1QNRN7fD8
etBKLftlgVPqqescDl3GzUHIO+bicUTXsAYn7O689HKrEQBdP94n5eEMko4k/bW+
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:37:58 2026 by rpki-client