Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/674B4ED227C811EFAECE0786C4F9AE02.roa
File: 674B4ED227C811EFAECE0786C4F9AE02.roa (raw, json)
Hash identifier: BuL5CJ6bIvu7ovvUm4Ymqy7Mk2M5YY2A6D2Oy8+nQA4=
Subject key identifier: 78:FD:A9:CE:BD:3E:00:17:79:67:A9:B3:9D:05:9F:4D:BC:EE:C3:95
Certificate issuer: /CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Certificate serial: 3B83
Authority key identifier: 61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/674B4ED227C811EFAECE0786C4F9AE02.roa
Signing time: Sun 01 Mar 2026 19:29:14 +0000
ROA not before: Thu 04 Sep 2025 08:20:56 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 17552
IP address blocks: 27.145.0.0/16 maxlen: 24
58.8.0.0/16 maxlen: 24
58.9.0.0/16 maxlen: 24
58.10.0.0/16 maxlen: 24
58.11.0.0/16 maxlen: 24
58.97.124.0/24 maxlen: 24
58.97.125.0/24 maxlen: 24
61.90.0.0/17 maxlen: 24
61.91.128.0/21 maxlen: 24
61.91.144.0/21 maxlen: 24
61.91.190.0/24 maxlen: 24
61.91.191.0/24 maxlen: 24
61.91.192.0/24 maxlen: 24
61.91.193.0/24 maxlen: 24
61.91.201.0/24 maxlen: 24
61.91.214.0/24 maxlen: 24
110.168.0.0/17 maxlen: 24
110.168.128.0/17 maxlen: 24
110.169.0.0/16 maxlen: 24
110.171.0.0/17 maxlen: 24
110.171.128.0/17 maxlen: 24
114.109.0.0/16 maxlen: 24
115.87.0.0/16 maxlen: 16
115.87.0.0/17 maxlen: 24
115.87.128.0/17 maxlen: 24
119.46.255.0/24 maxlen: 24
119.76.0.0/16 maxlen: 24
124.120.0.0/16 maxlen: 24
124.121.0.0/16 maxlen: 24
124.122.0.0/16 maxlen: 24
171.96.0.0/16 maxlen: 24
171.97.0.0/16 maxlen: 24
171.98.0.0/16 maxlen: 24
171.99.0.0/16 maxlen: 24
171.100.0.0/16 maxlen: 24
171.101.0.0/16 maxlen: 24
171.102.0.0/16 maxlen: 24
171.103.0.0/16 maxlen: 24
182.17.0.0/16 maxlen: 24
202.133.128.0/20 maxlen: 24
202.133.144.0/20 maxlen: 24
202.133.160.0/19 maxlen: 24
202.176.64.0/18 maxlen: 18
202.176.64.0/19 maxlen: 24
202.176.96.0/19 maxlen: 24
202.176.128.0/18 maxlen: 24
210.213.0.0/18 maxlen: 24
2001:fb0:101::/48 maxlen: 48
2001:fb0:102::/48 maxlen: 48
2001:fb0:1004::/48 maxlen: 48
2001:fb0:1005::/48 maxlen: 48
2001:fb1::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 14:20:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15235 (0x3b83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9137ABC, serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Validity
Not Before: Sep 4 08:20:56 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=69a4938a-3497
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:08:82:4e:09:d3:f8:c7:91:bd:a8:d1:f4:50:
5c:0d:5e:9f:b6:d1:76:ee:d2:30:59:74:e8:fb:6a:
e7:c1:ac:48:ea:9c:56:42:9e:35:3a:86:33:5d:92:
5e:2f:cb:13:61:90:bc:5e:08:d2:bd:8a:54:97:63:
58:6c:a9:20:55:f9:07:bd:94:dc:eb:14:f6:69:89:
b6:20:02:e8:32:14:d9:99:ef:65:30:6a:5c:9d:63:
0c:24:23:8a:d1:a6:1a:d0:52:bc:85:97:70:c4:23:
68:43:a1:92:ad:03:5a:f1:ff:5c:4c:66:1a:92:11:
f1:56:47:8e:88:4c:f9:1f:4a:a5:e3:07:fc:e2:34:
ab:d2:ab:d0:a9:6e:31:a3:d4:3d:1d:2c:b9:65:1a:
ee:c4:6f:a5:7c:a0:ab:9b:67:42:7b:c1:df:78:23:
19:d6:f0:8c:92:60:24:2e:4a:71:9b:82:d2:ea:6b:
3f:e5:3a:60:9e:40:2c:59:2c:7b:87:24:d6:4d:d4:
68:c1:eb:1b:15:43:0d:66:98:be:c7:55:9c:3c:1a:
ff:14:27:72:05:98:e3:f2:ba:5e:71:5f:15:cd:a2:
33:46:53:c0:64:60:aa:5e:93:73:77:ae:91:e0:73:
17:32:2a:66:be:4c:33:d2:d3:48:2b:3b:01:07:2b:
48:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:FD:A9:CE:BD:3E:00:17:79:67:A9:B3:9D:05:9F:4D:BC:EE:C3:95
X509v3 Authority Key Identifier:
keyid:61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/674B4ED227C811EFAECE0786C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
27.145.0.0/16
58.8.0.0/14
58.97.124.0/23
61.90.0.0/17
61.91.128.0/21
61.91.144.0/21
61.91.190.0-61.91.193.255
61.91.201.0/24
61.91.214.0/24
110.168.0.0/15
110.171.0.0/16
114.109.0.0/16
115.87.0.0/16
119.46.255.0/24
119.76.0.0/16
124.120.0.0-124.122.255.255
171.96.0.0/13
182.17.0.0/16
202.133.128.0/18
202.176.64.0-202.176.191.255
210.213.0.0/18
IPv6:
2001:fb0:101::-2001:fb0:102:ffff:ffff:ffff:ffff:ffff
2001:fb0:1004::/47
2001:fb1::/32
Signature Algorithm: sha256WithRSAEncryption
4d:42:f8:ca:c1:ee:04:0b:d9:04:df:65:1f:87:14:8b:f4:03:
a0:ef:fa:6a:33:e1:7c:83:16:38:5d:ee:07:51:ae:9e:23:12:
66:12:f4:1c:98:30:5b:1a:69:96:c1:db:ea:1c:db:2d:98:16:
a2:f1:9c:0e:14:85:b0:a7:5e:e6:83:03:90:42:4d:b1:bf:58:
95:23:65:35:9d:7b:5e:6f:ae:bd:a7:e4:89:66:ec:97:8e:65:
52:f7:d1:f5:6b:ea:f5:54:3e:b9:9d:01:65:31:d9:f5:0d:f3:
bd:c9:41:0c:86:ac:d9:3f:d1:e3:8b:aa:38:a9:09:7a:a7:88:
99:70:ce:19:04:ce:be:c2:c1:e2:57:d1:b4:b8:2b:b9:8a:5f:
27:b7:dc:8b:b7:14:6e:9b:df:6b:cc:5b:f8:bc:98:b4:8b:f7:
43:d3:bf:28:35:0c:a2:df:e0:ae:28:56:31:be:b8:83:48:30:
5a:ee:21:48:55:5a:9f:54:25:b2:ba:5d:2a:8f:79:46:2c:59:
3d:03:59:2f:3e:93:cd:f1:ca:10:36:50:f0:11:8d:e1:71:c1:
d2:fa:5c:4e:e6:f3:fb:d7:94:84:a5:4b:e4:5f:48:51:12:ff:
95:f6:4c:96:f6:ba:cb:de:23:04:0e:d6:d0:8e:3e:4c:b4:50:
1f:e5:55:b7
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgICO4MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzdBQkMxMTAvBgNVBAUTKDYxQkYzRUQ0QzNCRkJDMDkxNkVGOTQ4MEFBRkYyMjJB
NDM3QUYwMkMwHhcNMjUwOTA0MDgyMDU2WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0OTM4YS0zNDk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvAiCTgnT+MeRvajR9FBcDV6fttF27tIwWXTo+2rnwaxI6pxWQp41OoYzXZJe
L8sTYZC8XgjSvYpUl2NYbKkgVfkHvZTc6xT2aYm2IALoMhTZme9lMGpcnWMMJCOK
0aYa0FK8hZdwxCNoQ6GSrQNa8f9cTGYakhHxVkeOiEz5H0ql4wf84jSr0qvQqW4x
o9Q9HSy5ZRruxG+lfKCrm2dCe8HfeCMZ1vCMkmAkLkpxm4LS6ms/5TpgnkAsWSx7
hyTWTdRowesbFUMNZpi+x1WcPBr/FCdyBZjj8rpecV8VzaIzRlPAZGCqXpNzd66R
4HMXMipmvkwz0tNIKzsBBytIDwIDAQABo4IDFjCCAxIwHQYDVR0OBBYEFHj9qc69
PgAXeWeps50Fn0287sOVMB8GA1UdIwQYMBaAFGG/PtTDv7wJFu+UgKr/IipDevAs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FCQy83MTNEOUZCMDFE
NzgxMUUyODI4NjhEQzQwOEIwMkNEMi9ZYjgtMU1PX3ZBa1c3NVNBcXY4aUtrTjY4
Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1liOC0xTU9fdkFrVzc1U0FxdjhpS2tONjhDdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzdBQkMvNzEzRDlGQjAxRDc4MTFFMjgyODY4REM0MDhCMDJDRDIvNjc0QjRFRDIy
N0M4MTFFRkFFQ0UwNzg2QzRGOUFFMDIucm9hMIHUBggrBgEFBQcBBwEB/wSBxDCB
wTCBkgQCAAEwgYsDAwAbkQMDAjoIAwQBOmF8AwQHPVoAAwQDPVuAAwQDPVuQMAwD
BAE9W74DBAE9W8ADBAA9W8kDBAA9W9YDAwFuqAMDAG6rAwMAcm0DAwBzVwMEAHcu
/wMDAHdMMAoDAwN8eAMDAHx6AwMDq2ADAwC2EQMEBsqFgDAMAwQGyrBAAwQGyrCA
AwQG0tUAMCoEAgACMCQwEgMHACABD7ABAQMHACABD7ABAgMHASABD7AQBAMFACAB
D7EwDQYJKoZIhvcNAQELBQADggEBAE1C+MrB7gQL2QTfZR+HFIv0A6Dv+moz4XyD
Fjhd7gdRrp4jEmYS9ByYMFsaaZbB2+oc2y2YFqLxnA4UhbCnXuaDA5BCTbG/WJUj
ZTWde15vrr2n5Ilm7JeOZVL30fVr6vVUPrmdAWUx2fUN873JQQyGrNk/0eOLqjip
CXqniJlwzhkEzr7CweJX0bS4K7mKXye33Iu3FG6b32vMW/i8mLSL90PTvyg1DKLf
4K4oVjG+uINIMFruIUhVWp9UJbK6XSqPeUYsWT0DWS8+k83xyhA2UPARjeFxwdL6
XE7m8/vXlISlS+RfSFES/5X2TJb2usveIwQO1tCOPky0UB/lVbc=
-----END CERTIFICATE-----
Generated at Mon Mar 2 21:14:06 2026 by rpki-client