Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/4ACF06E24CE111F08EB6EB2AC4F9AE02.roa
File: 4ACF06E24CE111F08EB6EB2AC4F9AE02.roa (raw, json)
Hash identifier: 70+d1rfTRJf8w5VTyIQFaQNkyp+GkFzzhaOu6clyNSg=
Subject key identifier: 15:A1:CA:74:30:55:15:42:1B:2D:E5:31:13:36:F2:C6:F9:68:AE:50
Certificate issuer: /CN=A9139B49/serialNumber=4EE540A48AD973FBD831ABD02603B5FB0FB945BE
Certificate serial: 191C
Authority key identifier: 4E:E5:40:A4:8A:D9:73:FB:D8:31:AB:D0:26:03:B5:FB:0F:B9:45:BE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/4ACF06E24CE111F08EB6EB2AC4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:27:06 +0000
ROA not before: Tue 10 Feb 2026 17:14:14 +0000
ROA not after: Wed 31 Mar 2027 00:00:00 +0000
asID: 17911
IP address blocks: 122.129.64.0/24 maxlen: 24
122.129.66.0/24 maxlen: 24
122.129.69.0/24 maxlen: 24
122.129.72.0/24 maxlen: 24
122.129.73.0/24 maxlen: 24
122.129.74.0/24 maxlen: 24
122.129.75.0/24 maxlen: 24
122.129.76.0/24 maxlen: 24
122.129.77.0/24 maxlen: 24
122.129.78.0/24 maxlen: 24
122.129.79.0/24 maxlen: 24
122.129.80.0/24 maxlen: 24
122.129.81.0/24 maxlen: 24
122.129.82.0/24 maxlen: 24
122.129.84.0/24 maxlen: 24
122.129.85.0/24 maxlen: 24
122.129.89.0/24 maxlen: 24
122.129.90.0/24 maxlen: 24
122.129.91.0/24 maxlen: 24
122.129.92.0/24 maxlen: 24
122.129.93.0/24 maxlen: 24
122.129.94.0/24 maxlen: 24
203.128.0.0/24 maxlen: 24
203.128.1.0/24 maxlen: 24
203.128.3.0/24 maxlen: 24
203.128.4.0/24 maxlen: 24
203.128.5.0/24 maxlen: 24
203.128.6.0/24 maxlen: 24
203.128.7.0/24 maxlen: 24
203.128.8.0/24 maxlen: 24
203.128.9.0/24 maxlen: 24
203.128.11.0/24 maxlen: 24
203.128.12.0/24 maxlen: 24
203.128.13.0/24 maxlen: 24
203.128.14.0/24 maxlen: 24
203.128.15.0/24 maxlen: 24
203.128.16.0/24 maxlen: 24
203.128.17.0/24 maxlen: 24
203.128.18.0/24 maxlen: 24
203.128.19.0/24 maxlen: 24
203.128.21.0/24 maxlen: 24
203.128.22.0/24 maxlen: 24
203.128.23.0/24 maxlen: 24
203.128.25.0/24 maxlen: 24
203.128.26.0/24 maxlen: 24
203.128.27.0/24 maxlen: 24
203.128.28.0/24 maxlen: 24
203.128.31.0/24 maxlen: 24
2400:4f00::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/TuVApIrZc_vYMavQJgO1-w-5Rb4.crl
rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/TuVApIrZc_vYMavQJgO1-w-5Rb4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:47:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6428 (0x191c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139B49, serialNumber=4EE540A48AD973FBD831ABD02603B5FB0FB945BE
Validity
Not Before: Feb 10 17:14:14 2026 GMT
Not After : Mar 31 00:00:00 2027 GMT
Subject: CN=69a476ea-ab63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:8b:c3:e0:2c:b7:b8:b6:80:76:c1:f4:c6:3a:
5d:a6:d8:2f:07:53:a3:4e:a8:6b:9a:3b:f5:1a:40:
e6:9d:2a:7f:f1:a3:7f:78:d8:27:6a:80:9e:56:b5:
b4:f6:1d:91:a9:27:b6:c3:a9:0c:b1:a6:31:61:89:
99:dc:3f:5a:ad:2f:4e:11:16:61:4b:27:a4:2b:e5:
4a:f1:23:45:d7:e7:d3:9d:8b:75:1d:70:2b:00:53:
b5:fd:ee:fa:cf:a2:ff:24:66:79:cd:c9:ba:4b:e2:
53:ae:b0:a3:74:cb:c4:3e:9a:f1:06:db:55:32:30:
8a:8b:bd:b7:5d:b8:b5:7b:76:a9:76:63:17:c8:9a:
af:4b:64:63:77:23:ef:9e:b4:6c:70:d3:e1:14:8e:
d0:74:1e:77:f0:f2:c6:87:ef:72:cd:3a:dd:7d:4a:
3b:f9:a9:89:ab:9c:d9:6a:78:19:f9:12:d7:55:a7:
65:12:af:39:48:6b:0d:5a:b3:9b:f4:18:01:43:e3:
10:76:7f:06:eb:78:6f:ad:e8:89:bf:bb:80:3c:e4:
82:68:06:25:f5:56:c5:f5:61:49:ae:9a:fe:90:47:
68:a2:ba:5b:9f:bc:a9:a2:43:41:57:85:0d:00:40:
6f:90:42:02:c3:05:a6:28:e9:9f:b6:7d:f8:79:76:
65:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:A1:CA:74:30:55:15:42:1B:2D:E5:31:13:36:F2:C6:F9:68:AE:50
X509v3 Authority Key Identifier:
keyid:4E:E5:40:A4:8A:D9:73:FB:D8:31:AB:D0:26:03:B5:FB:0F:B9:45:BE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/TuVApIrZc_vYMavQJgO1-w-5Rb4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/4ACF06E24CE111F08EB6EB2AC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
122.129.64.0/24
122.129.66.0/24
122.129.69.0/24
122.129.72.0-122.129.82.255
122.129.84.0/23
122.129.89.0-122.129.94.255
203.128.0.0/23
203.128.3.0-203.128.9.255
203.128.11.0-203.128.19.255
203.128.21.0-203.128.23.255
203.128.25.0-203.128.28.255
203.128.31.0/24
IPv6:
2400:4f00::/36
Signature Algorithm: sha256WithRSAEncryption
78:5f:69:9e:13:55:93:85:31:d4:34:dc:e3:19:41:4b:c3:ba:
a4:c6:03:dd:13:fd:90:34:12:01:f3:81:8c:16:36:54:b3:6b:
4a:e0:64:cb:26:6e:6a:04:fe:6f:bd:ad:20:04:ce:b0:cc:91:
88:d4:67:1a:c2:8d:4e:64:06:b6:16:2d:a6:9d:36:93:eb:8c:
e0:a0:a3:be:f7:b6:dd:e7:66:71:03:aa:4c:6d:0c:fe:dd:cb:
01:a9:20:4a:eb:62:e8:97:ae:82:c3:a9:7d:91:b7:e6:90:92:
c5:9f:53:39:3d:97:87:81:b2:03:a7:82:78:b5:06:d3:3e:28:
48:eb:33:12:b9:1c:15:ab:ba:ff:71:b8:98:a2:7f:0a:b2:f2:
7b:02:7c:e0:ff:58:5b:f6:54:a8:7a:6c:c3:48:e7:67:61:00:
47:e3:12:ae:7b:8e:ad:ce:ba:89:51:aa:bf:a9:b1:37:73:88:
55:a6:de:22:34:67:09:81:3b:fb:6e:93:86:23:ad:4b:d1:75:
39:e7:54:3e:6b:7a:77:b7:9f:b7:c1:2f:42:52:01:25:9f:d2:
3f:88:5f:64:b9:04:ef:a0:f9:89:d2:36:ab:f2:83:33:3a:c3:
c9:d0:46:7c:88:30:03:99:25:9b:28:52:b8:75:9d:b0:14:9a:
50:6c:2f:6d
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgICGRwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzlCNDkxMTAvBgNVBAUTKDRFRTU0MEE0OEFEOTczRkJEODMxQUJEMDI2MDNCNUZC
MEZCOTQ1QkUwHhcNMjYwMjEwMTcxNDE0WhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NzZlYS1hYjYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxIvD4Cy3uLaAdsH0xjpdptgvB1OjTqhrmjv1GkDmnSp/8aN/eNgnaoCeVrW0
9h2RqSe2w6kMsaYxYYmZ3D9arS9OERZhSyekK+VK8SNF1+fTnYt1HXArAFO1/e76
z6L/JGZ5zcm6S+JTrrCjdMvEPprxBttVMjCKi723Xbi1e3apdmMXyJqvS2RjdyPv
nrRscNPhFI7QdB538PLGh+9yzTrdfUo7+amJq5zZangZ+RLXVadlEq85SGsNWrOb
9BgBQ+MQdn8G63hvreiJv7uAPOSCaAYl9VbF9WFJrpr+kEdoorpbn7ypokNBV4UN
AEBvkEICwwWmKOmftn34eXZlcwIDAQABo4IC5TCCAuEwHQYDVR0OBBYEFBWhynQw
VRVCGy3lMRM28sb5aK5QMB8GA1UdIwQYMBaAFE7lQKSK2XP72DGr0CYDtfsPuUW+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOUI0OS8wNzgwQjk5MEM5
RjgxMUU3OUVGMTIwMDlDNEY5QUUwMi9UdVZBcElyWmNfdllNYXZRSmdPMS13LTVS
YjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1R1VkFwSXJaY192WU1hdlFKZ08xLXctNVJiNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzlCNDkvMDc4MEI5OTBDOUY4MTFFNzlFRjEyMDA5QzRGOUFFMDIvNEFDRjA2RTI0
Q0UxMTFGMDhFQjZFQjJBQzRGOUFFMDIucm9hMIGjBggrBgEFBQcBBwEB/wSBkzCB
kDB+BAIAATB4AwQAeoFAAwQAeoFCAwQAeoFFMAwDBAN6gUgDBAB6gVIDBAF6gVQw
DAMEAHqBWQMEAHqBXgMEAcuAADAMAwQAy4ADAwQBy4AIMAwDBADLgAsDBALLgBAw
DAMEAMuAFQMEA8uAEDAMAwQAy4AZAwQAy4AcAwQAy4AfMA4EAgACMAgDBgQkAE8A
ADANBgkqhkiG9w0BAQsFAAOCAQEAeF9pnhNVk4Ux1DTc4xlBS8O6pMYD3RP9kDQS
AfOBjBY2VLNrSuBkyyZuagT+b72tIATOsMyRiNRnGsKNTmQGthYtpp02k+uM4KCj
vve23edmcQOqTG0M/t3LAakgSuti6JeugsOpfZG35pCSxZ9TOT2Xh4GyA6eCeLUG
0z4oSOszErkcFau6/3G4mKJ/CrLyewJ84P9YW/ZUqHpsw0jnZ2EAR+MSrnuOrc66
iVGqv6mxN3OIVabeIjRnCYE7+26ThiOtS9F1OedUPmt6d7eft8EvQlIBJZ/SP4hf
ZLkE76D5idI2q/KDMzrDydBGfIgwA5klmyhSuHWdsBSaUGwvbQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:14:00 2026 by rpki-client