Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/087D2D80C4A711EB917EC55EC4F9AE02.roa
File: 087D2D80C4A711EB917EC55EC4F9AE02.roa (raw, json)
Hash identifier: Wolm9UeE+EhBtIqciTvCXVtEF6ClLkDl72F+NCa8HHw=
Subject key identifier: E3:3C:58:1D:28:2D:08:58:C7:1A:25:0B:31:E9:1B:85:61:8F:C3:6A
Certificate issuer: /CN=A91402DC/serialNumber=C2B9F5F3C68C576727239B92A93B36297D1B1653
Certificate serial: 13DB
Authority key identifier: C2:B9:F5:F3:C6:8C:57:67:27:23:9B:92:A9:3B:36:29:7D:1B:16:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/087D2D80C4A711EB917EC55EC4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:33:50 +0000
ROA not before: Wed 01 Oct 2025 09:34:58 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 4657
IP address blocks: 27.54.0.0/18 maxlen: 24
27.125.128.0/18 maxlen: 24
39.109.128.0/17 maxlen: 24
43.227.228.0/23 maxlen: 23
45.65.0.0/22 maxlen: 24
58.96.192.0/18 maxlen: 24
61.8.192.0/19 maxlen: 24
61.8.224.0/19 maxlen: 24
101.127.0.0/16 maxlen: 24
103.17.144.0/22 maxlen: 24
103.28.208.0/22 maxlen: 22
103.254.252.0/23 maxlen: 23
103.254.254.0/24 maxlen: 24
111.223.64.0/18 maxlen: 18
111.223.64.0/19 maxlen: 24
111.223.96.0/19 maxlen: 24
113.10.64.0/18 maxlen: 24
117.20.128.0/18 maxlen: 24
122.11.128.0/17 maxlen: 24
124.155.192.0/19 maxlen: 24
171.0.0.0/15 maxlen: 15
171.0.0.0/16 maxlen: 24
171.1.0.0/16 maxlen: 24
171.207.0.0/16 maxlen: 24
182.19.128.0/17 maxlen: 24
182.55.0.0/16 maxlen: 24
183.90.0.0/17 maxlen: 24
203.116.0.0/16 maxlen: 24
203.117.0.0/16 maxlen: 24
203.118.0.0/18 maxlen: 24
2406:3000::/30 maxlen: 32
2406:3000::/40 maxlen: 48
2406:3000:2::/56 maxlen: 64
2406:3000:2:100::/56 maxlen: 64
2406:3000:3::/56 maxlen: 64
2406:3000:a::/56 maxlen: 64
2406:3000:c::/56 maxlen: 56
2406:3000:c:100::/56 maxlen: 56
2406:3000:11::/56 maxlen: 64
2406:3000:11:1000::/56 maxlen: 64
2406:3000:11:2000::/56 maxlen: 64
2406:3000:12::/48 maxlen: 56
2406:3000:12::/56 maxlen: 64
2406:3000:12:100::/56 maxlen: 64
2406:3000:20::/56 maxlen: 64
2406:3000:22::/56 maxlen: 64
2406:3000:35::/56 maxlen: 64
2406:3000:36::/56 maxlen: 64
2406:3000:36:100::/56 maxlen: 64
2406:3000:38::/56 maxlen: 64
2406:3000:4f::/56 maxlen: 64
2406:3000:4f:100::/56 maxlen: 64
2406:3000:1000::/56 maxlen: 64
2406:3000:1000:100::/56 maxlen: 56
2406:3000:ad53::/49 maxlen: 49
2406:3001:20::/56 maxlen: 64
2406:3001:22::/56 maxlen: 64
2406:3001:23::/56 maxlen: 64
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.crl
rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:21:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5083 (0x13db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91402DC, serialNumber=C2B9F5F3C68C576727239B92A93B36297D1B1653
Validity
Not Before: Oct 1 09:34:58 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=69a4868e-f865
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0c:ec:1e:32:b2:bb:43:d5:22:c7:5b:1c:be:
ba:d5:95:54:05:ca:24:dd:e6:73:ad:10:73:71:95:
1b:f2:cb:8c:e6:22:00:c1:95:16:8d:14:0c:95:32:
0c:d3:cf:ac:38:1e:0a:2a:29:ce:e2:f2:0e:d4:b6:
67:b6:78:fe:e5:f6:a4:b4:7c:f3:80:35:ae:df:3b:
4e:57:2a:97:31:f8:2b:35:60:32:68:0a:8b:c6:37:
d3:13:ef:6a:45:22:71:62:a6:bd:5e:c1:90:9a:5a:
10:27:d4:76:da:3b:41:c1:b5:a0:e2:db:a2:f8:4f:
8e:52:06:e8:f2:2a:42:35:4b:c6:99:2a:6a:34:e9:
f8:a1:45:f6:10:53:ca:32:53:43:7a:9a:90:d4:38:
e5:71:b4:b1:f8:56:88:13:e8:02:04:05:33:2c:3b:
7e:a5:fa:3e:93:ed:f4:6f:9a:80:45:6d:66:9d:93:
95:ed:8d:cf:73:10:2d:5d:2b:a5:c5:77:8c:ca:75:
d7:06:2b:c2:ed:cb:a4:be:64:02:0c:0b:27:e0:77:
d8:7d:c0:79:2a:08:cd:e9:52:e7:c1:57:96:51:07:
5c:66:ac:1e:5a:60:bb:d7:6b:17:43:24:68:a1:7d:
60:2a:05:ec:31:fc:c5:6e:20:33:d3:7d:e9:16:c7:
2e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:3C:58:1D:28:2D:08:58:C7:1A:25:0B:31:E9:1B:85:61:8F:C3:6A
X509v3 Authority Key Identifier:
keyid:C2:B9:F5:F3:C6:8C:57:67:27:23:9B:92:A9:3B:36:29:7D:1B:16:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/087D2D80C4A711EB917EC55EC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
27.54.0.0/18
27.125.128.0/18
39.109.128.0/17
43.227.228.0/23
45.65.0.0/22
58.96.192.0/18
61.8.192.0/18
101.127.0.0/16
103.17.144.0/22
103.28.208.0/22
103.254.252.0-103.254.254.255
111.223.64.0/18
113.10.64.0/18
117.20.128.0/18
122.11.128.0/17
124.155.192.0/19
171.0.0.0/15
171.207.0.0/16
182.19.128.0/17
182.55.0.0/16
183.90.0.0/17
203.116.0.0-203.118.63.255
IPv6:
2406:3000::/30
Signature Algorithm: sha256WithRSAEncryption
08:89:42:5a:7b:71:9d:ff:9f:bb:04:a9:e0:f8:1c:ea:53:06:
b4:89:7b:a2:ac:2e:6a:1e:68:7c:fb:6c:32:9c:45:9c:d0:00:
94:ab:0f:d8:36:c7:07:67:ff:7e:2b:ea:52:68:8d:a1:1c:75:
b1:3e:a6:69:43:5d:7e:56:43:d4:7c:52:06:5b:31:5c:b5:87:
55:a1:39:d6:4b:a2:de:11:9b:d3:cb:e6:5b:1a:06:c5:a8:e3:
20:a2:b8:bb:dc:28:03:14:cc:4d:4b:7f:ac:a9:4f:e6:94:3c:
07:fb:0b:44:2c:2c:df:bd:88:d1:76:63:36:ab:03:39:7f:0a:
83:04:e1:5e:1a:85:a7:f2:85:f0:dc:0e:c5:57:39:0b:9f:56:
88:8f:33:d9:81:df:cb:62:07:be:95:57:53:23:6d:d1:c6:15:
2f:96:3c:80:a5:63:19:dc:85:9e:f3:e9:81:10:4b:f2:8f:02:
22:ce:3b:c1:31:f6:5b:1e:bc:49:d2:99:c4:f7:18:2f:26:ab:
34:84:5f:5c:25:00:18:22:5d:43:01:65:f8:11:d9:13:61:d2:
54:f8:57:df:4b:82:77:54:ad:43:90:e4:9a:88:74:25:b4:c0:
12:52:b8:59:22:77:8c:1a:65:ca:2a:b0:99:4d:78:03:16:57:
b3:ea:0c:16
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgICE9swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDAyREMxMTAvBgNVBAUTKEMyQjlGNUYzQzY4QzU3NjcyNzIzOUI5MkE5M0IzNjI5
N0QxQjE2NTMwHhcNMjUxMDAxMDkzNDU4WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODY4ZS1mODY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0QzsHjKyu0PVIsdbHL661ZVUBcok3eZzrRBzcZUb8suM5iIAwZUWjRQMlTIM
08+sOB4KKinO4vIO1LZntnj+5faktHzzgDWu3ztOVyqXMfgrNWAyaAqLxjfTE+9q
RSJxYqa9XsGQmloQJ9R22jtBwbWg4tui+E+OUgbo8ipCNUvGmSpqNOn4oUX2EFPK
MlNDepqQ1DjlcbSx+FaIE+gCBAUzLDt+pfo+k+30b5qARW1mnZOV7Y3PcxAtXSul
xXeMynXXBivC7cukvmQCDAsn4HfYfcB5KgjN6VLnwVeWUQdcZqweWmC712sXQyRo
oX1gKgXsMfzFbiAz033pFscujwIDAQABo4IC/TCCAvkwHQYDVR0OBBYEFOM8WB0o
LQhYxxolCzHpG4Vhj8NqMB8GA1UdIwQYMBaAFMK59fPGjFdnJyObkqk7Nil9GxZT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDJEQy8yRDUxQUY0MkZE
M0UxMUU4ODhDNTM5NDRDNEY5QUUwMi93cm4xODhhTVYyY25JNXVTcVRzMktYMGJG
bE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dybjE4OGFNVjJjbkk1dVNxVHMyS1gwYkZsTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDAyREMvMkQ1MUFGNDJGRDNFMTFFODg4QzUzOTQ0QzRGOUFFMDIvMDg3RDJEODBD
NEE3MTFFQjkxN0VDNTVFQzRGOUFFMDIucm9hMIG7BggrBgEFBQcBBwEB/wSBqzCB
qDCBlgQCAAEwgY8DBAYbNgADBAYbfYADBAcnbYADBAEr4+QDBAItQQADBAY6YMAD
BAY9CMADAwBlfwMEAmcRkAMEAmcc0DAMAwQCZ/78AwQAZ/7+AwQGb99AAwQGcQpA
AwQGdRSAAwQHeguAAwQFfJvAAwMBqwADAwCrzwMEB7YTgAMDALY3AwQHt1oAMAsD
AwLLdAMEBst2ADANBAIAAjAHAwUCJAYwADANBgkqhkiG9w0BAQsFAAOCAQEACIlC
Wntxnf+fuwSp4Pgc6lMGtIl7oqwuah5ofPtsMpxFnNAAlKsP2DbHB2f/fivqUmiN
oRx1sT6maUNdflZD1HxSBlsxXLWHVaE51kui3hGb08vmWxoGxajjIKK4u9woAxTM
TUt/rKlP5pQ8B/sLRCws372I0XZjNqsDOX8KgwThXhqFp/KF8NwOxVc5C59WiI8z
2YHfy2IHvpVXUyNt0cYVL5Y8gKVjGdyFnvPpgRBL8o8CIs47wTH2Wx68SdKZxPcY
LyarNIRfXCUAGCJdQwFl+BHZE2HSVPhX30uCd1StQ5Dkmoh0JbTAElK4WSJ3jBpl
yiqwmU14AxZXs+oMFg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:35:24 2026 by rpki-client