Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/005CDC821F1411EC85E08546C4F9AE02.roa
File: 005CDC821F1411EC85E08546C4F9AE02.roa (raw, json)
Hash identifier: RtrKmXveYib5rppP1DIWCcPNm3D6+Flm33UJR0UA860=
Subject key identifier: 12:2F:63:41:25:AD:16:3D:A4:9F:55:B9:6E:DB:7F:15:50:3D:BA:D2
Certificate issuer: /CN=A91406AA/serialNumber=218A8AA050267B0805E3FDC8A939BF8FBCB00101
Certificate serial: 074F
Authority key identifier: 21:8A:8A:A0:50:26:7B:08:05:E3:FD:C8:A9:39:BF:8F:BC:B0:01:01
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/005CDC821F1411EC85E08546C4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:09:23 +0000
ROA not before: Wed 08 Oct 2025 22:24:21 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 23655
IP address blocks: 151.210.128.0/17 maxlen: 17
151.210.128.0/23 maxlen: 23
151.210.130.0/23 maxlen: 23
151.210.132.0/23 maxlen: 23
151.210.134.0/23 maxlen: 23
151.210.136.0/23 maxlen: 23
151.210.138.0/23 maxlen: 23
151.210.140.0/23 maxlen: 23
151.210.142.0/23 maxlen: 23
151.210.144.0/23 maxlen: 23
151.210.146.0/23 maxlen: 23
151.210.148.0/23 maxlen: 23
151.210.150.0/23 maxlen: 23
151.210.152.0/23 maxlen: 23
151.210.154.0/23 maxlen: 23
151.210.156.0/23 maxlen: 23
151.210.158.0/23 maxlen: 23
151.210.160.0/23 maxlen: 23
151.210.162.0/23 maxlen: 23
151.210.164.0/23 maxlen: 23
151.210.166.0/23 maxlen: 23
151.210.168.0/23 maxlen: 23
151.210.170.0/23 maxlen: 23
151.210.172.0/23 maxlen: 23
151.210.174.0/23 maxlen: 23
151.210.224.0/23 maxlen: 23
151.210.226.0/23 maxlen: 23
151.210.228.0/23 maxlen: 23
151.210.230.0/23 maxlen: 23
151.210.232.0/23 maxlen: 23
151.210.234.0/23 maxlen: 23
151.210.236.0/23 maxlen: 23
151.210.238.0/23 maxlen: 23
151.210.240.0/23 maxlen: 23
151.210.242.0/23 maxlen: 23
151.210.244.0/23 maxlen: 23
151.210.246.0/23 maxlen: 23
151.210.248.0/23 maxlen: 23
151.210.250.0/23 maxlen: 23
151.210.252.0/23 maxlen: 23
151.210.254.0/23 maxlen: 23
165.84.0.0/19 maxlen: 19
165.84.48.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.crl
rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 01:45:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1871 (0x74f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91406AA, serialNumber=218A8AA050267B0805E3FDC8A939BF8FBCB00101
Validity
Not Before: Oct 8 22:24:21 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=69a480d3-f6a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:79:2a:85:da:aa:fa:a3:31:1a:71:8b:ae:f7:
b8:6e:cf:29:8d:3e:dd:1e:4a:67:ae:9a:42:54:64:
33:bf:11:99:c1:d8:2d:1d:c9:e4:35:63:57:d7:80:
54:12:5b:e2:98:7d:58:33:8a:d8:f8:59:f1:8c:13:
f6:aa:c3:3a:b3:5c:c5:0e:a2:67:e7:23:31:c3:a4:
e1:3f:05:bc:b0:8f:64:78:55:cb:65:88:97:ae:d1:
f8:62:2b:01:83:6a:c1:9b:f0:d3:2d:3f:c5:ec:49:
70:b6:cd:91:4b:8f:79:98:06:55:b6:7c:39:c8:b8:
ee:3e:3f:71:7b:55:60:7a:ee:31:b5:27:2c:e1:77:
ef:13:4d:dd:c9:01:06:5d:13:97:25:be:c8:c5:78:
ae:0b:f6:78:7a:11:aa:6e:28:99:be:21:51:ed:42:
6f:99:46:42:37:39:3d:bf:d5:cb:cd:00:2b:e3:3f:
f6:73:07:64:f0:30:22:e1:7f:65:b9:3f:3d:8f:1d:
7b:90:7e:76:1b:18:b8:a0:9e:36:4e:19:32:54:77:
95:b4:70:98:c3:4e:09:bb:45:b0:4a:16:0b:3a:8a:
d6:c1:3c:d1:5e:ed:d0:de:81:84:cd:77:ad:f4:a4:
dc:03:12:5e:22:b7:eb:80:81:14:a9:9b:8b:74:31:
88:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:2F:63:41:25:AD:16:3D:A4:9F:55:B9:6E:DB:7F:15:50:3D:BA:D2
X509v3 Authority Key Identifier:
keyid:21:8A:8A:A0:50:26:7B:08:05:E3:FD:C8:A9:39:BF:8F:BC:B0:01:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/005CDC821F1411EC85E08546C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
151.210.128.0/17
165.84.0.0/19
165.84.48.0/20
Signature Algorithm: sha256WithRSAEncryption
73:ed:8e:d8:e7:5f:b5:36:2d:a0:cf:26:46:5d:f7:5c:86:c1:
9b:8f:56:5d:33:df:a3:19:44:ef:47:4a:61:8f:01:fc:ed:0a:
7a:be:ed:98:f6:f8:af:0f:42:60:4d:a1:78:14:30:36:84:3a:
25:90:ca:e3:1f:a0:ee:8d:55:67:2e:d0:97:ff:31:fa:7c:24:
9d:53:db:b4:68:39:dd:ad:2e:41:4f:f2:38:cd:a0:8a:0a:74:
c9:d5:b7:32:87:dc:7b:8a:6c:06:27:0a:c4:5a:89:3e:d4:7d:
aa:f6:58:7a:14:f1:5f:91:04:c3:22:04:15:5b:7f:80:29:ec:
77:56:4a:9f:35:8b:15:9b:d6:a4:58:97:f2:b9:0e:7b:0c:79:
87:a9:83:b7:c0:02:6f:ec:a2:db:72:9e:ba:cc:56:53:6e:50:
67:d2:8d:c0:48:60:43:d3:7f:78:7f:2e:d6:25:84:8f:e7:53:
db:75:01:27:8f:25:40:80:21:9b:c0:3a:4d:46:cb:b2:0f:02:
2e:50:d9:67:dc:d8:3e:aa:82:67:93:b3:f1:0a:b2:23:8c:53:
04:0e:1c:12:55:cc:f7:4d:e6:6c:65:47:2a:7f:39:dc:91:8f:
79:28:7e:4e:48:8e:d4:a9:76:fd:7b:2c:9f:2d:e4:a6:bd:69:
0c:41:27:77
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgICB08wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDA2QUExMTAvBgNVBAUTKDIxOEE4QUEwNTAyNjdCMDgwNUUzRkRDOEE5MzlCRjhG
QkNCMDAxMDEwHhcNMjUxMDA4MjIyNDIxWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODBkMy1mNmEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwnkqhdqq+qMxGnGLrve4bs8pjT7dHkpnrppCVGQzvxGZwdgtHcnkNWNX14BU
ElvimH1YM4rY+FnxjBP2qsM6s1zFDqJn5yMxw6ThPwW8sI9keFXLZYiXrtH4YisB
g2rBm/DTLT/F7Elwts2RS495mAZVtnw5yLjuPj9xe1Vgeu4xtScs4XfvE03dyQEG
XROXJb7IxXiuC/Z4ehGqbiiZviFR7UJvmUZCNzk9v9XLzQAr4z/2cwdk8DAi4X9l
uT89jx17kH52Gxi4oJ42ThkyVHeVtHCYw04Ju0WwShYLOorWwTzRXu3Q3oGEzXet
9KTcAxJeIrfrgIEUqZuLdDGIgQIDAQABo4ICbDCCAmgwHQYDVR0OBBYEFBIvY0El
rRY9pJ9VuW7bfxVQPbrSMB8GA1UdIwQYMBaAFCGKiqBQJnsIBeP9yKk5v4+8sAEB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84NjU4RTQ2Njg2
QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9JWXFLb0ZBbWV3Z0Y0XzNJcVRtX2o3eXdB
UUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0lZcUtvRkFtZXdnRjRfM0lxVG1fajd5d0FRRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDA2QUEvODY1OEU0NjY4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvMDA1Q0RDODIx
RjE0MTFFQzg1RTA4NTQ2QzRGOUFFMDIucm9hMCsGCCsGAQUFBwEHAQH/BBwwGjAY
BAIAATASAwQHl9KAAwQFpVQAAwQEpVQwMA0GCSqGSIb3DQEBCwUAA4IBAQBz7Y7Y
51+1Ni2gzyZGXfdchsGbj1ZdM9+jGUTvR0phjwH87Qp6vu2Y9vivD0JgTaF4FDA2
hDolkMrjH6DujVVnLtCX/zH6fCSdU9u0aDndrS5BT/I4zaCKCnTJ1bcyh9x7imwG
JwrEWok+1H2q9lh6FPFfkQTDIgQVW3+AKex3VkqfNYsVm9akWJfyuQ57DHmHqYO3
wAJv7KLbcp66zFZTblBn0o3ASGBD0394fy7WJYSP51PbdQEnjyVAgCGbwDpNRsuy
DwIuUNln3Ng+qoJnk7PxCrIjjFMEDhwSVcz3TeZsZUcqfznckY95KH5OSI7UqXb9
eyyfLeSmvWkMQSd3
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:50:48 2026 by rpki-client