Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/FE049DEA388A11F183CE8CB4BD833773.roa
File: FE049DEA388A11F183CE8CB4BD833773.roa (raw, json)
Hash identifier: ftCpu9d6y7eNjAyH0UOctppUJFUtBhP3FxekGQorze4=
Subject key identifier: 99:50:65:C1:BD:F4:CD:98:45:FC:F0:46:1F:4C:F7:54:50:D9:C8:3D
Certificate issuer: /CN=A91406AA/serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C
Certificate serial: 08A0
Authority key identifier: 31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/FE049DEA388A11F183CE8CB4BD833773.roa
Signing time: Wed 15 Apr 2026 05:21:44 +0000
ROA not before: Wed 15 Apr 2026 05:21:44 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 9790
IP address blocks: 60.234.0.0/16 maxlen: 20
101.98.0.0/16 maxlen: 20
101.100.128.0/19 maxlen: 24
103.224.128.0/22 maxlen: 24
103.237.40.0/22 maxlen: 24
110.44.16.0/22 maxlen: 24
118.148.0.0/15 maxlen: 15
118.148.64.0/20 maxlen: 24
118.148.80.0/20 maxlen: 24
118.148.96.0/20 maxlen: 24
118.148.112.0/20 maxlen: 24
118.149.64.0/20 maxlen: 24
118.149.80.0/20 maxlen: 24
118.149.96.0/20 maxlen: 24
118.149.112.0/20 maxlen: 24
119.224.0.0/18 maxlen: 22
119.224.64.0/19 maxlen: 22
119.224.128.0/20 maxlen: 20
121.98.0.0/15 maxlen: 20
202.50.170.0/24 maxlen: 24
202.53.176.0/20 maxlen: 20
202.180.64.0/18 maxlen: 20
202.189.160.0/20 maxlen: 20
202.191.32.0/20 maxlen: 20
203.184.0.0/18 maxlen: 20
2400:4800::/32 maxlen: 32
2402:6000::/32 maxlen: 32
2402:8200::/32 maxlen: 32
2404:4400::/28 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl
rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Apr 2026 21:57:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2208 (0x8a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91406AA, serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C
Validity
Not Before: Apr 15 05:21:44 2026 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=69df2068-a309
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:43:49:f0:2a:5e:60:99:3b:59:86:4f:61:b3:
b4:8a:cd:67:d4:d5:a4:eb:56:66:a6:29:4d:4a:f2:
d1:54:9b:fa:1e:d4:99:54:f1:ec:18:2c:a7:5a:ad:
2a:3c:68:59:91:d6:bb:97:ae:14:4b:45:87:eb:fe:
08:92:43:bc:02:40:7c:95:17:d1:c6:e5:4b:a3:7c:
a5:b5:5f:5d:70:1c:14:98:ce:c8:90:16:d9:ec:22:
82:e6:15:de:07:5c:2c:39:72:14:a9:2b:df:65:d0:
7e:4f:60:b8:80:ab:bd:44:be:10:f8:ac:e3:23:50:
58:f8:06:8a:7a:4e:38:37:b9:4c:4b:3e:df:d6:4a:
7f:4b:12:f3:5b:98:d0:82:a9:d4:e4:56:5c:f9:35:
b2:b6:56:83:61:96:7f:6d:ba:28:08:bb:51:82:d7:
fe:32:4c:58:68:9a:e0:48:27:e3:f9:49:76:85:dd:
30:e3:e5:d7:0e:3c:0a:90:7a:22:f4:9d:c2:6d:13:
f6:51:10:2b:29:7e:3d:ea:ad:4e:cb:33:b5:9b:3d:
f8:15:66:5c:7c:eb:ef:99:1b:17:27:dc:d7:f9:e5:
0f:6a:4c:03:30:97:49:d2:4e:c6:8b:cc:f7:9e:e3:
6d:06:dd:8e:a0:eb:ad:8a:a5:39:33:29:8c:e3:eb:
88:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:50:65:C1:BD:F4:CD:98:45:FC:F0:46:1F:4C:F7:54:50:D9:C8:3D
X509v3 Authority Key Identifier:
keyid:31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/FE049DEA388A11F183CE8CB4BD833773.roa
sbgp-ipAddrBlock: critical
IPv4:
60.234.0.0/16
101.98.0.0/16
101.100.128.0/19
103.224.128.0/22
103.237.40.0/22
110.44.16.0/22
118.148.0.0/15
119.224.0.0-119.224.95.255
119.224.128.0/20
121.98.0.0/15
202.50.170.0/24
202.53.176.0/20
202.180.64.0/18
202.189.160.0/20
202.191.32.0/20
203.184.0.0/18
IPv6:
2400:4800::/32
2402:6000::/32
2402:8200::/32
2404:4400::/28
Signature Algorithm: sha256WithRSAEncryption
4e:de:2c:aa:0b:31:06:a7:f7:9a:50:5c:22:c8:c8:3f:a8:3e:
5e:2e:4f:2e:c4:de:dc:12:71:e6:cd:3e:24:98:c4:84:56:fc:
bf:a5:f6:d6:8b:7b:a5:30:24:7b:b6:e2:4a:70:f2:62:f8:d6:
13:43:a3:df:36:78:7d:b3:36:51:e3:8e:30:4b:be:01:25:27:
21:bb:a4:78:55:c2:ee:6e:d7:28:a1:21:77:c3:01:ec:1c:ad:
e0:86:6a:d8:7d:0d:5a:67:91:7f:5f:77:14:9e:f3:43:a3:0a:
e2:dd:c1:02:99:35:76:e6:74:d7:f7:62:01:ab:f6:a4:14:ce:
6f:21:0f:1d:cd:03:18:26:6b:90:3d:fe:eb:a5:a9:b4:05:96:
3a:29:72:e7:43:1f:28:7c:16:b5:9a:25:6d:fe:89:e3:f4:c6:
43:a2:54:15:de:64:cc:82:66:a4:ff:c9:a7:51:3f:1f:98:8e:
86:b8:0f:c0:58:c7:21:06:7e:29:1a:ce:67:2b:4a:23:d0:b8:
34:04:08:74:ad:0d:41:7f:13:72:fb:f0:fa:aa:d3:62:0d:71:
a6:89:44:38:62:5e:e8:60:ab:6d:17:49:1e:31:4a:a9:1f:c7:
95:db:eb:d2:36:d3:c5:b5:a2:79:2a:39:c9:b0:f2:c3:cb:db:
91:62:7b:42
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgICCKAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDA2QUExMTAvBgNVBAUTKDMxNTUxM0U1NEFCMEM5OUI4QkNBODQwNDJFMzgzNThC
NjBEQjFCMkMwHhcNMjYwNDE1MDUyMTQ0WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWRmMjA2OC1hMzA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAykNJ8CpeYJk7WYZPYbO0is1n1NWk61ZmpilNSvLRVJv6HtSZVPHsGCynWq0q
PGhZkda7l64US0WH6/4IkkO8AkB8lRfRxuVLo3yltV9dcBwUmM7IkBbZ7CKC5hXe
B1wsOXIUqSvfZdB+T2C4gKu9RL4Q+KzjI1BY+AaKek44N7lMSz7f1kp/SxLzW5jQ
gqnU5FZc+TWytlaDYZZ/bbooCLtRgtf+MkxYaJrgSCfj+Ul2hd0w4+XXDjwKkHoi
9J3CbRP2URArKX496q1OyzO1mz34FWZcfOvvmRsXJ9zX+eUPakwDMJdJ0k7Gi8z3
nuNtBt2OoOutiqU5MymM4+uIpwIDAQABo4IC5DCCAuAwHQYDVR0OBBYEFJlQZcG9
9M2YRfzwRh9M91RQ2cg9MB8GA1UdIwQYMBaAFDFVE+VKsMmbi8qEBC44NYtg2xss
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84RjVCQjRGODg2
QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9NVlVUNVVxd3ladUx5b1FFTGpnMWkyRGJH
eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01WVVQ1VXF3eVp1THlvUUVMamcxaTJEYkd5dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDA2QUEvOEY1QkI0Rjg4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvRkUwNDlERUEz
ODhBMTFGMTgzQ0U4Q0I0QkQ4MzM3NzMucm9hMIGiBggrBgEFBQcBBwEB/wSBkjCB
jzBpBAIAATBjAwMAPOoDAwBlYgMEBWVkgAMEAmfggAMEAmftKAMEAm4sEAMDAXaU
MAsDAwV34AMEBXfgQAMEBHfggAMDAXliAwQAyjKqAwQEyjWwAwQGyrRAAwQEyr2g
AwQEyr8gAwQGy7gAMCIEAgACMBwDBQAkAEgAAwUAJAJgAAMFACQCggADBQQkBEQA
MA0GCSqGSIb3DQEBCwUAA4IBAQBO3iyqCzEGp/eaUFwiyMg/qD5eLk8uxN7cEnHm
zT4kmMSEVvy/pfbWi3ulMCR7tuJKcPJi+NYTQ6PfNnh9szZR444wS74BJSchu6R4
VcLubtcooSF3wwHsHK3ghmrYfQ1aZ5F/X3cUnvNDowri3cECmTV25nTX92IBq/ak
FM5vIQ8dzQMYJmuQPf7rpam0BZY6KXLnQx8ofBa1miVt/onj9MZDolQV3mTMgmak
/8mnUT8fmI6GuA/AWMchBn4pGs5nK0oj0Lg0BAh0rQ1BfxNy+/D6qtNiDXGmiUQ4
Yl7oYKttF0keMUqpH8eV2+vSNtPFtaJ5KjnJsPLDy9uRYntC
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:02:29 2026 by rpki-client