Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/E19826A0EAA511EBA4C1F32CC4F9AE02.roa
File: E19826A0EAA511EBA4C1F32CC4F9AE02.roa (raw, json)
Hash identifier: gRWxoMUhWR3o1/E004zC+NaDH3WtqhH3fFB+vz1MWo8=
Subject key identifier: 57:20:64:A8:F7:89:65:9D:97:F1:80:80:8E:76:12:11:B9:5E:48:DF
Certificate issuer: /CN=A9146207/serialNumber=897E02CCD8EB4039A783D02379C55FEE9F0CEE59
Certificate serial: 08A7
Authority key identifier: 89:7E:02:CC:D8:EB:40:39:A7:83:D0:23:79:C5:5F:EE:9F:0C:EE:59
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iX4CzNjrQDmng9AjecVf7p8M7lk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/E19826A0EAA511EBA4C1F32CC4F9AE02.roa
Signing time: Sun 01 Mar 2026 16:41:21 +0000
ROA not before: Mon 04 Aug 2025 16:24:33 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 132199
IP address blocks: 64.224.96.0/21 maxlen: 21
64.224.104.0/22 maxlen: 22
64.224.108.0/22 maxlen: 22
64.224.112.0/21 maxlen: 21
64.224.120.0/21 maxlen: 21
64.224.128.0/22 maxlen: 22
64.224.132.0/22 maxlen: 22
64.224.136.0/21 maxlen: 21
138.84.80.0/22 maxlen: 22
138.84.84.0/22 maxlen: 22
138.84.88.0/23 maxlen: 23
138.84.90.0/23 maxlen: 23
138.84.92.0/22 maxlen: 22
138.84.96.0/22 maxlen: 22
138.84.100.0/22 maxlen: 22
138.84.104.0/22 maxlen: 22
138.84.108.0/23 maxlen: 23
138.84.116.0/22 maxlen: 22
138.84.120.0/22 maxlen: 22
138.84.124.0/23 maxlen: 23
158.62.0.0/21 maxlen: 21
158.62.0.0/22 maxlen: 22
158.62.4.0/23 maxlen: 23
158.62.6.0/23 maxlen: 23
158.62.8.0/22 maxlen: 22
158.62.16.0/21 maxlen: 21
158.62.16.0/22 maxlen: 22
158.62.20.0/23 maxlen: 23
158.62.22.0/23 maxlen: 23
158.62.24.0/22 maxlen: 22
158.62.32.0/21 maxlen: 21
158.62.32.0/22 maxlen: 22
158.62.36.0/23 maxlen: 23
158.62.38.0/23 maxlen: 23
158.62.40.0/22 maxlen: 22
158.62.48.0/21 maxlen: 21
158.62.56.0/23 maxlen: 23
158.62.62.0/23 maxlen: 23
158.62.64.0/22 maxlen: 22
158.62.68.0/23 maxlen: 23
158.62.70.0/23 maxlen: 23
158.62.72.0/23 maxlen: 23
158.62.74.0/23 maxlen: 23
158.62.76.0/22 maxlen: 22
158.62.80.0/23 maxlen: 23
158.62.82.0/23 maxlen: 23
158.62.84.0/24 maxlen: 24
158.62.86.0/23 maxlen: 23
158.62.88.0/22 maxlen: 22
158.62.92.0/22 maxlen: 22
158.62.96.0/22 maxlen: 22
158.62.100.0/23 maxlen: 23
158.62.108.0/22 maxlen: 22
158.62.112.0/22 maxlen: 22
158.62.116.0/23 maxlen: 23
158.62.118.0/24 maxlen: 24
158.62.119.0/24 maxlen: 24
158.62.120.0/22 maxlen: 22
158.62.124.0/22 maxlen: 22
216.247.0.0/22 maxlen: 22
216.247.4.0/23 maxlen: 23
216.247.6.0/23 maxlen: 23
216.247.8.0/22 maxlen: 22
216.247.12.0/23 maxlen: 23
216.247.14.0/23 maxlen: 23
216.247.16.0/22 maxlen: 22
216.247.20.0/22 maxlen: 22
216.247.24.0/22 maxlen: 22
216.247.28.0/23 maxlen: 23
216.247.30.0/23 maxlen: 23
216.247.32.0/22 maxlen: 22
216.247.36.0/22 maxlen: 22
216.247.40.0/23 maxlen: 23
216.247.42.0/23 maxlen: 23
216.247.44.0/22 maxlen: 22
216.247.48.0/22 maxlen: 22
216.247.52.0/23 maxlen: 23
216.247.54.0/23 maxlen: 23
216.247.56.0/22 maxlen: 22
216.247.60.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/iX4CzNjrQDmng9AjecVf7p8M7lk.crl
rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/iX4CzNjrQDmng9AjecVf7p8M7lk.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iX4CzNjrQDmng9AjecVf7p8M7lk.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2215 (0x8a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9146207, serialNumber=897E02CCD8EB4039A783D02379C55FEE9F0CEE59
Validity
Not Before: Aug 4 16:24:33 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=69a46c30-890c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:3b:49:6b:81:20:58:ed:04:7b:f5:78:4f:49:
dc:5b:c2:80:be:63:a5:b9:b1:cf:2a:95:5a:6e:7a:
94:9f:e3:e8:aa:af:25:c6:5c:6a:da:2c:84:92:ce:
e6:17:13:7d:20:e4:b9:d7:1d:42:7e:ad:cf:e8:e7:
72:31:f3:89:8e:e4:c1:56:cb:b3:08:e4:3e:4d:0f:
a6:d0:ab:2b:7a:ef:82:f8:c6:ac:7c:ab:59:4e:92:
7c:cf:20:38:74:57:2f:3c:79:19:71:4d:60:3a:46:
1a:98:2c:f7:bc:0c:ea:d5:7f:db:af:a4:2b:1b:3a:
4b:5e:be:d6:d4:0a:48:43:fa:7d:a6:3d:b5:54:98:
8c:20:6c:5b:18:07:21:1b:cd:63:15:cd:b4:e2:d0:
29:c9:68:b2:2c:ee:6d:65:38:9b:50:a5:dc:98:43:
4d:84:b3:39:bd:a9:3c:9c:f5:de:7b:f4:db:19:3e:
f3:e3:94:d5:fe:03:44:b8:f7:00:0a:af:38:7a:83:
1c:04:e6:45:55:30:85:5d:12:0c:cf:5d:83:70:78:
07:a7:74:f0:2d:d2:27:c4:b9:5d:5e:d8:84:c2:84:
5d:bf:d5:8a:c0:b5:5c:e6:4c:05:b8:bb:6f:cc:55:
0c:55:be:b9:1a:69:aa:a9:85:a0:06:57:11:3a:26:
d9:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:20:64:A8:F7:89:65:9D:97:F1:80:80:8E:76:12:11:B9:5E:48:DF
X509v3 Authority Key Identifier:
keyid:89:7E:02:CC:D8:EB:40:39:A7:83:D0:23:79:C5:5F:EE:9F:0C:EE:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/iX4CzNjrQDmng9AjecVf7p8M7lk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iX4CzNjrQDmng9AjecVf7p8M7lk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/E19826A0EAA511EBA4C1F32CC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
64.224.96.0-64.224.143.255
138.84.80.0-138.84.109.255
138.84.116.0-138.84.125.255
158.62.0.0-158.62.11.255
158.62.16.0-158.62.27.255
158.62.32.0-158.62.43.255
158.62.48.0-158.62.57.255
158.62.62.0-158.62.84.255
158.62.86.0-158.62.101.255
158.62.108.0-158.62.127.255
216.247.0.0/18
Signature Algorithm: sha256WithRSAEncryption
53:90:fc:d1:09:2a:ab:4a:76:5e:1d:a4:6f:b2:e4:e6:fd:d7:
8f:42:6b:ce:c3:95:d0:e2:96:af:ba:c8:65:47:25:66:c0:c4:
5b:93:e9:e3:d2:2f:5d:e5:99:4e:a6:e8:5e:38:09:6d:c5:06:
6b:7d:a8:37:52:b5:28:79:78:42:45:d6:d1:18:02:24:bb:01:
cd:85:01:9c:9a:f0:25:26:67:e6:17:88:01:a4:44:52:27:39:
94:78:d4:26:b7:6f:21:29:8a:d0:ec:2b:07:59:bc:90:c1:8b:
de:b2:9d:dd:c1:6b:6c:cf:1c:12:a5:fa:8e:92:36:53:0b:7e:
d7:d9:59:99:b0:f6:8c:05:b9:d9:23:64:ec:d9:cf:84:e8:3c:
ad:31:47:ed:37:99:57:3c:1f:ed:f2:2b:8f:11:6e:23:15:a5:
1f:eb:a4:0a:69:ba:ad:80:e7:ad:bd:75:2d:b6:82:96:83:6a:
85:ff:49:41:26:1c:06:26:a4:96:dc:df:7d:d7:d8:bd:21:43:
3b:3e:02:51:7b:47:80:d2:a9:36:ca:f0:5e:b3:95:7f:f5:6c:
4c:ed:ea:8a:bb:34:89:eb:20:d9:5a:60:b1:7c:2a:93:76:2f:
9f:58:20:8f:9f:6c:f9:6c:03:43:5f:dc:16:38:0e:d0:b7:b7:
70:35:d9:e3
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgICCKcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDYyMDcxMTAvBgNVBAUTKDg5N0UwMkNDRDhFQjQwMzlBNzgzRDAyMzc5QzU1RkVF
OUYwQ0VFNTkwHhcNMjUwODA0MTYyNDMzWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NmMzMC04OTBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmjtJa4EgWO0Ee/V4T0ncW8KAvmOlubHPKpVabnqUn+Poqq8lxlxq2iyEks7m
FxN9IOS51x1Cfq3P6OdyMfOJjuTBVsuzCOQ+TQ+m0Ksreu+C+MasfKtZTpJ8zyA4
dFcvPHkZcU1gOkYamCz3vAzq1X/br6QrGzpLXr7W1ApIQ/p9pj21VJiMIGxbGAch
G81jFc204tApyWiyLO5tZTibUKXcmENNhLM5vak8nPXee/TbGT7z45TV/gNEuPcA
Cq84eoMcBOZFVTCFXRIMz12DcHgHp3TwLdInxLldXtiEwoRdv9WKwLVc5kwFuLtv
zFUMVb65GmmqqYWgBlcROibZwQIDAQABo4IC8DCCAuwwHQYDVR0OBBYEFFcgZKj3
iWWdl/GAgI52EhG5XkjfMB8GA1UdIwQYMBaAFIl+AszY60A5p4PQI3nFX+6fDO5Z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NjIwNy84QzY4QjlBMjA5
ODExMUVCOUQ0NjFCMzBDNEY5QUUwMi9pWDRDek5qclFEbW5nOUFqZWNWZjdwOE03
bGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lYNEN6TmpyUURtbmc5QWplY1ZmN3A4TTdsay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDYyMDcvOEM2OEI5QTIwOTgxMTFFQjlENDYxQjMwQzRGOUFFMDIvRTE5ODI2QTBF
QUE1MTFFQkE0QzFGMzJDQzRGOUFFMDIucm9hMIGuBggrBgEFBQcBBwEB/wSBnjCB
mzCBmAQCAAEwgZEwDAMEBUDgYAMEBEDggDAMAwQEilRQAwQBilRsMAwDBAKKVHQD
BAGKVHwwCwMDAZ4+AwQCnj4IMAwDBASePhADBAKePhgwDAMEBZ4+IAMEAp4+KDAM
AwQEnj4wAwQBnj44MAwDBAGePj4DBACePlQwDAMEAZ4+VgMEAZ4+ZDAMAwQCnj5s
AwQHnj4AAwQG2PcAMA0GCSqGSIb3DQEBCwUAA4IBAQBTkPzRCSqrSnZeHaRvsuTm
/dePQmvOw5XQ4pavushlRyVmwMRbk+nj0i9d5ZlOpuheOAltxQZrfag3UrUoeXhC
RdbRGAIkuwHNhQGcmvAlJmfmF4gBpERSJzmUeNQmt28hKYrQ7CsHWbyQwYvesp3d
wWtszxwSpfqOkjZTC37X2VmZsPaMBbnZI2Ts2c+E6DytMUftN5lXPB/t8iuPEW4j
FaUf66QKabqtgOetvXUttoKWg2qF/0lBJhwGJqSW3N9919i9IUM7PgJRe0eA0qk2
yvBes5V/9WxM7eqKuzSJ6yDZWmCxfCqTdi+fWCCPn2z5bANDX9wWOA7Qt7dwNdnj
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:22:09 2026 by rpki-client