Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9146B24/B473C4BE933011EE82308059C4F9AE02/5FDFEE6033CD11F18CFC5AA3AF833773.roa
File: 5FDFEE6033CD11F18CFC5AA3AF833773.roa (raw, json)
Hash identifier: hPRC5eKlupFjxAtp9eK2Lne1uh3zhXawnd3i0sfrxSI=
Subject key identifier: 74:48:94:53:9B:A7:2F:41:33:2D:0F:5E:B7:54:61:98:99:10:E0:0C
Certificate issuer: /CN=A9146B24/serialNumber=3918D80BCB702ECACF84CB7ACA880F878A14FE48
Certificate serial: 0211
Authority key identifier: 39:18:D8:0B:CB:70:2E:CA:CF:84:CB:7A:CA:88:0F:87:8A:14:FE:48
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ORjYC8twLsrPhMt6yogPh4oU_kg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9146B24/B473C4BE933011EE82308059C4F9AE02/5FDFEE6033CD11F18CFC5AA3AF833773.roa
Signing time: Thu 09 Apr 2026 04:34:19 +0000
ROA not before: Thu 09 Apr 2026 04:34:19 +0000
ROA not after: Sun 31 Jan 2027 00:00:00 +0000
asID: 55832
IP address blocks: 27.123.216.0/22 maxlen: 22
27.123.216.0/24 maxlen: 24
27.123.217.0/24 maxlen: 24
27.123.218.0/24 maxlen: 24
27.123.219.0/24 maxlen: 24
103.4.208.0/22 maxlen: 22
103.4.208.0/24 maxlen: 24
103.4.209.0/24 maxlen: 24
103.4.210.0/24 maxlen: 24
103.4.211.0/24 maxlen: 24
120.88.176.0/24 maxlen: 24
120.88.177.0/24 maxlen: 24
120.88.178.0/24 maxlen: 24
120.88.179.0/24 maxlen: 24
120.88.180.0/24 maxlen: 24
120.88.181.0/24 maxlen: 24
120.88.182.0/23 maxlen: 24
120.88.184.0/24 maxlen: 24
120.88.185.0/24 maxlen: 24
120.88.186.0/24 maxlen: 24
120.88.187.0/24 maxlen: 24
2407:2a00::/32 maxlen: 32
2407:2a00::/44 maxlen: 44
2407:2a00::/48 maxlen: 48
2407:2a00:1::/48 maxlen: 48
2407:2a00:2::/48 maxlen: 48
2407:2a00:3::/48 maxlen: 48
2407:2a00:4::/48 maxlen: 48
2407:2a00:5::/48 maxlen: 48
2407:2a00:6::/48 maxlen: 48
2407:2a00:7::/48 maxlen: 48
2407:2a00:8::/48 maxlen: 48
2407:2a00:10::/44 maxlen: 44
2407:2a00:20::/44 maxlen: 44
2407:2a00:30::/44 maxlen: 44
2407:2a00:40::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9146B24/B473C4BE933011EE82308059C4F9AE02/ORjYC8twLsrPhMt6yogPh4oU_kg.crl
rsync://rpki.apnic.net/member_repository/A9146B24/B473C4BE933011EE82308059C4F9AE02/ORjYC8twLsrPhMt6yogPh4oU_kg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ORjYC8twLsrPhMt6yogPh4oU_kg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 24 Apr 2026 03:36:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 529 (0x211)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9146B24, serialNumber=3918D80BCB702ECACF84CB7ACA880F878A14FE48
Validity
Not Before: Apr 9 04:34:19 2026 GMT
Not After : Jan 31 00:00:00 2027 GMT
Subject: CN=69d72c4b-d278
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ef:ea:d9:18:bd:c2:50:af:42:11:cb:62:23:
a9:ba:dc:6a:a5:92:26:89:cb:01:ff:b2:fd:92:bf:
01:91:86:48:24:be:c0:e2:0a:6e:8f:62:e2:71:34:
f2:13:1d:89:07:e8:21:88:2d:27:cb:9a:ec:55:2c:
e1:4f:73:9b:e5:fe:09:6a:bb:45:62:7c:99:a4:64:
a8:fa:b4:52:e9:b1:e0:6f:53:1a:86:e1:a5:b9:ce:
78:f5:83:25:35:a1:9b:6e:f7:e3:e2:d9:2a:20:4f:
4e:07:ae:3b:16:ee:a9:9f:95:c5:ea:16:7d:04:ea:
04:a1:96:8d:69:43:00:22:26:4b:87:62:f9:dd:8c:
6d:08:78:3f:17:b7:86:b0:5c:8e:68:9b:9c:49:69:
ef:f3:ba:93:72:69:fa:9a:7d:37:8d:23:bf:41:54:
54:0f:c1:9c:e3:28:d8:09:2a:fe:2c:40:36:2c:71:
4a:3e:bb:a3:31:8f:69:b5:1e:b2:e2:f8:d4:47:19:
a1:99:d6:a6:01:97:cd:78:7e:c8:7f:73:9f:60:30:
39:c2:08:e5:fa:8e:ae:d8:ef:90:2e:22:22:d3:72:
f6:44:5d:ae:71:b4:14:ea:d5:d7:8f:66:f8:f8:61:
d8:48:97:01:61:69:d3:64:c6:9e:c0:cd:d5:b5:23:
b0:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:48:94:53:9B:A7:2F:41:33:2D:0F:5E:B7:54:61:98:99:10:E0:0C
X509v3 Authority Key Identifier:
keyid:39:18:D8:0B:CB:70:2E:CA:CF:84:CB:7A:CA:88:0F:87:8A:14:FE:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9146B24/B473C4BE933011EE82308059C4F9AE02/ORjYC8twLsrPhMt6yogPh4oU_kg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ORjYC8twLsrPhMt6yogPh4oU_kg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146B24/B473C4BE933011EE82308059C4F9AE02/5FDFEE6033CD11F18CFC5AA3AF833773.roa
sbgp-ipAddrBlock: critical
IPv4:
27.123.216.0/22
103.4.208.0/22
120.88.176.0-120.88.187.255
IPv6:
2407:2a00::/32
Signature Algorithm: sha256WithRSAEncryption
41:a7:b1:4e:e0:30:c1:fd:0f:4c:c6:93:a0:1a:a9:a3:fb:4e:
07:66:5a:44:2e:7a:6b:7a:3d:66:1c:35:ab:96:07:5a:af:36:
89:fc:b3:a1:6b:4a:04:96:92:92:a8:ff:8c:5f:ac:7e:64:ff:
85:d7:5d:bc:84:39:e1:53:4c:ec:e6:30:51:a2:57:c2:17:5b:
3a:bd:2b:fc:8b:0c:b8:23:75:99:b7:69:d0:8d:81:66:54:d9:
73:cf:64:0b:89:79:e6:25:4b:9d:3d:5e:a4:ad:48:ef:d8:c0:
f1:a9:d5:af:6f:e6:9e:af:d9:fc:eb:3e:b0:79:86:18:23:c8:
fc:8a:f6:d0:b2:d8:5f:03:72:61:16:16:18:68:b7:69:ff:9f:
a7:4f:c5:3b:21:c2:a4:cb:a2:7b:40:0b:67:4d:c4:50:a8:e7:
18:57:4b:3d:1c:8b:03:a7:61:99:11:c9:9c:b2:b0:d6:5e:bd:
25:05:97:a8:d8:76:24:92:0d:64:d4:0e:3f:1e:0e:53:8d:87:
ca:79:f7:27:b9:e9:3f:07:93:0f:a5:a1:84:03:7d:84:33:fb:
90:20:63:fa:a1:bd:77:ac:1e:66:4d:89:ea:ba:aa:76:d7:b6:
3b:34:a0:4f:93:e0:a3:fd:0a:3a:c9:f2:a2:bd:11:64:89:7c:
c1:fa:af:53
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgICAhEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDZCMjQxMTAvBgNVBAUTKDM5MThEODBCQ0I3MDJFQ0FDRjg0Q0I3QUNBODgwRjg3
OEExNEZFNDgwHhcNMjYwNDA5MDQzNDE5WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWQ3MmM0Yi1kMjc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAku/q2Ri9wlCvQhHLYiOputxqpZImicsB/7L9kr8BkYZIJL7A4gpuj2LicTTy
Ex2JB+ghiC0ny5rsVSzhT3Ob5f4JartFYnyZpGSo+rRS6bHgb1MahuGluc549YMl
NaGbbvfj4tkqIE9OB647Fu6pn5XF6hZ9BOoEoZaNaUMAIiZLh2L53YxtCHg/F7eG
sFyOaJucSWnv87qTcmn6mn03jSO/QVRUD8Gc4yjYCSr+LEA2LHFKPrujMY9ptR6y
4vjURxmhmdamAZfNeH7If3OfYDA5wgjl+o6u2O+QLiIi03L2RF2ucbQU6tXXj2b4
+GHYSJcBYWnTZMaewM3VtSOwbQIDAQABo4ICgzCCAn8wHQYDVR0OBBYEFHRIlFOb
py9BMy0PXrdUYZiZEOAMMB8GA1UdIwQYMBaAFDkY2AvLcC7Kz4TLesqID4eKFP5I
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NkIyNC9CNDczQzRCRTkz
MzAxMUVFODIzMDgwNTlDNEY5QUUwMi9PUmpZQzh0d0xzclBoTXQ2eW9nUGg0b1Vf
a2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09SallDOHR3THNyUGhNdDZ5b2dQaDRvVV9rZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDZCMjQvQjQ3M0M0QkU5MzMwMTFFRTgyMzA4MDU5QzRGOUFFMDIvNUZERkVFNjAz
M0NEMTFGMThDRkM1QUEzQUY4MzM3NzMucm9hMEIGCCsGAQUFBwEHAQH/BDMwMTAg
BAIAATAaAwQCG3vYAwQCZwTQMAwDBAR4WLADBAJ4WLgwDQQCAAIwBwMFACQHKgAw
DQYJKoZIhvcNAQELBQADggEBAEGnsU7gMMH9D0zGk6AaqaP7TgdmWkQuemt6PWYc
NauWB1qvNon8s6FrSgSWkpKo/4xfrH5k/4XXXbyEOeFTTOzmMFGiV8IXWzq9K/yL
DLgjdZm3adCNgWZU2XPPZAuJeeYlS509XqStSO/YwPGp1a9v5p6v2fzrPrB5hhgj
yPyK9tCy2F8DcmEWFhhot2n/n6dPxTshwqTLontAC2dNxFCo5xhXSz0ciwOnYZkR
yZyysNZevSUFl6jYdiSSDWTUDj8eDlONh8p59ye56T8Hkw+loYQDfYQz+5AgY/qh
vXesHmZNieq6qnbXtjs0oE+T4KP9CjrJ8qK9EWSJfMH6r1M=
-----END CERTIFICATE-----
Generated at Fri Apr 17 21:07:26 2026 by rpki-client