Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/7165DB28E2C911EF8A1C1514C4F9AE02.roa
File: 7165DB28E2C911EF8A1C1514C4F9AE02.roa (raw, json)
Hash identifier: pcuAAC+IUpsYuzJSHTVcRBBHLD10GWUF30W0iZ2kHRM=
Subject key identifier: D5:A9:2C:74:1F:66:2F:56:F1:39:E6:29:02:E7:21:D0:C0:85:A3:99
Certificate issuer: /CN=A9148C7B/serialNumber=17577F1E92EB33B2CDE6E489C0B9A99A2E02FDA3
Certificate serial: 35AD
Authority key identifier: 17:57:7F:1E:92:EB:33:B2:CD:E6:E4:89:C0:B9:A9:9A:2E:02:FD:A3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/7165DB28E2C911EF8A1C1514C4F9AE02.roa
Signing time: Sun 01 Mar 2026 16:21:22 +0000
ROA not before: Thu 16 Oct 2025 15:20:53 +0000
ROA not after: Wed 30 Dec 2026 00:00:00 +0000
asID: 138322
IP address blocks: 43.250.136.0/24 maxlen: 24
43.250.138.0/24 maxlen: 24
61.5.193.0/24 maxlen: 24
61.5.196.0/22 maxlen: 22
61.5.196.0/24 maxlen: 24
61.5.198.0/24 maxlen: 24
61.5.199.0/24 maxlen: 24
61.5.200.0/22 maxlen: 22
61.5.201.0/24 maxlen: 24
61.5.204.0/24 maxlen: 24
103.42.0.0/24 maxlen: 24
103.42.1.0/24 maxlen: 24
119.59.80.0/21 maxlen: 21
119.59.80.0/24 maxlen: 24
119.59.81.0/24 maxlen: 24
119.59.82.0/23 maxlen: 23
119.59.82.0/24 maxlen: 24
119.59.84.0/22 maxlen: 22
121.100.53.0/24 maxlen: 24
2400:e500::/48 maxlen: 48
2400:e500:2::/48 maxlen: 48
2400:e500:2f::/48 maxlen: 48
2400:e500:35::/48 maxlen: 48
2400:e500:36::/48 maxlen: 48
2400:e500:37::/48 maxlen: 48
2400:e500:38::/48 maxlen: 48
2400:e500:39::/48 maxlen: 48
2400:e500:3a::/48 maxlen: 48
2400:e500:3b::/48 maxlen: 48
2400:e500:3e::/48 maxlen: 48
2400:e500:90::/48 maxlen: 48
2400:e500:100::/40 maxlen: 40
2400:e501::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.crl
rsync://rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 02:46:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13741 (0x35ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9148C7B, serialNumber=17577F1E92EB33B2CDE6E489C0B9A99A2E02FDA3
Validity
Not Before: Oct 16 15:20:53 2025 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=69a46782-c91b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b5:56:54:61:f2:2a:5d:cd:b6:2a:45:6d:70:
fe:08:d5:ab:5a:63:db:f8:13:bd:0a:e7:a4:6b:7f:
60:b0:88:26:97:10:4b:91:08:4a:60:ee:46:a7:11:
5d:53:97:25:16:1a:0a:9c:d0:3b:db:a3:ea:58:31:
d2:1b:17:17:ad:8f:81:c0:69:1a:32:bc:23:00:0a:
6c:b7:da:7c:f6:45:03:36:94:16:b8:94:a9:a2:b3:
6c:2d:a3:f0:86:3d:6a:4c:d0:f8:50:5b:8e:68:95:
40:ee:35:3e:bb:17:e5:e4:0d:cc:13:17:d0:d7:34:
bd:7c:bc:82:ab:1f:fb:9e:d5:d2:95:7a:37:3d:16:
22:dd:21:04:a6:d2:1a:e1:2c:42:af:10:ef:86:ee:
c2:d6:a4:5c:fe:07:58:5e:7b:03:c4:ff:9c:aa:14:
3c:68:ad:d7:a0:4b:97:77:70:e4:79:d5:8b:be:bf:
df:c6:d9:b0:f0:b9:17:a4:26:01:a2:63:06:42:95:
cc:65:3e:5b:8e:22:76:6f:3d:d7:d5:0f:f7:f6:ea:
33:f6:2b:d7:4f:6b:2e:ae:4a:4c:40:5f:d6:74:e7:
78:70:d9:95:66:3f:aa:23:cb:3d:e4:ef:32:3e:ba:
73:bc:46:e9:0d:88:c7:aa:38:10:ee:93:50:67:ae:
33:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:A9:2C:74:1F:66:2F:56:F1:39:E6:29:02:E7:21:D0:C0:85:A3:99
X509v3 Authority Key Identifier:
keyid:17:57:7F:1E:92:EB:33:B2:CD:E6:E4:89:C0:B9:A9:9A:2E:02:FD:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/7165DB28E2C911EF8A1C1514C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.250.136.0/24
43.250.138.0/24
61.5.193.0/24
61.5.196.0-61.5.204.255
103.42.0.0/23
119.59.80.0/21
121.100.53.0/24
IPv6:
2400:e500::/48
2400:e500:2::/48
2400:e500:2f::/48
2400:e500:35::-2400:e500:3b:ffff:ffff:ffff:ffff:ffff
2400:e500:3e::/48
2400:e500:90::/48
2400:e500:100::/40
2400:e501::/32
Signature Algorithm: sha256WithRSAEncryption
2a:01:fc:d2:bb:72:8f:06:9a:d3:53:67:72:a9:f6:4c:e2:72:
43:fa:46:f6:5d:94:9c:59:d0:84:fc:53:74:68:e6:9c:e8:74:
e0:19:94:43:2a:2f:45:95:e9:43:18:88:12:dd:9a:ce:c0:45:
00:fb:15:28:dd:bc:0a:24:6b:c5:de:2e:79:90:ca:e7:cd:8c:
2f:a4:aa:84:44:0f:b2:9d:ca:58:00:a2:dc:01:35:81:05:f8:
c3:0a:84:19:2f:ea:06:a4:de:50:87:2f:a3:f2:68:41:5b:7f:
02:97:eb:10:0c:ba:72:37:b3:ef:70:06:4b:9a:f3:6a:09:9b:
7e:07:dc:84:27:0a:a2:10:7a:c4:d0:88:4f:2c:fa:d9:d4:8b:
ce:51:78:9f:55:d2:49:27:1e:dd:6e:20:e3:78:84:d3:4f:8c:
a6:1c:0f:d1:5f:e0:b9:d7:a7:f7:65:b1:ac:43:c4:15:75:8f:
ca:06:67:4d:ec:06:a9:0a:72:60:1c:22:b4:45:67:18:02:5f:
e4:ef:93:08:5b:71:36:cb:7c:da:fe:6c:8a:bc:2a:ab:a3:0b:
38:2a:44:00:62:39:41:ab:f5:b3:3f:09:eb:50:f4:70:74:0e:
10:e9:24:d4:17:04:2a:b3:db:8c:f7:f9:51:da:98:e8:35:08:
3a:56:c8:f0
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgICNa0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDhDN0IxMTAvBgNVBAUTKDE3NTc3RjFFOTJFQjMzQjJDREU2RTQ4OUMwQjlBOTlB
MkUwMkZEQTMwHhcNMjUxMDE2MTUyMDUzWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0Njc4Mi1jOTFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvrVWVGHyKl3NtipFbXD+CNWrWmPb+BO9Cueka39gsIgmlxBLkQhKYO5GpxFd
U5clFhoKnNA726PqWDHSGxcXrY+BwGkaMrwjAApst9p89kUDNpQWuJSporNsLaPw
hj1qTND4UFuOaJVA7jU+uxfl5A3MExfQ1zS9fLyCqx/7ntXSlXo3PRYi3SEEptIa
4SxCrxDvhu7C1qRc/gdYXnsDxP+cqhQ8aK3XoEuXd3DkedWLvr/fxtmw8LkXpCYB
omMGQpXMZT5bjiJ2bz3X1Q/39uoz9ivXT2surkpMQF/WdOd4cNmVZj+qI8s95O8y
PrpzvEbpDYjHqjgQ7pNQZ64z9wIDAQABo4IC5zCCAuMwHQYDVR0OBBYEFNWpLHQf
Zi9W8TnmKQLnIdDAhaOZMB8GA1UdIwQYMBaAFBdXfx6S6zOyzebkicC5qZouAv2j
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEM3Qi82NzUyMDhBRTFE
OTMxMUUyQkNCREU1RjYwOEIwMkNEMi9GMWRfSHBMck03TE41dVNKd0xtcG1pNENf
YU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0YxZF9IcExyTTdMTjV1U0p3TG1wbWk0Q19hTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDhDN0IvNjc1MjA4QUUxRDkzMTFFMkJDQkRFNUY2MDhCMDJDRDIvNzE2NURCMjhF
MkM5MTFFRjhBMUMxNTE0QzRGOUFFMDIucm9hMIGlBggrBgEFBQcBBwEB/wSBlTCB
kjA4BAIAATAyAwQAK/qIAwQAK/qKAwQAPQXBMAwDBAI9BcQDBAA9BcwDBAFnKgAD
BAN3O1ADBAB5ZDUwVgQCAAIwUAMHACQA5QAAAAMHACQA5QAAAgMHACQA5QAALzAS
AwcAJADlAAA1AwcCJADlAAA4AwcAJADlAAA+AwcAJADlAACQAwYAJADlAAEDBQAk
AOUBMA0GCSqGSIb3DQEBCwUAA4IBAQAqAfzSu3KPBprTU2dyqfZM4nJD+kb2XZSc
WdCE/FN0aOac6HTgGZRDKi9FlelDGIgS3ZrOwEUA+xUo3bwKJGvF3i55kMrnzYwv
pKqERA+yncpYAKLcATWBBfjDCoQZL+oGpN5Qhy+j8mhBW38Cl+sQDLpyN7PvcAZL
mvNqCZt+B9yEJwqiEHrE0IhPLPrZ1IvOUXifVdJJJx7dbiDjeITTT4ymHA/RX+C5
16f3ZbGsQ8QVdY/KBmdN7AapCnJgHCK0RWcYAl/k75MIW3E2y3za/myKvCqrows4
KkQAYjlBq/WzPwnrUPRwdA4Q6STUFwQqs9uM9/lR2pjoNQg6Vsjw
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:25:55 2026 by rpki-client