Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/4CBCEB321FBE11EF97E7974FC4F9AE02.roa
File: 4CBCEB321FBE11EF97E7974FC4F9AE02.roa (raw, json)
Hash identifier: gXhaJnynENVEuNQLiabxnQm1o0GqjC1uZuFJBEwnSDE=
Subject key identifier: 32:B6:81:3A:FD:3C:67:F8:88:65:41:E1:A5:6D:D7:F6:B7:78:90:B4
Certificate issuer: /CN=A9148D01/serialNumber=7E36AB1C044321B74CF678263E0524FD34179BBD
Certificate serial: 075F
Authority key identifier: 7E:36:AB:1C:04:43:21:B7:4C:F6:78:26:3E:05:24:FD:34:17:9B:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjarHARDIbdM9ngmPgUk_TQXm70.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/4CBCEB321FBE11EF97E7974FC4F9AE02.roa
Signing time: Sun 01 Mar 2026 14:56:52 +0000
ROA not before: Wed 14 May 2025 23:12:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 134540
IP address blocks: 49.248.98.0/23 maxlen: 24
49.248.100.0/22 maxlen: 24
49.248.127.0/24 maxlen: 24
49.248.128.0/24 maxlen: 24
49.248.130.0/24 maxlen: 24
49.248.131.0/24 maxlen: 24
49.248.132.0/24 maxlen: 24
49.248.133.0/24 maxlen: 24
49.248.134.0/24 maxlen: 24
49.248.136.0/24 maxlen: 24
49.248.137.0/24 maxlen: 24
49.248.150.0/24 maxlen: 24
114.143.2.0/24 maxlen: 24
114.143.4.0/23 maxlen: 23
114.143.8.0/24 maxlen: 24
114.143.10.0/24 maxlen: 24
114.143.11.0/24 maxlen: 24
114.143.12.0/24 maxlen: 24
114.143.15.0/24 maxlen: 24
114.143.18.0/24 maxlen: 24
114.143.19.0/24 maxlen: 24
114.143.21.0/24 maxlen: 24
114.143.22.0/24 maxlen: 24
114.143.24.0/24 maxlen: 24
114.143.28.0/24 maxlen: 24
114.143.29.0/24 maxlen: 24
114.143.32.0/21 maxlen: 24
114.143.80.0/20 maxlen: 20
114.143.96.0/24 maxlen: 24
114.143.97.0/24 maxlen: 24
114.143.196.0/24 maxlen: 24
123.252.128.0/24 maxlen: 24
123.252.129.0/24 maxlen: 24
123.252.130.0/24 maxlen: 24
123.252.132.0/24 maxlen: 24
123.252.139.0/24 maxlen: 24
123.252.141.0/24 maxlen: 24
123.252.142.0/24 maxlen: 24
123.252.143.0/24 maxlen: 24
123.252.144.0/24 maxlen: 24
123.252.145.0/24 maxlen: 24
123.252.150.0/24 maxlen: 24
123.252.152.0/24 maxlen: 24
123.252.153.0/24 maxlen: 24
123.252.154.0/24 maxlen: 24
123.252.155.0/24 maxlen: 24
123.252.156.0/24 maxlen: 24
123.252.157.0/24 maxlen: 24
123.252.158.0/24 maxlen: 24
123.252.159.0/24 maxlen: 24
123.252.160.0/24 maxlen: 24
123.252.162.0/24 maxlen: 24
123.252.164.0/24 maxlen: 24
123.252.166.0/24 maxlen: 24
123.252.167.0/24 maxlen: 24
123.252.168.0/24 maxlen: 24
123.252.169.0/24 maxlen: 24
123.252.172.0/24 maxlen: 24
123.252.177.0/24 maxlen: 24
123.252.178.0/24 maxlen: 24
123.252.179.0/24 maxlen: 24
123.252.180.0/24 maxlen: 24
123.252.182.0/24 maxlen: 24
123.252.183.0/24 maxlen: 24
123.252.184.0/24 maxlen: 24
123.252.185.0/24 maxlen: 24
123.252.186.0/24 maxlen: 24
123.252.187.0/24 maxlen: 24
123.252.192.0/24 maxlen: 24
123.252.196.0/24 maxlen: 24
123.252.198.0/24 maxlen: 24
123.252.199.0/24 maxlen: 24
123.252.202.0/24 maxlen: 24
123.252.207.0/24 maxlen: 24
123.252.212.0/22 maxlen: 24
123.252.216.0/24 maxlen: 24
123.252.221.0/24 maxlen: 24
123.252.223.0/24 maxlen: 24
123.252.224.0/21 maxlen: 24
123.252.234.0/24 maxlen: 24
123.252.237.0/24 maxlen: 24
123.252.239.0/24 maxlen: 24
123.252.240.0/22 maxlen: 22
123.252.245.0/24 maxlen: 24
123.252.246.0/24 maxlen: 24
123.252.248.0/24 maxlen: 24
123.252.254.0/24 maxlen: 24
202.149.194.0/24 maxlen: 24
202.149.195.0/24 maxlen: 24
202.149.197.0/24 maxlen: 24
202.149.200.0/24 maxlen: 24
202.149.211.0/24 maxlen: 24
202.149.212.0/24 maxlen: 24
202.149.213.0/24 maxlen: 24
202.149.215.0/24 maxlen: 24
202.149.216.0/24 maxlen: 24
202.189.225.0/24 maxlen: 24
202.189.229.0/24 maxlen: 24
202.189.230.0/24 maxlen: 24
202.189.231.0/24 maxlen: 24
202.189.232.0/24 maxlen: 24
202.189.233.0/24 maxlen: 24
202.189.234.0/24 maxlen: 24
202.189.236.0/24 maxlen: 24
202.189.237.0/24 maxlen: 24
202.189.238.0/24 maxlen: 24
202.189.240.0/24 maxlen: 24
202.189.241.0/24 maxlen: 24
202.189.242.0/24 maxlen: 24
202.189.244.0/24 maxlen: 24
202.189.245.0/24 maxlen: 24
202.189.247.0/24 maxlen: 24
202.189.250.0/24 maxlen: 24
202.189.251.0/24 maxlen: 24
202.189.252.0/24 maxlen: 24
202.189.253.0/24 maxlen: 24
202.189.254.0/24 maxlen: 24
2402:d400:a1::/48 maxlen: 51
2402:d400:a2::/48 maxlen: 51
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/fjarHARDIbdM9ngmPgUk_TQXm70.crl
rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/fjarHARDIbdM9ngmPgUk_TQXm70.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjarHARDIbdM9ngmPgUk_TQXm70.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:39:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1887 (0x75f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9148D01, serialNumber=7E36AB1C044321B74CF678263E0524FD34179BBD
Validity
Not Before: May 14 23:12:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a453b4-9685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:95:86:01:9f:0f:7b:42:de:75:aa:10:f0:71:
20:2f:53:f1:0f:ae:19:37:40:ec:08:88:b7:18:f8:
f3:d0:d7:ed:82:96:d5:61:ac:cd:6b:8a:a5:03:c6:
c7:3e:fd:95:21:fe:62:50:a2:03:3f:66:8e:3d:3a:
fb:99:33:33:b7:08:85:a9:bd:4f:a4:5d:fb:fb:a0:
ee:e8:ef:47:12:94:25:4e:a4:00:1a:4b:b2:02:70:
05:d4:02:9e:c7:25:06:f4:e0:bc:e9:c4:78:cd:fd:
29:4b:3e:55:1c:c4:61:e7:b9:cf:99:3a:3e:a3:07:
91:a8:b6:6c:69:04:e5:fa:cd:c0:6d:8e:f1:c3:80:
66:f6:2c:61:fb:4a:25:bd:b4:ea:78:dc:61:af:6f:
70:b0:80:b0:49:57:a3:37:64:e1:d6:2e:f0:8c:2d:
67:51:21:ef:5b:9e:02:fc:c5:b4:2d:c6:05:62:a7:
a5:64:c3:85:73:2d:5e:97:5f:c5:9a:7a:ff:b8:bf:
57:a2:8f:e3:df:b7:ec:d7:03:d0:19:ef:c6:74:09:
b3:a9:fc:7b:f6:03:6c:f1:07:d6:50:c2:6b:94:b0:
ac:70:26:82:fd:7f:ef:44:87:d9:fe:6f:55:9b:e6:
b6:2a:f9:52:76:56:10:bc:42:9f:23:69:30:2f:d6:
30:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:B6:81:3A:FD:3C:67:F8:88:65:41:E1:A5:6D:D7:F6:B7:78:90:B4
X509v3 Authority Key Identifier:
keyid:7E:36:AB:1C:04:43:21:B7:4C:F6:78:26:3E:05:24:FD:34:17:9B:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/fjarHARDIbdM9ngmPgUk_TQXm70.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjarHARDIbdM9ngmPgUk_TQXm70.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/4CBCEB321FBE11EF97E7974FC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
49.248.98.0-49.248.103.255
49.248.127.0-49.248.128.255
49.248.130.0-49.248.134.255
49.248.136.0/23
49.248.150.0/24
114.143.2.0/24
114.143.4.0/23
114.143.8.0/24
114.143.10.0-114.143.12.255
114.143.15.0/24
114.143.18.0/23
114.143.21.0-114.143.22.255
114.143.24.0/24
114.143.28.0/23
114.143.32.0/21
114.143.80.0-114.143.97.255
114.143.196.0/24
123.252.128.0-123.252.130.255
123.252.132.0/24
123.252.139.0/24
123.252.141.0-123.252.145.255
123.252.150.0/24
123.252.152.0-123.252.160.255
123.252.162.0/24
123.252.164.0/24
123.252.166.0-123.252.169.255
123.252.172.0/24
123.252.177.0-123.252.180.255
123.252.182.0-123.252.187.255
123.252.192.0/24
123.252.196.0/24
123.252.198.0/23
123.252.202.0/24
123.252.207.0/24
123.252.212.0-123.252.216.255
123.252.221.0/24
123.252.223.0-123.252.231.255
123.252.234.0/24
123.252.237.0/24
123.252.239.0-123.252.243.255
123.252.245.0-123.252.246.255
123.252.248.0/24
123.252.254.0/24
202.149.194.0/23
202.149.197.0/24
202.149.200.0/24
202.149.211.0-202.149.213.255
202.149.215.0-202.149.216.255
202.189.225.0/24
202.189.229.0-202.189.234.255
202.189.236.0-202.189.238.255
202.189.240.0-202.189.242.255
202.189.244.0/23
202.189.247.0/24
202.189.250.0-202.189.254.255
IPv6:
2402:d400:a1::-2402:d400:a2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
97:5f:f0:cb:55:5d:d1:24:27:60:15:a0:27:cf:e1:4e:ff:0b:
e0:2a:1f:90:89:dc:79:1e:d0:35:ca:7c:52:83:a8:b7:ab:39:
4b:17:65:92:be:a4:28:d5:78:aa:a0:77:e7:e1:09:4a:e5:dc:
18:c8:bc:e8:36:d9:db:3a:1a:f3:cc:78:c0:2b:da:13:f1:d5:
e4:34:61:ae:74:69:d7:13:30:00:ab:10:de:4c:76:59:49:5c:
0d:b1:81:f9:67:63:5f:fb:3d:84:4d:62:90:73:1c:d5:c9:88:
6d:d0:d0:0c:c2:7e:c7:86:dd:1d:52:a3:24:b3:56:ff:1a:6f:
6e:98:cc:34:82:3d:df:d9:f4:b7:49:d2:3c:34:61:de:9e:4c:
f4:38:35:98:33:8d:b7:4c:85:81:a9:8c:e5:fb:bc:c7:8c:35:
87:4b:e3:f7:fb:25:25:3c:8b:e6:44:d0:32:ab:02:44:f2:ad:
cb:ba:98:fc:73:38:08:8d:d5:2e:a7:cb:32:c9:8a:69:85:1c:
8f:cd:53:07:52:3c:56:bb:0a:9b:9d:fb:30:4d:49:41:c0:ae:
ef:8d:f5:03:b6:25:ca:7a:b3:c6:7c:1e:6c:bb:0b:a9:0e:a7:
21:b3:fa:22:16:47:15:54:0d:42:1d:5a:e8:b8:6b:48:5b:ac:
df:db:9d:44
-----BEGIN CERTIFICATE-----
MIIHVjCCBj6gAwIBAgICB18wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDhEMDExMTAvBgNVBAUTKDdFMzZBQjFDMDQ0MzIxQjc0Q0Y2NzgyNjNFMDUyNEZE
MzQxNzlCQkQwHhcNMjUwNTE0MjMxMjA5WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NTNiNC05Njg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuJWGAZ8Pe0LedaoQ8HEgL1PxD64ZN0DsCIi3GPjz0NftgpbVYazNa4qlA8bH
Pv2VIf5iUKIDP2aOPTr7mTMztwiFqb1PpF37+6Du6O9HEpQlTqQAGkuyAnAF1AKe
xyUG9OC86cR4zf0pSz5VHMRh57nPmTo+oweRqLZsaQTl+s3AbY7xw4Bm9ixh+0ol
vbTqeNxhr29wsICwSVejN2Th1i7wjC1nUSHvW54C/MW0LcYFYqelZMOFcy1el1/F
mnr/uL9Xoo/j37fs1wPQGe/GdAmzqfx79gNs8QfWUMJrlLCscCaC/X/vRIfZ/m9V
m+a2KvlSdlYQvEKfI2kwL9YwAQIDAQABo4IEejCCBHYwHQYDVR0OBBYEFDK2gTr9
PGf4iGVB4aVt1/a3eJC0MB8GA1UdIwQYMBaAFH42qxwEQyG3TPZ4Jj4FJP00F5u9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEQwMS9FOTI1MTlGQTk5
MEIxMUVCQTM1NUNCNTNDNEY5QUUwMi9mamFySEFSREliZE05bmdtUGdVa19UUVht
NzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZqYXJIQVJESWJkTTluZ21QZ1VrX1RRWG03MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDhEMDEvRTkyNTE5RkE5OTBCMTFFQkEzNTVDQjUzQzRGOUFFMDIvNENCQ0VCMzIx
RkJFMTFFRjk3RTc5NzRGQzRGOUFFMDIucm9hMIICNwYIKwYBBQUHAQcBAf8EggIm
MIICIjCCAgIEAgABMIIB+jAMAwQBMfhiAwQDMfhgMAwDBAAx+H8DBAAx+IAwDAME
ATH4ggMEADH4hgMEATH4iAMEADH4lgMEAHKPAgMEAXKPBAMEAHKPCDAMAwQBco8K
AwQAco8MAwQAco8PAwQBco8SMAwDBAByjxUDBAByjxYDBAByjxgDBAFyjxwDBANy
jyAwDAMEBHKPUAMEAXKPYAMEAHKPxDAMAwQHe/yAAwQAe/yCAwQAe/yEAwQAe/yL
MAwDBAB7/I0DBAF7/JADBAB7/JYwDAMEA3v8mAMEAHv8oAMEAHv8ogMEAHv8pDAM
AwQBe/ymAwQBe/yoAwQAe/ysMAwDBAB7/LEDBAB7/LQwDAMEAXv8tgMEAnv8uAME
AHv8wAMEAHv8xAMEAXv8xgMEAHv8ygMEAHv8zzAMAwQCe/zUAwQAe/zYAwQAe/zd
MAwDBAB7/N8DBAN7/OADBAB7/OoDBAB7/O0wDAMEAHv87wMEAnv88DAMAwQAe/z1
AwQAe/z2AwQAe/z4AwQAe/z+AwQBypXCAwQAypXFAwQAypXIMAwDBADKldMDBAHK
ldQwDAMEAMqV1wMEAMqV2AMEAMq94TAMAwQAyr3lAwQAyr3qMAwDBALKvewDBADK
ve4wDAMEBMq98AMEAMq98gMEAcq99AMEAMq99zAMAwQByr36AwQAyr3+MBoEAgAC
MBQwEgMHACQC1AAAoQMHACQC1AAAojANBgkqhkiG9w0BAQsFAAOCAQEAl1/wy1Vd
0SQnYBWgJ8/hTv8L4CofkInceR7QNcp8UoOot6s5Sxdlkr6kKNV4qqB35+EJSuXc
GMi86DbZ2zoa88x4wCvaE/HV5DRhrnRp1xMwAKsQ3kx2WUlcDbGB+WdjX/s9hE1i
kHMc1cmIbdDQDMJ+x4bdHVKjJLNW/xpvbpjMNII939n0t0nSPDRh3p5M9Dg1mDON
t0yFgamM5fu8x4w1h0vj9/slJTyL5kTQMqsCRPKty7qY/HM4CI3VLqfLMsmKaYUc
j81TB1I8VrsKm537ME1JQcCu7431A7YlynqzxnwebLsLqQ6nIbP6IhZHFVQNQh1a
6LhrSFus39udRA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:55:29 2026 by rpki-client