Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9149F3E/9A85BB501D8211E2BC6417D708B02CD2/6D188172BF5C11F098B79354C4F9AE02.roa
File: 6D188172BF5C11F098B79354C4F9AE02.roa (raw, json)
Hash identifier: ylTDDWhoDCYbcojJAKclLssIhT1ZiJ6CbE3tkJEsYzs=
Subject key identifier: 3F:11:CF:7E:C5:F0:E4:8D:C3:FD:32:28:E7:17:0A:F3:53:A4:E3:CA
Certificate issuer: /CN=A9149F3E/serialNumber=BF0E6F4EE0E17DDE8C4A24BF897D19B87AA5759F
Certificate serial: 35B3
Authority key identifier: BF:0E:6F:4E:E0:E1:7D:DE:8C:4A:24:BF:89:7D:19:B8:7A:A5:75:9F
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vw5vTuDhfd6MSiS_iX0ZuHqldZ8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9149F3E/9A85BB501D8211E2BC6417D708B02CD2/6D188172BF5C11F098B79354C4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:40:47 +0000
ROA not before: Thu 29 Jan 2026 04:11:47 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 17579
IP address blocks: 134.75.15.0/24 maxlen: 24
134.75.16.0/24 maxlen: 24
134.75.101.0/24 maxlen: 24
134.75.102.0/24 maxlen: 24
134.75.103.0/24 maxlen: 24
134.75.105.0/24 maxlen: 24
134.75.107.0/24 maxlen: 24
134.75.108.0/24 maxlen: 24
134.75.123.0/24 maxlen: 24
134.75.124.0/24 maxlen: 24
134.75.125.0/24 maxlen: 24
134.75.126.0/24 maxlen: 24
134.75.127.0/24 maxlen: 24
134.75.128.0/24 maxlen: 24
134.75.129.0/24 maxlen: 24
134.75.130.0/24 maxlen: 24
134.75.131.0/24 maxlen: 24
134.75.132.0/24 maxlen: 24
134.75.200.0/24 maxlen: 24
134.75.203.0/24 maxlen: 24
134.75.207.0/24 maxlen: 24
134.75.252.0/24 maxlen: 24
134.75.253.0/24 maxlen: 24
134.75.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9149F3E/9A85BB501D8211E2BC6417D708B02CD2/vw5vTuDhfd6MSiS_iX0ZuHqldZ8.crl
rsync://rpki.apnic.net/member_repository/A9149F3E/9A85BB501D8211E2BC6417D708B02CD2/vw5vTuDhfd6MSiS_iX0ZuHqldZ8.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vw5vTuDhfd6MSiS_iX0ZuHqldZ8.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 23:43:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13747 (0x35b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9149F3E, serialNumber=BF0E6F4EE0E17DDE8C4A24BF897D19B87AA5759F
Validity
Not Before: Jan 29 04:11:47 2026 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=69a4882e-18d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:59:fd:a2:c1:46:8f:a8:12:d2:d5:e0:42:25:
9c:30:91:a2:a3:8c:bd:3a:f3:b6:05:cf:e6:a4:91:
50:8c:e5:b8:c5:9b:ea:f1:43:01:f1:16:86:43:51:
02:68:fc:23:27:24:f6:42:06:14:54:ea:a2:b3:b2:
ad:bc:b0:0b:a7:ca:a5:ff:26:dd:6e:32:28:a6:af:
54:85:7d:f6:e5:01:23:f2:40:65:d8:49:30:5d:23:
09:b9:ac:22:02:d4:b8:b8:27:94:36:d5:34:0c:eb:
98:ef:7c:00:fa:69:4f:2f:af:df:be:f8:02:dd:ba:
47:1a:45:98:5a:f1:e0:6b:0c:21:08:2d:87:d1:eb:
04:e3:0e:4b:b3:cc:da:8f:e2:0b:c3:a7:67:e7:78:
19:04:fa:73:51:b6:1e:59:10:2f:13:8d:0c:20:2f:
f8:9c:ac:42:7e:d0:d4:b6:05:f3:d3:e8:fe:1e:fd:
3c:bd:42:00:42:7f:53:6d:11:ca:89:24:dc:68:dd:
97:22:41:6b:6c:c8:e6:e6:da:6e:b8:d3:6e:6b:62:
6d:45:18:eb:d2:04:51:7e:6d:34:df:7f:8c:15:96:
e1:f9:41:0f:51:9c:67:af:9b:35:bb:cd:fc:29:fe:
b6:a4:a2:d0:4d:80:9c:4f:d7:94:52:7c:80:de:f6:
bf:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:11:CF:7E:C5:F0:E4:8D:C3:FD:32:28:E7:17:0A:F3:53:A4:E3:CA
X509v3 Authority Key Identifier:
keyid:BF:0E:6F:4E:E0:E1:7D:DE:8C:4A:24:BF:89:7D:19:B8:7A:A5:75:9F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9149F3E/9A85BB501D8211E2BC6417D708B02CD2/vw5vTuDhfd6MSiS_iX0ZuHqldZ8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vw5vTuDhfd6MSiS_iX0ZuHqldZ8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149F3E/9A85BB501D8211E2BC6417D708B02CD2/6D188172BF5C11F098B79354C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
134.75.15.0-134.75.16.255
134.75.101.0-134.75.103.255
134.75.105.0/24
134.75.107.0-134.75.108.255
134.75.123.0-134.75.132.255
134.75.200.0/24
134.75.203.0/24
134.75.207.0/24
134.75.252.0-134.75.254.255
Signature Algorithm: sha256WithRSAEncryption
6f:d9:e7:29:58:36:49:62:b7:e5:ef:7d:2a:e4:9c:2d:8d:84:
07:e8:26:c2:38:24:e9:92:df:a3:9d:59:62:6d:ba:2f:f0:15:
6f:b2:3c:b5:ac:21:75:1b:31:6f:99:e6:64:fe:20:e4:14:ec:
6a:17:ea:2a:ce:72:0a:cf:3e:69:77:44:2d:45:74:a0:cf:7c:
74:96:c6:91:bf:fe:49:c3:f5:8d:ab:90:a7:ea:71:ae:97:74:
22:82:b6:80:a7:47:bf:27:70:36:34:88:6c:1c:ce:8a:ba:93:
52:ce:ba:8f:7f:ba:19:29:c6:46:9f:e1:d9:4e:ad:10:ba:27:
49:e4:2e:43:c3:8c:ec:a5:df:a2:27:7a:66:4c:a4:ac:99:ee:
20:03:b5:60:00:de:5d:9c:db:49:27:68:f5:9c:aa:a1:84:29:
23:58:da:b6:14:b6:d1:f9:36:ba:25:93:69:30:3e:da:12:85:
62:da:dd:0c:6e:c4:51:87:03:a3:3f:6e:e6:58:2e:33:a3:39:
5d:4f:9b:3b:31:56:57:55:0e:5e:3a:4c:29:a7:be:cb:10:87:
eb:39:51:d4:7e:d8:d7:57:9f:f4:93:61:df:6c:68:5c:3a:81:
d0:03:1e:ba:79:b3:f7:52:6c:55:f1:87:b9:51:7d:b7:e5:03:
93:3d:74:88
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgICNbMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDlGM0UxMTAvBgNVBAUTKEJGMEU2RjRFRTBFMTdEREU4QzRBMjRCRjg5N0QxOUI4
N0FBNTc1OUYwHhcNMjYwMTI5MDQxMTQ3WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODgyZS0xOGQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0Fn9osFGj6gS0tXgQiWcMJGio4y9OvO2Bc/mpJFQjOW4xZvq8UMB8RaGQ1EC
aPwjJyT2QgYUVOqis7KtvLALp8ql/ybdbjIopq9UhX325QEj8kBl2EkwXSMJuawi
AtS4uCeUNtU0DOuY73wA+mlPL6/fvvgC3bpHGkWYWvHgawwhCC2H0esE4w5Ls8za
j+ILw6dn53gZBPpzUbYeWRAvE40MIC/4nKxCftDUtgXz0+j+Hv08vUIAQn9TbRHK
iSTcaN2XIkFrbMjm5tpuuNNua2JtRRjr0gRRfm0033+MFZbh+UEPUZxnr5s1u838
Kf62pKLQTYCcT9eUUnyA3va/vwIDAQABo4ICuDCCArQwHQYDVR0OBBYEFD8Rz37F
8OSNw/0yKOcXCvNTpOPKMB8GA1UdIwQYMBaAFL8Ob07g4X3ejEokv4l9Gbh6pXWf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUYzRS85QTg1QkI1MDFE
ODIxMUUyQkM2NDE3RDcwOEIwMkNEMi92dzV2VHVEaGZkNk1TaVNfaVgwWnVIcWxk
WjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3Z3NXZUdURoZmQ2TVNpU19pWDBadUhxbGRaOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDlGM0UvOUE4NUJCNTAxRDgyMTFFMkJDNjQxN0Q3MDhCMDJDRDIvNkQxODgxNzJC
RjVDMTFGMDk4Qjc5MzU0QzRGOUFFMDIucm9hMHcGCCsGAQUFBwEHAQH/BGgwZjBk
BAIAATBeMAwDBACGSw8DBACGSxAwDAMEAIZLZQMEA4ZLYAMEAIZLaTAMAwQAhktr
AwQAhktsMAwDBACGS3sDBACGS4QDBACGS8gDBACGS8sDBACGS88wDAMEAoZL/AME
AIZL/jANBgkqhkiG9w0BAQsFAAOCAQEAb9nnKVg2SWK35e99KuScLY2EB+gmwjgk
6ZLfo51ZYm26L/AVb7I8tawhdRsxb5nmZP4g5BTsahfqKs5yCs8+aXdELUV0oM98
dJbGkb/+ScP1jauQp+pxrpd0IoK2gKdHvydwNjSIbBzOirqTUs66j3+6GSnGRp/h
2U6tELonSeQuQ8OM7KXfoid6ZkykrJnuIAO1YADeXZzbSSdo9ZyqoYQpI1jathS2
0fk2uiWTaTA+2hKFYtrdDG7EUYcDoz9u5lguM6M5XU+bOzFWV1UOXjpMKae+yxCH
6zlR1H7Y11ef9JNh32xoXDqB0AMeunmz91JsVfGHuVF9t+UDkz10iA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:02:54 2026 by rpki-client