Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/96E3EB58B2B711EEAE882255C4F9AE02.roa
File: 96E3EB58B2B711EEAE882255C4F9AE02.roa (raw, json)
Hash identifier: 0q/OdMT21d2o2z7GIdymCsArMuvlmBPtSRjiSNVf0cg=
Subject key identifier: EE:88:12:96:EC:0A:8B:20:E8:AD:94:FB:AC:A8:99:E7:B6:19:D3:37
Certificate issuer: /CN=A914CCD1/serialNumber=A3D5CF43DE5B3D8B9C343ED449C1690EBE34170E
Certificate serial: 0695
Authority key identifier: A3:D5:CF:43:DE:5B:3D:8B:9C:34:3E:D4:49:C1:69:0E:BE:34:17:0E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9XPQ95bPYucND7UScFpDr40Fw4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/96E3EB58B2B711EEAE882255C4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:29:40 +0000
ROA not before: Fri 06 Feb 2026 23:19:05 +0000
ROA not after: Wed 31 Mar 2027 00:00:00 +0000
asID: 139922
IP address blocks: 103.147.62.0/23 maxlen: 24
2405:acc0::/32 maxlen: 32
2405:acc0::/48 maxlen: 48
2405:acc0:1::/48 maxlen: 48
2405:acc0:4::/48 maxlen: 48
2405:acc0:6::/48 maxlen: 48
2405:acc0:8::/48 maxlen: 48
2405:acc0:9::/48 maxlen: 48
2405:acc0:a::/48 maxlen: 48
2405:acc0:b::/48 maxlen: 48
2405:acc0:c::/48 maxlen: 48
2405:acc0:169::/48 maxlen: 48
2405:acc0:1000::/40 maxlen: 40
2405:acc0:1100::/40 maxlen: 40
2405:acc0:1200::/48 maxlen: 48
2405:acc0:1204::/48 maxlen: 48
2405:acc0:1205::/48 maxlen: 48
2405:acc0:1206::/48 maxlen: 48
2405:acc0:1207::/48 maxlen: 48
2405:acc0:1210::/48 maxlen: 48
2405:acc0:1300::/48 maxlen: 48
2405:acc0:1304::/48 maxlen: 48
2405:acc0:1305::/48 maxlen: 48
2405:acc0:1306::/48 maxlen: 48
2405:acc0:1307::/48 maxlen: 48
2405:acc0:1310::/48 maxlen: 48
2405:acc0:1400::/48 maxlen: 48
2405:acc0:1410::/48 maxlen: 48
2405:acc0:1504::/48 maxlen: 48
2405:acc0:1505::/48 maxlen: 48
2405:acc0:1510::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/o9XPQ95bPYucND7UScFpDr40Fw4.crl
rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/o9XPQ95bPYucND7UScFpDr40Fw4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9XPQ95bPYucND7UScFpDr40Fw4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 18:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1685 (0x695)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914CCD1, serialNumber=A3D5CF43DE5B3D8B9C343ED449C1690EBE34170E
Validity
Not Before: Feb 6 23:19:05 2026 GMT
Not After : Mar 31 00:00:00 2027 GMT
Subject: CN=69a47784-dc0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:33:28:be:b0:cd:28:50:95:04:5f:26:3f:16:
35:70:d1:a6:28:46:d5:09:1e:05:b9:46:25:03:43:
bd:c1:1d:fc:33:a6:90:44:e6:11:23:dc:23:fb:0b:
1b:ef:c3:db:a4:94:f2:32:02:b3:22:1f:29:84:75:
df:b3:1d:06:67:06:79:24:27:e6:14:d2:82:27:19:
4a:7d:86:15:e0:f2:65:38:cc:91:92:cd:ed:cb:58:
a2:d6:d4:b6:1d:71:96:a0:c3:4c:86:dc:2c:93:11:
c6:ba:bc:79:b4:d9:43:a1:c8:16:d7:65:f6:11:f4:
e5:96:50:87:b6:47:12:ce:b1:11:4b:cc:9d:2d:4e:
7b:73:ee:9b:55:6b:c1:96:21:5c:1a:db:b8:c9:ba:
73:60:54:89:18:95:d3:8b:8d:6d:7c:67:bc:b8:f7:
9a:ab:9c:24:d2:42:93:ff:70:9f:4b:d7:f5:64:ad:
b1:61:ab:2d:79:ea:82:8d:90:c8:f8:42:23:34:25:
e1:52:49:63:b4:84:9d:9b:04:dd:db:e6:1c:ab:e0:
ae:37:2c:da:92:b1:80:cd:62:9f:51:b0:f8:d8:6b:
c1:f4:bc:ba:17:43:a1:7f:e6:01:94:a2:4b:b4:42:
2b:3a:b9:ba:8c:e3:16:65:4a:6a:63:44:c1:db:6d:
e3:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:88:12:96:EC:0A:8B:20:E8:AD:94:FB:AC:A8:99:E7:B6:19:D3:37
X509v3 Authority Key Identifier:
keyid:A3:D5:CF:43:DE:5B:3D:8B:9C:34:3E:D4:49:C1:69:0E:BE:34:17:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/o9XPQ95bPYucND7UScFpDr40Fw4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9XPQ95bPYucND7UScFpDr40Fw4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/96E3EB58B2B711EEAE882255C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.147.62.0/23
IPv6:
2405:acc0::/32
Signature Algorithm: sha256WithRSAEncryption
2c:f0:5b:4d:08:bf:b0:dd:7d:43:72:df:0c:64:56:a4:44:5d:
32:8b:e9:25:a2:ad:33:6d:f2:b7:10:36:c9:a5:7e:0b:c4:74:
9c:e6:1d:30:1e:05:aa:71:40:38:82:f8:b8:36:e7:c7:24:a6:
6d:ad:77:9a:1f:3f:56:05:cb:05:a4:82:23:5e:ee:04:4b:80:
df:20:9c:72:4f:d4:0e:14:9a:e4:f9:c6:1f:3b:82:72:3f:92:
47:27:86:70:9b:9a:6c:0f:96:48:4b:3d:32:a5:59:9f:f5:c5:
8f:dc:e2:1a:78:e6:95:f0:85:8f:f9:35:c5:82:be:95:54:4e:
d4:21:e2:7f:61:9c:fb:92:be:cb:69:92:de:d1:5f:41:de:3a:
41:f4:1d:3d:f3:10:a9:8d:09:56:60:fc:06:e3:79:dc:3b:10:
74:bf:66:ae:2c:8f:c5:af:9f:33:29:0a:1e:7c:45:4b:be:cc:
08:44:cc:37:d6:5e:42:41:51:6a:d1:17:79:78:cb:34:23:ac:
ad:a8:0b:1c:4c:d5:ab:09:87:da:69:3f:a6:31:29:09:90:ba:
5e:c5:aa:f7:ee:ca:0e:57:f4:c1:89:ed:15:02:7f:14:0d:23:
30:ed:28:41:22:53:10:21:da:40:a0:b2:7e:dc:fd:db:3e:fd:
ad:52:7c:7a
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgICBpUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NENDRDExMTAvBgNVBAUTKEEzRDVDRjQzREU1QjNEOEI5QzM0M0VENDQ5QzE2OTBF
QkUzNDE3MEUwHhcNMjYwMjA2MjMxOTA1WhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0Nzc4NC1kYzBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAkjMovrDNKFCVBF8mPxY1cNGmKEbVCR4FuUYlA0O9wR38M6aQROYRI9wj+wsb
78PbpJTyMgKzIh8phHXfsx0GZwZ5JCfmFNKCJxlKfYYV4PJlOMyRks3ty1ii1tS2
HXGWoMNMhtwskxHGurx5tNlDocgW12X2EfTlllCHtkcSzrERS8ydLU57c+6bVWvB
liFcGtu4ybpzYFSJGJXTi41tfGe8uPeaq5wk0kKT/3CfS9f1ZK2xYasteeqCjZDI
+EIjNCXhUkljtISdmwTd2+Ycq+CuNyzakrGAzWKfUbD42GvB9Ly6F0Ohf+YBlKJL
tEIrOrm6jOMWZUpqY0TB223jWwIDAQABo4ICbzCCAmswHQYDVR0OBBYEFO6IEpbs
Cosg6K2U+6yomee2GdM3MB8GA1UdIwQYMBaAFKPVz0PeWz2LnDQ+1EnBaQ6+NBcO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Q0NEMS9BRDdGNDVBNENE
QzQxMUVCQjVGNDgzNTVDNEY5QUUwMi9vOVhQUTk1YlBZdWNORDdVU2NGcERyNDBG
dzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL285WFBROTViUFl1Y05EN1VTY0ZwRHI0MEZ3NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NENDRDEvQUQ3RjQ1QTRDREM0MTFFQkI1RjQ4MzU1QzRGOUFFMDIvOTZFM0VCNThC
MkI3MTFFRUFFODgyMjU1QzRGOUFFMDIucm9hMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQBZ5M+MA0EAgACMAcDBQAkBazAMA0GCSqGSIb3DQEBCwUAA4IBAQAs
8FtNCL+w3X1Dct8MZFakRF0yi+kloq0zbfK3EDbJpX4LxHSc5h0wHgWqcUA4gvi4
NufHJKZtrXeaHz9WBcsFpIIjXu4ES4DfIJxyT9QOFJrk+cYfO4JyP5JHJ4Zwm5ps
D5ZISz0ypVmf9cWP3OIaeOaV8IWP+TXFgr6VVE7UIeJ/YZz7kr7LaZLe0V9B3jpB
9B098xCpjQlWYPwG43ncOxB0v2auLI/Fr58zKQoefEVLvswIRMw31l5CQVFq0Rd5
eMs0I6ytqAscTNWrCYfaaT+mMSkJkLpexar37soOV/TBie0VAn8UDSMw7ShBIlMQ
IdpAoLJ+3P3bPv2tUnx6
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:11:31 2026 by rpki-client