Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/997B7CFADEA011ED84E5D17BC4F9AE02.roa
File: 997B7CFADEA011ED84E5D17BC4F9AE02.roa (raw, json)
Hash identifier: DNpKV16jRaDVCMLZofIBpwfB3coox1f1YBts1IyzQeQ=
Subject key identifier: 83:DB:D1:CE:68:54:84:45:A6:13:79:DC:49:83:56:BA:5E:40:A8:6C
Certificate issuer: /CN=A914CE75/serialNumber=49892537D8B2C0325B7BE081FD9286C79BEA6A85
Certificate serial: 331E
Authority key identifier: 49:89:25:37:D8:B2:C0:32:5B:7B:E0:81:FD:92:86:C7:9B:EA:6A:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SYklN9iywDJbe-CB_ZKGx5vqaoU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/997B7CFADEA011ED84E5D17BC4F9AE02.roa
Signing time: Sun 01 Mar 2026 19:11:00 +0000
ROA not before: Wed 30 Apr 2025 15:52:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9238
IP address blocks: 59.160.33.0/24 maxlen: 24
59.162.7.0/24 maxlen: 24
59.163.47.0/24 maxlen: 24
59.163.63.0/24 maxlen: 24
115.112.212.0/22 maxlen: 22
121.241.230.0/24 maxlen: 24
203.124.192.0/18 maxlen: 18
203.124.192.0/24 maxlen: 24
203.124.217.0/24 maxlen: 24
203.124.218.0/24 maxlen: 24
203.124.225.0/24 maxlen: 24
203.124.232.0/24 maxlen: 24
203.124.248.0/22 maxlen: 22
203.124.248.0/24 maxlen: 24
203.196.194.0/24 maxlen: 24
203.196.200.0/24 maxlen: 24
203.196.201.0/24 maxlen: 24
203.196.202.0/24 maxlen: 24
203.196.203.0/24 maxlen: 24
203.196.204.0/24 maxlen: 24
203.196.233.0/24 maxlen: 24
203.196.240.0/24 maxlen: 24
203.196.241.0/24 maxlen: 24
203.196.250.0/24 maxlen: 24
203.201.208.0/24 maxlen: 24
203.201.209.0/24 maxlen: 24
203.201.212.0/24 maxlen: 24
203.201.213.0/24 maxlen: 24
203.201.220.0/24 maxlen: 24
203.201.222.0/24 maxlen: 24
203.201.224.0/24 maxlen: 24
203.201.225.0/24 maxlen: 24
203.201.226.0/24 maxlen: 24
203.201.227.0/24 maxlen: 24
203.201.231.0/24 maxlen: 24
203.201.248.0/24 maxlen: 24
203.201.250.0/24 maxlen: 24
203.201.251.0/24 maxlen: 24
203.201.254.0/24 maxlen: 24
219.64.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/SYklN9iywDJbe-CB_ZKGx5vqaoU.crl
rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/SYklN9iywDJbe-CB_ZKGx5vqaoU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SYklN9iywDJbe-CB_ZKGx5vqaoU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 15:22:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13086 (0x331e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914CE75, serialNumber=49892537D8B2C0325B7BE081FD9286C79BEA6A85
Validity
Not Before: Apr 30 15:52:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a48f44-bb21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d5:45:96:42:b1:77:19:90:e0:15:8c:28:27:
dc:32:b3:23:b0:b9:2c:8a:53:13:3c:0e:95:be:14:
1f:ef:0c:d8:b1:84:99:5a:a7:85:2c:d3:21:9c:76:
72:cb:a9:68:56:d9:b1:d5:ae:f7:17:19:88:29:c4:
94:04:47:3c:ae:3e:6d:b6:b2:3c:bc:7d:c4:16:c1:
57:34:76:01:39:8d:dc:e0:cd:27:76:b9:2a:19:12:
5e:0b:70:13:1f:18:85:4d:76:8c:af:71:2b:59:92:
3a:93:64:00:75:64:e6:d7:f4:d0:a2:62:51:90:8d:
f7:01:c5:d6:ed:8e:c3:7b:4e:8e:f5:00:b6:d6:11:
49:cf:0d:43:e7:3e:ed:d9:5a:73:4d:85:35:4d:08:
d6:52:02:df:fd:1c:75:3c:f4:0d:85:90:fa:b9:d4:
3f:81:f1:b6:80:ef:ff:5d:a3:ee:b7:bf:b3:02:5f:
b9:ce:c5:a1:20:30:13:8f:22:9f:63:4c:a6:b1:df:
7c:8f:9f:30:e3:78:77:49:97:ca:c1:21:61:b9:df:
32:eb:13:c3:d6:ec:ea:ba:4a:6e:97:f5:5c:4b:5a:
11:5d:ad:5e:e6:fa:9c:32:7c:97:b9:b3:b7:1a:6e:
91:2b:d9:a6:0b:90:04:fe:2d:9a:c3:c9:95:40:9f:
b6:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:DB:D1:CE:68:54:84:45:A6:13:79:DC:49:83:56:BA:5E:40:A8:6C
X509v3 Authority Key Identifier:
keyid:49:89:25:37:D8:B2:C0:32:5B:7B:E0:81:FD:92:86:C7:9B:EA:6A:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/SYklN9iywDJbe-CB_ZKGx5vqaoU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SYklN9iywDJbe-CB_ZKGx5vqaoU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/997B7CFADEA011ED84E5D17BC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
59.160.33.0/24
59.162.7.0/24
59.163.47.0/24
59.163.63.0/24
115.112.212.0/22
121.241.230.0/24
203.124.192.0/18
203.196.194.0/24
203.196.200.0-203.196.204.255
203.196.233.0/24
203.196.240.0/23
203.196.250.0/24
203.201.208.0/23
203.201.212.0/23
203.201.220.0/24
203.201.222.0/24
203.201.224.0/22
203.201.231.0/24
203.201.248.0/24
203.201.250.0/23
203.201.254.0/24
219.64.5.0/24
Signature Algorithm: sha256WithRSAEncryption
74:75:77:1d:78:fa:a7:19:30:89:ed:2c:af:98:89:82:ca:db:
4c:61:c9:47:41:27:c0:e8:52:5d:c4:be:49:57:54:cb:18:bb:
4b:41:c1:1a:73:f9:8f:08:e4:9c:ae:75:53:bc:fb:7c:7c:59:
5f:e8:b2:47:11:81:7d:25:18:c3:03:eb:35:8f:27:1a:3c:63:
9e:cd:5a:b1:75:14:6c:1e:fc:10:3d:29:90:31:11:96:28:42:
9c:b6:f8:db:d2:00:de:95:16:61:9c:65:5e:66:e6:c3:f7:a1:
fd:1f:86:37:0b:4e:6f:0a:1f:74:94:e5:a5:f4:b2:ea:0a:f9:
52:95:7d:86:a5:ef:50:21:e8:88:a7:8f:a3:a9:25:83:83:2e:
6b:18:8e:13:84:d9:1b:64:2b:b6:97:9f:ab:2f:a2:bb:f5:7b:
6a:65:9c:41:1b:47:1b:cf:3f:aa:01:e5:2d:e6:c8:ae:b4:83:
a3:71:48:9c:11:51:11:fb:57:c7:03:1a:f9:06:1b:61:87:e1:
67:63:ea:3a:c6:79:29:98:56:17:9f:4d:9e:c4:b7:dd:66:e7:
83:57:66:81:60:1b:e0:9e:50:14:3d:60:65:d5:05:f7:b5:ae:
a4:1f:7a:19:3a:fe:17:11:27:18:20:e5:2f:77:a3:96:d3:ee:
3a:15:5a:a3
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgICMx4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NENFNzUxMTAvBgNVBAUTKDQ5ODkyNTM3RDhCMkMwMzI1QjdCRTA4MUZEOTI4NkM3
OUJFQTZBODUwHhcNMjUwNDMwMTU1MjM2WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0OGY0NC1iYjIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2NVFlkKxdxmQ4BWMKCfcMrMjsLksilMTPA6VvhQf7wzYsYSZWqeFLNMhnHZy
y6loVtmx1a73FxmIKcSUBEc8rj5ttrI8vH3EFsFXNHYBOY3c4M0ndrkqGRJeC3AT
HxiFTXaMr3ErWZI6k2QAdWTm1/TQomJRkI33AcXW7Y7De06O9QC21hFJzw1D5z7t
2VpzTYU1TQjWUgLf/Rx1PPQNhZD6udQ/gfG2gO//XaPut7+zAl+5zsWhIDATjyKf
Y0ymsd98j58w43h3SZfKwSFhud8y6xPD1uzqukpul/VcS1oRXa1e5vqcMnyXubO3
Gm6RK9mmC5AE/i2aw8mVQJ+2iwIDAQABo4IC6zCCAucwHQYDVR0OBBYEFIPb0c5o
VIRFphN53EmDVrpeQKhsMB8GA1UdIwQYMBaAFEmJJTfYssAyW3vggf2Shseb6mqF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Q0U3NS9EMjJFRjNENkZG
NEIxMUUyODFCRTA2NjI1OTExRUEzMi9TWWtsTjlpeXdESmJlLUNCX1pLR3g1dnFh
b1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NZa2xOOWl5d0RKYmUtQ0JfWktHeDV2cWFvVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NENFNzUvRDIyRUYzRDZGRjRCMTFFMjgxQkUwNjYyNTkxMUVBMzIvOTk3QjdDRkFE
RUEwMTFFRDg0RTVEMTdCQzRGOUFFMDIucm9hMIGpBggrBgEFBQcBBwEB/wSBmTCB
ljCBkwQCAAEwgYwDBAA7oCEDBAA7ogcDBAA7oy8DBAA7oz8DBAJzcNQDBAB58eYD
BAbLfMADBADLxMIwDAMEA8vEyAMEAMvEzAMEAMvE6QMEAcvE8AMEAMvE+gMEAcvJ
0AMEAcvJ1AMEAMvJ3AMEAMvJ3gMEAsvJ4AMEAMvJ5wMEAMvJ+AMEAcvJ+gMEAMvJ
/gMEANtABTANBgkqhkiG9w0BAQsFAAOCAQEAdHV3HXj6pxkwie0sr5iJgsrbTGHJ
R0EnwOhSXcS+SVdUyxi7S0HBGnP5jwjknK51U7z7fHxZX+iyRxGBfSUYwwPrNY8n
Gjxjns1asXUUbB78ED0pkDERlihCnLb429IA3pUWYZxlXmbmw/eh/R+GNwtObwof
dJTlpfSy6gr5UpV9hqXvUCHoiKePo6klg4MuaxiOE4TZG2Qrtpefqy+iu/V7amWc
QRtHG88/qgHlLebIrrSDo3FInBFREftXxwMa+QYbYYfhZ2PqOsZ5KZhWF59NnsS3
3Wbng1dmgWAb4J5QFD1gZdUF97WupB96GTr+FxEnGCDlL3ejltPuOhVaow==
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:35:17 2026 by rpki-client