Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/1B31B0E4270E11EC97471F53C4F9AE02.roa
File: 1B31B0E4270E11EC97471F53C4F9AE02.roa (raw, json)
Hash identifier: IxcEdM3NtqIWpGs5CaLmmTvLz8ooYXKO4DZfm0izdno=
Subject key identifier: FC:FD:2D:2E:AA:E5:63:E0:7B:A9:C5:6D:B8:A9:5B:4C:85:70:AB:C3
Certificate issuer: /CN=A91514B1/serialNumber=6171432D5594CB3F608D3BE0F52600BBEC46E5FB
Certificate serial: 0692
Authority key identifier: 61:71:43:2D:55:94:CB:3F:60:8D:3B:E0:F5:26:00:BB:EC:46:E5:FB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YXFDLVWUyz9gjTvg9SYAu-xG5fs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/1B31B0E4270E11EC97471F53C4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:37:13 +0000
ROA not before: Sun 03 Aug 2025 00:06:27 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 198949
IP address blocks: 61.88.1.0/24 maxlen: 24
61.88.29.0/24 maxlen: 24
61.88.116.0/24 maxlen: 24
61.88.182.0/24 maxlen: 24
61.88.183.0/24 maxlen: 24
61.88.223.0/24 maxlen: 24
119.225.2.0/24 maxlen: 24
119.225.44.0/24 maxlen: 24
119.225.45.0/24 maxlen: 24
119.225.128.0/24 maxlen: 24
119.225.210.0/24 maxlen: 24
119.225.222.0/24 maxlen: 24
124.19.48.0/24 maxlen: 24
124.19.56.0/24 maxlen: 24
124.19.72.0/24 maxlen: 24
124.19.98.0/24 maxlen: 24
124.19.103.0/24 maxlen: 24
124.19.111.0/24 maxlen: 24
202.139.138.0/24 maxlen: 24
202.139.144.0/24 maxlen: 24
203.13.96.0/24 maxlen: 24
203.13.98.0/24 maxlen: 24
203.13.123.0/24 maxlen: 24
203.13.125.0/24 maxlen: 24
203.13.126.0/24 maxlen: 24
203.13.127.0/24 maxlen: 24
203.13.128.0/24 maxlen: 24
203.13.129.0/24 maxlen: 24
220.101.13.0/24 maxlen: 24
220.101.27.0/24 maxlen: 24
220.101.72.0/24 maxlen: 24
220.101.83.0/24 maxlen: 24
220.101.99.0/24 maxlen: 24
220.101.101.0/24 maxlen: 24
220.101.111.0/24 maxlen: 24
220.101.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/YXFDLVWUyz9gjTvg9SYAu-xG5fs.crl
rsync://rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/YXFDLVWUyz9gjTvg9SYAu-xG5fs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YXFDLVWUyz9gjTvg9SYAu-xG5fs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 18:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1682 (0x692)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91514B1, serialNumber=6171432D5594CB3F608D3BE0F52600BBEC46E5FB
Validity
Not Before: Aug 3 00:06:27 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=69a48759-0e5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:18:1c:5a:25:aa:c3:53:cb:8c:bc:d5:5b:fd:
7e:77:2c:40:e2:64:e5:69:d1:f5:15:fe:ce:20:46:
3f:44:08:a7:fa:36:2c:bb:26:3f:46:d0:c3:bf:c8:
af:45:1c:26:06:97:45:31:97:7c:df:6f:f1:05:ac:
27:fa:e8:91:1b:a3:d8:9f:22:4e:7b:e8:ce:86:55:
ed:11:bd:24:86:65:39:fd:b2:35:9c:40:ac:e9:23:
56:b2:f5:63:19:42:87:1c:2e:6c:64:c1:bd:1c:08:
1e:97:63:35:14:de:86:10:e4:6b:a3:e7:1f:68:82:
c8:84:f3:0b:91:62:65:ae:63:f2:91:cb:11:51:ff:
f9:a7:f7:4d:ab:a3:6d:ed:f8:8d:93:f2:c9:4f:bf:
c6:86:58:33:68:e2:c1:4f:49:74:73:17:3b:ae:f5:
c6:19:6a:e6:a6:cc:2a:95:b3:15:32:d1:62:e7:25:
6b:9b:a9:c3:3f:ba:1d:0f:e7:6d:7d:92:a6:d7:7a:
0b:58:2d:5a:68:d5:ee:cd:99:96:cc:42:a8:98:70:
f8:75:98:47:3b:09:c6:89:5f:cc:79:c4:43:07:3c:
5e:ad:52:45:70:08:83:7a:3c:d3:4d:bd:de:5a:c3:
e2:0e:ab:a7:00:dc:32:6c:eb:7b:65:7a:b9:04:8d:
20:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:FD:2D:2E:AA:E5:63:E0:7B:A9:C5:6D:B8:A9:5B:4C:85:70:AB:C3
X509v3 Authority Key Identifier:
keyid:61:71:43:2D:55:94:CB:3F:60:8D:3B:E0:F5:26:00:BB:EC:46:E5:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/YXFDLVWUyz9gjTvg9SYAu-xG5fs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YXFDLVWUyz9gjTvg9SYAu-xG5fs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/1B31B0E4270E11EC97471F53C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
61.88.1.0/24
61.88.29.0/24
61.88.116.0/24
61.88.182.0/23
61.88.223.0/24
119.225.2.0/24
119.225.44.0/23
119.225.128.0/24
119.225.210.0/24
119.225.222.0/24
124.19.48.0/24
124.19.56.0/24
124.19.72.0/24
124.19.98.0/24
124.19.103.0/24
124.19.111.0/24
202.139.138.0/24
202.139.144.0/24
203.13.96.0/24
203.13.98.0/24
203.13.123.0/24
203.13.125.0-203.13.129.255
220.101.13.0/24
220.101.27.0/24
220.101.72.0/24
220.101.83.0/24
220.101.99.0/24
220.101.101.0/24
220.101.111.0/24
220.101.121.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:da:f5:96:07:ed:71:2a:09:d1:c1:0a:a2:c0:5f:9c:02:e0:
55:ca:89:ca:e3:42:a9:0a:d7:94:79:a1:09:a4:2e:65:b2:5c:
4c:b5:3e:b7:a1:26:44:5d:24:b5:af:82:a3:87:fd:19:f4:1e:
5b:a5:6c:26:b4:98:1a:15:a0:12:aa:e9:6b:5e:16:95:23:8b:
8d:28:8b:7e:d4:67:d7:5d:b1:af:2c:0f:c7:0e:cf:4d:b5:2f:
48:c4:45:86:f0:cc:fb:c8:d5:8a:1f:09:5c:b4:51:a9:74:1c:
21:f4:6f:52:b5:86:8f:1d:2e:3c:9e:ee:9a:ba:76:3f:01:22:
e2:79:8a:e2:41:c3:31:32:b5:fe:12:f7:03:d3:34:c0:f3:f3:
05:86:18:dd:41:a7:91:1b:2d:c1:99:92:31:1f:bb:be:bb:67:
a9:71:a9:06:9f:81:4e:c7:b4:06:c6:04:b5:a8:df:0d:d9:f4:
da:ef:04:eb:a3:35:4f:a4:c2:9c:2b:b4:2c:b5:a7:a2:52:ac:
2e:8f:5c:5b:07:b0:58:66:d4:03:bc:da:fb:0a:2a:2f:bb:b7:
f5:67:91:94:c0:a1:57:9a:1e:83:ae:c5:82:e4:61:9d:7c:58:
5c:f3:40:bd:97:43:41:6a:90:c7:2f:ab:dc:b2:7c:99:94:c4:
2e:ff:fd:8a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgICBpIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTE0QjExMTAvBgNVBAUTKDYxNzE0MzJENTU5NENCM0Y2MDhEM0JFMEY1MjYwMEJC
RUM0NkU1RkIwHhcNMjUwODAzMDAwNjI3WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODc1OS0wZTVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxRgcWiWqw1PLjLzVW/1+dyxA4mTladH1Ff7OIEY/RAin+jYsuyY/RtDDv8iv
RRwmBpdFMZd832/xBawn+uiRG6PYnyJOe+jOhlXtEb0khmU5/bI1nECs6SNWsvVj
GUKHHC5sZMG9HAgel2M1FN6GEORro+cfaILIhPMLkWJlrmPykcsRUf/5p/dNq6Nt
7fiNk/LJT7/GhlgzaOLBT0l0cxc7rvXGGWrmpswqlbMVMtFi5yVrm6nDP7odD+dt
fZKm13oLWC1aaNXuzZmWzEKomHD4dZhHOwnGiV/MecRDBzxerVJFcAiDejzTTb3e
WsPiDqunANwybOt7ZXq5BI0gFQIDAQABo4IDGzCCAxcwHQYDVR0OBBYEFPz9LS6q
5WPge6nFbbipW0yFcKvDMB8GA1UdIwQYMBaAFGFxQy1VlMs/YI074PUmALvsRuX7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTRCMS84NDE4OTIyNkZC
RTQxMUVCODJCNjI2NEZDNEY5QUUwMi9ZWEZETFZXVXl6OWdqVHZnOVNZQXUteEc1
ZnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lYRkRMVldVeXo5Z2pUdmc5U1lBdS14RzVmcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTE0QjEvODQxODkyMjZGQkU0MTFFQjgyQjYyNjRGQzRGOUFFMDIvMUIzMUIwRTQy
NzBFMTFFQzk3NDcxRjUzQzRGOUFFMDIucm9hMIHZBggrBgEFBQcBBwEB/wSByTCB
xjCBwwQCAAEwgbwDBAA9WAEDBAA9WB0DBAA9WHQDBAE9WLYDBAA9WN8DBAB34QID
BAF34SwDBAB34YADBAB34dIDBAB34d4DBAB8EzADBAB8EzgDBAB8E0gDBAB8E2ID
BAB8E2cDBAB8E28DBADKi4oDBADKi5ADBADLDWADBADLDWIDBADLDXswDAMEAMsN
fQMEAcsNgAMEANxlDQMEANxlGwMEANxlSAMEANxlUwMEANxlYwMEANxlZQMEANxl
bwMEANxleTANBgkqhkiG9w0BAQsFAAOCAQEAt9r1lgftcSoJ0cEKosBfnALgVcqJ
yuNCqQrXlHmhCaQuZbJcTLU+t6EmRF0kta+Co4f9GfQeW6VsJrSYGhWgEqrpa14W
lSOLjSiLftRn112xrywPxw7PTbUvSMRFhvDM+8jVih8JXLRRqXQcIfRvUrWGjx0u
PJ7umrp2PwEi4nmK4kHDMTK1/hL3A9M0wPPzBYYY3UGnkRstwZmSMR+7vrtnqXGp
Bp+BTse0BsYEtajfDdn02u8E66M1T6TCnCu0LLWnolKsLo9cWwewWGbUA7za+woq
L7u39WeRlMChV5oeg67FguRhnXxYXPNAvZdDQWqQxy+r3LJ8mZTELv/9ig==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:55:01 2026 by rpki-client