Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/0592D90E02E111F0BFF53A15C4F9AE02.roa
File: 0592D90E02E111F0BFF53A15C4F9AE02.roa (raw, json)
Hash identifier: bBNacOlkJrztuklEe6dKf7tGaUKKWEJYfG7pacbaVNI=
Subject key identifier: BB:0E:2B:8B:AE:73:3C:00:77:67:4B:D2:65:63:55:2D:6F:87:91:A7
Certificate issuer: /CN=A9152D08/serialNumber=34DC20129EAD6F41A7CA2D99C9BD3E7E6033CB88
Certificate serial: 0D10
Authority key identifier: 34:DC:20:12:9E:AD:6F:41:A7:CA:2D:99:C9:BD:3E:7E:60:33:CB:88
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/0592D90E02E111F0BFF53A15C4F9AE02.roa
Signing time: Mon 02 Mar 2026 14:36:28 +0000
ROA not before: Mon 17 Mar 2025 03:36:34 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 19324
IP address blocks: 101.99.64.0/24 maxlen: 24
101.99.65.0/24 maxlen: 24
101.99.66.0/24 maxlen: 24
101.99.67.0/24 maxlen: 24
101.99.68.0/24 maxlen: 24
101.99.69.0/24 maxlen: 24
101.99.70.0/24 maxlen: 24
101.99.71.0/24 maxlen: 24
101.99.72.0/24 maxlen: 24
101.99.73.0/24 maxlen: 24
101.99.74.0/24 maxlen: 24
101.99.77.0/24 maxlen: 24
101.99.78.0/24 maxlen: 24
101.99.79.0/24 maxlen: 24
101.99.80.0/24 maxlen: 24
101.99.81.0/24 maxlen: 24
101.99.82.0/24 maxlen: 24
101.99.83.0/24 maxlen: 24
101.99.84.0/24 maxlen: 24
101.99.85.0/24 maxlen: 24
101.99.86.0/24 maxlen: 24
101.99.87.0/24 maxlen: 24
101.99.88.0/24 maxlen: 24
101.99.89.0/24 maxlen: 24
101.99.90.0/24 maxlen: 24
101.99.91.0/24 maxlen: 24
111.90.128.0/24 maxlen: 24
111.90.129.0/24 maxlen: 24
111.90.130.0/24 maxlen: 24
111.90.131.0/24 maxlen: 24
111.90.132.0/24 maxlen: 24
111.90.133.0/24 maxlen: 24
111.90.134.0/24 maxlen: 24
111.90.135.0/24 maxlen: 24
111.90.136.0/24 maxlen: 24
111.90.137.0/24 maxlen: 24
111.90.138.0/24 maxlen: 24
111.90.139.0/24 maxlen: 24
111.90.140.0/24 maxlen: 24
111.90.141.0/24 maxlen: 24
111.90.142.0/24 maxlen: 24
111.90.143.0/24 maxlen: 24
111.90.144.0/24 maxlen: 24
111.90.145.0/24 maxlen: 24
111.90.146.0/24 maxlen: 24
111.90.147.0/24 maxlen: 24
111.90.148.0/24 maxlen: 24
111.90.149.0/24 maxlen: 24
111.90.150.0/24 maxlen: 24
111.90.151.0/24 maxlen: 24
111.90.152.0/24 maxlen: 24
111.90.153.0/24 maxlen: 24
111.90.154.0/24 maxlen: 24
111.90.155.0/24 maxlen: 24
111.90.158.0/24 maxlen: 24
111.90.159.0/24 maxlen: 24
124.217.224.0/24 maxlen: 24
124.217.225.0/24 maxlen: 24
124.217.226.0/24 maxlen: 24
124.217.227.0/24 maxlen: 24
124.217.228.0/24 maxlen: 24
124.217.229.0/24 maxlen: 24
124.217.230.0/24 maxlen: 24
124.217.231.0/24 maxlen: 24
124.217.232.0/24 maxlen: 24
124.217.233.0/24 maxlen: 24
124.217.234.0/24 maxlen: 24
124.217.235.0/24 maxlen: 24
124.217.236.0/24 maxlen: 24
124.217.237.0/24 maxlen: 24
124.217.238.0/24 maxlen: 24
124.217.239.0/24 maxlen: 24
124.217.240.0/24 maxlen: 24
124.217.241.0/24 maxlen: 24
124.217.242.0/24 maxlen: 24
124.217.243.0/24 maxlen: 24
124.217.244.0/24 maxlen: 24
124.217.245.0/24 maxlen: 24
124.217.246.0/24 maxlen: 24
124.217.247.0/24 maxlen: 24
124.217.248.0/24 maxlen: 24
124.217.249.0/24 maxlen: 24
124.217.250.0/24 maxlen: 24
124.217.251.0/24 maxlen: 24
124.217.252.0/24 maxlen: 24
124.217.253.0/24 maxlen: 24
124.217.254.0/24 maxlen: 24
124.217.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.crl
rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 14:36:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3344 (0xd10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9152D08, serialNumber=34DC20129EAD6F41A7CA2D99C9BD3E7E6033CB88
Validity
Not Before: Mar 17 03:36:34 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=69a5a06c-91a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b1:10:fa:3e:b4:3e:18:2d:c7:ee:d4:0c:fe:
62:d9:6d:7d:af:0f:30:39:d1:3c:98:12:04:f2:43:
87:37:34:95:87:b9:71:38:06:6a:9a:69:ca:cc:fe:
8d:0b:3c:d8:2c:be:70:0d:aa:25:89:7a:53:3f:e3:
7b:da:17:4f:ce:f9:8c:66:5f:32:8b:4e:c3:97:89:
fd:46:c2:ec:16:fe:5f:f5:99:25:f9:fc:f4:d9:be:
48:c1:01:fb:e3:ef:74:75:a8:7c:64:67:8f:07:52:
d1:3a:2e:8f:24:08:5b:c0:78:4b:dd:f5:b6:6f:03:
f3:87:8b:27:b8:45:bf:b1:d6:30:36:c5:62:59:ad:
ab:91:24:8c:71:89:0f:0d:30:94:0b:9d:63:56:5c:
4b:ce:ed:20:fc:ed:16:35:18:1b:80:0d:a2:20:9d:
80:55:53:65:a9:e6:9c:fe:01:c8:af:8f:40:01:45:
74:3d:d8:18:5a:94:0b:3d:4f:e8:4f:91:dd:06:df:
7a:b3:9c:dd:8c:cb:7e:ce:df:e8:81:48:84:70:60:
b6:e1:31:78:55:c0:e6:91:c4:4f:76:9d:a2:f0:5a:
4d:06:a3:a6:12:12:d5:b4:f9:32:ff:d0:c1:5e:ef:
8f:4e:47:f4:a6:bf:9c:b5:98:f9:43:00:ab:24:35:
35:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:0E:2B:8B:AE:73:3C:00:77:67:4B:D2:65:63:55:2D:6F:87:91:A7
X509v3 Authority Key Identifier:
keyid:34:DC:20:12:9E:AD:6F:41:A7:CA:2D:99:C9:BD:3E:7E:60:33:CB:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/0592D90E02E111F0BFF53A15C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
101.99.64.0-101.99.74.255
101.99.77.0-101.99.91.255
111.90.128.0-111.90.155.255
111.90.158.0/23
124.217.224.0/19
Signature Algorithm: sha256WithRSAEncryption
76:30:6e:13:e2:67:cf:08:5f:c3:74:71:47:c0:0a:a3:b4:79:
03:49:04:e8:be:9f:cc:48:e5:bc:f9:c5:e0:62:7b:e6:8c:b9:
8e:2f:f4:cc:49:fa:3b:59:63:25:49:c1:d0:f5:47:1b:77:1e:
8b:90:c1:0c:c7:18:dc:97:e5:47:07:d8:6e:a1:d7:0a:27:be:
28:ec:36:f6:e6:32:44:46:8c:16:0a:cf:74:63:da:20:62:f0:
fd:62:97:50:43:7d:d8:25:07:c7:f0:8f:24:55:de:d9:b6:3d:
13:44:28:81:62:65:a5:65:3a:b3:b7:6d:0d:51:ad:2a:3f:5a:
56:ec:ce:81:f6:7b:1b:1e:ac:70:cb:d9:3b:3e:b2:d7:72:33:
41:4b:4f:cb:60:1a:1c:b5:98:0d:3b:8b:0d:e1:72:e6:b9:42:
0d:a4:2e:2e:ef:28:77:56:47:18:92:5b:c3:f3:cf:a6:3d:b7:
5b:7a:b4:a1:8c:2f:f7:fa:e8:57:95:08:83:89:63:3f:59:72:
ad:59:9b:9e:82:4c:9d:36:b3:56:b9:97:20:bb:80:cf:35:a5:
ae:b1:dd:a7:f3:2e:0f:f7:a8:10:0b:74:ec:32:6d:ee:82:5c:
3f:d9:e9:07:1b:3a:02:82:55:f2:70:04:e0:b8:cd:d4:f5:38:
fd:2b:21:33
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgICDRAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTJEMDgxMTAvBgNVBAUTKDM0REMyMDEyOUVBRDZGNDFBN0NBMkQ5OUM5QkQzRTdF
NjAzM0NCODgwHhcNMjUwMzE3MDMzNjM0WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE1YTA2Yy05MWEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnLEQ+j60Phgtx+7UDP5i2W19rw8wOdE8mBIE8kOHNzSVh7lxOAZqmmnKzP6N
CzzYLL5wDaoliXpTP+N72hdPzvmMZl8yi07Dl4n9RsLsFv5f9Zkl+fz02b5IwQH7
4+90dah8ZGePB1LROi6PJAhbwHhL3fW2bwPzh4snuEW/sdYwNsViWa2rkSSMcYkP
DTCUC51jVlxLzu0g/O0WNRgbgA2iIJ2AVVNlqeac/gHIr49AAUV0PdgYWpQLPU/o
T5HdBt96s5zdjMt+zt/ogUiEcGC24TF4VcDmkcRPdp2i8FpNBqOmEhLVtPky/9DB
Xu+PTkf0pr+ctZj5QwCrJDU1xQIDAQABo4ICkDCCAowwHQYDVR0OBBYEFLsOK4uu
czwAd2dL0mVjVS1vh5GnMB8GA1UdIwQYMBaAFDTcIBKerW9Bp8otmcm9Pn5gM8uI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MkQwOC9GOUMzMzM5MjFE
ODcxMUVBQTlDNUIxNzBDNEY5QUUwMi9OTndnRXA2dGIwR255aTJaeWIwLWZtQXp5
NGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05Od2dFcDZ0YjBHbnlpMlp5YjAtZm1Benk0Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTJEMDgvRjlDMzMzOTIxRDg3MTFFQUE5QzVCMTcwQzRGOUFFMDIvMDU5MkQ5MEUw
MkUxMTFGMEJGRjUzQTE1QzRGOUFFMDIucm9hME8GCCsGAQUFBwEHAQH/BEAwPjA8
BAIAATA2MAwDBAZlY0ADBABlY0owDAMEAGVjTQMEAmVjWDAMAwQHb1qAAwQCb1qY
AwQBb1qeAwQFfNngMA0GCSqGSIb3DQEBCwUAA4IBAQB2MG4T4mfPCF/DdHFHwAqj
tHkDSQTovp/MSOW8+cXgYnvmjLmOL/TMSfo7WWMlScHQ9Ucbdx6LkMEMxxjcl+VH
B9huodcKJ74o7Db25jJERowWCs90Y9ogYvD9YpdQQ33YJQfH8I8kVd7Ztj0TRCiB
YmWlZTqzt20NUa0qP1pW7M6B9nsbHqxwy9k7PrLXcjNBS0/LYBoctZgNO4sN4XLm
uUINpC4u7yh3VkcYklvD88+mPbdberShjC/3+uhXlQiDiWM/WXKtWZuegkydNrNW
uZcgu4DPNaWusd2n8y4P96gQC3TsMm3uglw/2ekHGzoCglXycATguM3U9Tj9KyEz
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:29:31 2026 by rpki-client