Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157861/34D26C88846F11E6A313C022C4F9AE02/C22F80E4D1F011EEB68A503EC4F9AE02.roa
File: C22F80E4D1F011EEB68A503EC4F9AE02.roa (raw, json)
Hash identifier: yXfDvxwixQCVNXGXtCqoWdhakT5p23NjgL5kMuTrTAI=
Subject key identifier: EC:74:87:3A:9A:35:6B:92:13:B9:A3:98:B7:B3:2B:A4:8F:CF:56:C6
Certificate issuer: /CN=A9157861/serialNumber=BD5F088894D9DA7565D4436143EE026C320E4A2A
Certificate serial: 1EF3
Authority key identifier: BD:5F:08:88:94:D9:DA:75:65:D4:43:61:43:EE:02:6C:32:0E:4A:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vV8IiJTZ2nVl1ENhQ-4CbDIOSio.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157861/34D26C88846F11E6A313C022C4F9AE02/C22F80E4D1F011EEB68A503EC4F9AE02.roa
Signing time: Sun 01 Mar 2026 13:40:31 +0000
ROA not before: Sat 02 Aug 2025 16:24:23 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 38176
IP address blocks: 113.208.64.0/23 maxlen: 23
113.208.66.0/24 maxlen: 24
113.208.67.0/24 maxlen: 24
113.208.68.0/22 maxlen: 22
113.208.68.0/24 maxlen: 24
113.208.69.0/24 maxlen: 24
113.208.70.0/24 maxlen: 24
113.208.71.0/24 maxlen: 24
113.208.72.0/24 maxlen: 24
113.208.73.0/24 maxlen: 24
113.208.74.0/24 maxlen: 24
113.208.75.0/24 maxlen: 24
113.208.76.0/24 maxlen: 24
113.208.78.0/24 maxlen: 24
113.208.79.0/24 maxlen: 24
113.208.80.0/24 maxlen: 24
113.208.81.0/24 maxlen: 24
113.208.82.0/24 maxlen: 24
113.208.83.0/24 maxlen: 24
113.208.84.0/24 maxlen: 24
113.208.85.0/24 maxlen: 24
113.208.86.0/24 maxlen: 24
113.208.87.0/24 maxlen: 24
113.208.88.0/24 maxlen: 24
113.208.89.0/24 maxlen: 24
113.208.90.0/24 maxlen: 24
113.208.91.0/24 maxlen: 24
113.208.92.0/24 maxlen: 24
113.208.93.0/24 maxlen: 24
113.208.94.0/24 maxlen: 24
203.202.224.0/23 maxlen: 23
203.202.224.0/24 maxlen: 24
203.202.225.0/24 maxlen: 24
203.202.226.0/23 maxlen: 23
203.202.226.0/24 maxlen: 24
203.202.227.0/24 maxlen: 24
203.202.228.0/23 maxlen: 23
203.202.228.0/24 maxlen: 24
203.202.229.0/24 maxlen: 24
203.202.230.0/23 maxlen: 23
203.202.230.0/24 maxlen: 24
203.202.231.0/24 maxlen: 24
2405:1400::/34 maxlen: 34
2405:1400:4000::/34 maxlen: 34
2405:1400:8000::/34 maxlen: 34
2405:1400:c000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9157861/34D26C88846F11E6A313C022C4F9AE02/vV8IiJTZ2nVl1ENhQ-4CbDIOSio.crl
rsync://rpki.apnic.net/member_repository/A9157861/34D26C88846F11E6A313C022C4F9AE02/vV8IiJTZ2nVl1ENhQ-4CbDIOSio.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vV8IiJTZ2nVl1ENhQ-4CbDIOSio.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 03:10:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7923 (0x1ef3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157861, serialNumber=BD5F088894D9DA7565D4436143EE026C320E4A2A
Validity
Not Before: Aug 2 16:24:23 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=69a441cf-186d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:97:bf:50:28:9b:d8:9f:67:12:24:b1:d2:3a:
3e:a6:8e:17:f3:72:07:c1:b9:ba:09:78:1e:3b:c1:
93:9f:90:4a:72:3c:09:2f:00:d3:8a:5e:4c:7a:59:
69:8a:67:a8:e2:1f:c5:4d:fb:c6:6a:30:82:88:ea:
44:c9:1d:6a:44:99:e6:21:10:0b:39:e6:76:7d:b0:
05:38:55:c0:6a:5f:f7:51:27:32:c8:f5:fc:08:5b:
68:92:86:4b:e3:cb:19:1d:ae:da:f3:87:58:5a:45:
89:12:32:46:6e:db:19:9f:a4:80:c7:84:b6:e2:86:
9b:df:c4:b4:b0:2d:57:33:c3:11:38:5c:58:30:2d:
40:00:d0:ec:4f:de:5d:7f:a9:12:33:28:b1:f1:4b:
f0:df:46:4c:8c:4d:8b:3b:22:8f:c5:c9:0d:22:e2:
a9:04:6b:b6:72:9a:a6:97:bb:76:aa:99:24:cd:e1:
09:c6:64:1f:30:80:d8:e2:d5:a9:d6:0d:22:af:cc:
84:05:b7:80:e6:9f:b5:bc:d1:a7:26:b3:15:c7:b6:
43:b4:a7:95:7a:9d:eb:a9:ff:53:c4:35:a7:41:40:
9d:1e:24:c5:13:df:ba:10:ed:fb:7d:5c:12:b3:1d:
e7:bc:24:43:a4:55:67:b3:36:e8:22:ea:06:ae:3f:
63:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:74:87:3A:9A:35:6B:92:13:B9:A3:98:B7:B3:2B:A4:8F:CF:56:C6
X509v3 Authority Key Identifier:
keyid:BD:5F:08:88:94:D9:DA:75:65:D4:43:61:43:EE:02:6C:32:0E:4A:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157861/34D26C88846F11E6A313C022C4F9AE02/vV8IiJTZ2nVl1ENhQ-4CbDIOSio.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vV8IiJTZ2nVl1ENhQ-4CbDIOSio.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157861/34D26C88846F11E6A313C022C4F9AE02/C22F80E4D1F011EEB68A503EC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
113.208.64.0-113.208.76.255
113.208.78.0-113.208.94.255
203.202.224.0/21
IPv6:
2405:1400::/32
Signature Algorithm: sha256WithRSAEncryption
8b:9a:c1:14:33:9b:94:38:2e:7c:b8:db:65:b6:35:bd:8a:65:
4d:43:3e:af:28:72:fa:5e:b8:3b:eb:2d:e3:89:14:03:42:5f:
ab:6d:cc:22:72:b8:ab:53:51:12:3f:c5:b2:08:f2:32:4e:5e:
e4:49:a1:43:a3:9b:b5:d5:c8:79:e2:48:3c:8b:56:aa:10:0a:
ef:28:1f:34:9a:2c:ce:a5:0e:cc:18:fe:05:15:f7:2c:49:a5:
11:89:e6:3b:4d:45:b3:98:54:3d:f0:87:ed:48:ba:4b:b7:57:
7f:72:da:2b:7c:45:bd:13:31:b9:8c:bc:12:70:03:bd:3b:36:
ef:53:ee:19:0f:cb:57:00:d8:68:3c:e2:9c:49:c2:7e:b8:f5:
62:5a:e6:13:15:e4:f8:15:ed:6a:c2:3b:b7:22:1d:5f:91:b9:
dd:d5:9b:c2:30:f4:77:46:bd:8b:25:7b:90:f0:4e:c8:3e:15:
13:8a:b2:05:a9:a1:ed:8b:cd:b5:b0:69:0e:c5:7e:5f:64:ab:
11:4d:da:ce:8b:9f:2d:d9:b3:5b:2f:41:64:79:d7:4b:9f:8c:
37:b6:30:03:94:5d:12:b9:17:92:77:2d:d1:2c:e7:ca:59:a1:
b1:f6:98:e6:21:23:bc:9e:20:0b:d0:7e:2f:72:dd:41:16:43:
ae:4a:fe:b1
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgICHvMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTc4NjExMTAvBgNVBAUTKEJENUYwODg4OTREOURBNzU2NUQ0NDM2MTQzRUUwMjZD
MzIwRTRBMkEwHhcNMjUwODAyMTYyNDIzWhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NDFjZi0xODZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAiZe/UCib2J9nEiSx0jo+po4X83IHwbm6CXgeO8GTn5BKcjwJLwDTil5Mellp
imeo4h/FTfvGajCCiOpEyR1qRJnmIRALOeZ2fbAFOFXAal/3UScyyPX8CFtokoZL
48sZHa7a84dYWkWJEjJGbtsZn6SAx4S24oab38S0sC1XM8MROFxYMC1AANDsT95d
f6kSMyix8Uvw30ZMjE2LOyKPxckNIuKpBGu2cpqml7t2qpkkzeEJxmQfMIDY4tWp
1g0ir8yEBbeA5p+1vNGnJrMVx7ZDtKeVep3rqf9TxDWnQUCdHiTFE9+6EO37fVwS
sx3nvCRDpFVnszboIuoGrj9jYQIDAQABo4ICizCCAocwHQYDVR0OBBYEFOx0hzqa
NWuSE7mjmLezK6SPz1bGMB8GA1UdIwQYMBaAFL1fCIiU2dp1ZdRDYUPuAmwyDkoq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Nzg2MS8zNEQyNkM4ODg0
NkYxMUU2QTMxM0MwMjJDNEY5QUUwMi92VjhJaUpUWjJuVmwxRU5oUS00Q2JESU9T
aW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZWOElpSlRaMm5WbDFFTmhRLTRDYkRJT1Npby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTc4NjEvMzREMjZDODg4NDZGMTFFNkEzMTNDMDIyQzRGOUFFMDIvQzIyRjgwRTRE
MUYwMTFFRUI2OEE1MDNFQzRGOUFFMDIucm9hMEoGCCsGAQUFBwEHAQH/BDswOTAo
BAIAATAiMAwDBAZx0EADBABx0EwwDAMEAXHQTgMEAHHQXgMEA8vK4DANBAIAAjAH
AwUAJAUUADANBgkqhkiG9w0BAQsFAAOCAQEAi5rBFDOblDgufLjbZbY1vYplTUM+
ryhy+l64O+st44kUA0Jfq23MInK4q1NREj/FsgjyMk5e5EmhQ6ObtdXIeeJIPItW
qhAK7ygfNJoszqUOzBj+BRX3LEmlEYnmO01Fs5hUPfCH7Ui6S7dXf3LaK3xFvRMx
uYy8EnADvTs271PuGQ/LVwDYaDzinEnCfrj1YlrmExXk+BXtasI7tyIdX5G53dWb
wjD0d0a9iyV7kPBOyD4VE4qyBamh7YvNtbBpDsV+X2SrEU3azoufLdmzWy9BZHnX
S5+MN7YwA5RdErkXknct0SznylmhsfaY5iEjvJ4gC9B+L3LdQRZDrkr+sQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:31:55 2026 by rpki-client