Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915AE5F/8B79B678885111E6A692DE78C4F9AE02/7EFB8A6E885311E6BDE50A80C4F9AE02.roa
File: 7EFB8A6E885311E6BDE50A80C4F9AE02.roa (raw, json)
Hash identifier: yrw/Wliea2v/nhT95C1H6CHn+Y9xHNL1DsyB2AthFt4=
Subject key identifier: 6D:38:0F:24:6B:3D:A0:FE:ED:8E:11:A3:15:3B:E6:DE:DA:C4:41:EE
Certificate issuer: /CN=A915AE5F/serialNumber=AFE727E4209DCDF82762574B5E33C8083787A18F
Certificate serial: 1F47
Authority key identifier: AF:E7:27:E4:20:9D:CD:F8:27:62:57:4B:5E:33:C8:08:37:87:A1:8F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r-cn5CCdzfgnYldLXjPICDeHoY8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915AE5F/8B79B678885111E6A692DE78C4F9AE02/7EFB8A6E885311E6BDE50A80C4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:38:56 +0000
ROA not before: Fri 14 Nov 2025 16:03:50 +0000
ROA not after: Sun 31 Jan 2027 00:00:00 +0000
asID: 24392
IP address blocks: 202.179.64.0/19 maxlen: 19
202.179.64.0/24 maxlen: 24
202.179.65.0/24 maxlen: 24
202.179.66.0/24 maxlen: 24
202.179.67.0/24 maxlen: 24
202.179.68.0/24 maxlen: 24
202.179.69.0/24 maxlen: 24
202.179.70.0/24 maxlen: 24
202.179.71.0/24 maxlen: 24
202.179.72.0/24 maxlen: 24
202.179.73.0/24 maxlen: 24
202.179.74.0/24 maxlen: 24
202.179.75.0/24 maxlen: 24
202.179.76.0/24 maxlen: 24
202.179.77.0/24 maxlen: 24
202.179.78.0/24 maxlen: 24
202.179.79.0/24 maxlen: 24
202.179.80.0/24 maxlen: 24
202.179.81.0/24 maxlen: 24
202.179.82.0/24 maxlen: 24
202.179.83.0/24 maxlen: 24
202.179.84.0/24 maxlen: 24
202.179.85.0/24 maxlen: 24
202.179.86.0/24 maxlen: 24
202.179.87.0/24 maxlen: 24
202.179.88.0/24 maxlen: 24
202.179.89.0/24 maxlen: 24
202.179.90.0/24 maxlen: 24
202.179.91.0/24 maxlen: 24
202.179.92.0/24 maxlen: 24
202.179.93.0/24 maxlen: 24
202.179.94.0/24 maxlen: 24
202.179.95.0/24 maxlen: 24
2407:5c00:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915AE5F/8B79B678885111E6A692DE78C4F9AE02/r-cn5CCdzfgnYldLXjPICDeHoY8.crl
rsync://rpki.apnic.net/member_repository/A915AE5F/8B79B678885111E6A692DE78C4F9AE02/r-cn5CCdzfgnYldLXjPICDeHoY8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r-cn5CCdzfgnYldLXjPICDeHoY8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 02:08:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8007 (0x1f47)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915AE5F, serialNumber=AFE727E4209DCDF82762574B5E33C8083787A18F
Validity
Not Before: Nov 14 16:03:50 2025 GMT
Not After : Jan 31 00:00:00 2027 GMT
Subject: CN=69a479b0-7ae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:8e:8a:a8:e7:2e:8c:cd:4e:83:0d:18:8c:8e:
64:f9:74:18:88:cb:60:c5:d2:17:48:c9:5b:f7:36:
a9:5c:6d:cd:61:7e:3d:84:43:d8:7c:79:cd:4f:01:
c1:c3:f0:c6:71:39:3e:17:04:e6:4e:b6:2e:8d:5f:
f2:d0:fd:e1:ba:ed:6f:3c:e6:e5:95:02:b6:73:21:
da:88:50:81:15:15:77:bc:b3:4e:89:19:88:8d:7d:
97:2e:c1:a6:90:9b:e8:4f:0b:74:29:8b:ec:1f:2c:
96:68:28:53:87:8e:de:14:09:f7:a7:b6:4d:b2:00:
c7:25:f0:b1:aa:29:04:e7:a7:08:b7:f2:cc:4d:d9:
a2:4e:e1:c0:f2:a0:b3:2d:44:9a:42:bb:4b:51:6f:
91:16:89:80:37:78:4f:8d:3b:bb:4c:00:1c:9c:d9:
15:3e:e5:96:bd:2b:c1:9b:70:a4:76:66:22:ff:7f:
bc:06:fa:0d:31:fa:6d:2e:36:49:19:84:20:2c:ce:
a7:cc:ad:5d:54:27:ae:13:41:3f:d5:58:55:cf:db:
7a:26:46:e0:eb:98:4b:0c:a5:85:13:99:f3:0b:1f:
48:9f:5f:4a:f3:1f:17:03:07:c0:94:ef:8b:29:ae:
88:cc:84:5a:b1:5f:91:94:7c:67:7e:dd:e7:e0:d5:
6c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:38:0F:24:6B:3D:A0:FE:ED:8E:11:A3:15:3B:E6:DE:DA:C4:41:EE
X509v3 Authority Key Identifier:
keyid:AF:E7:27:E4:20:9D:CD:F8:27:62:57:4B:5E:33:C8:08:37:87:A1:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915AE5F/8B79B678885111E6A692DE78C4F9AE02/r-cn5CCdzfgnYldLXjPICDeHoY8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r-cn5CCdzfgnYldLXjPICDeHoY8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915AE5F/8B79B678885111E6A692DE78C4F9AE02/7EFB8A6E885311E6BDE50A80C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
202.179.64.0/19
IPv6:
2407:5c00:1::/48
Signature Algorithm: sha256WithRSAEncryption
15:6c:6f:34:0c:31:e0:65:a2:2e:41:51:26:2e:4e:cc:fb:b3:
69:fb:b7:40:76:8b:cc:1d:3f:ef:e4:c1:50:f9:26:ff:88:4d:
7a:50:55:7e:27:ed:d7:d7:05:75:44:0b:7a:e4:e0:2f:ad:ad:
02:88:4f:f5:54:9d:fe:00:2d:cd:4c:29:8a:e0:85:40:bb:11:
94:23:a8:4b:ec:7f:8e:e7:25:43:62:96:64:90:7b:4d:bc:c6:
6c:c0:02:9c:14:79:e9:c0:38:03:e5:ff:dd:d9:dc:7b:3f:ab:
de:a5:12:81:bf:0d:6b:05:b5:17:c5:d4:02:67:47:8f:ad:2c:
bd:62:92:1a:12:13:c4:8f:b9:d3:06:81:49:20:01:51:70:b3:
d7:e3:0e:0a:16:be:89:07:4f:e6:fe:39:18:1f:f1:15:00:c1:
7e:95:e8:b9:e9:86:8a:17:52:38:e1:15:52:d0:52:f4:e9:9c:
8d:f7:c1:fe:be:77:40:c4:0c:2b:db:87:42:13:7c:ed:92:0f:
23:ee:73:ad:49:52:b0:b8:1f:85:a3:58:ff:ca:69:ce:39:02:
a3:ee:15:3a:a8:ea:d4:96:bb:a6:05:c9:7e:b9:18:a3:40:64:
b9:a6:31:85:ec:61:c9:d4:ec:05:43:93:45:f1:36:97:25:3d:
8b:b4:3e:3b
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgICH0cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUFFNUYxMTAvBgNVBAUTKEFGRTcyN0U0MjA5RENERjgyNzYyNTc0QjVFMzNDODA4
Mzc4N0ExOEYwHhcNMjUxMTE0MTYwMzUwWhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NzliMC03YWU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA246KqOcujM1Ogw0YjI5k+XQYiMtgxdIXSMlb9zapXG3NYX49hEPYfHnNTwHB
w/DGcTk+FwTmTrYujV/y0P3huu1vPObllQK2cyHaiFCBFRV3vLNOiRmIjX2XLsGm
kJvoTwt0KYvsHyyWaChTh47eFAn3p7ZNsgDHJfCxqikE56cIt/LMTdmiTuHA8qCz
LUSaQrtLUW+RFomAN3hPjTu7TAAcnNkVPuWWvSvBm3CkdmYi/3+8BvoNMfptLjZJ
GYQgLM6nzK1dVCeuE0E/1VhVz9t6Jkbg65hLDKWFE5nzCx9In19K8x8XAwfAlO+L
Ka6IzIRasV+RlHxnft3n4NVs8wIDAQABo4ICcTCCAm0wHQYDVR0OBBYEFG04DyRr
PaD+7Y4RoxU75t7axEHuMB8GA1UdIwQYMBaAFK/nJ+Qgnc34J2JXS14zyAg3h6GP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QUU1Ri84Qjc5QjY3ODg4
NTExMUU2QTY5MkRFNzhDNEY5QUUwMi9yLWNuNUNDZHpmZ25ZbGRMWGpQSUNEZUhv
WTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ItY241Q0NkemZnbllsZExYalBJQ0RlSG9ZOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUFFNUYvOEI3OUI2Nzg4ODUxMTFFNkE2OTJERTc4QzRGOUFFMDIvN0VGQjhBNkU4
ODUzMTFFNkJERTUwQTgwQzRGOUFFMDIucm9hMDAGCCsGAQUFBwEHAQH/BCEwHzAM
BAIAATAGAwQFyrNAMA8EAgACMAkDBwAkB1wAAAEwDQYJKoZIhvcNAQELBQADggEB
ABVsbzQMMeBloi5BUSYuTsz7s2n7t0B2i8wdP+/kwVD5Jv+ITXpQVX4n7dfXBXVE
C3rk4C+trQKIT/VUnf4ALc1MKYrghUC7EZQjqEvsf47nJUNilmSQe028xmzAApwU
eenAOAPl/93Z3Hs/q96lEoG/DWsFtRfF1AJnR4+tLL1ikhoSE8SPudMGgUkgAVFw
s9fjDgoWvokHT+b+ORgf8RUAwX6V6LnphooXUjjhFVLQUvTpnI33wf6+d0DEDCvb
h0ITfO2SDyPuc61JUrC4H4WjWP/Kac45AqPuFTqo6tSWu6YFyX65GKNAZLmmMYXs
YcnU7AVDk0XxNpclPYu0Pjs=
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:44:00 2026 by rpki-client