Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915C62B/64A05146601211E5BE925070C4F9AE02/AFF73BD2BA0811EAB2479081C4F9AE02.roa
File: AFF73BD2BA0811EAB2479081C4F9AE02.roa (raw, json)
Hash identifier: DdZKXb4M/HY8Rw+731AG6sVTmrNxGDyuIDLl//IJ4zA=
Subject key identifier: 3A:BF:83:1D:16:2E:9D:F2:C3:27:BE:74:41:4D:F2:22:49:FB:88:3A
Certificate issuer: /CN=A915C62B/serialNumber=50F20EA9E975AE4C4C8667CB57F7BCF570215C96
Certificate serial: 2561
Authority key identifier: 50:F2:0E:A9:E9:75:AE:4C:4C:86:67:CB:57:F7:BC:F5:70:21:5C:96
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UPIOqel1rkxMhmfLV_e89XAhXJY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915C62B/64A05146601211E5BE925070C4F9AE02/AFF73BD2BA0811EAB2479081C4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:18:40 +0000
ROA not before: Tue 16 Sep 2025 15:53:43 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 19905
IP address blocks: 203.208.149.0/24 maxlen: 24
203.208.151.0/24 maxlen: 24
203.208.152.0/24 maxlen: 24
203.208.153.0/24 maxlen: 24
203.208.154.0/24 maxlen: 24
203.208.155.0/24 maxlen: 24
203.208.157.0/24 maxlen: 24
203.208.158.0/24 maxlen: 24
203.208.166.0/24 maxlen: 24
203.208.171.0/24 maxlen: 24
203.208.172.0/24 maxlen: 24
203.208.173.0/24 maxlen: 24
203.208.178.0/24 maxlen: 24
203.208.182.0/24 maxlen: 24
203.208.183.0/24 maxlen: 24
203.208.185.0/24 maxlen: 24
203.208.190.0/24 maxlen: 24
203.208.193.0/24 maxlen: 24
203.208.194.0/24 maxlen: 24
203.208.221.0/24 maxlen: 24
203.208.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915C62B/64A05146601211E5BE925070C4F9AE02/UPIOqel1rkxMhmfLV_e89XAhXJY.crl
rsync://rpki.apnic.net/member_repository/A915C62B/64A05146601211E5BE925070C4F9AE02/UPIOqel1rkxMhmfLV_e89XAhXJY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UPIOqel1rkxMhmfLV_e89XAhXJY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 02:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9569 (0x2561)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915C62B, serialNumber=50F20EA9E975AE4C4C8667CB57F7BCF570215C96
Validity
Not Before: Sep 16 15:53:43 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=69a48300-7518
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:f5:46:fd:fb:bc:9b:d5:cf:af:33:0d:c3:6b:
25:85:e7:24:53:e1:1b:a6:d2:cc:ae:a1:62:87:de:
8f:c5:4e:f4:06:62:0d:c8:2e:8e:a4:b8:19:ff:09:
20:81:ff:8e:e3:95:c6:31:da:f9:48:bb:88:84:04:
80:58:a8:b0:42:6a:af:38:0f:42:fe:f0:c3:8f:3e:
cb:c4:3b:99:e5:24:67:84:2f:62:99:30:f2:77:56:
48:97:40:7f:94:99:77:54:e7:34:12:b4:39:c3:d4:
31:08:0c:8d:23:76:ee:57:1d:c7:d5:fa:17:f0:e6:
d6:d1:34:10:55:5e:29:0d:e7:28:19:5c:ec:f2:37:
e3:a7:c7:89:c4:34:b8:6b:e2:6f:25:c0:9c:62:50:
d0:6e:76:7a:1a:2b:3b:3b:68:ed:73:ef:49:1f:9d:
2e:ae:6b:77:e2:a8:97:fe:95:65:ff:d2:6f:84:90:
1f:e5:6c:0d:94:c2:49:4d:6b:ac:7f:65:5b:d2:9a:
1b:9d:38:a0:6b:11:23:de:48:46:34:bf:5d:b8:bf:
bf:75:54:9c:2f:fc:a2:39:51:46:35:c6:fd:ec:d9:
e1:a2:ba:90:8c:06:3d:f5:e4:b2:96:40:fe:9b:56:
71:24:d2:03:8c:c7:ee:46:05:34:6d:c9:07:d4:31:
29:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:BF:83:1D:16:2E:9D:F2:C3:27:BE:74:41:4D:F2:22:49:FB:88:3A
X509v3 Authority Key Identifier:
keyid:50:F2:0E:A9:E9:75:AE:4C:4C:86:67:CB:57:F7:BC:F5:70:21:5C:96
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915C62B/64A05146601211E5BE925070C4F9AE02/UPIOqel1rkxMhmfLV_e89XAhXJY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UPIOqel1rkxMhmfLV_e89XAhXJY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915C62B/64A05146601211E5BE925070C4F9AE02/AFF73BD2BA0811EAB2479081C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
203.208.149.0/24
203.208.151.0-203.208.155.255
203.208.157.0-203.208.158.255
203.208.166.0/24
203.208.171.0-203.208.173.255
203.208.178.0/24
203.208.182.0/23
203.208.185.0/24
203.208.190.0/24
203.208.193.0-203.208.194.255
203.208.221.0/24
203.208.223.0/24
Signature Algorithm: sha256WithRSAEncryption
dc:b6:42:3e:46:f9:58:10:70:2c:af:c6:4d:af:91:9c:02:9b:
ac:5d:ee:14:ed:a3:cd:24:25:b2:61:60:51:33:85:cc:d0:fa:
c0:3a:15:d7:16:10:ea:c4:f8:c1:8c:3a:1f:3f:90:60:1f:7f:
b3:0c:c6:3f:f9:b5:c8:77:20:d5:72:28:69:7b:3a:8b:26:35:
15:be:21:02:25:0a:8c:22:a6:84:7d:41:43:fb:f5:b4:24:ba:
f5:d3:20:60:3c:85:dd:00:51:9d:8e:54:f0:9e:ed:98:c3:af:
80:b7:12:2e:12:bc:35:b3:03:cd:39:e5:be:f2:fc:67:be:26:
5a:d9:c5:e1:72:a5:e7:df:2e:79:46:0c:04:ce:c6:1b:8b:ff:
4f:b1:df:77:97:e7:2a:46:7e:20:f5:c4:2c:5f:0d:57:55:d6:
36:0c:8e:db:20:01:c5:fc:9e:f1:73:63:5f:21:69:fc:f2:22:
d9:0f:86:10:89:eb:3a:3d:7c:99:96:a2:07:33:93:3b:39:4c:
40:05:32:a2:70:0b:b4:db:2c:10:5e:20:2c:fb:79:8d:69:8b:
6e:f4:09:7e:73:0b:7d:a3:5b:5d:b1:95:89:c7:a2:10:16:cb:
84:68:91:b1:58:53:4c:0a:5b:e0:67:43:25:80:9f:99:f2:88:
f0:f7:a8:93
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgICJWEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUM2MkIxMTAvBgNVBAUTKDUwRjIwRUE5RTk3NUFFNEM0Qzg2NjdDQjU3RjdCQ0Y1
NzAyMTVDOTYwHhcNMjUwOTE2MTU1MzQzWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODMwMC03NTE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAjvVG/fu8m9XPrzMNw2slheckU+EbptLMrqFih96PxU70BmINyC6OpLgZ/wkg
gf+O45XGMdr5SLuIhASAWKiwQmqvOA9C/vDDjz7LxDuZ5SRnhC9imTDyd1ZIl0B/
lJl3VOc0ErQ5w9QxCAyNI3buVx3H1foX8ObW0TQQVV4pDecoGVzs8jfjp8eJxDS4
a+JvJcCcYlDQbnZ6Gis7O2jtc+9JH50urmt34qiX/pVl/9JvhJAf5WwNlMJJTWus
f2Vb0pobnTigaxEj3khGNL9duL+/dVScL/yiOVFGNcb97NnhorqQjAY99eSylkD+
m1ZxJNIDjMfuRgU0bckH1DEpawIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFDq/gx0W
Lp3ywye+dEFN8iJJ+4g6MB8GA1UdIwQYMBaAFFDyDqnpda5MTIZny1f3vPVwIVyW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QzYyQi82NEEwNTE0NjYw
MTIxMUU1QkU5MjUwNzBDNEY5QUUwMi9VUElPcWVsMXJreE1obWZMVl9lODlYQWhY
SlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VQSU9xZWwxcmt4TWhtZkxWX2U4OVhBaFhKWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUM2MkIvNjRBMDUxNDY2MDEyMTFFNUJFOTI1MDcwQzRGOUFFMDIvQUZGNzNCRDJC
QTA4MTFFQUIyNDc5MDgxQzRGOUFFMDIucm9hMIGBBggrBgEFBQcBBwEB/wRyMHAw
bgQCAAEwaAMEAMvQlTAMAwQAy9CXAwQCy9CYMAwDBADL0J0DBADL0J4DBADL0KYw
DAMEAMvQqwMEAcvQrAMEAMvQsgMEAcvQtgMEAMvQuQMEAMvQvjAMAwQAy9DBAwQA
y9DCAwQAy9DdAwQAy9DfMA0GCSqGSIb3DQEBCwUAA4IBAQDctkI+RvlYEHAsr8ZN
r5GcApusXe4U7aPNJCWyYWBRM4XM0PrAOhXXFhDqxPjBjDofP5BgH3+zDMY/+bXI
dyDVcihpezqLJjUVviECJQqMIqaEfUFD+/W0JLr10yBgPIXdAFGdjlTwnu2Yw6+A
txIuErw1swPNOeW+8vxnviZa2cXhcqXn3y55RgwEzsYbi/9Psd93l+cqRn4g9cQs
Xw1XVdY2DI7bIAHF/J7xc2NfIWn88iLZD4YQies6PXyZlqIHM5M7OUxABTKicAu0
2ywQXiAs+3mNaYtu9Al+cwt9o1tdsZWJx6IQFsuEaJGxWFNMClvgZ0MlgJ+Z8ojw
96iT
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:06:42 2026 by rpki-client