Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/1B97493E7FFF11EF85F9E340C4F9AE02.roa
File: 1B97493E7FFF11EF85F9E340C4F9AE02.roa (raw, json)
Hash identifier: PL8uHSqtG/dPR3qkHOmJWXxTaJWMJ9JBct5vxpIjSMw=
Subject key identifier: 79:7E:D6:81:AD:72:CA:3A:94:9F:08:81:4E:85:8F:D9:39:BB:55:0F
Certificate issuer: /CN=A915D03A/serialNumber=615ED84C44E657F7095E0212AFEA052C542A0D91
Certificate serial: 1A77
Authority key identifier: 61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/1B97493E7FFF11EF85F9E340C4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:35:43 +0000
ROA not before: Tue 20 Jan 2026 09:44:59 +0000
ROA not after: Tue 02 Mar 2027 00:00:00 +0000
asID: 32787
IP address blocks: 114.141.73.0/24 maxlen: 24
114.141.74.0/24 maxlen: 24
114.141.75.0/24 maxlen: 24
114.141.76.0/24 maxlen: 24
114.141.77.0/24 maxlen: 24
114.141.78.0/23 maxlen: 23
114.141.78.0/24 maxlen: 24
114.141.79.0/24 maxlen: 24
2404:4e00:1::/48 maxlen: 48
2404:4e00:2::/48 maxlen: 48
2404:4e00:3::/48 maxlen: 48
2404:4e00:4::/48 maxlen: 48
2404:4e00:5::/48 maxlen: 48
2404:4e00:6::/48 maxlen: 48
2404:4e00:7::/48 maxlen: 48
2404:4e00:101::/48 maxlen: 48
2404:4e00:102::/48 maxlen: 48
2404:4e00:103::/48 maxlen: 48
2404:4e00:104::/48 maxlen: 48
2404:4e00:105::/48 maxlen: 48
2404:4e00:107::/48 maxlen: 48
2404:4e00:200::/48 maxlen: 48
2404:4e00:201::/48 maxlen: 48
2404:4e00:202::/48 maxlen: 48
2404:4e00:203::/48 maxlen: 48
2404:4e00:204::/48 maxlen: 48
2404:4e00:205::/48 maxlen: 48
2404:4e00:206::/48 maxlen: 48
2404:4e00:207::/48 maxlen: 48
2404:4e00:208::/48 maxlen: 48
2404:4e00:209::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.crl
rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 01:43:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6775 (0x1a77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915D03A, serialNumber=615ED84C44E657F7095E0212AFEA052C542A0D91
Validity
Not Before: Jan 20 09:44:59 2026 GMT
Not After : Mar 2 00:00:00 2027 GMT
Subject: CN=69a486ff-145f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d0:9d:aa:7c:c0:e2:65:6e:3f:2c:bc:c1:cd:
36:54:8c:af:5b:8e:50:9c:4f:46:12:d9:00:a4:d3:
b3:85:f3:ea:c0:11:d1:16:0c:64:ae:42:9f:97:17:
c5:3e:95:15:7f:77:ae:89:90:c1:23:1d:d4:f7:3c:
ba:15:ea:17:66:8f:6d:d7:db:1a:80:b2:06:61:a9:
9e:de:ad:10:4b:63:60:9f:ed:50:93:14:d7:38:b2:
1c:0f:cd:05:88:85:d8:62:c3:95:88:b4:98:89:f5:
7f:94:d8:38:cd:3a:97:1b:8c:08:d1:45:59:b2:28:
43:f3:6e:d4:06:33:01:a7:4f:31:b6:4e:0a:87:66:
dd:e8:77:8a:e4:db:12:53:26:8e:33:3b:2b:d0:02:
2b:c8:e0:50:c0:72:30:dc:07:4a:30:51:9d:69:7f:
80:93:e8:3b:ca:96:cf:96:04:11:e1:70:a5:0e:4b:
a5:37:d1:ec:65:45:fb:80:ca:79:47:0b:01:37:b8:
5a:7d:91:d5:81:d5:6e:ad:31:a0:8c:d2:5d:0d:7d:
25:50:63:f9:3d:c6:65:73:5d:be:09:05:8d:af:12:
70:b0:5f:1c:36:3a:88:33:26:ba:8c:95:1b:c4:4d:
a8:8c:8f:ff:d5:35:55:e2:1c:83:34:d2:04:19:8d:
ef:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:7E:D6:81:AD:72:CA:3A:94:9F:08:81:4E:85:8F:D9:39:BB:55:0F
X509v3 Authority Key Identifier:
keyid:61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/1B97493E7FFF11EF85F9E340C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
114.141.73.0-114.141.79.255
IPv6:
2404:4e00:1::-2404:4e00:7:ffff:ffff:ffff:ffff:ffff
2404:4e00:101::-2404:4e00:105:ffff:ffff:ffff:ffff:ffff
2404:4e00:107::/48
2404:4e00:200::-2404:4e00:209:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7e:c6:de:7a:b9:a0:7a:80:30:e5:1d:3f:72:fb:08:71:21:14:
e3:7e:81:28:56:30:4c:6f:56:a1:a0:c6:d8:ac:bc:d2:5c:52:
32:a7:54:c3:a6:ff:64:6e:f2:e7:2b:8d:07:7e:05:0f:86:70:
07:ec:fc:95:2a:d5:2a:4a:99:54:f2:7c:d5:36:56:9b:24:e6:
a5:0e:41:0d:49:a1:a0:ea:cf:7a:82:02:3b:96:c2:f3:29:71:
a4:8b:6c:e8:4f:ce:e8:42:4b:a3:67:eb:99:f2:bb:86:b8:21:
fb:94:f0:28:13:79:ec:9c:a0:ec:75:06:7e:c3:80:6c:97:3f:
cf:48:bc:a6:e2:6b:09:9c:18:78:99:5c:f3:28:47:64:21:0a:
b4:51:30:a7:c3:47:98:2c:92:8c:ad:c6:4d:bc:b3:d0:74:64:
42:f3:c4:a1:e6:a4:1c:cc:20:a4:af:29:00:29:58:aa:98:fa:
86:7b:a9:09:59:4b:2c:0f:50:f4:5a:59:97:91:06:e6:94:d2:
d0:f2:5b:a3:bc:79:1a:ac:28:fa:67:57:2c:23:5d:6e:07:f8:
43:f8:10:8d:be:9d:67:25:23:65:6e:4c:07:3b:c3:64:12:97:
ca:b7:07:e3:ff:40:ee:b6:d2:17:11:a1:2b:2e:57:b7:d0:a9:
2a:d2:1e:5e
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgICGncwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUQwM0ExMTAvBgNVBAUTKDYxNUVEODRDNDRFNjU3RjcwOTVFMDIxMkFGRUEwNTJD
NTQyQTBEOTEwHhcNMjYwMTIwMDk0NDU5WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODZmZi0xNDVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAjtCdqnzA4mVuPyy8wc02VIyvW45QnE9GEtkApNOzhfPqwBHRFgxkrkKflxfF
PpUVf3euiZDBIx3U9zy6FeoXZo9t19sagLIGYame3q0QS2Ngn+1QkxTXOLIcD80F
iIXYYsOViLSYifV/lNg4zTqXG4wI0UVZsihD827UBjMBp08xtk4Kh2bd6HeK5NsS
UyaOMzsr0AIryOBQwHIw3AdKMFGdaX+Ak+g7ypbPlgQR4XClDkulN9HsZUX7gMp5
RwsBN7hafZHVgdVurTGgjNJdDX0lUGP5PcZlc12+CQWNrxJwsF8cNjqIMya6jJUb
xE2ojI//1TVV4hyDNNIEGY3vhQIDAQABo4ICtDCCArAwHQYDVR0OBBYEFHl+1oGt
cso6lJ8IgU6Fj9k5u1UPMB8GA1UdIwQYMBaAFGFe2ExE5lf3CV4CEq/qBSxUKg2R
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDAzQS8xQjY0NzcxMDky
NDYxMUU3OUFBRUJFMTBDNEY5QUUwMi9ZVjdZVEVUbVZfY0pYZ0lTci1vRkxGUXFE
WkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lWN1lURVRtVl9jSlhnSVNyLW9GTEZRcURaRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUQwM0EvMUI2NDc3MTA5MjQ2MTFFNzlBQUVCRTEwQzRGOUFFMDIvMUI5NzQ5M0U3
RkZGMTFFRjg1RjlFMzQwQzRGOUFFMDIucm9hMHMGCCsGAQUFBwEHAQH/BGQwYjAU
BAIAATAOMAwDBAByjUkDBARyjUAwSgQCAAIwRDASAwcAJAROAAABAwcDJAROAAAA
MBIDBwAkBE4AAQEDBwEkBE4AAQQDBwAkBE4AAQcwEQMGASQETgACAwcBJAROAAII
MA0GCSqGSIb3DQEBCwUAA4IBAQB+xt56uaB6gDDlHT9y+whxIRTjfoEoVjBMb1ah
oMbYrLzSXFIyp1TDpv9kbvLnK40HfgUPhnAH7PyVKtUqSplU8nzVNlabJOalDkEN
SaGg6s96ggI7lsLzKXGki2zoT87oQkujZ+uZ8ruGuCH7lPAoE3nsnKDsdQZ+w4Bs
lz/PSLym4msJnBh4mVzzKEdkIQq0UTCnw0eYLJKMrcZNvLPQdGRC88Sh5qQczCCk
rykAKViqmPqGe6kJWUssD1D0WlmXkQbmlNLQ8lujvHkarCj6Z1csI11uB/hD+BCN
vp1nJSNlbkwHO8NkEpfKtwfj/0DuttIXEaErLle30Kkq0h5e
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:31:44 2026 by rpki-client