Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/FBC5FF822EE711EF96610B4EC4F9AE02.roa
File: FBC5FF822EE711EF96610B4EC4F9AE02.roa (raw, json)
Hash identifier: S48kU8CxEt2lqHTLC9S8NrgXijXkmXA37DtqgyeV7oE=
Subject key identifier: F7:CC:A7:CD:50:5B:63:29:8C:5F:2C:61:77:16:13:75:37:25:A4:36
Certificate issuer: /CN=A915D03A/serialNumber=615ED84C44E657F7095E0212AFEA052C542A0D91
Certificate serial: 1A6A
Authority key identifier: 61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/FBC5FF822EE711EF96610B4EC4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:35:32 +0000
ROA not before: Thu 08 Jan 2026 17:13:46 +0000
ROA not after: Tue 02 Mar 2027 00:00:00 +0000
asID: 16625
IP address blocks: 59.151.128.0/22 maxlen: 22
59.151.136.0/22 maxlen: 22
59.151.176.0/22 maxlen: 22
60.254.132.0/22 maxlen: 22
60.254.168.0/22 maxlen: 22
103.238.150.0/23 maxlen: 23
118.214.32.0/20 maxlen: 20
118.214.64.0/20 maxlen: 20
118.214.96.0/20 maxlen: 20
118.214.128.0/20 maxlen: 20
118.214.240.0/20 maxlen: 20
118.215.8.0/21 maxlen: 21
118.215.32.0/21 maxlen: 21
118.215.80.0/21 maxlen: 21
118.215.88.0/21 maxlen: 21
118.215.96.0/21 maxlen: 21
118.215.176.0/20 maxlen: 20
122.252.40.0/21 maxlen: 21
125.56.212.0/23 maxlen: 23
125.252.212.0/22 maxlen: 22
125.252.216.0/22 maxlen: 22
125.252.228.0/22 maxlen: 22
125.252.232.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.crl
rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 01:43:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6762 (0x1a6a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915D03A, serialNumber=615ED84C44E657F7095E0212AFEA052C542A0D91
Validity
Not Before: Jan 8 17:13:46 2026 GMT
Not After : Mar 2 00:00:00 2027 GMT
Subject: CN=69a486f4-e3ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:29:7b:be:43:d1:be:c8:b0:7b:5d:e6:6e:7d:
ff:c5:ce:5b:8e:a8:fe:fa:6f:0e:04:02:32:78:de:
f8:3b:a9:ee:9e:2d:2f:98:1e:cf:d9:a3:cc:7e:6e:
84:45:ef:6a:17:32:f1:22:fa:e5:66:7d:ff:a2:4f:
61:69:20:dd:6e:34:30:14:5c:6b:12:82:ba:77:84:
05:4e:83:d4:88:9f:4a:08:30:5e:94:48:e9:87:8d:
17:06:20:88:96:d6:cc:fa:9a:80:8c:92:13:f4:3c:
95:60:63:b2:9d:e2:10:46:26:51:76:e2:45:6d:fc:
c3:91:f6:1e:55:3e:89:3f:3e:47:09:4f:95:b4:b2:
28:50:c8:b1:d0:37:e8:9f:44:cf:1c:48:a6:43:16:
78:7b:e3:c9:7e:df:2b:06:81:e8:4c:2a:a4:37:3b:
8a:a8:8c:94:a7:7e:1f:e2:4c:f2:99:74:96:bb:3b:
ab:7a:f0:2d:76:65:37:f8:a4:be:27:69:0c:42:fc:
4e:6c:06:a1:2b:cb:af:32:55:eb:3a:9c:fc:32:b1:
b1:c5:d3:76:a2:01:77:f7:01:08:b1:26:80:53:93:
23:c3:98:34:56:1b:5e:e2:50:58:46:ad:17:5b:78:
67:c7:47:41:21:5d:d9:a4:7e:e0:45:34:12:67:55:
5c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:CC:A7:CD:50:5B:63:29:8C:5F:2C:61:77:16:13:75:37:25:A4:36
X509v3 Authority Key Identifier:
keyid:61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/FBC5FF822EE711EF96610B4EC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
59.151.128.0/22
59.151.136.0/22
59.151.176.0/22
60.254.132.0/22
60.254.168.0/22
103.238.150.0/23
118.214.32.0/20
118.214.64.0/20
118.214.96.0/20
118.214.128.0/20
118.214.240.0/20
118.215.8.0/21
118.215.32.0/21
118.215.80.0-118.215.103.255
118.215.176.0/20
122.252.40.0/21
125.56.212.0/23
125.252.212.0-125.252.219.255
125.252.228.0-125.252.239.255
Signature Algorithm: sha256WithRSAEncryption
7d:e7:c2:4e:94:3b:56:86:6e:e8:1f:76:6e:17:ca:a1:4a:a4:
df:a3:df:9d:2d:fb:5f:07:c4:1b:70:9b:4b:de:53:da:1b:75:
35:eb:5d:78:07:44:de:ff:0a:7a:51:39:59:3f:c9:b9:6c:ca:
c6:94:d0:1e:c4:66:53:b0:83:18:7c:12:eb:9a:06:99:7f:0e:
2c:d8:87:af:fc:41:39:fe:74:dd:41:5a:24:b1:3e:45:56:d6:
e4:1f:3f:86:19:fe:d0:79:40:04:89:66:e4:19:7d:17:b4:0e:
c0:ac:fd:41:d1:33:a1:81:9d:ea:a8:71:c9:74:1c:a4:43:a3:
e0:94:8c:cb:6b:ad:1c:ec:9a:ef:ec:ad:a8:bc:a5:cc:86:7c:
11:74:0d:6d:d4:96:b2:95:6f:d1:41:cf:33:e4:ac:29:dd:e2:
ab:1a:09:4b:59:09:81:0f:5f:07:eb:d7:33:59:70:9d:70:9b:
44:32:ae:7e:b5:3d:e2:c7:98:0d:71:c0:d3:1a:e8:ec:38:28:
4e:1d:48:d0:2e:d0:74:eb:bb:b4:b6:e4:0d:73:4b:49:65:33:
ce:5d:22:de:65:f9:e0:8a:38:77:fa:49:ab:84:49:9a:e9:f8:
03:1e:05:93:26:c9:bc:83:b0:cc:f0:25:35:43:06:46:a0:cd:
98:f6:20:6b
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgICGmowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUQwM0ExMTAvBgNVBAUTKDYxNUVEODRDNDRFNjU3RjcwOTVFMDIxMkFGRUEwNTJD
NTQyQTBEOTEwHhcNMjYwMTA4MTcxMzQ2WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODZmNC1lM2VlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxil7vkPRvsiwe13mbn3/xc5bjqj++m8OBAIyeN74O6nuni0vmB7P2aPMfm6E
Re9qFzLxIvrlZn3/ok9haSDdbjQwFFxrEoK6d4QFToPUiJ9KCDBelEjph40XBiCI
ltbM+pqAjJIT9DyVYGOyneIQRiZRduJFbfzDkfYeVT6JPz5HCU+VtLIoUMix0Dfo
n0TPHEimQxZ4e+PJft8rBoHoTCqkNzuKqIyUp34f4kzymXSWuzurevAtdmU3+KS+
J2kMQvxObAahK8uvMlXrOpz8MrGxxdN2ogF39wEIsSaAU5Mjw5g0Vhte4lBYRq0X
W3hnx0dBIV3ZpH7gRTQSZ1VckQIDAQABo4IC6TCCAuUwHQYDVR0OBBYEFPfMp81Q
W2MpjF8sYXcWE3U3JaQ2MB8GA1UdIwQYMBaAFGFe2ExE5lf3CV4CEq/qBSxUKg2R
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDAzQS8xQjY0NzcxMDky
NDYxMUU3OUFBRUJFMTBDNEY5QUUwMi9ZVjdZVEVUbVZfY0pYZ0lTci1vRkxGUXFE
WkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lWN1lURVRtVl9jSlhnSVNyLW9GTEZRcURaRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUQwM0EvMUI2NDc3MTA5MjQ2MTFFNzlBQUVCRTEwQzRGOUFFMDIvRkJDNUZGODIy
RUU3MTFFRjk2NjEwQjRFQzRGOUFFMDIucm9hMIGnBggrBgEFBQcBBwEB/wSBlzCB
lDCBkQQCAAEwgYoDBAI7l4ADBAI7l4gDBAI7l7ADBAI8/oQDBAI8/qgDBAFn7pYD
BAR21iADBAR21kADBAR21mADBAR21oADBAR21vADBAN21wgDBAN21yAwDAMEBHbX
UAMEA3bXYAMEBHbXsAMEA3r8KAMEAX041DAMAwQCffzUAwQCffzYMAwDBAJ9/OQD
BAR9/OAwDQYJKoZIhvcNAQELBQADggEBAH3nwk6UO1aGbugfdm4XyqFKpN+j350t
+18HxBtwm0veU9obdTXrXXgHRN7/CnpROVk/yblsysaU0B7EZlOwgxh8EuuaBpl/
DizYh6/8QTn+dN1BWiSxPkVW1uQfP4YZ/tB5QASJZuQZfRe0DsCs/UHRM6GBneqo
ccl0HKRDo+CUjMtrrRzsmu/srai8pcyGfBF0DW3UlrKVb9FBzzPkrCnd4qsaCUtZ
CYEPXwfr1zNZcJ1wm0Qyrn61PeLHmA1xwNMa6Ow4KE4dSNAu0HTru7S25A1zS0ll
M85dIt5l+eCKOHf6SauESZrp+AMeBZMmybyDsMzwJTVDBkagzZj2IGs=
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:01:19 2026 by rpki-client