Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9165568/BD1A95D21D8711E29BE3E6DF08B02CD2/084044FC19AC11EB8759456DC4F9AE02.roa
File: 084044FC19AC11EB8759456DC4F9AE02.roa (raw, json)
Hash identifier: iVpOoJBlOyG/3zE1oA25hpkQYIqJe26GyQVWdLF9Bv4=
Subject key identifier: 98:C1:CE:29:47:92:49:E0:1E:C5:24:84:04:0B:19:3B:5E:4D:67:98
Certificate issuer: /CN=A9165568/serialNumber=67097E492F73D6DBD31FA016A2D5B5B86A9B3FD8
Certificate serial: 1D9A
Authority key identifier: 67:09:7E:49:2F:73:D6:DB:D3:1F:A0:16:A2:D5:B5:B8:6A:9B:3F:D8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zwl-SS9z1tvTH6AWotW1uGqbP9g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9165568/BD1A95D21D8711E29BE3E6DF08B02CD2/084044FC19AC11EB8759456DC4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:27:19 +0000
ROA not before: Tue 04 Nov 2025 15:00:38 +0000
ROA not after: Sun 31 Jan 2027 00:00:00 +0000
asID: 9940
IP address blocks: 202.61.56.0/21 maxlen: 21
202.61.56.0/24 maxlen: 24
202.61.57.0/24 maxlen: 24
202.61.58.0/24 maxlen: 24
202.61.59.0/24 maxlen: 24
202.61.60.0/24 maxlen: 24
202.61.61.0/24 maxlen: 24
202.61.62.0/24 maxlen: 24
202.61.63.0/24 maxlen: 24
202.147.160.0/20 maxlen: 24
202.147.176.0/21 maxlen: 24
202.147.184.0/21 maxlen: 24
202.154.224.0/20 maxlen: 24
202.154.240.0/20 maxlen: 20
202.154.240.0/24 maxlen: 24
202.154.241.0/24 maxlen: 24
202.154.242.0/24 maxlen: 24
202.154.243.0/24 maxlen: 24
202.154.244.0/24 maxlen: 24
202.154.245.0/24 maxlen: 24
202.154.246.0/24 maxlen: 24
202.154.247.0/24 maxlen: 24
202.154.248.0/24 maxlen: 24
202.154.249.0/24 maxlen: 24
202.154.250.0/24 maxlen: 24
202.154.251.0/24 maxlen: 24
202.154.252.0/24 maxlen: 24
202.154.253.0/24 maxlen: 24
202.154.254.0/24 maxlen: 24
202.154.255.0/24 maxlen: 24
203.223.160.0/20 maxlen: 24
210.2.128.0/20 maxlen: 21
210.2.128.0/24 maxlen: 24
210.2.129.0/24 maxlen: 24
210.2.130.0/24 maxlen: 24
210.2.131.0/24 maxlen: 24
210.2.132.0/22 maxlen: 22
210.2.132.0/24 maxlen: 24
210.2.133.0/24 maxlen: 24
210.2.134.0/24 maxlen: 24
210.2.135.0/24 maxlen: 24
210.2.136.0/21 maxlen: 22
210.2.136.0/24 maxlen: 24
210.2.137.0/24 maxlen: 24
210.2.138.0/24 maxlen: 24
210.2.139.0/24 maxlen: 24
210.2.140.0/24 maxlen: 24
210.2.141.0/24 maxlen: 24
210.2.142.0/24 maxlen: 24
210.2.143.0/24 maxlen: 24
210.2.144.0/20 maxlen: 21
210.2.144.0/24 maxlen: 24
210.2.145.0/24 maxlen: 24
210.2.146.0/24 maxlen: 24
210.2.147.0/24 maxlen: 24
210.2.148.0/24 maxlen: 24
210.2.149.0/24 maxlen: 24
210.2.150.0/24 maxlen: 24
210.2.151.0/24 maxlen: 24
210.2.152.0/24 maxlen: 24
210.2.153.0/24 maxlen: 24
210.2.154.0/24 maxlen: 24
210.2.155.0/24 maxlen: 24
210.2.156.0/24 maxlen: 24
210.2.157.0/24 maxlen: 24
210.2.158.0/24 maxlen: 24
210.2.159.0/24 maxlen: 24
210.2.160.0/20 maxlen: 21
210.2.160.0/24 maxlen: 24
210.2.161.0/24 maxlen: 24
210.2.162.0/24 maxlen: 24
210.2.163.0/24 maxlen: 24
210.2.164.0/24 maxlen: 24
210.2.165.0/24 maxlen: 24
210.2.166.0/24 maxlen: 24
210.2.167.0/24 maxlen: 24
210.2.168.0/24 maxlen: 24
210.2.169.0/24 maxlen: 24
210.2.170.0/24 maxlen: 24
210.2.171.0/24 maxlen: 24
210.2.172.0/24 maxlen: 24
210.2.173.0/24 maxlen: 24
210.2.174.0/24 maxlen: 24
210.2.175.0/24 maxlen: 24
210.2.176.0/20 maxlen: 22
210.2.176.0/24 maxlen: 24
210.2.177.0/24 maxlen: 24
210.2.178.0/24 maxlen: 24
210.2.179.0/24 maxlen: 24
210.2.180.0/24 maxlen: 24
210.2.181.0/24 maxlen: 24
210.2.182.0/24 maxlen: 24
210.2.183.0/24 maxlen: 24
210.2.184.0/24 maxlen: 24
210.2.185.0/24 maxlen: 24
210.2.186.0/24 maxlen: 24
210.2.187.0/24 maxlen: 24
210.2.188.0/24 maxlen: 24
210.2.189.0/24 maxlen: 24
210.2.190.0/24 maxlen: 24
210.2.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9165568/BD1A95D21D8711E29BE3E6DF08B02CD2/Zwl-SS9z1tvTH6AWotW1uGqbP9g.crl
rsync://rpki.apnic.net/member_repository/A9165568/BD1A95D21D8711E29BE3E6DF08B02CD2/Zwl-SS9z1tvTH6AWotW1uGqbP9g.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zwl-SS9z1tvTH6AWotW1uGqbP9g.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:08:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7578 (0x1d9a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9165568, serialNumber=67097E492F73D6DBD31FA016A2D5B5B86A9B3FD8
Validity
Not Before: Nov 4 15:00:38 2025 GMT
Not After : Jan 31 00:00:00 2027 GMT
Subject: CN=69a48507-5100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:99:9f:1f:29:09:d4:77:f0:eb:2e:ca:28:a2:
b4:f1:fb:a0:8a:25:76:3e:4b:b8:73:93:8e:70:a7:
52:40:2f:72:ca:b9:28:c4:fc:63:2a:10:15:01:8b:
3d:2a:d1:75:01:ce:68:66:e4:61:21:67:97:65:0f:
82:ee:d5:6b:e8:70:c2:15:5b:1c:c6:3c:b6:77:68:
94:8b:52:24:4b:2f:03:c8:32:39:66:4c:a8:9b:17:
34:09:db:33:d8:2f:b4:d0:ba:01:04:bf:d1:bb:9f:
b6:d5:ce:6d:c1:ed:82:bd:c0:32:ae:e3:01:66:1a:
7d:83:c7:a2:69:06:02:36:43:99:5b:94:15:46:07:
0c:6c:d8:9d:51:dc:d0:6f:bf:85:2e:a4:81:28:e5:
bd:97:94:7b:5d:14:ed:1d:f3:17:36:dd:32:bf:03:
ac:90:67:fd:63:4c:39:8f:05:99:7b:2f:3f:5b:ec:
e3:b2:2a:59:ed:d9:81:ff:28:10:70:94:02:27:cb:
67:16:86:ef:65:70:64:68:85:3c:bf:01:69:d9:64:
60:92:9a:65:0e:86:0c:e8:43:17:65:b3:aa:1f:64:
8e:4b:13:e9:8b:47:85:63:1e:27:17:ee:c7:16:7a:
6e:82:80:96:0f:92:e6:83:26:e8:aa:f5:3b:56:1e:
bd:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:C1:CE:29:47:92:49:E0:1E:C5:24:84:04:0B:19:3B:5E:4D:67:98
X509v3 Authority Key Identifier:
keyid:67:09:7E:49:2F:73:D6:DB:D3:1F:A0:16:A2:D5:B5:B8:6A:9B:3F:D8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9165568/BD1A95D21D8711E29BE3E6DF08B02CD2/Zwl-SS9z1tvTH6AWotW1uGqbP9g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zwl-SS9z1tvTH6AWotW1uGqbP9g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9165568/BD1A95D21D8711E29BE3E6DF08B02CD2/084044FC19AC11EB8759456DC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
202.61.56.0/21
202.147.160.0/19
202.154.224.0/19
203.223.160.0/20
210.2.128.0/18
Signature Algorithm: sha256WithRSAEncryption
6d:92:75:64:ea:b3:ac:f2:a5:ce:64:0f:08:71:1a:fa:8a:a1:
84:03:2c:33:f2:9f:29:bd:1f:ef:20:4f:a6:f8:40:6f:19:97:
3e:93:b7:2f:de:19:97:78:c6:fe:79:57:c9:ad:9e:e9:8c:34:
8f:8c:ba:64:73:cf:ce:87:97:d2:4a:a9:30:d0:a6:23:87:06:
d3:de:6c:f3:1c:9d:67:62:2e:2e:de:8e:b3:62:4f:95:32:55:
f6:dd:be:f1:00:45:4a:5b:be:d5:c5:c3:89:71:86:94:8a:eb:
b5:e7:1f:d4:63:9c:96:f7:9b:d4:b7:fa:5d:1e:f9:65:a1:01:
db:53:69:db:7e:48:42:28:72:1f:1b:40:64:03:5c:97:31:03:
6c:34:48:3a:f7:fb:8f:01:30:52:65:59:a5:32:98:3c:54:d0:
37:9b:9a:b7:eb:f2:2d:3c:7c:73:d0:88:d8:aa:e2:82:99:64:
22:2f:fb:d0:cb:fe:80:09:75:50:7c:0d:2f:0d:8d:70:96:ee:
e4:98:19:0d:b7:34:1d:38:c9:ee:df:af:d5:1a:a2:e9:2a:da:
27:16:ba:09:d1:57:34:c9:a4:07:cf:04:71:0e:c6:2d:b2:16:
12:b7:3f:c6:1d:0e:0a:90:f3:6f:f1:0c:27:78:0e:14:2c:dd:
50:31:c6:61
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgICHZowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjU1NjgxMTAvBgNVBAUTKDY3MDk3RTQ5MkY3M0Q2REJEMzFGQTAxNkEyRDVCNUI4
NkE5QjNGRDgwHhcNMjUxMTA0MTUwMDM4WhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODUwNy01MTAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvZmfHykJ1Hfw6y7KKKK08fugiiV2Pku4c5OOcKdSQC9yyrkoxPxjKhAVAYs9
KtF1Ac5oZuRhIWeXZQ+C7tVr6HDCFVscxjy2d2iUi1IkSy8DyDI5Zkyomxc0Cdsz
2C+00LoBBL/Ru5+21c5twe2CvcAyruMBZhp9g8eiaQYCNkOZW5QVRgcMbNidUdzQ
b7+FLqSBKOW9l5R7XRTtHfMXNt0yvwOskGf9Y0w5jwWZey8/W+zjsipZ7dmB/ygQ
cJQCJ8tnFobvZXBkaIU8vwFp2WRgkpplDoYM6EMXZbOqH2SOSxPpi0eFYx4nF+7H
FnpugoCWD5LmgyboqvU7Vh69oQIDAQABo4ICeDCCAnQwHQYDVR0OBBYEFJjBzilH
kkngHsUkhAQLGTteTWeYMB8GA1UdIwQYMBaAFGcJfkkvc9bb0x+gFqLVtbhqmz/Y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTU2OC9CRDFBOTVEMjFE
ODcxMUUyOUJFM0U2REYwOEIwMkNEMi9ad2wtU1M5ejF0dlRINkFXb3RXMXVHcWJQ
OWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1p3bC1TUzl6MXR2VEg2QVdvdFcxdUdxYlA5Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjU1NjgvQkQxQTk1RDIxRDg3MTFFMjlCRTNFNkRGMDhCMDJDRDIvMDg0MDQ0RkMx
OUFDMTFFQjg3NTk0NTZEQzRGOUFFMDIucm9hMDcGCCsGAQUFBwEHAQH/BCgwJjAk
BAIAATAeAwQDyj04AwQFypOgAwQFyprgAwQEy9+gAwQG0gKAMA0GCSqGSIb3DQEB
CwUAA4IBAQBtknVk6rOs8qXOZA8IcRr6iqGEAywz8p8pvR/vIE+m+EBvGZc+k7cv
3hmXeMb+eVfJrZ7pjDSPjLpkc8/Oh5fSSqkw0KYjhwbT3mzzHJ1nYi4u3o6zYk+V
MlX23b7xAEVKW77VxcOJcYaUiuu15x/UY5yW95vUt/pdHvlloQHbU2nbfkhCKHIf
G0BkA1yXMQNsNEg69/uPATBSZVmlMpg8VNA3m5q36/ItPHxz0IjYquKCmWQiL/vQ
y/6ACXVQfA0vDY1wlu7kmBkNtzQdOMnu36/VGqLpKtonFroJ0Vc0yaQHzwRxDsYt
shYStz/GHQ4KkPNv8QwneA4ULN1QMcZh
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:18:54 2026 by rpki-client