Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/6AE44D5C3E4511F090A5C643C4F9AE02.roa
File: 6AE44D5C3E4511F090A5C643C4F9AE02.roa (raw, json)
Hash identifier: GpIlPzjXhUM0zJ+cM7pnn7EyYVYFkBP5Hh3rm33qqKU=
Subject key identifier: F1:8D:CA:CE:A7:1E:E0:EE:E7:B1:0E:38:E1:78:BE:1C:D3:9F:F4:88
Certificate issuer: /CN=A91657DD/serialNumber=FBBAC1656A0C63708BCCD60DC825E6C3191A719B
Certificate serial: 0FF3
Authority key identifier: FB:BA:C1:65:6A:0C:63:70:8B:CC:D6:0D:C8:25:E6:C3:19:1A:71:9B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-7rBZWoMY3CLzNYNyCXmwxkacZs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/6AE44D5C3E4511F090A5C643C4F9AE02.roa
Signing time: Sun 01 Mar 2026 16:27:16 +0000
ROA not before: Fri 19 Sep 2025 16:38:46 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 63996
IP address blocks: 45.120.112.0/22 maxlen: 24
103.60.172.0/22 maxlen: 24
103.205.68.0/22 maxlen: 24
192.144.86.0/23 maxlen: 24
203.95.220.0/22 maxlen: 24
2400:3240::/32 maxlen: 36
2400:3240:300::/40 maxlen: 40
2400:3240:a00::/40 maxlen: 48
2400:3240:a00::/64 maxlen: 64
2400:3240:7000::/42 maxlen: 48
2400:3240:7080::/42 maxlen: 42
2400:3240:7400::/42 maxlen: 42
2400:3240:7440::/42 maxlen: 42
2400:3240:8000::/48 maxlen: 48
2400:3240:9000::/43 maxlen: 43
2400:3240:9020::/43 maxlen: 43
2400:3240:9060::/43 maxlen: 43
2400:3240:9080::/43 maxlen: 43
2400:3240:90a0::/43 maxlen: 43
2400:3240:9100::/43 maxlen: 43
2400:3240:9120::/43 maxlen: 43
2400:3240:91a0::/43 maxlen: 43
2400:3240:91c0::/43 maxlen: 43
2400:3240:91e0::/43 maxlen: 43
2400:3240:9200::/43 maxlen: 43
2400:3240:9240::/43 maxlen: 48
2404:1380::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/-7rBZWoMY3CLzNYNyCXmwxkacZs.crl
rsync://rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/-7rBZWoMY3CLzNYNyCXmwxkacZs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-7rBZWoMY3CLzNYNyCXmwxkacZs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 03:08:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4083 (0xff3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91657DD, serialNumber=FBBAC1656A0C63708BCCD60DC825E6C3191A719B
Validity
Not Before: Sep 19 16:38:46 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=69a468e3-3b2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6f:7e:92:2f:f7:e2:5d:40:48:36:df:2e:50:
1b:b1:06:82:39:e0:d3:d2:fa:a6:23:99:2f:77:d6:
78:3f:b9:be:cd:60:2c:c4:b3:46:25:40:6b:1d:d9:
71:6f:14:1a:a3:8d:cb:10:1e:dc:4c:1b:1b:c7:57:
1e:a1:4f:06:23:66:57:d4:b5:22:0d:56:f4:ab:e9:
78:01:9d:f0:fb:1d:8e:cc:6f:54:f6:82:6b:dd:51:
9f:f1:be:9b:19:69:1f:6a:a3:83:93:df:a7:f1:07:
86:95:60:ac:07:ad:e5:a1:da:47:a5:e3:ff:62:10:
29:fb:17:15:0b:36:95:a5:a5:7a:28:19:7b:d4:8a:
75:f9:53:9a:a8:7c:ab:4f:f4:1c:f2:70:7f:49:47:
1f:fc:c1:8a:95:44:55:23:6e:cd:75:be:c6:78:3d:
eb:5d:af:21:d6:8e:7a:a5:7d:ce:f7:c1:a0:9c:c0:
dd:bf:2d:40:d7:01:f1:8a:df:83:26:d8:9a:75:0f:
62:08:3a:77:70:bd:79:65:02:8c:69:01:c5:30:72:
26:2d:29:6c:37:ee:34:85:ae:7a:c3:fd:02:8b:e9:
f3:c0:c2:5a:50:2a:f1:85:e4:37:5e:42:55:7b:a7:
36:c5:41:37:37:eb:31:48:cb:6e:ca:15:53:d4:49:
7a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:8D:CA:CE:A7:1E:E0:EE:E7:B1:0E:38:E1:78:BE:1C:D3:9F:F4:88
X509v3 Authority Key Identifier:
keyid:FB:BA:C1:65:6A:0C:63:70:8B:CC:D6:0D:C8:25:E6:C3:19:1A:71:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/-7rBZWoMY3CLzNYNyCXmwxkacZs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-7rBZWoMY3CLzNYNyCXmwxkacZs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91657DD/AD615F6E6E5611E9BD9B5E69C4F9AE02/6AE44D5C3E4511F090A5C643C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.120.112.0/22
103.60.172.0/22
103.205.68.0/22
192.144.86.0/23
203.95.220.0/22
IPv6:
2400:3240::/32
2404:1380::/32
Signature Algorithm: sha256WithRSAEncryption
69:93:8e:01:18:e2:f2:d9:c2:ca:0a:b3:95:e6:5c:fd:49:92:
ae:eb:1c:2d:4f:7f:4f:f3:d2:2d:3e:1a:e8:1f:de:de:02:ea:
a8:eb:87:48:b8:bd:88:0b:2f:55:07:16:9e:2e:66:fc:87:80:
aa:8b:c1:37:39:5f:f9:ab:82:a1:cb:53:80:37:f1:5e:11:ab:
ca:34:28:b5:27:77:de:67:73:e1:09:7b:70:a4:1c:52:f6:d7:
ad:ae:b0:1c:1a:45:f2:de:8b:26:1f:06:e5:51:2b:ed:66:a9:
4e:5f:83:e1:cf:27:d7:90:2d:87:43:77:9b:84:b1:ac:45:73:
e9:93:e3:81:c5:a6:9f:bd:ea:3a:6e:b8:65:5a:0b:03:05:60:
c7:3b:78:82:96:34:a8:ba:04:46:0d:eb:48:78:75:09:c5:4f:
4b:6a:cb:da:5a:d0:aa:6d:82:d4:81:93:34:c3:88:6b:04:ba:
be:d7:2e:5c:75:b5:dc:bf:0b:00:ae:9e:f9:1e:c8:0b:bb:57:
77:7f:c7:22:91:89:60:d2:a4:d9:52:79:c5:36:10:a1:5e:10:
c2:bf:34:d5:91:05:89:c1:6f:80:eb:c9:6e:46:ff:18:0d:6a:
3e:3a:96:2e:a8:57:bf:c6:f6:c5:c5:99:5e:34:9b:5f:ff:d1:
b7:e6:61:84
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgICD/MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjU3REQxMTAvBgNVBAUTKEZCQkFDMTY1NkEwQzYzNzA4QkNDRDYwREM4MjVFNkMz
MTkxQTcxOUIwHhcNMjUwOTE5MTYzODQ2WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NjhlMy0zYjJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvG9+ki/34l1ASDbfLlAbsQaCOeDT0vqmI5kvd9Z4P7m+zWAsxLNGJUBrHdlx
bxQao43LEB7cTBsbx1ceoU8GI2ZX1LUiDVb0q+l4AZ3w+x2OzG9U9oJr3VGf8b6b
GWkfaqODk9+n8QeGlWCsB63lodpHpeP/YhAp+xcVCzaVpaV6KBl71Ip1+VOaqHyr
T/Qc8nB/SUcf/MGKlURVI27Ndb7GeD3rXa8h1o56pX3O98GgnMDdvy1A1wHxit+D
JtiadQ9iCDp3cL15ZQKMaQHFMHImLSlsN+40ha56w/0Ci+nzwMJaUCrxheQ3XkJV
e6c2xUE3N+sxSMtuyhVT1El6UwIDAQABo4ICjjCCAoowHQYDVR0OBBYEFPGNys6n
HuDu57EOOOF4vhzTn/SIMB8GA1UdIwQYMBaAFPu6wWVqDGNwi8zWDcgl5sMZGnGb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTdERC9BRDYxNUY2RTZF
NTYxMUU5QkQ5QjVFNjlDNEY5QUUwMi8tN3JCWldvTVkzQ0x6TllOeUNYbXd4a2Fj
WnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy03ckJaV29NWTNDTHpOWU55Q1htd3hrYWNacy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjU3REQvQUQ2MTVGNkU2RTU2MTFFOUJEOUI1RTY5QzRGOUFFMDIvNkFFNDRENUMz
RTQ1MTFGMDkwQTVDNjQzQzRGOUFFMDIucm9hME0GCCsGAQUFBwEHAQH/BD4wPDAk
BAIAATAeAwQCLXhwAwQCZzysAwQCZ81EAwQBwJBWAwQCy1/cMBQEAgACMA4DBQAk
ADJAAwUAJAQTgDANBgkqhkiG9w0BAQsFAAOCAQEAaZOOARji8tnCygqzleZc/UmS
ruscLU9/T/PSLT4a6B/e3gLqqOuHSLi9iAsvVQcWni5m/IeAqovBNzlf+auCoctT
gDfxXhGryjQotSd33mdz4Ql7cKQcUvbXra6wHBpF8t6LJh8G5VEr7WapTl+D4c8n
15Ath0N3m4SxrEVz6ZPjgcWmn73qOm64ZVoLAwVgxzt4gpY0qLoERg3rSHh1CcVP
S2rL2lrQqm2C1IGTNMOIawS6vtcuXHW13L8LAK6e+R7IC7tXd3/HIpGJYNKk2VJ5
xTYQoV4Qwr801ZEFicFvgOvJbkb/GA1qPjqWLqhXv8b2xcWZXjSbX//Rt+ZhhA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:35:32 2026 by rpki-client