Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/EBD5A3CA6B8711EFB0476280C4F9AE02.roa
File: EBD5A3CA6B8711EFB0476280C4F9AE02.roa (raw, json)
Hash identifier: BZKoDF/7kTMYC8p2F7sy+ku+IsTTX9iqMyQIA+SIbiY=
Subject key identifier: ED:22:B2:D2:AE:4B:D7:25:9A:69:4C:39:2F:2E:18:2F:29:4F:6A:36
Certificate issuer: /CN=A91697FA/serialNumber=9F82DBC9466312C5BA2E921279302400956A982A
Certificate serial: 36AC
Authority key identifier: 9F:82:DB:C9:46:63:12:C5:BA:2E:92:12:79:30:24:00:95:6A:98:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n4LbyUZjEsW6LpISeTAkAJVqmCo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/EBD5A3CA6B8711EFB0476280C4F9AE02.roa
Signing time: Tue 07 Apr 2026 04:36:05 +0000
ROA not before: Tue 07 Apr 2026 04:36:05 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 7693
IP address blocks: 58.181.128.0/17 maxlen: 17
58.181.128.0/20 maxlen: 20
58.181.144.0/20 maxlen: 20
58.181.146.0/23 maxlen: 23
58.181.160.0/20 maxlen: 20
58.181.176.0/20 maxlen: 20
58.181.192.0/20 maxlen: 20
58.181.200.0/24 maxlen: 24
58.181.208.0/20 maxlen: 20
58.181.212.0/24 maxlen: 24
58.181.224.0/20 maxlen: 20
58.181.225.0/24 maxlen: 24
58.181.240.0/20 maxlen: 20
58.181.248.0/23 maxlen: 23
58.181.252.0/22 maxlen: 22
103.19.104.0/22 maxlen: 22
202.44.144.0/24 maxlen: 24
202.149.96.0/19 maxlen: 19
202.149.96.0/20 maxlen: 20
202.149.112.0/20 maxlen: 20
203.107.128.0/17 maxlen: 17
203.107.128.0/20 maxlen: 20
203.107.129.0/24 maxlen: 24
203.107.130.0/24 maxlen: 24
203.107.144.0/20 maxlen: 20
203.107.160.0/20 maxlen: 20
203.107.176.0/20 maxlen: 20
203.107.192.0/20 maxlen: 20
203.107.192.0/24 maxlen: 24
203.107.208.0/20 maxlen: 20
203.107.224.0/20 maxlen: 20
203.107.231.0/24 maxlen: 24
203.107.240.0/20 maxlen: 20
203.107.255.0/24 maxlen: 24
203.155.0.0/16 maxlen: 16
203.155.0.0/20 maxlen: 20
203.155.0.0/23 maxlen: 23
203.155.16.0/20 maxlen: 20
203.155.32.0/20 maxlen: 20
203.155.42.0/24 maxlen: 24
203.155.48.0/20 maxlen: 20
203.155.54.0/23 maxlen: 23
203.155.64.0/20 maxlen: 20
203.155.66.0/24 maxlen: 24
203.155.77.0/24 maxlen: 24
203.155.80.0/20 maxlen: 20
203.155.96.0/20 maxlen: 20
203.155.112.0/20 maxlen: 20
203.155.128.0/20 maxlen: 20
203.155.144.0/20 maxlen: 20
203.155.160.0/20 maxlen: 20
203.155.176.0/20 maxlen: 20
203.155.192.0/20 maxlen: 20
203.155.208.0/20 maxlen: 20
203.155.219.0/24 maxlen: 24
203.155.224.0/20 maxlen: 20
203.155.240.0/20 maxlen: 20
203.155.253.0/24 maxlen: 24
203.155.255.0/24 maxlen: 24
203.188.0.0/18 maxlen: 18
203.188.0.0/20 maxlen: 24
203.188.32.0/20 maxlen: 24
203.195.96.0/20 maxlen: 20
203.195.105.0/24 maxlen: 24
203.209.0.0/18 maxlen: 18
203.209.0.0/20 maxlen: 20
203.209.16.0/20 maxlen: 20
203.209.32.0/20 maxlen: 20
203.209.48.0/20 maxlen: 20
203.209.64.0/18 maxlen: 18
203.209.64.0/20 maxlen: 20
203.209.75.0/24 maxlen: 24
203.209.80.0/20 maxlen: 20
203.209.93.0/24 maxlen: 24
203.209.96.0/20 maxlen: 20
203.209.112.0/20 maxlen: 20
203.209.122.0/24 maxlen: 24
203.209.123.0/24 maxlen: 24
203.209.125.0/24 maxlen: 24
2405:a000::/32 maxlen: 32
2405:a000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/n4LbyUZjEsW6LpISeTAkAJVqmCo.crl
rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/n4LbyUZjEsW6LpISeTAkAJVqmCo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n4LbyUZjEsW6LpISeTAkAJVqmCo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Apr 2026 14:22:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13996 (0x36ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91697FA, serialNumber=9F82DBC9466312C5BA2E921279302400956A982A
Validity
Not Before: Apr 7 04:36:05 2026 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=69d489b5-4a30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:63:f4:2f:b2:be:04:ef:af:83:38:38:80:ad:
83:fe:33:0a:73:ac:5e:4d:e2:fc:a1:58:34:67:7f:
e3:a0:9a:a3:a6:27:e1:a4:8d:84:b1:2b:4e:07:13:
f7:dd:a7:29:ca:ee:74:1e:a9:ad:f5:bc:0d:3a:70:
ac:02:99:a3:22:3e:7e:44:9d:be:b2:ee:2c:cd:c1:
af:54:c5:b8:58:1b:bf:df:c1:10:65:03:a8:94:c0:
8e:5e:a4:f9:c7:71:69:35:41:2f:2f:cc:a4:ee:24:
b1:8f:60:e0:81:58:4e:0e:8e:62:98:51:33:cc:21:
7e:0f:2a:63:0f:09:9f:2a:f5:bf:ba:a5:89:72:4c:
74:14:73:be:4a:73:be:fc:7b:c9:94:86:49:7e:7b:
76:42:0d:2c:fb:53:4d:f2:71:9e:0c:be:4c:5e:9f:
bb:2b:ae:b9:43:66:cf:aa:9c:74:46:b5:b8:fe:6d:
98:d4:4b:f5:a8:1c:bb:71:e9:d0:f5:ec:0b:ed:31:
9f:93:91:ad:b5:81:de:93:6b:63:c0:bc:f4:c1:a0:
4f:4d:34:68:32:d5:db:d8:b7:90:38:41:fa:00:cd:
31:da:f1:59:f7:5f:10:d3:d7:c7:33:09:c0:72:17:
43:56:5f:bf:e5:7a:bb:67:8e:16:e7:32:57:d7:8c:
a9:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:22:B2:D2:AE:4B:D7:25:9A:69:4C:39:2F:2E:18:2F:29:4F:6A:36
X509v3 Authority Key Identifier:
keyid:9F:82:DB:C9:46:63:12:C5:BA:2E:92:12:79:30:24:00:95:6A:98:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/n4LbyUZjEsW6LpISeTAkAJVqmCo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n4LbyUZjEsW6LpISeTAkAJVqmCo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/EBD5A3CA6B8711EFB0476280C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
58.181.128.0/17
103.19.104.0/22
202.44.144.0/24
202.149.96.0/19
203.107.128.0/17
203.155.0.0/16
203.188.0.0/18
203.195.96.0/20
203.209.0.0/17
IPv6:
2405:a000::/32
Signature Algorithm: sha256WithRSAEncryption
13:71:90:33:ef:83:20:f4:cb:33:40:fa:0f:1d:bc:c9:47:3f:
8a:00:c7:fb:59:b4:ea:c0:da:4e:9c:2a:21:1a:c0:24:c3:92:
eb:92:a0:51:05:c9:d5:23:98:62:d4:ef:90:f4:cb:fa:12:14:
b6:ca:91:78:c5:df:55:b6:b1:be:03:be:93:65:b9:fc:80:ae:
87:2a:1f:4d:cd:c7:73:4a:b9:33:08:15:f0:d8:6c:5f:cd:a4:
07:e7:49:b1:31:22:a9:20:b0:19:3e:36:92:74:f5:90:53:bf:
0f:07:7a:ea:8b:ce:f0:38:b7:64:76:ff:33:d8:d6:8e:54:b9:
79:ec:e9:18:f1:fe:5c:3c:98:99:55:02:f1:f2:ae:8f:fc:30:
2d:ab:d8:19:d5:6f:ba:c1:b7:f2:59:c9:74:ce:e0:3d:cf:77:
16:75:e8:c4:ed:21:f1:11:2c:e8:60:59:70:81:5a:03:4b:1d:
46:24:7c:b3:c1:92:d7:6d:d0:0a:6b:00:6b:c4:18:b7:87:ef:
f7:c6:99:79:54:ba:87:14:35:f9:d0:d8:8e:01:d8:9e:ba:ea:
35:c1:1b:d6:12:b3:59:7e:df:b0:4a:c9:62:9a:cc:99:a8:60:
31:46:12:49:35:2f:a1:cd:c5:92:40:f2:20:4e:45:e7:f1:29:
66:ad:df:cd
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgICNqwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Njk3RkExMTAvBgNVBAUTKDlGODJEQkM5NDY2MzEyQzVCQTJFOTIxMjc5MzAyNDAw
OTU2QTk4MkEwHhcNMjYwNDA3MDQzNjA1WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWQ0ODliNS00YTMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4GP0L7K+BO+vgzg4gK2D/jMKc6xeTeL8oVg0Z3/joJqjpifhpI2EsStOBxP3
3acpyu50Hqmt9bwNOnCsApmjIj5+RJ2+su4szcGvVMW4WBu/38EQZQOolMCOXqT5
x3FpNUEvL8yk7iSxj2DggVhODo5imFEzzCF+DypjDwmfKvW/uqWJckx0FHO+SnO+
/HvJlIZJfnt2Qg0s+1NN8nGeDL5MXp+7K665Q2bPqpx0RrW4/m2Y1Ev1qBy7cenQ
9ewL7TGfk5GttYHek2tjwLz0waBPTTRoMtXb2LeQOEH6AM0x2vFZ918Q09fHMwnA
chdDVl+/5Xq7Z44W5zJX14ypiwIDAQABo4ICnjCCApowHQYDVR0OBBYEFO0istKu
S9clmmlMOS8uGC8pT2o2MB8GA1UdIwQYMBaAFJ+C28lGYxLFui6SEnkwJACVapgq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OTdGQS8yN0Y4M0I3MDFE
ODMxMUUyOTMyOTIxRDgwOEIwMkNEMi9uNExieVVaakVzVzZMcElTZVRBa0FKVnFt
Q28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL240TGJ5VVpqRXNXNkxwSVNlVEFrQUpWcW1Dby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Njk3RkEvMjdGODNCNzAxRDgzMTFFMjkzMjkyMUQ4MDhCMDJDRDIvRUJENUEzQ0E2
Qjg3MTFFRkIwNDc2MjgwQzRGOUFFMDIucm9hMF0GCCsGAQUFBwEHAQH/BE4wTDA7
BAIAATA1AwQHOrWAAwQCZxNoAwQAyiyQAwQFypVgAwQHy2uAAwMAy5sDBAbLvAAD
BATLw2ADBAfL0QAwDQQCAAIwBwMFACQFoAAwDQYJKoZIhvcNAQELBQADggEBABNx
kDPvgyD0yzNA+g8dvMlHP4oAx/tZtOrA2k6cKiEawCTDkuuSoFEFydUjmGLU75D0
y/oSFLbKkXjF31W2sb4DvpNlufyArocqH03Nx3NKuTMIFfDYbF/NpAfnSbExIqkg
sBk+NpJ09ZBTvw8HeuqLzvA4t2R2/zPY1o5UuXns6Rjx/lw8mJlVAvHyro/8MC2r
2BnVb7rBt/JZyXTO4D3PdxZ16MTtIfERLOhgWXCBWgNLHUYkfLPBktdt0AprAGvE
GLeH7/fGmXlUuocUNfnQ2I4B2J666jXBG9YSs1l+37BKyWKazJmoYDFGEkk1L6HN
xZJA8iBORefxKWat380=
-----END CERTIFICATE-----
Generated at Sat Apr 18 02:47:09 2026 by rpki-client