Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/EBD5A3CA6B8711EFB0476280C4F9AE02.roa
File: EBD5A3CA6B8711EFB0476280C4F9AE02.roa (raw, json)
Hash identifier: cGxsTZNON1GA2BIWFd005t/KHPlmZt4ABdaTGBmax7g=
Subject key identifier: D0:51:A8:25:DB:08:77:46:3C:7A:3C:0E:0E:DC:C3:F3:86:EE:D4:87
Certificate issuer: /CN=A91697FA/serialNumber=9F82DBC9466312C5BA2E921279302400956A982A
Certificate serial: 3695
Authority key identifier: 9F:82:DB:C9:46:63:12:C5:BA:2E:92:12:79:30:24:00:95:6A:98:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n4LbyUZjEsW6LpISeTAkAJVqmCo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/EBD5A3CA6B8711EFB0476280C4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:48:18 +0000
ROA not before: Thu 24 Jul 2025 14:50:43 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 7693
IP address blocks: 58.181.128.0/17 maxlen: 17
58.181.128.0/20 maxlen: 20
58.181.144.0/20 maxlen: 20
58.181.146.0/23 maxlen: 23
58.181.160.0/20 maxlen: 20
58.181.176.0/20 maxlen: 20
58.181.192.0/20 maxlen: 20
58.181.200.0/24 maxlen: 24
58.181.208.0/20 maxlen: 20
58.181.212.0/24 maxlen: 24
58.181.224.0/20 maxlen: 20
58.181.225.0/24 maxlen: 24
58.181.240.0/20 maxlen: 20
58.181.248.0/23 maxlen: 23
58.181.252.0/22 maxlen: 22
103.19.104.0/22 maxlen: 22
202.44.144.0/24 maxlen: 24
202.149.96.0/19 maxlen: 19
202.149.96.0/20 maxlen: 20
202.149.112.0/20 maxlen: 20
203.107.128.0/17 maxlen: 17
203.107.128.0/20 maxlen: 20
203.107.129.0/24 maxlen: 24
203.107.130.0/24 maxlen: 24
203.107.144.0/20 maxlen: 20
203.107.160.0/20 maxlen: 20
203.107.176.0/20 maxlen: 20
203.107.192.0/20 maxlen: 20
203.107.192.0/24 maxlen: 24
203.107.208.0/20 maxlen: 20
203.107.224.0/20 maxlen: 20
203.107.231.0/24 maxlen: 24
203.107.240.0/20 maxlen: 20
203.107.255.0/24 maxlen: 24
203.155.0.0/16 maxlen: 16
203.155.0.0/20 maxlen: 20
203.155.0.0/23 maxlen: 23
203.155.16.0/20 maxlen: 20
203.155.32.0/20 maxlen: 20
203.155.42.0/24 maxlen: 24
203.155.48.0/20 maxlen: 20
203.155.54.0/23 maxlen: 23
203.155.64.0/20 maxlen: 20
203.155.66.0/24 maxlen: 24
203.155.80.0/20 maxlen: 20
203.155.96.0/20 maxlen: 20
203.155.112.0/20 maxlen: 20
203.155.128.0/20 maxlen: 20
203.155.144.0/20 maxlen: 20
203.155.160.0/20 maxlen: 20
203.155.176.0/20 maxlen: 20
203.155.192.0/20 maxlen: 20
203.155.208.0/20 maxlen: 20
203.155.219.0/24 maxlen: 24
203.155.224.0/20 maxlen: 20
203.155.240.0/20 maxlen: 20
203.155.253.0/24 maxlen: 24
203.155.255.0/24 maxlen: 24
203.188.0.0/18 maxlen: 18
203.188.0.0/20 maxlen: 24
203.188.32.0/20 maxlen: 24
203.195.96.0/20 maxlen: 20
203.195.105.0/24 maxlen: 24
203.209.0.0/18 maxlen: 18
203.209.0.0/20 maxlen: 20
203.209.16.0/20 maxlen: 20
203.209.32.0/20 maxlen: 20
203.209.48.0/20 maxlen: 20
203.209.64.0/18 maxlen: 18
203.209.64.0/20 maxlen: 20
203.209.75.0/24 maxlen: 24
203.209.80.0/20 maxlen: 20
203.209.93.0/24 maxlen: 24
203.209.96.0/20 maxlen: 20
203.209.112.0/20 maxlen: 20
203.209.122.0/24 maxlen: 24
203.209.123.0/24 maxlen: 24
203.209.125.0/24 maxlen: 24
2405:a000::/32 maxlen: 32
2405:a000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/n4LbyUZjEsW6LpISeTAkAJVqmCo.crl
rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/n4LbyUZjEsW6LpISeTAkAJVqmCo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n4LbyUZjEsW6LpISeTAkAJVqmCo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 14:23:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13973 (0x3695)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91697FA, serialNumber=9F82DBC9466312C5BA2E921279302400956A982A
Validity
Not Before: Jul 24 14:50:43 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=69a489f2-6b77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:42:57:de:28:c8:bc:b3:16:b2:11:2b:eb:35:
99:b9:d7:38:fb:14:a7:5d:5a:ec:b4:15:45:a1:ff:
f3:f7:28:8f:b9:63:3c:d7:28:88:c2:91:0f:e7:41:
7c:aa:28:0e:81:b5:85:8b:5f:c4:ea:66:6e:cf:19:
d3:36:10:9e:23:34:60:6a:6a:69:de:6b:41:db:d9:
a5:df:d1:5a:09:17:ad:59:04:24:4e:14:9a:38:52:
bd:c2:1d:06:28:f5:58:48:b1:b2:93:98:ca:cf:00:
62:cc:6f:96:13:f8:dc:79:ef:45:06:cd:99:eb:94:
12:47:2c:57:3b:64:91:62:25:c8:95:09:d5:4d:9c:
bc:63:b3:c7:d3:d3:1b:17:23:7c:81:83:23:9e:15:
67:86:b3:cb:9b:c5:5f:bb:13:b1:35:fc:b8:24:14:
2b:81:f2:2b:82:1a:24:e9:51:60:9a:98:ad:07:81:
d4:16:b3:cb:97:90:70:ac:38:c5:e0:58:0f:89:78:
4d:40:b8:10:80:9a:93:ea:63:f4:ef:06:09:c6:18:
64:21:09:d6:1e:a9:48:bf:f8:9c:5f:38:00:2a:ff:
49:9f:5c:a9:09:08:6c:8d:39:15:c6:b2:36:4a:e8:
a1:f1:16:0b:28:24:05:5d:ad:01:36:6f:5f:21:49:
b1:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:51:A8:25:DB:08:77:46:3C:7A:3C:0E:0E:DC:C3:F3:86:EE:D4:87
X509v3 Authority Key Identifier:
keyid:9F:82:DB:C9:46:63:12:C5:BA:2E:92:12:79:30:24:00:95:6A:98:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/n4LbyUZjEsW6LpISeTAkAJVqmCo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n4LbyUZjEsW6LpISeTAkAJVqmCo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/EBD5A3CA6B8711EFB0476280C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
58.181.128.0/17
103.19.104.0/22
202.44.144.0/24
202.149.96.0/19
203.107.128.0/17
203.155.0.0/16
203.188.0.0/18
203.195.96.0/20
203.209.0.0/17
IPv6:
2405:a000::/32
Signature Algorithm: sha256WithRSAEncryption
22:8f:df:d8:ed:cc:1e:5f:f0:3a:37:47:70:ce:18:78:db:ff:
b6:c0:06:26:f9:23:c5:7b:6c:eb:45:b9:39:29:e1:c5:8d:5a:
7f:96:10:ee:39:e5:6f:95:29:e1:b2:e1:be:9b:63:00:9b:e9:
1c:a2:51:38:28:aa:3b:a4:cd:92:17:d6:58:95:a2:09:b3:4e:
d2:f2:cd:9e:1d:d1:a1:31:62:2e:44:59:9b:40:51:85:cd:17:
b9:45:35:bc:90:9e:10:ea:a1:4c:30:3c:d3:b2:eb:75:96:24:
48:16:50:be:d9:cf:03:c1:81:57:85:53:90:eb:63:42:13:b6:
8b:d0:eb:ca:00:3d:b5:75:39:df:74:10:14:37:38:9b:8c:95:
40:5e:7a:dd:95:ee:39:8a:2e:73:89:96:10:fc:ce:d2:39:62:
aa:7e:1d:31:ba:10:cf:75:9f:33:81:a4:e2:b7:b3:25:08:e5:
23:1e:a4:d0:2c:7f:d0:d8:6a:16:e1:0a:7c:e4:cc:71:93:02:
01:b7:f5:15:59:aa:39:66:49:c2:fe:57:72:ab:cf:b7:af:f4:
29:65:36:49:98:29:4f:8a:ac:00:ff:ad:d7:a7:2a:a4:2e:50:
0f:cd:1b:d6:5e:4f:0d:84:a6:9c:ee:d9:aa:48:1b:06:71:99:
70:71:07:fe
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgICNpUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Njk3RkExMTAvBgNVBAUTKDlGODJEQkM5NDY2MzEyQzVCQTJFOTIxMjc5MzAyNDAw
OTU2QTk4MkEwHhcNMjUwNzI0MTQ1MDQzWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODlmMi02Yjc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs0JX3ijIvLMWshEr6zWZudc4+xSnXVrstBVFof/z9yiPuWM81yiIwpEP50F8
qigOgbWFi1/E6mZuzxnTNhCeIzRgampp3mtB29ml39FaCRetWQQkThSaOFK9wh0G
KPVYSLGyk5jKzwBizG+WE/jcee9FBs2Z65QSRyxXO2SRYiXIlQnVTZy8Y7PH09Mb
FyN8gYMjnhVnhrPLm8VfuxOxNfy4JBQrgfIrghok6VFgmpitB4HUFrPLl5BwrDjF
4FgPiXhNQLgQgJqT6mP07wYJxhhkIQnWHqlIv/icXzgAKv9Jn1ypCQhsjTkVxrI2
Suih8RYLKCQFXa0BNm9fIUmxUQIDAQABo4ICnjCCApowHQYDVR0OBBYEFNBRqCXb
CHdGPHo8Dg7cw/OG7tSHMB8GA1UdIwQYMBaAFJ+C28lGYxLFui6SEnkwJACVapgq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OTdGQS8yN0Y4M0I3MDFE
ODMxMUUyOTMyOTIxRDgwOEIwMkNEMi9uNExieVVaakVzVzZMcElTZVRBa0FKVnFt
Q28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL240TGJ5VVpqRXNXNkxwSVNlVEFrQUpWcW1Dby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Njk3RkEvMjdGODNCNzAxRDgzMTFFMjkzMjkyMUQ4MDhCMDJDRDIvRUJENUEzQ0E2
Qjg3MTFFRkIwNDc2MjgwQzRGOUFFMDIucm9hMF0GCCsGAQUFBwEHAQH/BE4wTDA7
BAIAATA1AwQHOrWAAwQCZxNoAwQAyiyQAwQFypVgAwQHy2uAAwMAy5sDBAbLvAAD
BATLw2ADBAfL0QAwDQQCAAIwBwMFACQFoAAwDQYJKoZIhvcNAQELBQADggEBACKP
39jtzB5f8Do3R3DOGHjb/7bABib5I8V7bOtFuTkp4cWNWn+WEO455W+VKeGy4b6b
YwCb6RyiUTgoqjukzZIX1liVogmzTtLyzZ4d0aExYi5EWZtAUYXNF7lFNbyQnhDq
oUwwPNOy63WWJEgWUL7ZzwPBgVeFU5DrY0ITtovQ68oAPbV1Od90EBQ3OJuMlUBe
et2V7jmKLnOJlhD8ztI5Yqp+HTG6EM91nzOBpOK3syUI5SMepNAsf9DYahbhCnzk
zHGTAgG39RVZqjlmScL+V3Krz7ev9CllNkmYKU+KrAD/rdenKqQuUA/NG9ZeTw2E
ppzu2apIGwZxmXBxB/4=
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:25:03 2026 by rpki-client