Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916A983/0E082E72CD0F11E89D9FF165C4F9AE02/429A130C13D811EEBE72B647C4F9AE02.roa
File: 429A130C13D811EEBE72B647C4F9AE02.roa (raw, json)
Hash identifier: YcNeOX0Z2+Cs+dGhhc9+O2DMKLTZ+Dv6Y6kIHhzrUIQ=
Subject key identifier: 01:45:3C:AB:96:49:28:19:56:53:AD:BA:99:1B:09:CF:30:38:BB:6D
Certificate issuer: /CN=A916A983/serialNumber=88D87B102F5C2771C367064E2049B68A903C71B5
Certificate serial: 13D4
Authority key identifier: 88:D8:7B:10:2F:5C:27:71:C3:67:06:4E:20:49:B6:8A:90:3C:71:B5
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iNh7EC9cJ3HDZwZOIEm2ipA8cbU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916A983/0E082E72CD0F11E89D9FF165C4F9AE02/429A130C13D811EEBE72B647C4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:00:19 +0000
ROA not before: Wed 06 Aug 2025 17:26:27 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 1221
IP address blocks: 137.147.0.0/16 maxlen: 16
138.130.0.0/16 maxlen: 16
138.217.0.0/16 maxlen: 16
139.130.0.0/16 maxlen: 16
139.134.0.0/16 maxlen: 16
139.168.0.0/16 maxlen: 16
143.238.0.0/16 maxlen: 16
144.130.0.0/15 maxlen: 15
144.130.0.0/17 maxlen: 17
144.130.144.0/20 maxlen: 20
144.130.160.0/19 maxlen: 19
144.130.192.0/18 maxlen: 18
144.131.0.0/16 maxlen: 16
144.132.0.0/14 maxlen: 14
144.136.0.0/15 maxlen: 15
144.139.0.0/16 maxlen: 16
144.140.0.0/16 maxlen: 16
147.69.0.0/16 maxlen: 16
149.135.0.0/16 maxlen: 16
165.228.0.0/16 maxlen: 16
192.67.84.0/24 maxlen: 24
192.70.219.0/24 maxlen: 24
192.73.66.0/24 maxlen: 24
192.74.139.0/24 maxlen: 24
192.74.140.0/22 maxlen: 26
192.74.144.0/20 maxlen: 20
192.74.160.0/19 maxlen: 19
192.74.192.0/20 maxlen: 20
192.74.208.0/24 maxlen: 24
192.82.143.0/24 maxlen: 24
192.111.105.0/24 maxlen: 24
192.131.27.0/24 maxlen: 24
192.131.28.0/23 maxlen: 23
192.131.30.0/24 maxlen: 24
192.148.116.0/22 maxlen: 22
192.148.120.0/21 maxlen: 21
192.148.128.0/19 maxlen: 19
192.148.160.0/22 maxlen: 22
192.148.164.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916A983/0E082E72CD0F11E89D9FF165C4F9AE02/iNh7EC9cJ3HDZwZOIEm2ipA8cbU.crl
rsync://rpki.apnic.net/member_repository/A916A983/0E082E72CD0F11E89D9FF165C4F9AE02/iNh7EC9cJ3HDZwZOIEm2ipA8cbU.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iNh7EC9cJ3HDZwZOIEm2ipA8cbU.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 14:59:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5076 (0x13d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916A983, serialNumber=88D87B102F5C2771C367064E2049B68A903C71B5
Validity
Not Before: Aug 6 17:26:27 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=69a470a3-9f0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:91:64:58:ae:4b:cd:12:29:62:b9:b8:11:c7:
d3:f9:46:0e:7e:ea:d5:00:97:cc:1d:ec:dc:a4:49:
91:10:83:ed:64:22:38:ae:3e:af:dd:72:87:6f:a8:
a5:8a:90:3d:db:9d:92:16:e3:6a:22:77:1a:69:c6:
9b:29:3f:c8:59:42:fa:c0:10:ac:5d:25:5d:81:14:
2b:96:ad:b8:d3:34:d7:b9:19:37:2f:df:f6:37:a4:
a9:4b:60:bf:a9:bb:b0:51:cf:bb:03:19:b1:2a:78:
aa:f5:4f:3c:20:30:ac:b5:6c:26:ed:bb:84:e6:ac:
62:38:e4:34:bf:d2:8d:86:f4:02:ac:bc:1d:e4:f9:
5a:75:73:96:e4:80:ff:9f:da:ee:18:87:0c:a4:0a:
0d:4b:4e:38:83:0e:37:79:99:dc:d2:81:c4:5a:85:
12:e4:d5:b1:bc:25:6a:89:b7:36:55:91:40:02:d1:
90:cc:86:2f:03:68:e7:63:bd:9c:81:57:8d:37:51:
68:1e:6a:30:0f:bf:b0:41:ca:64:22:da:87:e3:c8:
c0:f9:05:39:b5:a8:f2:c4:0e:58:7a:94:99:01:2c:
a3:9d:e4:8a:af:a9:2b:fb:68:00:e1:c2:d2:aa:24:
c1:e1:1d:42:00:a9:c8:71:4a:a5:58:d0:0c:c2:af:
c6:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:45:3C:AB:96:49:28:19:56:53:AD:BA:99:1B:09:CF:30:38:BB:6D
X509v3 Authority Key Identifier:
keyid:88:D8:7B:10:2F:5C:27:71:C3:67:06:4E:20:49:B6:8A:90:3C:71:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916A983/0E082E72CD0F11E89D9FF165C4F9AE02/iNh7EC9cJ3HDZwZOIEm2ipA8cbU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iNh7EC9cJ3HDZwZOIEm2ipA8cbU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916A983/0E082E72CD0F11E89D9FF165C4F9AE02/429A130C13D811EEBE72B647C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
137.147.0.0/16
138.130.0.0/16
138.217.0.0/16
139.130.0.0/16
139.134.0.0/16
139.168.0.0/16
143.238.0.0/16
144.130.0.0-144.137.255.255
144.139.0.0-144.140.255.255
147.69.0.0/16
149.135.0.0/16
165.228.0.0/16
192.67.84.0/24
192.70.219.0/24
192.73.66.0/24
192.74.139.0-192.74.208.255
192.82.143.0/24
192.111.105.0/24
192.131.27.0-192.131.30.255
192.148.116.0-192.148.165.255
Signature Algorithm: sha256WithRSAEncryption
8a:7a:62:fe:54:81:32:97:72:ee:17:d5:7f:d9:e5:de:5e:e8:
91:6f:b0:0e:a5:8e:37:c6:38:8a:b8:49:d4:9c:07:20:18:b8:
d0:0d:9a:32:d5:6b:d2:76:92:c5:3d:db:3e:bd:ed:8c:2a:b6:
f3:48:5a:00:e2:df:df:26:73:d8:8b:85:fe:40:d6:aa:bd:8c:
df:6a:c3:f1:e2:51:c3:77:54:b8:a8:4d:d4:33:7b:d9:4d:bf:
1d:42:c1:fc:33:04:0c:3b:df:be:cb:91:e5:c1:27:f8:f9:a6:
50:c2:5e:9a:cb:14:ae:3c:95:43:06:a2:50:39:4e:c9:e7:04:
dd:17:28:01:4e:91:52:52:fb:c8:41:b4:8f:c7:27:bd:d9:b2:
cd:bc:6c:57:73:5b:84:4f:0c:4c:ef:13:91:f1:b2:85:5f:a8:
99:53:18:62:51:f3:c8:5d:27:80:ec:0a:a7:dc:7d:76:42:37:
a5:40:b0:a6:1e:c4:b8:50:f6:0e:8e:22:2c:9b:4e:e9:0c:b4:
43:42:cb:25:b3:87:d2:95:d0:45:49:89:d2:ca:b3:ad:6c:5d:
64:15:ac:ce:c7:27:6e:75:d4:6f:bc:e9:6c:3b:06:e4:e0:53:
8b:0f:41:3b:6c:0d:2a:8c:8c:7c:3f:83:21:c3:ec:d4:a6:df:
48:b3:f3:b6
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgICE9QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkE5ODMxMTAvBgNVBAUTKDg4RDg3QjEwMkY1QzI3NzFDMzY3MDY0RTIwNDlCNjhB
OTAzQzcxQjUwHhcNMjUwODA2MTcyNjI3WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NzBhMy05ZjBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmpFkWK5LzRIpYrm4EcfT+UYOfurVAJfMHezcpEmREIPtZCI4rj6v3XKHb6il
ipA9252SFuNqIncaacabKT/IWUL6wBCsXSVdgRQrlq240zTXuRk3L9/2N6SpS2C/
qbuwUc+7AxmxKniq9U88IDCstWwm7buE5qxiOOQ0v9KNhvQCrLwd5PladXOW5ID/
n9ruGIcMpAoNS044gw43eZnc0oHEWoUS5NWxvCVqibc2VZFAAtGQzIYvA2jnY72c
gVeNN1FoHmowD7+wQcpkItqH48jA+QU5tajyxA5YepSZASyjneSKr6kr+2gA4cLS
qiTB4R1CAKnIcUqlWNAMwq/GPwIDAQABo4IC8TCCAu0wHQYDVR0OBBYEFAFFPKuW
SSgZVlOtupkbCc8wOLttMB8GA1UdIwQYMBaAFIjYexAvXCdxw2cGTiBJtoqQPHG1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QTk4My8wRTA4MkU3MkNE
MEYxMUU4OUQ5RkYxNjVDNEY5QUUwMi9pTmg3RUM5Y0ozSERad1pPSUVtMmlwQThj
YlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lOaDdFQzljSjNIRFp3Wk9JRW0yaXBBOGNiVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkE5ODMvMEUwODJFNzJDRDBGMTFFODlEOUZGMTY1QzRGOUFFMDIvNDI5QTEzMEMx
M0Q4MTFFRUJFNzJCNjQ3QzRGOUFFMDIucm9hMIGvBggrBgEFBQcBBwEB/wSBnzCB
nDCBmQQCAAEwgZIDAwCJkwMDAIqCAwMAitkDAwCLggMDAIuGAwMAi6gDAwCP7jAK
AwMBkIIDAwGQiDAKAwMAkIsDAwCQjAMDAJNFAwMAlYcDAwCl5AMEAMBDVAMEAMBG
2wMEAMBJQjAMAwQAwEqLAwQAwErQAwQAwFKPAwQAwG9pMAwDBADAgxsDBADAgx4w
DAMEAsCUdAMEAcCUpDANBgkqhkiG9w0BAQsFAAOCAQEAinpi/lSBMpdy7hfVf9nl
3l7okW+wDqWON8Y4irhJ1JwHIBi40A2aMtVr0naSxT3bPr3tjCq280haAOLf3yZz
2IuF/kDWqr2M32rD8eJRw3dUuKhN1DN72U2/HULB/DMEDDvfvsuR5cEn+PmmUMJe
mssUrjyVQwaiUDlOyecE3RcoAU6RUlL7yEG0j8cnvdmyzbxsV3NbhE8MTO8TkfGy
hV+omVMYYlHzyF0ngOwKp9x9dkI3pUCwph7EuFD2Do4iLJtO6Qy0Q0LLJbOH0pXQ
RUmJ0sqzrWxdZBWszscnbnXUb7zpbDsG5OBTiw9BO2wNKoyMfD+DIcPs1KbfSLPz
tg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:16:32 2026 by rpki-client