Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/AA00C86E327B11F1A7DE805FC2833773.roa
File: AA00C86E327B11F1A7DE805FC2833773.roa (raw, json)
Hash identifier: yfzUF1OIDydSiI7MM80l9hoDI0SgJr/IDCI8AilKpfQ=
Subject key identifier: 90:36:BE:25:E9:2F:A3:2E:01:4F:2C:8C:67:94:BE:BC:4A:2E:A5:2C
Certificate issuer: /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Certificate serial: 3B5C
Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/AA00C86E327B11F1A7DE805FC2833773.roa
Signing time: Tue 07 Apr 2026 19:06:57 +0000
ROA not before: Tue 07 Apr 2026 19:06:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 111.88.8.0/22 maxlen: 24
111.88.12.0/22 maxlen: 24
111.88.16.0/20 maxlen: 24
111.88.32.0/20 maxlen: 24
111.88.48.0/20 maxlen: 24
111.88.64.0/21 maxlen: 24
111.88.72.0/22 maxlen: 24
111.88.78.0/24 maxlen: 24
111.88.80.0/20 maxlen: 24
111.88.168.0/24 maxlen: 24
111.88.169.0/24 maxlen: 24
115.186.2.0/23 maxlen: 24
115.186.4.0/22 maxlen: 24
115.186.8.0/23 maxlen: 24
115.186.36.0/24 maxlen: 24
115.186.37.0/24 maxlen: 24
115.186.40.0/24 maxlen: 24
115.186.42.0/24 maxlen: 24
115.186.43.0/24 maxlen: 24
115.186.44.0/23 maxlen: 23
115.186.46.0/24 maxlen: 24
115.186.52.0/22 maxlen: 24
115.186.62.0/23 maxlen: 24
115.186.76.0/22 maxlen: 24
115.186.80.0/21 maxlen: 24
115.186.104.0/24 maxlen: 24
117.102.48.0/22 maxlen: 24
117.102.52.0/22 maxlen: 24
117.102.56.0/22 maxlen: 24
117.102.60.0/22 maxlen: 24
203.81.224.0/22 maxlen: 24
203.81.228.0/24 maxlen: 24
203.81.229.0/24 maxlen: 24
203.81.231.0/24 maxlen: 24
203.81.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl
rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Apr 2026 14:30:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15196 (0x3b5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C83B, serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Validity
Not Before: Apr 7 19:06:57 2026 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69d555d1-9272
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:a1:13:f5:05:98:d3:cf:21:93:98:0a:1b:4c:
1f:8d:31:d2:9f:b8:8f:c8:64:75:8f:c6:61:de:7f:
c0:14:24:41:10:25:13:05:ff:98:19:3c:28:ba:ef:
16:90:d7:d5:ff:ff:51:8f:a6:bf:cf:4a:48:17:d8:
14:f5:8f:db:a9:22:81:cd:71:15:9d:fb:08:c4:ad:
b8:d8:01:d2:fc:eb:04:ad:69:96:74:05:38:c9:cf:
47:46:8c:62:6c:bf:54:38:55:7c:e5:99:d8:2f:48:
6d:93:93:1e:c3:c8:e6:54:1e:b0:e2:e7:7f:dd:df:
26:d3:19:38:9d:7e:bf:d0:1a:a5:91:d3:99:78:af:
4b:22:ac:f7:76:f0:0e:92:19:32:6f:58:21:9e:5c:
17:a5:31:a2:c4:03:b6:90:c2:72:4e:a8:8f:6f:d7:
26:83:21:4b:fa:b4:99:c4:ed:e6:af:64:5f:c6:d2:
bc:5e:f3:2e:bc:fd:23:ed:01:a3:42:fd:46:b8:02:
ee:d1:4a:48:78:02:2e:c0:17:bc:81:05:72:82:5f:
53:04:d5:4f:a4:5b:31:95:0c:60:03:c1:1e:16:d0:
1b:ed:19:de:06:ea:3e:53:36:a4:66:50:4e:e3:5f:
56:42:84:02:a2:84:33:f8:15:3c:b7:ac:a1:0c:48:
a4:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:36:BE:25:E9:2F:A3:2E:01:4F:2C:8C:67:94:BE:BC:4A:2E:A5:2C
X509v3 Authority Key Identifier:
keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/AA00C86E327B11F1A7DE805FC2833773.roa
sbgp-ipAddrBlock: critical
IPv4:
111.88.8.0-111.88.75.255
111.88.78.0/24
111.88.80.0/20
111.88.168.0/23
115.186.2.0-115.186.9.255
115.186.36.0/23
115.186.40.0/24
115.186.42.0-115.186.46.255
115.186.52.0/22
115.186.62.0/23
115.186.76.0-115.186.87.255
115.186.104.0/24
117.102.48.0/20
203.81.224.0-203.81.229.255
203.81.231.0/24
203.81.235.0/24
Signature Algorithm: sha256WithRSAEncryption
24:07:a7:fd:3a:8e:c3:e5:07:73:e0:ba:fe:d2:a6:20:6e:55:
c6:11:ac:21:4b:e4:68:e5:d3:ac:39:92:10:76:e3:de:92:48:
c5:ab:ee:2e:78:9d:50:8b:bf:61:fb:12:e6:f9:1b:31:b9:be:
90:42:1f:74:81:24:81:36:d5:6d:20:99:65:70:c6:c8:3f:f7:
72:99:ef:b8:4b:00:4f:80:f6:76:dd:42:dd:c9:ae:d6:db:29:
3d:4a:22:bd:e8:27:3a:42:bb:c0:ad:8a:0a:22:07:2d:5e:2c:
1e:b8:b4:de:c2:01:40:9c:73:19:9a:61:2a:1e:4f:96:8d:08:
57:3c:24:fd:43:7a:ea:e4:d1:85:ad:92:3b:06:68:2d:d7:6f:
13:c9:38:7e:cc:98:63:8b:a6:b2:1c:76:dc:62:cc:82:ff:f9:
d1:e5:e6:72:29:f5:78:dd:4c:b6:0b:97:31:c4:f1:99:93:95:
e4:4b:3e:30:53:94:f3:75:ff:b8:f3:19:71:6c:80:73:0b:25:
21:c6:93:97:9d:7b:de:23:ae:b0:a4:a4:c0:0c:4b:ab:80:c9:
02:37:fe:fe:81:6b:2e:b7:84:29:09:42:56:6b:d0:5c:79:e2:
97:b2:45:e0:68:b8:b4:88:0d:de:48:b8:24:0b:bf:be:d1:10:
0e:95:99:6d
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgICO1wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE
RDIxRkUyMDYwHhcNMjYwNDA3MTkwNjU3WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWQ1NTVkMS05MjcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5KET9QWY088hk5gKG0wfjTHSn7iPyGR1j8Zh3n/AFCRBECUTBf+YGTwouu8W
kNfV//9Rj6a/z0pIF9gU9Y/bqSKBzXEVnfsIxK242AHS/OsErWmWdAU4yc9HRoxi
bL9UOFV85ZnYL0htk5Mew8jmVB6w4ud/3d8m0xk4nX6/0BqlkdOZeK9LIqz3dvAO
khkyb1ghnlwXpTGixAO2kMJyTqiPb9cmgyFL+rSZxO3mr2RfxtK8XvMuvP0j7QGj
Qv1GuALu0UpIeAIuwBe8gQVygl9TBNVPpFsxlQxgA8EeFtAb7RneBuo+UzakZlBO
419WQoQCooQz+BU8t6yhDEikUwIDAQABo4IC5zCCAuMwHQYDVR0OBBYEFJA2viXp
L6MuAU8sjGeUvrxKLqUsMB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE
ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvQUEwMEM4NkUz
MjdCMTFGMUE3REU4MDVGQzI4MzM3NzMucm9hMIGlBggrBgEFBQcBBwEB/wSBlTCB
kjCBjwQCAAEwgYgwDAMEA29YCAMEAm9YSAMEAG9YTgMEBG9YUAMEAW9YqDAMAwQB
c7oCAwQBc7oIAwQBc7okAwQAc7ooMAwDBAFzuioDBABzui4DBAJzujQDBAFzuj4w
DAMEAnO6TAMEA3O6UAMEAHO6aAMEBHVmMDAMAwQFy1HgAwQBy1HkAwQAy1HnAwQA
y1HrMA0GCSqGSIb3DQEBCwUAA4IBAQAkB6f9Oo7D5Qdz4Lr+0qYgblXGEawhS+Ro
5dOsOZIQduPekkjFq+4ueJ1Qi79h+xLm+Rsxub6QQh90gSSBNtVtIJllcMbIP/dy
me+4SwBPgPZ23ULdya7W2yk9SiK96Cc6QrvArYoKIgctXiweuLTewgFAnHMZmmEq
Hk+WjQhXPCT9Q3rq5NGFrZI7Bmgt128TyTh+zJhji6ayHHbcYsyC//nR5eZyKfV4
3Uy2C5cxxPGZk5XkSz4wU5Tzdf+48xlxbIBzCyUhxpOXnXveI66wpKTADEurgMkC
N/7+gWsut4QpCUJWa9BceeKXskXgaLi0iA3eSLgkC7++0RAOlZlt
-----END CERTIFICATE-----
Generated at Thu Apr 16 22:36:05 2026 by rpki-client