Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9170304/9EF411301D8E11E2B18226ED08B02CD2/5E26899A1B2211F093230420C4F9AE02.roa
File: 5E26899A1B2211F093230420C4F9AE02.roa (raw, json)
Hash identifier: ov2XR5fGqZ4ALZ0siLzwZ5cyMvdJNGUbH8vGT4hcN5w=
Subject key identifier: 48:A4:19:2C:6C:69:35:AA:04:8B:D2:C4:72:32:42:8C:F5:29:E0:5D
Certificate issuer: /CN=A9170304/serialNumber=AD270FDE99B1F1069DAB8EF7A576AA2C2AF2C6F0
Certificate serial: 354A
Authority key identifier: AD:27:0F:DE:99:B1:F1:06:9D:AB:8E:F7:A5:76:AA:2C:2A:F2:C6:F0
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rScP3pmx8Qadq473pXaqLCryxvA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9170304/9EF411301D8E11E2B18226ED08B02CD2/5E26899A1B2211F093230420C4F9AE02.roa
Signing time: Sun 01 Mar 2026 11:22:42 +0000
ROA not before: Thu 17 Apr 2025 00:24:47 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 198949
IP address blocks: 147.41.0.0/17 maxlen: 17
147.41.0.0/20 maxlen: 20
147.41.16.0/20 maxlen: 20
147.41.32.0/19 maxlen: 19
147.41.64.0/18 maxlen: 18
147.41.128.0/17 maxlen: 17
147.41.128.0/18 maxlen: 18
147.41.192.0/19 maxlen: 19
147.41.224.0/20 maxlen: 20
147.41.240.0/20 maxlen: 20
147.109.0.0/16 maxlen: 16
147.109.0.0/22 maxlen: 22
147.109.4.0/22 maxlen: 22
147.109.8.0/21 maxlen: 21
147.109.16.0/20 maxlen: 20
147.109.32.0/20 maxlen: 20
147.109.48.0/20 maxlen: 20
147.109.64.0/20 maxlen: 20
147.109.80.0/20 maxlen: 20
147.109.96.0/20 maxlen: 20
147.109.112.0/21 maxlen: 21
147.109.120.0/22 maxlen: 22
147.109.124.0/23 maxlen: 23
147.109.124.0/24 maxlen: 24
147.109.126.0/23 maxlen: 23
147.109.128.0/20 maxlen: 20
147.109.144.0/20 maxlen: 20
147.109.160.0/19 maxlen: 19
147.109.192.0/20 maxlen: 20
147.109.192.0/21 maxlen: 21
147.109.208.0/20 maxlen: 21
147.109.224.0/20 maxlen: 20
147.109.240.0/21 maxlen: 21
147.109.248.0/21 maxlen: 21
192.26.232.0/24 maxlen: 24
192.107.101.0/24 maxlen: 24
192.190.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9170304/9EF411301D8E11E2B18226ED08B02CD2/rScP3pmx8Qadq473pXaqLCryxvA.crl
rsync://rpki.apnic.net/member_repository/A9170304/9EF411301D8E11E2B18226ED08B02CD2/rScP3pmx8Qadq473pXaqLCryxvA.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rScP3pmx8Qadq473pXaqLCryxvA.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 14:59:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13642 (0x354a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9170304, serialNumber=AD270FDE99B1F1069DAB8EF7A576AA2C2AF2C6F0
Validity
Not Before: Apr 17 00:24:47 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=69a42182-52c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:70:83:7d:df:87:43:92:0e:12:e9:ea:1e:ee:
b5:11:db:2d:32:47:be:39:7c:ad:99:02:76:60:1c:
7b:c1:45:bd:cf:63:84:09:c7:c8:b1:80:c7:96:7b:
13:9f:65:36:a1:73:a0:62:2e:5a:21:01:bc:2c:4a:
55:a2:c0:d8:e9:c6:df:a0:bf:af:8c:1d:7e:e6:e1:
7f:e6:c2:6b:c6:9f:a8:74:52:2b:9e:ad:a1:18:4a:
92:75:99:ed:8d:22:b1:3a:e4:35:c4:d5:67:aa:15:
e0:b2:ec:ad:10:20:fd:e8:f2:26:b8:a7:3e:ff:77:
97:e7:73:ab:9f:d3:cb:39:9e:ee:34:71:6a:7e:3d:
d9:82:45:92:e6:08:63:6f:07:be:3a:ad:0d:ff:c3:
51:47:7b:87:ae:3b:f7:43:07:ba:87:ec:90:77:83:
29:64:91:cc:1f:e1:c9:15:6c:4d:3e:55:79:ac:4f:
78:91:c3:2d:00:be:af:0f:1d:5a:e6:67:94:83:b8:
b8:f3:88:b6:04:3d:64:3b:40:41:e5:44:89:b6:96:
9c:de:81:75:2a:eb:b8:4c:15:c8:0f:53:03:76:54:
df:02:1f:39:85:8d:c0:d8:76:10:92:ee:9a:66:57:
53:9b:15:0d:a2:25:92:84:d5:a8:14:86:b0:f2:61:
e3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:A4:19:2C:6C:69:35:AA:04:8B:D2:C4:72:32:42:8C:F5:29:E0:5D
X509v3 Authority Key Identifier:
keyid:AD:27:0F:DE:99:B1:F1:06:9D:AB:8E:F7:A5:76:AA:2C:2A:F2:C6:F0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9170304/9EF411301D8E11E2B18226ED08B02CD2/rScP3pmx8Qadq473pXaqLCryxvA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rScP3pmx8Qadq473pXaqLCryxvA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170304/9EF411301D8E11E2B18226ED08B02CD2/5E26899A1B2211F093230420C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
147.41.0.0/16
147.109.0.0/16
192.26.232.0/24
192.107.101.0/24
192.190.61.0/24
Signature Algorithm: sha256WithRSAEncryption
03:fe:e0:99:2b:94:2b:bf:8a:1c:9d:51:43:be:22:24:1b:86:
36:37:02:a8:1a:71:1a:c8:3f:e4:32:e6:74:3c:c6:db:6e:a6:
6d:09:dc:6b:6e:5b:c5:31:30:b2:ab:c3:e8:7e:6a:9c:69:97:
31:5f:03:34:91:8d:cc:28:54:ef:37:45:5b:3a:3b:2e:9d:e1:
89:1e:1c:cd:31:b4:86:08:45:6a:26:e7:df:e6:75:b7:cf:ad:
87:d7:cb:87:ec:b6:42:cb:73:09:2c:c3:e8:be:56:3b:cd:28:
60:58:2d:8f:f6:0a:9b:d5:0f:36:b3:3d:a7:04:15:2e:09:ff:
e9:f2:d2:a7:d5:df:a4:52:42:c1:c9:e1:c3:d4:96:62:4c:f3:
b9:c4:9b:1e:30:70:d0:b5:da:5f:d4:75:fd:65:0b:64:03:05:
58:d6:1d:46:ff:2d:2c:6b:b6:c5:0c:37:5c:fc:25:bc:47:ab:
6a:09:f2:c2:9f:aa:41:0e:04:9d:d4:50:02:cb:35:74:5e:57:
c5:42:be:3b:e3:85:d2:c6:10:ea:b7:92:59:00:0e:f6:58:e4:
a0:d3:6e:53:b4:af:ac:a8:81:5e:43:07:07:52:19:99:c3:b6:
43:10:61:2a:17:70:e5:d4:94:ff:e8:b4:2f:db:99:07:2c:19:
6c:d2:20:97
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgICNUowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzAzMDQxMTAvBgNVBAUTKEFEMjcwRkRFOTlCMUYxMDY5REFCOEVGN0E1NzZBQTJD
MkFGMkM2RjAwHhcNMjUwNDE3MDAyNDQ3WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0MjE4Mi01MmM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwXCDfd+HQ5IOEunqHu61EdstMke+OXytmQJ2YBx7wUW9z2OECcfIsYDHlnsT
n2U2oXOgYi5aIQG8LEpVosDY6cbfoL+vjB1+5uF/5sJrxp+odFIrnq2hGEqSdZnt
jSKxOuQ1xNVnqhXgsuytECD96PImuKc+/3eX53Orn9PLOZ7uNHFqfj3ZgkWS5ghj
bwe+Oq0N/8NRR3uHrjv3Qwe6h+yQd4MpZJHMH+HJFWxNPlV5rE94kcMtAL6vDx1a
5meUg7i484i2BD1kO0BB5USJtpac3oF1Kuu4TBXID1MDdlTfAh85hY3A2HYQku6a
ZldTmxUNoiWShNWoFIaw8mHjGwIDAQABo4ICdjCCAnIwHQYDVR0OBBYEFEikGSxs
aTWqBIvSxHIyQoz1KeBdMB8GA1UdIwQYMBaAFK0nD96ZsfEGnauO96V2qiwq8sbw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MDMwNC85RUY0MTEzMDFE
OEUxMUUyQjE4MjI2RUQwOEIwMkNEMi9yU2NQM3BteDhRYWRxNDczcFhhcUxDcnl4
dkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3JTY1AzcG14OFFhZHE0NzNwWGFxTENyeXh2QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzAzMDQvOUVGNDExMzAxRDhFMTFFMkIxODIyNkVEMDhCMDJDRDIvNUUyNjg5OUEx
QjIyMTFGMDkzMjMwNDIwQzRGOUFFMDIucm9hMDUGCCsGAQUFBwEHAQH/BCYwJDAi
BAIAATAcAwMAkykDAwCTbQMEAMAa6AMEAMBrZQMEAMC+PTANBgkqhkiG9w0BAQsF
AAOCAQEAA/7gmSuUK7+KHJ1RQ74iJBuGNjcCqBpxGsg/5DLmdDzG226mbQnca25b
xTEwsqvD6H5qnGmXMV8DNJGNzChU7zdFWzo7Lp3hiR4czTG0hghFaibn3+Z1t8+t
h9fLh+y2QstzCSzD6L5WO80oYFgtj/YKm9UPNrM9pwQVLgn/6fLSp9XfpFJCwcnh
w9SWYkzzucSbHjBw0LXaX9R1/WULZAMFWNYdRv8tLGu2xQw3XPwlvEeragnywp+q
QQ4EndRQAss1dF5XxUK+O+OF0sYQ6reSWQAO9ljkoNNuU7SvrKiBXkMHB1IZmcO2
QxBhKhdw5dSU/+i0L9uZBywZbNIglw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:40:12 2026 by rpki-client