Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9172878/4C998A361D8A11E28A1F23E408B02CD2/8D2DEDF4C2A811EBA79A7055C4F9AE02.roa
File: 8D2DEDF4C2A811EBA79A7055C4F9AE02.roa (raw, json)
Hash identifier: WEGQ9dGVwS6YPRbOtRBXT7+GFDURLeGGLBdmhlaFUM8=
Subject key identifier: F8:90:A7:17:4B:F0:C9:76:B9:91:2F:68:5C:4D:CB:B1:C2:9A:C7:A4
Certificate issuer: /CN=A9172878/serialNumber=A3D00626C2F9B462C5507FF180C36DE9C3399CB2
Certificate serial: 359E
Authority key identifier: A3:D0:06:26:C2:F9:B4:62:C5:50:7F:F1:80:C3:6D:E9:C3:39:9C:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9AGJsL5tGLFUH_xgMNt6cM5nLI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9172878/4C998A361D8A11E28A1F23E408B02CD2/8D2DEDF4C2A811EBA79A7055C4F9AE02.roa
Signing time: Sun 01 Mar 2026 16:21:05 +0000
ROA not before: Wed 31 Dec 2025 15:10:29 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 18399
IP address blocks: 61.4.65.0/24 maxlen: 24
61.4.68.0/24 maxlen: 24
61.4.69.0/24 maxlen: 24
61.4.70.0/24 maxlen: 24
61.4.71.0/24 maxlen: 24
61.4.72.0/24 maxlen: 24
61.4.73.0/24 maxlen: 24
61.4.74.0/24 maxlen: 24
61.4.75.0/24 maxlen: 24
61.4.76.0/24 maxlen: 24
61.4.77.0/24 maxlen: 24
61.4.78.0/24 maxlen: 24
61.4.79.0/24 maxlen: 24
122.248.100.0/24 maxlen: 24
122.248.101.0/24 maxlen: 24
122.248.102.0/24 maxlen: 24
122.248.103.0/24 maxlen: 24
122.248.104.0/24 maxlen: 24
122.248.105.0/24 maxlen: 24
122.248.106.0/24 maxlen: 24
122.248.112.0/24 maxlen: 24
122.248.113.0/24 maxlen: 24
122.248.118.0/24 maxlen: 24
122.248.119.0/24 maxlen: 24
122.248.120.0/24 maxlen: 24
122.248.121.0/24 maxlen: 24
122.248.122.0/24 maxlen: 24
122.248.126.0/24 maxlen: 24
203.81.160.0/24 maxlen: 24
203.81.161.0/24 maxlen: 24
203.81.162.0/24 maxlen: 24
203.81.163.0/24 maxlen: 24
203.81.164.0/24 maxlen: 24
203.81.165.0/24 maxlen: 24
203.81.168.0/24 maxlen: 24
203.81.169.0/24 maxlen: 24
203.81.172.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9172878/4C998A361D8A11E28A1F23E408B02CD2/o9AGJsL5tGLFUH_xgMNt6cM5nLI.crl
rsync://rpki.apnic.net/member_repository/A9172878/4C998A361D8A11E28A1F23E408B02CD2/o9AGJsL5tGLFUH_xgMNt6cM5nLI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9AGJsL5tGLFUH_xgMNt6cM5nLI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 18:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13726 (0x359e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9172878, serialNumber=A3D00626C2F9B462C5507FF180C36DE9C3399CB2
Validity
Not Before: Dec 31 15:10:29 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=69a46771-b243
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:93:cc:2c:b4:a3:34:00:ac:ee:14:67:4a:45:
7b:10:9f:01:c7:db:51:bd:d5:07:d3:f7:f1:5c:8a:
c2:a1:00:45:aa:71:ee:dd:df:58:22:2b:80:42:6a:
f7:1f:2c:ae:46:4c:f7:ce:27:1a:ca:d2:c0:ee:ef:
cd:2b:a8:34:5d:64:09:f6:ed:22:1b:1d:da:8c:44:
b1:ed:e0:b4:e8:c6:1c:07:5d:e9:e8:4e:26:78:20:
f5:c2:b5:85:2e:d8:11:0b:18:f6:4c:f3:de:b1:69:
be:c8:a1:0e:49:f4:dd:4b:d2:a6:e6:5a:47:f7:70:
f3:b9:3b:85:17:ec:a6:2a:1d:f7:87:a1:9e:a7:2a:
34:fb:96:62:65:62:dd:3a:04:28:98:cd:f5:7d:50:
e0:3a:0a:40:80:b7:cf:37:e1:ce:47:72:9f:90:99:
2d:2a:b8:af:91:8c:5c:b2:e1:ec:b3:a3:0d:d0:16:
0e:28:ba:58:19:8d:97:15:68:d8:2e:ce:c0:e3:06:
05:47:34:6d:08:c7:04:f7:e8:a5:3e:58:31:67:96:
b4:e9:de:f9:0c:24:ed:b4:db:2c:e5:d2:de:67:87:
b3:79:16:45:52:26:6e:db:3c:7e:72:46:d6:dd:7b:
c9:9b:e0:ed:07:e1:7c:52:a9:1c:3d:35:5b:02:90:
91:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:90:A7:17:4B:F0:C9:76:B9:91:2F:68:5C:4D:CB:B1:C2:9A:C7:A4
X509v3 Authority Key Identifier:
keyid:A3:D0:06:26:C2:F9:B4:62:C5:50:7F:F1:80:C3:6D:E9:C3:39:9C:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9172878/4C998A361D8A11E28A1F23E408B02CD2/o9AGJsL5tGLFUH_xgMNt6cM5nLI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9AGJsL5tGLFUH_xgMNt6cM5nLI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172878/4C998A361D8A11E28A1F23E408B02CD2/8D2DEDF4C2A811EBA79A7055C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
61.4.65.0/24
61.4.68.0-61.4.79.255
122.248.100.0-122.248.106.255
122.248.112.0/23
122.248.118.0-122.248.122.255
122.248.126.0/24
203.81.160.0-203.81.165.255
203.81.168.0/23
203.81.172.0/22
Signature Algorithm: sha256WithRSAEncryption
25:16:fb:72:c0:d9:d0:41:fd:d8:52:76:22:1f:8d:ca:7a:0a:
9d:dd:0e:44:9a:e7:56:0e:ab:50:00:6b:cb:19:e1:04:45:1e:
2e:39:d8:d8:f8:bd:ca:24:d3:43:3f:3e:1b:d4:4c:69:7a:36:
d5:9a:d2:32:0f:dc:19:46:18:8f:c7:f5:7e:eb:0f:10:23:e7:
51:2d:9e:f1:ee:a3:4c:5a:26:3f:90:5a:90:e0:cd:8e:8a:30:
c6:8e:eb:d2:cb:4c:a2:33:4e:76:41:c7:1c:3b:7f:83:76:49:
b6:15:a3:1e:1a:07:3d:14:0f:43:83:d6:20:4d:e9:63:d0:94:
8c:96:14:73:b4:f5:2b:33:3e:a2:e3:3a:ea:3d:a7:26:c4:dd:
f6:ae:f3:0a:44:aa:5a:06:87:e0:ef:15:3b:4d:96:dd:12:ac:
ef:8e:1d:c5:19:d2:e6:a7:7a:c2:c2:fe:d6:5b:30:5f:e3:93:
35:d7:52:fb:d9:fb:e7:99:56:fe:5e:ac:51:26:0d:1a:77:a3:
49:31:89:fc:d4:04:89:f6:1c:12:cf:53:ca:53:5a:ae:d7:2d:
c0:8f:c8:a5:b1:a6:50:0f:28:97:a5:bd:ac:2f:6c:24:87:88:
f7:65:bc:43:c5:67:07:d3:18:65:33:93:b2:a7:03:12:e0:a1:
65:bc:4d:83
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICNZ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzI4NzgxMTAvBgNVBAUTKEEzRDAwNjI2QzJGOUI0NjJDNTUwN0ZGMTgwQzM2REU5
QzMzOTlDQjIwHhcNMjUxMjMxMTUxMDI5WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0Njc3MS1iMjQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuZPMLLSjNACs7hRnSkV7EJ8Bx9tRvdUH0/fxXIrCoQBFqnHu3d9YIiuAQmr3
HyyuRkz3zicaytLA7u/NK6g0XWQJ9u0iGx3ajESx7eC06MYcB13p6E4meCD1wrWF
LtgRCxj2TPPesWm+yKEOSfTdS9Km5lpH93DzuTuFF+ymKh33h6Gepyo0+5ZiZWLd
OgQomM31fVDgOgpAgLfPN+HOR3KfkJktKrivkYxcsuHss6MN0BYOKLpYGY2XFWjY
Ls7A4wYFRzRtCMcE9+ilPlgxZ5a06d75DCTttNss5dLeZ4ezeRZFUiZu2zx+ckbW
3XvJm+DtB+F8UqkcPTVbApCRjwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFPiQpxdL
8Ml2uZEvaFxNy7HCmsekMB8GA1UdIwQYMBaAFKPQBibC+bRixVB/8YDDbenDOZyy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Mjg3OC80Qzk5OEEzNjFE
OEExMUUyOEExRjIzRTQwOEIwMkNEMi9vOUFHSnNMNXRHTEZVSF94Z01OdDZjTTVu
TEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL285QUdKc0w1dEdMRlVIX3hnTU50NmNNNW5MSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzI4NzgvNEM5OThBMzYxRDhBMTFFMjhBMUYyM0U0MDhCMDJDRDIvOEQyREVERjRD
MkE4MTFFQkE3OUE3MDU1QzRGOUFFMDIucm9hMG8GCCsGAQUFBwEHAQH/BGAwXjBc
BAIAATBWAwQAPQRBMAwDBAI9BEQDBAQ9BEAwDAMEAnr4ZAMEAHr4agMEAXr4cDAM
AwQBevh2AwQAevh6AwQAevh+MAwDBAXLUaADBAHLUaQDBAHLUagDBALLUawwDQYJ
KoZIhvcNAQELBQADggEBACUW+3LA2dBB/dhSdiIfjcp6Cp3dDkSa51YOq1AAa8sZ
4QRFHi452Nj4vcok00M/PhvUTGl6NtWa0jIP3BlGGI/H9X7rDxAj51EtnvHuo0xa
Jj+QWpDgzY6KMMaO69LLTKIzTnZBxxw7f4N2SbYVox4aBz0UD0OD1iBN6WPQlIyW
FHO09SszPqLjOuo9pybE3fau8wpEqloGh+DvFTtNlt0SrO+OHcUZ0uanesLC/tZb
MF/jkzXXUvvZ++eZVv5erFEmDRp3o0kxifzUBIn2HBLPU8pTWq7XLcCPyKWxplAP
KJelvawvbCSHiPdlvEPFZwfTGGUzk7KnAxLgoWW8TYM=
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:51:12 2026 by rpki-client