Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9176AFD/5BB2230A92F811E784CA0E5CC4F9AE02/D6D99A3EBE3711EDA6617C5DC4F9AE02.roa
File: D6D99A3EBE3711EDA6617C5DC4F9AE02.roa (raw, json)
Hash identifier: FF3AIYHnenSUuGagUXAW6Yxw88+RVwJAWvdOH/bQVLA=
Subject key identifier: 4A:13:00:94:4C:F4:D5:9A:3C:69:B6:12:CF:27:A8:74:FE:85:C9:FF
Certificate issuer: /CN=A9176AFD/serialNumber=0A422A6397D8EB6CB35775297CEB55A5E18FE1E2
Certificate serial: 1963
Authority key identifier: 0A:42:2A:63:97:D8:EB:6C:B3:57:75:29:7C:EB:55:A5:E1:8F:E1:E2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkIqY5fY62yzV3UpfOtVpeGP4eI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9176AFD/5BB2230A92F811E784CA0E5CC4F9AE02/D6D99A3EBE3711EDA6617C5DC4F9AE02.roa
Signing time: Sun 01 Mar 2026 11:31:03 +0000
ROA not before: Thu 28 Aug 2025 16:35:39 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 9934
IP address blocks: 103.242.44.0/22 maxlen: 22
202.179.0.0/19 maxlen: 19
202.179.0.0/24 maxlen: 24
202.179.1.0/24 maxlen: 24
202.179.2.0/24 maxlen: 24
202.179.3.0/24 maxlen: 24
202.179.4.0/24 maxlen: 24
202.179.5.0/24 maxlen: 24
202.179.6.0/24 maxlen: 24
202.179.7.0/24 maxlen: 24
202.179.8.0/24 maxlen: 24
202.179.9.0/24 maxlen: 24
202.179.10.0/24 maxlen: 24
202.179.11.0/24 maxlen: 24
202.179.12.0/24 maxlen: 24
202.179.13.0/24 maxlen: 24
202.179.14.0/23 maxlen: 23
202.179.16.0/24 maxlen: 24
202.179.17.0/24 maxlen: 24
202.179.18.0/24 maxlen: 24
202.179.19.0/24 maxlen: 24
202.179.20.0/24 maxlen: 24
202.179.21.0/24 maxlen: 24
202.179.22.0/24 maxlen: 24
202.179.23.0/24 maxlen: 24
202.179.24.0/24 maxlen: 24
202.179.25.0/24 maxlen: 24
202.179.26.0/24 maxlen: 24
202.179.27.0/24 maxlen: 24
202.179.28.0/24 maxlen: 24
202.179.29.0/24 maxlen: 24
202.179.30.0/24 maxlen: 24
202.179.31.0/24 maxlen: 24
2400:7480::/32 maxlen: 32
2400:7480::/36 maxlen: 36
2400:7480:1000::/36 maxlen: 36
2400:7480:2000::/36 maxlen: 36
2400:7480:3000::/36 maxlen: 36
2400:7480:4000::/35 maxlen: 36
2400:7480:6000::/36 maxlen: 36
2400:7480:7000::/36 maxlen: 36
2400:7480:8000::/36 maxlen: 36
2400:7480:9000::/36 maxlen: 36
2400:7480:a000::/36 maxlen: 36
2400:7480:b000::/36 maxlen: 36
2400:7480:c000::/35 maxlen: 36
2400:7480:e000::/36 maxlen: 36
2400:7480:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9176AFD/5BB2230A92F811E784CA0E5CC4F9AE02/CkIqY5fY62yzV3UpfOtVpeGP4eI.crl
rsync://rpki.apnic.net/member_repository/A9176AFD/5BB2230A92F811E784CA0E5CC4F9AE02/CkIqY5fY62yzV3UpfOtVpeGP4eI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkIqY5fY62yzV3UpfOtVpeGP4eI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:31:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6499 (0x1963)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9176AFD, serialNumber=0A422A6397D8EB6CB35775297CEB55A5E18FE1E2
Validity
Not Before: Aug 28 16:35:39 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=69a42377-1fd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e7:5e:ac:0a:9a:0a:84:f4:78:30:d8:73:22:
b2:39:3b:bc:d7:0b:f6:50:c6:e5:4f:05:d1:c3:17:
8b:b7:2d:a6:44:63:f5:0a:db:c6:d6:e5:74:50:bc:
69:09:51:eb:41:49:4b:07:cf:28:99:db:ef:8a:f6:
a1:2e:a2:a1:bc:b4:f8:87:8b:c9:11:c2:5a:91:cb:
25:ac:85:96:fc:23:b6:1a:69:c0:9b:95:df:47:7e:
c6:da:1b:97:54:22:ae:10:1d:e6:82:c0:dc:a3:96:
ae:5c:6a:b8:8a:a8:e1:64:23:51:fa:5d:df:6f:53:
6e:f9:c6:54:62:12:f8:98:05:5e:1f:88:4b:ad:90:
af:41:d4:cf:c4:65:8f:b0:8e:2e:09:d3:bb:27:64:
a4:de:71:24:ce:61:a5:0c:f6:4d:ac:d8:c8:9f:5e:
52:ab:85:b5:b7:0c:c2:55:0b:b6:d5:f6:df:0d:27:
d0:f5:e5:ad:0c:d4:cc:b3:8e:27:b7:db:92:3a:42:
e3:ec:6e:80:0b:80:70:32:2b:82:a8:ea:f8:d2:e2:
14:ed:69:36:e3:23:d3:3b:ac:9e:86:b8:ab:7d:33:
85:f6:8d:13:5a:5c:df:b5:83:1d:67:78:bb:b4:18:
9d:b8:45:b6:14:36:ed:83:2b:76:91:66:6e:ee:40:
5d:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:13:00:94:4C:F4:D5:9A:3C:69:B6:12:CF:27:A8:74:FE:85:C9:FF
X509v3 Authority Key Identifier:
keyid:0A:42:2A:63:97:D8:EB:6C:B3:57:75:29:7C:EB:55:A5:E1:8F:E1:E2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9176AFD/5BB2230A92F811E784CA0E5CC4F9AE02/CkIqY5fY62yzV3UpfOtVpeGP4eI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkIqY5fY62yzV3UpfOtVpeGP4eI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9176AFD/5BB2230A92F811E784CA0E5CC4F9AE02/D6D99A3EBE3711EDA6617C5DC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.242.44.0/22
202.179.0.0/19
IPv6:
2400:7480::/32
Signature Algorithm: sha256WithRSAEncryption
74:4d:a5:26:62:e5:cf:19:d4:57:f0:9d:1f:53:c6:02:29:9e:
34:92:cd:a9:16:7c:11:1d:7f:92:29:04:d3:a6:4f:72:29:c6:
f4:1d:ff:e7:80:e6:a4:5a:88:52:0d:41:0e:38:b8:cb:a9:53:
b1:8a:72:bf:e6:85:9e:bf:20:aa:81:c6:38:6e:f9:84:f3:54:
7f:66:5d:19:56:f6:39:fe:5f:e2:23:36:e5:16:35:a5:06:ed:
00:5b:eb:4d:7e:a7:76:01:5f:40:81:ed:8d:20:55:8f:7f:f6:
80:8a:1a:f7:54:78:99:0f:aa:20:bf:37:71:dd:f2:a7:4c:f9:
2f:07:52:af:72:31:a6:44:8d:4f:30:05:fe:18:4d:cd:36:f3:
3c:55:95:19:40:af:ba:cb:52:3e:8b:2d:f7:84:1b:49:2f:90:
90:b0:95:e3:bf:e9:d9:ca:10:8c:cd:d5:bd:6f:2e:83:f8:0c:
cf:55:fd:7f:56:6b:5c:7c:fe:bb:a0:85:0d:27:d2:da:c6:b1:
79:5b:6d:c6:44:a0:70:45:df:28:e1:b5:b9:7f:8f:22:b0:68:
c7:af:b4:95:08:ba:b8:ed:d3:2b:1f:13:dc:0b:ac:46:56:64:
62:8f:7d:4b:76:76:3c:b8:9f:46:8c:a6:99:3f:f6:35:18:4e:
65:63:af:27
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgICGWMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzZBRkQxMTAvBgNVBAUTKDBBNDIyQTYzOTdEOEVCNkNCMzU3NzUyOTdDRUI1NUE1
RTE4RkUxRTIwHhcNMjUwODI4MTYzNTM5WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0MjM3Ny0xZmQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvederAqaCoT0eDDYcyKyOTu81wv2UMblTwXRwxeLty2mRGP1CtvG1uV0ULxp
CVHrQUlLB88omdvvivahLqKhvLT4h4vJEcJakcslrIWW/CO2GmnAm5XfR37G2huX
VCKuEB3mgsDco5auXGq4iqjhZCNR+l3fb1Nu+cZUYhL4mAVeH4hLrZCvQdTPxGWP
sI4uCdO7J2Sk3nEkzmGlDPZNrNjIn15Sq4W1twzCVQu21fbfDSfQ9eWtDNTMs44n
t9uSOkLj7G6AC4BwMiuCqOr40uIU7Wk24yPTO6yehrirfTOF9o0TWlzftYMdZ3i7
tBiduEW2FDbtgyt2kWZu7kBdBwIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFEoTAJRM
9NWaPGm2Es8nqHT+hcn/MB8GA1UdIwQYMBaAFApCKmOX2Otss1d1KXzrVaXhj+Hi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NkFGRC81QkIyMjMwQTky
RjgxMUU3ODRDQTBFNUNDNEY5QUUwMi9Da0lxWTVmWTYyeXpWM1VwZk90VnBlR1A0
ZUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NrSXFZNWZZNjJ5elYzVXBmT3RWcGVHUDRlSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzZBRkQvNUJCMjIzMEE5MkY4MTFFNzg0Q0EwRTVDQzRGOUFFMDIvRDZEOTlBM0VC
RTM3MTFFREE2NjE3QzVEQzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS
BAIAATAMAwQCZ/IsAwQFyrMAMA0EAgACMAcDBQAkAHSAMA0GCSqGSIb3DQEBCwUA
A4IBAQB0TaUmYuXPGdRX8J0fU8YCKZ40ks2pFnwRHX+SKQTTpk9yKcb0Hf/ngOak
WohSDUEOOLjLqVOxinK/5oWevyCqgcY4bvmE81R/Zl0ZVvY5/l/iIzblFjWlBu0A
W+tNfqd2AV9Age2NIFWPf/aAihr3VHiZD6ogvzdx3fKnTPkvB1KvcjGmRI1PMAX+
GE3NNvM8VZUZQK+6y1I+iy33hBtJL5CQsJXjv+nZyhCMzdW9by6D+AzPVf1/Vmtc
fP67oIUNJ9LaxrF5W23GRKBwRd8o4bW5f48isGjHr7SVCLq47dMrHxPcC6xGVmRi
j31LdnY8uJ9GjKaZP/Y1GE5lY68n
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:57:47 2026 by rpki-client