Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9178EB0/E32C87CC50D511ECB3F8D529C4F9AE02/B38D932050EF11EC8583962BC4F9AE02.roa
File: B38D932050EF11EC8583962BC4F9AE02.roa (raw, json)
Hash identifier: pjU8yoKCWn12BkoGzYOOIFYk2quDrJg/9dgAwTEFemk=
Subject key identifier: B4:06:61:C0:B9:B5:CD:AE:32:1B:D8:86:55:84:9B:F4:24:30:AF:62
Certificate issuer: /CN=A9178EB0/serialNumber=E1B910B9C7310C9F65594FC6E8989FC953B36E51
Certificate serial: 04FC
Authority key identifier: E1:B9:10:B9:C7:31:0C:9F:65:59:4F:C6:E8:98:9F:C9:53:B3:6E:51
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/4bkQuccxDJ9lWU_G6JifyVOzblE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9178EB0/E32C87CC50D511ECB3F8D529C4F9AE02/B38D932050EF11EC8583962BC4F9AE02.roa
Signing time: Sun 01 Mar 2026 15:42:33 +0000
ROA not before: Tue 18 Nov 2025 20:11:21 +0000
ROA not after: Sun 31 Jan 2027 00:00:00 +0000
asID: 45753
IP address blocks: 52.128.224.0/19 maxlen: 19
52.128.224.0/24 maxlen: 24
52.128.225.0/24 maxlen: 24
52.128.226.0/24 maxlen: 24
52.128.227.0/24 maxlen: 24
52.128.228.0/24 maxlen: 24
52.128.229.0/24 maxlen: 24
52.128.230.0/24 maxlen: 24
52.128.231.0/24 maxlen: 24
52.128.232.0/24 maxlen: 24
52.128.233.0/24 maxlen: 24
52.128.234.0/24 maxlen: 24
52.128.235.0/24 maxlen: 24
52.128.236.0/24 maxlen: 24
52.128.237.0/24 maxlen: 24
52.128.238.0/24 maxlen: 24
52.128.239.0/24 maxlen: 24
52.128.240.0/24 maxlen: 24
52.128.241.0/24 maxlen: 24
52.128.242.0/24 maxlen: 24
52.128.243.0/24 maxlen: 24
52.128.244.0/24 maxlen: 24
52.128.245.0/24 maxlen: 24
52.128.246.0/24 maxlen: 24
52.128.247.0/24 maxlen: 24
52.128.248.0/24 maxlen: 24
52.128.249.0/24 maxlen: 24
52.128.250.0/24 maxlen: 24
52.128.251.0/24 maxlen: 24
52.128.252.0/24 maxlen: 24
52.128.253.0/24 maxlen: 24
52.128.254.0/24 maxlen: 24
52.128.255.0/24 maxlen: 24
148.66.0.0/19 maxlen: 19
148.66.0.0/24 maxlen: 24
148.66.1.0/24 maxlen: 24
148.66.2.0/24 maxlen: 24
148.66.3.0/24 maxlen: 24
148.66.4.0/24 maxlen: 24
148.66.5.0/24 maxlen: 24
148.66.6.0/24 maxlen: 24
148.66.7.0/24 maxlen: 24
148.66.8.0/24 maxlen: 24
148.66.9.0/24 maxlen: 24
148.66.10.0/24 maxlen: 24
148.66.11.0/24 maxlen: 24
148.66.12.0/24 maxlen: 24
148.66.13.0/24 maxlen: 24
148.66.14.0/24 maxlen: 24
148.66.15.0/24 maxlen: 24
148.66.16.0/24 maxlen: 24
148.66.17.0/24 maxlen: 24
148.66.18.0/24 maxlen: 24
148.66.19.0/24 maxlen: 24
148.66.20.0/24 maxlen: 24
148.66.21.0/24 maxlen: 24
148.66.22.0/24 maxlen: 24
148.66.23.0/24 maxlen: 24
148.66.24.0/24 maxlen: 24
148.66.25.0/24 maxlen: 24
148.66.26.0/24 maxlen: 24
148.66.27.0/24 maxlen: 24
148.66.28.0/24 maxlen: 24
148.66.29.0/24 maxlen: 24
148.66.30.0/24 maxlen: 24
148.66.31.0/24 maxlen: 24
216.118.224.0/19 maxlen: 19
216.118.224.0/24 maxlen: 24
216.118.225.0/24 maxlen: 24
216.118.226.0/24 maxlen: 24
216.118.227.0/24 maxlen: 24
216.118.228.0/24 maxlen: 24
216.118.229.0/24 maxlen: 24
216.118.230.0/24 maxlen: 24
216.118.231.0/24 maxlen: 24
216.118.232.0/24 maxlen: 24
216.118.233.0/24 maxlen: 24
216.118.234.0/24 maxlen: 24
216.118.235.0/24 maxlen: 24
216.118.236.0/24 maxlen: 24
216.118.237.0/24 maxlen: 24
216.118.238.0/24 maxlen: 24
216.118.239.0/24 maxlen: 24
216.118.240.0/24 maxlen: 24
216.118.241.0/24 maxlen: 24
216.118.242.0/24 maxlen: 24
216.118.243.0/24 maxlen: 24
216.118.244.0/24 maxlen: 24
216.118.245.0/24 maxlen: 24
216.118.246.0/24 maxlen: 24
216.118.247.0/24 maxlen: 24
216.118.248.0/24 maxlen: 24
216.118.249.0/24 maxlen: 24
216.118.250.0/24 maxlen: 24
216.118.251.0/24 maxlen: 24
216.118.252.0/24 maxlen: 24
216.118.253.0/24 maxlen: 24
216.118.254.0/24 maxlen: 24
216.118.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9178EB0/E32C87CC50D511ECB3F8D529C4F9AE02/4bkQuccxDJ9lWU_G6JifyVOzblE.crl
rsync://rpki.apnic.net/member_repository/A9178EB0/E32C87CC50D511ECB3F8D529C4F9AE02/4bkQuccxDJ9lWU_G6JifyVOzblE.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/4bkQuccxDJ9lWU_G6JifyVOzblE.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 02:14:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1276 (0x4fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9178EB0, serialNumber=E1B910B9C7310C9F65594FC6E8989FC953B36E51
Validity
Not Before: Nov 18 20:11:21 2025 GMT
Not After : Jan 31 00:00:00 2027 GMT
Subject: CN=69a45e69-609e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:93:a2:6c:ad:3b:79:8f:18:40:6f:6b:9f:06:
fe:05:4d:5e:e9:c4:3c:b5:8e:20:65:6b:98:e3:29:
26:fd:89:f2:9a:90:75:c1:04:cb:af:2e:73:96:cc:
95:75:6c:a6:da:f5:2e:57:63:18:b4:0e:6f:41:78:
4c:e0:a5:f5:fd:7f:78:2e:c3:e1:39:e5:f3:f2:21:
cd:23:a5:7d:36:c4:9d:f1:c1:eb:7c:40:8f:33:dd:
90:b2:85:ab:b4:21:a7:0a:a6:99:00:3d:bf:0c:ad:
3f:c2:2b:55:16:3c:4d:51:a3:be:f3:f1:19:9a:e3:
ef:fe:09:9f:a1:7f:bb:95:60:6b:f7:d1:14:8f:06:
80:3c:e1:b3:91:11:06:44:73:27:07:f2:7f:de:22:
5e:53:42:5a:34:d2:19:0c:af:42:dd:93:a2:7b:60:
ae:54:5a:32:a9:05:07:67:69:a4:5e:a0:b8:76:86:
6e:37:87:8c:17:d6:89:65:0d:ca:8d:e0:37:6c:28:
0c:b4:0d:37:4b:2c:69:30:80:cb:26:35:d6:2f:a2:
76:87:2b:0c:af:e3:14:33:49:50:ad:67:62:61:f9:
f3:1d:88:aa:b1:3d:82:bc:e9:13:79:74:62:07:a6:
34:ae:ca:5a:a9:10:ff:8c:7b:fa:30:2e:d1:cf:51:
f0:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:06:61:C0:B9:B5:CD:AE:32:1B:D8:86:55:84:9B:F4:24:30:AF:62
X509v3 Authority Key Identifier:
keyid:E1:B9:10:B9:C7:31:0C:9F:65:59:4F:C6:E8:98:9F:C9:53:B3:6E:51
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9178EB0/E32C87CC50D511ECB3F8D529C4F9AE02/4bkQuccxDJ9lWU_G6JifyVOzblE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/4bkQuccxDJ9lWU_G6JifyVOzblE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9178EB0/E32C87CC50D511ECB3F8D529C4F9AE02/B38D932050EF11EC8583962BC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
52.128.224.0/19
148.66.0.0/19
216.118.224.0/19
Signature Algorithm: sha256WithRSAEncryption
a1:74:e5:97:0b:1b:20:11:7c:e9:cb:01:f4:16:a7:93:98:6c:
f9:01:d3:bd:13:31:8b:6b:33:9b:b0:b5:5a:e3:6c:4a:5c:ef:
12:32:06:73:83:c3:d4:f8:14:66:49:8e:d8:30:09:c1:e5:d6:
be:f1:eb:dc:88:a9:3d:a4:73:58:db:91:2a:1a:44:0f:a7:43:
a0:a4:b0:ad:f8:c9:3e:a7:9b:c4:f5:83:f1:f9:3c:61:5e:bc:
3c:b3:11:5c:e7:aa:f9:e5:cb:8c:db:1e:69:ae:b9:aa:5d:20:
2f:a8:92:e3:2b:54:6d:1d:75:01:d3:d3:15:ac:a0:79:a1:b3:
e2:b2:34:37:c5:25:cf:83:b1:23:7a:51:7b:d8:71:29:53:72:
81:93:05:0e:12:7e:b1:27:4b:40:ab:3f:6d:65:e4:64:fb:b6:
9f:c5:14:17:3e:f0:20:83:60:a3:e6:70:b4:ac:81:05:67:84:
c5:0f:43:e4:32:40:1f:66:15:4d:4c:b4:4c:13:69:ac:55:4d:
34:7f:43:c9:67:60:86:7b:a9:62:59:ca:a0:87:38:88:a9:b1:
45:98:83:24:6f:fd:b4:cb:2e:1b:85:f0:8c:74:55:b0:be:c2:
00:27:18:9e:00:88:f3:ef:37:9d:18:7c:67:14:34:3e:f0:8f:
10:04:aa:21
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgICBPwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzhFQjAxMTAvBgNVBAUTKEUxQjkxMEI5QzczMTBDOUY2NTU5NEZDNkU4OTg5RkM5
NTNCMzZFNTEwHhcNMjUxMTE4MjAxMTIxWhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NWU2OS02MDllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArpOibK07eY8YQG9rnwb+BU1e6cQ8tY4gZWuY4ykm/YnympB1wQTLry5zlsyV
dWym2vUuV2MYtA5vQXhM4KX1/X94LsPhOeXz8iHNI6V9NsSd8cHrfECPM92QsoWr
tCGnCqaZAD2/DK0/witVFjxNUaO+8/EZmuPv/gmfoX+7lWBr99EUjwaAPOGzkREG
RHMnB/J/3iJeU0JaNNIZDK9C3ZOie2CuVFoyqQUHZ2mkXqC4doZuN4eMF9aJZQ3K
jeA3bCgMtA03SyxpMIDLJjXWL6J2hysMr+MUM0lQrWdiYfnzHYiqsT2CvOkTeXRi
B6Y0rspaqRD/jHv6MC7Rz1HwBQIDAQABo4ICbDCCAmgwHQYDVR0OBBYEFLQGYcC5
tc2uMhvYhlWEm/QkMK9iMB8GA1UdIwQYMBaAFOG5ELnHMQyfZVlPxuiYn8lTs25R
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OEVCMC9FMzJDODdDQzUw
RDUxMUVDQjNGOEQ1MjlDNEY5QUUwMi80YmtRdWNjeERKOWxXVV9HNkppZnlWT3pi
bEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzRia1F1Y2N4REo5bFdVX0c2SmlmeVZPemJsRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzhFQjAvRTMyQzg3Q0M1MEQ1MTFFQ0IzRjhENTI5QzRGOUFFMDIvQjM4RDkzMjA1
MEVGMTFFQzg1ODM5NjJCQzRGOUFFMDIucm9hMCsGCCsGAQUFBwEHAQH/BBwwGjAY
BAIAATASAwQFNIDgAwQFlEIAAwQF2HbgMA0GCSqGSIb3DQEBCwUAA4IBAQChdOWX
CxsgEXzpywH0FqeTmGz5AdO9EzGLazObsLVa42xKXO8SMgZzg8PU+BRmSY7YMAnB
5da+8evciKk9pHNY25EqGkQPp0OgpLCt+Mk+p5vE9YPx+TxhXrw8sxFc56r55cuM
2x5prrmqXSAvqJLjK1RtHXUB09MVrKB5obPisjQ3xSXPg7EjelF72HEpU3KBkwUO
En6xJ0tAqz9tZeRk+7afxRQXPvAgg2Cj5nC0rIEFZ4TFD0PkMkAfZhVNTLRME2ms
VU00f0PJZ2CGe6liWcqghziIqbFFmIMkb/20yy4bhfCMdFWwvsIAJxieAIjz7zed
GHxnFDQ+8I8QBKoh
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:38:00 2026 by rpki-client