Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917C615/4200C9E6006C11EAA363C264C4F9AE02/A0632940737D11F091340126C4F9AE02.roa
File: A0632940737D11F091340126C4F9AE02.roa (raw, json)
Hash identifier: jgDnyohF39lqxw7mpQvIsUiCStGHZCXanpLSjS5jMXg=
Subject key identifier: 0E:5F:B1:8B:F6:4C:17:8D:99:BA:75:37:7A:47:8B:3B:C3:25:06:88
Certificate issuer: /CN=A917C615/serialNumber=1948CC14F30ED83CAA52C8EC4B08C44CA83A629E
Certificate serial: 0D19
Authority key identifier: 19:48:CC:14:F3:0E:D8:3C:AA:52:C8:EC:4B:08:C4:4C:A8:3A:62:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GUjMFPMO2DyqUsjsSwjETKg6Yp4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917C615/4200C9E6006C11EAA363C264C4F9AE02/A0632940737D11F091340126C4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:01:46 +0000
ROA not before: Sun 15 Feb 2026 06:24:53 +0000
ROA not after: Wed 30 Dec 2026 00:00:00 +0000
asID: 64043
IP address blocks: 59.153.16.0/22 maxlen: 22
59.153.16.0/23 maxlen: 23
59.153.16.0/24 maxlen: 24
59.153.17.0/24 maxlen: 24
59.153.18.0/23 maxlen: 23
59.153.18.0/24 maxlen: 24
59.153.19.0/24 maxlen: 24
103.197.248.0/22 maxlen: 22
103.197.248.0/23 maxlen: 23
103.197.248.0/24 maxlen: 24
103.197.249.0/24 maxlen: 24
103.197.250.0/23 maxlen: 23
103.197.250.0/24 maxlen: 24
103.197.251.0/24 maxlen: 24
2403:f2c0::/32 maxlen: 32
2403:f2c0::/36 maxlen: 36
2403:f2c0:efb::/48 maxlen: 48
2403:f2c0:efb:fb::/64 maxlen: 64
2403:f2c0:1000::/36 maxlen: 36
2403:f2c0:2000::/36 maxlen: 36
2403:f2c0:3000::/36 maxlen: 36
2403:f2c0:4000::/36 maxlen: 36
2403:f2c0:5000::/36 maxlen: 36
2403:f2c0:6000::/36 maxlen: 36
2403:f2c0:7000::/36 maxlen: 36
2403:f2c0:8000::/36 maxlen: 36
2403:f2c0:9000::/36 maxlen: 36
2403:f2c0:a000::/36 maxlen: 36
2403:f2c0:b000::/36 maxlen: 36
2403:f2c0:c000::/36 maxlen: 36
2403:f2c0:d000::/36 maxlen: 36
2403:f2c0:e000::/36 maxlen: 36
2403:f2c0:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917C615/4200C9E6006C11EAA363C264C4F9AE02/GUjMFPMO2DyqUsjsSwjETKg6Yp4.crl
rsync://rpki.apnic.net/member_repository/A917C615/4200C9E6006C11EAA363C264C4F9AE02/GUjMFPMO2DyqUsjsSwjETKg6Yp4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GUjMFPMO2DyqUsjsSwjETKg6Yp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:29:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3353 (0xd19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917C615, serialNumber=1948CC14F30ED83CAA52C8EC4B08C44CA83A629E
Validity
Not Before: Feb 15 06:24:53 2026 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=69a470fa-c5bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:55:4f:6d:11:d6:8a:49:a0:6f:7d:90:af:f6:
25:8d:57:68:8c:a1:3c:a6:01:5c:e2:bc:7a:bc:a7:
cf:76:7a:0f:35:53:27:48:4d:87:8c:68:a2:00:b3:
b3:3d:e9:66:e1:c4:7c:85:d3:6b:c7:d2:53:68:0c:
c7:f2:65:c4:59:3f:48:de:03:4b:b8:9a:a0:56:60:
46:76:e3:91:87:90:b5:77:9c:35:77:c1:2f:7f:d5:
a6:30:19:2d:97:73:04:5e:08:86:9e:5a:43:65:92:
82:84:07:2d:65:9d:93:15:ee:5e:9e:e6:67:89:ab:
8e:63:1f:d6:47:3c:a8:70:51:1e:dc:d7:6f:8f:aa:
c8:6c:2e:9f:b3:63:00:c9:b9:da:36:6e:a4:dc:84:
f5:86:dd:f5:4c:f8:ec:d3:74:74:62:4d:ba:a8:28:
44:a8:b4:a0:e6:48:55:c4:9c:5e:f1:3d:62:fb:88:
cc:06:6c:e4:0c:62:64:19:ea:80:83:93:da:6b:fb:
f7:c2:e3:21:e4:a2:5e:61:e6:47:0c:02:8c:da:6a:
c3:86:15:1f:de:2b:38:14:a5:00:f7:63:44:a9:f8:
40:32:aa:ba:23:3d:82:5e:16:b6:7c:94:f9:3e:88:
26:4d:66:7e:c9:9d:54:7a:33:19:f1:99:bd:31:b8:
a0:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:5F:B1:8B:F6:4C:17:8D:99:BA:75:37:7A:47:8B:3B:C3:25:06:88
X509v3 Authority Key Identifier:
keyid:19:48:CC:14:F3:0E:D8:3C:AA:52:C8:EC:4B:08:C4:4C:A8:3A:62:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917C615/4200C9E6006C11EAA363C264C4F9AE02/GUjMFPMO2DyqUsjsSwjETKg6Yp4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GUjMFPMO2DyqUsjsSwjETKg6Yp4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C615/4200C9E6006C11EAA363C264C4F9AE02/A0632940737D11F091340126C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
59.153.16.0/22
103.197.248.0/22
IPv6:
2403:f2c0::/32
Signature Algorithm: sha256WithRSAEncryption
8e:ee:f7:86:d8:8f:b0:78:6e:12:9d:3f:d7:1e:3a:68:cb:15:
90:41:60:01:7d:f6:37:63:66:4a:af:53:8d:74:e0:6d:48:49:
7a:1e:51:0a:12:7e:e1:e0:c5:fd:eb:7b:ef:07:f9:46:2b:8f:
41:c9:23:95:a9:43:4f:e2:d8:a2:63:64:d4:4a:e0:e9:60:e1:
f3:74:3f:8e:03:45:5c:f7:64:3d:d7:15:5b:2d:c4:17:9a:d4:
4b:2c:56:07:b4:cf:7e:38:35:5c:92:ae:f4:b1:20:0e:80:52:
9e:17:9c:d1:7c:ee:29:8f:4b:8b:dc:00:25:a3:2c:31:ee:4b:
58:0f:4d:dc:88:e9:3d:8a:b1:b2:21:3b:d5:ff:b4:1c:d1:5d:
bc:62:0b:d7:8e:b0:b8:4f:c9:3c:97:fd:83:10:98:67:b4:f8:
ef:f1:17:a6:45:20:03:b5:ad:89:42:4d:fe:0a:27:58:00:4b:
86:e9:41:d9:48:72:bd:1e:ee:92:f6:10:b2:8b:22:bb:db:e4:
74:7b:51:36:85:63:11:50:94:2b:fe:74:ac:88:86:23:c0:61:
aa:25:fa:40:22:6b:d8:dc:64:0e:41:ab:90:65:a9:22:34:dd:
66:43:ee:fe:86:90:de:c7:b8:15:47:75:02:27:19:9e:14:66:
b9:d6:cb:57
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgICDRkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0M2MTUxMTAvBgNVBAUTKDE5NDhDQzE0RjMwRUQ4M0NBQTUyQzhFQzRCMDhDNDRD
QTgzQTYyOUUwHhcNMjYwMjE1MDYyNDUzWhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NzBmYS1jNWJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnFVPbRHWikmgb32Qr/YljVdojKE8pgFc4rx6vKfPdnoPNVMnSE2HjGiiALOz
Pelm4cR8hdNrx9JTaAzH8mXEWT9I3gNLuJqgVmBGduORh5C1d5w1d8Evf9WmMBkt
l3MEXgiGnlpDZZKChActZZ2TFe5enuZniauOYx/WRzyocFEe3Ndvj6rIbC6fs2MA
ybnaNm6k3IT1ht31TPjs03R0Yk26qChEqLSg5khVxJxe8T1i+4jMBmzkDGJkGeqA
g5Paa/v3wuMh5KJeYeZHDAKM2mrDhhUf3is4FKUA92NEqfhAMqq6Iz2CXha2fJT5
PogmTWZ+yZ1UejMZ8Zm9Mbig4wIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFA5fsYv2
TBeNmbp1N3pHizvDJQaIMB8GA1UdIwQYMBaAFBlIzBTzDtg8qlLI7EsIxEyoOmKe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzYxNS80MjAwQzlFNjAw
NkMxMUVBQTM2M0MyNjRDNEY5QUUwMi9HVWpNRlBNTzJEeXFVc2pzU3dqRVRLZzZZ
cDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0dVak1GUE1PMkR5cVVzanNTd2pFVEtnNllwNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0M2MTUvNDIwMEM5RTYwMDZDMTFFQUEzNjNDMjY0QzRGOUFFMDIvQTA2MzI5NDA3
MzdEMTFGMDkxMzQwMTI2QzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS
BAIAATAMAwQCO5kQAwQCZ8X4MA0EAgACMAcDBQAkA/LAMA0GCSqGSIb3DQEBCwUA
A4IBAQCO7veG2I+weG4SnT/XHjpoyxWQQWABffY3Y2ZKr1ONdOBtSEl6HlEKEn7h
4MX963vvB/lGK49BySOVqUNP4tiiY2TUSuDpYOHzdD+OA0Vc92Q91xVbLcQXmtRL
LFYHtM9+ODVckq70sSAOgFKeF5zRfO4pj0uL3AAloywx7ktYD03ciOk9irGyITvV
/7Qc0V28YgvXjrC4T8k8l/2DEJhntPjv8RemRSADta2JQk3+CidYAEuG6UHZSHK9
Hu6S9hCyiyK72+R0e1E2hWMRUJQr/nSsiIYjwGGqJfpAImvY3GQOQauQZakiNN1m
Q+7+hpDex7gVR3UCJxmeFGa51stX
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:42:18 2026 by rpki-client