Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917C615/4200C9E6006C11EAA363C264C4F9AE02/A0632940737D11F091340126C4F9AE02.roa
File: A0632940737D11F091340126C4F9AE02.roa (raw, json)
Hash identifier: XYU/OfbvTvF81SZSB9Dz1TfcctHinmn1NKkNjqg6sxk=
Subject key identifier: C1:05:3B:DB:B1:BD:DC:F5:65:A8:C8:4D:6F:33:FE:5E:7B:AD:14:69
Certificate issuer: /CN=A917C615/serialNumber=1948CC14F30ED83CAA52C8EC4B08C44CA83A629E
Certificate serial: 0D41
Authority key identifier: 19:48:CC:14:F3:0E:D8:3C:AA:52:C8:EC:4B:08:C4:4C:A8:3A:62:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GUjMFPMO2DyqUsjsSwjETKg6Yp4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917C615/4200C9E6006C11EAA363C264C4F9AE02/A0632940737D11F091340126C4F9AE02.roa
Signing time: Thu 14 May 2026 16:35:59 +0000
ROA not before: Thu 14 May 2026 16:35:59 +0000
ROA not after: Wed 30 Dec 2026 00:00:00 +0000
asID: 64043
IP address blocks: 59.153.16.0/22 maxlen: 22
59.153.16.0/23 maxlen: 23
59.153.16.0/24 maxlen: 24
59.153.17.0/24 maxlen: 24
59.153.18.0/23 maxlen: 23
59.153.18.0/24 maxlen: 24
59.153.19.0/24 maxlen: 24
103.197.248.0/22 maxlen: 22
103.197.248.0/23 maxlen: 23
103.197.248.0/24 maxlen: 24
103.197.249.0/24 maxlen: 24
103.197.250.0/23 maxlen: 23
103.197.250.0/24 maxlen: 24
103.197.251.0/24 maxlen: 24
2403:f2c0::/32 maxlen: 32
2403:f2c0::/36 maxlen: 36
2403:f2c0:1::/48 maxlen: 48
2403:f2c0:efb::/48 maxlen: 48
2403:f2c0:efb:fb::/64 maxlen: 64
2403:f2c0:1000::/36 maxlen: 36
2403:f2c0:2000::/36 maxlen: 36
2403:f2c0:3000::/36 maxlen: 36
2403:f2c0:4000::/36 maxlen: 36
2403:f2c0:5000::/36 maxlen: 36
2403:f2c0:6000::/36 maxlen: 36
2403:f2c0:7000::/36 maxlen: 36
2403:f2c0:8000::/36 maxlen: 36
2403:f2c0:9000::/36 maxlen: 36
2403:f2c0:a000::/36 maxlen: 36
2403:f2c0:b000::/36 maxlen: 36
2403:f2c0:c000::/36 maxlen: 36
2403:f2c0:d000::/36 maxlen: 36
2403:f2c0:e000::/36 maxlen: 36
2403:f2c0:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917C615/4200C9E6006C11EAA363C264C4F9AE02/GUjMFPMO2DyqUsjsSwjETKg6Yp4.crl
rsync://rpki.apnic.net/member_repository/A917C615/4200C9E6006C11EAA363C264C4F9AE02/GUjMFPMO2DyqUsjsSwjETKg6Yp4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GUjMFPMO2DyqUsjsSwjETKg6Yp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 19 Jun 2026 18:05:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3393 (0xd41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917C615, serialNumber=1948CC14F30ED83CAA52C8EC4B08C44CA83A629E
Validity
Not Before: May 14 16:35:59 2026 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=6a05f9ef-d6ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:67:95:e8:5b:5a:7e:7c:f6:06:1f:c9:94:ff:
4f:ed:2c:f4:9a:65:cb:a5:69:3b:38:1b:6b:a8:e7:
1b:3d:83:b8:a5:88:6d:cf:f9:99:ea:38:63:26:51:
bb:d0:1a:de:0a:e0:fc:62:85:e3:0e:71:24:87:68:
58:c5:09:e7:13:85:c5:8c:d4:5a:53:57:30:ea:cc:
e3:a6:bd:d8:03:80:d7:f4:db:83:b0:d5:ec:ca:fe:
6c:99:e8:7b:f5:3e:e8:8e:d1:58:29:64:13:d6:cf:
65:0f:54:a5:da:25:10:54:68:e5:c7:11:41:a9:7e:
fc:5e:dd:07:e1:f0:83:5c:f1:7e:f9:0a:6b:02:81:
09:62:3b:37:b8:66:76:e4:51:7e:36:5d:9a:70:4e:
d1:47:83:76:ef:b8:0e:06:fb:0f:b3:f9:4c:b9:bc:
4f:39:72:5b:ed:1a:41:e9:8e:0b:62:8b:df:02:b7:
3d:00:72:a7:24:64:7a:f5:a7:ff:4f:61:ba:9e:2d:
4c:f1:f6:50:4b:81:eb:ba:a8:34:ed:dc:8a:a0:94:
88:64:e0:73:91:9c:fb:04:a8:67:1c:50:7a:14:b2:
94:45:1b:5e:0c:07:ca:bc:f1:10:6e:b2:87:31:e3:
64:31:90:aa:c8:14:3a:1f:23:0e:02:31:55:59:54:
f0:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:05:3B:DB:B1:BD:DC:F5:65:A8:C8:4D:6F:33:FE:5E:7B:AD:14:69
X509v3 Authority Key Identifier:
keyid:19:48:CC:14:F3:0E:D8:3C:AA:52:C8:EC:4B:08:C4:4C:A8:3A:62:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917C615/4200C9E6006C11EAA363C264C4F9AE02/GUjMFPMO2DyqUsjsSwjETKg6Yp4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GUjMFPMO2DyqUsjsSwjETKg6Yp4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C615/4200C9E6006C11EAA363C264C4F9AE02/A0632940737D11F091340126C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
59.153.16.0/22
103.197.248.0/22
IPv6:
2403:f2c0::/32
Signature Algorithm: sha256WithRSAEncryption
38:0a:fc:26:8a:b3:a2:b1:1f:59:04:09:8a:bf:ec:44:3b:73:
b8:59:12:18:c5:f8:61:4f:cd:e7:90:1f:22:54:ef:e7:9c:57:
99:7a:c2:70:0d:b9:c1:8f:f8:ea:58:c5:ec:36:51:1b:53:61:
e1:99:0d:48:a8:60:f7:ca:25:f5:fa:c3:75:18:ec:f4:7b:81:
f0:69:c6:22:2f:e9:49:21:f3:ff:b3:6d:79:b6:47:ba:bc:50:
35:77:6b:41:20:ce:1c:30:30:88:43:17:4e:68:82:93:ba:26:
10:52:0c:3f:e6:50:f8:12:43:b3:54:cc:14:64:49:a0:71:c8:
bb:ad:e7:31:96:9a:40:6b:3c:90:62:b6:3e:0d:3e:c7:b2:8f:
2e:d4:c7:5b:f8:9b:3f:ca:3b:ce:9b:94:bc:c9:23:4c:08:78:
3f:f4:fd:b1:a6:31:d7:2b:fc:76:89:b7:70:0d:06:74:06:95:
42:5f:c9:fd:22:f0:67:dc:63:84:9d:00:46:84:d5:43:e7:c0:
0e:d7:d9:40:c2:cf:3a:3e:59:21:c5:47:e0:ad:a9:e7:7a:b5:
6e:f3:d9:db:26:37:6d:e9:7a:10:b4:a0:36:68:eb:8f:1d:ea:
84:95:fd:16:61:30:06:b9:f1:7f:12:a8:2c:99:b9:4f:e0:c3:
70:c4:e3:fe
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgICDUEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0M2MTUxMTAvBgNVBAUTKDE5NDhDQzE0RjMwRUQ4M0NBQTUyQzhFQzRCMDhDNDRD
QTgzQTYyOUUwHhcNMjYwNTE0MTYzNTU5WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTA1ZjllZi1kNmNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArWeV6Ftafnz2Bh/JlP9P7Sz0mmXLpWk7OBtrqOcbPYO4pYhtz/mZ6jhjJlG7
0BreCuD8YoXjDnEkh2hYxQnnE4XFjNRaU1cw6szjpr3YA4DX9NuDsNXsyv5smeh7
9T7ojtFYKWQT1s9lD1Sl2iUQVGjlxxFBqX78Xt0H4fCDXPF++QprAoEJYjs3uGZ2
5FF+Nl2acE7RR4N277gOBvsPs/lMubxPOXJb7RpB6Y4LYovfArc9AHKnJGR69af/
T2G6ni1M8fZQS4Hruqg07dyKoJSIZOBzkZz7BKhnHFB6FLKURRteDAfKvPEQbrKH
MeNkMZCqyBQ6HyMOAjFVWVTwrwIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFMEFO9ux
vdz1ZajITW8z/l57rRRpMB8GA1UdIwQYMBaAFBlIzBTzDtg8qlLI7EsIxEyoOmKe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzYxNS80MjAwQzlFNjAw
NkMxMUVBQTM2M0MyNjRDNEY5QUUwMi9HVWpNRlBNTzJEeXFVc2pzU3dqRVRLZzZZ
cDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0dVak1GUE1PMkR5cVVzanNTd2pFVEtnNllwNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0M2MTUvNDIwMEM5RTYwMDZDMTFFQUEzNjNDMjY0QzRGOUFFMDIvQTA2MzI5NDA3
MzdEMTFGMDkxMzQwMTI2QzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS
BAIAATAMAwQCO5kQAwQCZ8X4MA0EAgACMAcDBQAkA/LAMA0GCSqGSIb3DQEBCwUA
A4IBAQA4CvwmirOisR9ZBAmKv+xEO3O4WRIYxfhhT83nkB8iVO/nnFeZesJwDbnB
j/jqWMXsNlEbU2HhmQ1IqGD3yiX1+sN1GOz0e4HwacYiL+lJIfP/s215tke6vFA1
d2tBIM4cMDCIQxdOaIKTuiYQUgw/5lD4EkOzVMwUZEmgcci7recxlppAazyQYrY+
DT7Hso8u1Mdb+Js/yjvOm5S8ySNMCHg/9P2xpjHXK/x2ibdwDQZ0BpVCX8n9IvBn
3GOEnQBGhNVD58AO19lAws86PlkhxUfgrannerVu89nbJjdt6XoQtKA2aOuPHeqE
lf0WYTAGufF/EqgsmblP4MNwxOP+
-----END CERTIFICATE-----
Generated at Sat Jun 13 23:59:28 2026 by rpki-client