Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/0774A2C894F211EAB30E7682C4F9AE02.roa
File: 0774A2C894F211EAB30E7682C4F9AE02.roa (raw, json)
Hash identifier: phoNlFrzl7WYjyRvdppnlSL/FBRV8iS5x5iyLwB+dTc=
Subject key identifier: 71:1A:0F:73:47:3B:AC:50:89:62:9A:D6:61:94:5E:57:24:1A:7F:5A
Certificate issuer: /CN=A917F8A9/serialNumber=5C0AB425F2B4235E1C815683BD6C8E8B7B80B727
Certificate serial: 0A27
Authority key identifier: 5C:0A:B4:25:F2:B4:23:5E:1C:81:56:83:BD:6C:8E:8B:7B:80:B7:27
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/0774A2C894F211EAB30E7682C4F9AE02.roa
Signing time: Tue 31 Mar 2026 20:25:39 +0000
ROA not before: Tue 31 Mar 2026 20:25:39 +0000
ROA not after: Fri 28 May 2027 00:00:00 +0000
asID: 136384
IP address blocks: 43.251.252.0/24 maxlen: 24
43.251.253.0/24 maxlen: 24
43.251.254.0/24 maxlen: 24
43.251.255.0/24 maxlen: 24
103.86.52.0/22 maxlen: 24
202.165.226.0/24 maxlen: 24
202.165.227.0/24 maxlen: 24
202.165.230.0/24 maxlen: 24
202.165.232.0/24 maxlen: 24
202.165.233.0/24 maxlen: 24
202.165.234.0/24 maxlen: 24
202.165.236.0/24 maxlen: 24
202.165.237.0/24 maxlen: 24
202.165.238.0/24 maxlen: 24
202.165.246.0/24 maxlen: 24
202.165.250.0/24 maxlen: 24
2400:b940:a::/48 maxlen: 48
2400:b940:b::/48 maxlen: 48
2400:b940:c::/48 maxlen: 48
2400:b940:d::/48 maxlen: 48
2400:b940:e::/48 maxlen: 48
2400:b940:f::/48 maxlen: 48
2400:b940:10::/48 maxlen: 48
2400:b940:11::/48 maxlen: 48
2400:b940:12::/48 maxlen: 48
2400:b940:13::/48 maxlen: 48
2400:b940:14::/48 maxlen: 48
2400:b940:15::/48 maxlen: 48
2400:b940:16::/48 maxlen: 48
2400:b940:18::/48 maxlen: 48
2400:b940:19::/48 maxlen: 48
2400:b940:1a::/48 maxlen: 48
2400:b940:1b::/48 maxlen: 48
2400:b940:1c::/48 maxlen: 48
2400:b940:1d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.crl
rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Apr 2026 19:43:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2599 (0xa27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917F8A9, serialNumber=5C0AB425F2B4235E1C815683BD6C8E8B7B80B727
Validity
Not Before: Mar 31 20:25:39 2026 GMT
Not After : May 28 00:00:00 2027 GMT
Subject: CN=69cc2dc3-baf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:3d:3c:63:34:51:4a:38:5d:0c:3f:bb:36:89:
8e:b2:92:49:e9:56:c9:7d:05:88:ab:47:af:9e:42:
54:54:99:3b:4a:e8:1f:dd:87:00:ab:b6:f9:cf:6e:
33:20:e2:c3:45:95:0e:48:2f:88:a2:7b:23:6d:03:
96:b5:8e:c6:09:6f:73:67:71:bd:c1:ca:db:46:1e:
74:99:33:08:e5:1a:7c:04:c9:c6:21:1a:1b:26:4a:
41:0e:d5:06:fb:f4:c6:3c:1e:1a:43:fd:5c:ff:bd:
41:99:39:ed:4a:12:5d:75:a4:a9:b5:c6:e5:d2:81:
ae:8e:9f:c7:89:70:92:e1:6a:5a:e4:fc:75:0e:aa:
c1:3f:d2:6f:c4:a0:bc:53:8e:b0:c3:cf:86:47:6e:
30:6c:06:90:d3:06:2d:e9:e2:fe:2d:ef:5f:6f:55:
97:2d:09:a5:e2:d3:e8:82:54:06:d9:f4:eb:7a:78:
d5:92:cc:5c:55:2a:49:82:d8:62:0f:6a:c2:70:f1:
c5:fd:33:d8:11:68:d8:b8:a1:66:f5:02:6d:6e:02:
45:5e:63:01:5f:83:f4:99:01:ee:42:35:da:da:83:
2b:fa:ed:9a:cf:b0:94:ac:44:c5:87:cc:17:66:84:
52:b8:29:b1:8e:5b:75:e7:f3:9e:7b:a9:43:f8:83:
60:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:1A:0F:73:47:3B:AC:50:89:62:9A:D6:61:94:5E:57:24:1A:7F:5A
X509v3 Authority Key Identifier:
keyid:5C:0A:B4:25:F2:B4:23:5E:1C:81:56:83:BD:6C:8E:8B:7B:80:B7:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/0774A2C894F211EAB30E7682C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.251.252.0/22
103.86.52.0/22
202.165.226.0/23
202.165.230.0/24
202.165.232.0-202.165.234.255
202.165.236.0-202.165.238.255
202.165.246.0/24
202.165.250.0/24
IPv6:
2400:b940:a::-2400:b940:16:ffff:ffff:ffff:ffff:ffff
2400:b940:18::-2400:b940:1d:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8f:62:21:35:89:84:f6:33:bf:5d:55:c9:a9:94:0b:f6:1b:3a:
b6:6d:d1:56:19:4e:ec:be:13:ef:1f:05:97:eb:cf:e0:70:7c:
f2:6c:47:a9:5d:ee:fa:9c:07:fc:63:14:be:36:bc:36:2d:55:
74:9e:19:09:c0:d4:66:f4:c4:80:7f:b8:36:26:c3:0a:9a:18:
97:08:36:79:85:50:5b:bc:a1:13:20:20:7b:55:10:40:1c:44:
ce:47:74:bf:8d:7a:a4:d1:c9:0c:f7:f7:bd:e4:99:64:57:9f:
7b:04:aa:99:60:a0:61:d6:1a:b9:61:ec:57:51:3d:67:f9:a8:
7a:83:0e:6e:d5:57:ed:27:69:77:ea:ac:f5:15:04:0e:06:6b:
8a:93:fa:34:a0:bc:a5:7d:9f:0d:03:32:7f:fb:78:63:2e:1a:
f4:25:ce:13:86:f7:fb:08:9d:7e:58:54:18:23:6c:ef:8b:46:
fa:3f:1c:99:b4:a4:61:fc:18:4a:74:31:24:cc:a5:f0:1f:e5:
75:b7:a8:99:e9:f4:b6:17:0d:f2:59:0e:45:2f:4e:fc:fc:37:
34:d7:d6:27:b4:ec:0c:e7:c5:5a:75:9f:f1:4f:77:22:9c:78:
79:f2:18:3e:d5:39:ef:fd:75:92:1f:21:c9:3f:da:11:1b:64:
64:5b:50:da
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgICCicwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0Y4QTkxMTAvBgNVBAUTKDVDMEFCNDI1RjJCNDIzNUUxQzgxNTY4M0JENkM4RThC
N0I4MEI3MjcwHhcNMjYwMzMxMjAyNTM5WhcNMjcwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWNjMmRjMy1iYWYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyD08YzRRSjhdDD+7NomOspJJ6VbJfQWIq0evnkJUVJk7Sugf3YcAq7b5z24z
IOLDRZUOSC+IonsjbQOWtY7GCW9zZ3G9wcrbRh50mTMI5Rp8BMnGIRobJkpBDtUG
+/TGPB4aQ/1c/71BmTntShJddaSptcbl0oGujp/HiXCS4Wpa5Px1DqrBP9JvxKC8
U46ww8+GR24wbAaQ0wYt6eL+Le9fb1WXLQml4tPoglQG2fTrenjVksxcVSpJgthi
D2rCcPHF/TPYEWjYuKFm9QJtbgJFXmMBX4P0mQHuQjXa2oMr+u2az7CUrETFh8wX
ZoRSuCmxjlt15/Oee6lD+INg+wIDAQABo4ICyzCCAscwHQYDVR0OBBYEFHEaD3NH
O6xQiWKa1mGUXlckGn9aMB8GA1UdIwQYMBaAFFwKtCXytCNeHIFWg71sjot7gLcn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RjhBOS8yQUEwNDMzMDk0
RjAxMUVBODNFRjFFN0RDNEY5QUUwMi9YQXEwSmZLMEkxNGNnVmFEdld5T2kzdUF0
eWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hBcTBKZkswSTE0Y2dWYUR2V3lPaTN1QXR5Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0Y4QTkvMkFBMDQzMzA5NEYwMTFFQTgzRUYxRTdEQzRGOUFFMDIvMDc3NEEyQzg5
NEYyMTFFQUIzMEU3NjgyQzRGOUFFMDIucm9hMIGJBggrBgEFBQcBBwEB/wR6MHgw
RgQCAAEwQAMEAiv7/AMEAmdWNAMEAcql4gMEAMql5jAMAwQDyqXoAwQAyqXqMAwD
BALKpewDBADKpe4DBADKpfYDBADKpfowLgQCAAIwKDASAwcBJAC5QAAKAwcAJAC5
QAAWMBIDBwMkALlAABgDBwEkALlAABwwDQYJKoZIhvcNAQELBQADggEBAI9iITWJ
hPYzv11VyamUC/YbOrZt0VYZTuy+E+8fBZfrz+BwfPJsR6ld7vqcB/xjFL42vDYt
VXSeGQnA1Gb0xIB/uDYmwwqaGJcINnmFUFu8oRMgIHtVEEAcRM5HdL+NeqTRyQz3
973kmWRXn3sEqplgoGHWGrlh7FdRPWf5qHqDDm7VV+0naXfqrPUVBA4Ga4qT+jSg
vKV9nw0DMn/7eGMuGvQlzhOG9/sInX5YVBgjbO+LRvo/HJm0pGH8GEp0MSTMpfAf
5XW3qJnp9LYXDfJZDkUvTvz8NzTX1ie07AznxVp1n/FPdyKceHnyGD7VOe/9dZIf
Ick/2hEbZGRbUNo=
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:57:06 2026 by rpki-client