Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/0D8C94BAAB2811ECB3CF9363C4F9AE02.roa
File: 0D8C94BAAB2811ECB3CF9363C4F9AE02.roa (raw, json)
Hash identifier: KY96V7nPX5oq3FzsE82d+7qiOhZ/q030YiLdCFM2iGI=
Subject key identifier: AC:57:28:72:76:5C:A0:61:95:09:B6:85:57:BF:38:22:95:F7:F6:FE
Certificate issuer: /CN=A9182502/serialNumber=8C3CCB4FFB89189C6EF5B34DFDAABE1806A5218A
Certificate serial: 0B49
Authority key identifier: 8C:3C:CB:4F:FB:89:18:9C:6E:F5:B3:4D:FD:AA:BE:18:06:A5:21:8A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jDzLT_uJGJxu9bNN_aq-GAalIYo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/0D8C94BAAB2811ECB3CF9363C4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:07:17 +0000
ROA not before: Tue 12 Aug 2025 20:31:15 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 141768
IP address blocks: 39.109.66.0/23 maxlen: 23
39.109.66.0/24 maxlen: 24
39.109.67.0/24 maxlen: 24
39.109.68.0/24 maxlen: 24
39.109.69.0/24 maxlen: 24
39.109.70.0/24 maxlen: 24
39.109.71.0/24 maxlen: 24
39.109.72.0/21 maxlen: 21
39.109.72.0/24 maxlen: 24
39.109.73.0/24 maxlen: 24
39.109.74.0/24 maxlen: 24
39.109.75.0/24 maxlen: 24
39.109.77.0/24 maxlen: 24
39.109.79.0/24 maxlen: 24
39.109.80.0/21 maxlen: 21
39.109.80.0/24 maxlen: 24
39.109.81.0/24 maxlen: 24
39.109.83.0/24 maxlen: 24
39.109.86.0/24 maxlen: 24
39.109.87.0/24 maxlen: 24
39.109.88.0/22 maxlen: 22
39.109.88.0/24 maxlen: 24
39.109.89.0/24 maxlen: 24
39.109.90.0/24 maxlen: 24
39.109.91.0/24 maxlen: 24
103.82.216.0/24 maxlen: 24
103.82.217.0/24 maxlen: 24
103.82.218.0/24 maxlen: 24
103.82.219.0/24 maxlen: 24
103.98.14.0/24 maxlen: 24
103.119.132.0/24 maxlen: 24
103.119.133.0/24 maxlen: 24
2403:e840:8000::/33 maxlen: 33
2403:e840:fffe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/jDzLT_uJGJxu9bNN_aq-GAalIYo.crl
rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/jDzLT_uJGJxu9bNN_aq-GAalIYo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jDzLT_uJGJxu9bNN_aq-GAalIYo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:37:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2889 (0xb49)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9182502, serialNumber=8C3CCB4FFB89189C6EF5B34DFDAABE1806A5218A
Validity
Not Before: Aug 12 20:31:15 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=69a48055-3c2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:25:41:78:0f:4e:b9:62:c6:f7:ab:62:83:12:
ec:22:53:4b:01:d3:38:1c:20:a1:cd:16:29:6f:86:
9e:20:05:26:53:7f:a0:c1:dc:f7:c0:37:ca:2c:3e:
ef:07:17:90:6c:63:32:3e:dc:6f:db:24:e7:e9:2d:
a5:d2:9f:6d:c3:08:75:65:20:7f:e4:92:8c:dd:cd:
c8:74:c1:2d:a8:96:86:95:4a:1a:72:b1:d9:82:1a:
a4:96:d5:c1:8b:93:41:53:13:c4:df:d9:d9:32:55:
e7:f3:f6:ae:9b:24:04:ff:8e:63:7d:2c:e6:e3:c8:
23:30:bf:cf:8f:46:e4:e0:7b:6b:95:82:41:d0:d8:
7f:fc:60:38:1c:f3:df:43:b4:41:59:e2:b2:f4:91:
73:d1:24:d5:ee:28:ac:b2:56:cb:48:1a:96:dd:e2:
cf:97:31:83:54:38:12:f2:f6:16:e7:06:c8:1b:ea:
e2:c3:90:7d:75:8a:65:61:d9:31:a8:3e:93:fb:b7:
4c:97:93:03:ca:06:51:a7:9b:6e:ed:21:13:f5:c0:
5f:c2:32:87:d4:9b:ff:21:a4:e8:c4:a7:3b:42:31:
1f:89:57:1e:b8:42:25:2a:dd:58:05:0f:93:ae:d1:
5a:fe:1e:ff:33:48:cb:fc:7e:c5:f2:7f:3c:31:f9:
fe:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:57:28:72:76:5C:A0:61:95:09:B6:85:57:BF:38:22:95:F7:F6:FE
X509v3 Authority Key Identifier:
keyid:8C:3C:CB:4F:FB:89:18:9C:6E:F5:B3:4D:FD:AA:BE:18:06:A5:21:8A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/jDzLT_uJGJxu9bNN_aq-GAalIYo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jDzLT_uJGJxu9bNN_aq-GAalIYo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/0D8C94BAAB2811ECB3CF9363C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
39.109.66.0-39.109.91.255
103.82.216.0/22
103.98.14.0/24
103.119.132.0/23
IPv6:
2403:e840:8000::/33
Signature Algorithm: sha256WithRSAEncryption
2e:c1:3e:9c:2c:92:e0:df:d5:b8:36:6e:f0:23:b0:73:57:21:
ac:7e:cf:67:e8:91:2f:6c:b1:11:07:ab:05:d1:4b:c2:5a:da:
1f:8b:8f:3d:a2:74:b6:58:84:f8:82:0a:61:fb:3b:b1:a1:04:
70:70:3a:12:02:6d:b7:c7:23:39:b5:f5:d8:80:ed:22:24:35:
a0:2d:98:f0:5a:f0:f6:3f:de:5c:9c:ef:6a:18:f3:9c:67:35:
26:f8:68:50:f0:59:e4:78:0a:59:4f:cb:25:0c:af:25:82:fa:
5a:24:f2:71:e5:75:d5:54:03:25:53:f1:23:99:0e:61:97:50:
eb:ff:7f:fd:2f:24:8a:78:0f:d3:b0:84:61:fa:46:aa:8e:44:
97:48:fc:27:71:ea:d8:f0:58:05:8a:4e:df:d2:d8:fd:b1:b7:
c9:c1:49:8b:35:81:cc:5e:2f:ad:b7:07:ae:a5:9e:46:2f:5c:
ae:0e:23:0f:bb:83:0b:ce:0d:b1:47:66:2e:e5:64:32:11:ad:
fa:af:b8:a1:d6:ce:4f:b3:1e:1a:46:e3:e9:a7:21:dc:12:7a:
4f:47:4b:2e:2e:17:04:c7:dd:66:41:d9:9d:f9:b0:fb:9c:96:
82:39:1b:0d:a5:c1:e4:0d:75:c6:be:00:c8:3c:d3:a8:05:56:
d6:60:a8:4d
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgICC0kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODI1MDIxMTAvBgNVBAUTKDhDM0NDQjRGRkI4OTE4OUM2RUY1QjM0REZEQUFCRTE4
MDZBNTIxOEEwHhcNMjUwODEyMjAzMTE1WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODA1NS0zYzJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuSVBeA9OuWLG96tigxLsIlNLAdM4HCChzRYpb4aeIAUmU3+gwdz3wDfKLD7v
BxeQbGMyPtxv2yTn6S2l0p9twwh1ZSB/5JKM3c3IdMEtqJaGlUoacrHZghqkltXB
i5NBUxPE39nZMlXn8/aumyQE/45jfSzm48gjML/Pj0bk4HtrlYJB0Nh//GA4HPPf
Q7RBWeKy9JFz0STV7iisslbLSBqW3eLPlzGDVDgS8vYW5wbIG+riw5B9dYplYdkx
qD6T+7dMl5MDygZRp5tu7SET9cBfwjKH1Jv/IaToxKc7QjEfiVceuEIlKt1YBQ+T
rtFa/h7/M0jL/H7F8n88Mfn+swIDAQABo4ICijCCAoYwHQYDVR0OBBYEFKxXKHJ2
XKBhlQm2hVe/OCKV9/b+MB8GA1UdIwQYMBaAFIw8y0/7iRicbvWzTf2qvhgGpSGK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MjUwMi9EQTE2QzYzQTcz
Q0MxMUVBQTM5OTUzMjZDNEY5QUUwMi9qRHpMVF91SkdKeHU5Yk5OX2FxLUdBYWxJ
WW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2pEekxUX3VKR0p4dTliTk5fYXEtR0FhbElZby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODI1MDIvREExNkM2M0E3M0NDMTFFQUEzOTk1MzI2QzRGOUFFMDIvMEQ4Qzk0QkFB
QjI4MTFFQ0IzQ0Y5MzYzQzRGOUFFMDIucm9hMEkGCCsGAQUFBwEHAQH/BDowODAm
BAIAATAgMAwDBAEnbUIDBAInbVgDBAJnUtgDBABnYg4DBAFnd4QwDgQCAAIwCAMG
ByQD6ECAMA0GCSqGSIb3DQEBCwUAA4IBAQAuwT6cLJLg39W4Nm7wI7BzVyGsfs9n
6JEvbLERB6sF0UvCWtofi489onS2WIT4ggph+zuxoQRwcDoSAm23xyM5tfXYgO0i
JDWgLZjwWvD2P95cnO9qGPOcZzUm+GhQ8FnkeApZT8slDK8lgvpaJPJx5XXVVAMl
U/EjmQ5hl1Dr/3/9LySKeA/TsIRh+kaqjkSXSPwncerY8FgFik7f0tj9sbfJwUmL
NYHMXi+ttweupZ5GL1yuDiMPu4MLzg2xR2Yu5WQyEa36r7ih1s5Psx4aRuPppyHc
EnpPR0suLhcEx91mQdmd+bD7nJaCORsNpcHkDXXGvgDIPNOoBVbWYKhN
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:50:34 2026 by rpki-client