Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/7909FCC06DF211EA806B671BC4F9AE02.roa
File: 7909FCC06DF211EA806B671BC4F9AE02.roa (raw, json)
Hash identifier: tbYGd6UVeCar7YDPrrVwr5SEFpCLcr10ctxUO2K5vSI=
Subject key identifier: F3:97:58:7B:69:30:81:E7:64:F7:24:2B:87:BA:06:1F:14:15:74:93
Certificate issuer: /CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Certificate serial: 3A5A
Authority key identifier: F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/7909FCC06DF211EA806B671BC4F9AE02.roa
Signing time: Sun 01 Mar 2026 21:22:18 +0000
ROA not before: Fri 16 Jan 2026 16:13:24 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 23951
IP address blocks: 103.101.136.0/24 maxlen: 24
103.101.137.0/24 maxlen: 24
103.101.138.0/24 maxlen: 24
103.101.139.0/24 maxlen: 24
117.20.48.0/24 maxlen: 24
117.20.49.0/24 maxlen: 24
117.20.50.0/24 maxlen: 24
117.20.51.0/24 maxlen: 24
117.20.52.0/24 maxlen: 24
117.20.53.0/24 maxlen: 24
117.20.54.0/24 maxlen: 24
117.20.55.0/24 maxlen: 24
117.20.56.0/24 maxlen: 24
117.20.57.0/24 maxlen: 24
117.20.58.0/24 maxlen: 24
117.20.59.0/24 maxlen: 24
117.20.60.0/24 maxlen: 24
117.20.61.0/24 maxlen: 24
117.20.62.0/24 maxlen: 24
117.20.63.0/24 maxlen: 24
202.152.129.0/24 maxlen: 24
202.152.130.0/24 maxlen: 24
202.152.131.0/24 maxlen: 24
202.152.132.0/24 maxlen: 24
202.152.133.0/24 maxlen: 24
202.152.134.0/24 maxlen: 24
202.152.135.0/24 maxlen: 24
202.152.136.0/24 maxlen: 24
202.152.137.0/24 maxlen: 24
202.152.138.0/24 maxlen: 24
202.152.139.0/24 maxlen: 24
202.152.140.0/24 maxlen: 24
202.152.141.0/24 maxlen: 24
202.152.142.0/24 maxlen: 24
202.152.143.0/24 maxlen: 24
202.152.144.0/24 maxlen: 24
202.152.145.0/24 maxlen: 24
202.152.146.0/24 maxlen: 24
202.152.147.0/24 maxlen: 24
202.152.148.0/24 maxlen: 24
202.152.149.0/24 maxlen: 24
202.152.150.0/24 maxlen: 24
202.152.151.0/24 maxlen: 24
202.152.152.0/24 maxlen: 24
202.152.153.0/24 maxlen: 24
202.152.154.0/24 maxlen: 24
202.152.155.0/24 maxlen: 24
202.152.156.0/24 maxlen: 24
202.152.157.0/24 maxlen: 24
202.152.158.0/24 maxlen: 24
202.152.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 02:02:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14938 (0x3a5a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186214, serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Validity
Not Before: Jan 16 16:13:24 2026 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=69a4ae0a-2ad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:8d:b0:14:d9:c7:2e:21:98:d6:f0:f3:09:f1:
55:0f:af:20:2b:fd:7d:98:9d:67:cf:ea:8a:be:7e:
b1:4f:27:bc:d3:79:33:d0:39:1f:e3:fb:17:d7:6c:
9a:36:e1:c2:d7:ac:c8:ad:71:05:af:99:2c:7b:b3:
4b:43:bf:8e:cd:5a:74:d6:cf:ab:e9:f9:3f:35:29:
66:4d:cf:b5:ec:81:29:15:53:00:e7:aa:10:db:57:
c0:7f:6d:50:2d:e4:67:e1:5f:c8:9a:6a:ec:a0:15:
ef:d8:41:95:8c:45:0d:bf:8e:21:f7:2d:c1:ee:e6:
05:ee:af:e9:e0:ac:b9:b0:c6:11:ee:11:93:c4:b8:
fd:37:aa:d7:dd:63:05:de:21:dd:b2:9c:75:be:09:
04:37:0d:e0:1e:33:b3:0e:ed:e3:a1:4f:46:eb:1a:
42:1d:2b:ed:52:77:13:45:5a:f1:71:d4:c6:21:e7:
17:73:aa:9e:8d:3f:e4:a1:be:0b:30:fe:62:dd:6c:
56:6e:90:66:6c:67:08:51:1b:99:44:fd:6e:65:3e:
47:60:d8:39:a1:37:12:90:7e:aa:84:32:83:94:73:
97:9e:c7:47:07:7e:90:7b:5f:7c:52:88:8f:2d:7b:
e3:7e:f2:5b:03:bc:a3:0c:ac:82:42:bb:f6:ac:84:
be:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:97:58:7B:69:30:81:E7:64:F7:24:2B:87:BA:06:1F:14:15:74:93
X509v3 Authority Key Identifier:
keyid:F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/7909FCC06DF211EA806B671BC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.101.136.0/22
117.20.48.0/20
202.152.129.0-202.152.159.255
Signature Algorithm: sha256WithRSAEncryption
1d:54:cc:58:1b:ac:aa:18:c3:a7:45:b8:18:84:26:e0:d6:53:
43:e9:b5:0e:b2:c6:db:90:c5:b0:1a:3b:df:63:56:04:0a:66:
97:de:64:c3:12:57:b4:34:43:a3:95:24:4b:53:be:69:58:f2:
17:d1:4b:20:f4:cb:65:dd:a7:6e:c5:9b:92:d5:fc:6e:3c:09:
4a:c7:6d:13:20:f1:39:4c:0b:f8:fb:a8:29:58:9e:1e:e6:1a:
c7:c2:e7:3b:d1:db:54:81:12:23:9a:22:95:dd:43:e8:90:46:
de:fa:27:08:68:64:e5:b1:9d:41:3c:c1:cf:be:6b:5a:f7:6e:
e0:2b:8a:bb:14:51:09:a8:8e:af:14:f7:4c:ac:c6:61:58:5d:
b7:09:68:72:61:b8:66:ad:98:62:b1:e2:77:9b:6b:ad:32:56:
12:3e:bb:01:f0:78:9c:c2:80:59:3a:be:f9:cf:c9:f5:9d:c9:
59:47:00:7f:95:14:92:89:2a:d8:b6:86:c6:84:29:d9:ca:87:
63:b8:95:af:ba:31:72:29:71:8b:78:49:9b:70:e8:00:c9:43:
e4:25:b1:9d:ef:c8:1a:89:f7:d9:fc:0a:81:05:f9:b0:84:cb:
71:3b:1c:23:8c:47:27:82:e6:af:24:54:c8:92:72:4b:cc:58:
2b:f3:62:3c
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgICOlowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODYyMTQxMTAvBgNVBAUTKEYzREI5RjE2MjAwOEJENjY2Q0JGOEM5OTYwNzgxNENG
QUIyNEQ3RTcwHhcNMjYwMTE2MTYxMzI0WhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0YWUwYS0yYWQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2I2wFNnHLiGY1vDzCfFVD68gK/19mJ1nz+qKvn6xTye803kz0Dkf4/sX12ya
NuHC16zIrXEFr5kse7NLQ7+OzVp01s+r6fk/NSlmTc+17IEpFVMA56oQ21fAf21Q
LeRn4V/ImmrsoBXv2EGVjEUNv44h9y3B7uYF7q/p4Ky5sMYR7hGTxLj9N6rX3WMF
3iHdspx1vgkENw3gHjOzDu3joU9G6xpCHSvtUncTRVrxcdTGIecXc6qejT/kob4L
MP5i3WxWbpBmbGcIURuZRP1uZT5HYNg5oTcSkH6qhDKDlHOXnsdHB36Qe198UoiP
LXvjfvJbA7yjDKyCQrv2rIS+twIDAQABo4ICdDCCAnAwHQYDVR0OBBYEFPOXWHtp
MIHnZPckK4e6Bh8UFXSTMB8GA1UdIwQYMBaAFPPbnxYgCL1mbL+MmWB4FM+rJNfn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjIxNC9DNjVENTM2NDMz
MUExMUU0QUYyQUIzN0NDNEY5QUUwMi84OXVmRmlBSXZXWnN2NHlaWUhnVXo2c2sx
LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg5dWZGaUFJdldac3Y0eVpZSGdVejZzazEtYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODYyMTQvQzY1RDUzNjQzMzFBMTFFNEFGMkFCMzdDQzRGOUFFMDIvNzkwOUZDQzA2
REYyMTFFQTgwNkI2NzFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBwEHAQH/BCQwIjAg
BAIAATAaAwQCZ2WIAwQEdRQwMAwDBADKmIEDBAXKmIAwDQYJKoZIhvcNAQELBQAD
ggEBAB1UzFgbrKoYw6dFuBiEJuDWU0PptQ6yxtuQxbAaO99jVgQKZpfeZMMSV7Q0
Q6OVJEtTvmlY8hfRSyD0y2Xdp27Fm5LV/G48CUrHbRMg8TlMC/j7qClYnh7mGsfC
5zvR21SBEiOaIpXdQ+iQRt76JwhoZOWxnUE8wc++a1r3buArirsUUQmojq8U90ys
xmFYXbcJaHJhuGatmGKx4neba60yVhI+uwHweJzCgFk6vvnPyfWdyVlHAH+VFJKJ
Kti2hsaEKdnKh2O4la+6MXIpcYt4SZtw6ADJQ+QlsZ3vyBqJ99n8CoEF+bCEy3E7
HCOMRyeC5q8kVMiSckvMWCvzYjw=
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:37:30 2026 by rpki-client