Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186E8A/3B476E7C2DFF11EB868A9135C4F9AE02/8554A0A86A8A11F0BBF66881C4F9AE02.roa
File: 8554A0A86A8A11F0BBF66881C4F9AE02.roa (raw, json)
Hash identifier: wvWVqz0cJZqN/y3BN8jxyofa269vEeFhRHPgjh9DFFc=
Subject key identifier: A2:3E:C5:1E:02:7E:C1:CA:38:4C:1F:DD:66:B9:00:5B:02:4B:15:BF
Certificate issuer: /CN=A9186E8A/serialNumber=A9BCCA6D34D3D5F1EFF8BBE783D49773813E5EF8
Certificate serial: 0870
Authority key identifier: A9:BC:CA:6D:34:D3:D5:F1:EF:F8:BB:E7:83:D4:97:73:81:3E:5E:F8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qbzKbTTT1fHv-Lvng9SXc4E-Xvg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186E8A/3B476E7C2DFF11EB868A9135C4F9AE02/8554A0A86A8A11F0BBF66881C4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:16:07 +0000
ROA not before: Sun 27 Jul 2025 12:31:59 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 62610
IP address blocks: 45.249.244.0/24 maxlen: 24
45.249.245.0/24 maxlen: 24
45.249.246.0/24 maxlen: 24
45.249.247.0/24 maxlen: 24
101.36.106.0/24 maxlen: 24
101.36.107.0/24 maxlen: 24
101.36.108.0/24 maxlen: 24
101.36.109.0/24 maxlen: 24
101.36.110.0/24 maxlen: 24
101.36.111.0/24 maxlen: 24
101.36.112.0/24 maxlen: 24
101.36.113.0/24 maxlen: 24
101.36.116.0/24 maxlen: 24
101.36.117.0/24 maxlen: 24
101.36.118.0/24 maxlen: 24
101.36.119.0/24 maxlen: 24
101.36.120.0/24 maxlen: 24
101.36.121.0/24 maxlen: 24
101.36.122.0/24 maxlen: 24
101.36.123.0/24 maxlen: 24
101.36.124.0/24 maxlen: 24
101.36.125.0/24 maxlen: 24
101.36.126.0/24 maxlen: 24
101.36.127.0/24 maxlen: 24
103.149.26.0/24 maxlen: 24
103.149.27.0/24 maxlen: 24
103.218.240.0/24 maxlen: 24
103.218.241.0/24 maxlen: 24
103.218.242.0/24 maxlen: 24
103.218.243.0/24 maxlen: 24
103.234.61.0/24 maxlen: 24
118.26.36.0/24 maxlen: 24
118.26.37.0/24 maxlen: 24
118.26.38.0/24 maxlen: 24
118.26.39.0/24 maxlen: 24
118.193.32.0/24 maxlen: 24
118.193.33.0/24 maxlen: 24
118.193.34.0/24 maxlen: 24
118.193.35.0/24 maxlen: 24
118.193.36.0/24 maxlen: 24
118.193.37.0/24 maxlen: 24
118.193.38.0/24 maxlen: 24
118.193.39.0/24 maxlen: 24
118.193.40.0/24 maxlen: 24
118.193.41.0/24 maxlen: 24
118.193.42.0/24 maxlen: 24
118.193.43.0/24 maxlen: 24
118.193.44.0/24 maxlen: 24
118.193.45.0/24 maxlen: 24
118.193.46.0/24 maxlen: 24
118.193.47.0/24 maxlen: 24
118.193.79.0/24 maxlen: 24
123.58.208.0/24 maxlen: 24
123.58.209.0/24 maxlen: 24
123.58.210.0/24 maxlen: 24
123.58.211.0/24 maxlen: 24
123.58.212.0/24 maxlen: 24
123.58.213.0/24 maxlen: 24
123.58.214.0/24 maxlen: 24
123.58.215.0/24 maxlen: 24
123.58.216.0/24 maxlen: 24
123.58.217.0/24 maxlen: 24
123.58.218.0/24 maxlen: 24
123.58.219.0/24 maxlen: 24
123.58.220.0/24 maxlen: 24
123.58.221.0/24 maxlen: 24
123.58.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9186E8A/3B476E7C2DFF11EB868A9135C4F9AE02/qbzKbTTT1fHv-Lvng9SXc4E-Xvg.crl
rsync://rpki.apnic.net/member_repository/A9186E8A/3B476E7C2DFF11EB868A9135C4F9AE02/qbzKbTTT1fHv-Lvng9SXc4E-Xvg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qbzKbTTT1fHv-Lvng9SXc4E-Xvg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:54:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2160 (0x870)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186E8A, serialNumber=A9BCCA6D34D3D5F1EFF8BBE783D49773813E5EF8
Validity
Not Before: Jul 27 12:31:59 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=69a48267-ed67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:41:57:ba:70:e7:9a:a5:7e:c5:fb:59:91:a9:
54:a5:40:6e:61:dc:e8:f4:e4:17:25:cc:e0:28:4b:
62:c3:10:39:23:ac:22:45:37:6b:d9:01:10:a6:41:
d3:41:74:cb:42:28:6c:9a:0b:db:df:2d:0f:8d:dc:
29:49:06:d7:49:28:e6:94:56:53:55:cb:11:1b:0f:
bd:74:7b:a1:a2:da:2a:5e:a6:3f:f5:98:b2:e7:b1:
e8:72:15:cd:92:3a:d9:85:01:6a:6f:c2:5f:95:54:
cd:90:c3:d2:bc:a1:ca:ee:0f:46:69:eb:db:76:d1:
47:bc:b1:68:45:97:65:88:fe:90:2a:95:f3:81:99:
a5:5b:bd:fd:21:dc:8a:7b:1a:7f:13:80:ad:82:26:
8b:dd:75:c5:04:19:9a:bd:8b:17:86:e6:2f:9a:23:
f2:cf:29:ce:9f:92:bb:37:4e:ba:f0:cb:a1:bf:05:
fe:19:1f:89:e5:2c:e6:1e:d1:e3:86:0c:bf:17:ee:
36:8d:4f:82:3a:ba:e4:48:78:c5:00:a3:9a:57:84:
42:4c:cc:15:ec:ab:a5:c0:f6:7c:98:e1:73:4f:9d:
59:13:bd:5c:fb:20:0f:67:12:f9:78:fc:3c:47:0a:
f4:ce:ea:77:45:e5:88:52:2a:e3:b5:ed:b8:20:53:
71:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:3E:C5:1E:02:7E:C1:CA:38:4C:1F:DD:66:B9:00:5B:02:4B:15:BF
X509v3 Authority Key Identifier:
keyid:A9:BC:CA:6D:34:D3:D5:F1:EF:F8:BB:E7:83:D4:97:73:81:3E:5E:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186E8A/3B476E7C2DFF11EB868A9135C4F9AE02/qbzKbTTT1fHv-Lvng9SXc4E-Xvg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qbzKbTTT1fHv-Lvng9SXc4E-Xvg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186E8A/3B476E7C2DFF11EB868A9135C4F9AE02/8554A0A86A8A11F0BBF66881C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.249.244.0/22
101.36.106.0-101.36.113.255
101.36.116.0-101.36.127.255
103.149.26.0/23
103.218.240.0/22
103.234.61.0/24
118.26.36.0/22
118.193.32.0/20
118.193.79.0/24
123.58.208.0-123.58.221.255
123.58.223.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:f1:7d:eb:e8:be:79:48:59:f6:cb:7d:0f:10:d6:97:78:5b:
e6:b2:df:28:d2:f5:b3:99:9f:47:6c:e7:e9:bc:25:4c:36:80:
c8:1b:ba:9a:3d:e0:bf:d7:7a:10:bb:43:b9:b8:21:48:c5:0b:
da:74:cc:bf:1b:d9:1f:ec:13:0a:45:e0:09:ce:10:0b:0b:7f:
8d:b7:c2:53:3d:b0:6e:d7:c8:8c:15:0c:8f:ba:e4:73:ea:ed:
31:12:4a:59:6d:a8:5a:36:1e:74:9d:9a:57:3d:cf:24:09:0c:
7f:ed:a3:78:5f:1b:46:1f:2b:d3:a0:aa:e3:15:7a:9a:bc:9c:
07:d0:aa:8f:cf:8a:4a:98:52:97:ba:29:71:69:b0:08:59:e5:
ed:cd:a0:44:36:35:3f:e9:25:f5:7a:19:1b:35:f7:7d:87:80:
50:d8:12:86:cd:30:de:02:14:ed:b7:ec:75:ce:8f:ed:31:6e:
46:50:15:2d:26:fd:c7:fe:95:ea:40:6f:ff:88:84:3e:b0:d1:
b5:06:75:d7:7a:d1:5b:b3:16:a0:07:90:ef:16:55:79:d0:5a:
97:3c:06:a4:8a:ea:e3:ed:e8:9d:0c:b0:35:37:e6:49:56:98:
4a:89:34:c3:f3:b1:9c:dc:cb:2a:16:3e:8b:8f:58:9b:e8:8c:
04:b3:5e:c5
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgICCHAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODZFOEExMTAvBgNVBAUTKEE5QkNDQTZEMzREM0Q1RjFFRkY4QkJFNzgzRDQ5Nzcz
ODEzRTVFRjgwHhcNMjUwNzI3MTIzMTU5WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODI2Ny1lZDY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9UFXunDnmqV+xftZkalUpUBuYdzo9OQXJczgKEtiwxA5I6wiRTdr2QEQpkHT
QXTLQihsmgvb3y0PjdwpSQbXSSjmlFZTVcsRGw+9dHuhotoqXqY/9Ziy57HochXN
kjrZhQFqb8JflVTNkMPSvKHK7g9GaevbdtFHvLFoRZdliP6QKpXzgZmlW739IdyK
exp/E4CtgiaL3XXFBBmavYsXhuYvmiPyzynOn5K7N0668MuhvwX+GR+J5SzmHtHj
hgy/F+42jU+COrrkSHjFAKOaV4RCTMwV7KulwPZ8mOFzT51ZE71c+yAPZxL5ePw8
Rwr0zup3ReWIUirjte24IFNx3wIDAQABo4ICtDCCArAwHQYDVR0OBBYEFKI+xR4C
fsHKOEwf3Wa5AFsCSxW/MB8GA1UdIwQYMBaAFKm8ym0009Xx7/i754PUl3OBPl74
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NkU4QS8zQjQ3NkU3QzJE
RkYxMUVCODY4QTkxMzVDNEY5QUUwMi9xYnpLYlRUVDFmSHYtTHZuZzlTWGM0RS1Y
dmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FiektiVFRUMWZIdi1Mdm5nOVNYYzRFLVh2Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODZFOEEvM0I0NzZFN0MyREZGMTFFQjg2OEE5MTM1QzRGOUFFMDIvODU1NEEwQTg2
QThBMTFGMEJCRjY2ODgxQzRGOUFFMDIucm9hMHMGCCsGAQUFBwEHAQH/BGQwYjBg
BAIAATBaAwQCLfn0MAwDBAFlJGoDBAFlJHAwDAMEAmUkdAMEB2UkAAMEAWeVGgME
Amfa8AMEAGfqPQMEAnYaJAMEBHbBIAMEAHbBTzAMAwQEezrQAwQBezrcAwQAezrf
MA0GCSqGSIb3DQEBCwUAA4IBAQCO8X3r6L55SFn2y30PENaXeFvmst8o0vWzmZ9H
bOfpvCVMNoDIG7qaPeC/13oQu0O5uCFIxQvadMy/G9kf7BMKReAJzhALC3+Nt8JT
PbBu18iMFQyPuuRz6u0xEkpZbahaNh50nZpXPc8kCQx/7aN4XxtGHyvToKrjFXqa
vJwH0KqPz4pKmFKXuilxabAIWeXtzaBENjU/6SX1ehkbNfd9h4BQ2BKGzTDeAhTt
t+x1zo/tMW5GUBUtJv3H/pXqQG//iIQ+sNG1BnXXetFbsxagB5DvFlV50FqXPAak
iurj7eidDLA1N+ZJVphKiTTD87Gc3MsqFj6Lj1ib6IwEs17F
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:38:18 2026 by rpki-client