Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/4AC75BA8FFE311EBB4FA4965C4F9AE02.roa
File: 4AC75BA8FFE311EBB4FA4965C4F9AE02.roa (raw, json)
Hash identifier: 05PBvHrHn0TV/TJUExv/7KjPqOuh3SnxpdMl5QOkyqE=
Subject key identifier: 92:8C:69:5E:B1:D8:1F:6B:68:09:51:1E:95:D2:CB:B4:38:EF:14:AD
Certificate issuer: /CN=A9191436/serialNumber=2DA251C11AC68814F527F22E55DE9AC8C57FD66C
Certificate serial: 13FD
Authority key identifier: 2D:A2:51:C1:1A:C6:88:14:F5:27:F2:2E:55:DE:9A:C8:C5:7F:D6:6C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LaJRwRrGiBT1J_IuVd6ayMV_1mw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/4AC75BA8FFE311EBB4FA4965C4F9AE02.roa
Signing time: Thu 02 Apr 2026 17:21:08 +0000
ROA not before: Thu 02 Apr 2026 17:21:08 +0000
ROA not after: Fri 28 May 2027 00:00:00 +0000
asID: 133200
IP address blocks: 103.23.136.0/24 maxlen: 24
103.23.138.0/24 maxlen: 24
103.23.139.0/24 maxlen: 24
103.25.92.0/24 maxlen: 24
103.25.94.0/24 maxlen: 24
103.244.251.0/24 maxlen: 24
110.235.223.0/24 maxlen: 24
123.108.252.0/24 maxlen: 24
124.199.112.0/24 maxlen: 24
124.199.113.0/24 maxlen: 24
124.199.115.0/24 maxlen: 24
124.199.116.0/24 maxlen: 24
124.199.120.0/24 maxlen: 24
124.199.121.0/24 maxlen: 24
124.199.122.0/24 maxlen: 24
124.199.123.0/24 maxlen: 24
124.199.124.0/24 maxlen: 24
163.53.196.0/24 maxlen: 24
163.53.198.0/24 maxlen: 24
163.53.199.0/24 maxlen: 24
202.124.32.0/24 maxlen: 24
202.124.33.0/24 maxlen: 24
202.124.36.0/24 maxlen: 24
202.124.37.0/24 maxlen: 24
202.124.38.0/24 maxlen: 24
202.124.42.0/24 maxlen: 24
202.124.44.0/24 maxlen: 24
203.80.160.0/24 maxlen: 24
203.80.162.0/24 maxlen: 24
203.80.163.0/24 maxlen: 24
203.80.164.0/24 maxlen: 24
203.80.165.0/24 maxlen: 24
203.80.166.0/24 maxlen: 24
203.80.167.0/24 maxlen: 24
203.167.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/LaJRwRrGiBT1J_IuVd6ayMV_1mw.crl
rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/LaJRwRrGiBT1J_IuVd6ayMV_1mw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LaJRwRrGiBT1J_IuVd6ayMV_1mw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Apr 2026 16:56:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5117 (0x13fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9191436, serialNumber=2DA251C11AC68814F527F22E55DE9AC8C57FD66C
Validity
Not Before: Apr 2 17:21:08 2026 GMT
Not After : May 28 00:00:00 2027 GMT
Subject: CN=69cea584-d1c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ec:b7:fc:46:f5:f4:29:57:8e:cb:f6:ba:34:
30:81:7f:04:54:3c:99:31:ca:c1:b8:6e:68:a1:4f:
9e:6b:2b:4a:03:49:79:89:58:40:34:99:27:93:b2:
a4:45:ea:e9:11:06:0b:2c:71:b7:c0:a3:14:51:4f:
43:34:db:86:5a:2a:21:55:2e:07:fd:6c:f2:c8:fd:
0d:75:2a:b2:09:1f:03:ac:25:4c:f0:f9:0e:eb:c4:
1c:08:1c:4c:0e:e4:76:7c:2d:e6:93:e0:f2:c8:97:
60:60:50:fa:2a:3f:87:db:8a:51:49:72:0a:f1:96:
a5:91:95:ab:f3:63:4e:72:4c:0b:bf:46:61:6d:e1:
c2:60:b5:0e:fe:73:bc:35:ec:b4:fc:72:9a:4c:12:
b7:22:b6:0f:c6:ee:6c:e3:b6:b3:4d:45:3f:0a:45:
03:d2:b6:03:27:98:14:ca:50:da:28:7f:7b:11:71:
c7:99:c6:73:e7:a6:88:52:6c:c4:df:8a:a9:e9:0e:
c9:21:b1:14:50:07:d5:d1:ee:8b:52:98:3e:88:5b:
4c:06:eb:f2:ee:69:e8:df:8b:8f:41:82:28:ac:49:
93:8b:e9:91:06:eb:d7:13:18:df:63:77:08:7d:84:
14:85:9d:08:e5:4e:bf:4e:d8:c7:b1:d5:b6:f5:c9:
5b:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:8C:69:5E:B1:D8:1F:6B:68:09:51:1E:95:D2:CB:B4:38:EF:14:AD
X509v3 Authority Key Identifier:
keyid:2D:A2:51:C1:1A:C6:88:14:F5:27:F2:2E:55:DE:9A:C8:C5:7F:D6:6C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/LaJRwRrGiBT1J_IuVd6ayMV_1mw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LaJRwRrGiBT1J_IuVd6ayMV_1mw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/4AC75BA8FFE311EBB4FA4965C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.23.136.0/24
103.23.138.0/23
103.25.92.0/24
103.25.94.0/24
103.244.251.0/24
110.235.223.0/24
123.108.252.0/24
124.199.112.0/23
124.199.115.0-124.199.116.255
124.199.120.0-124.199.124.255
163.53.196.0/24
163.53.198.0/23
202.124.32.0/23
202.124.36.0-202.124.38.255
202.124.42.0/24
202.124.44.0/24
203.80.160.0/24
203.80.162.0-203.80.167.255
203.167.18.0/24
Signature Algorithm: sha256WithRSAEncryption
63:08:84:0e:b0:cd:28:b2:6f:ee:65:2d:97:76:de:53:86:cc:
73:a9:c7:df:0e:95:cb:b5:95:de:15:16:a0:ac:61:3a:a3:28:
ad:41:f1:6c:a8:f5:02:aa:92:d7:a6:4f:fa:c5:20:2f:74:d1:
d7:81:9f:7f:88:e7:ac:7f:6d:92:14:3f:41:03:ea:b5:52:9a:
93:5f:7a:bb:65:0a:3b:51:3e:45:bc:db:77:47:f9:9c:34:7a:
fe:d9:a7:70:94:e7:ef:02:b7:36:1f:ad:d7:f8:d1:af:af:12:
42:b1:84:20:b9:87:84:28:0b:09:e8:1a:de:66:d9:a5:3f:fa:
c4:0d:25:1d:87:95:cd:68:25:5a:1e:b8:dd:5f:53:5a:42:8b:
58:02:5d:0a:d7:f5:dc:c7:b5:98:d9:f5:45:9f:7e:7f:d2:d6:
05:4d:c7:03:a7:f6:3f:60:68:11:18:23:9f:53:f3:9b:ef:04:
b7:a5:d3:2b:97:56:ab:fd:22:c3:df:00:b3:9b:f3:26:3b:e2:
5d:e2:d7:c6:21:53:59:b9:08:1d:a9:67:31:4a:66:3f:38:4c:
ce:ba:4d:b0:f1:41:a9:ad:00:18:ba:0c:c3:be:db:37:68:c4:
f5:ca:e0:82:d4:4b:b3:14:24:51:00:b4:84:cb:9f:f8:e2:b9:
bc:de:5b:99
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgICE/0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTE0MzYxMTAvBgNVBAUTKDJEQTI1MUMxMUFDNjg4MTRGNTI3RjIyRTU1REU5QUM4
QzU3RkQ2NkMwHhcNMjYwNDAyMTcyMTA4WhcNMjcwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWNlYTU4NC1kMWM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr+y3/Eb19ClXjsv2ujQwgX8EVDyZMcrBuG5ooU+eaytKA0l5iVhANJknk7Kk
RerpEQYLLHG3wKMUUU9DNNuGWiohVS4H/WzyyP0NdSqyCR8DrCVM8PkO68QcCBxM
DuR2fC3mk+DyyJdgYFD6Kj+H24pRSXIK8ZalkZWr82NOckwLv0ZhbeHCYLUO/nO8
Ney0/HKaTBK3IrYPxu5s47azTUU/CkUD0rYDJ5gUylDaKH97EXHHmcZz56aIUmzE
34qp6Q7JIbEUUAfV0e6LUpg+iFtMBuvy7mno34uPQYIorEmTi+mRBuvXExjfY3cI
fYQUhZ0I5U6/TtjHsdW29clbHwIDAQABo4IC8TCCAu0wHQYDVR0OBBYEFJKMaV6x
2B9raAlRHpXSy7Q47xStMB8GA1UdIwQYMBaAFC2iUcEaxogU9SfyLlXemsjFf9Zs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTQzNi9BQUI4MDJFOEM3
OEMxMUU4QTc2Q0Q5MTRDNEY5QUUwMi9MYUpSd1JyR2lCVDFKX0l1VmQ2YXlNVl8x
bXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xhSlJ3UnJHaUJUMUpfSXVWZDZheU1WXzFtdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTE0MzYvQUFCODAyRThDNzhDMTFFOEE3NkNEOTE0QzRGOUFFMDIvNEFDNzVCQThG
RkUzMTFFQkI0RkE0OTY1QzRGOUFFMDIucm9hMIGvBggrBgEFBQcBBwEB/wSBnzCB
nDCBmQQCAAEwgZIDBABnF4gDBAFnF4oDBABnGVwDBABnGV4DBABn9PsDBABu698D
BAB7bPwDBAF8x3AwDAMEAHzHcwMEAHzHdDAMAwQDfMd4AwQAfMd8AwQAozXEAwQB
ozXGAwQBynwgMAwDBALKfCQDBADKfCYDBADKfCoDBADKfCwDBADLUKAwDAMEActQ
ogMEA8tQoAMEAMunEjANBgkqhkiG9w0BAQsFAAOCAQEAYwiEDrDNKLJv7mUtl3be
U4bMc6nH3w6Vy7WV3hUWoKxhOqMorUHxbKj1AqqS16ZP+sUgL3TR14Gff4jnrH9t
khQ/QQPqtVKak196u2UKO1E+Rbzbd0f5nDR6/tmncJTn7wK3Nh+t1/jRr68SQrGE
ILmHhCgLCega3mbZpT/6xA0lHYeVzWglWh643V9TWkKLWAJdCtf13Me1mNn1RZ9+
f9LWBU3HA6f2P2BoERgjn1Pzm+8Et6XTK5dWq/0iw98As5vzJjviXeLXxiFTWbkI
HalnMUpmPzhMzrpNsPFBqa0AGLoMw77bN2jE9crggtRLsxQkUQC0hMuf+OK5vN5b
mQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:53:48 2026 by rpki-client