Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/4AC75BA8FFE311EBB4FA4965C4F9AE02.roa
File: 4AC75BA8FFE311EBB4FA4965C4F9AE02.roa (raw, json)
Hash identifier: UiXB25yt5snJLSOXs7HHutiP1ac+ADzrIl7KS/l6xZM=
Subject key identifier: 34:27:68:04:E1:EC:8F:76:51:2E:4A:56:6C:14:91:0D:CC:31:4E:92
Certificate issuer: /CN=A9191436/serialNumber=2DA251C11AC68814F527F22E55DE9AC8C57FD66C
Certificate serial: 13E8
Authority key identifier: 2D:A2:51:C1:1A:C6:88:14:F5:27:F2:2E:55:DE:9A:C8:C5:7F:D6:6C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LaJRwRrGiBT1J_IuVd6ayMV_1mw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/4AC75BA8FFE311EBB4FA4965C4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:33:55 +0000
ROA not before: Fri 09 Jan 2026 02:48:47 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 133200
IP address blocks: 103.23.136.0/24 maxlen: 24
103.23.138.0/24 maxlen: 24
103.23.139.0/24 maxlen: 24
103.25.92.0/24 maxlen: 24
103.25.94.0/24 maxlen: 24
103.244.251.0/24 maxlen: 24
110.235.223.0/24 maxlen: 24
123.108.252.0/24 maxlen: 24
124.199.112.0/24 maxlen: 24
124.199.113.0/24 maxlen: 24
124.199.115.0/24 maxlen: 24
124.199.116.0/24 maxlen: 24
124.199.120.0/24 maxlen: 24
124.199.121.0/24 maxlen: 24
124.199.122.0/24 maxlen: 24
124.199.123.0/24 maxlen: 24
124.199.124.0/24 maxlen: 24
163.53.196.0/24 maxlen: 24
163.53.198.0/24 maxlen: 24
163.53.199.0/24 maxlen: 24
202.124.32.0/24 maxlen: 24
202.124.33.0/24 maxlen: 24
202.124.36.0/24 maxlen: 24
202.124.37.0/24 maxlen: 24
202.124.38.0/24 maxlen: 24
202.124.42.0/24 maxlen: 24
202.124.44.0/24 maxlen: 24
203.80.160.0/24 maxlen: 24
203.80.162.0/24 maxlen: 24
203.80.163.0/24 maxlen: 24
203.80.164.0/24 maxlen: 24
203.80.165.0/24 maxlen: 24
203.80.166.0/24 maxlen: 24
203.80.167.0/24 maxlen: 24
203.167.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/LaJRwRrGiBT1J_IuVd6ayMV_1mw.crl
rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/LaJRwRrGiBT1J_IuVd6ayMV_1mw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LaJRwRrGiBT1J_IuVd6ayMV_1mw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 23:22:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5096 (0x13e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9191436, serialNumber=2DA251C11AC68814F527F22E55DE9AC8C57FD66C
Validity
Not Before: Jan 9 02:48:47 2026 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=69a47883-a461
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:09:bf:0b:fc:40:df:c7:10:fe:f7:32:b3:cc:
92:be:78:d5:12:cc:f1:af:c8:0f:89:12:73:ca:2a:
9a:10:b5:dd:87:94:c3:97:da:42:f3:37:58:84:77:
5e:06:9c:83:08:5a:27:ab:73:15:8b:b6:12:c8:50:
b5:d5:ac:33:2a:e1:f9:7b:fc:45:7d:f0:5b:60:c3:
8f:ed:33:53:64:92:7b:9d:78:df:0f:e9:2e:4a:74:
79:7d:ff:2a:25:81:a9:a4:d2:02:e9:e6:bf:82:af:
a3:45:c3:b5:ad:69:71:2c:a9:6d:d1:01:48:f1:4c:
53:1d:8d:d3:ea:74:b4:34:5a:e7:cf:3e:53:e8:0c:
a9:8b:3a:d0:cd:c3:50:4c:82:32:2d:b2:28:87:d1:
a6:e4:44:75:9a:9e:7b:b6:9c:83:f6:bd:10:a6:c2:
a1:cb:ee:1c:a5:af:37:5a:4b:3d:a1:d2:71:19:99:
ec:09:21:76:29:ec:ab:f0:ba:01:d6:1d:ac:f5:af:
c1:a3:22:d8:96:e9:1f:13:23:bc:be:b8:38:96:f6:
7e:ef:1d:a2:bb:5c:80:e9:7f:27:da:a3:19:44:21:
b6:93:ac:69:f2:cb:7a:af:5e:7b:ef:3b:de:5d:32:
54:c2:71:9f:0d:f7:6e:8d:2f:70:2a:5f:40:17:3d:
f1:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:27:68:04:E1:EC:8F:76:51:2E:4A:56:6C:14:91:0D:CC:31:4E:92
X509v3 Authority Key Identifier:
keyid:2D:A2:51:C1:1A:C6:88:14:F5:27:F2:2E:55:DE:9A:C8:C5:7F:D6:6C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/LaJRwRrGiBT1J_IuVd6ayMV_1mw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LaJRwRrGiBT1J_IuVd6ayMV_1mw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/4AC75BA8FFE311EBB4FA4965C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.23.136.0/24
103.23.138.0/23
103.25.92.0/24
103.25.94.0/24
103.244.251.0/24
110.235.223.0/24
123.108.252.0/24
124.199.112.0/23
124.199.115.0-124.199.116.255
124.199.120.0-124.199.124.255
163.53.196.0/24
163.53.198.0/23
202.124.32.0/23
202.124.36.0-202.124.38.255
202.124.42.0/24
202.124.44.0/24
203.80.160.0/24
203.80.162.0-203.80.167.255
203.167.18.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:1e:bd:e8:0b:5b:aa:a0:b2:fb:eb:e5:8f:d1:da:3c:2c:4f:
ce:5b:e5:53:ab:f9:1f:49:8d:87:58:86:7c:2d:13:74:ed:74:
15:b9:7d:be:cf:7e:f7:6f:cc:34:5a:38:fe:2f:da:a8:4d:1c:
47:15:65:51:b4:19:57:f2:c3:6e:98:44:e1:47:fc:a0:fe:5e:
80:4c:f7:7b:4e:85:74:22:5a:e9:1d:69:5a:9c:9e:50:5d:cf:
52:e2:4b:16:b3:c7:1d:aa:26:4b:b8:44:fb:26:6f:89:07:1a:
39:47:e8:52:73:0e:01:fc:ca:29:8c:dd:42:48:02:c9:85:44:
1a:58:79:ea:e6:02:75:f5:48:f5:9d:f8:79:37:b5:1d:15:ac:
a3:2e:0a:95:cb:33:13:9c:c8:c4:76:01:7c:51:86:63:26:0b:
9e:a4:0c:01:35:96:f4:02:45:a7:7c:73:b8:d4:f7:0d:2a:c1:
f6:cb:5a:1e:90:82:4e:69:93:eb:c3:e6:51:59:16:ef:14:a6:
8b:2f:eb:0a:6b:e1:91:ed:b2:37:78:3f:2f:7e:1c:a0:d2:f3:
bd:28:e9:92:f6:4e:40:09:e9:a0:13:50:04:5b:f1:cc:8c:33:
70:ab:67:c8:b7:f6:9c:3e:a7:e2:c8:e4:c6:b6:e7:d8:00:de:
3e:a2:7b:64
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgICE+gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTE0MzYxMTAvBgNVBAUTKDJEQTI1MUMxMUFDNjg4MTRGNTI3RjIyRTU1REU5QUM4
QzU3RkQ2NkMwHhcNMjYwMTA5MDI0ODQ3WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0Nzg4My1hNDYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxgm/C/xA38cQ/vcys8ySvnjVEszxr8gPiRJzyiqaELXdh5TDl9pC8zdYhHde
BpyDCFonq3MVi7YSyFC11awzKuH5e/xFffBbYMOP7TNTZJJ7nXjfD+kuSnR5ff8q
JYGppNIC6ea/gq+jRcO1rWlxLKlt0QFI8UxTHY3T6nS0NFrnzz5T6AypizrQzcNQ
TIIyLbIoh9Gm5ER1mp57tpyD9r0QpsKhy+4cpa83Wks9odJxGZnsCSF2Keyr8LoB
1h2s9a/BoyLYlukfEyO8vrg4lvZ+7x2iu1yA6X8n2qMZRCG2k6xp8st6r1577zve
XTJUwnGfDfdujS9wKl9AFz3xnwIDAQABo4IC8TCCAu0wHQYDVR0OBBYEFDQnaATh
7I92US5KVmwUkQ3MMU6SMB8GA1UdIwQYMBaAFC2iUcEaxogU9SfyLlXemsjFf9Zs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTQzNi9BQUI4MDJFOEM3
OEMxMUU4QTc2Q0Q5MTRDNEY5QUUwMi9MYUpSd1JyR2lCVDFKX0l1VmQ2YXlNVl8x
bXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xhSlJ3UnJHaUJUMUpfSXVWZDZheU1WXzFtdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTE0MzYvQUFCODAyRThDNzhDMTFFOEE3NkNEOTE0QzRGOUFFMDIvNEFDNzVCQThG
RkUzMTFFQkI0RkE0OTY1QzRGOUFFMDIucm9hMIGvBggrBgEFBQcBBwEB/wSBnzCB
nDCBmQQCAAEwgZIDBABnF4gDBAFnF4oDBABnGVwDBABnGV4DBABn9PsDBABu698D
BAB7bPwDBAF8x3AwDAMEAHzHcwMEAHzHdDAMAwQDfMd4AwQAfMd8AwQAozXEAwQB
ozXGAwQBynwgMAwDBALKfCQDBADKfCYDBADKfCoDBADKfCwDBADLUKAwDAMEActQ
ogMEA8tQoAMEAMunEjANBgkqhkiG9w0BAQsFAAOCAQEALR696AtbqqCy++vlj9Ha
PCxPzlvlU6v5H0mNh1iGfC0TdO10Fbl9vs9+92/MNFo4/i/aqE0cRxVlUbQZV/LD
bphE4Uf8oP5egEz3e06FdCJa6R1pWpyeUF3PUuJLFrPHHaomS7hE+yZviQcaOUfo
UnMOAfzKKYzdQkgCyYVEGlh56uYCdfVI9Z34eTe1HRWsoy4KlcszE5zIxHYBfFGG
YyYLnqQMATWW9AJFp3xzuNT3DSrB9staHpCCTmmT68PmUVkW7xSmiy/rCmvhke2y
N3g/L34coNLzvSjpkvZOQAnpoBNQBFvxzIwzcKtnyLf2nD6n4sjkxrbn2ADePqJ7
ZA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:58:23 2026 by rpki-client