Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919536C/6DE3CE7C366011EE88E0F530C4F9AE02/6BA10D8EAD9511EFAA7B4C1AC4F9AE02.roa
File: 6BA10D8EAD9511EFAA7B4C1AC4F9AE02.roa (raw, json)
Hash identifier: ZQ03jpBNbzaIWB074Xtrh2CiyZuedYnMFaVMQZcyHIM=
Subject key identifier: D3:82:00:B2:76:E7:B4:F6:09:CB:87:3A:10:C6:33:E7:FB:B4:14:56
Certificate issuer: /CN=A919536C/serialNumber=71F40218C1AF47C5E993A21A2B29284E4C32C934
Certificate serial: 0244
Authority key identifier: 71:F4:02:18:C1:AF:47:C5:E9:93:A2:1A:2B:29:28:4E:4C:32:C9:34
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/cfQCGMGvR8Xpk6IaKykoTkwyyTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919536C/6DE3CE7C366011EE88E0F530C4F9AE02/6BA10D8EAD9511EFAA7B4C1AC4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:31:11 +0000
ROA not before: Mon 23 Jun 2025 03:21:51 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 132280
IP address blocks: 83.118.0.0/17 maxlen: 18
83.118.0.0/21 maxlen: 23
83.118.8.0/21 maxlen: 23
83.118.16.0/21 maxlen: 23
83.118.24.0/21 maxlen: 23
83.118.26.0/23 maxlen: 24
83.118.32.0/21 maxlen: 23
83.118.32.0/24 maxlen: 24
83.118.35.0/24 maxlen: 24
83.118.36.0/24 maxlen: 24
83.118.40.0/21 maxlen: 23
83.118.45.0/24 maxlen: 24
83.118.48.0/21 maxlen: 23
83.118.52.0/24 maxlen: 24
83.118.55.0/24 maxlen: 24
83.118.56.0/21 maxlen: 23
83.118.56.0/23 maxlen: 24
83.118.61.0/24 maxlen: 24
83.118.64.0/21 maxlen: 23
83.118.65.0/24 maxlen: 24
83.118.72.0/21 maxlen: 23
83.118.75.0/24 maxlen: 24
83.118.80.0/21 maxlen: 23
83.118.88.0/21 maxlen: 23
83.118.92.0/24 maxlen: 24
83.118.96.0/21 maxlen: 23
83.118.98.0/24 maxlen: 24
83.118.104.0/21 maxlen: 23
83.118.105.0/24 maxlen: 24
83.118.109.0/24 maxlen: 24
83.118.111.0/24 maxlen: 24
83.118.112.0/21 maxlen: 23
83.118.112.0/24 maxlen: 24
83.118.114.0/24 maxlen: 24
83.118.118.0/24 maxlen: 24
83.118.120.0/21 maxlen: 23
83.118.120.0/23 maxlen: 24
83.118.124.0/24 maxlen: 24
83.118.126.0/24 maxlen: 24
87.124.0.0/17 maxlen: 23
87.124.1.0/24 maxlen: 24
87.124.2.0/23 maxlen: 24
87.124.4.0/22 maxlen: 24
87.124.8.0/21 maxlen: 24
87.124.16.0/20 maxlen: 24
87.124.32.0/19 maxlen: 24
87.124.64.0/20 maxlen: 24
87.124.80.0/21 maxlen: 24
87.124.88.0/23 maxlen: 24
87.124.90.0/24 maxlen: 24
87.124.94.0/23 maxlen: 24
87.124.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919536C/6DE3CE7C366011EE88E0F530C4F9AE02/cfQCGMGvR8Xpk6IaKykoTkwyyTQ.crl
rsync://rpki.apnic.net/member_repository/A919536C/6DE3CE7C366011EE88E0F530C4F9AE02/cfQCGMGvR8Xpk6IaKykoTkwyyTQ.mft
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/cfQCGMGvR8Xpk6IaKykoTkwyyTQ.cer
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 01:27:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 580 (0x244)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919536C, serialNumber=71F40218C1AF47C5E993A21A2B29284E4C32C934
Validity
Not Before: Jun 23 03:21:51 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=69a485ee-63fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:3a:93:47:65:c9:e3:6c:c9:2f:44:14:1b:15:
5b:9b:be:e7:b6:1a:bc:78:ec:0b:fc:de:dc:a8:54:
6a:0c:f4:67:6f:ba:b3:2f:40:dd:c1:69:d1:8a:00:
ed:fd:06:bc:35:99:77:aa:7b:c4:80:14:22:99:f8:
22:0a:5a:85:f5:df:31:e8:5e:63:b8:0f:cf:e7:69:
5c:ff:8e:17:ae:07:ff:2f:94:69:07:06:08:41:20:
06:b3:03:43:7e:e3:b7:33:36:ff:bf:9a:63:9b:34:
39:40:2a:f7:92:01:5b:47:2e:2b:64:d6:2c:cb:e9:
2d:24:97:e2:3d:51:73:fe:74:38:24:6f:24:e3:f0:
e9:98:e8:55:5e:59:e4:f1:fd:10:3a:57:fd:a3:6a:
cf:1a:f1:a9:fa:23:e9:75:4c:7d:48:1e:d9:48:4b:
d4:74:c3:31:02:97:b9:0b:d2:5c:0a:bb:df:09:b1:
50:3e:df:6c:e9:b0:d1:b1:27:a6:dd:44:d1:6d:da:
85:b9:f5:f4:bd:02:73:b4:cf:e6:73:eb:6f:63:9e:
bc:82:ef:01:8f:6f:e6:f1:1e:26:a2:ab:e6:44:65:
ba:33:50:5a:0f:40:6d:e1:a8:c3:67:0a:6e:3f:05:
05:f7:f5:b7:b6:09:3f:6b:57:f6:30:44:ba:d2:94:
78:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:82:00:B2:76:E7:B4:F6:09:CB:87:3A:10:C6:33:E7:FB:B4:14:56
X509v3 Authority Key Identifier:
keyid:71:F4:02:18:C1:AF:47:C5:E9:93:A2:1A:2B:29:28:4E:4C:32:C9:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919536C/6DE3CE7C366011EE88E0F530C4F9AE02/cfQCGMGvR8Xpk6IaKykoTkwyyTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/cfQCGMGvR8Xpk6IaKykoTkwyyTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919536C/6DE3CE7C366011EE88E0F530C4F9AE02/6BA10D8EAD9511EFAA7B4C1AC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
83.118.0.0/17
87.124.0.0/17
Signature Algorithm: sha256WithRSAEncryption
a9:d1:d3:bb:7c:0d:18:4f:30:2e:db:98:09:97:7c:9d:fb:c6:
fb:9f:18:c9:85:83:ec:8b:6b:fa:23:f2:6f:6e:1d:5d:02:c2:
00:29:ce:06:f3:31:06:0d:fc:8d:7f:90:54:ec:91:bc:50:e8:
a2:16:c4:a5:c7:4d:dd:f8:77:42:cf:20:51:70:5d:86:05:83:
be:d4:8f:b1:37:03:98:48:f6:40:8d:5b:bd:33:28:40:99:8f:
72:87:5e:ee:9e:aa:64:7e:51:ce:57:f0:50:af:70:fe:3b:e0:
c1:c8:12:5f:56:4a:20:2a:4f:b0:5f:1a:69:74:ba:80:3c:7d:
53:8d:66:5d:e2:8a:b7:90:a2:92:cb:24:60:b7:e8:15:c2:9c:
c6:d7:1b:c2:0e:7e:49:7c:bc:9b:4c:4a:7e:48:20:54:cb:fe:
ce:36:8e:4b:7c:89:72:a1:33:fd:3c:b2:65:9c:56:ca:ee:47:
d9:96:64:eb:a6:78:14:0a:ec:6f:96:22:60:56:a3:9a:8d:fb:
7b:32:e0:2b:72:1c:c3:cc:4d:c3:37:ea:5d:b6:db:b1:a4:bf:
06:b1:5f:8e:c9:a7:83:03:aa:2a:d5:4f:c3:9e:6c:2a:6e:1f:
ca:0e:af:99:09:3f:4c:81:6a:f0:08:2d:4c:59:f7:ed:11:eb:
33:35:7c:b3
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgICAkQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTUzNkMxMTAvBgNVBAUTKDcxRjQwMjE4QzFBRjQ3QzVFOTkzQTIxQTJCMjkyODRF
NEMzMkM5MzQwHhcNMjUwNjIzMDMyMTUxWhcNMjYwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODVlZS02M2ZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0DqTR2XJ42zJL0QUGxVbm77nthq8eOwL/N7cqFRqDPRnb7qzL0DdwWnRigDt
/Qa8NZl3qnvEgBQimfgiClqF9d8x6F5juA/P52lc/44Xrgf/L5RpBwYIQSAGswND
fuO3Mzb/v5pjmzQ5QCr3kgFbRy4rZNYsy+ktJJfiPVFz/nQ4JG8k4/DpmOhVXlnk
8f0QOlf9o2rPGvGp+iPpdUx9SB7ZSEvUdMMxApe5C9JcCrvfCbFQPt9s6bDRsSem
3UTRbdqFufX0vQJztM/mc+tvY568gu8Bj2/m8R4moqvmRGW6M1BaD0Bt4ajDZwpu
PwUF9/W3tgk/a1f2MES60pR4CwIDAQABo4ICZjCCAmIwHQYDVR0OBBYEFNOCALJ2
57T2CcuHOhDGM+f7tBRWMB8GA1UdIwQYMBaAFHH0AhjBr0fF6ZOiGispKE5MMsk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NTM2Qy82REUzQ0U3QzM2
NjAxMUVFODhFMEY1MzBDNEY5QUUwMi9jZlFDR01HdlI4WHBrNklhS3lrb1Rrd3l5
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL2NmUUNHTUd2UjhYcGs2SWFLeWtvVGt3eXlUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTUzNkMvNkRFM0NFN0MzNjYwMTFFRTg4RTBGNTMwQzRGOUFFMDIvNkJBMTBEOEVB
RDk1MTFFRkFBN0I0QzFBQzRGOUFFMDIucm9hMCUGCCsGAQUFBwEHAQH/BBYwFDAS
BAIAATAMAwQHU3YAAwQHV3wAMA0GCSqGSIb3DQEBCwUAA4IBAQCp0dO7fA0YTzAu
25gJl3yd+8b7nxjJhYPsi2v6I/Jvbh1dAsIAKc4G8zEGDfyNf5BU7JG8UOiiFsSl
x03d+HdCzyBRcF2GBYO+1I+xNwOYSPZAjVu9MyhAmY9yh17unqpkflHOV/BQr3D+
O+DByBJfVkogKk+wXxppdLqAPH1TjWZd4oq3kKKSyyRgt+gVwpzG1xvCDn5JfLyb
TEp+SCBUy/7ONo5LfIlyoTP9PLJlnFbK7kfZlmTrpngUCuxvliJgVqOajft7MuAr
chzDzE3DN+pdttuxpL8GsV+OyaeDA6oq1U/Dnmwqbh/KDq+ZCT9MgWrwCC1MWfft
EeszNXyz
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:09:44 2026 by rpki-client