Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/70F51BEE4B0D11EF94975151C4F9AE02.roa
File: 70F51BEE4B0D11EF94975151C4F9AE02.roa (raw, json)
Hash identifier: ol/0gTLm4iqSVTZepzEjyS4awSo5ib1zVcpl35eUkBg=
Subject key identifier: 15:65:1C:3F:B2:48:62:72:2B:80:25:4D:D9:42:1C:59:D3:DB:46:E3
Certificate issuer: /CN=A9199197/serialNumber=6835DDFB8438D24BB6C5979316E54891066090A7
Certificate serial: 0929
Authority key identifier: 68:35:DD:FB:84:38:D2:4B:B6:C5:97:93:16:E5:48:91:06:60:90:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aDXd-4Q40ku2xZeTFuVIkQZgkKc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/70F51BEE4B0D11EF94975151C4F9AE02.roa
Signing time: Thu 05 Feb 2026 09:53:49 +0000
ROA not before: Thu 05 Feb 2026 09:53:49 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 45609
IP address blocks: 27.56.0.0/13 maxlen: 24
103.235.8.0/22 maxlen: 24
106.192.0.0/11 maxlen: 24
110.224.0.0/14 maxlen: 24
117.96.0.0/17 maxlen: 22
117.96.0.0/18 maxlen: 24
117.96.64.0/19 maxlen: 24
117.96.96.0/20 maxlen: 24
117.96.112.0/21 maxlen: 24
117.96.120.0/22 maxlen: 24
117.96.124.0/23 maxlen: 23
117.96.128.0/20 maxlen: 24
117.96.144.0/21 maxlen: 24
117.96.153.0/24 maxlen: 24
117.96.154.0/24 maxlen: 24
117.96.160.0/20 maxlen: 24
117.96.176.0/20 maxlen: 24
117.97.0.0/17 maxlen: 19
117.97.0.0/18 maxlen: 24
117.97.64.0/19 maxlen: 20
117.97.64.0/20 maxlen: 24
117.97.80.0/21 maxlen: 21
117.97.80.0/22 maxlen: 24
117.97.91.0/24 maxlen: 24
117.97.92.0/24 maxlen: 24
117.97.93.0/24 maxlen: 24
117.97.94.0/24 maxlen: 24
117.97.128.0/17 maxlen: 24
117.98.0.0/17 maxlen: 24
150.129.212.0/22 maxlen: 24
223.176.0.0/12 maxlen: 24
223.224.32.0/19 maxlen: 24
223.224.64.0/18 maxlen: 24
223.224.128.0/17 maxlen: 24
223.225.0.0/16 maxlen: 24
223.226.0.0/15 maxlen: 24
223.228.0.0/14 maxlen: 24
223.232.0.0/13 maxlen: 24
2401:4900:800::/37 maxlen: 48
2401:4900:1000::/37 maxlen: 48
2401:4900:1800::/37 maxlen: 48
2401:4900:2000::/37 maxlen: 48
2401:4900:2800::/37 maxlen: 48
2401:4900:3000::/37 maxlen: 48
2401:4900:3800::/37 maxlen: 48
2401:4900:4000::/37 maxlen: 48
2401:4900:4800::/37 maxlen: 48
2401:4900:5000::/37 maxlen: 48
2401:4900:5800::/37 maxlen: 48
2401:4900:6000::/37 maxlen: 48
2401:4900:7000::/37 maxlen: 48
2401:4900:7800::/37 maxlen: 48
2401:4900:8000::/37 maxlen: 48
2401:4900:9000::/37 maxlen: 48
2401:4900:a000::/37 maxlen: 48
2401:4900:a800::/37 maxlen: 44
2401:4900:b000::/37 maxlen: 48
2401:4900:b800::/37 maxlen: 48
2401:4900:c000::/37 maxlen: 48
2401:4900:c800::/37 maxlen: 48
2401:4900:d000::/37 maxlen: 48
2401:4900:d800::/37 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/aDXd-4Q40ku2xZeTFuVIkQZgkKc.crl
rsync://rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/aDXd-4Q40ku2xZeTFuVIkQZgkKc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aDXd-4Q40ku2xZeTFuVIkQZgkKc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 07 Mar 2026 21:03:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2345 (0x929)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9199197, serialNumber=6835DDFB8438D24BB6C5979316E54891066090A7
Validity
Not Before: Feb 5 09:53:49 2026 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=698468ad-ed75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a8:e7:6a:00:85:6f:b7:4f:20:88:e0:86:2c:
6c:05:57:55:60:f5:cb:b9:51:64:32:ed:fc:29:45:
e3:0e:bc:3e:37:d9:2d:34:e6:ab:88:1e:de:e2:0e:
7a:09:13:d7:0f:6a:70:ba:4a:4e:65:c8:34:46:19:
3f:1d:fa:0d:6f:ea:3b:04:08:17:cb:79:18:61:ab:
d4:35:ea:5a:03:0e:e0:3e:43:62:fb:f5:ad:10:e2:
d6:51:f7:40:e5:15:1f:5c:77:d6:09:12:5f:14:91:
dd:23:b9:c7:9d:b0:2e:99:0e:7f:a3:48:3f:1c:4c:
9b:ec:88:c2:23:c1:86:80:5a:21:c1:c5:be:bb:2d:
de:b2:4b:ea:d7:35:75:ed:e3:f9:92:db:fb:e7:22:
a5:f0:02:6b:a9:90:45:e0:21:01:46:0a:8e:07:5a:
d7:ba:53:59:82:ba:c1:b6:33:77:1f:27:49:cb:2a:
26:49:33:35:72:b8:03:2e:5a:a7:ea:b2:5e:b9:71:
25:6f:eb:b9:29:7a:58:ce:91:ec:79:88:71:0b:f5:
08:60:02:89:62:91:cc:93:62:9c:29:82:2a:3b:b5:
25:7b:5b:10:1a:69:25:06:68:b6:09:6c:c4:a5:4e:
3f:13:51:70:37:bf:07:82:c1:f0:ba:df:74:bb:b9:
a8:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:65:1C:3F:B2:48:62:72:2B:80:25:4D:D9:42:1C:59:D3:DB:46:E3
X509v3 Authority Key Identifier:
keyid:68:35:DD:FB:84:38:D2:4B:B6:C5:97:93:16:E5:48:91:06:60:90:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/aDXd-4Q40ku2xZeTFuVIkQZgkKc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aDXd-4Q40ku2xZeTFuVIkQZgkKc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/70F51BEE4B0D11EF94975151C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.56.0.0/13
103.235.8.0/22
106.192.0.0/11
110.224.0.0/14
117.96.0.0-117.96.151.255
117.96.153.0-117.96.154.255
117.96.160.0/19
117.97.0.0-117.98.127.255
150.129.212.0/22
223.176.0.0/12
223.224.32.0-223.239.255.255
IPv6:
2401:4900:800::-2401:4900:67ff:ffff:ffff:ffff:ffff:ffff
2401:4900:7000::-2401:4900:87ff:ffff:ffff:ffff:ffff:ffff
2401:4900:9000::/37
2401:4900:a000::-2401:4900:dfff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
59:ab:a9:01:fe:1f:e5:aa:b3:29:09:b1:65:cf:b3:36:a0:78:
3b:60:32:32:4d:74:dd:9b:1e:ba:fa:1d:b5:c6:c8:5e:57:8b:
f8:57:ee:25:e8:c2:7b:10:8d:8c:36:a1:76:69:04:61:59:93:
44:6e:f5:9d:38:d6:d7:0e:45:6e:14:51:38:78:d6:a9:95:e5:
c8:3d:dc:e1:09:1f:9b:05:a5:4b:9a:75:fe:94:72:73:c3:49:
ee:39:92:32:3c:9e:4f:45:13:e8:2e:32:55:de:ee:7b:f6:3e:
36:12:b5:85:9b:fa:03:93:08:df:84:cc:9a:f5:d0:28:34:b5:
5d:59:c7:39:cd:d8:eb:9b:f7:b1:f6:1a:33:ac:33:46:aa:6a:
c6:7c:e2:ef:ae:2c:9b:ad:5a:90:65:83:d3:e9:1d:60:a8:c7:
b3:c2:b7:09:d0:f8:65:84:7c:63:07:76:15:ed:87:96:b1:16:
b9:20:7e:0a:53:a3:88:2d:0d:6b:4e:50:db:60:86:06:50:d6:
31:ee:4f:b7:ff:c7:12:a2:d5:c5:2c:a1:49:c6:93:e4:4a:4f:
d4:4b:f5:2c:97:30:dd:bd:d2:79:5d:4c:d2:4f:a4:16:47:b9:
59:dd:dd:5a:9f:ea:3c:6d:17:62:e0:2b:b3:e0:cd:88:21:df:
6f:58:06:53
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgICCSkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTkxOTcxMTAvBgNVBAUTKDY4MzVEREZCODQzOEQyNEJCNkM1OTc5MzE2RTU0ODkx
MDY2MDkwQTcwHhcNMjYwMjA1MDk1MzQ5WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDDA02OTg0NjhhZC1lZDc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxqjnagCFb7dPIIjghixsBVdVYPXLuVFkMu38KUXjDrw+N9ktNOariB7e4g56
CRPXD2pwukpOZcg0Rhk/HfoNb+o7BAgXy3kYYavUNepaAw7gPkNi+/WtEOLWUfdA
5RUfXHfWCRJfFJHdI7nHnbAumQ5/o0g/HEyb7IjCI8GGgFohwcW+uy3eskvq1zV1
7eP5ktv75yKl8AJrqZBF4CEBRgqOB1rXulNZgrrBtjN3HydJyyomSTM1crgDLlqn
6rJeuXElb+u5KXpYzpHseYhxC/UIYAKJYpHMk2KcKYIqO7Ule1sQGmklBmi2CWzE
pU4/E1FwN78HgsHwut90u7moeQIDAQABo4IDMzCCAy8wHQYDVR0OBBYEFBVlHD+y
SGJyK4AlTdlCHFnT20bjMB8GA1UdIwQYMBaAFGg13fuEONJLtsWXkxblSJEGYJCn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTE5Ny84NEIyRUM5OEYy
N0QxMUVBOTQ1NkVFNjBDNEY5QUUwMi9hRFhkLTRRNDBrdTJ4WmVURnVWSWtRWmdr
S2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FEWGQtNFE0MGt1MnhaZVRGdVZJa1FaZ2tLYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTkxOTcvODRCMkVDOThGMjdEMTFFQTk0NTZFRTYwQzRGOUFFMDIvNzBGNTFCRUU0
QjBEMTFFRjk0OTc1MTUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbwGCCsGAQUFBwEHAQH/
BIGsMIGpMGEEAgABMFsDAwMbOAMEAmfrCAMDBWrAAwMCbuAwCwMDBXVgAwQDdWCQ
MAwDBAB1YJkDBAB1YJoDBAV1YKAwCwMDAHVhAwQHdWIAAwQCloHUAwME37AwCwME
Bd/gIAMDBN/gMEQEAgACMD4wEAMGAyQBSQAIAwYDJAFJAGAwEAMGBCQBSQBwAwYD
JAFJAIADBgMkAUkAkDAQAwYFJAFJAKADBgUkAUkAwDANBgkqhkiG9w0BAQsFAAOC
AQEAWaupAf4f5aqzKQmxZc+zNqB4O2AyMk103ZseuvodtcbIXleL+FfuJejCexCN
jDahdmkEYVmTRG71nTjW1w5FbhRROHjWqZXlyD3c4QkfmwWlS5p1/pRyc8NJ7jmS
MjyeT0UT6C4yVd7ue/Y+NhK1hZv6A5MI34TMmvXQKDS1XVnHOc3Y65v3sfYaM6wz
Rqpqxnzi764sm61akGWD0+kdYKjHs8K3CdD4ZYR8Ywd2Fe2HlrEWuSB+ClOjiC0N
a05Q22CGBlDWMe5Pt//HEqLVxSyhScaT5EpP1Ev1LJcw3b3SeV1M0k+kFke5Wd3d
Wp/qPG0XYuArs+DNiCHfb1gGUw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:17:25 2026 by rpki-client