Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919A998/AB34FBD4F25811E9B75E3C70C4F9AE02/653CF2F6F25A11E9937D9D73C4F9AE02.roa
File: 653CF2F6F25A11E9937D9D73C4F9AE02.roa (raw, json)
Hash identifier: DcSbAXQAEFzo+aMwVJQyGPJY+2j/avyksp+4rQcX5Ms=
Subject key identifier: 7B:A1:5F:4C:7F:1C:2A:E9:56:C9:32:AE:D9:9E:78:A2:B1:97:3E:99
Certificate issuer: /CN=A919A998/serialNumber=5EA1A7B802E7E7EFC77CA1A38E52F72ACD463930
Certificate serial: 0DAA
Authority key identifier: 5E:A1:A7:B8:02:E7:E7:EF:C7:7C:A1:A3:8E:52:F7:2A:CD:46:39:30
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XqGnuALn5-_HfKGjjlL3Ks1GOTA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919A998/AB34FBD4F25811E9B75E3C70C4F9AE02/653CF2F6F25A11E9937D9D73C4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:17:23 +0000
ROA not before: Sun 02 Nov 2025 20:21:35 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 58715
IP address blocks: 45.113.132.0/22 maxlen: 24
59.152.96.0/20 maxlen: 24
103.21.40.0/22 maxlen: 24
103.85.156.0/22 maxlen: 24
144.48.116.0/22 maxlen: 24
182.48.64.0/19 maxlen: 24
2404:4f80::/32 maxlen: 36
2404:4f80::/48 maxlen: 48
2404:4f80:f::/48 maxlen: 48
2404:4f80:10::/48 maxlen: 48
2404:4f80:11::/48 maxlen: 48
2404:4f80:12::/48 maxlen: 48
2404:4f80:13::/48 maxlen: 48
2404:4f80:14::/48 maxlen: 48
2404:4f80:15::/48 maxlen: 48
2404:4f80:16::/48 maxlen: 48
2404:4f80:17::/48 maxlen: 48
2404:4f80:18::/48 maxlen: 48
2404:4f80:19::/48 maxlen: 48
2404:4f80:1a::/48 maxlen: 48
2404:4f80:1b::/48 maxlen: 48
2404:4f80:1c::/48 maxlen: 48
2404:4f80:1d::/48 maxlen: 48
2404:4f80:1e::/48 maxlen: 48
2404:4f80:1f::/48 maxlen: 48
2404:4f80:20::/48 maxlen: 48
2404:4f80:21::/48 maxlen: 48
2404:4f80:22::/48 maxlen: 48
2404:4f80:23::/48 maxlen: 48
2404:4f80:29::/48 maxlen: 48
2404:4f80:30::/48 maxlen: 48
2404:4f80:31::/48 maxlen: 48
2404:4f80:32::/48 maxlen: 48
2404:4f80:33::/48 maxlen: 48
2404:4f80:34::/48 maxlen: 48
2404:4f80:35::/48 maxlen: 48
2404:4f80:36::/48 maxlen: 48
2404:4f80:37::/48 maxlen: 48
2404:4f80:38::/48 maxlen: 48
2404:4f80:39::/48 maxlen: 48
2404:4f80:3a::/48 maxlen: 48
2404:4f80:3b::/48 maxlen: 48
2404:4f80:3c::/48 maxlen: 48
2404:4f80:3d::/48 maxlen: 48
2404:4f80:3e::/48 maxlen: 48
2404:4f80:71::/48 maxlen: 48
2404:4f80:72::/48 maxlen: 48
2404:4f80:73::/48 maxlen: 48
2404:4f80:310::/48 maxlen: 48
2404:4f80:311::/48 maxlen: 48
2404:4f80:312::/48 maxlen: 48
2404:4f80:313::/48 maxlen: 48
2404:4f80:314::/48 maxlen: 48
2404:4f80:315::/48 maxlen: 48
2404:4f80:316::/48 maxlen: 48
2404:4f80:317::/48 maxlen: 48
2404:4f80:318::/48 maxlen: 48
2404:4f80:319::/48 maxlen: 48
2404:4f80:31a::/48 maxlen: 48
2404:4f80:31b::/48 maxlen: 48
2404:4f80:31c::/48 maxlen: 48
2404:4f80:31d::/48 maxlen: 48
2404:4f80:31e::/48 maxlen: 48
2404:4f80:31f::/48 maxlen: 48
2404:4f80:320::/48 maxlen: 48
2404:4f80:321::/48 maxlen: 48
2404:4f80:322::/48 maxlen: 48
2404:4f80:323::/48 maxlen: 48
2404:4f80:324::/48 maxlen: 48
2404:4f80:325::/48 maxlen: 48
2404:4f80:326::/48 maxlen: 48
2404:4f80:327::/48 maxlen: 48
2404:4f80:328::/48 maxlen: 48
2404:4f80:329::/48 maxlen: 48
2404:4f80:32a::/48 maxlen: 48
2404:4f80:32b::/48 maxlen: 48
2404:4f80:32c::/48 maxlen: 48
2404:4f80:32d::/48 maxlen: 48
2404:4f80:330::/48 maxlen: 48
2404:4f80:331::/48 maxlen: 48
2404:4f80:332::/48 maxlen: 48
2404:4f80:333::/48 maxlen: 48
2404:4f80:334::/48 maxlen: 48
2404:4f80:335::/48 maxlen: 48
2404:4f80:336::/48 maxlen: 48
2404:4f80:337::/48 maxlen: 48
2404:4f80:338::/48 maxlen: 48
2404:4f80:339::/48 maxlen: 48
2404:4f80:33b::/48 maxlen: 48
2404:4f80:33c::/48 maxlen: 48
2404:4f80:33d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919A998/AB34FBD4F25811E9B75E3C70C4F9AE02/XqGnuALn5-_HfKGjjlL3Ks1GOTA.crl
rsync://rpki.apnic.net/member_repository/A919A998/AB34FBD4F25811E9B75E3C70C4F9AE02/XqGnuALn5-_HfKGjjlL3Ks1GOTA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XqGnuALn5-_HfKGjjlL3Ks1GOTA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 01:18:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3498 (0xdaa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919A998, serialNumber=5EA1A7B802E7E7EFC77CA1A38E52F72ACD463930
Validity
Not Before: Nov 2 20:21:35 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=69a482b3-c055
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:09:32:b2:b7:ba:37:d1:4b:04:5c:0d:91:dc:
2d:70:3b:c4:4a:37:82:4a:5c:5f:8c:aa:d9:a8:28:
0b:6f:6e:3b:75:e9:3d:c8:8f:ab:ff:f0:c9:1d:8e:
04:bb:8b:3e:f7:4d:a0:d2:81:a2:e9:db:de:aa:64:
ad:0a:e3:43:5e:0a:f2:61:d6:1d:0d:b0:14:c4:29:
b5:e6:e8:d0:e6:0c:e0:ea:12:d2:4b:28:48:86:a0:
0a:fa:f4:4e:ec:27:26:1c:e5:6e:24:72:31:93:4c:
fd:ee:65:86:8c:56:90:bd:67:c7:72:7c:b3:83:e7:
f6:ad:2e:0b:57:09:08:a0:b7:86:2c:a8:45:88:09:
ff:98:5f:28:d0:9f:aa:57:cb:dc:31:14:84:3b:99:
f3:79:56:bb:49:20:4e:44:d0:51:ac:4c:e4:3d:04:
c7:2f:1c:94:9a:af:cf:52:30:2d:ee:26:2c:92:05:
49:31:4a:14:50:27:02:1f:3e:5b:70:62:76:59:9c:
96:e3:34:ea:17:0a:65:d3:96:c4:78:af:e7:03:0d:
cf:c7:eb:9d:22:b5:84:8c:10:d4:25:ad:40:43:97:
09:4a:15:75:46:30:7c:ef:49:fe:b0:12:41:ae:03:
b7:36:0b:fa:ee:c5:ca:d7:3e:1b:64:8b:64:70:83:
75:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:A1:5F:4C:7F:1C:2A:E9:56:C9:32:AE:D9:9E:78:A2:B1:97:3E:99
X509v3 Authority Key Identifier:
keyid:5E:A1:A7:B8:02:E7:E7:EF:C7:7C:A1:A3:8E:52:F7:2A:CD:46:39:30
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919A998/AB34FBD4F25811E9B75E3C70C4F9AE02/XqGnuALn5-_HfKGjjlL3Ks1GOTA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XqGnuALn5-_HfKGjjlL3Ks1GOTA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A998/AB34FBD4F25811E9B75E3C70C4F9AE02/653CF2F6F25A11E9937D9D73C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.113.132.0/22
59.152.96.0/20
103.21.40.0/22
103.85.156.0/22
144.48.116.0/22
182.48.64.0/19
IPv6:
2404:4f80::/32
Signature Algorithm: sha256WithRSAEncryption
9e:7e:8e:43:4a:28:34:38:41:80:06:15:20:b8:1a:45:f2:e4:
b4:25:6a:0b:ba:9b:bb:d5:b3:4f:d6:26:c3:d0:3a:87:95:90:
3b:87:f2:6e:d7:de:72:a2:ff:1d:4d:aa:e5:7b:1c:7c:b4:e6:
80:23:d4:5a:11:c6:f0:b2:97:0c:2e:0e:32:97:15:72:28:89:
57:12:3e:e9:b9:91:95:ac:ae:db:fe:c3:d9:10:09:01:ab:3a:
8a:ed:0b:4a:af:24:46:ba:c5:11:27:e4:4d:88:e8:f1:cf:27:
a9:7f:c0:6c:1e:db:5d:e6:92:1e:0e:45:36:90:a6:b7:a9:71:
ec:c4:3b:18:4c:98:99:73:3a:f2:f2:80:b5:16:1b:4f:b6:88:
e6:f3:c1:a9:d6:60:10:83:b3:82:0c:fc:b4:2f:78:07:5d:1d:
7d:c1:2e:13:91:1f:cb:e0:77:fb:d7:25:bb:98:91:7d:36:a9:
f0:ae:d7:14:84:69:62:8f:dc:1e:c4:58:52:93:30:48:96:f7:
51:34:13:83:e3:9f:c7:0f:55:25:27:e3:ed:b3:31:f0:ea:84:
95:d6:ef:83:6c:bf:a6:ec:12:2c:bb:56:b4:36:da:51:33:de:
58:90:c7:66:4c:a7:59:d5:cd:5f:83:27:4e:78:ff:a8:08:0e:
5e:8b:45:8c
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgICDaowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUE5OTgxMTAvBgNVBAUTKDVFQTFBN0I4MDJFN0U3RUZDNzdDQTFBMzhFNTJGNzJB
Q0Q0NjM5MzAwHhcNMjUxMTAyMjAyMTM1WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODJiMy1jMDU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoAkysre6N9FLBFwNkdwtcDvESjeCSlxfjKrZqCgLb247dek9yI+r//DJHY4E
u4s+902g0oGi6dveqmStCuNDXgryYdYdDbAUxCm15ujQ5gzg6hLSSyhIhqAK+vRO
7CcmHOVuJHIxk0z97mWGjFaQvWfHcnyzg+f2rS4LVwkIoLeGLKhFiAn/mF8o0J+q
V8vcMRSEO5nzeVa7SSBORNBRrEzkPQTHLxyUmq/PUjAt7iYskgVJMUoUUCcCHz5b
cGJ2WZyW4zTqFwpl05bEeK/nAw3Px+udIrWEjBDUJa1AQ5cJShV1RjB870n+sBJB
rgO3Ngv67sXK1z4bZItkcIN1VwIDAQABo4ICjTCCAokwHQYDVR0OBBYEFHuhX0x/
HCrpVskyrtmeeKKxlz6ZMB8GA1UdIwQYMBaAFF6hp7gC5+fvx3yho45S9yrNRjkw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QTk5OC9BQjM0RkJENEYy
NTgxMUU5Qjc1RTNDNzBDNEY5QUUwMi9YcUdudUFMbjUtX0hmS0dqamxMM0tzMUdP
VEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hxR251QUxuNS1fSGZLR2pqbEwzS3MxR09UQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUE5OTgvQUIzNEZCRDRGMjU4MTFFOUI3NUUzQzcwQzRGOUFFMDIvNjUzQ0YyRjZG
MjVBMTFFOTkzN0Q5RDczQzRGOUFFMDIucm9hMEwGCCsGAQUFBwEHAQH/BD0wOzAq
BAIAATAkAwQCLXGEAwQEO5hgAwQCZxUoAwQCZ1WcAwQCkDB0AwQFtjBAMA0EAgAC
MAcDBQAkBE+AMA0GCSqGSIb3DQEBCwUAA4IBAQCefo5DSig0OEGABhUguBpF8uS0
JWoLupu71bNP1ibD0DqHlZA7h/Ju195yov8dTarlexx8tOaAI9RaEcbwspcMLg4y
lxVyKIlXEj7puZGVrK7b/sPZEAkBqzqK7QtKryRGusURJ+RNiOjxzyepf8BsHttd
5pIeDkU2kKa3qXHsxDsYTJiZczry8oC1FhtPtojm88Gp1mAQg7OCDPy0L3gHXR19
wS4TkR/L4Hf71yW7mJF9NqnwrtcUhGlij9wexFhSkzBIlvdRNBOD45/HD1UlJ+Pt
szHw6oSV1u+DbL+m7BIsu1a0NtpRM95YkMdmTKdZ1c1fgydOeP+oCA5ei0WM
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:56:12 2026 by rpki-client