Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/956DEFE80CDB11EAB14B9162C4F9AE02.roa
File: 956DEFE80CDB11EAB14B9162C4F9AE02.roa (raw, json)
Hash identifier: pIa1m/QoJun56lXoitSimau4HAB/ZArTrlBayf+6xXg=
Subject key identifier: 62:CB:9E:27:28:A8:D8:48:D3:16:B0:A9:19:C3:E9:83:CC:9C:30:01
Certificate issuer: /CN=A919EAAD/serialNumber=25099046EB59D645D419A428FC701A57353FBF2C
Certificate serial: 0CDA
Authority key identifier: 25:09:90:46:EB:59:D6:45:D4:19:A4:28:FC:70:1A:57:35:3F:BF:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JQmQRutZ1kXUGaQo_HAaVzU_vyw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/956DEFE80CDB11EAB14B9162C4F9AE02.roa
Signing time: Sun 01 Mar 2026 09:23:57 +0000
ROA not before: Fri 15 Aug 2025 03:34:21 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 133385
IP address blocks: 45.120.84.0/22 maxlen: 22
45.120.84.0/24 maxlen: 24
45.120.85.0/24 maxlen: 24
45.120.86.0/24 maxlen: 24
45.120.87.0/24 maxlen: 24
103.255.172.0/22 maxlen: 22
103.255.172.0/24 maxlen: 24
103.255.172.64/26 maxlen: 26
103.255.172.128/25 maxlen: 25
103.255.173.0/24 maxlen: 24
103.255.174.0/24 maxlen: 24
103.255.175.0/24 maxlen: 24
2400:8480:1000::/48 maxlen: 48
2400:8480:1100::/48 maxlen: 48
2400:8480:2010::/44 maxlen: 44
2400:8480:2020::/44 maxlen: 44
2400:8480:2030::/44 maxlen: 44
2400:8480:2040::/44 maxlen: 44
2400:8480:2110::/44 maxlen: 44
2400:8480:2120::/44 maxlen: 44
2400:8480:2130::/44 maxlen: 44
2400:8480:2140::/44 maxlen: 44
2400:8480:3010::/44 maxlen: 44
2400:8480:3020::/44 maxlen: 44
2400:8480:3030::/44 maxlen: 44
2400:8480:3040::/44 maxlen: 44
2400:8480:3110::/44 maxlen: 44
2400:8480:3120::/44 maxlen: 44
2400:8480:3130::/44 maxlen: 44
2400:8480:3140::/44 maxlen: 44
2400:8480:4000::/36 maxlen: 36
2400:8480:5000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/JQmQRutZ1kXUGaQo_HAaVzU_vyw.crl
rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/JQmQRutZ1kXUGaQo_HAaVzU_vyw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JQmQRutZ1kXUGaQo_HAaVzU_vyw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:23:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3290 (0xcda)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919EAAD, serialNumber=25099046EB59D645D419A428FC701A57353FBF2C
Validity
Not Before: Aug 15 03:34:21 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=69a405ad-f72b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ce:63:35:34:fe:c6:aa:62:70:bd:dc:a5:85:
85:b4:9b:2e:4e:35:7c:4f:37:dc:1c:11:85:42:fe:
01:7f:48:ae:28:07:eb:2c:63:e0:26:2d:10:94:4e:
14:fb:95:67:84:c7:4a:42:7e:0d:e4:d1:ac:73:8b:
a7:65:12:8f:71:b4:ad:30:cf:0d:b1:24:0e:b4:d7:
25:49:29:7c:26:22:91:4a:4a:2a:f2:8f:a7:c5:80:
09:1b:2b:a7:2e:f3:d1:d1:bd:b1:4e:72:45:79:31:
6e:38:26:82:87:a9:e9:e9:ab:42:2a:af:49:47:d4:
dd:af:8d:d9:54:ad:4a:cb:43:21:13:17:01:af:b2:
6f:6c:d7:d1:9a:44:e0:c7:93:e0:4c:db:94:f5:61:
e0:58:d8:1d:9e:76:1c:e6:3c:43:57:96:91:ee:11:
c4:bc:0d:71:23:d7:84:5d:77:32:50:24:2f:01:47:
89:07:ca:9f:c3:38:5a:27:7a:34:60:85:77:3a:6a:
56:87:7c:ba:4c:ce:8d:f3:85:99:d4:08:76:09:e7:
12:d2:ea:49:cb:76:f7:9f:0e:d8:e8:a7:9f:8a:b2:
0a:eb:de:f3:d2:ca:38:de:ab:b0:f5:91:8b:e4:64:
cd:57:00:5c:cb:7d:95:45:91:d9:cc:b4:82:93:37:
d0:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:CB:9E:27:28:A8:D8:48:D3:16:B0:A9:19:C3:E9:83:CC:9C:30:01
X509v3 Authority Key Identifier:
keyid:25:09:90:46:EB:59:D6:45:D4:19:A4:28:FC:70:1A:57:35:3F:BF:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/JQmQRutZ1kXUGaQo_HAaVzU_vyw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JQmQRutZ1kXUGaQo_HAaVzU_vyw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/956DEFE80CDB11EAB14B9162C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.120.84.0/22
103.255.172.0/22
IPv6:
2400:8480:1000::/48
2400:8480:1100::/48
2400:8480:2010::-2400:8480:204f:ffff:ffff:ffff:ffff:ffff
2400:8480:2110::-2400:8480:214f:ffff:ffff:ffff:ffff:ffff
2400:8480:3010::-2400:8480:304f:ffff:ffff:ffff:ffff:ffff
2400:8480:3110::-2400:8480:314f:ffff:ffff:ffff:ffff:ffff
2400:8480:4000::/35
Signature Algorithm: sha256WithRSAEncryption
55:31:06:3c:fb:ea:74:78:33:46:39:e0:5d:83:66:0d:2d:bb:
c8:ec:26:90:3e:74:bc:fb:48:34:63:c8:98:49:a1:79:3a:e8:
2b:a4:94:31:c4:07:02:bd:8e:df:bd:96:ca:e7:47:a2:1d:ec:
48:1d:fa:60:f9:d6:fd:8e:7f:ba:c4:0e:46:bb:2c:7a:51:e8:
94:ff:19:c2:18:84:14:96:92:f4:b1:b4:9d:a5:f4:74:7a:e8:
70:b8:a0:bc:96:55:b3:da:ab:01:07:a0:8b:c5:83:91:08:89:
7b:3b:54:68:fd:0f:68:d0:2c:29:e0:70:37:c8:9a:7f:fc:ad:
a1:77:76:ee:50:b5:2e:65:f3:8b:75:4f:9d:a1:0a:e1:5f:0b:
cd:f1:84:d6:b5:36:ce:51:2d:ba:1b:37:64:b1:8b:47:cf:10:
87:a8:fd:2a:a6:1c:b1:5c:c7:93:09:b9:46:aa:00:8c:07:13:
e7:88:a1:84:9e:96:e0:f0:11:30:7e:4a:f0:eb:bf:f5:63:45:
14:6f:90:73:df:f4:3c:80:b9:eb:07:41:06:12:6f:52:be:2c:
d1:7e:8c:e8:fa:27:f3:25:d4:ac:47:75:cd:ae:00:1c:fc:52:
d8:e5:83:34:0f:37:80:c7:26:c6:9c:d4:38:2e:79:66:7f:00:
ce:03:35:03
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgICDNowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUVBQUQxMTAvBgNVBAUTKDI1MDk5MDQ2RUI1OUQ2NDVENDE5QTQyOEZDNzAxQTU3
MzUzRkJGMkMwHhcNMjUwODE1MDMzNDIxWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0MDVhZC1mNzJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAls5jNTT+xqpicL3cpYWFtJsuTjV8TzfcHBGFQv4Bf0iuKAfrLGPgJi0QlE4U
+5VnhMdKQn4N5NGsc4unZRKPcbStMM8NsSQOtNclSSl8JiKRSkoq8o+nxYAJGyun
LvPR0b2xTnJFeTFuOCaCh6np6atCKq9JR9Tdr43ZVK1Ky0MhExcBr7JvbNfRmkTg
x5PgTNuU9WHgWNgdnnYc5jxDV5aR7hHEvA1xI9eEXXcyUCQvAUeJB8qfwzhaJ3o0
YIV3OmpWh3y6TM6N84WZ1Ah2CecS0upJy3b3nw7Y6KefirIK697z0so43quw9ZGL
5GTNVwBcy32VRZHZzLSCkzfQEwIDAQABo4IC2zCCAtcwHQYDVR0OBBYEFGLLnico
qNhI0xawqRnD6YPMnDABMB8GA1UdIwQYMBaAFCUJkEbrWdZF1BmkKPxwGlc1P78s
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RUFBRC83N0Q5NTBGMjA5
RDUxMUVBQjc2QzczMTdDNEY5QUUwMi9KUW1RUnV0WjFrWFVHYVFvX0hBYVZ6VV92
eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pRbVFSdXRaMWtYVUdhUW9fSEFhVnpVX3Z5dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUVBQUQvNzdEOTUwRjIwOUQ1MTFFQUI3NkM3MzE3QzRGOUFFMDIvOTU2REVGRTgw
Q0RCMTFFQUIxNEI5MTYyQzRGOUFFMDIucm9hMIGZBggrBgEFBQcBBwEB/wSBiTCB
hjASBAIAATAMAwQCLXhUAwQCZ/+sMHAEAgACMGoDBwAkAISAEAADBwAkAISAEQAw
EgMHBCQAhIAgEAMHBCQAhIAgQDASAwcEJACEgCEQAwcEJACEgCFAMBIDBwQkAISA
MBADBwQkAISAMEAwEgMHBCQAhIAxEAMHBCQAhIAxQAMGBSQAhIBAMA0GCSqGSIb3
DQEBCwUAA4IBAQBVMQY8++p0eDNGOeBdg2YNLbvI7CaQPnS8+0g0Y8iYSaF5Ougr
pJQxxAcCvY7fvZbK50eiHexIHfpg+db9jn+6xA5Guyx6UeiU/xnCGIQUlpL0sbSd
pfR0euhwuKC8llWz2qsBB6CLxYORCIl7O1Ro/Q9o0Cwp4HA3yJp//K2hd3buULUu
ZfOLdU+doQrhXwvN8YTWtTbOUS26GzdksYtHzxCHqP0qphyxXMeTCblGqgCMBxPn
iKGEnpbg8BEwfkrw67/1Y0UUb5Bz3/Q8gLnrB0EGEm9SvizRfozo+ifzJdSsR3XN
rgAc/FLY5YM0DzeAxybGnNQ4LnlmfwDOAzUD
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:39:23 2026 by rpki-client