Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/7418230A6D4B11EBB1805C0DC4F9AE02.roa
File: 7418230A6D4B11EBB1805C0DC4F9AE02.roa (raw, json)
Hash identifier: 6T58SHnRQWimfl2Rj2N+WBpo5imULsKQ9l4of58PKEs=
Subject key identifier: 01:04:4E:40:DA:D3:31:D3:18:FA:23:28:95:95:1C:01:86:7C:AD:5E
Certificate issuer: /CN=A91A0832/serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Certificate serial: 379C
Authority key identifier: 9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/7418230A6D4B11EBB1805C0DC4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:28:51 +0000
ROA not before: Sat 22 Mar 2025 15:01:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 17557
IP address blocks: 39.32.0.0/11 maxlen: 15
39.32.0.0/16 maxlen: 24
39.33.0.0/16 maxlen: 24
39.34.0.0/16 maxlen: 24
39.35.0.0/16 maxlen: 24
39.36.0.0/16 maxlen: 24
39.37.0.0/16 maxlen: 24
39.38.0.0/16 maxlen: 24
39.39.0.0/16 maxlen: 24
39.40.0.0/16 maxlen: 24
39.41.0.0/16 maxlen: 24
39.42.0.0/16 maxlen: 24
39.43.0.0/16 maxlen: 24
39.44.0.0/16 maxlen: 24
39.45.0.0/16 maxlen: 24
39.46.0.0/16 maxlen: 24
39.47.0.0/16 maxlen: 24
39.48.0.0/16 maxlen: 24
39.49.0.0/16 maxlen: 24
39.50.0.0/16 maxlen: 24
39.51.0.0/16 maxlen: 24
39.52.0.0/16 maxlen: 24
39.53.0.0/16 maxlen: 24
39.54.0.0/16 maxlen: 24
39.55.0.0/16 maxlen: 24
39.56.0.0/16 maxlen: 24
39.57.0.0/16 maxlen: 24
39.58.0.0/16 maxlen: 24
39.59.0.0/16 maxlen: 24
39.60.0.0/16 maxlen: 24
39.61.0.0/16 maxlen: 24
39.62.0.0/16 maxlen: 24
39.63.0.0/16 maxlen: 24
58.181.96.0/20 maxlen: 24
58.181.112.0/20 maxlen: 24
59.103.0.0/16 maxlen: 24
103.28.152.0/22 maxlen: 24
116.71.0.0/16 maxlen: 24
119.152.0.0/13 maxlen: 15
119.152.0.0/16 maxlen: 24
119.153.0.0/16 maxlen: 24
119.154.0.0/16 maxlen: 24
119.155.0.0/16 maxlen: 24
119.156.0.0/16 maxlen: 24
119.157.0.0/16 maxlen: 24
119.158.0.0/16 maxlen: 24
119.159.0.0/16 maxlen: 24
182.176.0.0/12 maxlen: 15
182.176.0.0/16 maxlen: 24
182.177.0.0/16 maxlen: 24
182.178.0.0/16 maxlen: 24
182.179.0.0/16 maxlen: 24
182.180.0.0/16 maxlen: 24
182.181.0.0/16 maxlen: 24
182.182.0.0/16 maxlen: 24
182.183.0.0/16 maxlen: 24
182.184.0.0/16 maxlen: 24
182.185.0.0/16 maxlen: 24
182.186.0.0/16 maxlen: 24
182.187.0.0/16 maxlen: 24
182.188.0.0/16 maxlen: 24
182.189.0.0/16 maxlen: 24
182.190.0.0/16 maxlen: 24
182.191.0.0/16 maxlen: 24
202.70.144.0/20 maxlen: 24
202.125.128.0/19 maxlen: 24
203.99.160.0/19 maxlen: 24
203.135.0.0/18 maxlen: 24
221.120.192.0/18 maxlen: 24
2001:df0:279::/48 maxlen: 48
2404:7000::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.crl
rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:45:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14236 (0x379c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A0832, serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Validity
Not Before: Mar 22 15:01:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a48563-a3f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:6b:92:95:16:f9:d7:d8:62:da:28:ec:3a:8d:
4d:73:ef:86:18:93:be:39:fa:c7:18:52:1a:dd:e7:
c5:89:32:63:22:a1:e7:5d:3d:81:92:4b:4c:63:83:
e1:e8:51:27:d4:49:39:d7:c5:53:e1:22:23:89:e0:
17:d8:60:ae:9d:88:ce:ad:aa:14:88:58:e9:19:d2:
26:83:02:2a:f9:1b:fe:f4:45:af:ee:6e:f2:5f:47:
b3:fb:3e:d3:a6:00:33:dc:c5:fb:1b:79:35:ca:8b:
e8:34:58:6d:03:27:eb:9b:24:61:c8:b4:38:25:f9:
f5:6e:35:9b:df:16:a4:51:85:bd:be:85:b4:42:f2:
d1:12:55:36:78:1f:c1:cf:8e:f8:fe:a6:75:01:5d:
0b:90:66:8b:ca:d3:4f:d9:55:ed:b0:7c:ad:b9:b1:
bf:b5:d5:af:21:44:83:e3:39:4e:f9:df:29:48:a0:
67:c0:b8:b7:47:bc:55:4d:d2:0e:49:bc:a5:df:72:
29:0a:8c:a6:48:7c:c1:8e:9b:67:4f:44:b0:0e:2f:
a0:f1:21:75:ac:8d:58:4b:9f:65:c9:d5:da:19:db:
00:b0:47:4a:7d:fe:c8:83:78:d0:70:34:a5:cf:7f:
e2:05:1d:94:9e:7e:ed:d3:70:7d:a5:fb:85:79:4a:
b1:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:04:4E:40:DA:D3:31:D3:18:FA:23:28:95:95:1C:01:86:7C:AD:5E
X509v3 Authority Key Identifier:
keyid:9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/7418230A6D4B11EBB1805C0DC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
39.32.0.0/11
58.181.96.0/19
59.103.0.0/16
103.28.152.0/22
116.71.0.0/16
119.152.0.0/13
182.176.0.0/12
202.70.144.0/20
202.125.128.0/19
203.99.160.0/19
203.135.0.0/18
221.120.192.0/18
IPv6:
2001:df0:279::/48
2404:7000::/32
Signature Algorithm: sha256WithRSAEncryption
0e:a9:18:c6:4b:63:2a:48:67:ed:3a:73:b8:bd:1f:96:22:f2:
76:d9:42:4c:70:d1:3b:b7:05:2c:43:ee:16:0f:91:37:20:d5:
b0:04:35:7d:b6:9f:0b:4b:b9:94:cd:1d:cf:13:99:5b:54:91:
fe:22:6c:b0:fb:a3:ad:bd:67:08:6c:6f:4a:12:5f:4a:f2:de:
ff:9e:fd:8f:7e:dc:da:bf:da:ea:be:20:b1:56:5d:53:a3:f5:
d0:89:34:c6:8c:7b:9d:d6:80:08:8f:c7:05:01:5a:e7:9c:c8:
27:d2:f7:b2:31:47:9c:2a:4c:d7:ef:02:62:69:1a:66:80:63:
08:81:d3:ef:77:9c:ce:a1:40:67:d6:72:4a:92:ed:a5:e9:b3:
3c:7e:e1:fd:f0:ec:85:33:70:6e:61:07:8e:f1:30:4f:d1:37:
5f:a5:e7:45:be:5f:d0:6e:9a:9a:9d:ac:97:ea:8c:f7:5d:1d:
0a:5a:5b:e8:a3:3f:ac:3f:dc:c4:91:5b:89:e1:2b:e9:7b:5c:
37:33:43:5d:bd:4e:12:aa:c2:7d:8f:81:e5:ab:7c:be:85:12:
59:41:cc:c3:ec:59:08:ba:0b:10:5e:3c:04:93:b9:64:48:2e:
5b:01:5b:75:e3:1c:18:9a:ac:0a:5a:38:bf:1c:a0:8d:d2:8c:
f6:20:f7:75
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICN5wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTA4MzIxMTAvBgNVBAUTKDlFRDkwNTUxMDdDNzBGODVCQjkxQThEQTAyNzBCNUNB
NzYwQUVCNTQwHhcNMjUwMzIyMTUwMTE2WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODU2My1hM2Y4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3GuSlRb519hi2ijsOo1Nc++GGJO+OfrHGFIa3efFiTJjIqHnXT2BkktMY4Ph
6FEn1Ek518VT4SIjieAX2GCunYjOraoUiFjpGdImgwIq+Rv+9EWv7m7yX0ez+z7T
pgAz3MX7G3k1yovoNFhtAyfrmyRhyLQ4Jfn1bjWb3xakUYW9voW0QvLRElU2eB/B
z474/qZ1AV0LkGaLytNP2VXtsHytubG/tdWvIUSD4zlO+d8pSKBnwLi3R7xVTdIO
Sbyl33IpCoymSHzBjptnT0SwDi+g8SF1rI1YS59lydXaGdsAsEdKff7Ig3jQcDSl
z3/iBR2Unn7t03B9pfuFeUqxlwIDAQABo4ICtTCCArEwHQYDVR0OBBYEFAEETkDa
0zHTGPojKJWVHAGGfK1eMB8GA1UdIwQYMBaAFJ7ZBVEHxw+Fu5Go2gJwtcp2CutU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDgzMi85REFGNzgwRTFE
OTQxMUUyOTkwMUYzRjgwOEIwMkNEMi9udGtGVVFmSEQ0VzdrYWphQW5DMXluWUs2
MVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL250a0ZVUWZIRDRXN2thamFBbkMxeW5ZSzYxUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTA4MzIvOURBRjc4MEUxRDk0MTFFMjk5MDFGM0Y4MDhCMDJDRDIvNzQxODIzMEE2
RDRCMTFFQkIxODA1QzBEQzRGOUFFMDIucm9hMHQGCCsGAQUFBwEHAQH/BGUwYzBJ
BAIAATBDAwMFJyADBAU6tWADAwA7ZwMEAmccmAMDAHRHAwMDd5gDAwS2sAMEBMpG
kAMEBcp9gAMEBctjoAMEBsuHAAMEBt14wDAWBAIAAjAQAwcAIAEN8AJ5AwUAJARw
ADANBgkqhkiG9w0BAQsFAAOCAQEADqkYxktjKkhn7TpzuL0fliLydtlCTHDRO7cF
LEPuFg+RNyDVsAQ1fbafC0u5lM0dzxOZW1SR/iJssPujrb1nCGxvShJfSvLe/579
j37c2r/a6r4gsVZdU6P10Ik0xox7ndaACI/HBQFa55zIJ9L3sjFHnCpM1+8CYmka
ZoBjCIHT73eczqFAZ9ZySpLtpemzPH7h/fDshTNwbmEHjvEwT9E3X6XnRb5f0G6a
mp2sl+qM910dClpb6KM/rD/cxJFbieEr6XtcNzNDXb1OEqrCfY+B5at8voUSWUHM
w+xZCLoLEF48BJO5ZEguWwFbdeMcGJqsClo4vxygjdKM9iD3dQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:34:19 2026 by rpki-client