Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/7418230A6D4B11EBB1805C0DC4F9AE02.roa
File: 7418230A6D4B11EBB1805C0DC4F9AE02.roa (raw, json)
Hash identifier: DvMc+C7ydaggndrUk3IDkyvlx9FwffySugOxDXp6bws=
Subject key identifier: 81:C7:34:DE:4B:09:C4:55:37:56:21:05:A8:42:6D:3E:9C:FD:93:3D
Certificate issuer: /CN=A91A0832/serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Certificate serial: 37E0
Authority key identifier: 9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/7418230A6D4B11EBB1805C0DC4F9AE02.roa
Signing time: Thu 16 Apr 2026 15:14:52 +0000
ROA not before: Thu 16 Apr 2026 15:14:52 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 17557
IP address blocks: 39.32.0.0/11 maxlen: 15
39.32.0.0/16 maxlen: 24
39.33.0.0/16 maxlen: 24
39.34.0.0/16 maxlen: 24
39.35.0.0/16 maxlen: 24
39.36.0.0/16 maxlen: 24
39.37.0.0/16 maxlen: 24
39.38.0.0/16 maxlen: 24
39.39.0.0/16 maxlen: 24
39.40.0.0/16 maxlen: 24
39.41.0.0/16 maxlen: 24
39.42.0.0/16 maxlen: 24
39.43.0.0/16 maxlen: 24
39.44.0.0/16 maxlen: 24
39.45.0.0/16 maxlen: 24
39.46.0.0/16 maxlen: 24
39.47.0.0/16 maxlen: 24
39.48.0.0/16 maxlen: 24
39.49.0.0/16 maxlen: 24
39.50.0.0/16 maxlen: 24
39.51.0.0/16 maxlen: 24
39.52.0.0/16 maxlen: 24
39.53.0.0/16 maxlen: 24
39.54.0.0/16 maxlen: 24
39.55.0.0/16 maxlen: 24
39.56.0.0/16 maxlen: 24
39.57.0.0/16 maxlen: 24
39.58.0.0/16 maxlen: 24
39.59.0.0/16 maxlen: 24
39.60.0.0/16 maxlen: 24
39.61.0.0/16 maxlen: 24
39.62.0.0/16 maxlen: 24
39.63.0.0/16 maxlen: 24
58.181.96.0/20 maxlen: 24
58.181.112.0/20 maxlen: 24
59.103.0.0/16 maxlen: 24
103.28.152.0/22 maxlen: 24
116.71.0.0/16 maxlen: 24
119.152.0.0/13 maxlen: 15
119.152.0.0/16 maxlen: 24
119.153.0.0/16 maxlen: 24
119.154.0.0/16 maxlen: 24
119.155.0.0/16 maxlen: 24
119.156.0.0/16 maxlen: 24
119.157.0.0/16 maxlen: 24
119.158.0.0/16 maxlen: 24
119.159.0.0/16 maxlen: 24
182.176.0.0/12 maxlen: 15
182.176.0.0/16 maxlen: 24
182.177.0.0/16 maxlen: 24
182.178.0.0/16 maxlen: 24
182.179.0.0/16 maxlen: 24
182.180.0.0/16 maxlen: 24
182.181.0.0/16 maxlen: 24
182.182.0.0/16 maxlen: 24
182.183.0.0/16 maxlen: 24
182.184.0.0/16 maxlen: 24
182.185.0.0/16 maxlen: 24
182.186.0.0/16 maxlen: 24
182.187.0.0/16 maxlen: 24
182.188.0.0/16 maxlen: 24
182.189.0.0/16 maxlen: 24
182.190.0.0/16 maxlen: 24
182.191.0.0/16 maxlen: 24
202.70.144.0/20 maxlen: 24
202.125.128.0/19 maxlen: 24
203.99.160.0/19 maxlen: 24
203.135.0.0/18 maxlen: 24
221.120.192.0/18 maxlen: 24
2001:df0:279::/48 maxlen: 48
2404:7000::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.crl
rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 Apr 2026 14:46:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14304 (0x37e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A0832, serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Validity
Not Before: Apr 16 15:14:52 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=69e0fcec-a64a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2c:37:b8:20:88:f0:0f:2f:66:49:f7:6f:6e:
45:39:68:96:28:6c:3f:a1:41:04:4a:0f:bd:4b:26:
e3:6d:45:95:9e:a5:5a:63:1b:e9:e1:23:53:f1:91:
94:4d:78:dd:b7:74:7f:67:79:7f:85:ad:c9:72:10:
db:92:61:ab:d0:0a:da:e1:ed:15:d6:f3:d0:32:e3:
cd:7f:48:35:6d:93:5e:15:ed:25:77:75:3d:41:42:
8e:cb:40:f8:3e:89:2d:f2:29:b9:ec:d2:5a:08:53:
87:ff:80:f5:2d:52:a8:d3:46:c6:9e:a7:b6:91:b6:
f0:ee:49:04:87:f0:dc:84:f9:f8:d9:1f:4f:69:d5:
dd:9f:f2:07:6f:8c:97:75:ef:ac:d8:7e:48:ad:3a:
15:e1:87:ce:02:0a:f7:3f:c1:36:4c:03:e7:79:3b:
c9:c4:d9:95:63:a1:d0:ca:6d:94:ae:d5:96:93:6e:
59:24:08:cc:0d:c0:eb:ca:fd:44:ad:3d:c6:b6:c9:
ef:54:a6:b2:2a:b1:b5:31:f3:f3:14:ee:e9:1e:73:
84:7b:5f:99:ec:2e:ff:fe:df:56:ea:b4:72:1b:53:
84:2e:4f:69:4a:82:d6:81:89:c7:97:e9:ce:fe:db:
b4:27:a4:96:0c:1e:f2:e2:66:82:3f:bd:10:52:9f:
86:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:C7:34:DE:4B:09:C4:55:37:56:21:05:A8:42:6D:3E:9C:FD:93:3D
X509v3 Authority Key Identifier:
keyid:9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/7418230A6D4B11EBB1805C0DC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
39.32.0.0/11
58.181.96.0/19
59.103.0.0/16
103.28.152.0/22
116.71.0.0/16
119.152.0.0/13
182.176.0.0/12
202.70.144.0/20
202.125.128.0/19
203.99.160.0/19
203.135.0.0/18
221.120.192.0/18
IPv6:
2001:df0:279::/48
2404:7000::/32
Signature Algorithm: sha256WithRSAEncryption
47:5e:12:46:e7:85:9c:78:df:dd:2f:59:70:62:8f:4a:a7:e7:
0c:de:61:d9:f6:cf:b9:8c:39:cb:58:2a:b8:e9:2d:0d:65:e7:
b9:55:d2:7b:6c:9b:a8:86:d3:3d:b9:15:e4:ff:58:2d:2b:b1:
60:3c:06:7d:be:c9:2c:91:cd:81:90:28:aa:33:85:26:fd:2b:
14:56:31:03:64:44:fd:82:dd:61:fc:18:57:d7:b2:54:84:f4:
95:96:e9:cf:30:fe:6a:1e:06:55:13:21:0f:48:ab:10:19:38:
8b:1b:80:41:5f:6c:ce:e2:32:1e:e8:78:62:d1:67:4e:9a:c4:
99:b9:5e:6f:19:81:4c:d5:e4:cf:cd:ee:bf:97:ff:ab:da:8b:
a4:55:82:57:d5:7d:38:d9:14:44:37:b8:ee:07:bb:97:c3:5b:
dd:68:15:ee:2f:45:8a:23:48:c2:f5:0f:2c:93:2b:dd:16:9e:
45:b6:8e:8d:41:7c:a3:f6:ec:b6:9b:ed:fe:9d:4e:1a:47:29:
e2:2e:06:30:c4:bc:f0:64:7f:8f:f3:fb:e1:cf:fa:fe:4f:c3:
c5:49:2d:07:6b:3f:de:f3:a7:73:bc:ee:2f:ea:89:1a:fc:91:
f1:e9:9e:60:c5:54:8b:fb:3f:cd:09:fc:83:67:0e:58:7f:26:
cc:af:18:66
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICN+AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTA4MzIxMTAvBgNVBAUTKDlFRDkwNTUxMDdDNzBGODVCQjkxQThEQTAyNzBCNUNB
NzYwQUVCNTQwHhcNMjYwNDE2MTUxNDUyWhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWUwZmNlYy1hNjRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuyw3uCCI8A8vZkn3b25FOWiWKGw/oUEESg+9SybjbUWVnqVaYxvp4SNT8ZGU
TXjdt3R/Z3l/ha3JchDbkmGr0Ara4e0V1vPQMuPNf0g1bZNeFe0ld3U9QUKOy0D4
Pokt8im57NJaCFOH/4D1LVKo00bGnqe2kbbw7kkEh/DchPn42R9PadXdn/IHb4yX
de+s2H5IrToV4YfOAgr3P8E2TAPneTvJxNmVY6HQym2UrtWWk25ZJAjMDcDryv1E
rT3GtsnvVKayKrG1MfPzFO7pHnOEe1+Z7C7//t9W6rRyG1OELk9pSoLWgYnHl+nO
/tu0J6SWDB7y4maCP70QUp+G4QIDAQABo4ICtTCCArEwHQYDVR0OBBYEFIHHNN5L
CcRVN1YhBahCbT6c/ZM9MB8GA1UdIwQYMBaAFJ7ZBVEHxw+Fu5Go2gJwtcp2CutU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDgzMi85REFGNzgwRTFE
OTQxMUUyOTkwMUYzRjgwOEIwMkNEMi9udGtGVVFmSEQ0VzdrYWphQW5DMXluWUs2
MVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL250a0ZVUWZIRDRXN2thamFBbkMxeW5ZSzYxUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTA4MzIvOURBRjc4MEUxRDk0MTFFMjk5MDFGM0Y4MDhCMDJDRDIvNzQxODIzMEE2
RDRCMTFFQkIxODA1QzBEQzRGOUFFMDIucm9hMHQGCCsGAQUFBwEHAQH/BGUwYzBJ
BAIAATBDAwMFJyADBAU6tWADAwA7ZwMEAmccmAMDAHRHAwMDd5gDAwS2sAMEBMpG
kAMEBcp9gAMEBctjoAMEBsuHAAMEBt14wDAWBAIAAjAQAwcAIAEN8AJ5AwUAJARw
ADANBgkqhkiG9w0BAQsFAAOCAQEAR14SRueFnHjf3S9ZcGKPSqfnDN5h2fbPuYw5
y1gquOktDWXnuVXSe2ybqIbTPbkV5P9YLSuxYDwGfb7JLJHNgZAoqjOFJv0rFFYx
A2RE/YLdYfwYV9eyVIT0lZbpzzD+ah4GVRMhD0irEBk4ixuAQV9szuIyHuh4YtFn
TprEmblebxmBTNXkz83uv5f/q9qLpFWCV9V9ONkURDe47ge7l8Nb3WgV7i9FiiNI
wvUPLJMr3RaeRbaOjUF8o/bstpvt/p1OGkcp4i4GMMS88GR/j/P74c/6/k/DxUkt
B2s/3vOnc7zuL+qJGvyR8emeYMVUi/s/zQn8g2cOWH8mzK8YZg==
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:38:47 2026 by rpki-client