Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/9B4B6C82904911EABE5F0C63C4F9AE02.roa
File: 9B4B6C82904911EABE5F0C63C4F9AE02.roa (raw, json)
Hash identifier: VLAT/M2ruyTEQUd6hodWbMw2Jqr6BHFT+yCvjnUWSAs=
Subject key identifier: 3F:79:22:41:2C:31:F9:CE:2B:86:11:70:35:CD:2C:6A:07:F1:85:18
Certificate issuer: /CN=A91A0832/serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Certificate serial: 37A1
Authority key identifier: 9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/9B4B6C82904911EABE5F0C63C4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:28:56 +0000
ROA not before: Sat 22 Mar 2025 15:01:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58895
IP address blocks: 58.181.98.0/24 maxlen: 24
59.103.30.0/23 maxlen: 24
59.103.74.0/24 maxlen: 24
59.103.152.0/23 maxlen: 24
59.103.176.0/24 maxlen: 24
59.103.178.0/23 maxlen: 23
116.71.2.0/23 maxlen: 24
119.152.48.0/22 maxlen: 22
119.152.48.0/24 maxlen: 24
119.152.49.0/24 maxlen: 24
119.152.50.0/24 maxlen: 24
119.152.51.0/24 maxlen: 24
119.152.52.0/23 maxlen: 24
119.152.54.0/24 maxlen: 24
119.152.55.0/24 maxlen: 24
119.152.56.0/24 maxlen: 24
119.152.57.0/24 maxlen: 24
119.152.58.0/24 maxlen: 24
119.152.59.0/24 maxlen: 24
119.152.60.0/24 maxlen: 24
119.152.61.0/24 maxlen: 24
119.152.62.0/24 maxlen: 24
119.152.63.0/24 maxlen: 24
119.152.96.0/20 maxlen: 20
119.152.96.0/24 maxlen: 24
119.152.97.0/24 maxlen: 24
119.152.98.0/24 maxlen: 24
119.152.99.0/24 maxlen: 24
119.152.100.0/24 maxlen: 24
119.152.101.0/24 maxlen: 24
119.152.102.0/24 maxlen: 24
119.152.103.0/24 maxlen: 24
119.152.104.0/24 maxlen: 24
119.152.105.0/24 maxlen: 24
119.152.106.0/24 maxlen: 24
119.152.107.0/24 maxlen: 24
119.152.108.0/24 maxlen: 24
119.152.109.0/24 maxlen: 24
119.152.110.0/24 maxlen: 24
119.152.111.0/24 maxlen: 24
119.152.124.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.crl
rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:45:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14241 (0x37a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A0832, serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Validity
Not Before: Mar 22 15:01:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a48568-4e37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fa:36:18:03:6e:e2:98:d4:fe:aa:0b:70:24:
3f:74:46:28:18:c8:89:a2:ec:f3:67:b8:c6:27:02:
b3:66:b5:11:92:f3:07:d2:8f:20:53:ee:8c:31:82:
07:f6:3d:75:fa:64:49:46:72:05:e0:fa:67:4f:fd:
e1:00:e9:77:6f:81:2c:a2:8e:fe:53:d5:9d:48:d3:
16:14:ce:04:a6:34:47:2d:39:fc:15:f1:8b:52:d0:
6b:f3:4f:78:d7:75:a6:37:00:f8:9e:03:8a:65:92:
7b:e1:80:99:70:b2:50:9b:cc:f4:e9:68:ba:2c:72:
71:e4:fa:b2:57:8d:b3:50:71:69:2a:70:ac:a3:35:
df:5f:88:8e:ae:ec:a5:16:db:cf:5b:25:10:69:2f:
d2:75:a7:c0:d3:55:99:8e:91:19:9b:b8:0b:73:02:
d7:1a:3c:db:49:1c:f1:07:dd:b0:69:47:19:3c:a8:
50:36:53:6e:fd:65:7f:09:2f:f8:13:3a:d6:af:4a:
b8:2b:62:ad:13:39:73:c9:25:87:a3:f6:6a:3b:7b:
a4:ae:62:6c:ee:41:70:1c:23:ab:10:fd:5e:76:11:
5f:9e:1c:4c:45:ed:a8:07:2e:10:40:02:80:59:c4:
16:58:3d:8c:d9:f6:b8:89:19:85:87:be:2a:70:9b:
f9:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:79:22:41:2C:31:F9:CE:2B:86:11:70:35:CD:2C:6A:07:F1:85:18
X509v3 Authority Key Identifier:
keyid:9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/9B4B6C82904911EABE5F0C63C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
58.181.98.0/24
59.103.30.0/23
59.103.74.0/24
59.103.152.0/23
59.103.176.0/24
59.103.178.0/23
116.71.2.0/23
119.152.48.0/20
119.152.96.0/20
119.152.124.0/23
Signature Algorithm: sha256WithRSAEncryption
54:ca:f9:de:f1:7f:80:50:3d:bf:7e:2c:74:13:53:43:e4:92:
62:bc:26:23:e9:a2:8b:92:fa:dd:1d:4f:08:a8:91:59:52:90:
4e:b2:c9:07:a8:ad:6a:3d:45:ff:b1:73:c0:83:06:c5:06:e5:
ef:00:5c:50:88:56:05:b4:d7:81:ae:66:53:cd:fa:5e:67:06:
b1:9c:66:08:ed:84:3f:3e:c0:b1:c4:db:d1:04:ca:51:ae:21:
77:91:15:22:69:98:62:8b:fc:0f:10:32:6e:c9:84:09:e8:cd:
a4:24:d5:8f:9b:28:9f:ec:27:6d:37:8e:0c:cf:93:76:52:da:
32:05:ca:ea:8b:8b:d2:a5:94:65:f6:d4:31:3c:a2:db:bf:a5:
34:7d:07:69:82:5a:37:c4:05:a4:ed:77:67:76:0e:43:31:59:
bf:39:ed:8d:3e:ef:28:c9:b3:25:11:1b:87:88:d9:30:e9:d7:
57:f2:8a:7b:bc:dc:5c:c4:99:71:df:c5:bf:82:aa:76:a0:60:
8a:2b:7b:93:b4:a1:4e:2a:4f:ed:8c:dd:43:bc:31:83:4a:ef:
7a:f6:bd:62:c4:33:71:48:e4:c9:f2:6f:dd:85:64:93:dd:d2:
55:6e:13:30:af:32:7a:b6:0a:65:a5:c8:b5:0d:fa:32:2e:30:
45:de:90:0b
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICN6EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTA4MzIxMTAvBgNVBAUTKDlFRDkwNTUxMDdDNzBGODVCQjkxQThEQTAyNzBCNUNB
NzYwQUVCNTQwHhcNMjUwMzIyMTUwMTIxWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODU2OC00ZTM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArvo2GANu4pjU/qoLcCQ/dEYoGMiJouzzZ7jGJwKzZrURkvMH0o8gU+6MMYIH
9j11+mRJRnIF4PpnT/3hAOl3b4Esoo7+U9WdSNMWFM4EpjRHLTn8FfGLUtBr8094
13WmNwD4ngOKZZJ74YCZcLJQm8z06Wi6LHJx5PqyV42zUHFpKnCsozXfX4iOruyl
FtvPWyUQaS/SdafA01WZjpEZm7gLcwLXGjzbSRzxB92waUcZPKhQNlNu/WV/CS/4
EzrWr0q4K2KtEzlzySWHo/ZqO3ukrmJs7kFwHCOrEP1edhFfnhxMRe2oBy4QQAKA
WcQWWD2M2fa4iRmFh74qcJv5VQIDAQABo4ICljCCApIwHQYDVR0OBBYEFD95IkEs
MfnOK4YRcDXNLGoH8YUYMB8GA1UdIwQYMBaAFJ7ZBVEHxw+Fu5Go2gJwtcp2CutU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDgzMi85REFGNzgwRTFE
OTQxMUUyOTkwMUYzRjgwOEIwMkNEMi9udGtGVVFmSEQ0VzdrYWphQW5DMXluWUs2
MVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL250a0ZVUWZIRDRXN2thamFBbkMxeW5ZSzYxUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTA4MzIvOURBRjc4MEUxRDk0MTFFMjk5MDFGM0Y4MDhCMDJDRDIvOUI0QjZDODI5
MDQ5MTFFQUJFNUYwQzYzQzRGOUFFMDIucm9hMFUGCCsGAQUFBwEHAQH/BEYwRDBC
BAIAATA8AwQAOrViAwQBO2ceAwQAO2dKAwQBO2eYAwQAO2ewAwQBO2eyAwQBdEcC
AwQEd5gwAwQEd5hgAwQBd5h8MA0GCSqGSIb3DQEBCwUAA4IBAQBUyvne8X+AUD2/
fix0E1ND5JJivCYj6aKLkvrdHU8IqJFZUpBOsskHqK1qPUX/sXPAgwbFBuXvAFxQ
iFYFtNeBrmZTzfpeZwaxnGYI7YQ/PsCxxNvRBMpRriF3kRUiaZhii/wPEDJuyYQJ
6M2kJNWPmyif7CdtN44Mz5N2UtoyBcrqi4vSpZRl9tQxPKLbv6U0fQdpglo3xAWk
7Xdndg5DMVm/Oe2NPu8oybMlERuHiNkw6ddX8op7vNxcxJlx38W/gqp2oGCKK3uT
tKFOKk/tjN1DvDGDSu969r1ixDNxSOTJ8m/dhWST3dJVbhMwrzJ6tgplpci1Dfoy
LjBF3pAL
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:41:33 2026 by rpki-client