Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/9B4B6C82904911EABE5F0C63C4F9AE02.roa
File: 9B4B6C82904911EABE5F0C63C4F9AE02.roa (raw, json)
Hash identifier: MLGHYtNGkC756TmJuWFDWX+q6uSK7D/1Efdl7Recbww=
Subject key identifier: BC:E9:BD:37:85:96:F0:B4:50:87:8B:EB:99:7F:68:41:27:56:E8:21
Certificate issuer: /CN=A91A0832/serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Certificate serial: 37E5
Authority key identifier: 9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/9B4B6C82904911EABE5F0C63C4F9AE02.roa
Signing time: Thu 16 Apr 2026 15:15:01 +0000
ROA not before: Thu 16 Apr 2026 15:15:01 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58895
IP address blocks: 58.181.98.0/24 maxlen: 24
59.103.30.0/23 maxlen: 24
59.103.74.0/24 maxlen: 24
59.103.152.0/23 maxlen: 24
59.103.176.0/24 maxlen: 24
59.103.178.0/23 maxlen: 23
116.71.2.0/23 maxlen: 24
119.152.48.0/22 maxlen: 22
119.152.48.0/24 maxlen: 24
119.152.49.0/24 maxlen: 24
119.152.50.0/24 maxlen: 24
119.152.51.0/24 maxlen: 24
119.152.52.0/23 maxlen: 24
119.152.54.0/24 maxlen: 24
119.152.55.0/24 maxlen: 24
119.152.56.0/24 maxlen: 24
119.152.57.0/24 maxlen: 24
119.152.58.0/24 maxlen: 24
119.152.59.0/24 maxlen: 24
119.152.60.0/24 maxlen: 24
119.152.61.0/24 maxlen: 24
119.152.62.0/24 maxlen: 24
119.152.63.0/24 maxlen: 24
119.152.96.0/20 maxlen: 20
119.152.96.0/24 maxlen: 24
119.152.97.0/24 maxlen: 24
119.152.98.0/24 maxlen: 24
119.152.99.0/24 maxlen: 24
119.152.100.0/24 maxlen: 24
119.152.101.0/24 maxlen: 24
119.152.102.0/24 maxlen: 24
119.152.103.0/24 maxlen: 24
119.152.104.0/24 maxlen: 24
119.152.105.0/24 maxlen: 24
119.152.106.0/24 maxlen: 24
119.152.107.0/24 maxlen: 24
119.152.108.0/24 maxlen: 24
119.152.109.0/24 maxlen: 24
119.152.110.0/24 maxlen: 24
119.152.111.0/24 maxlen: 24
119.152.124.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.crl
rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Apr 2026 15:15:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14309 (0x37e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A0832, serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Validity
Not Before: Apr 16 15:15:01 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=69e0fcf5-1852
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:61:99:1b:f4:48:f9:5e:0b:31:45:d8:95:ed:
2e:4b:d7:53:11:d8:26:83:8a:60:e9:47:ae:69:8d:
dc:d3:d6:1f:a4:27:65:53:81:0b:95:5c:c1:68:91:
92:e3:34:57:91:b3:b0:04:bb:1d:2e:a3:55:81:b3:
c6:53:ca:7c:3a:55:f6:a4:7a:72:12:46:8c:41:fe:
fa:0c:5c:ac:41:bd:b7:77:ef:fa:53:5c:53:77:17:
d5:d7:db:bd:d8:18:0f:3b:e5:e1:d2:f8:70:bc:6b:
7a:20:3b:af:8c:76:bb:45:4b:ab:86:cd:7e:1d:ca:
fd:88:b0:dc:57:d0:75:e2:4f:eb:01:01:02:68:e6:
01:42:7a:6c:0c:d6:5c:4e:ce:4a:f8:d9:ec:39:af:
fe:5b:1a:aa:d6:bc:ac:9a:e5:63:7d:29:b8:4c:08:
4d:fc:f1:0f:79:11:ad:96:17:e5:6b:ff:54:27:d6:
c3:c9:a7:d3:2e:8d:a7:24:60:13:ad:cc:16:30:33:
40:97:d2:4f:70:cd:3a:b9:6a:f2:4c:dc:47:c7:65:
8e:94:59:c1:fc:d6:91:7b:8c:ad:21:10:0a:9f:e6:
b9:ac:d8:79:25:24:42:8a:d2:7b:bf:46:a6:6c:46:
cd:32:64:27:e0:ea:94:db:79:35:e6:45:ac:91:65:
c1:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:E9:BD:37:85:96:F0:B4:50:87:8B:EB:99:7F:68:41:27:56:E8:21
X509v3 Authority Key Identifier:
keyid:9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/9B4B6C82904911EABE5F0C63C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
58.181.98.0/24
59.103.30.0/23
59.103.74.0/24
59.103.152.0/23
59.103.176.0/24
59.103.178.0/23
116.71.2.0/23
119.152.48.0/20
119.152.96.0/20
119.152.124.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:72:b1:0e:fd:0c:4a:b9:ab:d0:c4:1e:4c:15:2b:8f:ee:19:
8b:b7:14:8c:ce:55:f6:07:81:dc:53:e2:4f:a3:0e:87:b5:a1:
73:d4:ef:50:10:09:9e:35:62:fe:45:29:e6:6d:42:9d:be:e4:
63:db:b2:8b:b3:71:0b:ea:35:61:53:5f:ba:ae:3d:5f:e4:c1:
b0:42:b8:12:8b:17:0a:56:24:5d:67:01:fb:80:30:e2:8a:e8:
4c:b6:6d:04:be:b2:63:be:ec:47:14:5c:a0:e9:2b:c7:bd:7d:
a3:0c:fa:09:8e:92:e0:3c:da:e8:1a:60:ee:b0:51:29:93:0f:
b2:6f:e4:64:6d:f3:b8:68:4a:b5:21:a7:c7:3d:12:a7:02:b3:
59:1b:68:eb:04:69:6e:93:20:12:d2:b7:50:6f:a2:ec:13:7d:
ea:44:5e:c5:4a:9e:8b:5c:b2:9a:50:e8:b3:11:a1:23:34:2c:
98:8a:89:2b:4d:ab:ed:71:58:bd:49:8b:ba:d3:5a:da:c4:71:
c2:11:7c:ec:21:b2:48:40:dd:44:f0:32:18:15:20:fc:0e:8b:
20:ba:08:b9:87:7f:47:14:19:e3:13:ac:1d:a9:82:f7:09:d8:
25:6b:39:01:59:74:9a:aa:56:f6:f6:d4:61:eb:e1:8c:31:b2:
b6:bb:a8:a9
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICN+UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTA4MzIxMTAvBgNVBAUTKDlFRDkwNTUxMDdDNzBGODVCQjkxQThEQTAyNzBCNUNB
NzYwQUVCNTQwHhcNMjYwNDE2MTUxNTAxWhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWUwZmNmNS0xODUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxWGZG/RI+V4LMUXYle0uS9dTEdgmg4pg6UeuaY3c09YfpCdlU4ELlVzBaJGS
4zRXkbOwBLsdLqNVgbPGU8p8OlX2pHpyEkaMQf76DFysQb23d+/6U1xTdxfV19u9
2BgPO+Xh0vhwvGt6IDuvjHa7RUurhs1+Hcr9iLDcV9B14k/rAQECaOYBQnpsDNZc
Ts5K+NnsOa/+Wxqq1rysmuVjfSm4TAhN/PEPeRGtlhfla/9UJ9bDyafTLo2nJGAT
rcwWMDNAl9JPcM06uWryTNxHx2WOlFnB/NaRe4ytIRAKn+a5rNh5JSRCitJ7v0am
bEbNMmQn4OqU23k15kWskWXBfQIDAQABo4ICljCCApIwHQYDVR0OBBYEFLzpvTeF
lvC0UIeL65l/aEEnVughMB8GA1UdIwQYMBaAFJ7ZBVEHxw+Fu5Go2gJwtcp2CutU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDgzMi85REFGNzgwRTFE
OTQxMUUyOTkwMUYzRjgwOEIwMkNEMi9udGtGVVFmSEQ0VzdrYWphQW5DMXluWUs2
MVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL250a0ZVUWZIRDRXN2thamFBbkMxeW5ZSzYxUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTA4MzIvOURBRjc4MEUxRDk0MTFFMjk5MDFGM0Y4MDhCMDJDRDIvOUI0QjZDODI5
MDQ5MTFFQUJFNUYwQzYzQzRGOUFFMDIucm9hMFUGCCsGAQUFBwEHAQH/BEYwRDBC
BAIAATA8AwQAOrViAwQBO2ceAwQAO2dKAwQBO2eYAwQAO2ewAwQBO2eyAwQBdEcC
AwQEd5gwAwQEd5hgAwQBd5h8MA0GCSqGSIb3DQEBCwUAA4IBAQAOcrEO/QxKuavQ
xB5MFSuP7hmLtxSMzlX2B4HcU+JPow6HtaFz1O9QEAmeNWL+RSnmbUKdvuRj27KL
s3EL6jVhU1+6rj1f5MGwQrgSixcKViRdZwH7gDDiiuhMtm0EvrJjvuxHFFyg6SvH
vX2jDPoJjpLgPNroGmDusFEpkw+yb+RkbfO4aEq1IafHPRKnArNZG2jrBGlukyAS
0rdQb6LsE33qRF7FSp6LXLKaUOizEaEjNCyYiokrTavtcVi9SYu601raxHHCEXzs
IbJIQN1E8DIYFSD8Dosgugi5h39HFBnjE6wdqYL3CdglazkBWXSaqlb29tRh6+GM
MbK2u6ip
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:48:48 2026 by rpki-client