Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/1A8C65506B6E11F0AEECA858C4F9AE02.roa
File: 1A8C65506B6E11F0AEECA858C4F9AE02.roa (raw, json)
Hash identifier: NpbVQQRWWoFXTrGdsKM32fOCA5zAVZsblj+8rYIeUc4=
Subject key identifier: 32:0B:91:FF:31:9B:AB:E0:63:AD:99:09:49:CB:F1:1D:69:9E:6A:83
Certificate issuer: /CN=A91A546E/serialNumber=6C5A589F924CE9BED1FD89F5AFF630C927574420
Certificate serial: 09C2
Authority key identifier: 6C:5A:58:9F:92:4C:E9:BE:D1:FD:89:F5:AF:F6:30:C9:27:57:44:20
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/1A8C65506B6E11F0AEECA858C4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:41:09 +0000
ROA not before: Sat 20 Dec 2025 20:17:08 +0000
ROA not after: Tue 02 Mar 2027 00:00:00 +0000
asID: 45577
IP address blocks: 101.234.132.0/23 maxlen: 24
101.234.134.0/24 maxlen: 24
101.234.135.0/24 maxlen: 24
101.234.136.0/24 maxlen: 24
101.234.140.0/23 maxlen: 24
101.234.144.0/23 maxlen: 24
101.234.146.0/23 maxlen: 24
101.234.148.0/24 maxlen: 24
101.234.149.0/24 maxlen: 24
101.234.150.0/24 maxlen: 24
101.234.151.0/24 maxlen: 24
101.234.152.0/24 maxlen: 24
101.234.153.0/24 maxlen: 24
101.234.154.0/24 maxlen: 24
101.234.155.0/24 maxlen: 24
101.234.156.0/23 maxlen: 24
101.234.158.0/24 maxlen: 24
101.234.159.0/24 maxlen: 24
101.234.160.0/24 maxlen: 24
101.234.170.0/24 maxlen: 24
101.234.171.0/24 maxlen: 24
111.125.160.0/24 maxlen: 24
111.125.161.0/24 maxlen: 24
111.125.162.0/23 maxlen: 24
111.125.164.0/23 maxlen: 24
111.125.168.0/23 maxlen: 24
111.125.170.0/23 maxlen: 24
111.125.172.0/23 maxlen: 24
111.125.174.0/23 maxlen: 24
114.111.128.0/24 maxlen: 24
114.111.129.0/24 maxlen: 24
114.111.130.0/23 maxlen: 24
114.111.132.0/24 maxlen: 24
114.111.133.0/24 maxlen: 24
114.111.134.0/23 maxlen: 23
114.111.135.0/24 maxlen: 24
114.111.136.0/23 maxlen: 24
114.111.138.0/23 maxlen: 24
114.111.140.0/24 maxlen: 24
114.111.141.0/24 maxlen: 24
114.111.142.0/24 maxlen: 24
114.111.143.0/24 maxlen: 24
114.111.144.0/23 maxlen: 24
114.111.146.0/23 maxlen: 24
114.111.148.0/23 maxlen: 24
114.111.150.0/23 maxlen: 24
114.111.156.0/23 maxlen: 24
114.111.158.0/23 maxlen: 24
122.100.0.0/24 maxlen: 24
122.100.1.0/24 maxlen: 24
122.100.2.0/24 maxlen: 24
122.100.3.0/24 maxlen: 24
122.100.4.0/24 maxlen: 24
122.100.6.0/24 maxlen: 24
122.100.7.0/24 maxlen: 24
122.100.8.0/24 maxlen: 24
122.100.9.0/24 maxlen: 24
122.100.10.0/23 maxlen: 24
122.100.14.0/24 maxlen: 24
122.100.15.0/24 maxlen: 24
2406:5800:800::/38 maxlen: 48
2406:5800:c00::/38 maxlen: 56
2406:5800:ff00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl
rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 03:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2498 (0x9c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A546E, serialNumber=6C5A589F924CE9BED1FD89F5AFF630C927574420
Validity
Not Before: Dec 20 20:17:08 2025 GMT
Not After : Mar 2 00:00:00 2027 GMT
Subject: CN=69a47a35-9c20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a0:35:3b:ef:37:3f:58:34:69:a6:96:5a:23:
1f:fc:07:6d:0e:0a:a6:88:2d:b8:20:01:b2:57:b7:
62:6a:02:30:9c:4a:64:34:cd:3c:d1:bb:03:94:2a:
c0:9a:9a:6f:c3:d4:8a:e0:99:81:a5:45:a4:e0:90:
0d:17:6c:8a:95:34:06:16:35:1c:87:61:55:5b:0a:
0d:ff:ef:08:88:86:cb:d3:35:41:0c:43:c4:e5:fa:
9d:ba:b0:cd:11:e6:b6:8a:a0:d9:f1:99:ab:fd:aa:
09:8d:cd:43:18:5a:a0:d8:b8:78:7c:e1:d5:43:5d:
df:92:99:b8:66:5f:d4:15:e5:fc:d5:ed:5d:a4:82:
52:8d:d6:9f:6f:46:6f:37:3b:d8:98:ef:3d:bb:f0:
b7:57:87:a2:90:33:7d:4c:1c:0e:ae:09:14:6f:cc:
22:0f:17:a1:7b:aa:07:c3:79:30:40:69:8c:1e:4c:
1b:86:47:47:a0:ff:7d:ce:6a:52:2a:e7:83:3b:45:
85:33:39:34:10:38:9c:fd:43:a0:38:fd:fe:2b:5b:
bf:9b:d1:8b:76:c5:3e:57:23:4f:08:40:99:cc:ba:
db:77:39:42:9a:9f:55:8c:07:99:6a:bc:26:26:bb:
8d:b5:e9:fd:2c:dd:bc:ae:99:f4:27:3e:d9:b8:01:
ee:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:0B:91:FF:31:9B:AB:E0:63:AD:99:09:49:CB:F1:1D:69:9E:6A:83
X509v3 Authority Key Identifier:
keyid:6C:5A:58:9F:92:4C:E9:BE:D1:FD:89:F5:AF:F6:30:C9:27:57:44:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/1A8C65506B6E11F0AEECA858C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
101.234.132.0-101.234.136.255
101.234.140.0/23
101.234.144.0-101.234.160.255
101.234.170.0/23
111.125.160.0-111.125.165.255
111.125.168.0/21
114.111.128.0-114.111.151.255
114.111.156.0/22
122.100.0.0-122.100.4.255
122.100.6.0-122.100.11.255
122.100.14.0/23
IPv6:
2406:5800:800::/37
2406:5800:ff00::/48
Signature Algorithm: sha256WithRSAEncryption
a9:cd:08:07:a3:cd:8f:65:95:44:9f:dd:e3:da:75:b9:e0:81:
5e:ef:64:66:08:39:d2:aa:eb:94:35:56:36:22:7c:e9:78:2e:
ea:00:f5:6a:50:a8:b9:2d:48:ff:60:95:44:e7:00:5e:27:ab:
c4:1c:bc:3f:2c:58:d8:53:4d:06:97:c2:9c:d2:3d:90:de:80:
e2:8e:19:8d:59:3a:48:b8:17:5e:e3:12:d2:f3:84:2e:17:71:
5b:41:d8:20:ea:b0:e6:03:47:8e:6a:61:a3:c6:c1:1a:4a:2f:
60:b4:bf:d5:6f:7c:eb:ce:d8:07:49:42:af:13:81:1b:bd:54:
22:6e:95:23:3a:6d:b1:cc:1e:82:d0:7f:d7:18:06:d5:af:46:
d4:78:5c:71:81:46:a6:91:f0:30:57:b4:e9:60:bb:0e:fc:47:
4e:d6:c7:ed:6c:60:28:54:c6:e1:e3:ad:45:f4:56:b1:a5:ee:
e7:98:bd:bc:d2:2f:e2:e2:ff:3d:4d:25:f1:86:b6:a3:12:9d:
05:c1:00:9c:b0:a6:81:2c:32:32:d1:28:62:38:21:98:cc:e8:
66:78:73:ee:50:6f:07:e5:53:b5:c3:2e:aa:d8:82:db:89:79:
79:44:94:83:5f:d1:d8:ac:0e:36:7b:ea:bd:81:ca:da:cc:cc:
fe:d6:f9:11
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgICCcIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU0NkUxMTAvBgNVBAUTKDZDNUE1ODlGOTI0Q0U5QkVEMUZEODlGNUFGRjYzMEM5
Mjc1NzQ0MjAwHhcNMjUxMjIwMjAxNzA4WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0N2EzNS05YzIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnKA1O+83P1g0aaaWWiMf/AdtDgqmiC24IAGyV7diagIwnEpkNM080bsDlCrA
mppvw9SK4JmBpUWk4JANF2yKlTQGFjUch2FVWwoN/+8IiIbL0zVBDEPE5fqdurDN
Eea2iqDZ8Zmr/aoJjc1DGFqg2Lh4fOHVQ13fkpm4Zl/UFeX81e1dpIJSjdafb0Zv
NzvYmO89u/C3V4eikDN9TBwOrgkUb8wiDxehe6oHw3kwQGmMHkwbhkdHoP99zmpS
KueDO0WFMzk0EDic/UOgOP3+K1u/m9GLdsU+VyNPCECZzLrbdzlCmp9VjAeZarwm
JruNten9LN28rpn0Jz7ZuAHutwIDAQABo4IC5zCCAuMwHQYDVR0OBBYEFDILkf8x
m6vgY62ZCUnL8R1pnmqDMB8GA1UdIwQYMBaAFGxaWJ+STOm+0f2J9a/2MMknV0Qg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTQ2RS8wQ0Q0MURBOEI3
NkExMUVBODE0RjUwODRDNEY5QUUwMi9iRnBZbjVKTTZiN1JfWW4xcl9Zd3lTZFhS
Q0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JGcFluNUpNNmI3Ul9ZbjFyX1l3eVNkWFJDQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU0NkUvMENENDFEQThCNzZBMTFFQTgxNEY1MDg0QzRGOUFFMDIvMUE4QzY1NTA2
QjZFMTFGMEFFRUNBODU4QzRGOUFFMDIucm9hMIGlBggrBgEFBQcBBwEB/wSBlTCB
kjB3BAIAATBxMAwDBAJl6oQDBABl6ogDBAFl6owwDAMEBGXqkAMEAGXqoAMEAWXq
qjAMAwQFb32gAwQBb32kAwQDb32oMAwDBAdyb4ADBANyb5ADBAJyb5wwCwMDAnpk
AwQAemQEMAwDBAF6ZAYDBAJ6ZAgDBAF6ZA4wFwQCAAIwEQMGAyQGWAAIAwcAJAZY
AP8AMA0GCSqGSIb3DQEBCwUAA4IBAQCpzQgHo82PZZVEn93j2nW54IFe72RmCDnS
quuUNVY2InzpeC7qAPVqUKi5LUj/YJVE5wBeJ6vEHLw/LFjYU00Gl8Kc0j2Q3oDi
jhmNWTpIuBde4xLS84QuF3FbQdgg6rDmA0eOamGjxsEaSi9gtL/Vb3zrztgHSUKv
E4EbvVQibpUjOm2xzB6C0H/XGAbVr0bUeFxxgUamkfAwV7TpYLsO/EdO1sftbGAo
VMbh461F9Faxpe7nmL280i/i4v89TSXxhrajEp0FwQCcsKaBLDIy0ShiOCGYzOhm
eHPuUG8H5VO1wy6q2ILbiXl5RJSDX9HYrA42e+q9gcrazMz+1vkR
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:19:08 2026 by rpki-client