Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/8092DB4C718011EF8BEC2931C4F9AE02.roa
File: 8092DB4C718011EF8BEC2931C4F9AE02.roa (raw, json)
Hash identifier: 6whooVWgQm3N4gW6OiwdgeJVIQQNKjG8DkVKiKamqJk=
Subject key identifier: E1:E9:B4:35:EF:C3:82:52:FD:E5:08:CB:79:FC:0D:56:0B:97:61:DC
Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Certificate serial: 07F7
Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/8092DB4C718011EF8BEC2931C4F9AE02.roa
Signing time: Sun 01 Mar 2026 21:14:31 +0000
ROA not before: Thu 28 Aug 2025 14:50:54 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 140822
IP address blocks: 160.30.254.0/23 maxlen: 23
160.187.88.0/23 maxlen: 23
160.187.90.0/23 maxlen: 23
160.187.242.0/23 maxlen: 23
160.187.244.0/23 maxlen: 23
160.191.36.0/23 maxlen: 23
160.191.90.0/23 maxlen: 23
160.191.92.0/23 maxlen: 23
160.191.94.0/23 maxlen: 23
160.191.96.0/23 maxlen: 23
160.191.98.0/23 maxlen: 23
160.191.216.0/23 maxlen: 23
160.191.218.0/23 maxlen: 23
160.191.222.0/23 maxlen: 23
160.191.252.0/23 maxlen: 23
160.191.254.0/23 maxlen: 23
160.250.0.0/23 maxlen: 23
160.250.2.0/23 maxlen: 23
160.250.30.0/23 maxlen: 23
160.250.32.0/23 maxlen: 23
161.248.34.0/23 maxlen: 23
161.248.72.0/23 maxlen: 23
161.248.76.0/23 maxlen: 23
161.248.182.0/23 maxlen: 23
161.248.236.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 22:28:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2039 (0x7f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Validity
Not Before: Aug 28 14:50:54 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=69a4ac37-88c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c2:43:c8:d9:35:c4:c3:ed:69:e3:5d:cf:0d:
a9:b3:fa:1c:47:d9:c4:2c:a1:51:83:a5:c9:74:ff:
1a:23:52:d4:19:8d:9f:3a:3f:a7:d4:33:33:b3:b1:
06:fa:6b:eb:9f:43:8c:02:29:dd:e9:e7:7a:3f:f6:
09:c4:b0:6d:0d:1f:76:c6:bb:c3:14:1f:b9:cc:14:
9c:bc:0f:5a:ec:28:96:be:eb:c6:b7:3a:78:e2:cf:
28:ea:9e:6a:9a:fc:40:d5:f8:31:49:12:6f:53:99:
94:f6:70:48:d8:cd:54:46:54:0a:43:cb:53:20:15:
06:38:21:00:89:a4:e7:57:86:15:25:3c:03:57:72:
92:f8:62:bf:c6:5f:38:5f:82:8d:c3:e0:aa:fb:b5:
2e:c8:15:f9:58:8a:cd:ee:e3:52:13:21:5e:b4:5e:
f0:f9:fd:dd:b8:72:c0:e3:dc:f9:88:97:1f:50:3e:
d0:a5:52:4f:f5:0e:37:27:05:07:a2:a9:d9:44:bb:
aa:5c:cf:90:0f:ce:98:aa:e3:5a:79:ec:e3:77:de:
2a:01:dd:4a:b0:82:1a:1a:54:60:b3:c1:b7:5f:30:
98:76:97:62:df:34:9b:22:b6:f6:7e:28:17:f6:11:
76:b0:ad:e8:bd:c7:38:4f:3f:10:8a:0c:18:86:3b:
c9:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:E9:B4:35:EF:C3:82:52:FD:E5:08:CB:79:FC:0D:56:0B:97:61:DC
X509v3 Authority Key Identifier:
keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/8092DB4C718011EF8BEC2931C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
160.30.254.0/23
160.187.88.0/22
160.187.242.0-160.187.245.255
160.191.36.0/23
160.191.90.0-160.191.99.255
160.191.216.0/22
160.191.222.0/23
160.191.252.0/22
160.250.0.0/22
160.250.30.0-160.250.33.255
161.248.34.0/23
161.248.72.0/23
161.248.76.0/23
161.248.182.0/23
161.248.236.0/23
Signature Algorithm: sha256WithRSAEncryption
a5:54:bc:28:0f:0c:27:19:16:58:c9:28:8d:01:6b:9a:c1:4b:
7c:5a:41:c1:5f:ae:cd:df:fc:f4:63:5b:45:72:58:14:1d:42:
68:86:f4:aa:c5:9d:cb:91:b8:0e:4c:f3:8a:0d:68:69:6d:6c:
a5:70:82:8b:e1:48:00:72:df:ec:00:b2:bf:ec:a9:bf:96:6a:
8b:1c:6e:5c:4e:1d:ff:76:d7:bb:4a:62:0c:d5:01:94:5d:84:
9d:d3:2e:96:8c:87:c2:ab:31:d5:6b:ee:67:25:b3:30:53:4a:
fd:f8:9b:59:36:40:1a:e0:32:2a:3a:5e:2a:19:d6:92:93:ff:
5e:32:9e:0d:9b:07:53:e8:ce:9d:ca:90:3b:bf:00:4f:b6:0b:
d6:e7:9a:97:a2:0a:6d:0a:4e:da:99:d2:6c:4d:65:ff:e8:b6:
a6:23:b1:6d:92:cb:9e:f4:28:10:96:1e:7f:3b:7b:14:1a:be:
a1:9b:40:89:3f:8d:26:20:18:6c:e4:98:52:28:0d:fc:bc:53:
10:50:1b:00:be:c7:47:01:ee:e9:ad:81:f6:5c:40:97:fc:14:
58:af:a8:2d:ad:89:95:26:ae:4d:0a:e6:93:6b:5a:a3:ff:fc:
42:67:86:90:62:92:1c:de:4a:dc:9d:70:ad:23:15:72:90:19:
53:8a:70:26
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgICB/cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy
ODRGODBFMTIwHhcNMjUwODI4MTQ1MDU0WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0YWMzNy04OGM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtcJDyNk1xMPtaeNdzw2ps/ocR9nELKFRg6XJdP8aI1LUGY2fOj+n1DMzs7EG
+mvrn0OMAind6ed6P/YJxLBtDR92xrvDFB+5zBScvA9a7CiWvuvGtzp44s8o6p5q
mvxA1fgxSRJvU5mU9nBI2M1URlQKQ8tTIBUGOCEAiaTnV4YVJTwDV3KS+GK/xl84
X4KNw+Cq+7UuyBX5WIrN7uNSEyFetF7w+f3duHLA49z5iJcfUD7QpVJP9Q43JwUH
oqnZRLuqXM+QD86YquNaeezjd94qAd1KsIIaGlRgs8G3XzCYdpdi3zSbIrb2figX
9hF2sK3ovcc4Tz8QigwYhjvJeQIDAQABo4ICzTCCAskwHQYDVR0OBBYEFOHptDXv
w4JS/eUIy3n8DVYLl2HcMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5
REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE
aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvODA5MkRCNEM3
MTgwMTFFRjhCRUMyOTMxQzRGOUFFMDIucm9hMIGLBggrBgEFBQcBBwEB/wR8MHow
eAQCAAEwcgMEAaAe/gMEAqC7WDAMAwQBoLvyAwQBoLv0AwQBoL8kMAwDBAGgv1oD
BAKgv2ADBAKgv9gDBAGgv94DBAKgv/wDBAKg+gAwDAMEAaD6HgMEAaD6IAMEAaH4
IgMEAaH4SAMEAaH4TAMEAaH4tgMEAaH47DANBgkqhkiG9w0BAQsFAAOCAQEApVS8
KA8MJxkWWMkojQFrmsFLfFpBwV+uzd/89GNbRXJYFB1CaIb0qsWdy5G4Dkzzig1o
aW1spXCCi+FIAHLf7ACyv+ypv5ZqixxuXE4d/3bXu0piDNUBlF2EndMuloyHwqsx
1WvuZyWzMFNK/fibWTZAGuAyKjpeKhnWkpP/XjKeDZsHU+jOncqQO78AT7YL1uea
l6IKbQpO2pnSbE1l/+i2piOxbZLLnvQoEJYefzt7FBq+oZtAiT+NJiAYbOSYUigN
/LxTEFAbAL7HRwHu6a2B9lxAl/wUWK+oLa2JlSauTQrmk2tao//8QmeGkGKSHN5K
3J1wrSMVcpAZU4pwJg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:18:35 2026 by rpki-client