Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/A508D320BBC711ED8DF23C40C4F9AE02.roa
File: A508D320BBC711ED8DF23C40C4F9AE02.roa (raw, json)
Hash identifier: t7oft9pLBcbweWPUnaZyfP7jZjv3Z4kESpoBgW1k1TM=
Subject key identifier: F3:0E:B0:B5:95:7A:6A:26:B8:AA:E6:36:A6:13:5B:AA:E0:83:DC:37
Certificate issuer: /CN=A91A57F8/serialNumber=9F64FE50992537FB0B40E52F9CFAC310CA271918
Certificate serial: 027B
Authority key identifier: 9F:64:FE:50:99:25:37:FB:0B:40:E5:2F:9C:FA:C3:10:CA:27:19:18
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n2T-UJklN_sLQOUvnPrDEMonGRg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/A508D320BBC711ED8DF23C40C4F9AE02.roa
Signing time: Sun 01 Mar 2026 15:06:41 +0000
ROA not before: Mon 27 Oct 2025 01:58:11 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 136000
IP address blocks: 103.114.190.0/23 maxlen: 23
103.117.166.0/23 maxlen: 23
103.117.228.0/22 maxlen: 22
103.134.20.0/22 maxlen: 22
103.196.240.0/22 maxlen: 22
103.209.12.0/22 maxlen: 22
118.91.179.0/24 maxlen: 24
118.91.188.0/24 maxlen: 24
124.198.224.0/20 maxlen: 20
202.14.177.0/24 maxlen: 24
202.62.240.0/22 maxlen: 22
202.73.30.0/23 maxlen: 23
203.14.201.0/24 maxlen: 24
203.18.242.0/23 maxlen: 23
203.22.206.0/24 maxlen: 24
203.23.53.0/24 maxlen: 24
203.24.148.0/23 maxlen: 23
203.28.160.0/24 maxlen: 24
203.29.91.0/24 maxlen: 24
203.32.98.0/23 maxlen: 23
203.33.103.0/24 maxlen: 24
203.55.150.0/24 maxlen: 24
203.56.119.0/24 maxlen: 24
203.57.252.0/24 maxlen: 24
203.98.90.0/24 maxlen: 24
203.168.216.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/n2T-UJklN_sLQOUvnPrDEMonGRg.crl
rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/n2T-UJklN_sLQOUvnPrDEMonGRg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n2T-UJklN_sLQOUvnPrDEMonGRg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:36:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 635 (0x27b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A57F8, serialNumber=9F64FE50992537FB0B40E52F9CFAC310CA271918
Validity
Not Before: Oct 27 01:58:11 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=69a45600-05a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fa:93:ab:cc:dc:a8:33:b0:a3:66:cd:30:5d:
a8:08:0f:75:be:bd:2c:21:69:09:4f:d6:ab:f5:b2:
bf:cf:27:9c:ad:ef:47:4a:61:64:7a:78:e5:e4:44:
b3:5c:48:1c:68:d1:ef:3f:93:03:39:0b:1a:34:33:
83:06:53:1f:8e:58:48:6e:24:46:67:d0:60:e5:cc:
25:d0:69:c6:04:c8:99:82:4c:7e:b7:b4:ca:2b:b9:
bc:88:33:91:03:2f:31:b1:53:6e:41:1c:aa:d6:9e:
aa:e0:8e:01:09:78:bc:dd:5c:23:52:e6:19:33:08:
aa:19:4c:8c:1f:b9:0d:23:3e:32:2e:ed:9e:24:b6:
53:e6:98:7a:d2:2a:35:53:55:87:f3:d5:8e:4e:bc:
49:a8:50:e6:ea:2a:ab:1c:10:ea:e4:40:db:2b:66:
b2:22:0c:4f:b6:28:5c:cb:07:55:51:c7:2f:9a:a0:
a1:13:2c:ef:47:b5:bf:77:13:48:9a:ca:44:1d:94:
8f:3f:76:41:c0:04:c1:c0:22:9c:a6:4a:75:30:a0:
2f:0d:49:5d:5c:d6:22:fb:b0:10:60:e5:04:22:2b:
83:3e:da:b3:8b:e8:54:8d:46:6f:0f:55:d1:2d:c0:
28:74:2d:76:4e:8b:92:86:de:0c:29:ae:5f:7b:cf:
ec:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:0E:B0:B5:95:7A:6A:26:B8:AA:E6:36:A6:13:5B:AA:E0:83:DC:37
X509v3 Authority Key Identifier:
keyid:9F:64:FE:50:99:25:37:FB:0B:40:E5:2F:9C:FA:C3:10:CA:27:19:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/n2T-UJklN_sLQOUvnPrDEMonGRg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n2T-UJklN_sLQOUvnPrDEMonGRg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/A508D320BBC711ED8DF23C40C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.114.190.0/23
103.117.166.0/23
103.117.228.0/22
103.134.20.0/22
103.196.240.0/22
103.209.12.0/22
118.91.179.0/24
118.91.188.0/24
124.198.224.0/20
202.14.177.0/24
202.62.240.0/22
202.73.30.0/23
203.14.201.0/24
203.18.242.0/23
203.22.206.0/24
203.23.53.0/24
203.24.148.0/23
203.28.160.0/24
203.29.91.0/24
203.32.98.0/23
203.33.103.0/24
203.55.150.0/24
203.56.119.0/24
203.57.252.0/24
203.98.90.0/24
203.168.216.0/22
Signature Algorithm: sha256WithRSAEncryption
51:7b:69:5c:b5:72:4b:5a:61:a1:90:0a:d5:2b:d4:f4:f7:a6:
c2:21:4a:80:e5:56:4a:cf:f3:0b:4f:98:db:4d:70:7d:62:fb:
0d:37:c2:96:1a:1b:65:87:91:1f:b9:2f:1c:ef:36:a9:40:fe:
78:ee:8d:dc:b1:02:97:00:35:b0:94:ff:ab:86:6c:de:78:55:
d2:53:5e:70:4c:f6:79:da:12:11:5f:ee:34:c7:a4:38:23:61:
30:56:62:cb:82:f1:ed:15:f7:cd:10:e6:32:c8:81:23:d2:87:
5d:ca:d9:7e:e1:11:1c:e7:b1:07:7b:b2:a8:e1:06:38:16:f5:
c3:e5:6f:84:71:c0:e0:6d:00:7b:32:26:4a:14:3c:a5:a9:84:
85:b8:5b:66:9d:19:dc:db:78:ec:d3:5d:5f:b3:89:3c:5c:9b:
b7:85:e5:18:a6:5b:36:65:2f:dc:7f:97:77:17:ca:7f:01:6d:
ed:69:5f:01:61:50:48:8e:47:22:91:01:e4:1e:c6:0c:8d:28:
ed:57:ca:2e:0c:43:ef:9b:36:20:5b:09:eb:b1:ba:d7:41:ff:
5d:cc:fa:aa:eb:5f:33:48:a4:48:5f:70:2c:a3:e2:22:2a:5b:
89:d6:8f:ac:82:16:29:7a:07:3f:27:e0:ac:18:85:c8:72:c8:
c6:c3:2e:0b
-----BEGIN CERTIFICATE-----
MIIF1zCCBL+gAwIBAgICAnswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU3RjgxMTAvBgNVBAUTKDlGNjRGRTUwOTkyNTM3RkIwQjQwRTUyRjlDRkFDMzEw
Q0EyNzE5MTgwHhcNMjUxMDI3MDE1ODExWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NTYwMC0wNWE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuPqTq8zcqDOwo2bNMF2oCA91vr0sIWkJT9ar9bK/zyecre9HSmFkenjl5ESz
XEgcaNHvP5MDOQsaNDODBlMfjlhIbiRGZ9Bg5cwl0GnGBMiZgkx+t7TKK7m8iDOR
Ay8xsVNuQRyq1p6q4I4BCXi83VwjUuYZMwiqGUyMH7kNIz4yLu2eJLZT5ph60io1
U1WH89WOTrxJqFDm6iqrHBDq5EDbK2ayIgxPtihcywdVUccvmqChEyzvR7W/dxNI
mspEHZSPP3ZBwATBwCKcpkp1MKAvDUldXNYi+7AQYOUEIiuDPtqzi+hUjUZvD1XR
LcAodC12TouSht4MKa5fe8/slwIDAQABo4IC+zCCAvcwHQYDVR0OBBYEFPMOsLWV
emomuKrmNqYTW6rgg9w3MB8GA1UdIwQYMBaAFJ9k/lCZJTf7C0DlL5z6wxDKJxkY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTdGOC8zNDUwOTQwMEI5
NzUxMUVEODA0MERFMjJDNEY5QUUwMi9uMlQtVUprbE5fc0xRT1V2blByREVNb25H
UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL24yVC1VSmtsTl9zTFFPVXZuUHJERU1vbkdSZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU3RjgvMzQ1MDk0MDBCOTc1MTFFRDgwNDBERTIyQzRGOUFFMDIvQTUwOEQzMjBC
QkM3MTFFRDhERjIzQzQwQzRGOUFFMDIucm9hMIG5BggrBgEFBQcBBwEB/wSBqTCB
pjCBowQCAAEwgZwDBAFncr4DBAFndaYDBAJndeQDBAJnhhQDBAJnxPADBAJn0QwD
BAB2W7MDBAB2W7wDBAR8xuADBADKDrEDBALKPvADBAHKSR4DBADLDskDBAHLEvID
BADLFs4DBADLFzUDBAHLGJQDBADLHKADBADLHVsDBAHLIGIDBADLIWcDBADLN5YD
BADLOHcDBADLOfwDBADLYloDBALLqNgwDQYJKoZIhvcNAQELBQADggEBAFF7aVy1
cktaYaGQCtUr1PT3psIhSoDlVkrP8wtPmNtNcH1i+w03wpYaG2WHkR+5LxzvNqlA
/njujdyxApcANbCU/6uGbN54VdJTXnBM9nnaEhFf7jTHpDgjYTBWYsuC8e0V980Q
5jLIgSPSh13K2X7hERznsQd7sqjhBjgW9cPlb4RxwOBtAHsyJkoUPKWphIW4W2ad
GdzbeOzTXV+ziTxcm7eF5RimWzZlL9x/l3cXyn8Bbe1pXwFhUEiORyKRAeQexgyN
KO1Xyi4MQ++bNiBbCeuxutdB/13M+qrrXzNIpEhfcCyj4iIqW4nWj6yCFil6Bz8n
4KwYhchyyMbDLgs=
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:38:43 2026 by rpki-client