Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B2C43/DC2F546839E411EA96173374C4F9AE02/6AC5AB5CEAB811F088FEC0005D6F56BC.roa
File: 6AC5AB5CEAB811F088FEC0005D6F56BC.roa (raw, json)
Hash identifier: GCpn4gmc0QpPSz7cXybRJq63rDVbixPSMbZl0hH07Xg=
Subject key identifier: 96:68:F5:A5:AE:00:E6:8E:EE:AF:C9:95:DB:56:81:F9:51:FE:DB:F9
Certificate issuer: /CN=A91B2C43/serialNumber=CA0CE2CBA99CDE0D9027FCE4864F26C913D419E3
Certificate serial: 0BFE
Authority key identifier: CA:0C:E2:CB:A9:9C:DE:0D:90:27:FC:E4:86:4F:26:C9:13:D4:19:E3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ygziy6mc3g2QJ_zkhk8myRPUGeM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B2C43/DC2F546839E411EA96173374C4F9AE02/6AC5AB5CEAB811F088FEC0005D6F56BC.roa
Signing time: Sun 01 Mar 2026 17:22:14 +0000
ROA not before: Sat 28 Feb 2026 19:16:22 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 55501
IP address blocks: 103.225.220.0/22 maxlen: 22
103.225.220.0/24 maxlen: 24
103.225.221.0/24 maxlen: 24
103.225.222.0/24 maxlen: 24
103.225.223.0/24 maxlen: 24
202.166.160.0/23 maxlen: 23
202.166.160.0/24 maxlen: 24
202.166.161.0/24 maxlen: 24
202.166.162.0/23 maxlen: 23
202.166.162.0/24 maxlen: 24
202.166.163.0/24 maxlen: 24
202.166.164.0/23 maxlen: 24
202.166.166.0/23 maxlen: 23
202.166.166.0/24 maxlen: 24
202.166.167.0/24 maxlen: 24
202.166.168.0/22 maxlen: 22
202.166.168.0/24 maxlen: 24
202.166.169.0/24 maxlen: 24
202.166.170.0/23 maxlen: 23
202.166.170.0/24 maxlen: 24
202.166.171.0/24 maxlen: 24
202.166.172.0/23 maxlen: 24
202.166.174.0/23 maxlen: 23
202.166.174.0/24 maxlen: 24
202.166.175.0/24 maxlen: 24
2401:ea00::/48 maxlen: 48
2401:ea00:1::/48 maxlen: 48
2401:ea00:2::/48 maxlen: 48
2401:ea00:3::/48 maxlen: 48
2401:ea00:4::/48 maxlen: 48
2401:ea00:5::/48 maxlen: 48
2401:ea00:6::/48 maxlen: 48
2401:ea00:7::/48 maxlen: 48
2401:ea00:8::/48 maxlen: 48
2401:ea00:9::/48 maxlen: 48
2401:ea00:a::/48 maxlen: 48
2401:ea00:b::/48 maxlen: 48
2401:ea00:c::/48 maxlen: 48
2401:ea00:d::/48 maxlen: 48
2401:ea00:e::/48 maxlen: 48
2401:ea00:f::/48 maxlen: 48
2401:ea00:10::/48 maxlen: 48
2401:ea00:11::/48 maxlen: 48
2401:ea00:12::/48 maxlen: 48
2401:ea00:13::/48 maxlen: 48
2401:ea00:20::/48 maxlen: 48
2401:ea00:25::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B2C43/DC2F546839E411EA96173374C4F9AE02/ygziy6mc3g2QJ_zkhk8myRPUGeM.crl
rsync://rpki.apnic.net/member_repository/A91B2C43/DC2F546839E411EA96173374C4F9AE02/ygziy6mc3g2QJ_zkhk8myRPUGeM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ygziy6mc3g2QJ_zkhk8myRPUGeM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 08 Mar 2026 22:25:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3070 (0xbfe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B2C43, serialNumber=CA0CE2CBA99CDE0D9027FCE4864F26C913D419E3
Validity
Not Before: Feb 28 19:16:22 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=69a475c6-687f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4d:6a:15:25:63:f4:e7:27:be:23:df:5a:49:
10:3b:79:f5:7e:5b:ee:fd:bb:4e:85:3b:63:e0:8e:
3b:0f:0b:8d:9d:1a:0a:39:53:69:d4:a6:8a:ca:39:
3d:a2:34:2b:bb:51:b6:d6:3f:80:e0:cf:9b:43:e1:
b0:ff:1d:93:e7:6a:93:cd:34:57:38:a7:5e:03:81:
33:d3:a5:c0:23:42:dd:c6:e9:92:6b:ed:4d:b1:e4:
c2:0b:e2:ad:cd:b1:db:d3:8b:0b:c8:77:45:f5:a3:
43:89:4d:38:61:4e:47:7a:83:32:07:e0:41:3c:fb:
ef:d8:8f:6e:8a:cb:6c:18:26:40:c0:fb:3d:0a:24:
bf:88:84:b7:8a:b3:ec:a6:cc:fa:82:4a:7e:bc:3e:
f3:75:a1:61:29:18:19:0f:fe:92:ad:a7:b8:50:54:
1a:8a:b4:89:4d:eb:ff:84:9a:07:ca:72:39:df:a0:
e2:48:a5:58:65:62:5c:cb:9b:27:81:bd:60:0e:32:
40:99:54:13:0d:53:51:5e:f2:97:38:5e:ab:49:48:
1a:4f:84:b5:c5:3a:f6:df:75:6d:74:00:2c:cb:12:
4c:83:e1:6b:74:70:25:95:0a:55:b5:cc:7f:34:28:
be:2c:8a:07:f8:88:b7:25:30:54:c9:07:aa:01:f2:
c5:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:68:F5:A5:AE:00:E6:8E:EE:AF:C9:95:DB:56:81:F9:51:FE:DB:F9
X509v3 Authority Key Identifier:
keyid:CA:0C:E2:CB:A9:9C:DE:0D:90:27:FC:E4:86:4F:26:C9:13:D4:19:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B2C43/DC2F546839E411EA96173374C4F9AE02/ygziy6mc3g2QJ_zkhk8myRPUGeM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ygziy6mc3g2QJ_zkhk8myRPUGeM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B2C43/DC2F546839E411EA96173374C4F9AE02/6AC5AB5CEAB811F088FEC0005D6F56BC.roa
sbgp-ipAddrBlock: critical
IPv4:
103.225.220.0/22
202.166.160.0/20
IPv6:
2401:ea00::-2401:ea00:13:ffff:ffff:ffff:ffff:ffff
2401:ea00:20::/48
2401:ea00:25::/48
Signature Algorithm: sha256WithRSAEncryption
c1:85:8a:17:b7:05:4c:50:64:1a:2a:ca:ec:e8:9f:11:1f:a0:
7c:6e:0a:21:62:d4:b2:c0:b2:af:12:c2:a4:08:68:f4:06:cd:
3c:24:2e:26:6c:5c:64:aa:a4:3b:84:d5:db:f9:f3:04:a2:68:
5d:71:56:12:ed:12:07:2d:72:08:63:42:34:88:cf:a7:8b:88:
ea:40:95:d3:03:8a:b3:26:bf:7c:9e:42:e4:da:93:99:b3:e6:
44:ac:c3:d1:9d:60:e8:f2:04:56:b0:a0:db:c8:0e:0a:6f:f9:
29:5e:6d:31:f3:e2:d2:a3:aa:ad:d4:ba:5a:15:6e:74:6c:60:
05:4f:83:58:42:67:76:4f:19:1b:c2:17:a5:28:c5:f1:1e:a5:
9b:13:1c:e1:14:6e:72:0a:02:9d:66:2e:4f:3c:ce:ca:fb:ac:
58:fa:14:9a:ff:e9:55:00:9b:bf:d5:7c:fd:60:b5:85:a4:e4:
54:0d:6a:c7:3b:3b:16:e5:49:9f:64:50:0d:f2:ed:04:c6:22:
37:30:3e:af:10:19:df:cf:6b:a6:8e:32:65:1b:bb:3c:f4:9b:
1e:3c:f8:f0:fd:5e:da:cf:e4:4a:cc:d3:59:49:33:3f:a6:5b:
fe:3a:0e:60:2c:27:24:ce:ce:75:d0:80:52:c0:28:cb:17:9b:
d0:67:9c:d0
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgICC/4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjJDNDMxMTAvBgNVBAUTKENBMENFMkNCQTk5Q0RFMEQ5MDI3RkNFNDg2NEYyNkM5
MTNENDE5RTMwHhcNMjYwMjI4MTkxNjIyWhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NzVjNi02ODdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyk1qFSVj9OcnviPfWkkQO3n1flvu/btOhTtj4I47DwuNnRoKOVNp1KaKyjk9
ojQru1G21j+A4M+bQ+Gw/x2T52qTzTRXOKdeA4Ez06XAI0LdxumSa+1NseTCC+Kt
zbHb04sLyHdF9aNDiU04YU5HeoMyB+BBPPvv2I9uistsGCZAwPs9CiS/iIS3irPs
psz6gkp+vD7zdaFhKRgZD/6Srae4UFQairSJTev/hJoHynI536DiSKVYZWJcy5sn
gb1gDjJAmVQTDVNRXvKXOF6rSUgaT4S1xTr233VtdAAsyxJMg+FrdHAllQpVtcx/
NCi+LIoH+Ii3JTBUyQeqAfLFLQIDAQABo4ICkTCCAo0wHQYDVR0OBBYEFJZo9aWu
AOaO7q/JldtWgflR/tv5MB8GA1UdIwQYMBaAFMoM4supnN4NkCf85IZPJskT1Bnj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMkM0My9EQzJGNTQ2ODM5
RTQxMUVBOTYxNzMzNzRDNEY5QUUwMi95Z3ppeTZtYzNnMlFKX3praGs4bXlSUFVH
ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lneml5Nm1jM2cyUUpfemtoazhteVJQVUdlTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjJDNDMvREMyRjU0NjgzOUU0MTFFQTk2MTczMzc0QzRGOUFFMDIvNkFDNUFCNUNF
QUI4MTFGMDg4RkVDMDAwNUQ2RjU2QkMucm9hMFAGCCsGAQUFBwEHAQH/BEEwPzAS
BAIAATAMAwQCZ+HcAwQEyqagMCkEAgACMCMwDwMEASQB6gMHAiQB6gAAEAMHACQB
6gAAIAMHACQB6gAAJTANBgkqhkiG9w0BAQsFAAOCAQEAwYWKF7cFTFBkGirK7Oif
ER+gfG4KIWLUssCyrxLCpAho9AbNPCQuJmxcZKqkO4TV2/nzBKJoXXFWEu0SBy1y
CGNCNIjPp4uI6kCV0wOKsya/fJ5C5NqTmbPmRKzD0Z1g6PIEVrCg28gOCm/5KV5t
MfPi0qOqrdS6WhVudGxgBU+DWEJndk8ZG8IXpSjF8R6lmxMc4RRucgoCnWYuTzzO
yvusWPoUmv/pVQCbv9V8/WC1haTkVA1qxzs7FuVJn2RQDfLtBMYiNzA+rxAZ389r
po4yZRu7PPSbHjz48P1e2s/kSszTWUkzP6Zb/joOYCwnJM7OddCAUsAoyxeb0Gec
0A==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:05:45 2026 by rpki-client