Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B3CB5/632650F8050511EAAA934C43C4F9AE02/257E3B94E37B11EA84A20810C4F9AE02.roa
File: 257E3B94E37B11EA84A20810C4F9AE02.roa (raw, json)
Hash identifier: TRS7uXadVT84Hu1eRh3NR9uztLBURMPyAO7c/F8WlGg=
Subject key identifier: BB:45:34:49:DD:A8:0D:53:E1:54:D7:7B:8B:2C:CA:8E:32:51:C5:45
Certificate issuer: /CN=A91B3CB5/serialNumber=1355D5187D2E63D7E6D49078D8E71FA051C456E3
Certificate serial: 0D08
Authority key identifier: 13:55:D5:18:7D:2E:63:D7:E6:D4:90:78:D8:E7:1F:A0:51:C4:56:E3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E1XVGH0uY9fm1JB42OcfoFHEVuM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B3CB5/632650F8050511EAAA934C43C4F9AE02/257E3B94E37B11EA84A20810C4F9AE02.roa
Signing time: Sun 01 Mar 2026 16:43:46 +0000
ROA not before: Wed 22 Oct 2025 19:07:17 +0000
ROA not after: Wed 30 Dec 2026 00:00:00 +0000
asID: 38280
IP address blocks: 59.191.192.0/20 maxlen: 20
59.191.192.0/24 maxlen: 24
59.191.193.0/24 maxlen: 24
59.191.194.0/24 maxlen: 24
59.191.195.0/24 maxlen: 24
59.191.196.0/24 maxlen: 24
59.191.197.0/24 maxlen: 24
59.191.198.0/24 maxlen: 24
59.191.199.0/24 maxlen: 24
59.191.200.0/24 maxlen: 24
59.191.201.0/24 maxlen: 24
59.191.202.0/24 maxlen: 24
59.191.203.0/24 maxlen: 24
59.191.204.0/24 maxlen: 24
59.191.205.0/24 maxlen: 24
59.191.206.0/24 maxlen: 24
59.191.207.0/24 maxlen: 24
118.139.128.0/19 maxlen: 19
118.139.128.0/24 maxlen: 24
118.139.129.0/24 maxlen: 24
118.139.130.0/24 maxlen: 24
118.139.131.0/24 maxlen: 24
118.139.132.0/24 maxlen: 24
118.139.133.0/24 maxlen: 24
118.139.134.0/24 maxlen: 24
118.139.135.0/24 maxlen: 24
118.139.136.0/24 maxlen: 24
118.139.137.0/24 maxlen: 24
118.139.138.0/24 maxlen: 24
118.139.139.0/24 maxlen: 24
118.139.140.0/24 maxlen: 24
118.139.141.0/24 maxlen: 24
118.139.142.0/24 maxlen: 24
118.139.143.0/24 maxlen: 24
118.139.144.0/24 maxlen: 24
118.139.145.0/24 maxlen: 24
118.139.146.0/24 maxlen: 24
118.139.147.0/24 maxlen: 24
118.139.148.0/24 maxlen: 24
118.139.149.0/24 maxlen: 24
118.139.150.0/24 maxlen: 24
118.139.151.0/24 maxlen: 24
118.139.152.0/24 maxlen: 24
118.139.153.0/24 maxlen: 24
118.139.154.0/24 maxlen: 24
118.139.155.0/24 maxlen: 24
118.139.156.0/24 maxlen: 24
118.139.157.0/24 maxlen: 24
118.139.158.0/24 maxlen: 24
118.139.159.0/24 maxlen: 24
2404:2400:200::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B3CB5/632650F8050511EAAA934C43C4F9AE02/E1XVGH0uY9fm1JB42OcfoFHEVuM.crl
rsync://rpki.apnic.net/member_repository/A91B3CB5/632650F8050511EAAA934C43C4F9AE02/E1XVGH0uY9fm1JB42OcfoFHEVuM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E1XVGH0uY9fm1JB42OcfoFHEVuM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3336 (0xd08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B3CB5, serialNumber=1355D5187D2E63D7E6D49078D8E71FA051C456E3
Validity
Not Before: Oct 22 19:07:17 2025 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=69a46cc2-ba95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1e:6f:e4:e0:49:d5:e6:ce:47:14:72:d9:2c:
0a:44:57:12:6e:df:3f:ab:43:ae:a9:6f:a1:15:bf:
02:50:b8:52:fb:6d:aa:ec:f3:b7:89:15:01:3f:1f:
d4:cf:26:92:11:0e:c9:8a:a2:dd:23:74:87:90:0a:
a3:08:6c:f7:c4:16:6f:39:ea:9e:12:5a:9c:ad:5a:
db:81:32:2b:c3:b1:3c:79:cd:04:fd:a0:83:e9:d5:
4e:09:98:49:93:d6:0c:bf:94:8e:ae:95:84:4c:21:
5e:54:24:ef:69:9a:1d:78:3c:6c:11:05:34:17:9e:
bc:03:05:50:6b:d2:52:63:94:24:f2:d7:16:be:e3:
47:ba:df:9f:00:1e:b5:91:64:2c:3c:58:4d:be:83:
a7:be:a7:a4:ba:a5:b7:2d:cb:88:0b:2d:84:3b:04:
1b:f3:48:37:13:ba:04:f1:c1:46:6e:bb:c0:58:a2:
54:6c:0d:31:8d:8e:49:d1:40:5a:fc:bb:eb:ac:c2:
43:81:c6:fb:cf:27:1e:c3:5b:c6:2d:f3:8c:ea:d2:
3e:39:1f:53:e5:8c:35:2d:ff:ae:7c:d0:01:15:8a:
a3:d5:8c:e0:36:32:a2:c2:4a:14:a7:d0:b9:6b:11:
18:52:1c:48:31:29:d9:54:69:74:44:4a:7a:2f:15:
e7:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:45:34:49:DD:A8:0D:53:E1:54:D7:7B:8B:2C:CA:8E:32:51:C5:45
X509v3 Authority Key Identifier:
keyid:13:55:D5:18:7D:2E:63:D7:E6:D4:90:78:D8:E7:1F:A0:51:C4:56:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B3CB5/632650F8050511EAAA934C43C4F9AE02/E1XVGH0uY9fm1JB42OcfoFHEVuM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E1XVGH0uY9fm1JB42OcfoFHEVuM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B3CB5/632650F8050511EAAA934C43C4F9AE02/257E3B94E37B11EA84A20810C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
59.191.192.0/20
118.139.128.0/19
IPv6:
2404:2400:200::/48
Signature Algorithm: sha256WithRSAEncryption
9a:01:30:62:05:46:95:cb:95:4a:1b:2f:01:62:8e:e7:bc:8c:
43:d9:20:cc:10:db:83:b0:f0:e7:4f:e7:c7:ae:a7:69:f2:b0:
f1:ef:88:ab:4e:7c:50:13:24:22:34:6b:17:cc:15:27:13:ee:
6c:30:03:6d:02:6e:17:41:d1:6f:4b:a1:b8:96:7e:0f:e2:ff:
28:f0:ea:33:6c:0c:c5:cc:de:7d:1a:16:06:f2:e8:db:40:f0:
6b:b1:3f:7e:3b:a3:62:e5:2d:65:47:dd:20:5e:f3:0c:84:85:
60:c6:be:0e:15:60:a1:a2:f8:31:8e:92:ef:ab:8e:6c:b2:65:
c5:bb:b7:f2:21:b8:a0:ef:44:61:cb:77:f1:54:6f:1a:f8:81:
cb:89:7b:b3:f2:24:8c:4c:00:62:c0:26:a9:ee:42:38:03:98:
68:2f:bb:a2:4a:92:ee:6c:24:01:85:8d:48:de:54:b8:af:e2:
cf:36:13:14:bd:a4:df:8c:cc:a2:e6:bb:08:e5:88:0f:9d:0c:
5b:dc:ec:8c:62:c8:39:19:68:97:3c:55:ff:3c:c3:90:0c:8f:
d4:9d:7c:49:51:6d:21:1f:98:a7:29:b4:32:a9:82:29:1d:4c:
65:a2:41:ed:68:94:7f:2b:14:33:5c:b0:a9:35:df:2b:53:dd:
bc:1e:12:69
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgICDQgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjNDQjUxMTAvBgNVBAUTKDEzNTVENTE4N0QyRTYzRDdFNkQ0OTA3OEQ4RTcxRkEw
NTFDNDU2RTMwHhcNMjUxMDIyMTkwNzE3WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NmNjMi1iYTk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmh5v5OBJ1ebORxRy2SwKRFcSbt8/q0OuqW+hFb8CULhS+22q7PO3iRUBPx/U
zyaSEQ7JiqLdI3SHkAqjCGz3xBZvOeqeElqcrVrbgTIrw7E8ec0E/aCD6dVOCZhJ
k9YMv5SOrpWETCFeVCTvaZodeDxsEQU0F568AwVQa9JSY5Qk8tcWvuNHut+fAB61
kWQsPFhNvoOnvqekuqW3LcuICy2EOwQb80g3E7oE8cFGbrvAWKJUbA0xjY5J0UBa
/LvrrMJDgcb7zycew1vGLfOM6tI+OR9T5Yw1Lf+ufNABFYqj1YzgNjKiwkoUp9C5
axEYUhxIMSnZVGl0REp6LxXnzwIDAQABo4ICdzCCAnMwHQYDVR0OBBYEFLtFNEnd
qA1T4VTXe4ssyo4yUcVFMB8GA1UdIwQYMBaAFBNV1Rh9LmPX5tSQeNjnH6BRxFbj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCM0NCNS82MzI2NTBGODA1
MDUxMUVBQUE5MzRDNDNDNEY5QUUwMi9FMVhWR0gwdVk5Zm0xSkI0Mk9jZm9GSEVW
dU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0UxWFZHSDB1WTlmbTFKQjQyT2Nmb0ZIRVZ1TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjNDQjUvNjMyNjUwRjgwNTA1MTFFQUFBOTM0QzQzQzRGOUFFMDIvMjU3RTNCOTRF
MzdCMTFFQTg0QTIwODEwQzRGOUFFMDIucm9hMDYGCCsGAQUFBwEHAQH/BCcwJTAS
BAIAATAMAwQEO7/AAwQFdouAMA8EAgACMAkDBwAkBCQAAgAwDQYJKoZIhvcNAQEL
BQADggEBAJoBMGIFRpXLlUobLwFijue8jEPZIMwQ24Ow8OdP58eup2nysPHviKtO
fFATJCI0axfMFScT7mwwA20CbhdB0W9LobiWfg/i/yjw6jNsDMXM3n0aFgby6NtA
8GuxP347o2LlLWVH3SBe8wyEhWDGvg4VYKGi+DGOku+rjmyyZcW7t/IhuKDvRGHL
d/FUbxr4gcuJe7PyJIxMAGLAJqnuQjgDmGgvu6JKku5sJAGFjUjeVLiv4s82ExS9
pN+MzKLmuwjliA+dDFvc7IxiyDkZaJc8Vf88w5AMj9SdfElRbSEfmKcptDKpgikd
TGWiQe1olH8rFDNcsKk13ytT3bweEmk=
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:00:57 2026 by rpki-client