Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B527E/E8A88CBAAB7211E4B8BBB81CC4F9AE02/C22BA9D094E411EA9076F758C4F9AE02.roa
File: C22BA9D094E411EA9076F758C4F9AE02.roa (raw, json)
Hash identifier: H2W7FUFHmZ8Q0NnMSEGYzmhsdnQ1yfavtemrLs6lXMY=
Subject key identifier: A3:63:80:45:45:CA:31:A3:2A:F6:43:3B:60:5C:6C:B8:85:D5:ED:1A
Certificate issuer: /CN=A91B527E/serialNumber=57B687274B3319ED9071B966158F9B8AB64AE6F7
Certificate serial: 283F
Authority key identifier: 57:B6:87:27:4B:33:19:ED:90:71:B9:66:15:8F:9B:8A:B6:4A:E6:F7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/V7aHJ0szGe2QcblmFY-birZK5vc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B527E/E8A88CBAAB7211E4B8BBB81CC4F9AE02/C22BA9D094E411EA9076F758C4F9AE02.roa
Signing time: Fri 10 Apr 2026 16:18:15 +0000
ROA not before: Fri 10 Apr 2026 16:18:14 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 38553
IP address blocks: 103.123.40.0/24 maxlen: 24
103.123.41.0/24 maxlen: 24
103.123.42.0/24 maxlen: 24
103.123.43.0/24 maxlen: 24
120.72.16.0/24 maxlen: 24
120.72.17.0/24 maxlen: 24
120.72.18.0/24 maxlen: 24
120.72.19.0/24 maxlen: 24
120.72.20.0/24 maxlen: 24
120.72.21.0/24 maxlen: 24
120.72.22.0/24 maxlen: 24
120.72.23.0/24 maxlen: 24
120.72.24.0/24 maxlen: 24
120.72.25.0/24 maxlen: 24
120.72.26.0/24 maxlen: 24
120.72.27.0/24 maxlen: 24
120.72.28.0/24 maxlen: 24
120.72.29.0/24 maxlen: 24
120.72.30.0/24 maxlen: 24
120.72.31.0/24 maxlen: 24
202.137.112.0/24 maxlen: 24
202.137.113.0/24 maxlen: 24
202.137.114.0/24 maxlen: 24
202.137.115.0/24 maxlen: 24
202.137.116.0/24 maxlen: 24
202.137.117.0/24 maxlen: 24
202.137.118.0/24 maxlen: 24
202.137.119.0/24 maxlen: 24
202.137.120.0/24 maxlen: 24
202.137.121.0/24 maxlen: 24
202.137.122.0/24 maxlen: 24
202.137.123.0/24 maxlen: 24
202.137.124.0/24 maxlen: 24
202.137.125.0/24 maxlen: 24
202.137.126.0/24 maxlen: 24
202.137.127.0/24 maxlen: 24
2404:7400::/32 maxlen: 32
2404:7400:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B527E/E8A88CBAAB7211E4B8BBB81CC4F9AE02/V7aHJ0szGe2QcblmFY-birZK5vc.crl
rsync://rpki.apnic.net/member_repository/A91B527E/E8A88CBAAB7211E4B8BBB81CC4F9AE02/V7aHJ0szGe2QcblmFY-birZK5vc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/V7aHJ0szGe2QcblmFY-birZK5vc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Apr 2026 15:35:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10303 (0x283f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B527E, serialNumber=57B687274B3319ED9071B966158F9B8AB64AE6F7
Validity
Not Before: Apr 10 16:18:14 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=69d922c6-8f01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:bd:6f:db:07:4f:c1:74:79:ef:77:ff:d4:78:
5a:ff:9f:b2:da:c3:e1:8d:81:e3:f7:38:7c:5e:e3:
f0:7d:55:0c:25:db:47:8d:4e:d6:89:7b:f1:a7:85:
ca:50:fa:96:95:9d:11:8b:5c:8a:3a:57:1b:f4:e4:
e3:90:2e:25:06:eb:7d:14:40:7d:92:46:8c:b5:61:
f3:ee:0b:d4:f8:f3:70:61:02:c1:16:86:a3:6a:0f:
68:bb:9e:5f:cf:b5:0f:51:05:b5:5c:1d:35:01:a8:
af:42:53:b8:aa:35:23:bc:af:f6:64:2c:08:15:d8:
9c:a4:6e:2e:fb:33:53:9c:87:d2:2c:63:43:8f:67:
3e:a3:5a:cf:55:16:4b:94:0b:d5:d5:c7:5e:f7:ae:
f0:12:bd:74:7b:7e:88:5d:ca:f9:ee:e6:4c:7d:6c:
5d:ec:e6:92:e4:d3:60:84:55:7c:df:f3:42:a9:18:
31:4d:a2:f2:7c:93:f5:61:f1:de:65:c5:d7:ab:c8:
7d:fb:5a:b2:90:2b:87:c4:04:74:c8:84:c9:1c:fb:
87:19:8a:c2:f4:0a:7d:0c:6e:0f:a9:4b:4d:8a:87:
9e:90:a2:f3:94:af:66:c5:61:8b:1f:62:1d:08:c0:
35:ed:66:09:da:63:73:56:e6:a9:01:04:8a:00:b1:
e5:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:63:80:45:45:CA:31:A3:2A:F6:43:3B:60:5C:6C:B8:85:D5:ED:1A
X509v3 Authority Key Identifier:
keyid:57:B6:87:27:4B:33:19:ED:90:71:B9:66:15:8F:9B:8A:B6:4A:E6:F7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B527E/E8A88CBAAB7211E4B8BBB81CC4F9AE02/V7aHJ0szGe2QcblmFY-birZK5vc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/V7aHJ0szGe2QcblmFY-birZK5vc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B527E/E8A88CBAAB7211E4B8BBB81CC4F9AE02/C22BA9D094E411EA9076F758C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.123.40.0/22
120.72.16.0/20
202.137.112.0/20
IPv6:
2404:7400::/32
Signature Algorithm: sha256WithRSAEncryption
50:61:18:39:57:fe:b6:25:27:f6:1e:ec:d0:47:24:10:5b:ad:
bc:cb:65:44:dc:37:33:4a:30:81:54:a7:69:90:4e:5f:5f:ea:
76:5d:52:5e:5e:31:b1:6e:b2:9c:b9:db:30:a2:ad:7b:51:e1:
84:63:e3:ab:01:e5:df:76:36:85:39:91:4e:eb:fd:6b:b2:f6:
40:6a:cf:e6:f5:c1:47:5b:a5:8f:63:dd:77:be:e6:34:50:67:
f3:97:41:77:71:3f:45:3a:74:a0:56:dc:f4:39:7f:18:17:ac:
fa:d5:b9:23:74:74:22:de:84:7b:6d:11:ee:29:21:c5:29:f4:
62:2a:1e:aa:46:36:38:3a:7e:4b:99:34:64:6b:b4:03:d3:14:
98:ce:86:ee:c9:74:cc:a6:9b:94:66:c5:80:89:5c:94:08:04:
07:cc:a3:56:b6:1f:56:86:9c:67:39:6b:04:ed:f1:ac:87:7b:
cf:52:75:b9:76:08:a9:d2:71:0f:f5:60:3b:a3:73:42:f9:1f:
d1:f3:b2:7d:bd:bf:53:61:20:31:8a:d6:69:3d:69:ca:af:39:
29:bd:6a:50:7e:45:14:a3:e2:d6:30:11:53:52:50:c0:73:20:
41:20:77:50:73:18:2a:94:18:19:38:20:9e:10:21:fc:b6:f1:
37:0b:3d:16
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgICKD8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjUyN0UxMTAvBgNVBAUTKDU3QjY4NzI3NEIzMzE5RUQ5MDcxQjk2NjE1OEY5QjhB
QjY0QUU2RjcwHhcNMjYwNDEwMTYxODE0WhcNMjcwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWQ5MjJjNi04ZjAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvL1v2wdPwXR573f/1Hha/5+y2sPhjYHj9zh8XuPwfVUMJdtHjU7WiXvxp4XK
UPqWlZ0Ri1yKOlcb9OTjkC4lBut9FEB9kkaMtWHz7gvU+PNwYQLBFoajag9ou55f
z7UPUQW1XB01AaivQlO4qjUjvK/2ZCwIFdicpG4u+zNTnIfSLGNDj2c+o1rPVRZL
lAvV1cde967wEr10e36IXcr57uZMfWxd7OaS5NNghFV83/NCqRgxTaLyfJP1YfHe
ZcXXq8h9+1qykCuHxAR0yITJHPuHGYrC9Ap9DG4PqUtNioeekKLzlK9mxWGLH2Id
CMA17WYJ2mNzVuapAQSKALHlsQIDAQABo4ICezCCAncwHQYDVR0OBBYEFKNjgEVF
yjGjKvZDO2BcbLiF1e0aMB8GA1UdIwQYMBaAFFe2hydLMxntkHG5ZhWPm4q2Sub3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNTI3RS9FOEE4OENCQUFC
NzIxMUU0QjhCQkI4MUNDNEY5QUUwMi9WN2FISjBzekdlMlFjYmxtRlktYmlyWks1
dmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1Y3YUhKMHN6R2UyUWNibG1GWS1iaXJaSzV2Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjUyN0UvRThBODhDQkFBQjcyMTFFNEI4QkJCODFDQzRGOUFFMDIvQzIyQkE5RDA5
NEU0MTFFQTkwNzZGNzU4QzRGOUFFMDIucm9hMDoGCCsGAQUFBwEHAQH/BCswKTAY
BAIAATASAwQCZ3soAwQEeEgQAwQEyolwMA0EAgACMAcDBQAkBHQAMA0GCSqGSIb3
DQEBCwUAA4IBAQBQYRg5V/62JSf2HuzQRyQQW628y2VE3DczSjCBVKdpkE5fX+p2
XVJeXjGxbrKcudswoq17UeGEY+OrAeXfdjaFOZFO6/1rsvZAas/m9cFHW6WPY913
vuY0UGfzl0F3cT9FOnSgVtz0OX8YF6z61bkjdHQi3oR7bRHuKSHFKfRiKh6qRjY4
On5LmTRka7QD0xSYzobuyXTMppuUZsWAiVyUCAQHzKNWth9WhpxnOWsE7fGsh3vP
UnW5dgip0nEP9WA7o3NC+R/R87J9vb9TYSAxitZpPWnKrzkpvWpQfkUUo+LWMBFT
UlDAcyBBIHdQcxgqlBgZOCCeECH8tvE3Cz0W
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:09:42 2026 by rpki-client