Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6EB1/4C5F720831F311EAA0A96876C4F9AE02/CEC1F8CEBCDD11EDA890C37EC4F9AE02.roa
File: CEC1F8CEBCDD11EDA890C37EC4F9AE02.roa (raw, json)
Hash identifier: q0lqVS28SrU2+4MJeoLC9pzh7Qgf+qG7CEETocpWonk=
Subject key identifier: 8B:F6:FB:3D:F6:77:F0:30:6C:1C:1D:33:6E:4A:B5:1D:79:D3:59:13
Certificate issuer: /CN=A91B6EB1/serialNumber=C28879FEC10CE929C1CF2E5B97886F1D7EA17C5A
Certificate serial: 0C41
Authority key identifier: C2:88:79:FE:C1:0C:E9:29:C1:CF:2E:5B:97:88:6F:1D:7E:A1:7C:5A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/woh5_sEM6SnBzy5bl4hvHX6hfFo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B6EB1/4C5F720831F311EAA0A96876C4F9AE02/CEC1F8CEBCDD11EDA890C37EC4F9AE02.roa
Signing time: Wed 08 Apr 2026 19:23:47 +0000
ROA not before: Wed 08 Apr 2026 19:23:47 +0000
ROA not after: Fri 28 May 2027 00:00:00 +0000
asID: 136395
IP address blocks: 103.86.108.0/22 maxlen: 22
103.86.108.0/23 maxlen: 23
103.86.108.0/24 maxlen: 24
103.86.109.0/24 maxlen: 24
103.86.110.0/24 maxlen: 24
103.86.111.0/24 maxlen: 24
202.181.4.0/22 maxlen: 22
202.181.4.0/23 maxlen: 23
202.181.4.0/24 maxlen: 24
202.181.5.0/24 maxlen: 24
202.181.6.0/23 maxlen: 23
202.181.6.0/24 maxlen: 24
202.181.7.0/24 maxlen: 24
2400:bcc0::/32 maxlen: 32
2400:bcc0::/36 maxlen: 36
2400:bcc0:1::/48 maxlen: 48
2400:bcc0:2::/48 maxlen: 48
2400:bcc0:3::/48 maxlen: 48
2400:bcc0:4::/48 maxlen: 48
2400:bcc0:9::/48 maxlen: 48
2400:bcc0:1000::/36 maxlen: 36
2400:bcc0:1000::/48 maxlen: 48
2400:bcc0:1001::/48 maxlen: 48
2400:bcc0:1002::/48 maxlen: 48
2400:bcc0:1003::/48 maxlen: 48
2400:bcc0:1004::/48 maxlen: 48
2400:bcc0:1005::/48 maxlen: 48
2400:bcc0:1006::/48 maxlen: 48
2400:bcc0:1007::/48 maxlen: 48
2400:bcc0:1008::/48 maxlen: 48
2400:bcc0:1009::/48 maxlen: 48
2400:bcc0:100a::/48 maxlen: 48
2400:bcc0:100b::/48 maxlen: 48
2400:bcc0:100c::/48 maxlen: 48
2400:bcc0:1010::/48 maxlen: 48
2400:bcc0:1011::/48 maxlen: 48
2400:bcc0:1016::/48 maxlen: 48
2400:bcc0:1017::/48 maxlen: 48
2400:bcc0:101c::/48 maxlen: 48
2400:bcc0:101d::/48 maxlen: 48
2400:bcc0:1022::/48 maxlen: 48
2400:bcc0:1023::/48 maxlen: 48
2400:bcc0:1028::/48 maxlen: 48
2400:bcc0:1029::/48 maxlen: 48
2400:bcc0:102e::/48 maxlen: 48
2400:bcc0:1033::/48 maxlen: 48
2400:bcc0:1034::/48 maxlen: 48
2400:bcc0:2000::/36 maxlen: 36
2400:bcc0:3000::/36 maxlen: 36
2400:bcc0:3001::/48 maxlen: 48
2400:bcc0:3002::/48 maxlen: 48
2400:bcc0:3003::/48 maxlen: 48
2400:bcc0:3004::/48 maxlen: 48
2400:bcc0:3005::/48 maxlen: 48
2400:bcc0:3006::/48 maxlen: 48
2400:bcc0:300b::/48 maxlen: 48
2400:bcc0:300c::/48 maxlen: 48
2400:bcc0:3010::/48 maxlen: 48
2400:bcc0:3011::/48 maxlen: 48
2400:bcc0:3016::/48 maxlen: 48
2400:bcc0:3017::/48 maxlen: 48
2400:bcc0:301c::/48 maxlen: 48
2400:bcc0:301d::/48 maxlen: 48
2400:bcc0:3022::/48 maxlen: 48
2400:bcc0:3023::/48 maxlen: 48
2400:bcc0:3028::/48 maxlen: 48
2400:bcc0:3029::/48 maxlen: 48
2400:bcc0:302e::/48 maxlen: 48
2400:bcc0:4000::/36 maxlen: 36
2400:bcc0:5000::/36 maxlen: 36
2400:bcc0:6000::/36 maxlen: 36
2400:bcc0:7000::/36 maxlen: 36
2400:bcc0:8000::/36 maxlen: 36
2400:bcc0:9000::/36 maxlen: 36
2400:bcc0:a000::/36 maxlen: 36
2400:bcc0:b000::/36 maxlen: 36
2400:bcc0:c000::/36 maxlen: 36
2400:bcc0:d000::/36 maxlen: 36
2400:bcc0:e000::/36 maxlen: 36
2400:bcc0:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B6EB1/4C5F720831F311EAA0A96876C4F9AE02/woh5_sEM6SnBzy5bl4hvHX6hfFo.crl
rsync://rpki.apnic.net/member_repository/A91B6EB1/4C5F720831F311EAA0A96876C4F9AE02/woh5_sEM6SnBzy5bl4hvHX6hfFo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/woh5_sEM6SnBzy5bl4hvHX6hfFo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Apr 2026 18:44:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3137 (0xc41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B6EB1, serialNumber=C28879FEC10CE929C1CF2E5B97886F1D7EA17C5A
Validity
Not Before: Apr 8 19:23:47 2026 GMT
Not After : May 28 00:00:00 2027 GMT
Subject: CN=69d6ab42-661c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:43:c9:ef:8a:8a:d9:54:2a:84:ca:5b:92:43:
04:90:06:c1:75:f8:fc:45:e9:c5:e2:a2:bc:87:7b:
db:e9:c6:0d:0a:af:1e:4a:fa:1a:b5:8f:3c:55:9d:
44:b9:ec:33:da:73:12:d2:b5:bf:4a:e0:65:ee:63:
e9:d2:25:9c:bd:63:66:94:73:29:23:dc:76:f7:98:
96:6b:00:88:56:47:7f:fe:d5:7b:8f:01:50:12:62:
4c:5c:b8:5c:72:f7:83:ef:20:72:8c:b6:fc:e2:cf:
87:eb:1e:99:3d:69:dc:1e:ab:18:1c:7c:6c:94:ea:
7f:b2:19:2c:a6:46:70:97:96:45:30:4f:1c:b5:05:
4d:6e:6e:77:8b:20:92:19:7a:e4:4b:e9:be:34:cb:
11:71:4c:d0:81:98:6d:0a:74:07:44:a0:4f:96:51:
a6:6d:02:76:eb:1a:9e:c0:59:53:1a:3e:51:31:9b:
5c:b8:39:db:22:b5:7a:78:58:31:8c:25:3b:55:94:
b2:05:4b:77:f4:ef:5b:e7:2c:03:1c:44:4d:99:12:
ee:3c:54:17:54:85:b3:af:e1:bb:aa:18:4f:f1:6e:
49:12:42:b6:98:59:4d:29:4e:c5:d0:02:a3:77:43:
96:88:d5:6e:3e:8c:62:7d:ac:c8:27:b3:c1:9a:08:
a9:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:F6:FB:3D:F6:77:F0:30:6C:1C:1D:33:6E:4A:B5:1D:79:D3:59:13
X509v3 Authority Key Identifier:
keyid:C2:88:79:FE:C1:0C:E9:29:C1:CF:2E:5B:97:88:6F:1D:7E:A1:7C:5A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B6EB1/4C5F720831F311EAA0A96876C4F9AE02/woh5_sEM6SnBzy5bl4hvHX6hfFo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/woh5_sEM6SnBzy5bl4hvHX6hfFo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6EB1/4C5F720831F311EAA0A96876C4F9AE02/CEC1F8CEBCDD11EDA890C37EC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.86.108.0/22
202.181.4.0/22
IPv6:
2400:bcc0::/32
Signature Algorithm: sha256WithRSAEncryption
64:fa:4c:98:80:53:6b:9a:5e:2e:ea:a0:43:bf:73:95:f9:2b:
df:d4:3c:ea:29:9a:31:d2:34:dd:4e:26:9a:f1:a0:91:8f:ec:
db:86:07:23:00:79:de:cb:21:dc:a3:b4:c4:d2:26:72:1e:30:
50:30:f9:1c:1f:6d:9c:18:45:f9:6c:7e:1d:80:7a:30:8f:ab:
16:08:3b:59:1d:f3:18:3c:45:67:7c:cb:81:74:9a:71:b7:c5:
f5:ef:d3:f8:1d:8d:bd:29:58:03:26:1b:96:cd:f7:b2:a1:2d:
e7:a2:26:ee:b5:64:06:13:4b:6e:c1:6f:da:f7:69:19:10:e3:
8e:18:68:b7:45:d1:46:88:82:ab:8a:e5:6a:ec:3b:0c:c2:c6:
d3:29:1e:0d:9d:80:31:68:a4:0a:80:8f:18:58:ef:be:f5:fa:
de:19:2a:ed:06:ee:99:49:05:77:fe:b2:17:92:40:d2:2f:a9:
a0:c0:c7:c0:d3:d5:a8:cd:b5:a7:af:87:5a:de:61:73:38:f9:
90:ec:86:83:9c:31:20:62:59:ac:16:98:5e:62:59:88:c1:2c:
84:4f:3c:68:5c:d5:be:ac:b5:b2:ce:c5:61:41:db:89:36:ea:
1f:a0:ff:31:63:3e:66:f8:5e:6f:99:af:0e:de:23:64:7e:4e:
4b:31:06:6b
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgICDEEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjZFQjExMTAvBgNVBAUTKEMyODg3OUZFQzEwQ0U5MjlDMUNGMkU1Qjk3ODg2RjFE
N0VBMTdDNUEwHhcNMjYwNDA4MTkyMzQ3WhcNMjcwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWQ2YWI0Mi02NjFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9kPJ74qK2VQqhMpbkkMEkAbBdfj8RenF4qK8h3vb6cYNCq8eSvoatY88VZ1E
uewz2nMS0rW/SuBl7mPp0iWcvWNmlHMpI9x295iWawCIVkd//tV7jwFQEmJMXLhc
cveD7yByjLb84s+H6x6ZPWncHqsYHHxslOp/shkspkZwl5ZFME8ctQVNbm53iyCS
GXrkS+m+NMsRcUzQgZhtCnQHRKBPllGmbQJ26xqewFlTGj5RMZtcuDnbIrV6eFgx
jCU7VZSyBUt39O9b5ywDHERNmRLuPFQXVIWzr+G7qhhP8W5JEkK2mFlNKU7F0AKj
d0OWiNVuPoxifazIJ7PBmgipzQIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFIv2+z32
d/AwbBwdM25KtR1501kTMB8GA1UdIwQYMBaAFMKIef7BDOkpwc8uW5eIbx1+oXxa
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkVCMS80QzVGNzIwODMx
RjMxMUVBQTBBOTY4NzZDNEY5QUUwMi93b2g1X3NFTTZTbkJ6eTVibDRodkhYNmhm
Rm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dvaDVfc0VNNlNuQnp5NWJsNGh2SFg2aGZGby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjZFQjEvNEM1RjcyMDgzMUYzMTFFQUEwQTk2ODc2QzRGOUFFMDIvQ0VDMUY4Q0VC
Q0REMTFFREE4OTBDMzdFQzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS
BAIAATAMAwQCZ1ZsAwQCyrUEMA0EAgACMAcDBQAkALzAMA0GCSqGSIb3DQEBCwUA
A4IBAQBk+kyYgFNrml4u6qBDv3OV+Svf1DzqKZox0jTdTiaa8aCRj+zbhgcjAHne
yyHco7TE0iZyHjBQMPkcH22cGEX5bH4dgHowj6sWCDtZHfMYPEVnfMuBdJpxt8X1
79P4HY29KVgDJhuWzfeyoS3noibutWQGE0tuwW/a92kZEOOOGGi3RdFGiIKriuVq
7DsMwsbTKR4NnYAxaKQKgI8YWO++9freGSrtBu6ZSQV3/rIXkkDSL6mgwMfA09Wo
zbWnr4da3mFzOPmQ7IaDnDEgYlmsFpheYlmIwSyETzxoXNW+rLWyzsVhQduJNuof
oP8xYz5m+F5vma8O3iNkfk5LMQZr
-----END CERTIFICATE-----
Generated at Fri Apr 17 09:34:50 2026 by rpki-client