Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8E61229E3AEA11EC84E6634EC4F9AE02.roa
File: 8E61229E3AEA11EC84E6634EC4F9AE02.roa (raw, json)
Hash identifier: fFNn+D8a+9BaecelYFnpv1pf8zkcnuV1ywYcbNcNMB4=
Subject key identifier: A0:26:24:B2:37:41:5A:96:E3:78:C1:D6:FF:8C:63:42:6D:A6:7A:F8
Certificate issuer: /CN=A91B885C/serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF
Certificate serial: 0DE8
Authority key identifier: 53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8E61229E3AEA11EC84E6634EC4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:46:38 +0000
ROA not before: Sat 22 Nov 2025 17:37:44 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 55799
IP address blocks: 27.122.56.0/24 maxlen: 24
27.122.57.0/24 maxlen: 24
27.122.58.0/24 maxlen: 24
27.122.59.0/24 maxlen: 24
43.239.156.0/22 maxlen: 22
43.239.156.0/23 maxlen: 23
43.239.156.0/24 maxlen: 24
43.239.157.0/24 maxlen: 24
43.239.158.0/23 maxlen: 23
43.239.158.0/24 maxlen: 24
43.239.159.0/24 maxlen: 24
43.245.196.0/23 maxlen: 23
43.245.196.0/24 maxlen: 24
43.245.197.0/24 maxlen: 24
43.245.198.0/24 maxlen: 24
43.245.199.0/24 maxlen: 24
43.251.157.0/24 maxlen: 24
43.251.158.0/24 maxlen: 24
43.251.159.0/24 maxlen: 24
103.1.152.0/24 maxlen: 24
103.1.153.0/24 maxlen: 24
103.1.154.0/24 maxlen: 24
103.1.155.0/24 maxlen: 24
103.10.196.0/24 maxlen: 24
103.10.198.0/24 maxlen: 24
103.35.72.0/22 maxlen: 22
103.35.72.0/24 maxlen: 24
103.35.73.0/24 maxlen: 24
103.35.74.0/24 maxlen: 24
103.35.75.0/24 maxlen: 24
103.68.223.0/24 maxlen: 24
103.71.254.0/24 maxlen: 24
103.72.4.0/23 maxlen: 23
182.161.32.0/22 maxlen: 22
182.161.32.0/24 maxlen: 24
182.161.33.0/24 maxlen: 24
182.161.34.0/24 maxlen: 24
182.161.35.0/24 maxlen: 24
202.144.192.0/22 maxlen: 22
202.144.192.0/24 maxlen: 24
202.144.193.0/24 maxlen: 24
202.144.194.0/24 maxlen: 24
202.144.195.0/24 maxlen: 24
2402:c480:3001::/48 maxlen: 48
2402:c480:8001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl
rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 01:56:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3560 (0xde8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B885C, serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF
Validity
Not Before: Nov 22 17:37:44 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=69a47b7e-6e62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b5:97:01:18:88:f4:5c:08:c4:f9:39:01:5c:
29:3e:ac:11:01:d0:ed:7d:e9:92:f8:1d:53:76:ae:
62:1d:5e:c2:f3:72:75:65:bf:55:6c:cc:ac:d6:65:
31:a2:31:15:d5:17:52:70:a0:e6:d6:d8:d8:d3:06:
d4:b2:23:9f:8a:c4:8a:f4:01:9c:7f:49:1c:89:70:
28:2f:7b:4a:ce:38:34:40:43:1e:fa:a7:41:61:02:
9c:2c:5d:d8:04:73:70:90:4a:f9:a4:be:fe:54:f9:
6d:0b:5b:ec:4e:b8:65:78:f1:1a:7d:76:b5:c5:9e:
b8:ad:30:7e:35:a5:1f:ab:6a:81:36:67:de:31:0f:
db:8d:57:0e:fb:f8:5c:44:7e:fe:9d:4e:11:85:5f:
af:b9:3e:d0:33:bc:9a:0d:8b:4b:19:67:be:3f:8e:
23:29:c3:06:1f:95:71:5c:0a:64:ef:9f:e6:ee:a7:
2b:ed:62:5f:eb:dc:64:cd:06:74:5a:30:cb:bb:55:
3d:3b:5c:4f:01:fc:06:ce:2d:0c:5e:cd:4d:52:3a:
da:7b:9d:6b:5d:43:31:54:56:33:59:68:0c:3e:cf:
99:b1:3f:51:b2:aa:7b:e5:57:f6:b4:16:15:fe:ce:
fd:f3:85:39:bb:40:31:cd:89:11:44:3a:26:31:96:
aa:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:26:24:B2:37:41:5A:96:E3:78:C1:D6:FF:8C:63:42:6D:A6:7A:F8
X509v3 Authority Key Identifier:
keyid:53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8E61229E3AEA11EC84E6634EC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
27.122.56.0/22
43.239.156.0/22
43.245.196.0/22
43.251.157.0-43.251.159.255
103.1.152.0/22
103.10.196.0/24
103.10.198.0/24
103.35.72.0/22
103.68.223.0/24
103.71.254.0/24
103.72.4.0/23
182.161.32.0/22
202.144.192.0/22
IPv6:
2402:c480:3001::/48
2402:c480:8001::/48
Signature Algorithm: sha256WithRSAEncryption
55:d2:c2:d0:64:20:31:91:de:3e:49:b1:d0:60:f7:c0:56:ae:
82:10:e0:f0:43:3a:8a:cc:dd:db:ec:2f:6a:b6:51:3f:f4:c5:
82:6f:fe:07:ef:e3:23:11:2e:2b:a3:27:fa:bf:ef:d4:6b:55:
c8:48:14:7c:7b:0e:36:6f:5a:47:da:f4:c2:12:4c:5a:80:e2:
9a:d1:4a:30:0f:7e:b4:52:7f:c9:24:b3:79:4e:80:91:e7:f6:
6e:8b:05:0d:53:20:83:42:58:20:8c:32:33:71:f9:68:79:53:
5e:82:f7:af:82:fb:29:00:61:85:cc:bd:96:a4:99:cb:3a:33:
a9:86:4f:44:b3:b5:57:94:fe:91:73:1d:0a:69:fc:6a:30:d3:
9a:63:41:a7:91:64:1e:ed:6e:e1:f4:e8:9a:22:d3:e9:ad:a8:
33:2e:a7:96:55:ce:7e:d2:72:c1:fc:eb:03:04:50:55:aa:df:
04:cd:f8:2b:97:66:e0:96:1f:07:d2:1c:0e:f1:28:53:c8:85:
b6:47:71:22:12:6a:95:4b:2c:2f:9a:f8:7a:95:21:81:db:88:
b8:5a:b8:7c:a8:9b:18:ac:7a:d2:c4:0c:7b:11:73:65:8a:1c:
05:f1:2d:80:e5:fb:04:f6:d1:e9:cd:21:58:97:c9:b5:77:02:
8e:7f:b4:e4
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgICDegwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjg4NUMxMTAvBgNVBAUTKDUzNzRDNkU3NUYxODYwNTI0NTVBMkQ4REE1MjkyRkVG
MDA5Q0M5QUYwHhcNMjUxMTIyMTczNzQ0WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0N2I3ZS02ZTYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA37WXARiI9FwIxPk5AVwpPqwRAdDtfemS+B1Tdq5iHV7C83J1Zb9VbMys1mUx
ojEV1RdScKDm1tjY0wbUsiOfisSK9AGcf0kciXAoL3tKzjg0QEMe+qdBYQKcLF3Y
BHNwkEr5pL7+VPltC1vsTrhlePEafXa1xZ64rTB+NaUfq2qBNmfeMQ/bjVcO+/hc
RH7+nU4RhV+vuT7QM7yaDYtLGWe+P44jKcMGH5VxXApk75/m7qcr7WJf69xkzQZ0
WjDLu1U9O1xPAfwGzi0MXs1NUjrae51rXUMxVFYzWWgMPs+ZsT9Rsqp75Vf2tBYV
/s7984U5u0AxzYkRRDomMZaqxQIDAQABo4ICyzCCAscwHQYDVR0OBBYEFKAmJLI3
QVqW43jB1v+MY0Jtpnr4MB8GA1UdIwQYMBaAFFN0xudfGGBSRVotjaUpL+8AnMmv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODg1Qy81QzE5Rjg0MkYy
NjcxMUU5ODdDNzEzMUZDNEY5QUUwMi9VM1RHNTE4WVlGSkZXaTJOcFNrdjd3Q2N5
YTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1UzVEc1MThZWUZKRldpMk5wU2t2N3dDY3lhOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjg4NUMvNUMxOUY4NDJGMjY3MTFFOTg3QzcxMzFGQzRGOUFFMDIvOEU2MTIyOUUz
QUVBMTFFQzg0RTY2MzRFQzRGOUFFMDIucm9hMIGJBggrBgEFBQcBBwEB/wR6MHgw
XAQCAAEwVgMEAht6OAMEAivvnAMEAiv1xDAMAwQAK/udAwQFK/uAAwQCZwGYAwQA
ZwrEAwQAZwrGAwQCZyNIAwQAZ0TfAwQAZ0f+AwQBZ0gEAwQCtqEgAwQCypDAMBgE
AgACMBIDBwAkAsSAMAEDBwAkAsSAgAEwDQYJKoZIhvcNAQELBQADggEBAFXSwtBk
IDGR3j5JsdBg98BWroIQ4PBDOorM3dvsL2q2UT/0xYJv/gfv4yMRLiujJ/q/79Rr
VchIFHx7DjZvWkfa9MISTFqA4prRSjAPfrRSf8kks3lOgJHn9m6LBQ1TIINCWCCM
MjNx+Wh5U16C96+C+ykAYYXMvZakmcs6M6mGT0SztVeU/pFzHQpp/Gow05pjQaeR
ZB7tbuH06Joi0+mtqDMup5ZVzn7ScsH86wMEUFWq3wTN+CuXZuCWHwfSHA7xKFPI
hbZHcSISapVLLC+a+HqVIYHbiLhauHyomxisetLEDHsRc2WKHAXxLYDl+wT20enN
IViXybV3Ao5/tOQ=
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:30:05 2026 by rpki-client