Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA9CE/54F15DA4011111EABD4F0A49C4F9AE02/843F754669EA11EE90D6585BC4F9AE02.roa
File: 843F754669EA11EE90D6585BC4F9AE02.roa (raw, json)
Hash identifier: sEAKBH3vdiwKhzr+pz82LbbFlkeuV8FcYTwEffKRwCI=
Subject key identifier: D8:9B:8C:95:79:96:5A:5F:9F:DA:FB:56:82:EA:1E:D6:6F:E8:05:D6
Certificate issuer: /CN=A91BA9CE/serialNumber=E9690BBB9F36C09D4C2ED4F66CF55DC35275FB72
Certificate serial: 0D54
Authority key identifier: E9:69:0B:BB:9F:36:C0:9D:4C:2E:D4:F6:6C:F5:5D:C3:52:75:FB:72
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6WkLu582wJ1MLtT2bPVdw1J1-3I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BA9CE/54F15DA4011111EABD4F0A49C4F9AE02/843F754669EA11EE90D6585BC4F9AE02.roa
Signing time: Thu 04 Jun 2026 18:22:51 +0000
ROA not before: Thu 04 Jun 2026 18:22:51 +0000
ROA not after: Tue 31 Aug 2027 00:00:00 +0000
asID: 132829
IP address blocks: 43.239.100.0/24 maxlen: 24
103.248.132.0/24 maxlen: 24
103.248.133.0/24 maxlen: 24
103.248.134.0/23 maxlen: 24
2406:f900::/32 maxlen: 32
2406:f900::/48 maxlen: 48
2406:f900:1::/48 maxlen: 48
2406:f900:2::/48 maxlen: 48
2406:f900:3::/48 maxlen: 48
2406:f900:4::/48 maxlen: 48
2406:f900:5::/48 maxlen: 48
2406:f900:6::/48 maxlen: 48
2406:f900:7::/48 maxlen: 48
2406:f900:8::/48 maxlen: 48
2406:f900:9::/48 maxlen: 48
2406:f900:14::/48 maxlen: 48
2406:f900:15::/48 maxlen: 48
2406:f900:16::/48 maxlen: 48
2406:f900:17::/48 maxlen: 48
2406:f900:18::/48 maxlen: 48
2406:f900:19::/48 maxlen: 48
2406:f900:1a::/48 maxlen: 48
2406:f900:1b::/48 maxlen: 48
2406:f900:1c::/48 maxlen: 48
2406:f900:1d::/48 maxlen: 48
2406:f900:28::/48 maxlen: 48
2406:f900:29::/48 maxlen: 48
2406:f900:2a::/48 maxlen: 48
2406:f900:2b::/48 maxlen: 48
2406:f900:2c::/48 maxlen: 48
2406:f900:2d::/48 maxlen: 48
2406:f900:2e::/48 maxlen: 48
2406:f900:2f::/48 maxlen: 48
2406:f900:30::/48 maxlen: 48
2406:f900:31::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91BA9CE/54F15DA4011111EABD4F0A49C4F9AE02/6WkLu582wJ1MLtT2bPVdw1J1-3I.crl
rsync://rpki.apnic.net/member_repository/A91BA9CE/54F15DA4011111EABD4F0A49C4F9AE02/6WkLu582wJ1MLtT2bPVdw1J1-3I.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6WkLu582wJ1MLtT2bPVdw1J1-3I.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 19 Jun 2026 18:06:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3412 (0xd54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BA9CE, serialNumber=E9690BBB9F36C09D4C2ED4F66CF55DC35275FB72
Validity
Not Before: Jun 4 18:22:51 2026 GMT
Not After : Aug 31 00:00:00 2027 GMT
Subject: CN=6a21c27b-c600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:fb:98:e4:7e:ae:e9:af:a9:7d:7e:47:75:48:
39:32:75:0f:17:9d:c6:fb:eb:3d:69:a1:ad:9f:c2:
60:e4:82:0e:76:70:0f:07:ef:f1:e3:ca:3b:02:a7:
6d:1f:2e:79:b1:16:57:bc:4d:01:5e:4a:3c:72:15:
74:d1:d7:59:81:d5:fd:d1:43:d6:23:74:8d:c1:ae:
d6:fd:6b:61:e0:a1:ed:ac:33:b1:29:2e:9e:44:ea:
1c:f9:4a:05:27:1c:a3:18:2c:0e:2b:d2:8a:9b:f9:
ed:d3:d5:fa:93:b4:0f:46:8a:a1:6d:0e:35:9d:b2:
87:a7:0f:c6:e7:79:9e:e4:3d:fc:39:9d:f2:ec:13:
39:41:ea:b8:ac:b2:f0:12:e6:2e:f0:ac:93:6d:f9:
88:74:05:91:3e:19:06:15:b8:42:b1:b6:c1:7b:7a:
fa:6b:7a:14:c0:13:d2:d4:49:5d:61:82:a7:67:59:
0e:ba:4b:1a:29:a5:6d:9e:28:a2:82:da:6f:d7:f0:
d7:67:67:5c:ca:db:4d:e2:d2:fc:d9:b6:3b:ad:03:
c5:b5:d7:a7:78:56:d6:d7:6e:df:68:00:24:49:0c:
b1:c1:3f:bf:c5:c3:dc:8c:f2:ba:33:84:45:3d:1e:
55:98:d7:f3:3e:9f:3a:b8:6f:fc:fc:96:1e:c8:f3:
6c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:9B:8C:95:79:96:5A:5F:9F:DA:FB:56:82:EA:1E:D6:6F:E8:05:D6
X509v3 Authority Key Identifier:
keyid:E9:69:0B:BB:9F:36:C0:9D:4C:2E:D4:F6:6C:F5:5D:C3:52:75:FB:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BA9CE/54F15DA4011111EABD4F0A49C4F9AE02/6WkLu582wJ1MLtT2bPVdw1J1-3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6WkLu582wJ1MLtT2bPVdw1J1-3I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA9CE/54F15DA4011111EABD4F0A49C4F9AE02/843F754669EA11EE90D6585BC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.239.100.0/24
103.248.132.0/22
IPv6:
2406:f900::/32
Signature Algorithm: sha256WithRSAEncryption
91:49:83:f5:97:03:df:94:f4:45:79:15:1d:c9:9d:64:c3:9a:
35:28:19:42:bb:43:63:08:89:1f:a0:05:22:56:1b:66:84:e4:
eb:1a:ca:dc:b6:2e:2f:41:d3:60:2e:ae:b2:4e:92:0e:7f:c8:
ad:97:4f:e9:c0:7b:29:64:af:b4:ea:f1:05:31:62:12:c6:fa:
ab:54:fd:e5:c0:4e:a0:a6:26:41:cc:ce:96:71:41:16:6e:6c:
9b:bd:47:fa:24:44:7d:23:f2:d9:87:e9:27:2c:aa:55:41:63:
e7:fb:38:4a:1f:be:b0:28:da:c9:e3:16:35:69:50:de:2e:04:
39:d8:18:33:43:70:a9:46:52:47:2b:01:a3:c7:47:28:47:5b:
68:0b:3a:dc:b3:ac:98:9e:5d:41:24:b9:dc:ee:83:36:d2:7e:
61:41:3d:d2:24:ed:c0:7f:0f:54:df:e2:2f:55:9e:f9:44:03:
a6:87:d4:5b:be:f0:f6:52:6c:be:72:2b:a2:41:25:6b:c9:5d:
54:e5:b8:29:8e:5c:9e:8f:34:5f:85:c9:de:22:92:09:3a:ee:
ef:fe:32:76:d8:a7:3a:62:81:ea:16:fa:50:7f:6f:10:5f:38:
45:33:40:88:57:ea:9f:06:94:14:85:7e:62:58:51:80:47:50:
cc:a5:84:05
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgICDVQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkE5Q0UxMTAvBgNVBAUTKEU5NjkwQkJCOUYzNkMwOUQ0QzJFRDRGNjZDRjU1REMz
NTI3NUZCNzIwHhcNMjYwNjA0MTgyMjUxWhcNMjcwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTIxYzI3Yi1jNjAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy/uY5H6u6a+pfX5HdUg5MnUPF53G++s9aaGtn8Jg5IIOdnAPB+/x48o7Aqdt
Hy55sRZXvE0BXko8chV00ddZgdX90UPWI3SNwa7W/Wth4KHtrDOxKS6eROoc+UoF
JxyjGCwOK9KKm/nt09X6k7QPRoqhbQ41nbKHpw/G53me5D38OZ3y7BM5Qeq4rLLw
EuYu8KyTbfmIdAWRPhkGFbhCsbbBe3r6a3oUwBPS1EldYYKnZ1kOuksaKaVtniii
gtpv1/DXZ2dcyttN4tL82bY7rQPFtdeneFbW127faAAkSQyxwT+/xcPcjPK6M4RF
PR5VmNfzPp86uG/8/JYeyPNs1QIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFNibjJV5
llpfn9r7VoLqHtZv6AXWMB8GA1UdIwQYMBaAFOlpC7ufNsCdTC7U9mz1XcNSdfty
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQTlDRS81NEYxNURBNDAx
MTExMUVBQkQ0RjBBNDlDNEY5QUUwMi82V2tMdTU4MndKMU1MdFQyYlBWZHcxSjEt
M0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZXa0x1NTgyd0oxTUx0VDJiUFZkdzFKMS0zSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkE5Q0UvNTRGMTVEQTQwMTExMTFFQUJENEYwQTQ5QzRGOUFFMDIvODQzRjc1NDY2
OUVBMTFFRTkwRDY1ODVCQzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS
BAIAATAMAwQAK+9kAwQCZ/iEMA0EAgACMAcDBQAkBvkAMA0GCSqGSIb3DQEBCwUA
A4IBAQCRSYP1lwPflPRFeRUdyZ1kw5o1KBlCu0NjCIkfoAUiVhtmhOTrGsrcti4v
QdNgLq6yTpIOf8itl0/pwHspZK+06vEFMWISxvqrVP3lwE6gpiZBzM6WcUEWbmyb
vUf6JER9I/LZh+knLKpVQWPn+zhKH76wKNrJ4xY1aVDeLgQ52BgzQ3CpRlJHKwGj
x0coR1toCzrcs6yYnl1BJLnc7oM20n5hQT3SJO3Afw9U3+IvVZ75RAOmh9RbvvD2
Umy+ciuiQSVryV1U5bgpjlyejzRfhcneIpIJOu7v/jJ22Kc6YoHqFvpQf28QXzhF
M0CIV+qfBpQUhX5iWFGAR1DMpYQF
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:51:19 2026 by rpki-client