Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BC269/BA676E30CFE511EC94BBC75AC4F9AE02/9B8A0A56F56F11EF84317935C4F9AE02.roa
File: 9B8A0A56F56F11EF84317935C4F9AE02.roa (raw, json)
Hash identifier: sjpSFEfJfHB83JHegW9f77CP43Jk4MjH6G+ONPOjQR4=
Subject key identifier: 38:7D:71:F2:88:D0:05:FA:29:DF:01:23:1E:59:7A:CA:9A:FD:CE:3D
Certificate issuer: /CN=A91BC269/serialNumber=30E2061F7C20BD843BEE5372C1321C35FBB1D3EF
Certificate serial: 040F
Authority key identifier: 30:E2:06:1F:7C:20:BD:84:3B:EE:53:72:C1:32:1C:35:FB:B1:D3:EF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOIGH3wgvYQ77lNywTIcNfux0-8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BC269/BA676E30CFE511EC94BBC75AC4F9AE02/9B8A0A56F56F11EF84317935C4F9AE02.roa
Signing time: Mon 02 Mar 2026 14:43:15 +0000
ROA not before: Wed 22 Oct 2025 04:16:07 +0000
ROA not after: Wed 30 Dec 2026 00:00:00 +0000
asID: 55850
IP address blocks: 14.137.0.0/19 maxlen: 19
101.53.192.0/19 maxlen: 19
101.53.208.0/21 maxlen: 21
101.53.216.0/22 maxlen: 22
101.53.220.0/22 maxlen: 23
103.8.140.0/22 maxlen: 22
103.15.126.0/23 maxlen: 23
103.26.202.0/24 maxlen: 24
103.173.251.0/24 maxlen: 24
103.241.56.0/22 maxlen: 22
115.69.160.0/19 maxlen: 19
116.251.128.0/18 maxlen: 18
116.251.192.0/21 maxlen: 21
116.251.200.0/22 maxlen: 22
124.155.224.0/20 maxlen: 20
150.107.172.0/22 maxlen: 22
163.47.236.0/22 maxlen: 22
180.148.96.0/19 maxlen: 19
202.56.32.0/20 maxlen: 20
202.56.48.0/21 maxlen: 21
202.74.33.0/24 maxlen: 24
202.137.240.0/21 maxlen: 21
203.94.32.0/19 maxlen: 19
203.124.16.0/21 maxlen: 21
2401:2f40::/32 maxlen: 32
2406:5a00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91BC269/BA676E30CFE511EC94BBC75AC4F9AE02/MOIGH3wgvYQ77lNywTIcNfux0-8.crl
rsync://rpki.apnic.net/member_repository/A91BC269/BA676E30CFE511EC94BBC75AC4F9AE02/MOIGH3wgvYQ77lNywTIcNfux0-8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOIGH3wgvYQ77lNywTIcNfux0-8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 14:43:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1039 (0x40f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BC269, serialNumber=30E2061F7C20BD843BEE5372C1321C35FBB1D3EF
Validity
Not Before: Oct 22 04:16:07 2025 GMT
Not After : Dec 30 00:00:00 2026 GMT
Subject: CN=69a5a203-c062
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:57:bb:9d:70:5e:58:55:42:0d:60:1d:cf:21:
88:2a:4c:fc:92:60:a9:fc:5a:a6:c2:46:0e:5d:bf:
b4:60:a6:f6:ab:8b:65:1a:12:8a:4a:37:2f:e7:a3:
5a:e7:9b:22:23:71:fa:f8:5d:ce:45:91:84:6b:a7:
a7:e1:b3:e7:2c:b0:5d:20:bb:1f:6c:bc:0c:9b:ee:
68:c7:d8:76:b3:48:b5:e2:d9:11:ab:92:11:04:68:
b7:cc:c4:3e:39:0f:91:c2:9e:eb:10:8f:11:47:4c:
84:be:b5:fd:66:11:3e:0b:80:c5:cb:ad:4f:cf:77:
57:f8:e6:a9:3f:0d:5c:7e:cc:b6:c4:71:a0:a6:5d:
54:45:29:22:90:eb:c5:6c:de:01:0a:3d:96:0d:84:
16:ce:04:2e:66:15:ff:72:02:66:03:72:51:ec:f7:
73:ce:52:40:71:da:bd:d1:dc:b9:66:dc:dc:36:b3:
d7:b8:5d:ee:16:f6:3d:af:e2:f0:c8:ca:ed:ae:1f:
a1:6c:5a:6e:c0:93:4e:f6:d1:27:c2:77:54:d6:4f:
d9:07:d9:ab:68:24:2d:10:0d:f8:59:14:17:42:b3:
fb:e4:25:5f:1d:5d:8e:5a:69:4b:03:8d:90:a0:05:
e9:8a:4f:72:7b:4f:07:ae:2c:ab:6d:18:44:d8:90:
07:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:7D:71:F2:88:D0:05:FA:29:DF:01:23:1E:59:7A:CA:9A:FD:CE:3D
X509v3 Authority Key Identifier:
keyid:30:E2:06:1F:7C:20:BD:84:3B:EE:53:72:C1:32:1C:35:FB:B1:D3:EF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BC269/BA676E30CFE511EC94BBC75AC4F9AE02/MOIGH3wgvYQ77lNywTIcNfux0-8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOIGH3wgvYQ77lNywTIcNfux0-8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BC269/BA676E30CFE511EC94BBC75AC4F9AE02/9B8A0A56F56F11EF84317935C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
14.137.0.0/19
101.53.192.0/19
103.8.140.0/22
103.15.126.0/23
103.26.202.0/24
103.173.251.0/24
103.241.56.0/22
115.69.160.0/19
116.251.128.0-116.251.203.255
124.155.224.0/20
150.107.172.0/22
163.47.236.0/22
180.148.96.0/19
202.56.32.0-202.56.55.255
202.74.33.0/24
202.137.240.0/21
203.94.32.0/19
203.124.16.0/21
IPv6:
2401:2f40::/32
2406:5a00::/32
Signature Algorithm: sha256WithRSAEncryption
59:cf:02:7c:3b:8c:2c:23:61:a9:7a:20:f5:8f:6f:6e:17:40:
b8:5c:24:95:90:ca:90:a2:91:c4:a2:fc:e8:98:fc:4b:e8:00:
7d:e8:8b:92:27:0d:1e:00:61:57:f6:ea:d5:5d:87:3d:e2:c9:
56:17:5d:e7:f7:8b:d8:eb:04:92:ff:ff:de:cf:db:69:e2:d5:
97:d7:7c:a7:ba:3c:06:f9:77:a1:36:ab:35:19:8f:21:71:8a:
25:57:7e:cc:2a:e7:09:f7:47:d3:e5:fa:50:d7:15:4a:89:74:
94:31:b3:dc:1c:8c:0c:60:b1:95:3c:97:26:b6:0b:cd:04:8c:
2f:fd:5a:87:4e:f2:40:6e:73:0b:65:da:8a:38:ab:6e:71:e9:
39:54:fd:0a:37:1a:04:fe:e9:ef:93:e0:72:95:21:9b:05:22:
41:81:19:d0:6a:da:42:17:f0:47:29:5b:a1:cf:61:6e:26:45:
fa:47:3b:64:cc:ad:42:8a:40:94:c7:c7:b9:40:95:00:f2:69:
ef:d3:1a:20:e8:6d:4e:61:cb:3d:3e:ec:f4:e3:23:d1:78:fd:
a0:42:f5:0c:d7:3f:b0:7f:ab:60:17:7a:6f:40:9d:f3:f3:b7:
a0:e3:3b:ae:be:65:51:1e:f1:7f:dd:9b:c5:29:3b:36:c5:e8:
78:41:87:70
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgICBA8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkMyNjkxMTAvBgNVBAUTKDMwRTIwNjFGN0MyMEJEODQzQkVFNTM3MkMxMzIxQzM1
RkJCMUQzRUYwHhcNMjUxMDIyMDQxNjA3WhcNMjYxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE1YTIwMy1jMDYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp1e7nXBeWFVCDWAdzyGIKkz8kmCp/FqmwkYOXb+0YKb2q4tlGhKKSjcv56Na
55siI3H6+F3ORZGEa6en4bPnLLBdILsfbLwMm+5ox9h2s0i14tkRq5IRBGi3zMQ+
OQ+Rwp7rEI8RR0yEvrX9ZhE+C4DFy61Pz3dX+OapPw1cfsy2xHGgpl1URSkikOvF
bN4BCj2WDYQWzgQuZhX/cgJmA3JR7PdzzlJAcdq90dy5ZtzcNrPXuF3uFvY9r+Lw
yMrtrh+hbFpuwJNO9tEnwndU1k/ZB9mraCQtEA34WRQXQrP75CVfHV2OWmlLA42Q
oAXpik9ye08HriyrbRhE2JAHOQIDAQABo4IC8DCCAuwwHQYDVR0OBBYEFDh9cfKI
0AX6Kd8BIx5Zesqa/c49MB8GA1UdIwQYMBaAFDDiBh98IL2EO+5TcsEyHDX7sdPv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQzI2OS9CQTY3NkUzMENG
RTUxMUVDOTRCQkM3NUFDNEY5QUUwMi9NT0lHSDN3Z3ZZUTc3bE55d1RJY05mdXgw
LTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01PSUdIM3dndllRNzdsTnl3VEljTmZ1eDAtOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkMyNjkvQkE2NzZFMzBDRkU1MTFFQzk0QkJDNzVBQzRGOUFFMDIvOUI4QTBBNTZG
NTZGMTFFRjg0MzE3OTM1QzRGOUFFMDIucm9hMIGuBggrBgEFBQcBBwEB/wSBnjCB
mzCBggQCAAEwfAMEBQ6JAAMEBWU1wAMEAmcIjAMEAWcPfgMEAGcaygMEAGet+wME
AmfxOAMEBXNFoDAMAwQHdPuAAwQCdPvIAwQEfJvgAwQClmusAwQCoy/sAwQFtJRg
MAwDBAXKOCADBAPKODADBADKSiEDBAPKifADBAXLXiADBAPLfBAwFAQCAAIwDgMF
ACQBL0ADBQAkBloAMA0GCSqGSIb3DQEBCwUAA4IBAQBZzwJ8O4wsI2GpeiD1j29u
F0C4XCSVkMqQopHEovzomPxL6AB96IuSJw0eAGFX9urVXYc94slWF13n94vY6wSS
///ez9tp4tWX13ynujwG+XehNqs1GY8hcYolV37MKucJ90fT5fpQ1xVKiXSUMbPc
HIwMYLGVPJcmtgvNBIwv/VqHTvJAbnMLZdqKOKtucek5VP0KNxoE/unvk+BylSGb
BSJBgRnQatpCF/BHKVuhz2FuJkX6RztkzK1CikCUx8e5QJUA8mnv0xog6G1OYcs9
Puz04yPReP2gQvUM1z+wf6tgF3pvQJ3z87eg4zuuvmVRHvF/3ZvFKTs2xeh4QYdw
-----END CERTIFICATE-----
Generated at Mon Mar 2 20:56:53 2026 by rpki-client