Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/B1F39E9C334111EF9770A542C4F9AE02.roa
File: B1F39E9C334111EF9770A542C4F9AE02.roa (raw, json)
Hash identifier: TLIL13JgGPe1P4BL40jELv4mEyCxR17v77PRx0bd8FM=
Subject key identifier: CC:AE:B1:01:09:40:E6:00:71:80:9E:A3:C4:41:70:20:0C:CE:DD:FA
Certificate issuer: /CN=A91C2CC7/serialNumber=77486B610D333AEBDA8F255C501411B01F18FF49
Certificate serial: 1076
Authority key identifier: 77:48:6B:61:0D:33:3A:EB:DA:8F:25:5C:50:14:11:B0:1F:18:FF:49
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/B1F39E9C334111EF9770A542C4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:39:33 +0000
ROA not before: Fri 03 Oct 2025 11:52:24 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 202
IP address blocks: 103.30.186.0/23 maxlen: 23
202.53.197.0/24 maxlen: 24
202.53.204.0/23 maxlen: 23
202.53.206.0/23 maxlen: 23
2401:df00:1::/48 maxlen: 48
2401:df00:2::/48 maxlen: 48
2401:df00:7::/48 maxlen: 48
2401:df00:11::/48 maxlen: 48
2401:df00:12::/48 maxlen: 48
2401:df00:21::/48 maxlen: 48
2401:df00:22::/48 maxlen: 48
2401:df00:27::/48 maxlen: 48
2401:df00:31::/48 maxlen: 48
2401:df00:32::/48 maxlen: 48
2401:df00:41::/48 maxlen: 48
2401:df00:42::/48 maxlen: 48
2401:df00:47::/48 maxlen: 48
2401:df00:51::/48 maxlen: 48
2401:df00:52::/48 maxlen: 48
2401:df00:57::/48 maxlen: 48
2401:df00:61::/48 maxlen: 48
2401:df00:62::/48 maxlen: 48
2401:df00:181::/48 maxlen: 48
2401:df00:182::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.crl
rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:18:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4214 (0x1076)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C2CC7, serialNumber=77486B610D333AEBDA8F255C501411B01F18FF49
Validity
Not Before: Oct 3 11:52:24 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=69a479d5-a9c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:68:4c:21:b6:d1:5f:75:82:ca:b5:a6:4f:48:
9a:48:9b:4c:13:b4:96:43:ec:ef:c4:a2:61:c0:cb:
e9:67:de:32:5b:65:dc:b5:d9:44:fc:8c:e2:b7:ef:
2a:75:41:c2:3e:dd:8b:fd:e4:97:c2:ad:89:fd:22:
c4:49:74:6c:d6:88:28:3b:b9:f4:cb:18:2a:b2:58:
79:0e:5f:10:7d:cb:50:8d:b4:4e:ca:99:96:e0:6b:
63:bb:ea:6d:aa:ef:9e:56:85:31:4a:4c:72:90:a3:
2b:78:29:e5:72:d5:ba:97:37:ae:d3:4c:e0:4d:c8:
35:33:a1:0b:29:62:49:3c:21:5f:21:a2:f6:b3:f0:
6d:98:e2:6a:49:62:85:4c:97:ad:f4:02:5d:2f:22:
8d:fe:a8:9d:f1:b5:e4:de:50:6c:b9:1a:33:ca:6c:
5b:7d:f3:1d:59:2b:fa:e7:bc:d1:26:c3:8c:5c:1d:
64:61:4b:05:6c:ae:3f:93:ba:fb:ab:b1:99:bc:b4:
b3:3d:ef:76:bf:e4:0c:9b:09:4a:b2:4e:be:ef:17:
9a:4a:6a:ab:ca:a9:bc:42:95:25:a9:ae:20:87:aa:
1b:ba:38:97:15:ea:e3:79:64:7a:48:54:07:81:5e:
1e:d9:5a:51:22:91:a8:e0:57:bf:5e:e0:05:90:bb:
e0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:AE:B1:01:09:40:E6:00:71:80:9E:A3:C4:41:70:20:0C:CE:DD:FA
X509v3 Authority Key Identifier:
keyid:77:48:6B:61:0D:33:3A:EB:DA:8F:25:5C:50:14:11:B0:1F:18:FF:49
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/B1F39E9C334111EF9770A542C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.30.186.0/23
202.53.197.0/24
202.53.204.0/22
IPv6:
2401:df00:1::-2401:df00:2:ffff:ffff:ffff:ffff:ffff
2401:df00:7::/48
2401:df00:11::-2401:df00:12:ffff:ffff:ffff:ffff:ffff
2401:df00:21::-2401:df00:22:ffff:ffff:ffff:ffff:ffff
2401:df00:27::/48
2401:df00:31::-2401:df00:32:ffff:ffff:ffff:ffff:ffff
2401:df00:41::-2401:df00:42:ffff:ffff:ffff:ffff:ffff
2401:df00:47::/48
2401:df00:51::-2401:df00:52:ffff:ffff:ffff:ffff:ffff
2401:df00:57::/48
2401:df00:61::-2401:df00:62:ffff:ffff:ffff:ffff:ffff
2401:df00:181::-2401:df00:182:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2a:18:97:a6:cd:4a:a1:94:91:19:2a:e4:1f:e4:e9:3d:de:3f:
ed:ef:6d:04:3c:19:94:49:5b:32:4d:72:4b:a5:68:91:e8:a3:
77:ed:ab:0c:a4:41:05:aa:b2:36:8a:8d:20:fc:c2:11:8b:8f:
89:e3:71:18:3d:3e:9e:39:dd:90:28:c6:5b:23:d5:64:03:57:
09:5b:9f:d5:22:20:dc:b8:49:b8:2a:3d:af:e2:52:9d:f0:ee:
ec:99:48:09:d6:0f:ab:aa:4f:ed:84:dd:ca:e3:ef:00:6b:94:
30:f7:0d:51:86:ff:29:38:1f:46:79:73:01:f9:a8:7d:bd:98:
28:fd:35:7f:04:2b:14:00:1d:78:7d:2b:c4:33:10:dc:f1:d6:
ac:76:52:d8:6a:16:d7:e1:ed:75:b8:b3:dc:c5:fc:b6:a9:12:
67:9b:4c:5f:3a:76:4e:4c:2a:2d:04:b4:09:76:08:96:bb:7e:
d9:7a:22:1f:2b:5b:81:54:00:55:b1:1f:d9:d1:1c:17:6e:a9:
de:41:7f:b5:e7:17:9d:20:69:13:37:85:8d:48:a5:6a:d6:e9:
4d:26:e0:78:1c:09:f5:4a:18:d8:e3:0d:d2:40:d3:6b:a8:e7:
02:17:4a:1c:ab:28:2f:8f:b6:36:a8:86:e4:2d:c8:58:06:45:
b1:2c:07:c4
-----BEGIN CERTIFICATE-----
MIIGGTCCBQGgAwIBAgICEHYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzJDQzcxMTAvBgNVBAUTKDc3NDg2QjYxMEQzMzNBRUJEQThGMjU1QzUwMTQxMUIw
MUYxOEZGNDkwHhcNMjUxMDAzMTE1MjI0WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NzlkNS1hOWMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4GhMIbbRX3WCyrWmT0iaSJtME7SWQ+zvxKJhwMvpZ94yW2XctdlE/Izit+8q
dUHCPt2L/eSXwq2J/SLESXRs1ogoO7n0yxgqslh5Dl8QfctQjbROypmW4Gtju+pt
qu+eVoUxSkxykKMreCnlctW6lzeu00zgTcg1M6ELKWJJPCFfIaL2s/BtmOJqSWKF
TJet9AJdLyKN/qid8bXk3lBsuRozymxbffMdWSv657zRJsOMXB1kYUsFbK4/k7r7
q7GZvLSzPe92v+QMmwlKsk6+7xeaSmqryqm8QpUlqa4gh6obujiXFerjeWR6SFQH
gV4e2VpRIpGo4Fe/XuAFkLvg8wIDAQABo4IDPTCCAzkwHQYDVR0OBBYEFMyusQEJ
QOYAcYCeo8RBcCAMzt36MB8GA1UdIwQYMBaAFHdIa2ENMzrr2o8lXFAUEbAfGP9J
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMkNDNy83OTFDNkEzNDdC
MzgxMUU5QkMwRDNCMzJDNEY5QUUwMi9kMGhyWVEwek91dmFqeVZjVUJRUnNCOFlf
MGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2QwaHJZUTB6T3V2YWp5VmNVQlFSc0I4WV8way5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzJDQzcvNzkxQzZBMzQ3QjM4MTFFOUJDMEQzQjMyQzRGOUFFMDIvQjFGMzlFOUMz
MzQxMTFFRjk3NzBBNTQyQzRGOUFFMDIucm9hMIH7BggrBgEFBQcBBwEB/wSB6zCB
6DAYBAIAATASAwQBZx66AwQAyjXFAwQCyjXMMIHLBAIAAjCBxDASAwcAJAHfAAAB
AwcAJAHfAAACAwcAJAHfAAAHMBIDBwAkAd8AABEDBwAkAd8AABIwEgMHACQB3wAA
IQMHACQB3wAAIgMHACQB3wAAJzASAwcAJAHfAAAxAwcAJAHfAAAyMBIDBwAkAd8A
AEEDBwAkAd8AAEIDBwAkAd8AAEcwEgMHACQB3wAAUQMHACQB3wAAUgMHACQB3wAA
VzASAwcAJAHfAABhAwcAJAHfAABiMBIDBwAkAd8AAYEDBwAkAd8AAYIwDQYJKoZI
hvcNAQELBQADggEBACoYl6bNSqGUkRkq5B/k6T3eP+3vbQQ8GZRJWzJNckulaJHo
o3ftqwykQQWqsjaKjSD8whGLj4njcRg9Pp453ZAoxlsj1WQDVwlbn9UiINy4Sbgq
Pa/iUp3w7uyZSAnWD6uqT+2E3crj7wBrlDD3DVGG/yk4H0Z5cwH5qH29mCj9NX8E
KxQAHXh9K8QzENzx1qx2UthqFtfh7XW4s9zF/LapEmebTF86dk5MKi0EtAl2CJa7
ftl6Ih8rW4FUAFWxH9nRHBduqd5Bf7XnF50gaRM3hY1IpWrW6U0m4HgcCfVKGNjj
DdJA02uo5wIXShyrKC+PtjaohuQtyFgGRbEsB8Q=
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:43:13 2026 by rpki-client