Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/B2AB6010721811F09FD98A22C4F9AE02.roa
File: B2AB6010721811F09FD98A22C4F9AE02.roa (raw, json)
Hash identifier: RppZ41kvs72Nx/kep3oP9EH50fRwPEp+eO9LIxKJPl0=
Subject key identifier: 5C:9C:D7:0D:1C:EE:C8:9E:CA:1F:13:FD:6F:00:8C:F6:05:5A:F0:B8
Certificate issuer: /CN=A91C2CC7/serialNumber=77486B610D333AEBDA8F255C501411B01F18FF49
Certificate serial: 1079
Authority key identifier: 77:48:6B:61:0D:33:3A:EB:DA:8F:25:5C:50:14:11:B0:1F:18:FF:49
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/B2AB6010721811F09FD98A22C4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:39:35 +0000
ROA not before: Fri 03 Oct 2025 11:52:26 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 3360
IP address blocks: 103.30.186.0/23 maxlen: 23
202.53.197.0/24 maxlen: 24
202.53.204.0/23 maxlen: 23
202.53.206.0/23 maxlen: 23
2401:df00:1::/48 maxlen: 48
2401:df00:2::/48 maxlen: 48
2401:df00:7::/48 maxlen: 48
2401:df00:11::/48 maxlen: 48
2401:df00:12::/48 maxlen: 48
2401:df00:21::/48 maxlen: 48
2401:df00:22::/48 maxlen: 48
2401:df00:27::/48 maxlen: 48
2401:df00:31::/48 maxlen: 48
2401:df00:32::/48 maxlen: 48
2401:df00:41::/48 maxlen: 48
2401:df00:42::/48 maxlen: 48
2401:df00:47::/48 maxlen: 48
2401:df00:51::/48 maxlen: 48
2401:df00:52::/48 maxlen: 48
2401:df00:57::/48 maxlen: 48
2401:df00:61::/48 maxlen: 48
2401:df00:62::/48 maxlen: 48
2401:df00:181::/48 maxlen: 48
2401:df00:182::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.crl
rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:18:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4217 (0x1079)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C2CC7, serialNumber=77486B610D333AEBDA8F255C501411B01F18FF49
Validity
Not Before: Oct 3 11:52:26 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=69a479d7-f682
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ec:9f:6b:a5:04:f0:ca:fd:9c:f7:e2:22:17:
4e:d7:e6:76:e9:69:0c:24:98:91:42:91:3b:b9:f0:
58:60:80:97:d9:f3:17:16:26:8d:89:8a:6e:21:ae:
60:21:e2:7f:8c:2f:b9:35:c0:df:3e:4c:51:0b:7a:
c2:85:68:9f:46:29:d4:43:1c:ab:75:dd:ae:b8:ce:
af:60:e8:e3:62:e6:e1:8a:31:cc:13:27:99:4a:09:
a1:ed:be:64:9e:c8:f5:64:e3:9c:67:51:f1:b6:2b:
7b:4e:c2:61:4f:bc:30:65:22:ac:ab:c0:e3:74:1d:
de:71:f3:55:5f:36:a9:22:12:b5:34:04:72:67:ab:
57:6a:69:cd:37:6d:1a:c1:73:05:e6:cd:b6:05:33:
46:01:5c:51:21:47:58:00:8a:f9:d7:9a:4d:19:6c:
de:b3:2e:87:e5:57:ef:1c:a4:db:22:80:75:62:2b:
59:2a:70:0e:4b:f0:8d:c3:99:a0:35:db:eb:24:93:
0d:2c:31:b0:d4:04:70:3f:65:de:5d:dc:25:4a:8a:
3c:51:76:fc:70:d8:70:01:44:a7:b0:06:57:7d:fc:
8f:32:9e:c0:2b:fa:f4:dc:b8:97:2d:b4:38:3a:c5:
42:c0:ed:fb:9d:97:70:87:4f:08:5d:f5:c7:97:63:
c7:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:9C:D7:0D:1C:EE:C8:9E:CA:1F:13:FD:6F:00:8C:F6:05:5A:F0:B8
X509v3 Authority Key Identifier:
keyid:77:48:6B:61:0D:33:3A:EB:DA:8F:25:5C:50:14:11:B0:1F:18:FF:49
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/B2AB6010721811F09FD98A22C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.30.186.0/23
202.53.197.0/24
202.53.204.0/22
IPv6:
2401:df00:1::-2401:df00:2:ffff:ffff:ffff:ffff:ffff
2401:df00:7::/48
2401:df00:11::-2401:df00:12:ffff:ffff:ffff:ffff:ffff
2401:df00:21::-2401:df00:22:ffff:ffff:ffff:ffff:ffff
2401:df00:27::/48
2401:df00:31::-2401:df00:32:ffff:ffff:ffff:ffff:ffff
2401:df00:41::-2401:df00:42:ffff:ffff:ffff:ffff:ffff
2401:df00:47::/48
2401:df00:51::-2401:df00:52:ffff:ffff:ffff:ffff:ffff
2401:df00:57::/48
2401:df00:61::-2401:df00:62:ffff:ffff:ffff:ffff:ffff
2401:df00:181::-2401:df00:182:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
34:6a:34:23:b5:24:46:3c:36:2d:30:38:63:80:f3:4a:a8:44:
11:57:51:d1:4c:40:49:29:8d:07:cd:dd:47:0d:5e:5b:86:dc:
b3:1f:ac:a3:a9:76:5a:ab:48:a9:cd:08:26:52:68:7e:d9:a6:
5f:c4:c4:4a:5c:29:86:73:d8:d7:d9:1a:2f:00:01:14:a5:89:
3d:3c:4f:c0:75:18:fa:69:fb:a2:35:fe:e3:e3:4a:38:a4:c9:
6f:a3:39:78:03:8d:6e:58:48:c5:49:73:cd:8a:5a:2e:eb:c1:
60:a3:3e:63:5f:03:f2:aa:d4:07:45:a2:b0:a0:3f:c9:9e:7c:
a0:c5:f8:53:c2:5b:1d:74:8e:97:3d:8d:12:12:5f:f7:b3:e3:
18:97:62:8a:84:6f:e2:fb:39:c9:b0:eb:bf:b5:c3:41:04:99:
3d:12:c0:57:5c:a4:2f:3d:c0:af:f4:5b:46:58:c5:5a:8e:20:
26:94:bc:42:dc:47:be:a1:f7:80:16:f8:a4:4f:77:e9:2a:43:
79:9f:e6:5f:38:54:54:d5:b1:45:0b:f9:2c:57:7f:92:22:92:
da:2a:5f:1e:82:08:42:02:ff:b8:2e:bc:7f:3d:7d:32:65:b0:
cc:5b:74:f1:6c:73:66:9f:44:86:7b:0e:8f:47:8d:61:d1:ef:
66:37:1d:71
-----BEGIN CERTIFICATE-----
MIIGGTCCBQGgAwIBAgICEHkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzJDQzcxMTAvBgNVBAUTKDc3NDg2QjYxMEQzMzNBRUJEQThGMjU1QzUwMTQxMUIw
MUYxOEZGNDkwHhcNMjUxMDAzMTE1MjI2WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NzlkNy1mNjgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwOyfa6UE8Mr9nPfiIhdO1+Z26WkMJJiRQpE7ufBYYICX2fMXFiaNiYpuIa5g
IeJ/jC+5NcDfPkxRC3rChWifRinUQxyrdd2uuM6vYOjjYubhijHMEyeZSgmh7b5k
nsj1ZOOcZ1Hxtit7TsJhT7wwZSKsq8DjdB3ecfNVXzapIhK1NARyZ6tXamnNN20a
wXMF5s22BTNGAVxRIUdYAIr515pNGWzesy6H5VfvHKTbIoB1YitZKnAOS/CNw5mg
NdvrJJMNLDGw1ARwP2XeXdwlSoo8UXb8cNhwAUSnsAZXffyPMp7AK/r03LiXLbQ4
OsVCwO37nZdwh08IXfXHl2PH4QIDAQABo4IDPTCCAzkwHQYDVR0OBBYEFFyc1w0c
7sieyh8T/W8AjPYFWvC4MB8GA1UdIwQYMBaAFHdIa2ENMzrr2o8lXFAUEbAfGP9J
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMkNDNy83OTFDNkEzNDdC
MzgxMUU5QkMwRDNCMzJDNEY5QUUwMi9kMGhyWVEwek91dmFqeVZjVUJRUnNCOFlf
MGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2QwaHJZUTB6T3V2YWp5VmNVQlFSc0I4WV8way5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzJDQzcvNzkxQzZBMzQ3QjM4MTFFOUJDMEQzQjMyQzRGOUFFMDIvQjJBQjYwMTA3
MjE4MTFGMDlGRDk4QTIyQzRGOUFFMDIucm9hMIH7BggrBgEFBQcBBwEB/wSB6zCB
6DAYBAIAATASAwQBZx66AwQAyjXFAwQCyjXMMIHLBAIAAjCBxDASAwcAJAHfAAAB
AwcAJAHfAAACAwcAJAHfAAAHMBIDBwAkAd8AABEDBwAkAd8AABIwEgMHACQB3wAA
IQMHACQB3wAAIgMHACQB3wAAJzASAwcAJAHfAAAxAwcAJAHfAAAyMBIDBwAkAd8A
AEEDBwAkAd8AAEIDBwAkAd8AAEcwEgMHACQB3wAAUQMHACQB3wAAUgMHACQB3wAA
VzASAwcAJAHfAABhAwcAJAHfAABiMBIDBwAkAd8AAYEDBwAkAd8AAYIwDQYJKoZI
hvcNAQELBQADggEBADRqNCO1JEY8Ni0wOGOA80qoRBFXUdFMQEkpjQfN3UcNXluG
3LMfrKOpdlqrSKnNCCZSaH7Zpl/ExEpcKYZz2NfZGi8AARSliT08T8B1GPpp+6I1
/uPjSjikyW+jOXgDjW5YSMVJc82KWi7rwWCjPmNfA/Kq1AdForCgP8mefKDF+FPC
Wx10jpc9jRISX/ez4xiXYoqEb+L7Ocmw67+1w0EEmT0SwFdcpC89wK/0W0ZYxVqO
ICaUvELcR76h94AW+KRPd+kqQ3mf5l84VFTVsUUL+SxXf5IiktoqXx6CCEIC/7gu
vH89fTJlsMxbdPFsc2afRIZ7Do9HjWHR72Y3HXE=
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:50:25 2026 by rpki-client