Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/5A318E06F6A111EBB6318B7EC4F9AE02.roa
File: 5A318E06F6A111EBB6318B7EC4F9AE02.roa (raw, json)
Hash identifier: Kcd6XpOFaQiuuRL3zl2swXULLS6KNUXvk+RMSSrL0Fo=
Subject key identifier: 7D:CD:5E:7B:31:9F:B5:6E:87:02:5C:0A:6D:C8:B1:6A:13:90:37:96
Certificate issuer: /CN=A91C4F06/serialNumber=3AAF80EA97E99B9525B33BC1335BB095C2D278A7
Certificate serial: 3608
Authority key identifier: 3A:AF:80:EA:97:E9:9B:95:25:B3:3B:C1:33:5B:B0:95:C2:D2:78:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/5A318E06F6A111EBB6318B7EC4F9AE02.roa
Signing time: Sun 01 Mar 2026 16:21:40 +0000
ROA not before: Thu 02 Oct 2025 15:10:57 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 23955
IP address blocks: 43.241.136.0/22 maxlen: 23
43.241.136.0/23 maxlen: 24
43.241.138.0/24 maxlen: 24
103.29.224.0/22 maxlen: 24
103.71.40.0/22 maxlen: 24
118.103.136.0/21 maxlen: 23
118.103.136.0/23 maxlen: 24
118.103.139.0/24 maxlen: 24
118.103.140.0/22 maxlen: 24
2405:ec00::/32 maxlen: 32
2405:ec00:2::/48 maxlen: 48
2405:ec00:3::/48 maxlen: 48
2405:ec00:4::/48 maxlen: 48
2405:ec00:5::/48 maxlen: 48
2405:ec00:6::/48 maxlen: 48
2405:ec00:10a::/48 maxlen: 48
2405:ec00:10b::/48 maxlen: 48
2405:ec00:10c::/48 maxlen: 48
2405:ec00:10d::/48 maxlen: 48
2405:ec00:10e::/48 maxlen: 48
2405:ec00:10f::/48 maxlen: 48
2405:ec00:110::/48 maxlen: 48
2405:ec00:1000::/48 maxlen: 48
2405:ec00:1001::/48 maxlen: 48
2405:ec00:1002::/48 maxlen: 48
2405:ec00:1003::/48 maxlen: 48
2405:ec00:1004::/48 maxlen: 48
2405:ec00:1005::/48 maxlen: 48
2405:ec00:1100::/48 maxlen: 48
2405:ec00:1101::/48 maxlen: 48
2405:ec00:1201::/48 maxlen: 48
2405:ec00:1202::/48 maxlen: 48
2405:ec00:1203::/48 maxlen: 48
2405:ec00:1204::/48 maxlen: 48
2405:ec00:1205::/48 maxlen: 48
2405:ec00:1206::/48 maxlen: 48
2405:ec00:1208::/48 maxlen: 48
2405:ec00:1209::/48 maxlen: 48
2405:ec00:1210::/48 maxlen: 48
2405:ec00:1300::/48 maxlen: 48
2405:ec00:1301::/48 maxlen: 48
2405:ec00:7000::/40 maxlen: 40
2405:ec00:7100::/40 maxlen: 40
2405:ec00:9011::/48 maxlen: 48
2405:ec00:9012::/48 maxlen: 48
2405:ec00:9013::/48 maxlen: 48
2405:ec00:9014::/48 maxlen: 48
2405:ec00:9015::/48 maxlen: 48
2405:ec00:9016::/48 maxlen: 48
2405:ec00:9017::/48 maxlen: 48
2405:ec00:9018::/48 maxlen: 48
2405:ec00:9019::/48 maxlen: 48
2405:ec00:901a::/48 maxlen: 48
2405:ec00:901b::/48 maxlen: 48
2405:ec00:9021::/48 maxlen: 48
2405:ec00:9022::/48 maxlen: 48
2405:ec00:9023::/48 maxlen: 48
2405:ec00:9024::/48 maxlen: 48
2405:ec00:9025::/48 maxlen: 48
2405:ec00:9051::/48 maxlen: 48
2405:ec00:9052::/48 maxlen: 48
2405:ec00:9053::/48 maxlen: 48
2405:ec00:9054::/48 maxlen: 48
2405:ec00:9055::/48 maxlen: 48
2405:ec00:9071::/48 maxlen: 48
2405:ec00:9072::/48 maxlen: 48
2405:ec00:9073::/48 maxlen: 48
2405:ec00:9074::/48 maxlen: 48
2405:ec00:9075::/48 maxlen: 48
2405:ec00:9081::/48 maxlen: 48
2405:ec00:9082::/48 maxlen: 48
2405:ec00:9083::/48 maxlen: 48
2405:ec00:9100::/48 maxlen: 48
2405:ec00:9101::/48 maxlen: 48
2405:ec00:a1ca::/48 maxlen: 48
2405:ec00:f000::/36 maxlen: 36
2405:ec00:fa00::/48 maxlen: 48
2405:ec00:face::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.crl
rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 02:26:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13832 (0x3608)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C4F06, serialNumber=3AAF80EA97E99B9525B33BC1335BB095C2D278A7
Validity
Not Before: Oct 2 15:10:57 2025 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=69a46794-fcf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:cb:28:20:38:45:55:59:e3:9f:70:e9:be:59:
6e:47:b5:80:e0:a9:68:db:20:be:8b:ee:e3:b9:ed:
f0:17:82:1a:4c:b0:6f:4b:2d:dc:be:a8:71:ac:e0:
cb:46:9e:f8:f7:46:8d:56:67:d8:e3:4d:ba:f8:53:
5e:bb:cf:00:c7:45:1d:a7:6d:7a:c9:42:51:da:2b:
28:af:72:17:d6:43:20:44:36:75:d5:05:e3:9d:6a:
b8:12:d7:26:d7:ba:17:d2:28:c2:b3:8b:d1:6a:3f:
ad:70:1c:d3:92:2b:b9:f0:7d:e5:db:30:9b:59:ba:
57:7e:1d:54:a9:b1:1e:ef:e6:86:ec:f5:e5:6a:ac:
91:b3:e2:33:70:63:d7:b7:cf:47:40:60:3a:34:08:
d4:d8:97:65:b8:2b:40:75:a3:b6:1b:81:0f:0c:4e:
2a:5b:47:04:30:84:5f:77:f4:3f:e2:79:46:be:21:
f8:35:a7:ef:e0:ab:eb:7c:c3:76:f3:67:b8:a6:ac:
83:62:2a:fb:c1:cf:9a:18:7a:e5:92:0e:20:86:1a:
45:a8:cf:cd:10:f2:c7:ad:c2:88:27:63:ea:4b:e6:
02:48:ab:da:99:97:7d:a4:65:9c:e2:e3:a0:c8:7b:
fe:3e:af:7c:e4:64:a4:10:ac:89:7e:d0:28:61:f7:
43:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:CD:5E:7B:31:9F:B5:6E:87:02:5C:0A:6D:C8:B1:6A:13:90:37:96
X509v3 Authority Key Identifier:
keyid:3A:AF:80:EA:97:E9:9B:95:25:B3:3B:C1:33:5B:B0:95:C2:D2:78:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/5A318E06F6A111EBB6318B7EC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
43.241.136.0/22
103.29.224.0/22
103.71.40.0/22
118.103.136.0/21
IPv6:
2405:ec00::/32
Signature Algorithm: sha256WithRSAEncryption
a8:65:29:c2:f7:6e:60:eb:c3:2d:3f:ca:4e:54:3c:71:c2:d6:
3b:42:d1:f8:83:32:c5:f3:02:0b:5b:46:cf:c0:7d:cb:52:97:
b8:4a:6b:8c:0e:51:94:6f:10:af:8e:72:fe:c6:fc:3f:54:00:
92:ee:55:b2:94:74:03:04:27:bf:20:47:27:0a:7f:2e:07:3b:
84:ea:6e:e1:bf:3e:ac:61:d2:71:88:49:6c:a9:1e:99:12:a7:
73:9c:f0:32:80:cf:2a:86:b8:c8:c7:37:d2:4c:b7:76:c2:08:
2a:b0:13:32:82:98:0d:fe:0a:c4:80:c4:e6:cb:90:fe:95:10:
d5:2f:01:a2:9b:92:ca:6c:23:1e:30:45:83:24:9e:61:8c:72:
75:a6:12:c3:02:2d:58:fc:ee:6a:ab:e4:5f:cc:d5:56:95:50:
93:99:83:a6:81:cb:b5:97:8a:dd:c0:67:51:06:fb:ee:a4:07:
03:31:97:33:ca:6c:94:bb:b4:28:62:88:86:63:ed:76:39:56:
07:04:b6:bf:28:78:ce:f1:aa:c2:6d:af:5e:a6:89:04:c8:ee:
18:e6:69:7a:79:0f:2f:1b:02:b9:57:e7:ef:3a:fa:c9:19:58:
ea:6c:39:66:84:e9:4f:6c:e8:96:ec:fc:73:3d:31:39:a3:90:
0c:39:51:4e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgICNggwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzRGMDYxMTAvBgNVBAUTKDNBQUY4MEVBOTdFOTlCOTUyNUIzM0JDMTMzNUJCMDk1
QzJEMjc4QTcwHhcNMjUxMDAyMTUxMDU3WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0Njc5NC1mY2Y0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5ssoIDhFVVnjn3DpvlluR7WA4Klo2yC+i+7jue3wF4IaTLBvSy3cvqhxrODL
Rp7490aNVmfY4026+FNeu88Ax0Udp216yUJR2isor3IX1kMgRDZ11QXjnWq4Etcm
17oX0ijCs4vRaj+tcBzTkiu58H3l2zCbWbpXfh1UqbEe7+aG7PXlaqyRs+IzcGPX
t89HQGA6NAjU2JdluCtAdaO2G4EPDE4qW0cEMIRfd/Q/4nlGviH4Nafv4KvrfMN2
82e4pqyDYir7wc+aGHrlkg4ghhpFqM/NEPLHrcKIJ2PqS+YCSKvamZd9pGWc4uOg
yHv+Pq985GSkEKyJftAoYfdD3wIDAQABo4ICgTCCAn0wHQYDVR0OBBYEFH3NXnsx
n7VuhwJcCm3IsWoTkDeWMB8GA1UdIwQYMBaAFDqvgOqX6ZuVJbM7wTNbsJXC0nin
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNEYwNi83NkUxQzQ3RTFE
OTUxMUUyQkU1OTVFN0QwOEIwMkNEMi9PcS1BNnBmcG01VWxzenZCTTF1d2xjTFNl
S2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09xLUE2cGZwbTVVbHN6dkJNMXV3bGNMU2VLYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzRGMDYvNzZFMUM0N0UxRDk1MTFFMkJFNTk1RTdEMDhCMDJDRDIvNUEzMThFMDZG
NkExMTFFQkI2MzE4QjdFQzRGOUFFMDIucm9hMEAGCCsGAQUFBwEHAQH/BDEwLzAe
BAIAATAYAwQCK/GIAwQCZx3gAwQCZ0coAwQDdmeIMA0EAgACMAcDBQAkBewAMA0G
CSqGSIb3DQEBCwUAA4IBAQCoZSnC925g68MtP8pOVDxxwtY7QtH4gzLF8wILW0bP
wH3LUpe4SmuMDlGUbxCvjnL+xvw/VACS7lWylHQDBCe/IEcnCn8uBzuE6m7hvz6s
YdJxiElsqR6ZEqdznPAygM8qhrjIxzfSTLd2wggqsBMygpgN/grEgMTmy5D+lRDV
LwGim5LKbCMeMEWDJJ5hjHJ1phLDAi1Y/O5qq+RfzNVWlVCTmYOmgcu1l4rdwGdR
BvvupAcDMZczymyUu7QoYoiGY+12OVYHBLa/KHjO8arCba9epokEyO4Y5ml6eQ8v
GwK5V+fvOvrJGVjqbDlmhOlPbOiW7PxzPTE5o5AMOVFO
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:54:50 2026 by rpki-client