Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/340190F8465911F096DBFB74C4F9AE02.roa
File: 340190F8465911F096DBFB74C4F9AE02.roa (raw, json)
Hash identifier: OX2p+SzG+8wPK1QSXfKmUdItpRuD+A7lui02mj1Cngg=
Subject key identifier: E5:EE:A9:E3:15:9F:47:47:28:44:5E:1E:CF:B9:83:CD:4B:FA:B0:D0
Certificate issuer: /CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
Certificate serial: 0320
Authority key identifier: 45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/340190F8465911F096DBFB74C4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:38:01 +0000
ROA not before: Wed 11 Jun 2025 00:15:39 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 23871
IP address blocks: 123.108.68.0/23 maxlen: 24
123.108.71.0/24 maxlen: 24
125.62.76.0/22 maxlen: 22
125.62.76.0/24 maxlen: 24
125.62.78.0/24 maxlen: 24
125.62.79.0/24 maxlen: 24
202.10.82.0/24 maxlen: 24
202.10.84.0/24 maxlen: 24
202.10.85.0/24 maxlen: 24
202.10.86.0/24 maxlen: 24
202.10.87.0/24 maxlen: 24
202.10.88.0/24 maxlen: 24
202.10.89.0/24 maxlen: 24
202.10.90.0/24 maxlen: 24
202.10.91.0/24 maxlen: 24
202.10.93.0/24 maxlen: 24
202.10.95.0/24 maxlen: 24
202.126.100.0/24 maxlen: 24
202.134.224.0/19 maxlen: 19
202.134.224.0/24 maxlen: 24
202.134.225.0/24 maxlen: 24
202.134.226.0/24 maxlen: 24
202.134.227.0/24 maxlen: 24
202.134.228.0/24 maxlen: 24
202.134.229.0/24 maxlen: 24
202.134.232.0/24 maxlen: 24
202.134.234.0/24 maxlen: 24
202.134.236.0/24 maxlen: 24
202.134.237.0/24 maxlen: 24
202.134.238.0/24 maxlen: 24
202.134.240.0/24 maxlen: 24
202.134.242.0/24 maxlen: 24
202.134.243.0/24 maxlen: 24
202.134.244.0/24 maxlen: 24
202.134.245.0/24 maxlen: 24
202.134.246.0/24 maxlen: 24
202.134.250.0/24 maxlen: 24
202.134.251.0/24 maxlen: 24
202.134.252.0/24 maxlen: 24
202.134.255.0/24 maxlen: 24
203.34.248.0/23 maxlen: 24
203.62.158.0/23 maxlen: 24
2406:1600:200::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/RW7qBpLGpPJvU9LSN9HLTc14MwU.crl
rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/RW7qBpLGpPJvU9LSN9HLTc14MwU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 02:52:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 800 (0x320)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C6550, serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
Validity
Not Before: Jun 11 00:15:39 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=69a48788-2a8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1b:c5:8b:46:71:17:53:5a:dc:c9:cd:a2:db:
cb:ff:4e:92:f3:af:bb:94:92:5b:f6:95:53:77:6c:
d8:c3:d5:57:14:dd:9e:f2:7e:c7:b1:bb:84:e1:a0:
5e:c6:8a:5f:a5:7c:ba:3d:1d:c4:bd:36:64:21:9e:
57:77:d3:e7:93:3e:c4:c3:48:97:46:0e:a7:5d:a6:
cc:2c:c4:cb:36:89:a0:5e:2e:24:9c:c6:01:74:ee:
28:a3:b6:71:c5:87:c0:2d:86:84:d3:a9:2b:04:ba:
64:58:b6:f9:db:5c:bc:c4:17:10:84:48:23:b2:dd:
2a:aa:7e:12:0f:a6:d7:b2:48:6b:1b:ed:0a:c2:ae:
72:d9:d1:33:48:10:57:e3:c4:7d:94:a6:eb:0e:07:
9e:84:ea:b9:39:b7:f9:c1:21:b1:7d:b5:32:f7:43:
60:8f:32:7d:77:e2:5d:b2:81:db:47:dc:91:a0:58:
6a:ff:5c:88:b4:87:ba:23:7d:a0:a5:f4:2b:f4:06:
37:97:56:ea:2c:05:17:ae:97:f0:b1:ae:db:1e:1b:
70:d8:dc:9c:5b:cf:23:fe:e2:7b:e9:3a:ab:82:26:
5d:28:a7:3f:a2:47:77:21:1a:8b:b3:ca:37:e9:5f:
83:75:bc:80:85:8a:49:4a:28:78:d9:c5:ce:f5:ff:
66:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:EE:A9:E3:15:9F:47:47:28:44:5E:1E:CF:B9:83:CD:4B:FA:B0:D0
X509v3 Authority Key Identifier:
keyid:45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/RW7qBpLGpPJvU9LSN9HLTc14MwU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/340190F8465911F096DBFB74C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
123.108.68.0/23
123.108.71.0/24
125.62.76.0/22
202.10.82.0/24
202.10.84.0-202.10.91.255
202.10.93.0/24
202.10.95.0/24
202.126.100.0/24
202.134.224.0/19
203.34.248.0/23
203.62.158.0/23
IPv6:
2406:1600:200::/48
Signature Algorithm: sha256WithRSAEncryption
6a:52:00:5e:6e:ec:bf:4b:58:b9:55:8d:0e:e3:fe:5f:06:77:
58:76:26:34:80:33:17:88:84:8c:24:28:4a:45:0e:a4:42:b5:
9b:6f:4b:a7:c7:f9:42:7f:60:3e:29:ae:1a:01:85:0c:2b:2f:
c0:f1:3c:05:60:6d:e7:59:c7:c4:82:83:83:59:c7:69:82:64:
29:be:3e:df:8d:00:b0:88:63:45:0b:20:40:cd:8c:5c:8f:94:
65:0d:ea:b7:73:94:3f:30:f6:5b:4d:2a:89:16:47:d0:e2:87:
ca:94:ea:90:b5:de:f0:12:c8:a7:d3:11:d2:99:59:b1:81:5b:
bd:91:af:01:0c:17:65:e8:ef:af:91:b4:4a:6d:6d:45:d9:5f:
71:fc:50:b4:58:1d:0b:cc:31:0d:97:da:cd:7c:a2:2a:3f:32:
b1:11:e9:b4:71:43:14:35:d1:4a:79:82:5d:fd:57:0a:35:6e:
39:62:dc:e2:d4:ba:e9:67:38:c4:ba:0d:5a:51:ca:bf:e8:a7:
9f:93:31:b8:f0:82:17:2a:52:06:9f:17:49:2b:0e:11:b8:c4:
7b:9e:8f:7f:1a:40:5b:c0:ea:43:60:06:05:62:2b:c7:ca:ae:
99:da:b4:67:5b:ce:55:8b:0b:c4:69:18:32:01:bb:cf:2d:cb:
45:18:eb:86
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICAyAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzY1NTAxMTAvBgNVBAUTKDQ1NkVFQTA2OTJDNkE0RjI2RjUzRDJEMjM3RDFDQjRE
Q0Q3ODMzMDUwHhcNMjUwNjExMDAxNTM5WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODc4OC0yYThmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnRvFi0ZxF1Na3MnNotvL/06S86+7lJJb9pVTd2zYw9VXFN2e8n7HsbuE4aBe
xopfpXy6PR3EvTZkIZ5Xd9Pnkz7Ew0iXRg6nXabMLMTLNomgXi4knMYBdO4oo7Zx
xYfALYaE06krBLpkWLb521y8xBcQhEgjst0qqn4SD6bXskhrG+0Kwq5y2dEzSBBX
48R9lKbrDgeehOq5Obf5wSGxfbUy90NgjzJ9d+JdsoHbR9yRoFhq/1yItIe6I32g
pfQr9AY3l1bqLAUXrpfwsa7bHhtw2NycW88j/uJ76TqrgiZdKKc/okd3IRqLs8o3
6V+DdbyAhYpJSih42cXO9f9mdwIDAQABo4ICtTCCArEwHQYDVR0OBBYEFOXuqeMV
n0dHKEReHs+5g81L+rDQMB8GA1UdIwQYMBaAFEVu6gaSxqTyb1PS0jfRy03NeDMF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNjU1MC84NDAwOTU0QUNF
QzQxMUVEOEE4M0ZCMTFDNEY5QUUwMi9SVzdxQnBMR3BQSnZVOUxTTjlITFRjMTRN
d1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JXN3FCcExHcFBKdlU5TFNOOUhMVGMxNE13VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzY1NTAvODQwMDk1NEFDRUM0MTFFRDhBODNGQjExQzRGOUFFMDIvMzQwMTkwRjg0
NjU5MTFGMDk2REJGQjc0QzRGOUFFMDIucm9hMHQGCCsGAQUFBwEHAQH/BGUwYzBQ
BAIAATBKAwQBe2xEAwQAe2xHAwQCfT5MAwQAygpSMAwDBALKClQDBALKClgDBADK
Cl0DBADKCl8DBADKfmQDBAXKhuADBAHLIvgDBAHLPp4wDwQCAAIwCQMHACQGFgAC
ADANBgkqhkiG9w0BAQsFAAOCAQEAalIAXm7sv0tYuVWNDuP+XwZ3WHYmNIAzF4iE
jCQoSkUOpEK1m29Lp8f5Qn9gPimuGgGFDCsvwPE8BWBt51nHxIKDg1nHaYJkKb4+
340AsIhjRQsgQM2MXI+UZQ3qt3OUPzD2W00qiRZH0OKHypTqkLXe8BLIp9MR0plZ
sYFbvZGvAQwXZejvr5G0Sm1tRdlfcfxQtFgdC8wxDZfazXyiKj8ysRHptHFDFDXR
SnmCXf1XCjVuOWLc4tS66Wc4xLoNWlHKv+inn5MxuPCCFypSBp8XSSsOEbjEe56P
fxpAW8DqQ2AGBWIrx8qumdq0Z1vOVYsLxGkYMgG7zy3LRRjrhg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:02:30 2026 by rpki-client