Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE558/3DF14F08539411EABF6B4F5FC4F9AE02/F1EB46D2717F11EEB3FA0A5EC4F9AE02.roa
File: F1EB46D2717F11EEB3FA0A5EC4F9AE02.roa (raw, json)
Hash identifier: 8bdY8y0fz63dNw43nf7bCEe5i7wYsopnpk7yctw/DFA=
Subject key identifier: 69:12:E8:36:B7:CB:10:4B:C2:A3:16:77:A3:CC:2A:5F:11:49:94:C0
Certificate issuer: /CN=A91CE558/serialNumber=B36B971724A3BABD890B754598933720F972FEAF
Certificate serial: 0BFD
Authority key identifier: B3:6B:97:17:24:A3:BA:BD:89:0B:75:45:98:93:37:20:F9:72:FE:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s2uXFySjur2JC3VFmJM3IPly_q8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CE558/3DF14F08539411EABF6B4F5FC4F9AE02/F1EB46D2717F11EEB3FA0A5EC4F9AE02.roa
Signing time: Sun 01 Mar 2026 17:35:05 +0000
ROA not before: Sat 12 Jul 2025 19:59:29 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 15830
IP address blocks: 27.111.240.0/20 maxlen: 20
27.111.240.0/21 maxlen: 21
27.111.248.0/22 maxlen: 22
27.111.253.0/24 maxlen: 24
27.111.254.0/23 maxlen: 23
101.97.32.0/23 maxlen: 23
101.97.34.0/23 maxlen: 23
101.97.37.0/24 maxlen: 24
101.97.38.0/23 maxlen: 23
101.97.44.0/23 maxlen: 23
101.97.46.0/23 maxlen: 23
101.97.48.0/22 maxlen: 22
101.97.52.0/23 maxlen: 23
101.97.54.0/23 maxlen: 23
101.97.56.0/22 maxlen: 22
101.97.60.0/22 maxlen: 22
103.13.68.0/22 maxlen: 22
180.189.16.0/22 maxlen: 22
180.189.20.0/22 maxlen: 22
180.189.24.0/21 maxlen: 21
183.177.48.0/22 maxlen: 22
183.177.52.0/22 maxlen: 22
183.177.56.0/22 maxlen: 22
183.177.60.0/24 maxlen: 24
202.177.208.0/22 maxlen: 22
202.177.212.0/22 maxlen: 22
202.177.217.0/24 maxlen: 24
202.177.218.0/23 maxlen: 23
202.177.219.0/24 maxlen: 24
202.177.220.0/23 maxlen: 23
202.177.221.0/24 maxlen: 24
202.177.222.0/23 maxlen: 23
2404:4f00::/32 maxlen: 32
2404:4f01::/32 maxlen: 32
2404:4f02::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91CE558/3DF14F08539411EABF6B4F5FC4F9AE02/s2uXFySjur2JC3VFmJM3IPly_q8.crl
rsync://rpki.apnic.net/member_repository/A91CE558/3DF14F08539411EABF6B4F5FC4F9AE02/s2uXFySjur2JC3VFmJM3IPly_q8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s2uXFySjur2JC3VFmJM3IPly_q8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 02:40:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3069 (0xbfd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CE558, serialNumber=B36B971724A3BABD890B754598933720F972FEAF
Validity
Not Before: Jul 12 19:59:29 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=69a478c8-813d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:90:61:9f:6e:28:aa:e7:3a:31:2f:5f:0e:78:
d6:1e:e3:8d:69:df:1b:4c:06:4a:9a:ec:89:f4:2f:
3c:3a:70:c6:c7:76:b4:37:f2:41:7f:50:98:a4:a5:
d3:96:55:d7:57:44:49:7e:5d:44:3d:67:19:12:16:
d2:c2:29:23:1d:eb:e4:04:10:06:23:10:03:4a:29:
18:57:90:ef:f4:78:9c:cf:a3:2c:c1:f0:47:35:7b:
98:09:67:66:84:6f:82:98:46:27:9b:bd:8e:81:a7:
97:7c:e4:29:e3:92:08:cd:4e:cf:15:8a:d7:90:5e:
bf:1a:ed:35:f3:6b:ee:b6:56:82:1f:74:43:34:6a:
13:11:d9:08:99:42:e6:f0:4b:b9:32:3d:cf:1a:98:
20:9a:27:62:e8:07:36:fa:e0:1c:eb:9e:cb:04:02:
b8:a1:b5:d2:c9:37:85:08:8e:32:d7:0d:a3:44:f3:
10:6c:6d:8e:62:5e:a5:82:6d:c3:52:89:e5:0a:64:
1f:04:fd:81:ea:db:77:bf:b2:d5:d9:34:92:b4:bf:
26:6a:69:bb:70:94:22:d5:31:da:dc:06:49:fc:07:
41:f8:94:7d:d4:94:50:0d:0d:6f:0f:21:6c:70:17:
9f:95:1f:e3:a5:64:9f:a0:a6:7c:3b:36:70:1f:21:
9a:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:12:E8:36:B7:CB:10:4B:C2:A3:16:77:A3:CC:2A:5F:11:49:94:C0
X509v3 Authority Key Identifier:
keyid:B3:6B:97:17:24:A3:BA:BD:89:0B:75:45:98:93:37:20:F9:72:FE:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CE558/3DF14F08539411EABF6B4F5FC4F9AE02/s2uXFySjur2JC3VFmJM3IPly_q8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s2uXFySjur2JC3VFmJM3IPly_q8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE558/3DF14F08539411EABF6B4F5FC4F9AE02/F1EB46D2717F11EEB3FA0A5EC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
27.111.240.0/20
101.97.32.0/22
101.97.37.0-101.97.39.255
101.97.44.0-101.97.63.255
103.13.68.0/22
180.189.16.0/20
183.177.48.0-183.177.60.255
202.177.208.0/21
202.177.217.0-202.177.223.255
IPv6:
2404:4f00::-2404:4f02:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
26:fc:c4:6a:98:df:8e:bf:aa:b6:87:1d:d0:bd:d6:3c:fc:fb:
94:ed:5b:17:56:a2:7c:d5:ae:e1:5c:e0:30:4e:11:e1:8d:1d:
ec:34:3f:9b:95:19:cf:d5:63:30:f7:ff:36:2b:eb:b9:46:ab:
2a:19:92:9c:38:db:b8:b2:2f:93:d3:cd:d5:3f:dd:90:80:2a:
d7:16:68:86:63:5f:5f:f5:87:71:36:b0:6f:a1:48:e6:14:1e:
44:ac:70:c0:71:66:9e:af:eb:0d:5d:54:c7:ee:51:4f:29:60:
8f:7a:53:14:73:5b:97:86:19:15:4b:47:61:91:84:a4:02:59:
e9:cc:1a:53:4a:32:0f:ad:27:2e:00:ff:07:65:cc:77:23:27:
e7:21:5f:03:54:5e:c4:d7:9d:51:11:b9:8d:ec:7f:92:1a:8a:
40:f2:c3:ba:29:db:a5:75:c5:3d:af:f7:4c:9e:0a:cd:a6:ed:
7e:64:9b:89:f4:a8:66:b2:21:96:ed:3d:be:f2:27:24:05:93:
30:28:5c:a4:45:cd:63:83:82:c5:4d:e3:a2:5f:c9:18:7d:63:
a6:43:63:01:66:cd:9f:30:5a:c1:b7:4f:9a:eb:18:14:5a:88:
24:be:a2:2d:64:df:eb:fb:14:96:0d:f1:3a:e7:ee:dd:ca:52:
93:ed:c0:4a
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgICC/0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0U1NTgxMTAvBgNVBAUTKEIzNkI5NzE3MjRBM0JBQkQ4OTBCNzU0NTk4OTMzNzIw
Rjk3MkZFQUYwHhcNMjUwNzEyMTk1OTI5WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NzhjOC04MTNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvpBhn24oquc6MS9fDnjWHuONad8bTAZKmuyJ9C88OnDGx3a0N/JBf1CYpKXT
llXXV0RJfl1EPWcZEhbSwikjHevkBBAGIxADSikYV5Dv9Hicz6MswfBHNXuYCWdm
hG+CmEYnm72OgaeXfOQp45IIzU7PFYrXkF6/Gu0182vutlaCH3RDNGoTEdkImULm
8Eu5Mj3PGpggmidi6Ac2+uAc657LBAK4obXSyTeFCI4y1w2jRPMQbG2OYl6lgm3D
UonlCmQfBP2B6tt3v7LV2TSStL8mamm7cJQi1THa3AZJ/AdB+JR91JRQDQ1vDyFs
cBeflR/jpWSfoKZ8OzZwHyGacwIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFGkS6Da3
yxBLwqMWd6PMKl8RSZTAMB8GA1UdIwQYMBaAFLNrlxcko7q9iQt1RZiTNyD5cv6v
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTU1OC8zREYxNEYwODUz
OTQxMUVBQkY2QjRGNUZDNEY5QUUwMi9zMnVYRnlTanVyMkpDM1ZGbUpNM0lQbHlf
cTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3MydVhGeVNqdXIySkMzVkZtSk0zSVBseV9xOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0U1NTgvM0RGMTRGMDg1Mzk0MTFFQUJGNkI0RjVGQzRGOUFFMDIvRjFFQjQ2RDI3
MTdGMTFFRUIzRkEwQTVFQzRGOUFFMDIucm9hMIGGBggrBgEFBQcBBwEB/wR3MHUw
XAQCAAEwVgMEBBtv8AMEAmVhIDAMAwQAZWElAwQDZWEgMAwDBAJlYSwDBAZlYQAD
BAJnDUQDBAS0vRAwDAMEBLexMAMEALexPAMEA8qx0DAMAwQAyrHZAwQFyrHAMBUE
AgACMA8wDQMEACQETwMFACQETwIwDQYJKoZIhvcNAQELBQADggEBACb8xGqY346/
qraHHdC91jz8+5TtWxdWonzVruFc4DBOEeGNHew0P5uVGc/VYzD3/zYr67lGqyoZ
kpw427iyL5PTzdU/3ZCAKtcWaIZjX1/1h3E2sG+hSOYUHkSscMBxZp6v6w1dVMfu
UU8pYI96UxRzW5eGGRVLR2GRhKQCWenMGlNKMg+tJy4A/wdlzHcjJ+chXwNUXsTX
nVERuY3sf5IaikDyw7op26V1xT2v90yeCs2m7X5km4n0qGayIZbtPb7yJyQFkzAo
XKRFzWODgsVN46JfyRh9Y6ZDYwFmzZ8wWsG3T5rrGBRaiCS+oi1k3+v7FJYN8Trn
7t3KUpPtwEo=
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:39:04 2026 by rpki-client