Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/427BAA66E23211E8BD132210C4F9AE02.roa
File: 427BAA66E23211E8BD132210C4F9AE02.roa (raw, json)
Hash identifier: m0Un1LZunOEx8tJ3JVZoA33oEl7vompkxVrJm4Tr/+U=
Subject key identifier: 42:CA:6B:C0:F8:3D:49:C8:1A:83:92:14:7C:83:3B:0E:D6:67:20:9F
Certificate issuer: /CN=A91CF4FE/serialNumber=16B564B758DFCD52C5CE891192E31B715B1CBFE8
Certificate serial: 35F4
Authority key identifier: 16:B5:64:B7:58:DF:CD:52:C5:CE:89:11:92:E3:1B:71:5B:1C:BF:E8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FrVkt1jfzVLFzokRkuMbcVscv-g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/427BAA66E23211E8BD132210C4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:45:04 +0000
ROA not before: Fri 07 Nov 2025 06:28:34 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 134166
IP address blocks: 1.179.246.0/24 maxlen: 24
1.179.247.0/24 maxlen: 24
113.53.228.0/24 maxlen: 24
118.174.8.0/24 maxlen: 24
118.174.9.0/24 maxlen: 24
118.174.10.0/24 maxlen: 24
118.174.11.0/24 maxlen: 24
118.175.1.0/24 maxlen: 24
118.175.24.0/22 maxlen: 24
118.175.28.0/24 maxlen: 24
118.175.94.0/24 maxlen: 24
180.180.242.0/24 maxlen: 24
180.180.243.0/24 maxlen: 24
180.180.244.0/24 maxlen: 24
180.180.245.0/24 maxlen: 24
180.180.247.0/24 maxlen: 24
203.113.4.0/24 maxlen: 24
203.113.6.0/24 maxlen: 24
203.113.8.0/22 maxlen: 22
203.113.8.0/24 maxlen: 24
203.113.10.0/24 maxlen: 24
203.113.14.0/24 maxlen: 24
203.113.25.0/24 maxlen: 24
203.113.70.0/24 maxlen: 24
203.113.71.0/24 maxlen: 24
203.113.95.0/24 maxlen: 24
203.113.126.0/24 maxlen: 24
203.114.97.0/24 maxlen: 24
203.114.98.0/24 maxlen: 24
203.114.102.0/24 maxlen: 24
2001:ec0:100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/FrVkt1jfzVLFzokRkuMbcVscv-g.crl
rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/FrVkt1jfzVLFzokRkuMbcVscv-g.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FrVkt1jfzVLFzokRkuMbcVscv-g.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:24:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13812 (0x35f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CF4FE, serialNumber=16B564B758DFCD52C5CE891192E31B715B1CBFE8
Validity
Not Before: Nov 7 06:28:34 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=69a48930-f68c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:28:74:be:0d:4c:7f:4d:58:55:b3:91:6a:e1:
68:f5:68:48:35:67:68:10:91:36:4a:35:31:9b:5a:
cd:7f:62:b0:42:19:2d:8b:f8:b8:a5:65:c3:df:7f:
8a:60:d5:c9:28:85:15:ea:9f:d8:d8:40:39:5c:0c:
34:58:69:33:3d:2a:a0:cf:8b:3f:94:3c:1e:65:78:
39:a5:01:79:4b:81:dd:5a:8b:3a:a4:8e:b3:37:de:
c8:49:0a:de:01:0e:d4:2b:b6:1e:f9:a9:53:f9:cf:
e5:7d:5f:79:8e:64:24:bc:c4:0a:73:bb:7d:1c:b0:
2f:c4:a4:d3:86:8e:20:75:22:d8:ab:91:81:b3:aa:
60:f2:0c:ca:76:7a:57:0a:a5:db:23:7a:c2:3a:79:
96:f6:0d:60:c0:29:95:ff:36:66:dd:38:ec:e8:2d:
d6:6e:e5:f9:03:f6:69:23:76:3b:dd:d1:a1:70:ed:
1f:a2:33:62:59:02:3c:b6:51:7f:26:5b:85:8e:b7:
0b:09:f1:ea:a1:bd:b1:e1:60:b8:fb:d6:3f:94:d2:
be:d3:8d:aa:a7:8c:5d:0d:a8:92:44:e3:7c:cc:40:
3e:cd:32:ec:fc:0c:a9:f1:c2:96:96:1f:e6:88:df:
9f:72:59:3e:5e:24:ed:a5:91:25:36:d5:05:06:58:
5a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:CA:6B:C0:F8:3D:49:C8:1A:83:92:14:7C:83:3B:0E:D6:67:20:9F
X509v3 Authority Key Identifier:
keyid:16:B5:64:B7:58:DF:CD:52:C5:CE:89:11:92:E3:1B:71:5B:1C:BF:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/FrVkt1jfzVLFzokRkuMbcVscv-g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FrVkt1jfzVLFzokRkuMbcVscv-g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/427BAA66E23211E8BD132210C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
1.179.246.0/23
113.53.228.0/24
118.174.8.0/22
118.175.1.0/24
118.175.24.0-118.175.28.255
118.175.94.0/24
180.180.242.0-180.180.245.255
180.180.247.0/24
203.113.4.0/24
203.113.6.0/24
203.113.8.0/22
203.113.14.0/24
203.113.25.0/24
203.113.70.0/23
203.113.95.0/24
203.113.126.0/24
203.114.97.0-203.114.98.255
203.114.102.0/24
IPv6:
2001:ec0:100::/40
Signature Algorithm: sha256WithRSAEncryption
00:58:0c:f7:d4:61:8c:1e:2b:16:7c:af:cc:2a:db:1d:2f:79:
18:cb:d1:e5:08:8a:90:3e:55:73:a9:6a:ca:69:a9:99:21:e1:
bc:a5:47:da:92:53:ae:02:95:98:fe:fb:14:6a:55:1d:ae:30:
dc:3b:f5:5b:ad:6b:a4:2c:30:3e:83:49:9a:c7:f7:3b:7a:2b:
8e:62:56:61:78:aa:f3:ab:b7:96:66:52:ce:d0:d8:5e:11:24:
5f:fc:01:0c:ad:0d:d2:45:09:51:48:51:6c:06:8e:4a:d0:b8:
58:3f:f1:1b:a1:83:e7:52:52:8e:29:2f:b6:80:1a:91:0d:1a:
46:61:b7:56:6f:e6:f9:79:d3:59:2f:a9:d6:54:00:a6:0a:86:
21:92:65:1c:a3:32:c0:5c:b0:b6:db:3d:0e:bc:1c:4f:b7:42:
c0:3f:38:97:90:77:72:9e:6b:f4:bd:86:29:68:d9:2a:6e:0c:
b9:25:b5:a8:2f:5e:75:a6:53:3c:c0:43:37:61:59:62:1c:84:
53:c6:75:60:1b:10:c0:cc:ee:35:a8:fd:b3:f3:2b:58:2a:4a:
31:26:7a:33:b3:2b:e5:4a:eb:bc:f5:ca:e1:e6:9d:c0:d5:f3:
38:ef:96:51:d5:e5:bd:b5:09:e3:06:75:bc:c3:45:6a:26:57:
5a:a5:58:26
-----BEGIN CERTIFICATE-----
MIIFzzCCBLegAwIBAgICNfQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0Y0RkUxMTAvBgNVBAUTKDE2QjU2NEI3NThERkNENTJDNUNFODkxMTkyRTMxQjcx
NUIxQ0JGRTgwHhcNMjUxMTA3MDYyODM0WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODkzMC1mNjhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlih0vg1Mf01YVbORauFo9WhINWdoEJE2SjUxm1rNf2KwQhkti/i4pWXD33+K
YNXJKIUV6p/Y2EA5XAw0WGkzPSqgz4s/lDweZXg5pQF5S4HdWos6pI6zN97ISQre
AQ7UK7Ye+alT+c/lfV95jmQkvMQKc7t9HLAvxKTTho4gdSLYq5GBs6pg8gzKdnpX
CqXbI3rCOnmW9g1gwCmV/zZm3Tjs6C3WbuX5A/ZpI3Y73dGhcO0fojNiWQI8tlF/
JluFjrcLCfHqob2x4WC4+9Y/lNK+042qp4xdDaiSRON8zEA+zTLs/Ayp8cKWlh/m
iN+fclk+XiTtpZElNtUFBlhaEQIDAQABo4IC8zCCAu8wHQYDVR0OBBYEFELKa8D4
PUnIGoOSFHyDOw7WZyCfMB8GA1UdIwQYMBaAFBa1ZLdY381Sxc6JEZLjG3FbHL/o
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRjRGRS9CQTEzMTI0RTFE
ODUxMUUyQTc3OTk5REMwOEIwMkNEMi9GclZrdDFqZnpWTEZ6b2tSa3VNYmNWc2N2
LWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZyVmt0MWpmelZMRnpva1JrdU1iY1ZzY3YtZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0Y0RkUvQkExMzEyNEUxRDg1MTFFMkE3Nzk5OURDMDhCMDJDRDIvNDI3QkFBNjZF
MjMyMTFFOEJEMTMyMjEwQzRGOUFFMDIucm9hMIGxBggrBgEFBQcBBwEB/wSBoTCB
njCBiwQCAAEwgYQDBAEBs/YDBABxNeQDBAJ2rggDBAB2rwEwDAMEA3avGAMEAHav
HAMEAHavXjAMAwQBtLTyAwQBtLT0AwQAtLT3AwQAy3EEAwQAy3EGAwQCy3EIAwQA
y3EOAwQAy3EZAwQBy3FGAwQAy3FfAwQAy3F+MAwDBADLcmEDBADLcmIDBADLcmYw
DgQCAAIwCAMGACABDsABMA0GCSqGSIb3DQEBCwUAA4IBAQAAWAz31GGMHisWfK/M
KtsdL3kYy9HlCIqQPlVzqWrKaamZIeG8pUfaklOuApWY/vsUalUdrjDcO/VbrWuk
LDA+g0max/c7eiuOYlZheKrzq7eWZlLO0NheESRf/AEMrQ3SRQlRSFFsBo5K0LhY
P/EboYPnUlKOKS+2gBqRDRpGYbdWb+b5edNZL6nWVACmCoYhkmUcozLAXLC22z0O
vBxPt0LAPziXkHdynmv0vYYpaNkqbgy5JbWoL151plM8wEM3YVliHIRTxnVgGxDA
zO41qP2z8ytYKkoxJnozsyvlSuu89crh5p3A1fM475ZR1eW9tQnjBnW8w0VqJlda
pVgm
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:52:00 2026 by rpki-client