Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D025A/D5EF1A9030AD11EC95B15D18C4F9AE02/565F5E1A387E11F1A4D7FBEEB8833773.roa
File: 565F5E1A387E11F1A4D7FBEEB8833773.roa (raw, json)
Hash identifier: uVFuYghb1LT6hL248WccUadEJgQTd5E3SYeXzFBWWIA=
Subject key identifier: 87:A9:3C:1A:97:FB:AC:87:D7:BF:75:F1:0B:9B:16:9D:02:05:9D:4B
Certificate issuer: /CN=A91D025A/serialNumber=734090EFC37983FD175BE02F4949668A21437221
Certificate serial: 056E
Authority key identifier: 73:40:90:EF:C3:79:83:FD:17:5B:E0:2F:49:49:66:8A:21:43:72:21
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c0CQ78N5g_0XW-AvSUlmiiFDciE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D025A/D5EF1A9030AD11EC95B15D18C4F9AE02/565F5E1A387E11F1A4D7FBEEB8833773.roa
Signing time: Wed 15 Apr 2026 03:51:10 +0000
ROA not before: Wed 15 Apr 2026 03:51:10 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 38224
IP address blocks: 112.109.96.0/19 maxlen: 23
112.109.96.0/23 maxlen: 24
112.109.100.0/22 maxlen: 24
112.109.104.0/21 maxlen: 24
112.109.112.0/20 maxlen: 24
114.31.224.0/20 maxlen: 20
114.31.224.0/23 maxlen: 23
114.31.226.0/23 maxlen: 23
114.31.228.0/23 maxlen: 23
114.31.230.0/23 maxlen: 23
119.252.144.0/20 maxlen: 20
119.252.144.0/21 maxlen: 21
119.252.144.0/24 maxlen: 24
119.252.145.0/24 maxlen: 24
119.252.147.0/24 maxlen: 24
119.252.148.0/23 maxlen: 23
119.252.152.0/24 maxlen: 24
119.252.153.0/24 maxlen: 24
119.252.154.0/23 maxlen: 24
119.252.156.0/22 maxlen: 22
119.252.156.0/24 maxlen: 24
119.252.158.0/23 maxlen: 23
202.137.232.0/21 maxlen: 21
202.137.232.0/24 maxlen: 24
202.137.233.0/24 maxlen: 24
202.137.234.0/24 maxlen: 24
202.137.235.0/24 maxlen: 24
202.137.236.0/23 maxlen: 23
202.137.238.0/24 maxlen: 24
202.137.239.0/24 maxlen: 24
2405:e200::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D025A/D5EF1A9030AD11EC95B15D18C4F9AE02/c0CQ78N5g_0XW-AvSUlmiiFDciE.crl
rsync://rpki.apnic.net/member_repository/A91D025A/D5EF1A9030AD11EC95B15D18C4F9AE02/c0CQ78N5g_0XW-AvSUlmiiFDciE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c0CQ78N5g_0XW-AvSUlmiiFDciE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Apr 2026 23:19:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1390 (0x56e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D025A, serialNumber=734090EFC37983FD175BE02F4949668A21437221
Validity
Not Before: Apr 15 03:51:10 2026 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=69df0b2e-7bec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:1d:f4:f5:f7:ae:b7:34:21:90:dd:cc:91:70:
e1:97:65:6a:02:85:7c:ff:10:87:e8:29:8d:17:d1:
83:46:54:7a:b7:70:9d:c0:e6:df:bb:4b:67:3b:87:
35:2d:86:4e:1f:f3:a8:f4:2b:05:20:93:f6:b8:95:
9a:f9:d8:1e:08:1d:49:15:96:a2:87:5b:84:98:1a:
ec:4f:aa:96:bd:48:72:40:65:bd:58:a9:d0:d8:9e:
6f:84:88:97:53:1d:65:94:e4:a7:ca:6e:53:55:61:
6d:2d:2b:9f:0f:5e:8f:bf:fa:78:29:6f:d5:8f:25:
4e:be:26:98:e5:4f:d7:fb:1b:5d:8c:00:cf:a7:1c:
c7:a2:80:cd:bd:41:16:5f:d1:c1:0c:45:9a:b8:3f:
a8:3d:34:fc:11:a4:a7:f3:df:89:dd:27:70:a9:1e:
3d:04:fb:86:a5:c0:0f:e8:3c:81:1f:ff:0f:e4:b3:
89:9c:2d:d2:a2:13:0c:96:89:55:8d:1c:98:d5:e0:
c5:79:1f:10:f8:d1:b6:7d:e9:c3:e4:46:48:8c:ef:
d7:c4:92:c4:00:a6:a5:a0:b3:4e:1a:86:fe:16:69:
b6:29:b1:bc:ff:a2:6f:db:20:b4:50:86:e0:3f:f5:
59:24:91:df:79:0c:2d:44:61:6c:fb:b5:2e:f6:12:
9b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:A9:3C:1A:97:FB:AC:87:D7:BF:75:F1:0B:9B:16:9D:02:05:9D:4B
X509v3 Authority Key Identifier:
keyid:73:40:90:EF:C3:79:83:FD:17:5B:E0:2F:49:49:66:8A:21:43:72:21
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D025A/D5EF1A9030AD11EC95B15D18C4F9AE02/c0CQ78N5g_0XW-AvSUlmiiFDciE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c0CQ78N5g_0XW-AvSUlmiiFDciE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D025A/D5EF1A9030AD11EC95B15D18C4F9AE02/565F5E1A387E11F1A4D7FBEEB8833773.roa
sbgp-ipAddrBlock: critical
IPv4:
112.109.96.0/19
114.31.224.0/20
119.252.144.0/20
202.137.232.0/21
IPv6:
2405:e200::/32
Signature Algorithm: sha256WithRSAEncryption
b9:a1:8a:91:72:4f:7f:0f:0a:a9:17:1a:db:03:d4:6b:c0:14:
df:53:01:f0:20:d5:25:d0:1e:08:32:2c:66:8f:f4:82:5f:f9:
6c:c4:13:3a:6b:4e:88:5b:19:36:d5:50:b8:8a:3b:6a:f9:30:
be:53:9f:3d:e3:c3:d5:a6:da:1a:c1:ec:58:bb:f6:f8:bb:bd:
81:b3:43:61:d8:00:b8:2e:0f:55:67:c3:38:a6:c4:e1:d9:11:
96:c3:ca:ae:34:5a:14:c9:8f:26:d2:70:6f:7d:5d:08:35:ed:
82:39:97:cc:90:38:fd:3f:46:90:17:bc:64:6d:d9:d8:28:65:
1e:97:63:b5:fd:94:3e:fb:b0:3a:b8:74:fb:19:e0:22:bb:56:
c9:96:36:d3:0f:eb:0c:66:f7:bd:d1:55:7e:29:bc:54:c0:e9:
c7:4e:ba:93:c6:37:bf:69:64:42:16:91:5f:20:d3:b1:30:d9:
29:1d:00:f2:d4:13:e4:f8:73:76:1e:61:dd:9b:77:58:38:bc:
34:16:ab:44:da:13:73:75:91:c5:d5:f1:2e:8d:ba:9d:4a:43:
77:30:e6:52:4c:0e:e5:90:f0:71:9c:be:c4:68:02:80:f5:de:
96:f6:96:0c:b1:31:4c:26:76:b9:49:11:c3:f8:7f:7a:45:07:
da:c3:cb:a1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgICBW4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDAyNUExMTAvBgNVBAUTKDczNDA5MEVGQzM3OTgzRkQxNzVCRTAyRjQ5NDk2NjhB
MjE0MzcyMjEwHhcNMjYwNDE1MDM1MTEwWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWRmMGIyZS03YmVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAix309feutzQhkN3MkXDhl2VqAoV8/xCH6CmNF9GDRlR6t3CdwObfu0tnO4c1
LYZOH/Oo9CsFIJP2uJWa+dgeCB1JFZaih1uEmBrsT6qWvUhyQGW9WKnQ2J5vhIiX
Ux1llOSnym5TVWFtLSufD16Pv/p4KW/VjyVOviaY5U/X+xtdjADPpxzHooDNvUEW
X9HBDEWauD+oPTT8EaSn89+J3SdwqR49BPuGpcAP6DyBH/8P5LOJnC3SohMMlolV
jRyY1eDFeR8Q+NG2fenD5EZIjO/XxJLEAKaloLNOGob+Fmm2KbG8/6Jv2yC0UIbg
P/VZJJHfeQwtRGFs+7Uu9hKbzwIDAQABo4ICgTCCAn0wHQYDVR0OBBYEFIepPBqX
+6yH17918QubFp0CBZ1LMB8GA1UdIwQYMBaAFHNAkO/DeYP9F1vgL0lJZoohQ3Ih
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMDI1QS9ENUVGMUE5MDMw
QUQxMUVDOTVCMTVEMThDNEY5QUUwMi9jMENRNzhONWdfMFhXLUF2U1VsbWlpRkRj
aUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2MwQ1E3OE41Z18wWFctQXZTVWxtaWlGRGNpRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDAyNUEvRDVFRjFBOTAzMEFEMTFFQzk1QjE1RDE4QzRGOUFFMDIvNTY1RjVFMUEz
ODdFMTFGMUE0RDdGQkVFQjg4MzM3NzMucm9hMEAGCCsGAQUFBwEHAQH/BDEwLzAe
BAIAATAYAwQFcG1gAwQEch/gAwQEd/yQAwQDyonoMA0EAgACMAcDBQAkBeIAMA0G
CSqGSIb3DQEBCwUAA4IBAQC5oYqRck9/DwqpFxrbA9RrwBTfUwHwINUl0B4IMixm
j/SCX/lsxBM6a06IWxk21VC4ijtq+TC+U58948PVptoawexYu/b4u72Bs0Nh2AC4
Lg9VZ8M4psTh2RGWw8quNFoUyY8m0nBvfV0INe2COZfMkDj9P0aQF7xkbdnYKGUe
l2O1/ZQ++7A6uHT7GeAiu1bJljbTD+sMZve90VV+KbxUwOnHTrqTxje/aWRCFpFf
INOxMNkpHQDy1BPk+HN2HmHdm3dYOLw0FqtE2hNzdZHF1fEujbqdSkN3MOZSTA7l
kPBxnL7EaAKA9d6W9pYMsTFMJna5SRHD+H96RQfaw8uh
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:42:36 2026 by rpki-client