Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/D2AD822AF2A711F0B86D5E54726F56BC.roa
File: D2AD822AF2A711F0B86D5E54726F56BC.roa (raw, json)
Hash identifier: M07o/4Se0WQ0x98V4EyKF0kElpzcSvmr2bEcsLBgAM8=
Subject key identifier: 9D:C8:0C:97:2D:33:61:CA:1B:F0:56:64:B7:5E:16:FD:23:A0:26:C6
Certificate issuer: /CN=A91D1691/serialNumber=7AC0C00F0FCA479EE465E4F7F545E8C94993D61C
Certificate serial: 24E7
Authority key identifier: 7A:C0:C0:0F:0F:CA:47:9E:E4:65:E4:F7:F5:45:E8:C9:49:93:D6:1C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/esDADw_KR57kZeT39UXoyUmT1hw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/D2AD822AF2A711F0B86D5E54726F56BC.roa
Signing time: Sun 01 Mar 2026 17:38:46 +0000
ROA not before: Fri 16 Jan 2026 06:52:07 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 45352
IP address blocks: 14.102.144.0/21 maxlen: 24
14.192.64.0/24 maxlen: 24
14.192.65.0/24 maxlen: 24
14.192.66.0/24 maxlen: 24
14.192.70.0/23 maxlen: 24
43.252.152.0/22 maxlen: 24
45.64.168.0/22 maxlen: 24
58.84.8.0/22 maxlen: 22
58.84.8.0/24 maxlen: 24
58.84.9.0/24 maxlen: 24
58.84.10.0/24 maxlen: 24
58.84.11.0/24 maxlen: 24
103.3.172.0/24 maxlen: 24
103.3.173.0/24 maxlen: 24
103.3.174.0/23 maxlen: 24
103.10.156.0/23 maxlen: 24
103.10.158.0/23 maxlen: 24
103.23.45.0/24 maxlen: 24
103.40.204.0/22 maxlen: 24
118.107.200.0/21 maxlen: 24
118.107.208.0/24 maxlen: 24
118.107.209.0/24 maxlen: 24
118.107.210.0/24 maxlen: 24
118.107.211.0/24 maxlen: 24
118.107.232.0/24 maxlen: 24
118.107.233.0/24 maxlen: 24
118.107.234.0/23 maxlen: 23
118.107.235.0/24 maxlen: 24
118.107.236.0/24 maxlen: 24
118.107.237.0/24 maxlen: 24
118.107.238.0/24 maxlen: 24
118.107.239.0/24 maxlen: 24
118.107.240.0/24 maxlen: 24
118.107.241.0/24 maxlen: 24
118.107.242.0/24 maxlen: 24
118.107.243.0/24 maxlen: 24
183.81.160.0/21 maxlen: 24
192.82.56.0/21 maxlen: 21
192.82.56.0/24 maxlen: 24
192.82.57.0/24 maxlen: 24
192.82.58.0/24 maxlen: 24
192.82.59.0/24 maxlen: 24
192.82.60.0/24 maxlen: 24
192.82.61.0/24 maxlen: 24
192.82.62.0/24 maxlen: 24
192.82.63.0/24 maxlen: 24
210.5.40.0/22 maxlen: 24
210.5.44.0/22 maxlen: 24
2401:3400::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/esDADw_KR57kZeT39UXoyUmT1hw.crl
rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/esDADw_KR57kZeT39UXoyUmT1hw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/esDADw_KR57kZeT39UXoyUmT1hw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 00:57:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9447 (0x24e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D1691, serialNumber=7AC0C00F0FCA479EE465E4F7F545E8C94993D61C
Validity
Not Before: Jan 16 06:52:07 2026 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=69a479a6-0acb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:11:47:1d:28:e7:1c:9d:9e:f7:19:cc:7f:9d:
d8:6c:bf:ab:dd:59:1e:cc:75:d2:a5:df:35:d5:f8:
b1:20:94:5e:86:59:3b:b4:e9:8a:9a:bc:7b:b1:db:
c6:76:66:08:93:3f:0e:ca:fe:72:17:0b:95:23:b8:
57:a6:84:58:29:46:35:d4:e9:dc:32:3e:98:22:7a:
d3:6b:ef:54:fe:9d:9d:06:87:39:9d:f1:80:7e:1f:
bd:e5:05:06:49:15:fa:eb:31:7e:77:2f:b8:fc:a3:
88:cc:23:b5:ef:a0:bd:d4:72:c9:36:b8:7b:b2:9b:
23:4d:aa:9e:32:f4:71:40:dc:9b:87:05:1e:bb:95:
e2:de:41:80:47:25:8e:60:0f:06:bc:d7:f1:11:75:
76:7e:8f:af:8e:a4:31:a2:7d:cb:1d:b9:6f:4c:7f:
6a:81:8c:23:52:48:fb:09:7a:fc:c4:7f:e2:ab:85:
a0:53:bc:01:08:e5:6e:56:0c:66:87:96:10:54:4f:
a7:3d:04:4f:fe:71:1a:18:50:c1:ca:7f:c9:27:a7:
5c:6f:40:a2:aa:e9:c3:e6:7f:8a:d4:24:4c:59:02:
5b:7b:40:3a:93:1a:a8:9c:24:02:76:9a:e8:75:cd:
a2:ce:57:7b:19:e3:c7:bd:a2:6f:a5:ad:e9:18:6f:
46:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:C8:0C:97:2D:33:61:CA:1B:F0:56:64:B7:5E:16:FD:23:A0:26:C6
X509v3 Authority Key Identifier:
keyid:7A:C0:C0:0F:0F:CA:47:9E:E4:65:E4:F7:F5:45:E8:C9:49:93:D6:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/esDADw_KR57kZeT39UXoyUmT1hw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/esDADw_KR57kZeT39UXoyUmT1hw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/D2AD822AF2A711F0B86D5E54726F56BC.roa
sbgp-ipAddrBlock: critical
IPv4:
14.102.144.0/21
14.192.64.0-14.192.66.255
14.192.70.0/23
43.252.152.0/22
45.64.168.0/22
58.84.8.0/22
103.3.172.0/22
103.10.156.0/22
103.23.45.0/24
103.40.204.0/22
118.107.200.0-118.107.211.255
118.107.232.0-118.107.243.255
183.81.160.0/21
192.82.56.0/21
210.5.40.0/21
IPv6:
2401:3400::/32
Signature Algorithm: sha256WithRSAEncryption
6b:30:bc:95:47:2c:07:e7:11:90:79:c1:2c:d0:84:20:98:64:
b4:7b:e5:9b:41:90:62:6e:b0:e1:e6:2b:78:fc:f2:b5:43:7a:
51:5b:6b:1f:f6:1a:0d:5b:ae:4d:87:93:d0:b9:38:e3:1a:ad:
8e:a0:bd:f7:f3:b1:15:3c:38:a0:f4:a1:7c:ab:b7:1d:38:b6:
7d:64:31:28:83:f8:8c:3f:a2:4a:24:74:48:a2:62:45:2b:5e:
f8:eb:76:75:f9:d0:43:ab:8e:21:d2:1d:03:14:d2:50:5e:dd:
a6:8d:47:5f:75:cb:65:cc:14:65:f4:c0:f4:8a:c9:a0:ee:0f:
1a:bb:04:e9:dc:2a:42:a0:c5:97:aa:a4:09:9c:40:94:10:c5:
ef:85:64:c5:b5:17:3e:5d:0d:9f:59:97:56:e4:53:4e:93:84:
51:6e:20:dc:12:64:32:46:fc:45:c8:30:9d:74:62:ec:61:90:
da:fe:39:17:a4:3b:00:62:39:b9:fb:cb:7c:33:6d:26:4d:36:
86:84:3f:54:98:76:da:17:2a:9d:03:86:37:e0:5e:6b:87:dd:
40:82:18:b8:c4:ee:20:02:2f:5d:26:c5:00:32:96:ad:92:63:
56:70:5e:07:11:a8:b7:2d:ff:a8:b8:d3:f3:4b:09:3a:d6:f0:
26:69:ce:68
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgICJOcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE2OTExMTAvBgNVBAUTKDdBQzBDMDBGMEZDQTQ3OUVFNDY1RTRGN0Y1NDVFOEM5
NDk5M0Q2MUMwHhcNMjYwMTE2MDY1MjA3WhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NzlhNi0wYWNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwBFHHSjnHJ2e9xnMf53YbL+r3VkezHXSpd811fixIJRehlk7tOmKmrx7sdvG
dmYIkz8Oyv5yFwuVI7hXpoRYKUY11OncMj6YInrTa+9U/p2dBoc5nfGAfh+95QUG
SRX66zF+dy+4/KOIzCO176C91HLJNrh7spsjTaqeMvRxQNybhwUeu5Xi3kGARyWO
YA8GvNfxEXV2fo+vjqQxon3LHblvTH9qgYwjUkj7CXr8xH/iq4WgU7wBCOVuVgxm
h5YQVE+nPQRP/nEaGFDByn/JJ6dcb0CiqunD5n+K1CRMWQJbe0A6kxqonCQCdpro
dc2izld7GePHvaJvpa3pGG9GKwIDAQABo4IC3jCCAtowHQYDVR0OBBYEFJ3IDJct
M2HKG/BWZLdeFv0joCbGMB8GA1UdIwQYMBaAFHrAwA8Pykee5GXk9/VF6MlJk9Yc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTY5MS81QUZDMjY5MjY1
MkIxMUU1OTdBODY4ODFDNEY5QUUwMi9lc0RBRHdfS1I1N2taZVQzOVVYb3lVbVQx
aHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VzREFEd19LUjU3a1plVDM5VVhveVVtVDFody5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE2OTEvNUFGQzI2OTI2NTJCMTFFNTk3QTg2ODgxQzRGOUFFMDIvRDJBRDgyMkFG
MkE3MTFGMEI4NkQ1RTU0NzI2RjU2QkMucm9hMIGcBggrBgEFBQcBBwEB/wSBjDCB
iTB4BAIAATByAwQDDmaQMAwDBAYOwEADBAAOwEIDBAEOwEYDBAIr/JgDBAItQKgD
BAI6VAgDBAJnA6wDBAJnCpwDBABnFy0DBAJnKMwwDAMEA3ZryAMEAnZr0DAMAwQD
dmvoAwQCdmvwAwQDt1GgAwQDwFI4AwQD0gUoMA0EAgACMAcDBQAkATQAMA0GCSqG
SIb3DQEBCwUAA4IBAQBrMLyVRywH5xGQecEs0IQgmGS0e+WbQZBibrDh5it4/PK1
Q3pRW2sf9hoNW65Nh5PQuTjjGq2OoL3387EVPDig9KF8q7cdOLZ9ZDEog/iMP6JK
JHRIomJFK17463Z1+dBDq44h0h0DFNJQXt2mjUdfdctlzBRl9MD0ismg7g8auwTp
3CpCoMWXqqQJnECUEMXvhWTFtRc+XQ2fWZdW5FNOk4RRbiDcEmQyRvxFyDCddGLs
YZDa/jkXpDsAYjm5+8t8M20mTTaGhD9UmHbaFyqdA4Y34F5rh91Aghi4xO4gAi9d
JsUAMpatkmNWcF4HEai3Lf+ouNPzSwk61vAmac5o
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:54:20 2026 by rpki-client