Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/01BB1B8E7C0411EFB0D29158C4F9AE02.roa
File: 01BB1B8E7C0411EFB0D29158C4F9AE02.roa (raw, json)
Hash identifier: Bo7KfSmgopE09z8Ii/6iDq4ZBQOfTMw5H36AojNCI5M=
Subject key identifier: E1:CD:60:CC:03:27:97:14:6E:43:E8:C9:AD:5C:84:1B:A9:2E:E8:84
Certificate issuer: /CN=A91D298D/serialNumber=FEF2C1C4EA0964477514C1AA946E6C41778D06BF
Certificate serial: 090F
Authority key identifier: FE:F2:C1:C4:EA:09:64:47:75:14:C1:AA:94:6E:6C:41:77:8D:06:BF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_vLBxOoJZEd1FMGqlG5sQXeNBr8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/01BB1B8E7C0411EFB0D29158C4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:15:55 +0000
ROA not before: Thu 12 Feb 2026 20:17:45 +0000
ROA not after: Tue 02 Mar 2027 00:00:00 +0000
asID: 138423
IP address blocks: 111.119.175.0/24 maxlen: 24
115.42.72.0/21 maxlen: 24
117.134.192.0/19 maxlen: 24
121.91.56.0/23 maxlen: 24
121.91.60.0/23 maxlen: 24
121.91.62.0/23 maxlen: 24
144.48.0.0/22 maxlen: 24
223.123.0.0/24 maxlen: 24
223.123.32.0/24 maxlen: 24
223.123.33.0/24 maxlen: 24
223.123.34.0/24 maxlen: 24
223.123.35.0/24 maxlen: 24
223.123.36.0/24 maxlen: 24
223.123.37.0/24 maxlen: 24
223.123.38.0/24 maxlen: 24
223.123.39.0/24 maxlen: 24
223.123.40.0/24 maxlen: 24
223.123.41.0/24 maxlen: 24
223.123.42.0/24 maxlen: 24
223.123.43.0/24 maxlen: 24
223.123.44.0/24 maxlen: 24
223.123.45.0/24 maxlen: 24
223.123.46.0/24 maxlen: 24
223.123.47.0/24 maxlen: 24
223.123.48.0/24 maxlen: 24
223.123.49.0/24 maxlen: 24
223.123.66.0/24 maxlen: 24
223.123.67.0/24 maxlen: 24
223.123.76.0/24 maxlen: 24
223.123.77.0/24 maxlen: 24
223.123.78.0/23 maxlen: 24
223.123.100.0/23 maxlen: 24
223.123.102.0/23 maxlen: 24
223.123.122.0/23 maxlen: 24
223.123.124.0/23 maxlen: 24
223.123.126.0/23 maxlen: 24
2402:ad80:c0::/44 maxlen: 48
2402:ad80:d0::/44 maxlen: 48
2402:ad80:e0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/_vLBxOoJZEd1FMGqlG5sQXeNBr8.crl
rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/_vLBxOoJZEd1FMGqlG5sQXeNBr8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_vLBxOoJZEd1FMGqlG5sQXeNBr8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 01:56:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2319 (0x90f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D298D, serialNumber=FEF2C1C4EA0964477514C1AA946E6C41778D06BF
Validity
Not Before: Feb 12 20:17:45 2026 GMT
Not After : Mar 2 00:00:00 2027 GMT
Subject: CN=69a4825b-5ff3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:57:96:d0:db:fd:07:cf:b8:f8:8b:8f:d2:1d:
95:4e:e9:27:a5:90:ae:1e:61:be:9e:12:db:a4:a9:
d6:fd:6a:79:00:29:7d:75:5f:31:bc:24:83:9c:d6:
50:11:74:28:18:f9:ba:b3:b6:52:36:e7:eb:0e:8e:
54:84:0a:1f:fe:a7:e3:a9:2b:d7:98:7c:12:bd:13:
d7:30:ee:b7:74:5f:90:d3:a6:31:1e:32:bd:a7:22:
db:ab:36:e8:94:07:98:02:32:fc:25:13:d9:2b:75:
a3:78:b9:71:d2:57:d6:e4:1d:39:d7:38:55:07:42:
f8:13:fe:5b:e6:2e:91:69:aa:e5:34:ec:5c:18:18:
59:68:7c:25:b8:c8:65:f2:77:78:db:8c:ca:4a:9d:
1d:43:5d:e4:ca:9d:c1:8f:46:3e:d3:23:54:c5:06:
59:77:18:21:85:8f:b3:51:63:0d:3d:eb:1d:f5:05:
f0:f6:9b:c9:52:b3:d5:a4:58:1a:20:57:34:c6:30:
ba:74:51:41:93:03:48:96:df:1a:d8:09:69:b9:4c:
c9:c8:e7:f9:f3:c8:f8:89:69:63:e9:9c:ef:a0:2b:
b6:7f:4a:99:81:53:77:32:25:73:93:ce:74:32:fd:
d2:de:0d:a3:45:e8:62:36:e6:bf:5f:42:a9:fe:83:
00:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:CD:60:CC:03:27:97:14:6E:43:E8:C9:AD:5C:84:1B:A9:2E:E8:84
X509v3 Authority Key Identifier:
keyid:FE:F2:C1:C4:EA:09:64:47:75:14:C1:AA:94:6E:6C:41:77:8D:06:BF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/_vLBxOoJZEd1FMGqlG5sQXeNBr8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_vLBxOoJZEd1FMGqlG5sQXeNBr8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/01BB1B8E7C0411EFB0D29158C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
111.119.175.0/24
115.42.72.0/21
117.134.192.0/19
121.91.56.0/23
121.91.60.0/22
144.48.0.0/22
223.123.0.0/24
223.123.32.0-223.123.49.255
223.123.66.0/23
223.123.76.0/22
223.123.100.0/22
223.123.122.0-223.123.127.255
IPv6:
2402:ad80:c0::-2402:ad80:ef:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
70:3e:8e:d4:f1:be:f5:6e:6c:20:d4:be:29:b7:3e:2a:d9:99:
41:a8:37:b3:f3:a1:d8:2d:8f:c5:71:a5:be:16:4c:3d:3c:0d:
1e:c8:68:34:25:81:0a:5e:33:64:42:3c:3b:80:7a:95:75:3f:
b7:75:e6:42:ef:57:ea:8a:8f:4e:55:da:07:c6:04:0e:24:43:
1e:36:0a:f1:29:f1:2c:03:f3:61:79:a2:b9:eb:a9:b4:65:96:
a7:ae:f3:9d:a1:e4:8e:bf:1d:4e:f5:d2:a7:d8:d8:22:82:c8:
b7:24:28:2f:a2:77:90:f7:ab:aa:cf:8e:98:91:a8:4e:ec:63:
9b:76:d4:59:66:13:eb:52:be:a1:ad:de:1b:ad:a7:48:34:ae:
8f:b9:0d:46:0b:6a:8c:4d:d6:96:8a:4f:6e:61:9a:2a:40:ea:
86:ab:7e:8c:d2:84:9a:85:62:fe:3b:97:01:bf:6a:42:e5:1d:
11:23:3b:db:b2:d0:04:22:e9:fb:b2:3b:9c:97:c0:65:2f:81:
67:c2:64:d0:9b:23:24:e1:6b:52:82:24:84:be:a2:5f:7c:3f:
ba:7f:35:63:b6:68:a2:6f:84:64:e9:ca:cb:6e:87:01:a8:69:
f2:b9:ea:6c:30:bd:52:51:62:d3:3d:82:36:42:50:8d:35:e1:
ca:9d:b2:7c
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgICCQ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDI5OEQxMTAvBgNVBAUTKEZFRjJDMUM0RUEwOTY0NDc3NTE0QzFBQTk0NkU2QzQx
Nzc4RDA2QkYwHhcNMjYwMjEyMjAxNzQ1WhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODI1Yi01ZmYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAj1eW0Nv9B8+4+IuP0h2VTuknpZCuHmG+nhLbpKnW/Wp5ACl9dV8xvCSDnNZQ
EXQoGPm6s7ZSNufrDo5UhAof/qfjqSvXmHwSvRPXMO63dF+Q06YxHjK9pyLbqzbo
lAeYAjL8JRPZK3WjeLlx0lfW5B051zhVB0L4E/5b5i6RaarlNOxcGBhZaHwluMhl
8nd424zKSp0dQ13kyp3Bj0Y+0yNUxQZZdxghhY+zUWMNPesd9QXw9pvJUrPVpFga
IFc0xjC6dFFBkwNIlt8a2AlpuUzJyOf588j4iWlj6ZzvoCu2f0qZgVN3MiVzk850
Mv3S3g2jRehiNua/X0Kp/oMAgQIDAQABo4ICzzCCAsswHQYDVR0OBBYEFOHNYMwD
J5cUbkPoya1chBupLuiEMB8GA1UdIwQYMBaAFP7ywcTqCWRHdRTBqpRubEF3jQa/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMjk4RC8zMzdBNjQzMkYx
QTYxMUVBQjk1QzBFMkZDNEY5QUUwMi9fdkxCeE9vSlpFZDFGTUdxbEc1c1FYZU5C
cjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL192TEJ4T29KWkVkMUZNR3FsRzVzUVhlTkJyOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDI5OEQvMzM3QTY0MzJGMUE2MTFFQUI5NUMwRTJGQzRGOUFFMDIvMDFCQjFCOEU3
QzA0MTFFRkIwRDI5MTU4QzRGOUFFMDIucm9hMIGNBggrBgEFBQcBBwEB/wR+MHww
XgQCAAEwWAMEAG93rwMEA3MqSAMEBXWGwAMEAXlbOAMEAnlbPAMEApAwAAMEAN97
ADAMAwQF33sgAwQB33swAwQB33tCAwQC33tMAwQC33tkMAwDBAHfe3oDBAffewAw
GgQCAAIwFDASAwcGJAKtgADAAwcEJAKtgADgMA0GCSqGSIb3DQEBCwUAA4IBAQBw
Po7U8b71bmwg1L4ptz4q2ZlBqDez86HYLY/FcaW+Fkw9PA0eyGg0JYEKXjNkQjw7
gHqVdT+3deZC71fqio9OVdoHxgQOJEMeNgrxKfEsA/NheaK566m0ZZanrvOdoeSO
vx1O9dKn2Ngigsi3JCgvoneQ96uqz46YkahO7GObdtRZZhPrUr6hrd4bradINK6P
uQ1GC2qMTdaWik9uYZoqQOqGq36M0oSahWL+O5cBv2pC5R0RIzvbstAEIun7sjuc
l8BlL4FnwmTQmyMk4WtSgiSEvqJffD+6fzVjtmiib4Rk6crLbocBqGnyuepsML1S
UWLTPYI2QlCNNeHKnbJ8
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:40:56 2026 by rpki-client