Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3794/20FE5616E98F11E5A3DDDC66C4F9AE02/89A9F0B436B511EEB14AD345C4F9AE02.roa
File: 89A9F0B436B511EEB14AD345C4F9AE02.roa (raw, json)
Hash identifier: u4JetaOWzMXn/9OVVoXfiQX/zpTvJHxG2pnCEY2Q6h8=
Subject key identifier: 5C:7B:CF:2A:DF:7E:D0:00:E8:0A:EA:FE:A5:04:5D:CD:50:67:56:7C
Certificate issuer: /CN=A91D3794/serialNumber=30E589288EB65002510C877B466ABE19753BDBCE
Certificate serial: 2241
Authority key identifier: 30:E5:89:28:8E:B6:50:02:51:0C:87:7B:46:6A:BE:19:75:3B:DB:CE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOWJKI62UAJRDId7Rmq-GXU7284.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D3794/20FE5616E98F11E5A3DDDC66C4F9AE02/89A9F0B436B511EEB14AD345C4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:16:35 +0000
ROA not before: Fri 30 Jan 2026 16:13:45 +0000
ROA not after: Wed 31 Mar 2027 00:00:00 +0000
asID: 55803
IP address blocks: 27.54.80.0/21 maxlen: 24
27.54.88.0/21 maxlen: 24
27.111.81.0/24 maxlen: 24
27.111.82.0/23 maxlen: 24
27.111.84.0/24 maxlen: 24
27.111.86.0/24 maxlen: 24
27.111.88.0/23 maxlen: 24
27.111.92.0/22 maxlen: 24
27.123.24.0/21 maxlen: 24
27.124.112.0/20 maxlen: 24
43.245.52.0/22 maxlen: 24
43.250.248.0/22 maxlen: 24
103.250.212.0/22 maxlen: 24
103.253.193.0/24 maxlen: 24
103.254.136.0/22 maxlen: 24
112.109.74.0/24 maxlen: 24
112.109.81.0/24 maxlen: 24
112.109.82.0/23 maxlen: 24
112.109.84.0/24 maxlen: 24
116.0.16.0/21 maxlen: 24
119.47.112.0/22 maxlen: 24
119.47.117.0/24 maxlen: 24
119.47.118.0/23 maxlen: 24
119.47.122.0/23 maxlen: 24
119.47.124.0/24 maxlen: 24
163.47.72.0/22 maxlen: 24
202.174.80.0/24 maxlen: 24
203.17.36.0/24 maxlen: 24
203.26.41.0/24 maxlen: 24
203.28.48.0/23 maxlen: 24
203.28.50.0/24 maxlen: 24
203.170.80.0/21 maxlen: 24
2400:6d80::/32 maxlen: 48
2402:cb40::/32 maxlen: 48
2407:4c00::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D3794/20FE5616E98F11E5A3DDDC66C4F9AE02/MOWJKI62UAJRDId7Rmq-GXU7284.crl
rsync://rpki.apnic.net/member_repository/A91D3794/20FE5616E98F11E5A3DDDC66C4F9AE02/MOWJKI62UAJRDId7Rmq-GXU7284.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOWJKI62UAJRDId7Rmq-GXU7284.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 02:11:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8769 (0x2241)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D3794, serialNumber=30E589288EB65002510C877B466ABE19753BDBCE
Validity
Not Before: Jan 30 16:13:45 2026 GMT
Not After : Mar 31 00:00:00 2027 GMT
Subject: CN=69a48283-6308
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:35:a2:7f:b4:36:0a:7a:f7:97:d8:9c:33:55:
de:59:b5:9d:79:fb:ff:5f:82:91:ac:ed:81:c3:7a:
7e:46:a7:dc:f0:66:1a:90:53:74:77:65:13:77:15:
8b:81:c3:3a:52:5b:4d:cb:3d:36:e7:39:bc:77:91:
23:4d:b2:e3:a1:d0:cd:4e:bf:4b:39:71:8f:73:89:
a1:54:4b:7e:03:7d:18:33:61:ba:6d:b9:d8:df:ef:
49:c8:59:da:7b:b7:12:49:42:06:62:63:ea:dd:3c:
57:89:c6:1e:cf:bd:fe:9c:55:4c:04:22:a5:f6:9c:
4e:b4:9c:fc:e8:63:90:1d:7a:f6:aa:15:1b:3c:bb:
16:9f:10:a7:aa:89:cb:06:b4:b6:7f:4a:e2:1a:ac:
45:c7:01:3d:ac:64:6e:f5:7a:f5:69:ca:01:70:95:
a8:6d:86:e8:2e:ba:2d:24:5f:ed:93:a7:b8:69:1c:
9e:f3:ee:2a:da:28:69:a2:c7:31:53:ae:51:47:de:
a2:6d:84:7b:dd:17:3e:f3:a1:09:d3:67:c5:5f:57:
4b:74:d5:b2:e0:62:08:e3:8e:75:fd:5b:30:c6:d6:
2b:f7:2c:9d:1b:33:eb:84:75:ea:a2:eb:f5:3e:88:
6d:e2:3a:de:d4:df:c1:6b:bc:dc:ee:b4:95:40:4a:
23:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:7B:CF:2A:DF:7E:D0:00:E8:0A:EA:FE:A5:04:5D:CD:50:67:56:7C
X509v3 Authority Key Identifier:
keyid:30:E5:89:28:8E:B6:50:02:51:0C:87:7B:46:6A:BE:19:75:3B:DB:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D3794/20FE5616E98F11E5A3DDDC66C4F9AE02/MOWJKI62UAJRDId7Rmq-GXU7284.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOWJKI62UAJRDId7Rmq-GXU7284.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3794/20FE5616E98F11E5A3DDDC66C4F9AE02/89A9F0B436B511EEB14AD345C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
27.54.80.0/20
27.111.81.0-27.111.84.255
27.111.86.0/24
27.111.88.0/23
27.111.92.0/22
27.123.24.0/21
27.124.112.0/20
43.245.52.0/22
43.250.248.0/22
103.250.212.0/22
103.253.193.0/24
103.254.136.0/22
112.109.74.0/24
112.109.81.0-112.109.84.255
116.0.16.0/21
119.47.112.0/22
119.47.117.0-119.47.119.255
119.47.122.0-119.47.124.255
163.47.72.0/22
202.174.80.0/24
203.17.36.0/24
203.26.41.0/24
203.28.48.0-203.28.50.255
203.170.80.0/21
IPv6:
2400:6d80::/32
2402:cb40::/32
2407:4c00::/32
Signature Algorithm: sha256WithRSAEncryption
56:94:a5:84:a1:6a:b3:51:a7:5f:71:c2:44:82:65:c9:5c:dd:
f3:e9:90:28:75:9c:35:28:3b:7a:b4:77:1b:45:40:4f:16:a1:
22:7d:8a:c1:20:95:75:93:e4:91:90:54:84:30:84:a2:4e:cc:
f0:bc:8e:e6:65:45:bf:e7:c9:26:97:1e:fe:16:a8:05:e0:fb:
c9:62:3f:6b:d2:cb:01:35:d4:5a:51:5b:b1:b5:a4:de:c9:60:
c3:80:e6:1a:a8:fc:a4:0e:dd:a5:52:ba:b4:89:82:7a:59:fd:
3c:7e:89:85:8f:19:3b:95:fa:7d:e4:df:9b:fb:e6:a1:77:17:
af:b1:1c:2b:a4:61:98:aa:b2:dd:cf:13:e1:5f:7f:43:b5:6c:
da:c1:8e:c7:17:be:01:09:01:98:b7:f5:60:aa:74:0c:3f:3e:
27:0d:7b:51:10:38:2d:a9:2c:20:f1:ff:dd:25:6f:a9:13:9d:
17:54:e9:1f:36:9f:00:ba:f8:18:3d:b4:95:a6:3d:a7:3a:04:
6b:7b:d0:2a:ad:35:47:b2:23:c2:e5:37:81:18:6c:aa:56:5b:
63:38:ce:1a:21:01:4d:7d:de:cf:68:88:1f:1b:59:26:73:fd:
13:0f:2b:ad:73:8d:59:46:de:34:27:68:f9:20:f2:a3:a1:16:
f6:9b:d6:6d
-----BEGIN CERTIFICATE-----
MIIGEDCCBPigAwIBAgICIkEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDM3OTQxMTAvBgNVBAUTKDMwRTU4OTI4OEVCNjUwMDI1MTBDODc3QjQ2NkFCRTE5
NzUzQkRCQ0UwHhcNMjYwMTMwMTYxMzQ1WhcNMjcwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODI4My02MzA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsjWif7Q2Cnr3l9icM1XeWbWdefv/X4KRrO2Bw3p+Rqfc8GYakFN0d2UTdxWL
gcM6UltNyz025zm8d5EjTbLjodDNTr9LOXGPc4mhVEt+A30YM2G6bbnY3+9JyFna
e7cSSUIGYmPq3TxXicYez73+nFVMBCKl9pxOtJz86GOQHXr2qhUbPLsWnxCnqonL
BrS2f0riGqxFxwE9rGRu9Xr1acoBcJWobYboLrotJF/tk6e4aRye8+4q2ihposcx
U65RR96ibYR73Rc+86EJ02fFX1dLdNWy4GII4451/VswxtYr9yydGzPrhHXqouv1
Poht4jre1N/Ba7zc7rSVQEoj7QIDAQABo4IDNDCCAzAwHQYDVR0OBBYEFFx7zyrf
ftAA6Arq/qUEXc1QZ1Z8MB8GA1UdIwQYMBaAFDDliSiOtlACUQyHe0Zqvhl1O9vO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzc5NC8yMEZFNTYxNkU5
OEYxMUU1QTNERERDNjZDNEY5QUUwMi9NT1dKS0k2MlVBSlJESWQ3Um1xLUdYVTcy
ODQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01PV0pLSTYyVUFKUkRJZDdSbXEtR1hVNzI4NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDM3OTQvMjBGRTU2MTZFOThGMTFFNUEzREREQzY2QzRGOUFFMDIvODlBOUYwQjQz
NkI1MTFFRUIxNEFEMzQ1QzRGOUFFMDIucm9hMIHyBggrBgEFBQcBBwEB/wSB4jCB
3zCBvwQCAAEwgbgDBAQbNlAwDAMEABtvUQMEABtvVAMEABtvVgMEARtvWAMEAhtv
XAMEAxt7GAMEBBt8cAMEAiv1NAMEAiv6+AMEAmf61AMEAGf9wQMEAmf+iAMEAHBt
SjAMAwQAcG1RAwQAcG1UAwQDdAAQAwQCdy9wMAwDBAB3L3UDBAN3L3AwDAMEAXcv
egMEAHcvfAMEAqMvSAMEAMquUAMEAMsRJAMEAMsaKTAMAwQEyxwwAwQAyxwyAwQD
y6pQMBsEAgACMBUDBQAkAG2AAwUAJALLQAMFACQHTAAwDQYJKoZIhvcNAQELBQAD
ggEBAFaUpYSharNRp19xwkSCZclc3fPpkCh1nDUoO3q0dxtFQE8WoSJ9isEglXWT
5JGQVIQwhKJOzPC8juZlRb/nySaXHv4WqAXg+8liP2vSywE11FpRW7G1pN7JYMOA
5hqo/KQO3aVSurSJgnpZ/Tx+iYWPGTuV+n3k35v75qF3F6+xHCukYZiqst3PE+Ff
f0O1bNrBjscXvgEJAZi39WCqdAw/PicNe1EQOC2pLCDx/90lb6kTnRdU6R82nwC6
+Bg9tJWmPac6BGt70CqtNUeyI8LlN4EYbKpWW2M4zhohAU193s9oiB8bWSZz/RMP
K61zjVlG3jQnaPkg8qOhFvab1m0=
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:06:01 2026 by rpki-client