Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9785/47DF9CEC56EC11E7BAD48D3BC4F9AE02/CBCD905AA6E811EFB43BBB4EC4F9AE02.roa
File: CBCD905AA6E811EFB43BBB4EC4F9AE02.roa (raw, json)
Hash identifier: XW1qHBAWtYn/hitEddUwEnmeJ8ahdg9gvitw2JzkDmg=
Subject key identifier: AB:4E:F6:16:DE:2A:5A:25:D8:7E:04:3E:2D:D3:E9:D4:98:F0:60:C1
Certificate issuer: /CN=A91D9785/serialNumber=7EDEFAD656FD88326F6DFAE2487010580402A35F
Certificate serial: 1AD5
Authority key identifier: 7E:DE:FA:D6:56:FD:88:32:6F:6D:FA:E2:48:70:10:58:04:02:A3:5F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ft761lb9iDJvbfriSHAQWAQCo18.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D9785/47DF9CEC56EC11E7BAD48D3BC4F9AE02/CBCD905AA6E811EFB43BBB4EC4F9AE02.roa
Signing time: Mon 08 Jun 2026 16:19:41 +0000
ROA not before: Mon 08 Jun 2026 16:19:41 +0000
ROA not after: Fri 30 Jul 2027 00:00:00 +0000
asID: 17726
IP address blocks: 45.127.152.0/22 maxlen: 22
45.127.152.0/24 maxlen: 24
45.127.153.0/24 maxlen: 24
45.127.154.0/24 maxlen: 24
45.127.155.0/24 maxlen: 24
103.6.8.0/22 maxlen: 22
103.6.8.0/24 maxlen: 24
103.6.9.0/24 maxlen: 24
103.6.10.0/24 maxlen: 24
103.6.11.0/24 maxlen: 24
103.101.156.0/22 maxlen: 22
103.101.156.0/24 maxlen: 24
103.101.157.0/24 maxlen: 24
103.101.158.0/24 maxlen: 24
103.101.159.0/24 maxlen: 24
103.248.40.0/22 maxlen: 22
103.248.40.0/24 maxlen: 24
103.248.41.0/24 maxlen: 24
103.248.42.0/24 maxlen: 24
103.248.43.0/24 maxlen: 24
202.150.8.0/24 maxlen: 24
202.150.9.0/24 maxlen: 24
202.150.10.0/24 maxlen: 24
202.150.11.0/24 maxlen: 24
203.223.32.0/20 maxlen: 20
203.223.32.0/24 maxlen: 24
203.223.33.0/24 maxlen: 24
203.223.34.0/24 maxlen: 24
203.223.35.0/24 maxlen: 24
203.223.36.0/24 maxlen: 24
203.223.37.0/24 maxlen: 24
203.223.38.0/24 maxlen: 24
203.223.39.0/24 maxlen: 24
203.223.40.0/24 maxlen: 24
203.223.41.0/24 maxlen: 24
203.223.42.0/24 maxlen: 24
203.223.43.0/24 maxlen: 24
203.223.44.0/24 maxlen: 24
203.223.45.0/24 maxlen: 24
203.223.46.0/24 maxlen: 24
203.223.47.0/24 maxlen: 24
2401:a700::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D9785/47DF9CEC56EC11E7BAD48D3BC4F9AE02/ft761lb9iDJvbfriSHAQWAQCo18.crl
rsync://rpki.apnic.net/member_repository/A91D9785/47DF9CEC56EC11E7BAD48D3BC4F9AE02/ft761lb9iDJvbfriSHAQWAQCo18.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ft761lb9iDJvbfriSHAQWAQCo18.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 19 Jun 2026 16:17:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6869 (0x1ad5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D9785, serialNumber=7EDEFAD656FD88326F6DFAE2487010580402A35F
Validity
Not Before: Jun 8 16:19:41 2026 GMT
Not After : Jul 30 00:00:00 2027 GMT
Subject: CN=6a26eb9d-3ad8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:70:b4:8e:f6:8c:7b:eb:a2:e2:a1:5e:2a:4e:
50:80:bc:93:28:0a:dc:13:87:39:2f:66:d5:d6:86:
4a:30:d9:b0:92:de:44:ff:54:c7:fd:9c:7d:e4:99:
19:23:bd:a0:ae:2e:83:a4:c8:d7:5b:48:95:e2:36:
76:91:ee:72:2c:c9:5c:4a:9c:67:a6:60:75:8b:49:
51:13:77:d8:b6:b6:87:47:76:8f:2a:d0:76:88:21:
09:3d:c5:c7:71:bf:18:27:fa:9f:d8:f1:cc:56:9c:
af:cd:f5:01:44:91:28:3d:ce:c5:72:66:bb:5a:01:
55:fe:ca:b8:cb:8a:a4:6a:c8:1e:e7:f6:c1:74:b6:
ce:b8:7d:1c:f8:ca:02:70:46:b3:8d:29:75:79:f2:
2c:a8:f9:fe:3f:ae:cc:f2:3d:55:d7:48:35:42:f0:
53:a2:d6:3d:ba:a0:7c:de:3d:62:3a:91:a7:dd:85:
8b:4e:d0:04:0c:43:cd:2a:f8:15:8c:1f:b4:98:ef:
53:71:d0:ba:91:b3:a5:65:03:ba:ab:05:cb:c6:90:
b7:2b:e5:e0:ae:76:96:01:ae:e0:88:c6:8d:61:5d:
26:5b:1a:d6:1f:8e:1c:2b:55:6d:a5:21:c9:24:1a:
d3:2f:8a:68:06:6a:fd:43:73:ea:70:77:53:bb:e6:
9f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:4E:F6:16:DE:2A:5A:25:D8:7E:04:3E:2D:D3:E9:D4:98:F0:60:C1
X509v3 Authority Key Identifier:
keyid:7E:DE:FA:D6:56:FD:88:32:6F:6D:FA:E2:48:70:10:58:04:02:A3:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D9785/47DF9CEC56EC11E7BAD48D3BC4F9AE02/ft761lb9iDJvbfriSHAQWAQCo18.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ft761lb9iDJvbfriSHAQWAQCo18.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9785/47DF9CEC56EC11E7BAD48D3BC4F9AE02/CBCD905AA6E811EFB43BBB4EC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
45.127.152.0/22
103.6.8.0/22
103.101.156.0/22
103.248.40.0/22
202.150.8.0/22
203.223.32.0/20
IPv6:
2401:a700::/32
Signature Algorithm: sha256WithRSAEncryption
14:07:f0:85:09:ee:96:93:94:5f:c0:7b:8c:50:33:eb:97:3b:
0d:85:0b:92:f7:e8:4a:e6:49:4f:5f:8b:b0:cc:3b:70:8e:08:
15:e8:22:1a:e6:8b:b7:9e:dc:27:86:fe:5c:c9:17:77:a7:94:
f1:6c:e8:92:d0:32:5b:4f:6e:b8:be:d6:70:3b:8e:5c:ab:cf:
7b:db:61:88:1a:0e:a0:3a:2e:a2:c9:80:7b:bd:5f:4c:1c:38:
8d:28:eb:cf:bd:0d:26:ae:68:3e:80:5c:1d:48:75:05:e4:77:
1a:28:60:67:31:c0:48:e5:ce:49:26:ae:60:ab:73:7a:21:21:
17:a0:7f:1b:31:96:0b:b1:6c:66:3c:f7:06:1f:32:84:a5:f4:
a8:36:2f:e5:1a:7c:36:78:0c:a7:0a:da:49:d5:50:e6:6d:ff:
e0:ed:3f:41:13:6c:d6:be:45:59:7f:da:54:99:bf:8a:bc:96:
52:fc:53:c0:f9:e8:59:ff:01:5b:a2:40:11:a1:2c:fb:e7:da:
8c:21:d2:ec:5b:1d:e2:13:b5:ec:ba:81:d0:aa:3a:ef:f0:92:
67:36:f2:70:b1:2e:19:49:52:a2:f8:2d:5e:6f:e9:ce:74:00:
b2:46:4e:13:d0:b3:a1:50:94:e4:06:43:8b:64:51:5f:78:13:
9a:a8:ef:7a
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgICGtUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDk3ODUxMTAvBgNVBAUTKDdFREVGQUQ2NTZGRDg4MzI2RjZERkFFMjQ4NzAxMDU4
MDQwMkEzNUYwHhcNMjYwNjA4MTYxOTQxWhcNMjcwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTI2ZWI5ZC0zYWQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAl3C0jvaMe+ui4qFeKk5QgLyTKArcE4c5L2bV1oZKMNmwkt5E/1TH/Zx95JkZ
I72gri6DpMjXW0iV4jZ2ke5yLMlcSpxnpmB1i0lRE3fYtraHR3aPKtB2iCEJPcXH
cb8YJ/qf2PHMVpyvzfUBRJEoPc7Fcma7WgFV/sq4y4qkasge5/bBdLbOuH0c+MoC
cEazjSl1efIsqPn+P67M8j1V10g1QvBTotY9uqB83j1iOpGn3YWLTtAEDEPNKvgV
jB+0mO9TcdC6kbOlZQO6qwXLxpC3K+XgrnaWAa7giMaNYV0mWxrWH44cK1VtpSHJ
JBrTL4poBmr9Q3PqcHdTu+afDwIDAQABo4ICjTCCAokwHQYDVR0OBBYEFKtO9hbe
Klol2H4EPi3T6dSY8GDBMB8GA1UdIwQYMBaAFH7e+tZW/Ygyb2364khwEFgEAqNf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOTc4NS80N0RGOUNFQzU2
RUMxMUU3QkFENDhEM0JDNEY5QUUwMi9mdDc2MWxiOWlESnZiZnJpU0hBUVdBUUNv
MTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Z0NzYxbGI5aURKdmJmcmlTSEFRV0FRQ28xOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDk3ODUvNDdERjlDRUM1NkVDMTFFN0JBRDQ4RDNCQzRGOUFFMDIvQ0JDRDkwNUFB
NkU4MTFFRkI0M0JCQjRFQzRGOUFFMDIucm9hMEwGCCsGAQUFBwEHAQH/BD0wOzAq
BAIAATAkAwQCLX+YAwQCZwYIAwQCZ2WcAwQCZ/goAwQCypYIAwQEy98gMA0EAgAC
MAcDBQAkAacAMA0GCSqGSIb3DQEBCwUAA4IBAQAUB/CFCe6Wk5RfwHuMUDPrlzsN
hQuS9+hK5klPX4uwzDtwjggV6CIa5ou3ntwnhv5cyRd3p5TxbOiS0DJbT264vtZw
O45cq89722GIGg6gOi6iyYB7vV9MHDiNKOvPvQ0mrmg+gFwdSHUF5HcaKGBnMcBI
5c5JJq5gq3N6ISEXoH8bMZYLsWxmPPcGHzKEpfSoNi/lGnw2eAynCtpJ1VDmbf/g
7T9BE2zWvkVZf9pUmb+KvJZS/FPA+ehZ/wFbokARoSz759qMIdLsWx3iE7XsuoHQ
qjrv8JJnNvJwsS4ZSVKi+C1eb+nOdACyRk4T0LOhUJTkBkOLZFFfeBOaqO96
-----END CERTIFICATE-----
Generated at Sat Jun 13 15:45:46 2026 by rpki-client